fog-aws 3.10.0 → 3.11.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (22) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +119 -2
  3. data/README.md +1 -1
  4. data/fog-aws.gemspec +3 -2
  5. data/lib/fog/aws/models/compute/server.rb +2 -0
  6. data/lib/fog/aws/models/storage/file.rb +13 -10
  7. data/lib/fog/aws/requests/compute/run_instances.rb +44 -0
  8. data/lib/fog/aws/requests/storage/get_object.rb +1 -1
  9. data/lib/fog/aws/storage.rb +38 -1
  10. data/lib/fog/aws/version.rb +1 -1
  11. metadata +5 -16
  12. data/.github/dependabot.yml +0 -10
  13. data/.github/workflows/ruby.yml +0 -36
  14. data/.github/workflows/stale.yml +0 -23
  15. data/.gitignore +0 -17
  16. data/Gemfile +0 -14
  17. data/Rakefile +0 -14
  18. data/bin/console +0 -14
  19. data/bin/setup +0 -8
  20. data/gemfiles/Gemfile-edge +0 -14
  21. data/lib/fog/aws/iam/default_policies.json +0 -1574
  22. data/lib/fog/aws/iam/default_policy_versions.json +0 -3373
data/lib/fog/aws/iam/default_policy_versions.json DELETED
@@ -1,3373 +0,0 @@
1
- {
2
- "arn:aws:iam::aws:policy/AWSDirectConnectReadOnlyAccess": {
3
- "VersionId": "v1",
4
- "IsDefaultVersion": true,
5
- "Document": {
6
- "Version": "2012-10-17",
7
- "Statement": [
8
- {
9
- "Effect": "Allow",
10
- "Action": [
11
- "directconnect:Describe*"
12
- ],
13
- "Resource": "*"
14
- }
15
- ]
16
- }
17
- },
18
- "arn:aws:iam::aws:policy/AmazonGlacierReadOnlyAccess": {
19
- "VersionId": "v1",
20
- "IsDefaultVersion": true,
21
- "Document": {
22
- "Version": "2012-10-17",
23
- "Statement": [
24
- {
25
- "Action": [
26
- "glacier:ListVaults",
27
- "glacier:DescribeVault",
28
- "glacier:GetVaultNotifications",
29
- "glacier:ListJobs",
30
- "glacier:DescribeJob",
31
- "glacier:GetJobOutput"
32
- ],
33
- "Effect": "Allow",
34
- "Resource": "*"
35
- }
36
- ]
37
- }
38
- },
39
- "arn:aws:iam::aws:policy/AWSMarketplaceFullAccess": {
40
- "VersionId": "v1",
41
- "IsDefaultVersion": true,
42
- "Document": {
43
- "Version": "2012-10-17",
44
- "Statement": [
45
- {
46
- "Action": [
47
- "aws-marketplace:*",
48
- "cloudformation:CreateStack",
49
- "cloudformation:DescribeStackResource",
50
- "cloudformation:DescribeStackResources",
51
- "cloudformation:DescribeStacks",
52
- "cloudformation:List*",
53
- "ec2:AuthorizeSecurityGroupEgress",
54
- "ec2:AuthorizeSecurityGroupIngress",
55
- "ec2:CreateSecurityGroup",
56
- "ec2:CreateTags",
57
- "ec2:DescribeAccountAttributes",
58
- "ec2:DescribeAddresses",
59
- "ec2:DeleteSecurityGroup",
60
- "ec2:DescribeAccountAttributes",
61
- "ec2:DescribeImages",
62
- "ec2:DescribeInstances",
63
- "ec2:DescribeKeyPairs",
64
- "ec2:DescribeSecurityGroups",
65
- "ec2:DescribeSubnets",
66
- "ec2:DescribeTags",
67
- "ec2:DescribeVpcs",
68
- "ec2:RunInstances",
69
- "ec2:StartInstances",
70
- "ec2:StopInstances",
71
- "ec2:TerminateInstances"
72
- ],
73
- "Effect": "Allow",
74
- "Resource": "*"
75
- }
76
- ]
77
- }
78
- },
79
- "arn:aws:iam::aws:policy/AmazonRDSFullAccess": {
80
- "VersionId": "v1",
81
- "IsDefaultVersion": true,
82
- "Document": {
83
- "Version": "2012-10-17",
84
- "Statement": [
85
- {
86
- "Action": [
87
- "rds:*",
88
- "cloudwatch:DescribeAlarms",
89
- "cloudwatch:GetMetricStatistics",
90
- "ec2:DescribeAccountAttributes",
91
- "ec2:DescribeAvailabilityZones",
92
- "ec2:DescribeSecurityGroups",
93
- "ec2:DescribeSubnets",
94
- "ec2:DescribeVpcs",
95
- "sns:ListSubscriptions",
96
- "sns:ListTopics"
97
- ],
98
- "Effect": "Allow",
99
- "Resource": "*"
100
- }
101
- ]
102
- }
103
- },
104
- "arn:aws:iam::aws:policy/AmazonEC2FullAccess": {
105
- "VersionId": "v1",
106
- "IsDefaultVersion": true,
107
- "Document": {
108
- "Version": "2012-10-17",
109
- "Statement": [
110
- {
111
- "Action": "ec2:*",
112
- "Effect": "Allow",
113
- "Resource": "*"
114
- },
115
- {
116
- "Effect": "Allow",
117
- "Action": "elasticloadbalancing:*",
118
- "Resource": "*"
119
- },
120
- {
121
- "Effect": "Allow",
122
- "Action": "cloudwatch:*",
123
- "Resource": "*"
124
- },
125
- {
126
- "Effect": "Allow",
127
- "Action": "autoscaling:*",
128
- "Resource": "*"
129
- }
130
- ]
131
- }
132
- },
133
- "arn:aws:iam::aws:policy/AWSElasticBeanstalkReadOnlyAccess": {
134
- "VersionId": "v1",
135
- "IsDefaultVersion": true,
136
- "Document": {
137
- "Version": "2012-10-17",
138
- "Statement": [
139
- {
140
- "Effect": "Allow",
141
- "Action": [
142
- "elasticbeanstalk:Check*",
143
- "elasticbeanstalk:Describe*",
144
- "elasticbeanstalk:List*",
145
- "elasticbeanstalk:RequestEnvironmentInfo",
146
- "elasticbeanstalk:RetrieveEnvironmentInfo",
147
- "ec2:Describe*",
148
- "elasticloadbalancing:Describe*",
149
- "autoscaling:Describe*",
150
- "cloudwatch:Describe*",
151
- "cloudwatch:List*",
152
- "cloudwatch:Get*",
153
- "s3:Get*",
154
- "s3:List*",
155
- "sns:Get*",
156
- "sns:List*",
157
- "cloudformation:Describe*",
158
- "cloudformation:Get*",
159
- "cloudformation:List*",
160
- "cloudformation:Validate*",
161
- "cloudformation:Estimate*",
162
- "rds:Describe*",
163
- "sqs:Get*",
164
- "sqs:List*"
165
- ],
166
- "Resource": "*"
167
- }
168
- ]
169
- }
170
- },
171
- "arn:aws:iam::aws:policy/AmazonSQSFullAccess": {
172
- "VersionId": "v1",
173
- "IsDefaultVersion": true,
174
- "Document": {
175
- "Version": "2012-10-17",
176
- "Statement": [
177
- {
178
- "Action": [
179
- "sqs:*"
180
- ],
181
- "Effect": "Allow",
182
- "Resource": "*"
183
- }
184
- ]
185
- }
186
- },
187
- "arn:aws:iam::aws:policy/AWSLambdaFullAccess": {
188
- "VersionId": "v2",
189
- "IsDefaultVersion": true,
190
- "Document": {
191
- "Version": "2012-10-17",
192
- "Statement": [
193
- {
194
- "Effect": "Allow",
195
- "Action": [
196
- "cloudwatch:*",
197
- "cognito-identity:ListIdentityPools",
198
- "cognito-sync:GetCognitoEvents",
199
- "cognito-sync:SetCognitoEvents",
200
- "dynamodb:*",
201
- "iam:ListAttachedRolePolicies",
202
- "iam:ListRolePolicies",
203
- "iam:ListRoles",
204
- "iam:PassRole",
205
- "kinesis:DescribeStream",
206
- "kinesis:ListStreams",
207
- "kinesis:PutRecord",
208
- "lambda:*",
209
- "logs:*",
210
- "s3:*",
211
- "sns:ListSubscriptions",
212
- "sns:ListSubscriptionsByTopic",
213
- "sns:ListTopics",
214
- "sns:Subscribe",
215
- "sns:Unsubscribe"
216
- ],
217
- "Resource": "*"
218
- }
219
- ]
220
- }
221
- },
222
- "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM": {
223
- "VersionId": "v1",
224
- "IsDefaultVersion": true,
225
- "Document": {
226
- "Version": "2012-10-17",
227
- "Statement": [
228
- {
229
- "Effect": "Allow",
230
- "Action": [
231
- "cloudwatch:PutMetricData",
232
- "ds:CreateComputer",
233
- "ds:DescribeDirectories",
234
- "logs:CreateLogGroup",
235
- "logs:CreateLogStream",
236
- "logs:DescribeLogGroups",
237
- "logs:DescribeLogStreams",
238
- "logs:PutLogEvents",
239
- "ssm:DescribeAssociation",
240
- "ssm:GetDocument",
241
- "ssm:ListAssociations",
242
- "ssm:UpdateAssociationStatus"
243
- ],
244
- "Resource": "*"
245
- }
246
- ]
247
- }
248
- },
249
- "arn:aws:iam::aws:policy/service-role/AWSCloudHSMRole": {
250
- "VersionId": "v1",
251
- "IsDefaultVersion": true,
252
- "Document": {
253
- "Version": "2012-10-17",
254
- "Statement": [
255
- {
256
- "Effect": "Allow",
257
- "Action": [
258
- "ec2:CreateNetworkInterface",
259
- "ec2:CreateTags",
260
- "ec2:DeleteNetworkInterface",
261
- "ec2:DescribeNetworkInterfaceAttribute",
262
- "ec2:DescribeNetworkInterfaces",
263
- "ec2:DescribeSubnets",
264
- "ec2:DescribeVpcs",
265
- "ec2:DetachNetworkInterface"
266
- ],
267
- "Resource": [
268
- "*"
269
- ]
270
- }
271
- ]
272
- }
273
- },
274
- "arn:aws:iam::aws:policy/IAMFullAccess": {
275
- "VersionId": "v1",
276
- "IsDefaultVersion": true,
277
- "Document": {
278
- "Version": "2012-10-17",
279
- "Statement": [
280
- {
281
- "Effect": "Allow",
282
- "Action": "iam:*",
283
- "Resource": "*"
284
- }
285
- ]
286
- }
287
- },
288
- "arn:aws:iam::aws:policy/AmazonElastiCacheFullAccess": {
289
- "VersionId": "v1",
290
- "IsDefaultVersion": true,
291
- "Document": {
292
- "Version": "2012-10-17",
293
- "Statement": [
294
- {
295
- "Action": "elasticache:*",
296
- "Effect": "Allow",
297
- "Resource": "*"
298
- }
299
- ]
300
- }
301
- },
302
- "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforAWSCodeDeploy": {
303
- "VersionId": "v1",
304
- "IsDefaultVersion": true,
305
- "Document": {
306
- "Version": "2012-10-17",
307
- "Statement": [
308
- {
309
- "Action": [
310
- "s3:GetObject",
311
- "s3:GetObjectVersion",
312
- "s3:ListObjects"
313
- ],
314
- "Effect": "Allow",
315
- "Resource": "*"
316
- }
317
- ]
318
- }
319
- },
320
- "arn:aws:iam::aws:policy/AWSOpsWorksFullAccess": {
321
- "VersionId": "v1",
322
- "IsDefaultVersion": true,
323
- "Document": {
324
- "Version": "2012-10-17",
325
- "Statement": [
326
- {
327
- "Effect": "Allow",
328
- "Action": [
329
- "opsworks:*",
330
- "ec2:DescribeAvailabilityZones",
331
- "ec2:DescribeKeyPairs",
332
- "ec2:DescribeSecurityGroups",
333
- "ec2:DescribeAccountAttributes",
334
- "ec2:DescribeAvailabilityZones",
335
- "ec2:DescribeSecurityGroups",
336
- "ec2:DescribeSubnets",
337
- "ec2:DescribeVpcs",
338
- "elasticloadbalancing:DescribeInstanceHealth",
339
- "elasticloadbalancing:DescribeLoadBalancers",
340
- "iam:GetRolePolicy",
341
- "iam:ListInstanceProfiles",
342
- "iam:ListRoles",
343
- "iam:ListUsers",
344
- "iam:PassRole"
345
- ],
346
- "Resource": "*"
347
- }
348
- ]
349
- }
350
- },
351
- "arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceRole": {
352
- "VersionId": "v2",
353
- "IsDefaultVersion": true,
354
- "Document": {
355
- "Version": "2012-10-17",
356
- "Statement": [
357
- {
358
- "Effect": "Allow",
359
- "Resource": "*",
360
- "Action": [
361
- "ec2:AuthorizeSecurityGroupIngress",
362
- "ec2:CancelSpotInstanceRequests",
363
- "ec2:CreateSecurityGroup",
364
- "ec2:CreateTags",
365
- "ec2:DeleteTags",
366
- "ec2:DescribeAvailabilityZones",
367
- "ec2:DescribeAccountAttributes",
368
- "ec2:DescribeInstances",
369
- "ec2:DescribeInstanceStatus",
370
- "ec2:DescribeKeyPairs",
371
- "ec2:DescribePrefixLists",
372
- "ec2:DescribeRouteTables",
373
- "ec2:DescribeSecurityGroups",
374
- "ec2:DescribeSpotInstanceRequests",
375
- "ec2:DescribeSpotPriceHistory",
376
- "ec2:DescribeSubnets",
377
- "ec2:DescribeVpcAttribute",
378
- "ec2:DescribeVpcEndpoints",
379
- "ec2:DescribeVpcEndpointServices",
380
- "ec2:DescribeVpcs",
381
- "ec2:ModifyImageAttribute",
382
- "ec2:ModifyInstanceAttribute",
383
- "ec2:RequestSpotInstances",
384
- "ec2:RunInstances",
385
- "ec2:TerminateInstances",
386
- "iam:GetRole",
387
- "iam:GetRolePolicy",
388
- "iam:ListInstanceProfiles",
389
- "iam:ListRolePolicies",
390
- "iam:PassRole",
391
- "s3:CreateBucket",
392
- "s3:Get*",
393
- "s3:List*",
394
- "sdb:BatchPutAttributes",
395
- "sdb:Select",
396
- "sqs:CreateQueue",
397
- "sqs:Delete*",
398
- "sqs:GetQueue*",
399
- "sqs:ReceiveMessage"
400
- ]
401
- }
402
- ]
403
- }
404
- },
405
- "arn:aws:iam::aws:policy/AmazonRoute53DomainsReadOnlyAccess": {
406
- "VersionId": "v1",
407
- "IsDefaultVersion": true,
408
- "Document": {
409
- "Version": "2012-10-17",
410
- "Statement": [
411
- {
412
- "Effect": "Allow",
413
- "Action": [
414
- "route53domains:Get*",
415
- "route53domains:List*"
416
- ],
417
- "Resource": [
418
- "*"
419
- ]
420
- }
421
- ]
422
- }
423
- },
424
- "arn:aws:iam::aws:policy/service-role/AWSOpsWorksRole": {
425
- "VersionId": "v1",
426
- "IsDefaultVersion": true,
427
- "Document": {
428
- "Version": "2012-10-17",
429
- "Statement": [
430
- {
431
- "Effect": "Allow",
432
- "Action": [
433
- "cloudwatch:GetMetricStatistics",
434
- "ec2:DescribeAccountAttributes",
435
- "ec2:DescribeAvailabilityZones",
436
- "ec2:DescribeInstances",
437
- "ec2:DescribeKeyPairs",
438
- "ec2:DescribeSecurityGroups",
439
- "ec2:DescribeSubnets",
440
- "ec2:DescribeVpcs",
441
- "elasticloadbalancing:DescribeInstanceHealth",
442
- "elasticloadbalancing:DescribeLoadBalancers",
443
- "iam:GetRolePolicy",
444
- "iam:ListInstanceProfiles",
445
- "iam:ListRoles",
446
- "iam:ListUsers",
447
- "iam:PassRole",
448
- "opsworks:*",
449
- "rds:*"
450
- ],
451
- "Resource": [
452
- "*"
453
- ]
454
- }
455
- ]
456
- }
457
- },
458
- "arn:aws:iam::aws:policy/SimpleWorkflowFullAccess": {
459
- "VersionId": "v1",
460
- "IsDefaultVersion": true,
461
- "Document": {
462
- "Version": "2012-10-17",
463
- "Statement": [
464
- {
465
- "Action": [
466
- "swf:*"
467
- ],
468
- "Effect": "Allow",
469
- "Resource": "*"
470
- }
471
- ]
472
- }
473
- },
474
- "arn:aws:iam::aws:policy/AmazonS3FullAccess": {
475
- "VersionId": "v1",
476
- "IsDefaultVersion": true,
477
- "Document": {
478
- "Version": "2012-10-17",
479
- "Statement": [
480
- {
481
- "Effect": "Allow",
482
- "Action": "s3:*",
483
- "Resource": "*"
484
- }
485
- ]
486
- }
487
- },
488
- "arn:aws:iam::aws:policy/AWSStorageGatewayReadOnlyAccess": {
489
- "VersionId": "v1",
490
- "IsDefaultVersion": true,
491
- "Document": {
492
- "Version": "2012-10-17",
493
- "Statement": [
494
- {
495
- "Effect": "Allow",
496
- "Action": [
497
- "storagegateway:List*",
498
- "storagegateway:Describe*"
499
- ],
500
- "Resource": "*"
501
- },
502
- {
503
- "Effect": "Allow",
504
- "Action": [
505
- "ec2:DescribeSnapshots"
506
- ],
507
- "Resource": "*"
508
- }
509
- ]
510
- }
511
- },
512
- "arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforEC2Role": {
513
- "VersionId": "v2",
514
- "IsDefaultVersion": true,
515
- "Document": {
516
- "Version": "2012-10-17",
517
- "Statement": [
518
- {
519
- "Effect": "Allow",
520
- "Resource": "*",
521
- "Action": [
522
- "cloudwatch:*",
523
- "dynamodb:*",
524
- "ec2:Describe*",
525
- "elasticmapreduce:Describe*",
526
- "elasticmapreduce:ListBootstrapActions",
527
- "elasticmapreduce:ListClusters",
528
- "elasticmapreduce:ListInstanceGroups",
529
- "elasticmapreduce:ListInstances",
530
- "elasticmapreduce:ListSteps",
531
- "kinesis:CreateStream",
532
- "kinesis:DeleteStream",
533
- "kinesis:DescribeStream",
534
- "kinesis:GetRecords",
535
- "kinesis:GetShardIterator",
536
- "kinesis:MergeShards",
537
- "kinesis:PutRecord",
538
- "kinesis:SplitShard",
539
- "rds:Describe*",
540
- "s3:*",
541
- "sdb:*",
542
- "sns:*",
543
- "sqs:*"
544
- ]
545
- }
546
- ]
547
- }
548
- },
549
- "arn:aws:iam::aws:policy/AmazonRedshiftReadOnlyAccess": {
550
- "VersionId": "v1",
551
- "IsDefaultVersion": true,
552
- "Document": {
553
- "Version": "2012-10-17",
554
- "Statement": [
555
- {
556
- "Action": [
557
- "redshift:Describe*",
558
- "redshift:ViewQueriesInConsole",
559
- "ec2:DescribeAccountAttributes",
560
- "ec2:DescribeAddresses",
561
- "ec2:DescribeAvailabilityZones",
562
- "ec2:DescribeSecurityGroups",
563
- "ec2:DescribeSubnets",
564
- "ec2:DescribeVpcs",
565
- "ec2:DescribeInternetGateways",
566
- "sns:Get*",
567
- "sns:List*",
568
- "cloudwatch:Describe*",
569
- "cloudwatch:List*",
570
- "cloudwatch:Get*"
571
- ],
572
- "Effect": "Allow",
573
- "Resource": "*"
574
- }
575
- ]
576
- }
577
- },
578
- "arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess": {
579
- "VersionId": "v1",
580
- "IsDefaultVersion": true,
581
- "Document": {
582
- "Version": "2012-10-17",
583
- "Statement": [
584
- {
585
- "Effect": "Allow",
586
- "Action": "ec2:Describe*",
587
- "Resource": "*"
588
- },
589
- {
590
- "Effect": "Allow",
591
- "Action": "elasticloadbalancing:Describe*",
592
- "Resource": "*"
593
- },
594
- {
595
- "Effect": "Allow",
596
- "Action": [
597
- "cloudwatch:ListMetrics",
598
- "cloudwatch:GetMetricStatistics",
599
- "cloudwatch:Describe*"
600
- ],
601
- "Resource": "*"
602
- },
603
- {
604
- "Effect": "Allow",
605
- "Action": "autoscaling:Describe*",
606
- "Resource": "*"
607
- }
608
- ]
609
- }
610
- },
611
- "arn:aws:iam::aws:policy/AmazonElasticMapReduceReadOnlyAccess": {
612
- "VersionId": "v1",
613
- "IsDefaultVersion": true,
614
- "Document": {
615
- "Version": "2012-10-17",
616
- "Statement": [
617
- {
618
- "Action": [
619
- "elasticmapreduce:Describe*",
620
- "elasticmapreduce:List*",
621
- "s3:GetObject",
622
- "s3:ListAllMyBuckets",
623
- "s3:ListBucket",
624
- "sdb:Select",
625
- "cloudwatch:GetMetricStatistics"
626
- ],
627
- "Effect": "Allow",
628
- "Resource": "*"
629
- }
630
- ]
631
- }
632
- },
633
- "arn:aws:iam::aws:policy/AWSDirectoryServiceReadOnlyAccess": {
634
- "VersionId": "v1",
635
- "IsDefaultVersion": true,
636
- "Document": {
637
- "Version": "2012-10-17",
638
- "Statement": [
639
- {
640
- "Action": [
641
- "ds:Check*",
642
- "ds:Describe*",
643
- "ds:Get*",
644
- "ds:List*",
645
- "ec2:DescribeNetworkInterfaces",
646
- "ec2:DescribeSubnets",
647
- "ec2:DescribeVpcs"
648
- ],
649
- "Effect": "Allow",
650
- "Resource": "*"
651
- }
652
- ]
653
- }
654
- },
655
- "arn:aws:iam::aws:policy/AmazonVPCReadOnlyAccess": {
656
- "VersionId": "v2",
657
- "IsDefaultVersion": true,
658
- "Document": {
659
- "Version": "2012-10-17",
660
- "Statement": [
661
- {
662
- "Effect": "Allow",
663
- "Action": [
664
- "ec2:DescribeAddresses",
665
- "ec2:DescribeCustomerGateways",
666
- "ec2:DescribeDhcpOptions",
667
- "ec2:DescribeInternetGateways",
668
- "ec2:DescribeNetworkAcls",
669
- "ec2:DescribeNetworkInterfaces",
670
- "ec2:DescribePrefixLists",
671
- "ec2:DescribeRouteTables",
672
- "ec2:DescribeSecurityGroups",
673
- "ec2:DescribeSubnets",
674
- "ec2:DescribeVpcAttribute",
675
- "ec2:DescribeVpcEndpoints",
676
- "ec2:DescribeVpcEndpointServices",
677
- "ec2:DescribeVpcPeeringConnection",
678
- "ec2:DescribeVpcs",
679
- "ec2:DescribeVpnConnections",
680
- "ec2:DescribeVpnGateways"
681
- ],
682
- "Resource": "*"
683
- }
684
- ]
685
- }
686
- },
687
- "arn:aws:iam::aws:policy/AmazonMobileAnalyticsFullAccess": {
688
- "VersionId": "v1",
689
- "IsDefaultVersion": true,
690
- "Document": {
691
- "Version": "2012-10-17",
692
- "Statement": [
693
- {
694
- "Effect": "Allow",
695
- "Action": "mobileanalytics:*",
696
- "Resource": "*"
697
- }
698
- ]
699
- }
700
- },
701
- "arn:aws:iam::aws:policy/service-role/AWSDataPipelineRole": {
702
- "VersionId": "v2",
703
- "IsDefaultVersion": true,
704
- "Document": {
705
- "Version": "2012-10-17",
706
- "Statement": [
707
- {
708
- "Effect": "Allow",
709
- "Action": [
710
- "cloudwatch:*",
711
- "datapipeline:DescribeObjects",
712
- "datapipeline:EvaluateExpression",
713
- "dynamodb:BatchGetItem",
714
- "dynamodb:DescribeTable",
715
- "dynamodb:GetItem",
716
- "dynamodb:Query",
717
- "dynamodb:Scan",
718
- "dynamodb:UpdateTable",
719
- "ec2:AuthorizeSecurityGroupIngress",
720
- "ec2:CancelSpotInstanceRequests",
721
- "ec2:CreateSecurityGroup",
722
- "ec2:CreateTags",
723
- "ec2:DeleteTags",
724
- "ec2:Describe*",
725
- "ec2:ModifyImageAttribute",
726
- "ec2:ModifyInstanceAttribute",
727
- "ec2:RequestSpotInstances",
728
- "ec2:RunInstances",
729
- "ec2:StartInstances",
730
- "ec2:StopInstances",
731
- "ec2:TerminateInstances",
732
- "elasticmapreduce:*",
733
- "iam:GetRole",
734
- "iam:GetRolePolicy",
735
- "iam:ListRolePolicies",
736
- "iam:ListInstanceProfiles",
737
- "iam:PassRole",
738
- "rds:DescribeDBInstances",
739
- "rds:DescribeDBSecurityGroups",
740
- "redshift:DescribeClusters",
741
- "redshift:DescribeClusterSecurityGroups",
742
- "s3:CreateBucket",
743
- "s3:DeleteObject",
744
- "s3:Get*",
745
- "s3:List*",
746
- "s3:Put*",
747
- "sdb:BatchPutAttributes",
748
- "sdb:Select*",
749
- "sns:GetTopicAttributes",
750
- "sns:ListTopics",
751
- "sns:Publish",
752
- "sns:Subscribe",
753
- "sns:Unsubscribe"
754
- ],
755
- "Resource": [
756
- "*"
757
- ]
758
- }
759
- ]
760
- }
761
- },
762
- "arn:aws:iam::aws:policy/CloudWatchFullAccess": {
763
- "VersionId": "v1",
764
- "IsDefaultVersion": true,
765
- "Document": {
766
- "Version": "2012-10-17",
767
- "Statement": [
768
- {
769
- "Action": [
770
- "autoscaling:Describe*",
771
- "cloudwatch:*",
772
- "logs:*",
773
- "sns:*"
774
- ],
775
- "Effect": "Allow",
776
- "Resource": "*"
777
- }
778
- ]
779
- }
780
- },
781
- "arn:aws:iam::aws:policy/ReadOnlyAccess": {
782
- "VersionId": "v2",
783
- "IsDefaultVersion": true,
784
- "Document": {
785
- "Version": "2012-10-17",
786
- "Statement": [
787
- {
788
- "Action": [
789
- "appstream:Get*",
790
- "autoscaling:Describe*",
791
- "cloudformation:DescribeStacks",
792
- "cloudformation:DescribeStackEvents",
793
- "cloudformation:DescribeStackResource",
794
- "cloudformation:DescribeStackResources",
795
- "cloudformation:GetTemplate",
796
- "cloudformation:List*",
797
- "cloudfront:Get*",
798
- "cloudfront:List*",
799
- "cloudtrail:DescribeTrails",
800
- "cloudtrail:GetTrailStatus",
801
- "cloudwatch:Describe*",
802
- "cloudwatch:Get*",
803
- "cloudwatch:List*",
804
- "directconnect:Describe*",
805
- "dynamodb:GetItem",
806
- "dynamodb:BatchGetItem",
807
- "dynamodb:Query",
808
- "dynamodb:Scan",
809
- "dynamodb:DescribeTable",
810
- "dynamodb:ListTables",
811
- "ec2:Describe*",
812
- "ecs:Describe*",
813
- "ecs:List*",
814
- "elasticache:Describe*",
815
- "elasticbeanstalk:Check*",
816
- "elasticbeanstalk:Describe*",
817
- "elasticbeanstalk:List*",
818
- "elasticbeanstalk:RequestEnvironmentInfo",
819
- "elasticbeanstalk:RetrieveEnvironmentInfo",
820
- "elasticloadbalancing:Describe*",
821
- "elasticmapreduce:Describe*",
822
- "elasticmapreduce:List*",
823
- "elastictranscoder:Read*",
824
- "elastictranscoder:List*",
825
- "iam:List*",
826
- "iam:GenerateCredentialReport",
827
- "iam:Get*",
828
- "kinesis:Describe*",
829
- "kinesis:Get*",
830
- "kinesis:List*",
831
- "opsworks:Describe*",
832
- "opsworks:Get*",
833
- "route53:Get*",
834
- "route53:List*",
835
- "redshift:Describe*",
836
- "redshift:ViewQueriesInConsole",
837
- "rds:Describe*",
838
- "rds:ListTagsForResource",
839
- "s3:Get*",
840
- "s3:List*",
841
- "sdb:GetAttributes",
842
- "sdb:List*",
843
- "sdb:Select*",
844
- "ses:Get*",
845
- "ses:List*",
846
- "sns:Get*",
847
- "sns:List*",
848
- "sqs:GetQueueAttributes",
849
- "sqs:ListQueues",
850
- "sqs:ReceiveMessage",
851
- "storagegateway:List*",
852
- "storagegateway:Describe*",
853
- "tag:get*",
854
- "trustedadvisor:Describe*"
855
- ],
856
- "Effect": "Allow",
857
- "Resource": "*"
858
- }
859
- ]
860
- }
861
- },
862
- "arn:aws:iam::aws:policy/AmazonMachineLearningBatchPredictionsAccess": {
863
- "VersionId": "v1",
864
- "IsDefaultVersion": true,
865
- "Document": {
866
- "Version": "2012-10-17",
867
- "Statement": [
868
- {
869
- "Effect": "Allow",
870
- "Action": [
871
- "machinelearning:CreateBatchPrediction",
872
- "machinelearning:DeleteBatchPrediction",
873
- "machinelearning:DescribeBatchPredictions",
874
- "machinelearning:GetBatchPrediction",
875
- "machinelearning:UpdateBatchPrediction"
876
- ],
877
- "Resource": "*"
878
- }
879
- ]
880
- }
881
- },
882
- "arn:aws:iam::aws:policy/AWSCodeDeployReadOnlyAccess": {
883
- "VersionId": "v1",
884
- "IsDefaultVersion": true,
885
- "Document": {
886
- "Version": "2012-10-17",
887
- "Statement": [
888
- {
889
- "Action": [
890
- "codedeploy:Batch*",
891
- "codedeploy:Get*",
892
- "codedeploy:List*"
893
- ],
894
- "Effect": "Allow",
895
- "Resource": "*"
896
- }
897
- ]
898
- }
899
- },
900
- "arn:aws:iam::aws:policy/CloudSearchFullAccess": {
901
- "VersionId": "v1",
902
- "IsDefaultVersion": true,
903
- "Document": {
904
- "Version": "2012-10-17",
905
- "Statement": [
906
- {
907
- "Action": [
908
- "cloudsearch:*"
909
- ],
910
- "Effect": "Allow",
911
- "Resource": "*"
912
- }
913
- ]
914
- }
915
- },
916
- "arn:aws:iam::aws:policy/AWSCloudHSMFullAccess": {
917
- "VersionId": "v1",
918
- "IsDefaultVersion": true,
919
- "Document": {
920
- "Version": "2012-10-17",
921
- "Statement": [
922
- {
923
- "Effect": "Allow",
924
- "Action": "cloudhsm:*",
925
- "Resource": "*"
926
- }
927
- ]
928
- }
929
- },
930
- "arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetRole": {
931
- "VersionId": "v1",
932
- "IsDefaultVersion": true,
933
- "Document": {
934
- "Version": "2012-10-17",
935
- "Statement": [
936
- {
937
- "Effect": "Allow",
938
- "Action": [
939
- "ec2:DescribeImages",
940
- "ec2:DescribeSubnets",
941
- "ec2:RequestSpotInstances",
942
- "ec2:TerminateInstances"
943
- ],
944
- "Resource": [
945
- "*"
946
- ]
947
- }
948
- ]
949
- }
950
- },
951
- "arn:aws:iam::aws:policy/AmazonElasticTranscoderJobsSubmitter": {
952
- "VersionId": "v1",
953
- "IsDefaultVersion": true,
954
- "Document": {
955
- "Version": "2012-10-17",
956
- "Statement": [
957
- {
958
- "Action": [
959
- "elastictranscoder:Read*",
960
- "elastictranscoder:List*",
961
- "elastictranscoder:*Job",
962
- "elastictranscoder:*Preset",
963
- "s3:List*",
964
- "iam:List*",
965
- "sns:List*"
966
- ],
967
- "Effect": "Allow",
968
- "Resource": "*"
969
- }
970
- ]
971
- }
972
- },
973
- "arn:aws:iam::aws:policy/AWSDirectoryServiceFullAccess": {
974
- "VersionId": "v1",
975
- "IsDefaultVersion": true,
976
- "Document": {
977
- "Version": "2012-10-17",
978
- "Statement": [
979
- {
980
- "Action": [
981
- "ds:*",
982
- "ec2:AuthorizeSecurityGroupEgress",
983
- "ec2:AuthorizeSecurityGroupIngress",
984
- "ec2:CreateNetworkInterface",
985
- "ec2:CreateSecurityGroup",
986
- "ec2:DeleteNetworkInterface",
987
- "ec2:DeleteSecurityGroup",
988
- "ec2:DescribeNetworkInterfaces",
989
- "ec2:DescribeSubnets",
990
- "ec2:DescribeVpcs",
991
- "ec2:RevokeSecurityGroupEgress",
992
- "ec2:RevokeSecurityGroupIngress"
993
- ],
994
- "Effect": "Allow",
995
- "Resource": "*"
996
- }
997
- ]
998
- }
999
- },
1000
- "arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess": {
1001
- "VersionId": "v1",
1002
- "IsDefaultVersion": true,
1003
- "Document": {
1004
- "Version": "2012-10-17",
1005
- "Statement": [
1006
- {
1007
- "Action": [
1008
- "dynamodb:*",
1009
- "cloudwatch:DeleteAlarms",
1010
- "cloudwatch:DescribeAlarmHistory",
1011
- "cloudwatch:DescribeAlarms",
1012
- "cloudwatch:DescribeAlarmsForMetric",
1013
- "cloudwatch:GetMetricStatistics",
1014
- "cloudwatch:ListMetrics",
1015
- "cloudwatch:PutMetricAlarm",
1016
- "datapipeline:ActivatePipeline",
1017
- "datapipeline:CreatePipeline",
1018
- "datapipeline:DeletePipeline",
1019
- "datapipeline:DescribeObjects",
1020
- "datapipeline:DescribePipelines",
1021
- "datapipeline:GetPipelineDefinition",
1022
- "datapipeline:ListPipelines",
1023
- "datapipeline:PutPipelineDefinition",
1024
- "datapipeline:QueryObjects",
1025
- "iam:ListRoles",
1026
- "sns:CreateTopic",
1027
- "sns:DeleteTopic",
1028
- "sns:ListSubscriptions",
1029
- "sns:ListSubscriptionsByTopic",
1030
- "sns:ListTopics",
1031
- "sns:Subscribe",
1032
- "sns:Unsubscribe"
1033
- ],
1034
- "Effect": "Allow",
1035
- "Resource": "*"
1036
- }
1037
- ]
1038
- }
1039
- },
1040
- "arn:aws:iam::aws:policy/AmazonSESReadOnlyAccess": {
1041
- "VersionId": "v1",
1042
- "IsDefaultVersion": true,
1043
- "Document": {
1044
- "Version": "2012-10-17",
1045
- "Statement": [
1046
- {
1047
- "Effect": "Allow",
1048
- "Action": [
1049
- "ses:Get*",
1050
- "ses:List*"
1051
- ],
1052
- "Resource": "*"
1053
- }
1054
- ]
1055
- }
1056
- },
1057
- "arn:aws:iam::aws:policy/service-role/AutoScalingNotificationAccessRole": {
1058
- "VersionId": "v1",
1059
- "IsDefaultVersion": true,
1060
- "Document": {
1061
- "Version": "2012-10-17",
1062
- "Statement": [
1063
- {
1064
- "Effect": "Allow",
1065
- "Resource": "*",
1066
- "Action": [
1067
- "sqs:SendMessage",
1068
- "sqs:GetQueueUrl",
1069
- "sns:Publish"
1070
- ]
1071
- }
1072
- ]
1073
- }
1074
- },
1075
- "arn:aws:iam::aws:policy/AmazonKinesisReadOnlyAccess": {
1076
- "VersionId": "v1",
1077
- "IsDefaultVersion": true,
1078
- "Document": {
1079
- "Version": "2012-10-17",
1080
- "Statement": [
1081
- {
1082
- "Effect": "Allow",
1083
- "Action": [
1084
- "kinesis:Get*",
1085
- "kinesis:List*",
1086
- "kinesis:Describe*"
1087
- ],
1088
- "Resource": "*"
1089
- }
1090
- ]
1091
- }
1092
- },
1093
- "arn:aws:iam::aws:policy/AWSCodeDeployFullAccess": {
1094
- "VersionId": "v1",
1095
- "IsDefaultVersion": true,
1096
- "Document": {
1097
- "Version": "2012-10-17",
1098
- "Statement": [
1099
- {
1100
- "Action": "codedeploy:*",
1101
- "Effect": "Allow",
1102
- "Resource": "*"
1103
- }
1104
- ]
1105
- }
1106
- },
1107
- "arn:aws:iam::aws:policy/service-role/AWSLambdaDynamoDBExecutionRole": {
1108
- "VersionId": "v1",
1109
- "IsDefaultVersion": true,
1110
- "Document": {
1111
- "Version": "2012-10-17",
1112
- "Statement": [
1113
- {
1114
- "Effect": "Allow",
1115
- "Action": [
1116
- "dynamodb:DescribeStream",
1117
- "dynamodb:GetRecords",
1118
- "dynamodb:GetShardIterator",
1119
- "dynamodb:ListStreams",
1120
- "logs:CreateLogGroup",
1121
- "logs:CreateLogStream",
1122
- "logs:PutLogEvents"
1123
- ],
1124
- "Resource": "*"
1125
- }
1126
- ]
1127
- }
1128
- },
1129
- "arn:aws:iam::aws:policy/AmazonRoute53DomainsFullAccess": {
1130
- "VersionId": "v1",
1131
- "IsDefaultVersion": true,
1132
- "Document": {
1133
- "Version": "2012-10-17",
1134
- "Statement": [
1135
- {
1136
- "Effect": "Allow",
1137
- "Action": [
1138
- "route53:CreateHostedZone",
1139
- "route53domains:*"
1140
- ],
1141
- "Resource": [
1142
- "*"
1143
- ]
1144
- }
1145
- ]
1146
- }
1147
- },
1148
- "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess": {
1149
- "VersionId": "v1",
1150
- "IsDefaultVersion": true,
1151
- "Document": {
1152
- "Version": "2012-10-17",
1153
- "Statement": [
1154
- {
1155
- "Action": [
1156
- "elasticache:Describe*"
1157
- ],
1158
- "Effect": "Allow",
1159
- "Resource": "*"
1160
- }
1161
- ]
1162
- }
1163
- },
1164
- "arn:aws:iam::aws:policy/AmazonElasticFileSystemReadOnlyAccess": {
1165
- "VersionId": "v1",
1166
- "IsDefaultVersion": true,
1167
- "Document": {
1168
- "Version": "2012-10-17",
1169
- "Statement": [
1170
- {
1171
- "Action": [
1172
- "ec2:DescribeAvailabilityZones",
1173
- "ec2:DescribeNetworkInterfaceAttribute",
1174
- "ec2:DescribeNetworkInterfaces",
1175
- "ec2:DescribeSecurityGroups",
1176
- "ec2:DescribeSubnets",
1177
- "ec2:DescribeVpcs",
1178
- "elasticfilesystem:Describe*"
1179
- ],
1180
- "Effect": "Allow",
1181
- "Resource": "*"
1182
- }
1183
- ]
1184
- }
1185
- },
1186
- "arn:aws:iam::aws:policy/CloudFrontFullAccess": {
1187
- "VersionId": "v2",
1188
- "IsDefaultVersion": true,
1189
- "Document": {
1190
- "Version": "2012-10-17",
1191
- "Statement": [
1192
- {
1193
- "Action": [
1194
- "s3:ListAllMyBuckets"
1195
- ],
1196
- "Effect": "Allow",
1197
- "Resource": "arn:aws:s3:::*"
1198
- },
1199
- {
1200
- "Action": [
1201
- "cloudfront:*",
1202
- "iam:ListServerCertificates"
1203
- ],
1204
- "Effect": "Allow",
1205
- "Resource": "*"
1206
- }
1207
- ]
1208
- }
1209
- },
1210
- "arn:aws:iam::aws:policy/service-role/AmazonMachineLearningRoleforRedshiftDataSource": {
1211
- "VersionId": "v1",
1212
- "IsDefaultVersion": true,
1213
- "Document": {
1214
- "Version": "2012-10-17",
1215
- "Statement": [
1216
- {
1217
- "Effect": "Allow",
1218
- "Action": [
1219
- "ec2:AuthorizeSecurityGroupIngress",
1220
- "ec2:CreateSecurityGroup",
1221
- "ec2:DescribeInternetGateways",
1222
- "ec2:DescribeSecurityGroups",
1223
- "ec2:RevokeSecurityGroupIngress",
1224
- "redshift:AuthorizeClusterSecurityGroupIngress",
1225
- "redshift:CreateClusterSecurityGroup",
1226
- "redshift:DescribeClusters",
1227
- "redshift:DescribeClusterSecurityGroups",
1228
- "redshift:ModifyCluster",
1229
- "redshift:RevokeClusterSecurityGroupIngress",
1230
- "s3:GetBucketLocation",
1231
- "s3:GetBucketPolicy",
1232
- "s3:GetObject",
1233
- "s3:PutBucketPolicy",
1234
- "s3:PutObject"
1235
- ],
1236
- "Resource": "*"
1237
- }
1238
- ]
1239
- }
1240
- },
1241
- "arn:aws:iam::aws:policy/AmazonMobileAnalyticsNon-financialReportAccess": {
1242
- "VersionId": "v1",
1243
- "IsDefaultVersion": true,
1244
- "Document": {
1245
- "Version": "2012-10-17",
1246
- "Statement": [
1247
- {
1248
- "Effect": "Allow",
1249
- "Action": "mobileanalytics:GetReports",
1250
- "Resource": "*"
1251
- }
1252
- ]
1253
- }
1254
- },
1255
- "arn:aws:iam::aws:policy/AWSCloudTrailFullAccess": {
1256
- "VersionId": "v1",
1257
- "IsDefaultVersion": true,
1258
- "Document": {
1259
- "Version": "2012-10-17",
1260
- "Statement": [
1261
- {
1262
- "Effect": "Allow",
1263
- "Action": [
1264
- "sns:AddPermission",
1265
- "sns:CreateTopic",
1266
- "sns:DeleteTopic",
1267
- "sns:ListTopics",
1268
- "sns:SetTopicAttributes"
1269
- ],
1270
- "Resource": "arn:aws:sns:*"
1271
- },
1272
- {
1273
- "Effect": "Allow",
1274
- "Action": [
1275
- "s3:CreateBucket",
1276
- "s3:DeleteBucket",
1277
- "s3:ListAllMyBuckets",
1278
- "s3:PutBucketPolicy",
1279
- "s3:ListBucket",
1280
- "s3:GetBucketLocation",
1281
- "s3:GetObject"
1282
- ],
1283
- "Resource": "arn:aws:s3:::*"
1284
- },
1285
- {
1286
- "Effect": "Allow",
1287
- "Action": "cloudtrail:*",
1288
- "Resource": "*"
1289
- },
1290
- {
1291
- "Effect": "Allow",
1292
- "Action": [
1293
- "logs:CreateLogGroup"
1294
- ],
1295
- "Resource": "arn:aws:logs:*"
1296
- },
1297
- {
1298
- "Effect": "Allow",
1299
- "Action": [
1300
- "iam:PassRole",
1301
- "iam:ListRoles",
1302
- "iam:GetRolePolicy"
1303
- ],
1304
- "Resource": "arn:aws:iam::*"
1305
- }
1306
- ]
1307
- }
1308
- },
1309
- "arn:aws:iam::aws:policy/AmazonCognitoDeveloperAuthenticatedIdentities": {
1310
- "VersionId": "v1",
1311
- "IsDefaultVersion": true,
1312
- "Document": {
1313
- "Version": "2012-10-17",
1314
- "Statement": [
1315
- {
1316
- "Effect": "Allow",
1317
- "Action": [
1318
- "cognito-identity:GetOpenIdTokenForDeveloperIdentity",
1319
- "cognito-identity:LookupDeveloperIdentity",
1320
- "cognito-identity:MergeDeveloperIdentities",
1321
- "cognito-identity:UnlinkDeveloperIdentity"
1322
- ],
1323
- "Resource": "*"
1324
- }
1325
- ]
1326
- }
1327
- },
1328
- "arn:aws:iam::aws:policy/service-role/AWSConfigRole": {
1329
- "VersionId": "v1",
1330
- "IsDefaultVersion": true,
1331
- "Document": {
1332
- "Version": "2012-10-17",
1333
- "Statement": [
1334
- {
1335
- "Effect": "Allow",
1336
- "Action": [
1337
- "cloudtrail:DescribeTrails",
1338
- "ec2:Describe*"
1339
- ],
1340
- "Resource": "*"
1341
- }
1342
- ]
1343
- }
1344
- },
1345
- "arn:aws:iam::aws:policy/AmazonRedshiftFullAccess": {
1346
- "VersionId": "v1",
1347
- "IsDefaultVersion": true,
1348
- "Document": {
1349
- "Version": "2012-10-17",
1350
- "Statement": [
1351
- {
1352
- "Action": [
1353
- "redshift:*",
1354
- "ec2:DescribeAccountAttributes",
1355
- "ec2:DescribeAddresses",
1356
- "ec2:DescribeAvailabilityZones",
1357
- "ec2:DescribeSecurityGroups",
1358
- "ec2:DescribeSubnets",
1359
- "ec2:DescribeVpcs",
1360
- "ec2:DescribeInternetGateways",
1361
- "sns:CreateTopic",
1362
- "sns:Get*",
1363
- "sns:List*",
1364
- "cloudwatch:Describe*",
1365
- "cloudwatch:Get*",
1366
- "cloudwatch:List*",
1367
- "cloudwatch:PutMetricAlarm",
1368
- "cloudwatch:EnableAlarmActions",
1369
- "cloudwatch:DisableAlarmActions"
1370
- ],
1371
- "Effect": "Allow",
1372
- "Resource": "*"
1373
- }
1374
- ]
1375
- }
1376
- },
1377
- "arn:aws:iam::aws:policy/AmazonZocaloReadOnlyAccess": {
1378
- "VersionId": "v1",
1379
- "IsDefaultVersion": true,
1380
- "Document": {
1381
- "Version": "2012-10-17",
1382
- "Statement": [
1383
- {
1384
- "Effect": "Allow",
1385
- "Action": [
1386
- "zocalo:Describe*",
1387
- "ds:DescribeDirectories",
1388
- "ec2:DescribeVpcs",
1389
- "ec2:DescribeSubnets"
1390
- ],
1391
- "Resource": "*"
1392
- }
1393
- ]
1394
- }
1395
- },
1396
- "arn:aws:iam::aws:policy/AWSCloudHSMReadOnlyAccess": {
1397
- "VersionId": "v1",
1398
- "IsDefaultVersion": true,
1399
- "Document": {
1400
- "Version": "2012-10-17",
1401
- "Statement": [
1402
- {
1403
- "Effect": "Allow",
1404
- "Action": [
1405
- "cloudhsm:Get*",
1406
- "cloudhsm:List*",
1407
- "cloudhsm:Describe*"
1408
- ],
1409
- "Resource": "*"
1410
- }
1411
- ]
1412
- }
1413
- },
1414
- "arn:aws:iam::aws:policy/AmazonRoute53ReadOnlyAccess": {
1415
- "VersionId": "v1",
1416
- "IsDefaultVersion": true,
1417
- "Document": {
1418
- "Version": "2012-10-17",
1419
- "Statement": [
1420
- {
1421
- "Effect": "Allow",
1422
- "Action": [
1423
- "route53:Get*",
1424
- "route53:List*"
1425
- ],
1426
- "Resource": [
1427
- "*"
1428
- ]
1429
- }
1430
- ]
1431
- }
1432
- },
1433
- "arn:aws:iam::aws:policy/AmazonEC2ReportsAccess": {
1434
- "VersionId": "v1",
1435
- "IsDefaultVersion": true,
1436
- "Document": {
1437
- "Version": "2012-10-17",
1438
- "Statement": [
1439
- {
1440
- "Action": "ec2-reports:*",
1441
- "Effect": "Allow",
1442
- "Resource": "*"
1443
- }
1444
- ]
1445
- }
1446
- },
1447
- "arn:aws:iam::aws:policy/AmazonSQSReadOnlyAccess": {
1448
- "VersionId": "v1",
1449
- "IsDefaultVersion": true,
1450
- "Document": {
1451
- "Version": "2012-10-17",
1452
- "Statement": [
1453
- {
1454
- "Action": [
1455
- "sqs:GetQueueAttributes",
1456
- "sqs:ListQueues"
1457
- ],
1458
- "Effect": "Allow",
1459
- "Resource": "*"
1460
- }
1461
- ]
1462
- }
1463
- },
1464
- "arn:aws:iam::aws:policy/AmazonKinesisFullAccess": {
1465
- "VersionId": "v1",
1466
- "IsDefaultVersion": true,
1467
- "Document": {
1468
- "Version": "2012-10-17",
1469
- "Statement": [
1470
- {
1471
- "Effect": "Allow",
1472
- "Action": "kinesis:*",
1473
- "Resource": "*"
1474
- }
1475
- ]
1476
- }
1477
- },
1478
- "arn:aws:iam::aws:policy/AmazonMachineLearningReadOnlyAccess": {
1479
- "VersionId": "v1",
1480
- "IsDefaultVersion": true,
1481
- "Document": {
1482
- "Version": "2012-10-17",
1483
- "Statement": [
1484
- {
1485
- "Effect": "Allow",
1486
- "Action": [
1487
- "machinelearning:Describe*",
1488
- "machinelearning:Get*"
1489
- ],
1490
- "Resource": "*"
1491
- }
1492
- ]
1493
- }
1494
- },
1495
- "arn:aws:iam::aws:policy/service-role/RDSCloudHsmAuthorizationRole": {
1496
- "VersionId": "v1",
1497
- "IsDefaultVersion": true,
1498
- "Document": {
1499
- "Version": "2012-10-17",
1500
- "Statement": [
1501
- {
1502
- "Effect": "Allow",
1503
- "Action": [
1504
- "cloudhsm:CreateLunaClient",
1505
- "cloudhsm:GetClientConfiguration",
1506
- "cloudhsm:DeleteLunaClient",
1507
- "cloudhsm:DescribeLunaClient",
1508
- "cloudhsm:ModifyLunaClient",
1509
- "cloudhsm:DescribeHapg",
1510
- "cloudhsm:ModifyHapg",
1511
- "cloudhsm:GetConfig"
1512
- ],
1513
- "Resource": "*"
1514
- }
1515
- ]
1516
- }
1517
- },
1518
- "arn:aws:iam::aws:policy/AmazonMachineLearningFullAccess": {
1519
- "VersionId": "v1",
1520
- "IsDefaultVersion": true,
1521
- "Document": {
1522
- "Version": "2012-10-17",
1523
- "Statement": [
1524
- {
1525
- "Effect": "Allow",
1526
- "Action": [
1527
- "machinelearning:*"
1528
- ],
1529
- "Resource": "*"
1530
- }
1531
- ]
1532
- }
1533
- },
1534
- "arn:aws:iam::aws:policy/AdministratorAccess": {
1535
- "VersionId": "v1",
1536
- "IsDefaultVersion": true,
1537
- "Document": {
1538
- "Version": "2012-10-17",
1539
- "Statement": [
1540
- {
1541
- "Effect": "Allow",
1542
- "Action": "*",
1543
- "Resource": "*"
1544
- }
1545
- ]
1546
- }
1547
- },
1548
- "arn:aws:iam::aws:policy/AmazonMachineLearningRealTimePredictionOnlyAccess": {
1549
- "VersionId": "v1",
1550
- "IsDefaultVersion": true,
1551
- "Document": {
1552
- "Version": "2012-10-17",
1553
- "Statement": [
1554
- {
1555
- "Effect": "Allow",
1556
- "Action": [
1557
- "machinelearning:Predict"
1558
- ],
1559
- "Resource": "*"
1560
- }
1561
- ]
1562
- }
1563
- },
1564
- "arn:aws:iam::aws:policy/AWSConfigUserAccess": {
1565
- "VersionId": "v1",
1566
- "IsDefaultVersion": true,
1567
- "Document": {
1568
- "Version": "2012-10-17",
1569
- "Statement": [
1570
- {
1571
- "Effect": "Allow",
1572
- "Action": [
1573
- "config:Get*",
1574
- "config:Describe*",
1575
- "config:Deliver*",
1576
- "tag:GetResources",
1577
- "tag:GetTagKeys"
1578
- ],
1579
- "Resource": "*"
1580
- }
1581
- ]
1582
- }
1583
- },
1584
- "arn:aws:iam::aws:policy/SecurityAudit": {
1585
- "VersionId": "v2",
1586
- "IsDefaultVersion": true,
1587
- "Document": {
1588
- "Version": "2012-10-17",
1589
- "Statement": [
1590
- {
1591
- "Action": [
1592
- "autoscaling:Describe*",
1593
- "cloudformation:DescribeStack*",
1594
- "cloudformation:GetTemplate",
1595
- "cloudformation:ListStack*",
1596
- "cloudfront:Get*",
1597
- "cloudfront:List*",
1598
- "cloudwatch:Describe*",
1599
- "directconnect:Describe*",
1600
- "dynamodb:ListTables",
1601
- "ec2:Describe*",
1602
- "ecs:Describe*",
1603
- "ecs:List*",
1604
- "elasticbeanstalk:Describe*",
1605
- "elasticache:Describe*",
1606
- "elasticloadbalancing:Describe*",
1607
- "elasticmapreduce:DescribeJobFlows",
1608
- "glacier:ListVaults",
1609
- "iam:GenerateCredentialReport",
1610
- "iam:Get*",
1611
- "iam:List*",
1612
- "rds:Describe*",
1613
- "rds:DownloadDBLogFilePortion",
1614
- "rds:ListTagsForResource",
1615
- "redshift:Describe*",
1616
- "route53:GetHostedZone",
1617
- "route53:ListHostedZones",
1618
- "route53:ListResourceRecordSets",
1619
- "s3:GetBucket*",
1620
- "s3:GetLifecycleConfiguration",
1621
- "s3:GetObjectAcl",
1622
- "s3:GetObjectVersionAcl",
1623
- "s3:ListAllMyBuckets",
1624
- "sdb:DomainMetadata",
1625
- "sdb:ListDomains",
1626
- "sns:GetTopicAttributes",
1627
- "sns:ListTopics",
1628
- "sqs:GetQueueAttributes",
1629
- "sqs:ListQueues"
1630
- ],
1631
- "Effect": "Allow",
1632
- "Resource": "*"
1633
- }
1634
- ]
1635
- }
1636
- },
1637
- "arn:aws:iam::aws:policy/AmazonDynamoDBReadOnlyAccess": {
1638
- "VersionId": "v1",
1639
- "IsDefaultVersion": true,
1640
- "Document": {
1641
- "Version": "2012-10-17",
1642
- "Statement": [
1643
- {
1644
- "Action": [
1645
- "cloudwatch:DescribeAlarmHistory",
1646
- "cloudwatch:DescribeAlarms",
1647
- "cloudwatch:DescribeAlarmsForMetric",
1648
- "cloudwatch:GetMetricStatistics",
1649
- "cloudwatch:ListMetrics",
1650
- "datapipeline:DescribeObjects",
1651
- "datapipeline:DescribePipelines",
1652
- "datapipeline:GetPipelineDefinition",
1653
- "datapipeline:ListPipelines",
1654
- "datapipeline:QueryObjects",
1655
- "dynamodb:BatchGetItem",
1656
- "dynamodb:DescribeTable",
1657
- "dynamodb:GetItem",
1658
- "dynamodb:ListTables",
1659
- "dynamodb:Query",
1660
- "dynamodb:Scan",
1661
- "sns:ListSubscriptionsByTopic",
1662
- "sns:ListTopics"
1663
- ],
1664
- "Effect": "Allow",
1665
- "Resource": "*"
1666
- }
1667
- ]
1668
- }
1669
- },
1670
- "arn:aws:iam::aws:policy/AmazonSNSReadOnlyAccess": {
1671
- "VersionId": "v1",
1672
- "IsDefaultVersion": true,
1673
- "Document": {
1674
- "Version": "2012-10-17",
1675
- "Statement": [
1676
- {
1677
- "Effect": "Allow",
1678
- "Action": [
1679
- "sns:GetTopicAttributes",
1680
- "sns:List*"
1681
- ],
1682
- "Resource": "*"
1683
- }
1684
- ]
1685
- }
1686
- },
1687
- "arn:aws:iam::aws:policy/AmazonElasticMapReduceFullAccess": {
1688
- "VersionId": "v3",
1689
- "IsDefaultVersion": true,
1690
- "Document": {
1691
- "Version": "2012-10-17",
1692
- "Statement": [
1693
- {
1694
- "Action": [
1695
- "cloudwatch:*",
1696
- "ec2:AuthorizeSecurityGroupIngress",
1697
- "ec2:CancelSpotInstanceRequests",
1698
- "ec2:CreateSecurityGroup",
1699
- "ec2:CreateTags",
1700
- "ec2:DeleteTags",
1701
- "ec2:DescribeAvailabilityZones",
1702
- "ec2:DescribeAccountAttributes",
1703
- "ec2:DescribeInstances",
1704
- "ec2:DescribeKeyPairs",
1705
- "ec2:DescribeRouteTables",
1706
- "ec2:DescribeSecurityGroups",
1707
- "ec2:DescribeSpotInstanceRequests",
1708
- "ec2:DescribeSpotPriceHistory",
1709
- "ec2:DescribeSubnets",
1710
- "ec2:DescribeVpcAttribute",
1711
- "ec2:DescribeVpcs",
1712
- "ec2:ModifyImageAttribute",
1713
- "ec2:ModifyInstanceAttribute",
1714
- "ec2:RequestSpotInstances",
1715
- "ec2:RunInstances",
1716
- "ec2:TerminateInstances",
1717
- "elasticmapreduce:*",
1718
- "iam:GetPolicy",
1719
- "iam:GetPolicyVersion",
1720
- "iam:ListRoles",
1721
- "iam:PassRole",
1722
- "kms:List*",
1723
- "s3:*",
1724
- "sdb:*",
1725
- "support:CreateCase",
1726
- "support:DescribeServices",
1727
- "support:DescribeSeverityLevels"
1728
- ],
1729
- "Effect": "Allow",
1730
- "Resource": "*"
1731
- }
1732
- ]
1733
- }
1734
- },
1735
- "arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess": {
1736
- "VersionId": "v1",
1737
- "IsDefaultVersion": true,
1738
- "Document": {
1739
- "Version": "2012-10-17",
1740
- "Statement": [
1741
- {
1742
- "Effect": "Allow",
1743
- "Action": [
1744
- "s3:Get*",
1745
- "s3:List*"
1746
- ],
1747
- "Resource": "*"
1748
- }
1749
- ]
1750
- }
1751
- },
1752
- "arn:aws:iam::aws:policy/AWSElasticBeanstalkFullAccess": {
1753
- "VersionId": "v1",
1754
- "IsDefaultVersion": true,
1755
- "Document": {
1756
- "Version": "2012-10-17",
1757
- "Statement": [
1758
- {
1759
- "Effect": "Allow",
1760
- "Action": [
1761
- "elasticbeanstalk:*",
1762
- "ec2:*",
1763
- "elasticloadbalancing:*",
1764
- "autoscaling:*",
1765
- "cloudwatch:*",
1766
- "s3:*",
1767
- "sns:*",
1768
- "cloudformation:*",
1769
- "rds:*",
1770
- "sqs:*",
1771
- "iam:PassRole"
1772
- ],
1773
- "Resource": "*"
1774
- }
1775
- ]
1776
- }
1777
- },
1778
- "arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole": {
1779
- "VersionId": "v1",
1780
- "IsDefaultVersion": true,
1781
- "Document": {
1782
- "Version": "2012-10-17",
1783
- "Statement": [
1784
- {
1785
- "Effect": "Allow",
1786
- "Action": [
1787
- "autoscaling:CompleteLifecycleAction",
1788
- "autoscaling:DeleteLifecycleHook",
1789
- "autoscaling:DescribeAutoScalingGroups",
1790
- "autoscaling:DescribeLifecycleHooks",
1791
- "autoscaling:PutLifecycleHook",
1792
- "autoscaling:RecordLifecycleActionHeartbeat",
1793
- "ec2:DescribeInstances",
1794
- "ec2:DescribeInstanceStatus",
1795
- "tag:GetTags",
1796
- "tag:GetResources"
1797
- ],
1798
- "Resource": "*"
1799
- }
1800
- ]
1801
- }
1802
- },
1803
- "arn:aws:iam::aws:policy/AmazonSESFullAccess": {
1804
- "VersionId": "v1",
1805
- "IsDefaultVersion": true,
1806
- "Document": {
1807
- "Version": "2012-10-17",
1808
- "Statement": [
1809
- {
1810
- "Effect": "Allow",
1811
- "Action": [
1812
- "ses:*"
1813
- ],
1814
- "Resource": "*"
1815
- }
1816
- ]
1817
- }
1818
- },
1819
- "arn:aws:iam::aws:policy/CloudWatchLogsReadOnlyAccess": {
1820
- "VersionId": "v1",
1821
- "IsDefaultVersion": true,
1822
- "Document": {
1823
- "Version": "2012-10-17",
1824
- "Statement": [
1825
- {
1826
- "Action": [
1827
- "logs:Describe*",
1828
- "logs:Get*",
1829
- "logs:TestMetricFilter"
1830
- ],
1831
- "Effect": "Allow",
1832
- "Resource": "*"
1833
- }
1834
- ]
1835
- }
1836
- },
1837
- "arn:aws:iam::aws:policy/AWSOpsWorksRegisterCLI": {
1838
- "VersionId": "v1",
1839
- "IsDefaultVersion": true,
1840
- "Document": {
1841
- "Version": "2012-10-17",
1842
- "Statement": [
1843
- {
1844
- "Effect": "Allow",
1845
- "Action": [
1846
- "opsworks:AssignInstance",
1847
- "opsworks:CreateStack",
1848
- "opsworks:CreateLayer",
1849
- "opsworks:DeregisterInstance",
1850
- "opsworks:DescribeInstances",
1851
- "opsworks:DescribeStackProvisioningParameters",
1852
- "opsworks:DescribeStacks",
1853
- "opsworks:UnassignInstance"
1854
- ],
1855
- "Resource": [
1856
- "*"
1857
- ]
1858
- },
1859
- {
1860
- "Effect": "Allow",
1861
- "Action": [
1862
- "ec2:DescribeInstances"
1863
- ],
1864
- "Resource": [
1865
- "*"
1866
- ]
1867
- },
1868
- {
1869
- "Effect": "Allow",
1870
- "Action": [
1871
- "iam:AddUserToGroup",
1872
- "iam:CreateAccessKey",
1873
- "iam:CreateGroup",
1874
- "iam:CreateUser",
1875
- "iam:ListInstanceProfiles",
1876
- "iam:PassRole",
1877
- "iam:PutUserPolicy"
1878
- ],
1879
- "Resource": [
1880
- "*"
1881
- ]
1882
- }
1883
- ]
1884
- }
1885
- },
1886
- "arn:aws:iam::aws:policy/AmazonDynamoDBFullAccesswithDataPipeline": {
1887
- "VersionId": "v1",
1888
- "IsDefaultVersion": true,
1889
- "Document": {
1890
- "Version": "2012-10-17",
1891
- "Statement": [
1892
- {
1893
- "Action": [
1894
- "cloudwatch:DeleteAlarms",
1895
- "cloudwatch:DescribeAlarmHistory",
1896
- "cloudwatch:DescribeAlarms",
1897
- "cloudwatch:DescribeAlarmsForMetric",
1898
- "cloudwatch:GetMetricStatistics",
1899
- "cloudwatch:ListMetrics",
1900
- "cloudwatch:PutMetricAlarm",
1901
- "dynamodb:*",
1902
- "sns:CreateTopic",
1903
- "sns:DeleteTopic",
1904
- "sns:ListSubscriptions",
1905
- "sns:ListSubscriptionsByTopic",
1906
- "sns:ListTopics",
1907
- "sns:Subscribe",
1908
- "sns:Unsubscribe"
1909
- ],
1910
- "Effect": "Allow",
1911
- "Resource": "*",
1912
- "Sid": "DDBConsole"
1913
- },
1914
- {
1915
- "Action": [
1916
- "datapipeline:*",
1917
- "iam:ListRoles"
1918
- ],
1919
- "Effect": "Allow",
1920
- "Resource": "*",
1921
- "Sid": "DDBConsoleImportExport"
1922
- },
1923
- {
1924
- "Effect": "Allow",
1925
- "Action": [
1926
- "iam:GetRolePolicy",
1927
- "iam:PassRole"
1928
- ],
1929
- "Resource": [
1930
- "*"
1931
- ],
1932
- "Sid": "IAMEDPRoles"
1933
- },
1934
- {
1935
- "Action": [
1936
- "ec2:CreateTags",
1937
- "ec2:DescribeInstances",
1938
- "ec2:RunInstances",
1939
- "ec2:StartInstances",
1940
- "ec2:StopInstances",
1941
- "ec2:TerminateInstances",
1942
- "elasticmapreduce:*",
1943
- "datapipeline:*"
1944
- ],
1945
- "Effect": "Allow",
1946
- "Resource": "*",
1947
- "Sid": "EMR"
1948
- },
1949
- {
1950
- "Action": [
1951
- "s3:DeleteObject",
1952
- "s3:Get*",
1953
- "s3:List*",
1954
- "s3:Put*"
1955
- ],
1956
- "Effect": "Allow",
1957
- "Resource": [
1958
- "*"
1959
- ],
1960
- "Sid": "S3"
1961
- }
1962
- ]
1963
- }
1964
- },
1965
- "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforDataPipelineRole": {
1966
- "VersionId": "v2",
1967
- "IsDefaultVersion": true,
1968
- "Document": {
1969
- "Version": "2012-10-17",
1970
- "Statement": [
1971
- {
1972
- "Effect": "Allow",
1973
- "Action": [
1974
- "cloudwatch:*",
1975
- "datapipeline:*",
1976
- "dynamodb:*",
1977
- "ec2:Describe*",
1978
- "elasticmapreduce:AddJobFlowSteps",
1979
- "elasticmapreduce:Describe*",
1980
- "elasticmapreduce:ListInstance*",
1981
- "rds:Describe*",
1982
- "redshift:DescribeClusters",
1983
- "redshift:DescribeClusterSecurityGroups",
1984
- "s3:*",
1985
- "sdb:*",
1986
- "sns:*",
1987
- "sqs:*"
1988
- ],
1989
- "Resource": [
1990
- "*"
1991
- ]
1992
- }
1993
- ]
1994
- }
1995
- },
1996
- "arn:aws:iam::aws:policy/CloudWatchLogsFullAccess": {
1997
- "VersionId": "v1",
1998
- "IsDefaultVersion": true,
1999
- "Document": {
2000
- "Version": "2012-10-17",
2001
- "Statement": [
2002
- {
2003
- "Action": [
2004
- "logs:*"
2005
- ],
2006
- "Effect": "Allow",
2007
- "Resource": "*"
2008
- }
2009
- ]
2010
- }
2011
- },
2012
- "arn:aws:iam::aws:policy/AmazonElasticTranscoderFullAccess": {
2013
- "VersionId": "v1",
2014
- "IsDefaultVersion": true,
2015
- "Document": {
2016
- "Version": "2012-10-17",
2017
- "Statement": [
2018
- {
2019
- "Action": [
2020
- "elastictranscoder:*",
2021
- "cloudfront:*",
2022
- "s3:List*",
2023
- "s3:Put*",
2024
- "s3:Get*",
2025
- "s3:*MultipartUpload*",
2026
- "iam:CreateRole",
2027
- "iam:GetRolePolicy",
2028
- "iam:PassRole",
2029
- "iam:PutRolePolicy",
2030
- "iam:List*",
2031
- "sns:CreateTopic",
2032
- "sns:List*"
2033
- ],
2034
- "Effect": "Allow",
2035
- "Resource": "*"
2036
- }
2037
- ]
2038
- }
2039
- },
2040
- "arn:aws:iam::aws:policy/AmazonMobileAnalyticsWriteOnlyAccess": {
2041
- "VersionId": "v1",
2042
- "IsDefaultVersion": true,
2043
- "Document": {
2044
- "Version": "2012-10-17",
2045
- "Statement": [
2046
- {
2047
- "Effect": "Allow",
2048
- "Action": "mobileanalytics:PutEvents",
2049
- "Resource": "*"
2050
- }
2051
- ]
2052
- }
2053
- },
2054
- "arn:aws:iam::aws:policy/AWSConnector": {
2055
- "VersionId": "v2",
2056
- "IsDefaultVersion": true,
2057
- "Document": {
2058
- "Version": "2012-10-17",
2059
- "Statement": [
2060
- {
2061
- "Effect": "Allow",
2062
- "Action": "iam:GetUser",
2063
- "Resource": "*"
2064
- },
2065
- {
2066
- "Effect": "Allow",
2067
- "Action": [
2068
- "s3:ListAllMyBuckets"
2069
- ],
2070
- "Resource": "*"
2071
- },
2072
- {
2073
- "Effect": "Allow",
2074
- "Action": [
2075
- "s3:CreateBucket",
2076
- "s3:DeleteBucket",
2077
- "s3:DeleteObject",
2078
- "s3:GetBucketLocation",
2079
- "s3:GetObject",
2080
- "s3:ListBucket",
2081
- "s3:PutObject",
2082
- "s3:PutObjectAcl"
2083
- ],
2084
- "Resource": "arn:aws:s3:::import-to-ec2-*"
2085
- },
2086
- {
2087
- "Effect": "Allow",
2088
- "Action": [
2089
- "ec2:CancelConversionTask",
2090
- "ec2:CancelExportTask",
2091
- "ec2:CreateImage",
2092
- "ec2:CreateInstanceExportTask",
2093
- "ec2:CreateTags",
2094
- "ec2:CreateVolume",
2095
- "ec2:DeleteTags",
2096
- "ec2:DeleteVolume",
2097
- "ec2:DescribeConversionTasks",
2098
- "ec2:DescribeExportTasks",
2099
- "ec2:DescribeImages",
2100
- "ec2:DescribeInstanceAttribute",
2101
- "ec2:DescribeInstanceStatus",
2102
- "ec2:DescribeInstances",
2103
- "ec2:DescribeRegions",
2104
- "ec2:DescribeTags",
2105
- "ec2:DetachVolume",
2106
- "ec2:ImportInstance",
2107
- "ec2:ImportVolume",
2108
- "ec2:ModifyInstanceAttribute",
2109
- "ec2:RunInstances",
2110
- "ec2:StartInstances",
2111
- "ec2:StopInstances",
2112
- "ec2:TerminateInstances"
2113
- ],
2114
- "Resource": "*"
2115
- },
2116
- {
2117
- "Effect": "Allow",
2118
- "Action": [
2119
- "SNS:Publish"
2120
- ],
2121
- "Resource": "arn:aws:sns:*:*:metrics-sns-topic-for-*"
2122
- }
2123
- ]
2124
- }
2125
- },
2126
- "arn:aws:iam::aws:policy/AmazonSSMFullAccess": {
2127
- "VersionId": "v1",
2128
- "IsDefaultVersion": true,
2129
- "Document": {
2130
- "Version": "2012-10-17",
2131
- "Statement": [
2132
- {
2133
- "Effect": "Allow",
2134
- "Action": [
2135
- "cloudwatch:PutMetricData",
2136
- "ds:CreateComputer",
2137
- "ds:DescribeDirectories",
2138
- "ec2:DescribeInstanceStatus",
2139
- "logs:*",
2140
- "ssm:*"
2141
- ],
2142
- "Resource": "*"
2143
- }
2144
- ]
2145
- }
2146
- },
2147
- "arn:aws:iam::aws:policy/AmazonEC2ContainerServiceFullAccess": {
2148
- "VersionId": "v1",
2149
- "IsDefaultVersion": true,
2150
- "Document": {
2151
- "Version": "2012-10-17",
2152
- "Statement": [
2153
- {
2154
- "Effect": "Allow",
2155
- "Action": [
2156
- "ec2:Describe*",
2157
- "elasticloadbalancing:*",
2158
- "ecs:*",
2159
- "iam:ListInstanceProfiles",
2160
- "iam:ListRoles",
2161
- "iam:PassRole"
2162
- ],
2163
- "Resource": "*"
2164
- }
2165
- ]
2166
- }
2167
- },
2168
- "arn:aws:iam::aws:policy/AmazonCognitoReadOnly": {
2169
- "VersionId": "v1",
2170
- "IsDefaultVersion": true,
2171
- "Document": {
2172
- "Version": "2012-10-17",
2173
- "Statement": [
2174
- {
2175
- "Effect": "Allow",
2176
- "Action": [
2177
- "cognito-identity:Describe*",
2178
- "cognito-identity:Get*",
2179
- "cognito-identity:List*",
2180
- "cognito-sync:Describe*",
2181
- "cognito-sync:Get*",
2182
- "cognito-sync:List*",
2183
- "iam:ListOpenIdConnectProviders",
2184
- "iam:ListRoles",
2185
- "sns:ListPlatformApplications"
2186
- ],
2187
- "Resource": "*"
2188
- }
2189
- ]
2190
- }
2191
- },
2192
- "arn:aws:iam::aws:policy/AmazonVPCFullAccess": {
2193
- "VersionId": "v3",
2194
- "IsDefaultVersion": true,
2195
- "Document": {
2196
- "Version": "2012-10-17",
2197
- "Statement": [
2198
- {
2199
- "Effect": "Allow",
2200
- "Action": [
2201
- "ec2:AcceptVpcPeeringConnection",
2202
- "ec2:AllocateAddress",
2203
- "ec2:AssociateAddress",
2204
- "ec2:AssociateDhcpOptions",
2205
- "ec2:AssociateRouteTable",
2206
- "ec2:AttachClassicLinkVpc",
2207
- "ec2:AttachInternetGateway",
2208
- "ec2:AttachVpnGateway",
2209
- "ec2:AuthorizeSecurityGroupEgress",
2210
- "ec2:AuthorizeSecurityGroupIngress",
2211
- "ec2:CreateCustomerGateway",
2212
- "ec2:CreateDhcpOptions",
2213
- "ec2:CreateInternetGateway",
2214
- "ec2:CreateNetworkAcl",
2215
- "ec2:CreateNetworkAclEntry",
2216
- "ec2:CreateRoute",
2217
- "ec2:CreateRouteTable",
2218
- "ec2:CreateSecurityGroup",
2219
- "ec2:CreateSubnet",
2220
- "ec2:CreateTags",
2221
- "ec2:CreateVpc",
2222
- "ec2:CreateVpcEndpoint",
2223
- "ec2:CreateVpcPeeringConnection",
2224
- "ec2:CreateVpnConnection",
2225
- "ec2:CreateVpnConnectionRoute",
2226
- "ec2:CreateVpnGateway",
2227
- "ec2:DeleteCustomerGateway",
2228
- "ec2:DeleteDhcpOptions",
2229
- "ec2:DeleteInternetGateway",
2230
- "ec2:DeleteNetworkAcl",
2231
- "ec2:DeleteNetworkAclEntry",
2232
- "ec2:DeleteRoute",
2233
- "ec2:DeleteRouteTable",
2234
- "ec2:DeleteSecurityGroup",
2235
- "ec2:DeleteSubnet",
2236
- "ec2:DeleteTags",
2237
- "ec2:DeleteVpc",
2238
- "ec2:DeleteVpcEndpoints",
2239
- "ec2:DeleteVpcPeeringConnection",
2240
- "ec2:DeleteVpnConnection",
2241
- "ec2:DeleteVpnGateway",
2242
- "ec2:DescribeAddresses",
2243
- "ec2:DescribeAvailabilityZones",
2244
- "ec2:DescribeCustomerGateways",
2245
- "ec2:DescribeDhcpOptions",
2246
- "ec2:DescribeInstances",
2247
- "ec2:DescribeInternetGateways",
2248
- "ec2:DescribeKeyPairs",
2249
- "ec2:DescribeNetworkAcls",
2250
- "ec2:DescribeNetworkInterfaces",
2251
- "ec2:DescribePrefixLists",
2252
- "ec2:DescribeRouteTables",
2253
- "ec2:DescribeSecurityGroups",
2254
- "ec2:DescribeSubnets",
2255
- "ec2:DescribeTags",
2256
- "ec2:DescribeVpcAttribute",
2257
- "ec2:DescribeVpcClassicLink",
2258
- "ec2:DescribeVpcEndpoints",
2259
- "ec2:DescribeVpcEndpointServices",
2260
- "ec2:DescribeVpcPeeringConnections",
2261
- "ec2:DescribeVpcs",
2262
- "ec2:DescribeVpnConnections",
2263
- "ec2:DescribeVpnGateways",
2264
- "ec2:DetachClassicLinkVpc",
2265
- "ec2:DetachInternetGateway",
2266
- "ec2:DetachVpnGateway",
2267
- "ec2:DisableVpcClassicLink",
2268
- "ec2:DisableVgwRoutePropagation",
2269
- "ec2:DisassociateAddress",
2270
- "ec2:DisassociateRouteTable",
2271
- "ec2:EnableVpcClassicLink",
2272
- "ec2:EnableVgwRoutePropagation",
2273
- "ec2:ModifySubnetAttribute",
2274
- "ec2:ModifyVpcAttribute",
2275
- "ec2:ModifyVpcEndpoint",
2276
- "ec2:RejectVpcPeeringConnection",
2277
- "ec2:ReleaseAddress",
2278
- "ec2:ReplaceNetworkAclAssociation",
2279
- "ec2:ReplaceNetworkAclEntry",
2280
- "ec2:ReplaceRouteTableAssociation",
2281
- "ec2:RevokeSecurityGroupEgress",
2282
- "ec2:RevokeSecurityGroupIngress"
2283
- ],
2284
- "Resource": "*"
2285
- }
2286
- ]
2287
- }
2288
- },
2289
- "arn:aws:iam::aws:policy/AWSImportExportFullAccess": {
2290
- "VersionId": "v1",
2291
- "IsDefaultVersion": true,
2292
- "Document": {
2293
- "Version": "2012-10-17",
2294
- "Statement": [
2295
- {
2296
- "Effect": "Allow",
2297
- "Action": [
2298
- "importexport:*"
2299
- ],
2300
- "Resource": "*"
2301
- }
2302
- ]
2303
- }
2304
- },
2305
- "arn:aws:iam::aws:policy/AmazonMachineLearningCreateOnlyAccess": {
2306
- "VersionId": "v1",
2307
- "IsDefaultVersion": true,
2308
- "Document": {
2309
- "Version": "2012-10-17",
2310
- "Statement": [
2311
- {
2312
- "Effect": "Allow",
2313
- "Action": [
2314
- "machinelearning:Create*",
2315
- "machinelearning:Delete*",
2316
- "machinelearning:Describe*",
2317
- "machinelearning:Get*"
2318
- ],
2319
- "Resource": "*"
2320
- }
2321
- ]
2322
- }
2323
- },
2324
- "arn:aws:iam::aws:policy/AWSCloudTrailReadOnlyAccess": {
2325
- "VersionId": "v2",
2326
- "IsDefaultVersion": true,
2327
- "Document": {
2328
- "Version": "2012-10-17",
2329
- "Statement": [
2330
- {
2331
- "Effect": "Allow",
2332
- "Action": [
2333
- "s3:GetObject"
2334
- ],
2335
- "Resource": "arn:aws:s3:::*"
2336
- },
2337
- {
2338
- "Effect": "Allow",
2339
- "Action": [
2340
- "cloudtrail:GetTrailStatus",
2341
- "cloudtrail:DescribeTrails",
2342
- "cloudtrail:LookupEvents",
2343
- "s3:ListAllMyBuckets"
2344
- ],
2345
- "Resource": "*"
2346
- }
2347
- ]
2348
- }
2349
- },
2350
- "arn:aws:iam::aws:policy/AWSLambdaExecute": {
2351
- "VersionId": "v1",
2352
- "IsDefaultVersion": true,
2353
- "Document": {
2354
- "Version": "2012-10-17",
2355
- "Statement": [
2356
- {
2357
- "Effect": "Allow",
2358
- "Action": [
2359
- "logs:*"
2360
- ],
2361
- "Resource": "arn:aws:logs:*:*:*"
2362
- },
2363
- {
2364
- "Effect": "Allow",
2365
- "Action": [
2366
- "s3:GetObject",
2367
- "s3:PutObject"
2368
- ],
2369
- "Resource": "arn:aws:s3:::*"
2370
- }
2371
- ]
2372
- }
2373
- },
2374
- "arn:aws:iam::aws:policy/AWSStorageGatewayFullAccess": {
2375
- "VersionId": "v1",
2376
- "IsDefaultVersion": true,
2377
- "Document": {
2378
- "Version": "2012-10-17",
2379
- "Statement": [
2380
- {
2381
- "Effect": "Allow",
2382
- "Action": [
2383
- "storagegateway:*"
2384
- ],
2385
- "Resource": "*"
2386
- },
2387
- {
2388
- "Effect": "Allow",
2389
- "Action": [
2390
- "ec2:DescribeSnapshots",
2391
- "ec2:DeleteSnapshot"
2392
- ],
2393
- "Resource": "*"
2394
- }
2395
- ]
2396
- }
2397
- },
2398
- "arn:aws:iam::aws:policy/AmazonElasticTranscoderReadOnlyAccess": {
2399
- "VersionId": "v1",
2400
- "IsDefaultVersion": true,
2401
- "Document": {
2402
- "Version": "2012-10-17",
2403
- "Statement": [
2404
- {
2405
- "Action": [
2406
- "elastictranscoder:Read*",
2407
- "elastictranscoder:List*",
2408
- "s3:List*",
2409
- "iam:List*",
2410
- "sns:List*"
2411
- ],
2412
- "Effect": "Allow",
2413
- "Resource": "*"
2414
- }
2415
- ]
2416
- }
2417
- },
2418
- "arn:aws:iam::aws:policy/AmazonWorkMailReadOnlyAccess": {
2419
- "VersionId": "v1",
2420
- "IsDefaultVersion": true,
2421
- "Document": {
2422
- "Version": "2012-10-17",
2423
- "Statement": [
2424
- {
2425
- "Effect": "Allow",
2426
- "Action": [
2427
- "ses:Describe*",
2428
- "ses:Get*",
2429
- "workmail:Describe*",
2430
- "workmail:Get*",
2431
- "workmail:List*",
2432
- "workmail:Search*"
2433
- ],
2434
- "Resource": "*"
2435
- }
2436
- ]
2437
- }
2438
- },
2439
- "arn:aws:iam::aws:policy/service-role/AWSLambdaKinesisExecutionRole": {
2440
- "VersionId": "v1",
2441
- "IsDefaultVersion": true,
2442
- "Document": {
2443
- "Version": "2012-10-17",
2444
- "Statement": [
2445
- {
2446
- "Effect": "Allow",
2447
- "Action": [
2448
- "kinesis:DescribeStream",
2449
- "kinesis:GetRecords",
2450
- "kinesis:GetShardIterator",
2451
- "kinesis:ListStreams",
2452
- "logs:CreateLogGroup",
2453
- "logs:CreateLogStream",
2454
- "logs:PutLogEvents"
2455
- ],
2456
- "Resource": "*"
2457
- }
2458
- ]
2459
- }
2460
- },
2461
- "arn:aws:iam::aws:policy/ResourceGroupsandTagEditorReadOnlyAccess": {
2462
- "VersionId": "v1",
2463
- "IsDefaultVersion": true,
2464
- "Document": {
2465
- "Version": "2012-10-17",
2466
- "Statement": [
2467
- {
2468
- "Effect": "Allow",
2469
- "Action": [
2470
- "tag:getResources",
2471
- "tag:getTagKeys",
2472
- "tag:getTagValues"
2473
- ],
2474
- "Resource": "*"
2475
- }
2476
- ]
2477
- }
2478
- },
2479
- "arn:aws:iam::aws:policy/AmazonMachineLearningManageRealTimeEndpointOnlyAccess": {
2480
- "VersionId": "v1",
2481
- "IsDefaultVersion": true,
2482
- "Document": {
2483
- "Version": "2012-10-17",
2484
- "Statement": [
2485
- {
2486
- "Effect": "Allow",
2487
- "Action": [
2488
- "machinelearning:CreateRealtimeEndpoint",
2489
- "machinelearning:DeleteRealtimeEndpoint"
2490
- ],
2491
- "Resource": "*"
2492
- }
2493
- ]
2494
- }
2495
- },
2496
- "arn:aws:iam::aws:policy/CloudFrontReadOnlyAccess": {
2497
- "VersionId": "v2",
2498
- "IsDefaultVersion": true,
2499
- "Document": {
2500
- "Version": "2012-10-17",
2501
- "Statement": [
2502
- {
2503
- "Action": [
2504
- "cloudfront:Get*",
2505
- "cloudfront:List*",
2506
- "iam:ListServerCertificates",
2507
- "route53:List*"
2508
- ],
2509
- "Effect": "Allow",
2510
- "Resource": "*"
2511
- }
2512
- ]
2513
- }
2514
- },
2515
- "arn:aws:iam::aws:policy/service-role/AmazonSNSRole": {
2516
- "VersionId": "v1",
2517
- "IsDefaultVersion": true,
2518
- "Document": {
2519
- "Version": "2012-10-17",
2520
- "Statement": [
2521
- {
2522
- "Effect": "Allow",
2523
- "Action": [
2524
- "logs:CreateLogGroup",
2525
- "logs:CreateLogStream",
2526
- "logs:PutLogEvents",
2527
- "logs:PutMetricFilter",
2528
- "logs:PutRetentionPolicy"
2529
- ],
2530
- "Resource": [
2531
- "*"
2532
- ]
2533
- }
2534
- ]
2535
- }
2536
- },
2537
- "arn:aws:iam::aws:policy/AmazonMobileAnalyticsFinancialReportAccess": {
2538
- "VersionId": "v1",
2539
- "IsDefaultVersion": true,
2540
- "Document": {
2541
- "Version": "2012-10-17",
2542
- "Statement": [
2543
- {
2544
- "Effect": "Allow",
2545
- "Action": [
2546
- "mobileanalytics:GetReports",
2547
- "mobileanalytics:GetFinancialReports"
2548
- ],
2549
- "Resource": "*"
2550
- }
2551
- ]
2552
- }
2553
- },
2554
- "arn:aws:iam::aws:policy/IAMReadOnlyAccess": {
2555
- "VersionId": "v2",
2556
- "IsDefaultVersion": true,
2557
- "Document": {
2558
- "Version": "2012-10-17",
2559
- "Statement": [
2560
- {
2561
- "Effect": "Allow",
2562
- "Action": [
2563
- "iam:GenerateCredentialReport",
2564
- "iam:GenerateServiceLastAccessedDetails",
2565
- "iam:Get*",
2566
- "iam:List*"
2567
- ],
2568
- "Resource": "*"
2569
- }
2570
- ]
2571
- }
2572
- },
2573
- "arn:aws:iam::aws:policy/AmazonRDSReadOnlyAccess": {
2574
- "VersionId": "v1",
2575
- "IsDefaultVersion": true,
2576
- "Document": {
2577
- "Version": "2012-10-17",
2578
- "Statement": [
2579
- {
2580
- "Action": [
2581
- "rds:Describe*",
2582
- "rds:ListTagsForResource",
2583
- "ec2:DescribeAccountAttributes",
2584
- "ec2:DescribeAvailabilityZones",
2585
- "ec2:DescribeSecurityGroups",
2586
- "ec2:DescribeVpcs"
2587
- ],
2588
- "Effect": "Allow",
2589
- "Resource": "*"
2590
- },
2591
- {
2592
- "Action": [
2593
- "cloudwatch:GetMetricStatistics"
2594
- ],
2595
- "Effect": "Allow",
2596
- "Resource": "*"
2597
- }
2598
- ]
2599
- }
2600
- },
2601
- "arn:aws:iam::aws:policy/AmazonCognitoPowerUser": {
2602
- "VersionId": "v1",
2603
- "IsDefaultVersion": true,
2604
- "Document": {
2605
- "Version": "2012-10-17",
2606
- "Statement": [
2607
- {
2608
- "Effect": "Allow",
2609
- "Action": [
2610
- "cognito-identity:*",
2611
- "cognito-sync:*",
2612
- "iam:ListRoles",
2613
- "iam:ListOpenIdConnectProviders",
2614
- "sns:ListPlatformApplications"
2615
- ],
2616
- "Resource": "*"
2617
- }
2618
- ]
2619
- }
2620
- },
2621
- "arn:aws:iam::aws:policy/AmazonElasticFileSystemFullAccess": {
2622
- "VersionId": "v1",
2623
- "IsDefaultVersion": true,
2624
- "Document": {
2625
- "Version": "2012-10-17",
2626
- "Statement": [
2627
- {
2628
- "Action": [
2629
- "ec2:CreateNetworkInterface",
2630
- "ec2:DeleteNetworkInterface",
2631
- "ec2:DescribeAvailabilityZones",
2632
- "ec2:DescribeNetworkInterfaceAttribute",
2633
- "ec2:DescribeNetworkInterfaces",
2634
- "ec2:DescribeSecurityGroups",
2635
- "ec2:DescribeSubnets",
2636
- "ec2:DescribeVpcs",
2637
- "ec2:ModifyNetworkInterfaceAttribute",
2638
- "elasticfilesystem:*"
2639
- ],
2640
- "Effect": "Allow",
2641
- "Resource": "*"
2642
- }
2643
- ]
2644
- }
2645
- },
2646
- "arn:aws:iam::aws:policy/AmazonZocaloFullAccess": {
2647
- "VersionId": "v1",
2648
- "IsDefaultVersion": true,
2649
- "Document": {
2650
- "Version": "2012-10-17",
2651
- "Statement": [
2652
- {
2653
- "Effect": "Allow",
2654
- "Action": [
2655
- "zocalo:*",
2656
- "ds:*",
2657
- "ec2:AuthorizeSecurityGroupEgress",
2658
- "ec2:AuthorizeSecurityGroupIngress",
2659
- "ec2:CreateNetworkInterface",
2660
- "ec2:CreateSecurityGroup",
2661
- "ec2:CreateSubnet",
2662
- "ec2:CreateTags",
2663
- "ec2:CreateVpc",
2664
- "ec2:DescribeAvailabilityZones",
2665
- "ec2:DescribeNetworkInterfaces",
2666
- "ec2:DescribeSubnets",
2667
- "ec2:DescribeVpcs",
2668
- "ec2:DeleteNetworkInterface",
2669
- "ec2:DeleteSecurityGroup",
2670
- "ec2:RevokeSecurityGroupEgress",
2671
- "ec2:RevokeSecurityGroupIngress"
2672
- ],
2673
- "Resource": "*"
2674
- }
2675
- ]
2676
- }
2677
- },
2678
- "arn:aws:iam::aws:policy/AWSLambdaReadOnlyAccess": {
2679
- "VersionId": "v2",
2680
- "IsDefaultVersion": true,
2681
- "Document": {
2682
- "Version": "2012-10-17",
2683
- "Statement": [
2684
- {
2685
- "Effect": "Allow",
2686
- "Action": [
2687
- "cloudwatch:Describe*",
2688
- "cloudwatch:Get*",
2689
- "cloudwatch:List*",
2690
- "cognito-identity:ListIdentityPools",
2691
- "cognito-sync:GetCognitoEvents",
2692
- "dynamodb:BatchGetItem",
2693
- "dynamodb:DescribeStream",
2694
- "dynamodb:DescribeTable",
2695
- "dynamodb:GetItem",
2696
- "dynamodb:ListStreams",
2697
- "dynamodb:ListTables",
2698
- "dynamodb:Query",
2699
- "dynamodb:Scan",
2700
- "iam:ListRoles",
2701
- "kinesis:DescribeStream",
2702
- "kinesis:ListStreams",
2703
- "lambda:List*",
2704
- "lambda:Get*",
2705
- "logs:DescribeMetricFilters",
2706
- "logs:GetLogEvents",
2707
- "logs:DescribeLogGroups",
2708
- "logs:DescribeLogStreams",
2709
- "s3:Get*",
2710
- "s3:List*",
2711
- "sns:ListTopics",
2712
- "sns:ListSubscriptions",
2713
- "sns:ListSubscriptionsByTopic"
2714
- ],
2715
- "Resource": "*"
2716
- }
2717
- ]
2718
- }
2719
- },
2720
- "arn:aws:iam::aws:policy/AWSAccountUsageReportAccess": {
2721
- "VersionId": "v1",
2722
- "IsDefaultVersion": true,
2723
- "Document": {
2724
- "Version": "2012-10-17",
2725
- "Statement": [
2726
- {
2727
- "Effect": "Allow",
2728
- "Action": [
2729
- "aws-portal:ViewUsage"
2730
- ],
2731
- "Resource": "*"
2732
- }
2733
- ]
2734
- }
2735
- },
2736
- "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role": {
2737
- "VersionId": "v1",
2738
- "IsDefaultVersion": true,
2739
- "Document": {
2740
- "Version": "2012-10-17",
2741
- "Statement": [
2742
- {
2743
- "Effect": "Allow",
2744
- "Action": [
2745
- "ecs:CreateCluster",
2746
- "ecs:DeregisterContainerInstance",
2747
- "ecs:DiscoverPollEndpoint",
2748
- "ecs:Poll",
2749
- "ecs:RegisterContainerInstance",
2750
- "ecs:Submit*"
2751
- ],
2752
- "Resource": "*"
2753
- }
2754
- ]
2755
- }
2756
- },
2757
- "arn:aws:iam::aws:policy/AmazonAppStreamFullAccess": {
2758
- "VersionId": "v1",
2759
- "IsDefaultVersion": true,
2760
- "Document": {
2761
- "Version": "2012-10-17",
2762
- "Statement": [
2763
- {
2764
- "Action": [
2765
- "appstream:*"
2766
- ],
2767
- "Effect": "Allow",
2768
- "Resource": "*"
2769
- }
2770
- ]
2771
- }
2772
- },
2773
- "arn:aws:iam::aws:policy/CloudWatchReadOnlyAccess": {
2774
- "VersionId": "v1",
2775
- "IsDefaultVersion": true,
2776
- "Document": {
2777
- "Version": "2012-10-17",
2778
- "Statement": [
2779
- {
2780
- "Action": [
2781
- "autoscaling:Describe*",
2782
- "cloudwatch:Describe*",
2783
- "cloudwatch:Get*",
2784
- "cloudwatch:List*",
2785
- "logs:Get*",
2786
- "logs:Describe*",
2787
- "logs:TestMetricFilter",
2788
- "sns:Get*",
2789
- "sns:List*"
2790
- ],
2791
- "Effect": "Allow",
2792
- "Resource": "*"
2793
- }
2794
- ]
2795
- }
2796
- },
2797
- "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole": {
2798
- "VersionId": "v1",
2799
- "IsDefaultVersion": true,
2800
- "Document": {
2801
- "Version": "2012-10-17",
2802
- "Statement": [
2803
- {
2804
- "Effect": "Allow",
2805
- "Action": [
2806
- "logs:CreateLogGroup",
2807
- "logs:CreateLogStream",
2808
- "logs:PutLogEvents"
2809
- ],
2810
- "Resource": "*"
2811
- }
2812
- ]
2813
- }
2814
- },
2815
- "arn:aws:iam::aws:policy/ResourceGroupsandTagEditorFullAccess": {
2816
- "VersionId": "v1",
2817
- "IsDefaultVersion": true,
2818
- "Document": {
2819
- "Version": "2012-10-17",
2820
- "Statement": [
2821
- {
2822
- "Effect": "Allow",
2823
- "Action": [
2824
- "tag:getResources",
2825
- "tag:getTagKeys",
2826
- "tag:getTagValues",
2827
- "tag:addResourceTags",
2828
- "tag:removeResourceTags"
2829
- ],
2830
- "Resource": "*"
2831
- }
2832
- ]
2833
- }
2834
- },
2835
- "arn:aws:iam::aws:policy/AWSKeyManagementServicePowerUser": {
2836
- "VersionId": "v1",
2837
- "IsDefaultVersion": true,
2838
- "Document": {
2839
- "Version": "2012-10-17",
2840
- "Statement": [
2841
- {
2842
- "Effect": "Allow",
2843
- "Action": [
2844
- "kms:CreateAlias",
2845
- "kms:CreateKey",
2846
- "kms:DeleteAlias",
2847
- "kms:Describe*",
2848
- "kms:GenerateRandom",
2849
- "kms:Get*",
2850
- "kms:List*",
2851
- "iam:ListGroups",
2852
- "iam:ListRoles",
2853
- "iam:ListUsers"
2854
- ],
2855
- "Resource": "*"
2856
- }
2857
- ]
2858
- }
2859
- },
2860
- "arn:aws:iam::aws:policy/AWSImportExportReadOnlyAccess": {
2861
- "VersionId": "v1",
2862
- "IsDefaultVersion": true,
2863
- "Document": {
2864
- "Version": "2012-10-17",
2865
- "Statement": [
2866
- {
2867
- "Effect": "Allow",
2868
- "Action": [
2869
- "importexport:ListJobs",
2870
- "importexport:GetStatus"
2871
- ],
2872
- "Resource": "*"
2873
- }
2874
- ]
2875
- }
2876
- },
2877
- "arn:aws:iam::aws:policy/service-role/AmazonElasticTranscoderRole": {
2878
- "VersionId": "v1",
2879
- "IsDefaultVersion": true,
2880
- "Document": {
2881
- "Version": "2012-10-17",
2882
- "Statement": [
2883
- {
2884
- "Sid": "1",
2885
- "Effect": "Allow",
2886
- "Action": [
2887
- "s3:ListBucket",
2888
- "s3:Put*",
2889
- "s3:Get*",
2890
- "s3:*MultipartUpload*"
2891
- ],
2892
- "Resource": [
2893
- "*"
2894
- ]
2895
- },
2896
- {
2897
- "Sid": "2",
2898
- "Effect": "Allow",
2899
- "Action": [
2900
- "sns:Publish"
2901
- ],
2902
- "Resource": [
2903
- "*"
2904
- ]
2905
- },
2906
- {
2907
- "Sid": "3",
2908
- "Effect": "Deny",
2909
- "Action": [
2910
- "s3:*Policy*",
2911
- "sns:*Permission*",
2912
- "sns:*Delete*",
2913
- "s3:*Delete*",
2914
- "sns:*Remove*"
2915
- ],
2916
- "Resource": [
2917
- "*"
2918
- ]
2919
- }
2920
- ]
2921
- }
2922
- },
2923
- "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceRole": {
2924
- "VersionId": "v1",
2925
- "IsDefaultVersion": true,
2926
- "Document": {
2927
- "Version": "2012-10-17",
2928
- "Statement": [
2929
- {
2930
- "Effect": "Allow",
2931
- "Action": [
2932
- "ec2:AuthorizeSecurityGroupIngress",
2933
- "ec2:Describe*",
2934
- "elasticloadbalancing:DeregisterInstancesFromLoadBalancer",
2935
- "elasticloadbalancing:Describe*",
2936
- "elasticloadbalancing:RegisterInstancesWithLoadBalancer"
2937
- ],
2938
- "Resource": "*"
2939
- }
2940
- ]
2941
- }
2942
- },
2943
- "arn:aws:iam::aws:policy/AmazonSSMReadOnlyAccess": {
2944
- "VersionId": "v1",
2945
- "IsDefaultVersion": true,
2946
- "Document": {
2947
- "Version": "2012-10-17",
2948
- "Statement": [
2949
- {
2950
- "Effect": "Allow",
2951
- "Action": [
2952
- "ssm:Describe*",
2953
- "ssm:Get*",
2954
- "ssm:List*"
2955
- ],
2956
- "Resource": "*"
2957
- }
2958
- ]
2959
- }
2960
- },
2961
- "arn:aws:iam::aws:policy/AWSMarketplaceRead-only": {
2962
- "VersionId": "v1",
2963
- "IsDefaultVersion": true,
2964
- "Document": {
2965
- "Version": "2012-10-17",
2966
- "Statement": [
2967
- {
2968
- "Action": [
2969
- "aws-marketplace:ViewSubscriptions",
2970
- "ec2:DescribeAccountAttributes",
2971
- "ec2:DescribeAddresses",
2972
- "ec2:DescribeImages",
2973
- "ec2:DescribeInstances",
2974
- "ec2:DescribeKeyPairs",
2975
- "ec2:DescribeSecurityGroups",
2976
- "ec2:DescribeSubnets",
2977
- "ec2:DescribeVpcs"
2978
- ],
2979
- "Effect": "Allow",
2980
- "Resource": "*"
2981
- }
2982
- ]
2983
- }
2984
- },
2985
- "arn:aws:iam::aws:policy/AmazonWorkSpacesApplicationManagerAdminAccess": {
2986
- "VersionId": "v1",
2987
- "IsDefaultVersion": true,
2988
- "Document": {
2989
- "Version": "2012-10-17",
2990
- "Statement": [
2991
- {
2992
- "Effect": "Allow",
2993
- "Action": "wam:AuthenticatePackager",
2994
- "Resource": "*"
2995
- }
2996
- ]
2997
- }
2998
- },
2999
- "arn:aws:iam::aws:policy/AWSDirectConnectFullAccess": {
3000
- "VersionId": "v1",
3001
- "IsDefaultVersion": true,
3002
- "Document": {
3003
- "Version": "2012-10-17",
3004
- "Statement": [
3005
- {
3006
- "Effect": "Allow",
3007
- "Action": [
3008
- "directconnect:*"
3009
- ],
3010
- "Resource": "*"
3011
- }
3012
- ]
3013
- }
3014
- },
3015
- "arn:aws:iam::aws:policy/AWSAccountActivityAccess": {
3016
- "VersionId": "v1",
3017
- "IsDefaultVersion": true,
3018
- "Document": {
3019
- "Version": "2012-10-17",
3020
- "Statement": [
3021
- {
3022
- "Effect": "Allow",
3023
- "Action": [
3024
- "aws-portal:ViewBilling"
3025
- ],
3026
- "Resource": "*"
3027
- }
3028
- ]
3029
- }
3030
- },
3031
- "arn:aws:iam::aws:policy/AmazonGlacierFullAccess": {
3032
- "VersionId": "v1",
3033
- "IsDefaultVersion": true,
3034
- "Document": {
3035
- "Version": "2012-10-17",
3036
- "Statement": [
3037
- {
3038
- "Action": "glacier:*",
3039
- "Effect": "Allow",
3040
- "Resource": "*"
3041
- }
3042
- ]
3043
- }
3044
- },
3045
- "arn:aws:iam::aws:policy/AmazonWorkMailFullAccess": {
3046
- "VersionId": "v2",
3047
- "IsDefaultVersion": true,
3048
- "Document": {
3049
- "Version": "2012-10-17",
3050
- "Statement": [
3051
- {
3052
- "Effect": "Allow",
3053
- "Action": [
3054
- "ds:AuthorizeApplication",
3055
- "ds:CheckAlias",
3056
- "ds:CreateAlias",
3057
- "ds:CreateDirectory",
3058
- "ds:CreateDomain",
3059
- "ds:DeleteAlias",
3060
- "ds:DeleteDirectory",
3061
- "ds:DescribeDirectories",
3062
- "ds:ExtendDirectory",
3063
- "ds:GetDirectoryLimits",
3064
- "ds:ListAuthorizedApplications",
3065
- "ds:UnauthorizeApplication",
3066
- "ec2:AuthorizeSecurityGroupEgress",
3067
- "ec2:AuthorizeSecurityGroupIngress",
3068
- "ec2:CreateNetworkInterface",
3069
- "ec2:CreateSecurityGroup",
3070
- "ec2:CreateSubnet",
3071
- "ec2:CreateTags",
3072
- "ec2:CreateVpc",
3073
- "ec2:DeleteSecurityGroup",
3074
- "ec2:DeleteSubnet",
3075
- "ec2:DeleteVpc",
3076
- "ec2:DescribeAvailabilityZones",
3077
- "ec2:DescribeDomains",
3078
- "ec2:DescribeRouteTables",
3079
- "ec2:DescribeSubnets",
3080
- "ec2:DescribeVpcs",
3081
- "ec2:RevokeSecurityGroupEgress",
3082
- "ec2:RevokeSecurityGroupIngress",
3083
- "kms:DescribeKey",
3084
- "kms:ListAliases",
3085
- "ses:*",
3086
- "workmail:*"
3087
- ],
3088
- "Resource": "*"
3089
- }
3090
- ]
3091
- }
3092
- },
3093
- "arn:aws:iam::aws:policy/AWSMarketplaceManageSubscriptions": {
3094
- "VersionId": "v1",
3095
- "IsDefaultVersion": true,
3096
- "Document": {
3097
- "Version": "2012-10-17",
3098
- "Statement": [
3099
- {
3100
- "Action": [
3101
- "aws-marketplace:ViewSubscriptions",
3102
- "aws-marketplace:Subscribe",
3103
- "aws-marketplace:Unsubscribe"
3104
- ],
3105
- "Effect": "Allow",
3106
- "Resource": "*"
3107
- }
3108
- ]
3109
- }
3110
- },
3111
- "arn:aws:iam::aws:policy/AWSSupportAccess": {
3112
- "VersionId": "v1",
3113
- "IsDefaultVersion": true,
3114
- "Document": {
3115
- "Version": "2012-10-17",
3116
- "Statement": [
3117
- {
3118
- "Effect": "Allow",
3119
- "Action": [
3120
- "support:*"
3121
- ],
3122
- "Resource": "*"
3123
- }
3124
- ]
3125
- }
3126
- },
3127
- "arn:aws:iam::aws:policy/AWSLambdaInvocation-DynamoDB": {
3128
- "VersionId": "v1",
3129
- "IsDefaultVersion": true,
3130
- "Document": {
3131
- "Version": "2012-10-17",
3132
- "Statement": [
3133
- {
3134
- "Effect": "Allow",
3135
- "Action": [
3136
- "lambda:InvokeFunction"
3137
- ],
3138
- "Resource": "*"
3139
- },
3140
- {
3141
- "Effect": "Allow",
3142
- "Action": [
3143
- "dynamodb:DescribeStream",
3144
- "dynamodb:GetRecords",
3145
- "dynamodb:GetShardIterator",
3146
- "dynamodb:ListStreams"
3147
- ],
3148
- "Resource": "*"
3149
- }
3150
- ]
3151
- }
3152
- },
3153
- "arn:aws:iam::aws:policy/AWSCodeDeployDeployerAccess": {
3154
- "VersionId": "v1",
3155
- "IsDefaultVersion": true,
3156
- "Document": {
3157
- "Version": "2012-10-17",
3158
- "Statement": [
3159
- {
3160
- "Action": [
3161
- "codedeploy:Batch*",
3162
- "codedeploy:CreateDeployment",
3163
- "codedeploy:Get*",
3164
- "codedeploy:List*",
3165
- "codedeploy:RegisterApplicationRevision"
3166
- ],
3167
- "Effect": "Allow",
3168
- "Resource": "*"
3169
- }
3170
- ]
3171
- }
3172
- },
3173
- "arn:aws:iam::aws:policy/AWSDataPipelinePowerUser": {
3174
- "VersionId": "v1",
3175
- "IsDefaultVersion": true,
3176
- "Document": {
3177
- "Version": "2012-10-17",
3178
- "Statement": [
3179
- {
3180
- "Action": [
3181
- "s3:List*",
3182
- "dynamodb:DescribeTable",
3183
- "rds:DescribeDBInstances",
3184
- "rds:DescribeDBSecurityGroups",
3185
- "redshift:DescribeClusters",
3186
- "redshift:DescribeClusterSecurityGroups",
3187
- "sns:ListTopics",
3188
- "iam:PassRole",
3189
- "iam:ListRoles",
3190
- "iam:PutRolePolicy",
3191
- "iam:GetRolePolicy",
3192
- "iam:GetInstanceProfiles",
3193
- "iam:ListInstanceProfiles",
3194
- "iam:CreateInstanceProfile",
3195
- "iam:AddRoleToInstanceProfile",
3196
- "datapipeline:*",
3197
- "cloudwatch:*"
3198
- ],
3199
- "Effect": "Allow",
3200
- "Resource": [
3201
- "*"
3202
- ]
3203
- }
3204
- ]
3205
- }
3206
- },
3207
- "arn:aws:iam::aws:policy/AmazonSNSFullAccess": {
3208
- "VersionId": "v1",
3209
- "IsDefaultVersion": true,
3210
- "Document": {
3211
- "Version": "2012-10-17",
3212
- "Statement": [
3213
- {
3214
- "Action": [
3215
- "sns:*"
3216
- ],
3217
- "Effect": "Allow",
3218
- "Resource": "*"
3219
- }
3220
- ]
3221
- }
3222
- },
3223
- "arn:aws:iam::aws:policy/CloudSearchReadOnlyAccess": {
3224
- "VersionId": "v1",
3225
- "IsDefaultVersion": true,
3226
- "Document": {
3227
- "Version": "2012-10-17",
3228
- "Statement": [
3229
- {
3230
- "Action": [
3231
- "cloudsearch:Describe*",
3232
- "cloudsearch:List*"
3233
- ],
3234
- "Effect": "Allow",
3235
- "Resource": "*"
3236
- }
3237
- ]
3238
- }
3239
- },
3240
- "arn:aws:iam::aws:policy/AWSCloudFormationReadOnlyAccess": {
3241
- "VersionId": "v1",
3242
- "IsDefaultVersion": true,
3243
- "Document": {
3244
- "Version": "2012-10-17",
3245
- "Statement": [
3246
- {
3247
- "Effect": "Allow",
3248
- "Action": [
3249
- "cloudformation:DescribeStacks",
3250
- "cloudformation:DescribeStackEvents",
3251
- "cloudformation:DescribeStackResource",
3252
- "cloudformation:DescribeStackResources",
3253
- "cloudformation:GetTemplate",
3254
- "cloudformation:List*"
3255
- ],
3256
- "Resource": "*"
3257
- }
3258
- ]
3259
- }
3260
- },
3261
- "arn:aws:iam::aws:policy/AmazonRoute53FullAccess": {
3262
- "VersionId": "v1",
3263
- "IsDefaultVersion": true,
3264
- "Document": {
3265
- "Version": "2012-10-17",
3266
- "Statement": [
3267
- {
3268
- "Effect": "Allow",
3269
- "Action": [
3270
- "route53:*"
3271
- ],
3272
- "Resource": [
3273
- "*"
3274
- ]
3275
- },
3276
- {
3277
- "Effect": "Allow",
3278
- "Action": [
3279
- "elasticloadbalancing:DescribeLoadBalancers"
3280
- ],
3281
- "Resource": [
3282
- "*"
3283
- ]
3284
- }
3285
- ]
3286
- }
3287
- },
3288
- "arn:aws:iam::aws:policy/service-role/AWSLambdaRole": {
3289
- "VersionId": "v1",
3290
- "IsDefaultVersion": true,
3291
- "Document": {
3292
- "Version": "2012-10-17",
3293
- "Statement": [
3294
- {
3295
- "Effect": "Allow",
3296
- "Action": [
3297
- "lambda:InvokeFunction"
3298
- ],
3299
- "Resource": [
3300
- "*"
3301
- ]
3302
- }
3303
- ]
3304
- }
3305
- },
3306
- "arn:aws:iam::aws:policy/AmazonAppStreamReadOnlyAccess": {
3307
- "VersionId": "v1",
3308
- "IsDefaultVersion": true,
3309
- "Document": {
3310
- "Version": "2012-10-17",
3311
- "Statement": [
3312
- {
3313
- "Action": [
3314
- "appstream:Get*"
3315
- ],
3316
- "Effect": "Allow",
3317
- "Resource": "*"
3318
- }
3319
- ]
3320
- }
3321
- },
3322
- "arn:aws:iam::aws:policy/PowerUserAccess": {
3323
- "VersionId": "v1",
3324
- "IsDefaultVersion": true,
3325
- "Document": {
3326
- "Version": "2012-10-17",
3327
- "Statement": [
3328
- {
3329
- "Effect": "Allow",
3330
- "NotAction": "iam:*",
3331
- "Resource": "*"
3332
- }
3333
- ]
3334
- }
3335
- },
3336
- "arn:aws:iam::aws:policy/AWSDataPipelineFullAccess": {
3337
- "VersionId": "v1",
3338
- "IsDefaultVersion": true,
3339
- "Document": {
3340
- "Version": "2012-10-17",
3341
- "Statement": [
3342
- {
3343
- "Action": [
3344
- "s3:List*",
3345
- "dynamodb:DescribeTable",
3346
- "rds:DescribeDBInstances",
3347
- "rds:DescribeDBSecurityGroups",
3348
- "redshift:DescribeClusters",
3349
- "redshift:DescribeClusterSecurityGroups",
3350
- "sns:CreateTopic",
3351
- "sns:ListTopics",
3352
- "sns:Subscribe",
3353
- "iam:PassRole",
3354
- "iam:ListRoles",
3355
- "iam:CreateRole",
3356
- "iam:PutRolePolicy",
3357
- "iam:GetRolePolicy",
3358
- "iam:GetInstanceProfiles",
3359
- "iam:ListInstanceProfiles",
3360
- "iam:CreateInstanceProfile",
3361
- "iam:AddRoleToInstanceProfile",
3362
- "datapipeline:*",
3363
- "cloudwatch:*"
3364
- ],
3365
- "Effect": "Allow",
3366
- "Resource": [
3367
- "*"
3368
- ]
3369
- }
3370
- ]
3371
- }
3372
- }
3373
- }