RubyGems - fog-aws - Versions diffs - 3.12.0 → 3.13.0 - Mend

fog-aws 3.12.0 → 3.13.0

Files changed (273) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +29 -3
data/fog-aws.gemspec +3 -4
data/lib/fog/aws/iam/default_policies.json +1574 -0
data/lib/fog/aws/iam/default_policy_versions.json +3373 -0
data/lib/fog/aws/models/storage/file.rb +8 -7
data/lib/fog/aws/requests/compute/create_network_interface.rb +7 -4
data/lib/fog/aws/requests/compute/create_subnet.rb +3 -3
data/lib/fog/aws/version.rb +1 -1
metadata +5 -280
data/tests/credentials_tests.rb +0 -190
data/tests/helper.rb +0 -29
data/tests/helpers/collection_helper.rb +0 -90
data/tests/helpers/compute/flavors_helper.rb +0 -28
data/tests/helpers/compute/server_helper.rb +0 -23
data/tests/helpers/compute/servers_helper.rb +0 -8
data/tests/helpers/dns_helper.rb +0 -56
data/tests/helpers/formats_helper.rb +0 -100
data/tests/helpers/formats_helper_tests.rb +0 -107
data/tests/helpers/mock_helper.rb +0 -109
data/tests/helpers/model_helper.rb +0 -30
data/tests/helpers/responds_to_helper.rb +0 -11
data/tests/helpers/schema_validator_tests.rb +0 -104
data/tests/helpers/succeeds_helper.rb +0 -9
data/tests/lorem.txt +0 -1
data/tests/models/auto_scaling/activities_tests.rb +0 -6
data/tests/models/auto_scaling/configuration_test.rb +0 -13
data/tests/models/auto_scaling/configurations_tests.rb +0 -11
data/tests/models/auto_scaling/groups_test.rb +0 -27
data/tests/models/auto_scaling/helper.rb +0 -0
data/tests/models/auto_scaling/instance_tests.rb +0 -15
data/tests/models/auto_scaling/instances_tests.rb +0 -6
data/tests/models/beanstalk/application_tests.rb +0 -69
data/tests/models/beanstalk/applications_tests.rb +0 -7
data/tests/models/beanstalk/environment_tests.rb +0 -131
data/tests/models/beanstalk/environments_tests.rb +0 -34
data/tests/models/beanstalk/template_tests.rb +0 -47
data/tests/models/beanstalk/templates_tests.rb +0 -62
data/tests/models/beanstalk/version_tests.rb +0 -66
data/tests/models/beanstalk/versions_tests.rb +0 -60
data/tests/models/cdn/distribution_tests.rb +0 -15
data/tests/models/cdn/distributions_tests.rb +0 -15
data/tests/models/cdn/invalidation_tests.rb +0 -31
data/tests/models/cdn/invalidations_tests.rb +0 -14
data/tests/models/cdn/streaming_distribution_tests.rb +0 -15
data/tests/models/cdn/streaming_distributions_tests.rb +0 -15
data/tests/models/cloud_watch/alarm_data_tests.rb +0 -42
data/tests/models/cloud_watch/alarm_history_tests.rb +0 -22
data/tests/models/cloud_watch/metric_statistics_tests.rb +0 -51
data/tests/models/cloud_watch/metrics_tests.rb +0 -32
data/tests/models/compute/address_tests.rb +0 -43
data/tests/models/compute/addresses_tests.rb +0 -5
data/tests/models/compute/dhcp_option_tests.rb +0 -3
data/tests/models/compute/dhcp_options_tests.rb +0 -3
data/tests/models/compute/internet_gateway_tests.rb +0 -3
data/tests/models/compute/internet_gateways_tests.rb +0 -3
data/tests/models/compute/key_pair_tests.rb +0 -26
data/tests/models/compute/key_pairs_tests.rb +0 -5
data/tests/models/compute/network_acl_tests.rb +0 -109
data/tests/models/compute/network_acls_tests.rb +0 -20
data/tests/models/compute/network_interfaces_test.rb +0 -12
data/tests/models/compute/security_group_tests.rb +0 -98
data/tests/models/compute/security_groups_tests.rb +0 -5
data/tests/models/compute/server_tests.rb +0 -94
data/tests/models/compute/snapshot_tests.rb +0 -10
data/tests/models/compute/snapshots_tests.rb +0 -10
data/tests/models/compute/subnet_tests.rb +0 -13
data/tests/models/compute/subnets_tests.rb +0 -5
data/tests/models/compute/volume_tests.rb +0 -65
data/tests/models/compute/volumes_tests.rb +0 -5
data/tests/models/compute/vpc_tests.rb +0 -26
data/tests/models/compute/vpcs_tests.rb +0 -19
data/tests/models/data_pipeline/pipeline_tests.rb +0 -8
data/tests/models/data_pipeline/pipelines_tests.rb +0 -8
data/tests/models/dns/record_tests.rb +0 -33
data/tests/models/dns/records_tests.rb +0 -41
data/tests/models/dns/zone_tests.rb +0 -4
data/tests/models/dns/zones_tests.rb +0 -4
data/tests/models/efs/file_system_tests.rb +0 -12
data/tests/models/efs/mount_target_tests.rb +0 -45
data/tests/models/efs/mount_targets_tests.rb +0 -30
data/tests/models/elasticache/cluster_tests.rb +0 -30
data/tests/models/elasticache/parameter_groups_tests.rb +0 -15
data/tests/models/elasticache/security_groups_tests.rb +0 -52
data/tests/models/elasticache/subnet_groups_tests.rb +0 -43
data/tests/models/elb/model_tests.rb +0 -360
data/tests/models/elb/tagging_tests.rb +0 -15
data/tests/models/glacier/model_tests.rb +0 -47
data/tests/models/iam/access_keys_tests.rb +0 -53
data/tests/models/iam/groups_tests.rb +0 -59
data/tests/models/iam/instance_profile_tests.rb +0 -18
data/tests/models/iam/managed_policies_tests.rb +0 -89
data/tests/models/iam/policies_tests.rb +0 -57
data/tests/models/iam/roles_tests.rb +0 -71
data/tests/models/iam/users_tests.rb +0 -119
data/tests/models/rds/cluster_tests.rb +0 -54
data/tests/models/rds/clusters_tests.rb +0 -5
data/tests/models/rds/event_subscription_tests.rb +0 -9
data/tests/models/rds/event_subscriptions_tests.rb +0 -6
data/tests/models/rds/helper.rb +0 -25
data/tests/models/rds/instance_option_tests.rb +0 -14
data/tests/models/rds/parameter_group_tests.rb +0 -24
data/tests/models/rds/parameter_groups_tests.rb +0 -8
data/tests/models/rds/security_group_tests.rb +0 -77
data/tests/models/rds/security_groups_tests.rb +0 -5
data/tests/models/rds/server_tests.rb +0 -131
data/tests/models/rds/servers_tests.rb +0 -24
data/tests/models/rds/snapshot_tests.rb +0 -12
data/tests/models/rds/snapshots_tests.rb +0 -12
data/tests/models/rds/tagging_tests.rb +0 -20
data/tests/models/sns/topic_tests.rb +0 -15
data/tests/models/sns/topics_tests.rb +0 -6
data/tests/models/storage/directory_tests.rb +0 -202
data/tests/models/storage/file_tests.rb +0 -129
data/tests/models/storage/files_tests.rb +0 -90
data/tests/models/storage/url_tests.rb +0 -25
data/tests/models/storage/version_tests.rb +0 -52
data/tests/models/storage/versions_tests.rb +0 -51
data/tests/models/support/trusted_advisor_tests.rb +0 -25
data/tests/parsers/compute/describe_images_tests.rb +0 -33
data/tests/parsers/elb/describe_load_balancers.rb +0 -65
data/tests/parsers/elbv2/create_load_balancer_tests.rb +0 -48
data/tests/parsers/elbv2/describe_listeners_tests.rb +0 -76
data/tests/parsers/elbv2/describe_load_balancers_tests.rb +0 -54
data/tests/parsers/elbv2/describe_tags_tests.rb +0 -35
data/tests/requests/auto_scaling/auto_scaling_tests.rb +0 -111
data/tests/requests/auto_scaling/describe_types_tests.rb +0 -102
data/tests/requests/auto_scaling/helper.rb +0 -229
data/tests/requests/auto_scaling/model_tests.rb +0 -235
data/tests/requests/auto_scaling/notification_configuration_tests.rb +0 -124
data/tests/requests/auto_scaling/tag_tests.rb +0 -63
data/tests/requests/beanstalk/application_tests.rb +0 -140
data/tests/requests/beanstalk/solution_stack_tests.rb +0 -22
data/tests/requests/cdn/cdn_tests.rb +0 -252
data/tests/requests/cloud_formation/stack_tests.rb +0 -167
data/tests/requests/cloud_watch/get_metric_statistics_tests.rb +0 -28
data/tests/requests/cloud_watch/list_metrics_test.rb +0 -64
data/tests/requests/cloud_watch/put_metric_data_tests.rb +0 -36
data/tests/requests/compute/address_tests.rb +0 -144
data/tests/requests/compute/assign_private_ip_tests.rb +0 -55
data/tests/requests/compute/availability_zone_tests.rb +0 -25
data/tests/requests/compute/client_tests.rb +0 -25
data/tests/requests/compute/dhcp_options_tests.rb +0 -39
data/tests/requests/compute/helper.rb +0 -27
data/tests/requests/compute/image_tests.rb +0 -169
data/tests/requests/compute/instance_attrib_tests.rb +0 -168
data/tests/requests/compute/instance_tests.rb +0 -338
data/tests/requests/compute/internet_gateway_tests.rb +0 -49
data/tests/requests/compute/key_pair_tests.rb +0 -67
data/tests/requests/compute/network_acl_tests.rb +0 -112
data/tests/requests/compute/network_interface_tests.rb +0 -239
data/tests/requests/compute/placement_group_tests.rb +0 -48
data/tests/requests/compute/region_tests.rb +0 -52
data/tests/requests/compute/route_tests.rb +0 -341
data/tests/requests/compute/security_group_tests.rb +0 -457
data/tests/requests/compute/snapshot_tests.rb +0 -77
data/tests/requests/compute/spot_datafeed_subscription_tests.rb +0 -47
data/tests/requests/compute/spot_instance_tests.rb +0 -55
data/tests/requests/compute/spot_price_history_tests.rb +0 -23
data/tests/requests/compute/subnet_tests.rb +0 -87
data/tests/requests/compute/tag_tests.rb +0 -101
data/tests/requests/compute/volume_tests.rb +0 -263
data/tests/requests/compute/vpc_tests.rb +0 -222
data/tests/requests/data_pipeline/helper.rb +0 -78
data/tests/requests/data_pipeline/pipeline_tests.rb +0 -80
data/tests/requests/dns/change_resource_record_sets_tests.rb +0 -34
data/tests/requests/dns/dns_tests.rb +0 -240
data/tests/requests/dns/health_check_tests.rb +0 -159
data/tests/requests/dns/helper.rb +0 -21
data/tests/requests/dynamodb/item_tests.rb +0 -137
data/tests/requests/dynamodb/table_tests.rb +0 -99
data/tests/requests/ecs/cluster_tests.rb +0 -112
data/tests/requests/ecs/container_instance_tests.rb +0 -119
data/tests/requests/ecs/helper.rb +0 -276
data/tests/requests/ecs/sample_task_definition1.json +0 -56
data/tests/requests/ecs/service_tests.rb +0 -132
data/tests/requests/ecs/task_definitions_tests.rb +0 -97
data/tests/requests/ecs/task_tests.rb +0 -145
data/tests/requests/efs/file_system_tests.rb +0 -152
data/tests/requests/efs/helper.rb +0 -44
data/tests/requests/elasticache/cache_cluster_tests.rb +0 -137
data/tests/requests/elasticache/describe_events.rb +0 -17
data/tests/requests/elasticache/describe_reserved_cache_nodes.rb +0 -17
data/tests/requests/elasticache/helper.rb +0 -103
data/tests/requests/elasticache/parameter_group_tests.rb +0 -105
data/tests/requests/elasticache/security_group_tests.rb +0 -108
data/tests/requests/elasticache/subnet_group_tests.rb +0 -52
data/tests/requests/elb/helper.rb +0 -91
data/tests/requests/elb/listener_tests.rb +0 -68
data/tests/requests/elb/load_balancer_tests.rb +0 -89
data/tests/requests/elb/policy_tests.rb +0 -132
data/tests/requests/elbv2/helper.rb +0 -66
data/tests/requests/elbv2/load_balancer_tests.rb +0 -50
data/tests/requests/emr/helper.rb +0 -167
data/tests/requests/emr/instance_group_tests.rb +0 -106
data/tests/requests/emr/job_flow_tests.rb +0 -88
data/tests/requests/federation/get_signin_token_tests.rb +0 -11
data/tests/requests/glacier/archive_tests.rb +0 -13
data/tests/requests/glacier/multipart_upload_tests.rb +0 -29
data/tests/requests/glacier/tree_hash_tests.rb +0 -91
data/tests/requests/glacier/vault_tests.rb +0 -35
data/tests/requests/iam/access_key_tests.rb +0 -53
data/tests/requests/iam/account_policy_tests.rb +0 -20
data/tests/requests/iam/account_tests.rb +0 -34
data/tests/requests/iam/group_policy_tests.rb +0 -48
data/tests/requests/iam/group_tests.rb +0 -44
data/tests/requests/iam/helper.rb +0 -154
data/tests/requests/iam/instance_profile_tests.rb +0 -44
data/tests/requests/iam/login_profile_tests.rb +0 -62
data/tests/requests/iam/managed_policy_tests.rb +0 -110
data/tests/requests/iam/mfa_tests.rb +0 -23
data/tests/requests/iam/role_tests.rb +0 -156
data/tests/requests/iam/server_certificate_tests.rb +0 -130
data/tests/requests/iam/user_policy_tests.rb +0 -45
data/tests/requests/iam/user_tests.rb +0 -78
data/tests/requests/iam/versioned_managed_policy_tests.rb +0 -105
data/tests/requests/kinesis/helper.rb +0 -111
data/tests/requests/kinesis/stream_tests.rb +0 -169
data/tests/requests/kms/helper.rb +0 -27
data/tests/requests/kms/key_tests.rb +0 -23
data/tests/requests/lambda/function_sample_1.js +0 -9
data/tests/requests/lambda/function_sample_2.js +0 -9
data/tests/requests/lambda/function_tests.rb +0 -460
data/tests/requests/lambda/helper.rb +0 -81
data/tests/requests/rds/cluster_snapshot_tests.rb +0 -43
data/tests/requests/rds/cluster_tests.rb +0 -37
data/tests/requests/rds/db_engine_versions.rb +0 -7
data/tests/requests/rds/db_snapshot_tests.rb +0 -62
data/tests/requests/rds/describe_events.rb +0 -16
data/tests/requests/rds/event_subscription_tests.rb +0 -30
data/tests/requests/rds/helper.rb +0 -406
data/tests/requests/rds/instance_option_tests.rb +0 -27
data/tests/requests/rds/instance_tests.rb +0 -149
data/tests/requests/rds/log_file_tests.rb +0 -19
data/tests/requests/rds/parameter_group_tests.rb +0 -62
data/tests/requests/rds/parameter_request_tests.rb +0 -32
data/tests/requests/rds/security_group_tests.rb +0 -101
data/tests/requests/rds/subnet_groups_tests.rb +0 -52
data/tests/requests/rds/tagging_tests.rb +0 -78
data/tests/requests/redshift/cluster_parameter_group_tests.rb +0 -76
data/tests/requests/redshift/cluster_security_group_tests.rb +0 -42
data/tests/requests/redshift/cluster_snapshot_tests.rb +0 -73
data/tests/requests/redshift/cluster_tests.rb +0 -80
data/tests/requests/ses/helper.rb +0 -9
data/tests/requests/ses/verified_domain_identity_tests.rb +0 -16
data/tests/requests/ses/verified_email_address_tests.rb +0 -27
data/tests/requests/simpledb/attributes_tests.rb +0 -86
data/tests/requests/simpledb/domain_tests.rb +0 -51
data/tests/requests/simpledb/helper.rb +0 -10
data/tests/requests/sns/helper.rb +0 -9
data/tests/requests/sns/subscription_tests.rb +0 -86
data/tests/requests/sns/topic_tests.rb +0 -53
data/tests/requests/sqs/helper.rb +0 -9
data/tests/requests/sqs/message_tests.rb +0 -51
data/tests/requests/sqs/queue_tests.rb +0 -50
data/tests/requests/storage/acl_utils_tests.rb +0 -209
data/tests/requests/storage/bucket_tests.rb +0 -416
data/tests/requests/storage/cors_utils_tests.rb +0 -108
data/tests/requests/storage/delete_multiple_objects_tests.rb +0 -12
data/tests/requests/storage/multipart_copy_tests.rb +0 -93
data/tests/requests/storage/multipart_upload_tests.rb +0 -121
data/tests/requests/storage/object_tests.rb +0 -269
data/tests/requests/storage/versioning_tests.rb +0 -300
data/tests/requests/sts/assume_role_tests.rb +0 -19
data/tests/requests/sts/assume_role_with_saml_tests.rb +0 -18
data/tests/requests/sts/assume_role_with_web_identity_tests.rb +0 -28
data/tests/requests/sts/get_federation_token_tests.rb +0 -20
data/tests/requests/sts/session_token_tests.rb +0 -16
data/tests/requests/support/helper.rb +0 -43
data/tests/requests/support/trusted_advisor_check_tests.rb +0 -16
data/tests/signaturev4_tests.rb +0 -106
data/tests/signed_params_tests.rb +0 -17
data/tests/storage_tests.rb +0 -7

data/lib/fog/aws/iam/default_policy_versions.json ADDED Viewed

@@ -0,0 +1,3373 @@
+{
+  "arn:aws:iam::aws:policy/AWSDirectConnectReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "directconnect:Describe*"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonGlacierReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "glacier:ListVaults",
+            "glacier:DescribeVault",
+            "glacier:GetVaultNotifications",
+            "glacier:ListJobs",
+            "glacier:DescribeJob",
+            "glacier:GetJobOutput"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSMarketplaceFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "aws-marketplace:*",
+            "cloudformation:CreateStack",
+            "cloudformation:DescribeStackResource",
+            "cloudformation:DescribeStackResources",
+            "cloudformation:DescribeStacks",
+            "cloudformation:List*",
+            "ec2:AuthorizeSecurityGroupEgress",
+            "ec2:AuthorizeSecurityGroupIngress",
+            "ec2:CreateSecurityGroup",
+            "ec2:CreateTags",
+            "ec2:DescribeAccountAttributes",
+            "ec2:DescribeAddresses",
+            "ec2:DeleteSecurityGroup",
+            "ec2:DescribeAccountAttributes",
+            "ec2:DescribeImages",
+            "ec2:DescribeInstances",
+            "ec2:DescribeKeyPairs",
+            "ec2:DescribeSecurityGroups",
+            "ec2:DescribeSubnets",
+            "ec2:DescribeTags",
+            "ec2:DescribeVpcs",
+            "ec2:RunInstances",
+            "ec2:StartInstances",
+            "ec2:StopInstances",
+            "ec2:TerminateInstances"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonRDSFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "rds:*",
+            "cloudwatch:DescribeAlarms",
+            "cloudwatch:GetMetricStatistics",
+            "ec2:DescribeAccountAttributes",
+            "ec2:DescribeAvailabilityZones",
+            "ec2:DescribeSecurityGroups",
+            "ec2:DescribeSubnets",
+            "ec2:DescribeVpcs",
+            "sns:ListSubscriptions",
+            "sns:ListTopics"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonEC2FullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": "ec2:*",
+          "Effect": "Allow",
+          "Resource": "*"
+        },
+        {
+          "Effect": "Allow",
+          "Action": "elasticloadbalancing:*",
+          "Resource": "*"
+        },
+        {
+          "Effect": "Allow",
+          "Action": "cloudwatch:*",
+          "Resource": "*"
+        },
+        {
+          "Effect": "Allow",
+          "Action": "autoscaling:*",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSElasticBeanstalkReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "elasticbeanstalk:Check*",
+            "elasticbeanstalk:Describe*",
+            "elasticbeanstalk:List*",
+            "elasticbeanstalk:RequestEnvironmentInfo",
+            "elasticbeanstalk:RetrieveEnvironmentInfo",
+            "ec2:Describe*",
+            "elasticloadbalancing:Describe*",
+            "autoscaling:Describe*",
+            "cloudwatch:Describe*",
+            "cloudwatch:List*",
+            "cloudwatch:Get*",
+            "s3:Get*",
+            "s3:List*",
+            "sns:Get*",
+            "sns:List*",
+            "cloudformation:Describe*",
+            "cloudformation:Get*",
+            "cloudformation:List*",
+            "cloudformation:Validate*",
+            "cloudformation:Estimate*",
+            "rds:Describe*",
+            "sqs:Get*",
+            "sqs:List*"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonSQSFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "sqs:*"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSLambdaFullAccess": {
+    "VersionId": "v2",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "cloudwatch:*",
+            "cognito-identity:ListIdentityPools",
+            "cognito-sync:GetCognitoEvents",
+            "cognito-sync:SetCognitoEvents",
+            "dynamodb:*",
+            "iam:ListAttachedRolePolicies",
+            "iam:ListRolePolicies",
+            "iam:ListRoles",
+            "iam:PassRole",
+            "kinesis:DescribeStream",
+            "kinesis:ListStreams",
+            "kinesis:PutRecord",
+            "lambda:*",
+            "logs:*",
+            "s3:*",
+            "sns:ListSubscriptions",
+            "sns:ListSubscriptionsByTopic",
+            "sns:ListTopics",
+            "sns:Subscribe",
+            "sns:Unsubscribe"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "cloudwatch:PutMetricData",
+            "ds:CreateComputer",
+            "ds:DescribeDirectories",
+            "logs:CreateLogGroup",
+            "logs:CreateLogStream",
+            "logs:DescribeLogGroups",
+            "logs:DescribeLogStreams",
+            "logs:PutLogEvents",
+            "ssm:DescribeAssociation",
+            "ssm:GetDocument",
+            "ssm:ListAssociations",
+            "ssm:UpdateAssociationStatus"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/service-role/AWSCloudHSMRole": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "ec2:CreateNetworkInterface",
+            "ec2:CreateTags",
+            "ec2:DeleteNetworkInterface",
+            "ec2:DescribeNetworkInterfaceAttribute",
+            "ec2:DescribeNetworkInterfaces",
+            "ec2:DescribeSubnets",
+            "ec2:DescribeVpcs",
+            "ec2:DetachNetworkInterface"
+          ],
+          "Resource": [
+            "*"
+          ]
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/IAMFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": "iam:*",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonElastiCacheFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": "elasticache:*",
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforAWSCodeDeploy": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "s3:GetObject",
+            "s3:GetObjectVersion",
+            "s3:ListObjects"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSOpsWorksFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "opsworks:*",
+            "ec2:DescribeAvailabilityZones",
+            "ec2:DescribeKeyPairs",
+            "ec2:DescribeSecurityGroups",
+            "ec2:DescribeAccountAttributes",
+            "ec2:DescribeAvailabilityZones",
+            "ec2:DescribeSecurityGroups",
+            "ec2:DescribeSubnets",
+            "ec2:DescribeVpcs",
+            "elasticloadbalancing:DescribeInstanceHealth",
+            "elasticloadbalancing:DescribeLoadBalancers",
+            "iam:GetRolePolicy",
+            "iam:ListInstanceProfiles",
+            "iam:ListRoles",
+            "iam:ListUsers",
+            "iam:PassRole"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceRole": {
+    "VersionId": "v2",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Resource": "*",
+          "Action": [
+            "ec2:AuthorizeSecurityGroupIngress",
+            "ec2:CancelSpotInstanceRequests",
+            "ec2:CreateSecurityGroup",
+            "ec2:CreateTags",
+            "ec2:DeleteTags",
+            "ec2:DescribeAvailabilityZones",
+            "ec2:DescribeAccountAttributes",
+            "ec2:DescribeInstances",
+            "ec2:DescribeInstanceStatus",
+            "ec2:DescribeKeyPairs",
+            "ec2:DescribePrefixLists",
+            "ec2:DescribeRouteTables",
+            "ec2:DescribeSecurityGroups",
+            "ec2:DescribeSpotInstanceRequests",
+            "ec2:DescribeSpotPriceHistory",
+            "ec2:DescribeSubnets",
+            "ec2:DescribeVpcAttribute",
+            "ec2:DescribeVpcEndpoints",
+            "ec2:DescribeVpcEndpointServices",
+            "ec2:DescribeVpcs",
+            "ec2:ModifyImageAttribute",
+            "ec2:ModifyInstanceAttribute",
+            "ec2:RequestSpotInstances",
+            "ec2:RunInstances",
+            "ec2:TerminateInstances",
+            "iam:GetRole",
+            "iam:GetRolePolicy",
+            "iam:ListInstanceProfiles",
+            "iam:ListRolePolicies",
+            "iam:PassRole",
+            "s3:CreateBucket",
+            "s3:Get*",
+            "s3:List*",
+            "sdb:BatchPutAttributes",
+            "sdb:Select",
+            "sqs:CreateQueue",
+            "sqs:Delete*",
+            "sqs:GetQueue*",
+            "sqs:ReceiveMessage"
+          ]
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonRoute53DomainsReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "route53domains:Get*",
+            "route53domains:List*"
+          ],
+          "Resource": [
+            "*"
+          ]
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/service-role/AWSOpsWorksRole": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "cloudwatch:GetMetricStatistics",
+            "ec2:DescribeAccountAttributes",
+            "ec2:DescribeAvailabilityZones",
+            "ec2:DescribeInstances",
+            "ec2:DescribeKeyPairs",
+            "ec2:DescribeSecurityGroups",
+            "ec2:DescribeSubnets",
+            "ec2:DescribeVpcs",
+            "elasticloadbalancing:DescribeInstanceHealth",
+            "elasticloadbalancing:DescribeLoadBalancers",
+            "iam:GetRolePolicy",
+            "iam:ListInstanceProfiles",
+            "iam:ListRoles",
+            "iam:ListUsers",
+            "iam:PassRole",
+            "opsworks:*",
+            "rds:*"
+          ],
+          "Resource": [
+            "*"
+          ]
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/SimpleWorkflowFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "swf:*"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonS3FullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": "s3:*",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSStorageGatewayReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "storagegateway:List*",
+            "storagegateway:Describe*"
+          ],
+          "Resource": "*"
+        },
+        {
+          "Effect": "Allow",
+          "Action": [
+            "ec2:DescribeSnapshots"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforEC2Role": {
+    "VersionId": "v2",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Resource": "*",
+          "Action": [
+            "cloudwatch:*",
+            "dynamodb:*",
+            "ec2:Describe*",
+            "elasticmapreduce:Describe*",
+            "elasticmapreduce:ListBootstrapActions",
+            "elasticmapreduce:ListClusters",
+            "elasticmapreduce:ListInstanceGroups",
+            "elasticmapreduce:ListInstances",
+            "elasticmapreduce:ListSteps",
+            "kinesis:CreateStream",
+            "kinesis:DeleteStream",
+            "kinesis:DescribeStream",
+            "kinesis:GetRecords",
+            "kinesis:GetShardIterator",
+            "kinesis:MergeShards",
+            "kinesis:PutRecord",
+            "kinesis:SplitShard",
+            "rds:Describe*",
+            "s3:*",
+            "sdb:*",
+            "sns:*",
+            "sqs:*"
+          ]
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonRedshiftReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "redshift:Describe*",
+            "redshift:ViewQueriesInConsole",
+            "ec2:DescribeAccountAttributes",
+            "ec2:DescribeAddresses",
+            "ec2:DescribeAvailabilityZones",
+            "ec2:DescribeSecurityGroups",
+            "ec2:DescribeSubnets",
+            "ec2:DescribeVpcs",
+            "ec2:DescribeInternetGateways",
+            "sns:Get*",
+            "sns:List*",
+            "cloudwatch:Describe*",
+            "cloudwatch:List*",
+            "cloudwatch:Get*"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": "ec2:Describe*",
+          "Resource": "*"
+        },
+        {
+          "Effect": "Allow",
+          "Action": "elasticloadbalancing:Describe*",
+          "Resource": "*"
+        },
+        {
+          "Effect": "Allow",
+          "Action": [
+            "cloudwatch:ListMetrics",
+            "cloudwatch:GetMetricStatistics",
+            "cloudwatch:Describe*"
+          ],
+          "Resource": "*"
+        },
+        {
+          "Effect": "Allow",
+          "Action": "autoscaling:Describe*",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonElasticMapReduceReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "elasticmapreduce:Describe*",
+            "elasticmapreduce:List*",
+            "s3:GetObject",
+            "s3:ListAllMyBuckets",
+            "s3:ListBucket",
+            "sdb:Select",
+            "cloudwatch:GetMetricStatistics"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSDirectoryServiceReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "ds:Check*",
+            "ds:Describe*",
+            "ds:Get*",
+            "ds:List*",
+            "ec2:DescribeNetworkInterfaces",
+            "ec2:DescribeSubnets",
+            "ec2:DescribeVpcs"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonVPCReadOnlyAccess": {
+    "VersionId": "v2",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "ec2:DescribeAddresses",
+            "ec2:DescribeCustomerGateways",
+            "ec2:DescribeDhcpOptions",
+            "ec2:DescribeInternetGateways",
+            "ec2:DescribeNetworkAcls",
+            "ec2:DescribeNetworkInterfaces",
+            "ec2:DescribePrefixLists",
+            "ec2:DescribeRouteTables",
+            "ec2:DescribeSecurityGroups",
+            "ec2:DescribeSubnets",
+            "ec2:DescribeVpcAttribute",
+            "ec2:DescribeVpcEndpoints",
+            "ec2:DescribeVpcEndpointServices",
+            "ec2:DescribeVpcPeeringConnection",
+            "ec2:DescribeVpcs",
+            "ec2:DescribeVpnConnections",
+            "ec2:DescribeVpnGateways"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonMobileAnalyticsFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": "mobileanalytics:*",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/service-role/AWSDataPipelineRole": {
+    "VersionId": "v2",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "cloudwatch:*",
+            "datapipeline:DescribeObjects",
+            "datapipeline:EvaluateExpression",
+            "dynamodb:BatchGetItem",
+            "dynamodb:DescribeTable",
+            "dynamodb:GetItem",
+            "dynamodb:Query",
+            "dynamodb:Scan",
+            "dynamodb:UpdateTable",
+            "ec2:AuthorizeSecurityGroupIngress",
+            "ec2:CancelSpotInstanceRequests",
+            "ec2:CreateSecurityGroup",
+            "ec2:CreateTags",
+            "ec2:DeleteTags",
+            "ec2:Describe*",
+            "ec2:ModifyImageAttribute",
+            "ec2:ModifyInstanceAttribute",
+            "ec2:RequestSpotInstances",
+            "ec2:RunInstances",
+            "ec2:StartInstances",
+            "ec2:StopInstances",
+            "ec2:TerminateInstances",
+            "elasticmapreduce:*",
+            "iam:GetRole",
+            "iam:GetRolePolicy",
+            "iam:ListRolePolicies",
+            "iam:ListInstanceProfiles",
+            "iam:PassRole",
+            "rds:DescribeDBInstances",
+            "rds:DescribeDBSecurityGroups",
+            "redshift:DescribeClusters",
+            "redshift:DescribeClusterSecurityGroups",
+            "s3:CreateBucket",
+            "s3:DeleteObject",
+            "s3:Get*",
+            "s3:List*",
+            "s3:Put*",
+            "sdb:BatchPutAttributes",
+            "sdb:Select*",
+            "sns:GetTopicAttributes",
+            "sns:ListTopics",
+            "sns:Publish",
+            "sns:Subscribe",
+            "sns:Unsubscribe"
+          ],
+          "Resource": [
+            "*"
+          ]
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/CloudWatchFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "autoscaling:Describe*",
+            "cloudwatch:*",
+            "logs:*",
+            "sns:*"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/ReadOnlyAccess": {
+    "VersionId": "v2",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "appstream:Get*",
+            "autoscaling:Describe*",
+            "cloudformation:DescribeStacks",
+            "cloudformation:DescribeStackEvents",
+            "cloudformation:DescribeStackResource",
+            "cloudformation:DescribeStackResources",
+            "cloudformation:GetTemplate",
+            "cloudformation:List*",
+            "cloudfront:Get*",
+            "cloudfront:List*",
+            "cloudtrail:DescribeTrails",
+            "cloudtrail:GetTrailStatus",
+            "cloudwatch:Describe*",
+            "cloudwatch:Get*",
+            "cloudwatch:List*",
+            "directconnect:Describe*",
+            "dynamodb:GetItem",
+            "dynamodb:BatchGetItem",
+            "dynamodb:Query",
+            "dynamodb:Scan",
+            "dynamodb:DescribeTable",
+            "dynamodb:ListTables",
+            "ec2:Describe*",
+            "ecs:Describe*",
+            "ecs:List*",
+            "elasticache:Describe*",
+            "elasticbeanstalk:Check*",
+            "elasticbeanstalk:Describe*",
+            "elasticbeanstalk:List*",
+            "elasticbeanstalk:RequestEnvironmentInfo",
+            "elasticbeanstalk:RetrieveEnvironmentInfo",
+            "elasticloadbalancing:Describe*",
+            "elasticmapreduce:Describe*",
+            "elasticmapreduce:List*",
+            "elastictranscoder:Read*",
+            "elastictranscoder:List*",
+            "iam:List*",
+            "iam:GenerateCredentialReport",
+            "iam:Get*",
+            "kinesis:Describe*",
+            "kinesis:Get*",
+            "kinesis:List*",
+            "opsworks:Describe*",
+            "opsworks:Get*",
+            "route53:Get*",
+            "route53:List*",
+            "redshift:Describe*",
+            "redshift:ViewQueriesInConsole",
+            "rds:Describe*",
+            "rds:ListTagsForResource",
+            "s3:Get*",
+            "s3:List*",
+            "sdb:GetAttributes",
+            "sdb:List*",
+            "sdb:Select*",
+            "ses:Get*",
+            "ses:List*",
+            "sns:Get*",
+            "sns:List*",
+            "sqs:GetQueueAttributes",
+            "sqs:ListQueues",
+            "sqs:ReceiveMessage",
+            "storagegateway:List*",
+            "storagegateway:Describe*",
+            "tag:get*",
+            "trustedadvisor:Describe*"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonMachineLearningBatchPredictionsAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "machinelearning:CreateBatchPrediction",
+            "machinelearning:DeleteBatchPrediction",
+            "machinelearning:DescribeBatchPredictions",
+            "machinelearning:GetBatchPrediction",
+            "machinelearning:UpdateBatchPrediction"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSCodeDeployReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "codedeploy:Batch*",
+            "codedeploy:Get*",
+            "codedeploy:List*"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/CloudSearchFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "cloudsearch:*"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSCloudHSMFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": "cloudhsm:*",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetRole": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "ec2:DescribeImages",
+            "ec2:DescribeSubnets",
+            "ec2:RequestSpotInstances",
+            "ec2:TerminateInstances"
+          ],
+          "Resource": [
+            "*"
+          ]
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonElasticTranscoderJobsSubmitter": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "elastictranscoder:Read*",
+            "elastictranscoder:List*",
+            "elastictranscoder:*Job",
+            "elastictranscoder:*Preset",
+            "s3:List*",
+            "iam:List*",
+            "sns:List*"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSDirectoryServiceFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "ds:*",
+            "ec2:AuthorizeSecurityGroupEgress",
+            "ec2:AuthorizeSecurityGroupIngress",
+            "ec2:CreateNetworkInterface",
+            "ec2:CreateSecurityGroup",
+            "ec2:DeleteNetworkInterface",
+            "ec2:DeleteSecurityGroup",
+            "ec2:DescribeNetworkInterfaces",
+            "ec2:DescribeSubnets",
+            "ec2:DescribeVpcs",
+            "ec2:RevokeSecurityGroupEgress",
+            "ec2:RevokeSecurityGroupIngress"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "dynamodb:*",
+            "cloudwatch:DeleteAlarms",
+            "cloudwatch:DescribeAlarmHistory",
+            "cloudwatch:DescribeAlarms",
+            "cloudwatch:DescribeAlarmsForMetric",
+            "cloudwatch:GetMetricStatistics",
+            "cloudwatch:ListMetrics",
+            "cloudwatch:PutMetricAlarm",
+            "datapipeline:ActivatePipeline",
+            "datapipeline:CreatePipeline",
+            "datapipeline:DeletePipeline",
+            "datapipeline:DescribeObjects",
+            "datapipeline:DescribePipelines",
+            "datapipeline:GetPipelineDefinition",
+            "datapipeline:ListPipelines",
+            "datapipeline:PutPipelineDefinition",
+            "datapipeline:QueryObjects",
+            "iam:ListRoles",
+            "sns:CreateTopic",
+            "sns:DeleteTopic",
+            "sns:ListSubscriptions",
+            "sns:ListSubscriptionsByTopic",
+            "sns:ListTopics",
+            "sns:Subscribe",
+            "sns:Unsubscribe"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonSESReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "ses:Get*",
+            "ses:List*"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/service-role/AutoScalingNotificationAccessRole": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Resource": "*",
+          "Action": [
+            "sqs:SendMessage",
+            "sqs:GetQueueUrl",
+            "sns:Publish"
+          ]
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonKinesisReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "kinesis:Get*",
+            "kinesis:List*",
+            "kinesis:Describe*"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSCodeDeployFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": "codedeploy:*",
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/service-role/AWSLambdaDynamoDBExecutionRole": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "dynamodb:DescribeStream",
+            "dynamodb:GetRecords",
+            "dynamodb:GetShardIterator",
+            "dynamodb:ListStreams",
+            "logs:CreateLogGroup",
+            "logs:CreateLogStream",
+            "logs:PutLogEvents"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonRoute53DomainsFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "route53:CreateHostedZone",
+            "route53domains:*"
+          ],
+          "Resource": [
+            "*"
+          ]
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "elasticache:Describe*"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonElasticFileSystemReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "ec2:DescribeAvailabilityZones",
+            "ec2:DescribeNetworkInterfaceAttribute",
+            "ec2:DescribeNetworkInterfaces",
+            "ec2:DescribeSecurityGroups",
+            "ec2:DescribeSubnets",
+            "ec2:DescribeVpcs",
+            "elasticfilesystem:Describe*"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/CloudFrontFullAccess": {
+    "VersionId": "v2",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "s3:ListAllMyBuckets"
+          ],
+          "Effect": "Allow",
+          "Resource": "arn:aws:s3:::*"
+        },
+        {
+          "Action": [
+            "cloudfront:*",
+            "iam:ListServerCertificates"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/service-role/AmazonMachineLearningRoleforRedshiftDataSource": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "ec2:AuthorizeSecurityGroupIngress",
+            "ec2:CreateSecurityGroup",
+            "ec2:DescribeInternetGateways",
+            "ec2:DescribeSecurityGroups",
+            "ec2:RevokeSecurityGroupIngress",
+            "redshift:AuthorizeClusterSecurityGroupIngress",
+            "redshift:CreateClusterSecurityGroup",
+            "redshift:DescribeClusters",
+            "redshift:DescribeClusterSecurityGroups",
+            "redshift:ModifyCluster",
+            "redshift:RevokeClusterSecurityGroupIngress",
+            "s3:GetBucketLocation",
+            "s3:GetBucketPolicy",
+            "s3:GetObject",
+            "s3:PutBucketPolicy",
+            "s3:PutObject"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonMobileAnalyticsNon-financialReportAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": "mobileanalytics:GetReports",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSCloudTrailFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "sns:AddPermission",
+            "sns:CreateTopic",
+            "sns:DeleteTopic",
+            "sns:ListTopics",
+            "sns:SetTopicAttributes"
+          ],
+          "Resource": "arn:aws:sns:*"
+        },
+        {
+          "Effect": "Allow",
+          "Action": [
+            "s3:CreateBucket",
+            "s3:DeleteBucket",
+            "s3:ListAllMyBuckets",
+            "s3:PutBucketPolicy",
+            "s3:ListBucket",
+            "s3:GetBucketLocation",
+            "s3:GetObject"
+          ],
+          "Resource": "arn:aws:s3:::*"
+        },
+        {
+          "Effect": "Allow",
+          "Action": "cloudtrail:*",
+          "Resource": "*"
+        },
+        {
+          "Effect": "Allow",
+          "Action": [
+            "logs:CreateLogGroup"
+          ],
+          "Resource": "arn:aws:logs:*"
+        },
+        {
+          "Effect": "Allow",
+          "Action": [
+            "iam:PassRole",
+            "iam:ListRoles",
+            "iam:GetRolePolicy"
+          ],
+          "Resource": "arn:aws:iam::*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonCognitoDeveloperAuthenticatedIdentities": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "cognito-identity:GetOpenIdTokenForDeveloperIdentity",
+            "cognito-identity:LookupDeveloperIdentity",
+            "cognito-identity:MergeDeveloperIdentities",
+            "cognito-identity:UnlinkDeveloperIdentity"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/service-role/AWSConfigRole": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "cloudtrail:DescribeTrails",
+            "ec2:Describe*"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonRedshiftFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "redshift:*",
+            "ec2:DescribeAccountAttributes",
+            "ec2:DescribeAddresses",
+            "ec2:DescribeAvailabilityZones",
+            "ec2:DescribeSecurityGroups",
+            "ec2:DescribeSubnets",
+            "ec2:DescribeVpcs",
+            "ec2:DescribeInternetGateways",
+            "sns:CreateTopic",
+            "sns:Get*",
+            "sns:List*",
+            "cloudwatch:Describe*",
+            "cloudwatch:Get*",
+            "cloudwatch:List*",
+            "cloudwatch:PutMetricAlarm",
+            "cloudwatch:EnableAlarmActions",
+            "cloudwatch:DisableAlarmActions"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonZocaloReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "zocalo:Describe*",
+            "ds:DescribeDirectories",
+            "ec2:DescribeVpcs",
+            "ec2:DescribeSubnets"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSCloudHSMReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "cloudhsm:Get*",
+            "cloudhsm:List*",
+            "cloudhsm:Describe*"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonRoute53ReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "route53:Get*",
+            "route53:List*"
+          ],
+          "Resource": [
+            "*"
+          ]
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonEC2ReportsAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": "ec2-reports:*",
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonSQSReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "sqs:GetQueueAttributes",
+            "sqs:ListQueues"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonKinesisFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": "kinesis:*",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonMachineLearningReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "machinelearning:Describe*",
+            "machinelearning:Get*"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/service-role/RDSCloudHsmAuthorizationRole": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "cloudhsm:CreateLunaClient",
+            "cloudhsm:GetClientConfiguration",
+            "cloudhsm:DeleteLunaClient",
+            "cloudhsm:DescribeLunaClient",
+            "cloudhsm:ModifyLunaClient",
+            "cloudhsm:DescribeHapg",
+            "cloudhsm:ModifyHapg",
+            "cloudhsm:GetConfig"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonMachineLearningFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "machinelearning:*"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AdministratorAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": "*",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonMachineLearningRealTimePredictionOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "machinelearning:Predict"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSConfigUserAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "config:Get*",
+            "config:Describe*",
+            "config:Deliver*",
+            "tag:GetResources",
+            "tag:GetTagKeys"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/SecurityAudit": {
+    "VersionId": "v2",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "autoscaling:Describe*",
+            "cloudformation:DescribeStack*",
+            "cloudformation:GetTemplate",
+            "cloudformation:ListStack*",
+            "cloudfront:Get*",
+            "cloudfront:List*",
+            "cloudwatch:Describe*",
+            "directconnect:Describe*",
+            "dynamodb:ListTables",
+            "ec2:Describe*",
+            "ecs:Describe*",
+            "ecs:List*",
+            "elasticbeanstalk:Describe*",
+            "elasticache:Describe*",
+            "elasticloadbalancing:Describe*",
+            "elasticmapreduce:DescribeJobFlows",
+            "glacier:ListVaults",
+            "iam:GenerateCredentialReport",
+            "iam:Get*",
+            "iam:List*",
+            "rds:Describe*",
+            "rds:DownloadDBLogFilePortion",
+            "rds:ListTagsForResource",
+            "redshift:Describe*",
+            "route53:GetHostedZone",
+            "route53:ListHostedZones",
+            "route53:ListResourceRecordSets",
+            "s3:GetBucket*",
+            "s3:GetLifecycleConfiguration",
+            "s3:GetObjectAcl",
+            "s3:GetObjectVersionAcl",
+            "s3:ListAllMyBuckets",
+            "sdb:DomainMetadata",
+            "sdb:ListDomains",
+            "sns:GetTopicAttributes",
+            "sns:ListTopics",
+            "sqs:GetQueueAttributes",
+            "sqs:ListQueues"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonDynamoDBReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "cloudwatch:DescribeAlarmHistory",
+            "cloudwatch:DescribeAlarms",
+            "cloudwatch:DescribeAlarmsForMetric",
+            "cloudwatch:GetMetricStatistics",
+            "cloudwatch:ListMetrics",
+            "datapipeline:DescribeObjects",
+            "datapipeline:DescribePipelines",
+            "datapipeline:GetPipelineDefinition",
+            "datapipeline:ListPipelines",
+            "datapipeline:QueryObjects",
+            "dynamodb:BatchGetItem",
+            "dynamodb:DescribeTable",
+            "dynamodb:GetItem",
+            "dynamodb:ListTables",
+            "dynamodb:Query",
+            "dynamodb:Scan",
+            "sns:ListSubscriptionsByTopic",
+            "sns:ListTopics"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonSNSReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "sns:GetTopicAttributes",
+            "sns:List*"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonElasticMapReduceFullAccess": {
+    "VersionId": "v3",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "cloudwatch:*",
+            "ec2:AuthorizeSecurityGroupIngress",
+            "ec2:CancelSpotInstanceRequests",
+            "ec2:CreateSecurityGroup",
+            "ec2:CreateTags",
+            "ec2:DeleteTags",
+            "ec2:DescribeAvailabilityZones",
+            "ec2:DescribeAccountAttributes",
+            "ec2:DescribeInstances",
+            "ec2:DescribeKeyPairs",
+            "ec2:DescribeRouteTables",
+            "ec2:DescribeSecurityGroups",
+            "ec2:DescribeSpotInstanceRequests",
+            "ec2:DescribeSpotPriceHistory",
+            "ec2:DescribeSubnets",
+            "ec2:DescribeVpcAttribute",
+            "ec2:DescribeVpcs",
+            "ec2:ModifyImageAttribute",
+            "ec2:ModifyInstanceAttribute",
+            "ec2:RequestSpotInstances",
+            "ec2:RunInstances",
+            "ec2:TerminateInstances",
+            "elasticmapreduce:*",
+            "iam:GetPolicy",
+            "iam:GetPolicyVersion",
+            "iam:ListRoles",
+            "iam:PassRole",
+            "kms:List*",
+            "s3:*",
+            "sdb:*",
+            "support:CreateCase",
+            "support:DescribeServices",
+            "support:DescribeSeverityLevels"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "s3:Get*",
+            "s3:List*"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSElasticBeanstalkFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "elasticbeanstalk:*",
+            "ec2:*",
+            "elasticloadbalancing:*",
+            "autoscaling:*",
+            "cloudwatch:*",
+            "s3:*",
+            "sns:*",
+            "cloudformation:*",
+            "rds:*",
+            "sqs:*",
+            "iam:PassRole"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "autoscaling:CompleteLifecycleAction",
+            "autoscaling:DeleteLifecycleHook",
+            "autoscaling:DescribeAutoScalingGroups",
+            "autoscaling:DescribeLifecycleHooks",
+            "autoscaling:PutLifecycleHook",
+            "autoscaling:RecordLifecycleActionHeartbeat",
+            "ec2:DescribeInstances",
+            "ec2:DescribeInstanceStatus",
+            "tag:GetTags",
+            "tag:GetResources"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonSESFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "ses:*"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/CloudWatchLogsReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "logs:Describe*",
+            "logs:Get*",
+            "logs:TestMetricFilter"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSOpsWorksRegisterCLI": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "opsworks:AssignInstance",
+            "opsworks:CreateStack",
+            "opsworks:CreateLayer",
+            "opsworks:DeregisterInstance",
+            "opsworks:DescribeInstances",
+            "opsworks:DescribeStackProvisioningParameters",
+            "opsworks:DescribeStacks",
+            "opsworks:UnassignInstance"
+          ],
+          "Resource": [
+            "*"
+          ]
+        },
+        {
+          "Effect": "Allow",
+          "Action": [
+            "ec2:DescribeInstances"
+          ],
+          "Resource": [
+            "*"
+          ]
+        },
+        {
+          "Effect": "Allow",
+          "Action": [
+            "iam:AddUserToGroup",
+            "iam:CreateAccessKey",
+            "iam:CreateGroup",
+            "iam:CreateUser",
+            "iam:ListInstanceProfiles",
+            "iam:PassRole",
+            "iam:PutUserPolicy"
+          ],
+          "Resource": [
+            "*"
+          ]
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonDynamoDBFullAccesswithDataPipeline": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "cloudwatch:DeleteAlarms",
+            "cloudwatch:DescribeAlarmHistory",
+            "cloudwatch:DescribeAlarms",
+            "cloudwatch:DescribeAlarmsForMetric",
+            "cloudwatch:GetMetricStatistics",
+            "cloudwatch:ListMetrics",
+            "cloudwatch:PutMetricAlarm",
+            "dynamodb:*",
+            "sns:CreateTopic",
+            "sns:DeleteTopic",
+            "sns:ListSubscriptions",
+            "sns:ListSubscriptionsByTopic",
+            "sns:ListTopics",
+            "sns:Subscribe",
+            "sns:Unsubscribe"
+          ],
+          "Effect": "Allow",
+          "Resource": "*",
+          "Sid": "DDBConsole"
+        },
+        {
+          "Action": [
+            "datapipeline:*",
+            "iam:ListRoles"
+          ],
+          "Effect": "Allow",
+          "Resource": "*",
+          "Sid": "DDBConsoleImportExport"
+        },
+        {
+          "Effect": "Allow",
+          "Action": [
+            "iam:GetRolePolicy",
+            "iam:PassRole"
+          ],
+          "Resource": [
+            "*"
+          ],
+          "Sid": "IAMEDPRoles"
+        },
+        {
+          "Action": [
+            "ec2:CreateTags",
+            "ec2:DescribeInstances",
+            "ec2:RunInstances",
+            "ec2:StartInstances",
+            "ec2:StopInstances",
+            "ec2:TerminateInstances",
+            "elasticmapreduce:*",
+            "datapipeline:*"
+          ],
+          "Effect": "Allow",
+          "Resource": "*",
+          "Sid": "EMR"
+        },
+        {
+          "Action": [
+            "s3:DeleteObject",
+            "s3:Get*",
+            "s3:List*",
+            "s3:Put*"
+          ],
+          "Effect": "Allow",
+          "Resource": [
+            "*"
+          ],
+          "Sid": "S3"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforDataPipelineRole": {
+    "VersionId": "v2",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "cloudwatch:*",
+            "datapipeline:*",
+            "dynamodb:*",
+            "ec2:Describe*",
+            "elasticmapreduce:AddJobFlowSteps",
+            "elasticmapreduce:Describe*",
+            "elasticmapreduce:ListInstance*",
+            "rds:Describe*",
+            "redshift:DescribeClusters",
+            "redshift:DescribeClusterSecurityGroups",
+            "s3:*",
+            "sdb:*",
+            "sns:*",
+            "sqs:*"
+          ],
+          "Resource": [
+            "*"
+          ]
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/CloudWatchLogsFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "logs:*"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonElasticTranscoderFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "elastictranscoder:*",
+            "cloudfront:*",
+            "s3:List*",
+            "s3:Put*",
+            "s3:Get*",
+            "s3:*MultipartUpload*",
+            "iam:CreateRole",
+            "iam:GetRolePolicy",
+            "iam:PassRole",
+            "iam:PutRolePolicy",
+            "iam:List*",
+            "sns:CreateTopic",
+            "sns:List*"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonMobileAnalyticsWriteOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": "mobileanalytics:PutEvents",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSConnector": {
+    "VersionId": "v2",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": "iam:GetUser",
+          "Resource": "*"
+        },
+        {
+          "Effect": "Allow",
+          "Action": [
+            "s3:ListAllMyBuckets"
+          ],
+          "Resource": "*"
+        },
+        {
+          "Effect": "Allow",
+          "Action": [
+            "s3:CreateBucket",
+            "s3:DeleteBucket",
+            "s3:DeleteObject",
+            "s3:GetBucketLocation",
+            "s3:GetObject",
+            "s3:ListBucket",
+            "s3:PutObject",
+            "s3:PutObjectAcl"
+          ],
+          "Resource": "arn:aws:s3:::import-to-ec2-*"
+        },
+        {
+          "Effect": "Allow",
+          "Action": [
+            "ec2:CancelConversionTask",
+            "ec2:CancelExportTask",
+            "ec2:CreateImage",
+            "ec2:CreateInstanceExportTask",
+            "ec2:CreateTags",
+            "ec2:CreateVolume",
+            "ec2:DeleteTags",
+            "ec2:DeleteVolume",
+            "ec2:DescribeConversionTasks",
+            "ec2:DescribeExportTasks",
+            "ec2:DescribeImages",
+            "ec2:DescribeInstanceAttribute",
+            "ec2:DescribeInstanceStatus",
+            "ec2:DescribeInstances",
+            "ec2:DescribeRegions",
+            "ec2:DescribeTags",
+            "ec2:DetachVolume",
+            "ec2:ImportInstance",
+            "ec2:ImportVolume",
+            "ec2:ModifyInstanceAttribute",
+            "ec2:RunInstances",
+            "ec2:StartInstances",
+            "ec2:StopInstances",
+            "ec2:TerminateInstances"
+          ],
+          "Resource": "*"
+        },
+        {
+          "Effect": "Allow",
+          "Action": [
+            "SNS:Publish"
+          ],
+          "Resource": "arn:aws:sns:*:*:metrics-sns-topic-for-*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonSSMFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "cloudwatch:PutMetricData",
+            "ds:CreateComputer",
+            "ds:DescribeDirectories",
+            "ec2:DescribeInstanceStatus",
+            "logs:*",
+            "ssm:*"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonEC2ContainerServiceFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "ec2:Describe*",
+            "elasticloadbalancing:*",
+            "ecs:*",
+            "iam:ListInstanceProfiles",
+            "iam:ListRoles",
+            "iam:PassRole"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonCognitoReadOnly": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "cognito-identity:Describe*",
+            "cognito-identity:Get*",
+            "cognito-identity:List*",
+            "cognito-sync:Describe*",
+            "cognito-sync:Get*",
+            "cognito-sync:List*",
+            "iam:ListOpenIdConnectProviders",
+            "iam:ListRoles",
+            "sns:ListPlatformApplications"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonVPCFullAccess": {
+    "VersionId": "v3",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "ec2:AcceptVpcPeeringConnection",
+            "ec2:AllocateAddress",
+            "ec2:AssociateAddress",
+            "ec2:AssociateDhcpOptions",
+            "ec2:AssociateRouteTable",
+            "ec2:AttachClassicLinkVpc",
+            "ec2:AttachInternetGateway",
+            "ec2:AttachVpnGateway",
+            "ec2:AuthorizeSecurityGroupEgress",
+            "ec2:AuthorizeSecurityGroupIngress",
+            "ec2:CreateCustomerGateway",
+            "ec2:CreateDhcpOptions",
+            "ec2:CreateInternetGateway",
+            "ec2:CreateNetworkAcl",
+            "ec2:CreateNetworkAclEntry",
+            "ec2:CreateRoute",
+            "ec2:CreateRouteTable",
+            "ec2:CreateSecurityGroup",
+            "ec2:CreateSubnet",
+            "ec2:CreateTags",
+            "ec2:CreateVpc",
+            "ec2:CreateVpcEndpoint",
+            "ec2:CreateVpcPeeringConnection",
+            "ec2:CreateVpnConnection",
+            "ec2:CreateVpnConnectionRoute",
+            "ec2:CreateVpnGateway",
+            "ec2:DeleteCustomerGateway",
+            "ec2:DeleteDhcpOptions",
+            "ec2:DeleteInternetGateway",
+            "ec2:DeleteNetworkAcl",
+            "ec2:DeleteNetworkAclEntry",
+            "ec2:DeleteRoute",
+            "ec2:DeleteRouteTable",
+            "ec2:DeleteSecurityGroup",
+            "ec2:DeleteSubnet",
+            "ec2:DeleteTags",
+            "ec2:DeleteVpc",
+            "ec2:DeleteVpcEndpoints",
+            "ec2:DeleteVpcPeeringConnection",
+            "ec2:DeleteVpnConnection",
+            "ec2:DeleteVpnGateway",
+            "ec2:DescribeAddresses",
+            "ec2:DescribeAvailabilityZones",
+            "ec2:DescribeCustomerGateways",
+            "ec2:DescribeDhcpOptions",
+            "ec2:DescribeInstances",
+            "ec2:DescribeInternetGateways",
+            "ec2:DescribeKeyPairs",
+            "ec2:DescribeNetworkAcls",
+            "ec2:DescribeNetworkInterfaces",
+            "ec2:DescribePrefixLists",
+            "ec2:DescribeRouteTables",
+            "ec2:DescribeSecurityGroups",
+            "ec2:DescribeSubnets",
+            "ec2:DescribeTags",
+            "ec2:DescribeVpcAttribute",
+            "ec2:DescribeVpcClassicLink",
+            "ec2:DescribeVpcEndpoints",
+            "ec2:DescribeVpcEndpointServices",
+            "ec2:DescribeVpcPeeringConnections",
+            "ec2:DescribeVpcs",
+            "ec2:DescribeVpnConnections",
+            "ec2:DescribeVpnGateways",
+            "ec2:DetachClassicLinkVpc",
+            "ec2:DetachInternetGateway",
+            "ec2:DetachVpnGateway",
+            "ec2:DisableVpcClassicLink",
+            "ec2:DisableVgwRoutePropagation",
+            "ec2:DisassociateAddress",
+            "ec2:DisassociateRouteTable",
+            "ec2:EnableVpcClassicLink",
+            "ec2:EnableVgwRoutePropagation",
+            "ec2:ModifySubnetAttribute",
+            "ec2:ModifyVpcAttribute",
+            "ec2:ModifyVpcEndpoint",
+            "ec2:RejectVpcPeeringConnection",
+            "ec2:ReleaseAddress",
+            "ec2:ReplaceNetworkAclAssociation",
+            "ec2:ReplaceNetworkAclEntry",
+            "ec2:ReplaceRouteTableAssociation",
+            "ec2:RevokeSecurityGroupEgress",
+            "ec2:RevokeSecurityGroupIngress"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSImportExportFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "importexport:*"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonMachineLearningCreateOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "machinelearning:Create*",
+            "machinelearning:Delete*",
+            "machinelearning:Describe*",
+            "machinelearning:Get*"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSCloudTrailReadOnlyAccess": {
+    "VersionId": "v2",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "s3:GetObject"
+          ],
+          "Resource": "arn:aws:s3:::*"
+        },
+        {
+          "Effect": "Allow",
+          "Action": [
+            "cloudtrail:GetTrailStatus",
+            "cloudtrail:DescribeTrails",
+            "cloudtrail:LookupEvents",
+            "s3:ListAllMyBuckets"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSLambdaExecute": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "logs:*"
+          ],
+          "Resource": "arn:aws:logs:*:*:*"
+        },
+        {
+          "Effect": "Allow",
+          "Action": [
+            "s3:GetObject",
+            "s3:PutObject"
+          ],
+          "Resource": "arn:aws:s3:::*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSStorageGatewayFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "storagegateway:*"
+          ],
+          "Resource": "*"
+        },
+        {
+          "Effect": "Allow",
+          "Action": [
+            "ec2:DescribeSnapshots",
+            "ec2:DeleteSnapshot"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonElasticTranscoderReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "elastictranscoder:Read*",
+            "elastictranscoder:List*",
+            "s3:List*",
+            "iam:List*",
+            "sns:List*"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonWorkMailReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "ses:Describe*",
+            "ses:Get*",
+            "workmail:Describe*",
+            "workmail:Get*",
+            "workmail:List*",
+            "workmail:Search*"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/service-role/AWSLambdaKinesisExecutionRole": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "kinesis:DescribeStream",
+            "kinesis:GetRecords",
+            "kinesis:GetShardIterator",
+            "kinesis:ListStreams",
+            "logs:CreateLogGroup",
+            "logs:CreateLogStream",
+            "logs:PutLogEvents"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/ResourceGroupsandTagEditorReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "tag:getResources",
+            "tag:getTagKeys",
+            "tag:getTagValues"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonMachineLearningManageRealTimeEndpointOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "machinelearning:CreateRealtimeEndpoint",
+            "machinelearning:DeleteRealtimeEndpoint"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/CloudFrontReadOnlyAccess": {
+    "VersionId": "v2",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "cloudfront:Get*",
+            "cloudfront:List*",
+            "iam:ListServerCertificates",
+            "route53:List*"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/service-role/AmazonSNSRole": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "logs:CreateLogGroup",
+            "logs:CreateLogStream",
+            "logs:PutLogEvents",
+            "logs:PutMetricFilter",
+            "logs:PutRetentionPolicy"
+          ],
+          "Resource": [
+            "*"
+          ]
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonMobileAnalyticsFinancialReportAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "mobileanalytics:GetReports",
+            "mobileanalytics:GetFinancialReports"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/IAMReadOnlyAccess": {
+    "VersionId": "v2",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "iam:GenerateCredentialReport",
+            "iam:GenerateServiceLastAccessedDetails",
+            "iam:Get*",
+            "iam:List*"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonRDSReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "rds:Describe*",
+            "rds:ListTagsForResource",
+            "ec2:DescribeAccountAttributes",
+            "ec2:DescribeAvailabilityZones",
+            "ec2:DescribeSecurityGroups",
+            "ec2:DescribeVpcs"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        },
+        {
+          "Action": [
+            "cloudwatch:GetMetricStatistics"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonCognitoPowerUser": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "cognito-identity:*",
+            "cognito-sync:*",
+            "iam:ListRoles",
+            "iam:ListOpenIdConnectProviders",
+            "sns:ListPlatformApplications"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonElasticFileSystemFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "ec2:CreateNetworkInterface",
+            "ec2:DeleteNetworkInterface",
+            "ec2:DescribeAvailabilityZones",
+            "ec2:DescribeNetworkInterfaceAttribute",
+            "ec2:DescribeNetworkInterfaces",
+            "ec2:DescribeSecurityGroups",
+            "ec2:DescribeSubnets",
+            "ec2:DescribeVpcs",
+            "ec2:ModifyNetworkInterfaceAttribute",
+            "elasticfilesystem:*"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonZocaloFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "zocalo:*",
+            "ds:*",
+            "ec2:AuthorizeSecurityGroupEgress",
+            "ec2:AuthorizeSecurityGroupIngress",
+            "ec2:CreateNetworkInterface",
+            "ec2:CreateSecurityGroup",
+            "ec2:CreateSubnet",
+            "ec2:CreateTags",
+            "ec2:CreateVpc",
+            "ec2:DescribeAvailabilityZones",
+            "ec2:DescribeNetworkInterfaces",
+            "ec2:DescribeSubnets",
+            "ec2:DescribeVpcs",
+            "ec2:DeleteNetworkInterface",
+            "ec2:DeleteSecurityGroup",
+            "ec2:RevokeSecurityGroupEgress",
+            "ec2:RevokeSecurityGroupIngress"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSLambdaReadOnlyAccess": {
+    "VersionId": "v2",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "cloudwatch:Describe*",
+            "cloudwatch:Get*",
+            "cloudwatch:List*",
+            "cognito-identity:ListIdentityPools",
+            "cognito-sync:GetCognitoEvents",
+            "dynamodb:BatchGetItem",
+            "dynamodb:DescribeStream",
+            "dynamodb:DescribeTable",
+            "dynamodb:GetItem",
+            "dynamodb:ListStreams",
+            "dynamodb:ListTables",
+            "dynamodb:Query",
+            "dynamodb:Scan",
+            "iam:ListRoles",
+            "kinesis:DescribeStream",
+            "kinesis:ListStreams",
+            "lambda:List*",
+            "lambda:Get*",
+            "logs:DescribeMetricFilters",
+            "logs:GetLogEvents",
+            "logs:DescribeLogGroups",
+            "logs:DescribeLogStreams",
+            "s3:Get*",
+            "s3:List*",
+            "sns:ListTopics",
+            "sns:ListSubscriptions",
+            "sns:ListSubscriptionsByTopic"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSAccountUsageReportAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "aws-portal:ViewUsage"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "ecs:CreateCluster",
+            "ecs:DeregisterContainerInstance",
+            "ecs:DiscoverPollEndpoint",
+            "ecs:Poll",
+            "ecs:RegisterContainerInstance",
+            "ecs:Submit*"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonAppStreamFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "appstream:*"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/CloudWatchReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "autoscaling:Describe*",
+            "cloudwatch:Describe*",
+            "cloudwatch:Get*",
+            "cloudwatch:List*",
+            "logs:Get*",
+            "logs:Describe*",
+            "logs:TestMetricFilter",
+            "sns:Get*",
+            "sns:List*"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "logs:CreateLogGroup",
+            "logs:CreateLogStream",
+            "logs:PutLogEvents"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/ResourceGroupsandTagEditorFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "tag:getResources",
+            "tag:getTagKeys",
+            "tag:getTagValues",
+            "tag:addResourceTags",
+            "tag:removeResourceTags"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSKeyManagementServicePowerUser": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "kms:CreateAlias",
+            "kms:CreateKey",
+            "kms:DeleteAlias",
+            "kms:Describe*",
+            "kms:GenerateRandom",
+            "kms:Get*",
+            "kms:List*",
+            "iam:ListGroups",
+            "iam:ListRoles",
+            "iam:ListUsers"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSImportExportReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "importexport:ListJobs",
+            "importexport:GetStatus"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/service-role/AmazonElasticTranscoderRole": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Sid": "1",
+          "Effect": "Allow",
+          "Action": [
+            "s3:ListBucket",
+            "s3:Put*",
+            "s3:Get*",
+            "s3:*MultipartUpload*"
+          ],
+          "Resource": [
+            "*"
+          ]
+        },
+        {
+          "Sid": "2",
+          "Effect": "Allow",
+          "Action": [
+            "sns:Publish"
+          ],
+          "Resource": [
+            "*"
+          ]
+        },
+        {
+          "Sid": "3",
+          "Effect": "Deny",
+          "Action": [
+            "s3:*Policy*",
+            "sns:*Permission*",
+            "sns:*Delete*",
+            "s3:*Delete*",
+            "sns:*Remove*"
+          ],
+          "Resource": [
+            "*"
+          ]
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceRole": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "ec2:AuthorizeSecurityGroupIngress",
+            "ec2:Describe*",
+            "elasticloadbalancing:DeregisterInstancesFromLoadBalancer",
+            "elasticloadbalancing:Describe*",
+            "elasticloadbalancing:RegisterInstancesWithLoadBalancer"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonSSMReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "ssm:Describe*",
+            "ssm:Get*",
+            "ssm:List*"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSMarketplaceRead-only": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "aws-marketplace:ViewSubscriptions",
+            "ec2:DescribeAccountAttributes",
+            "ec2:DescribeAddresses",
+            "ec2:DescribeImages",
+            "ec2:DescribeInstances",
+            "ec2:DescribeKeyPairs",
+            "ec2:DescribeSecurityGroups",
+            "ec2:DescribeSubnets",
+            "ec2:DescribeVpcs"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonWorkSpacesApplicationManagerAdminAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": "wam:AuthenticatePackager",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSDirectConnectFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "directconnect:*"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSAccountActivityAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "aws-portal:ViewBilling"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonGlacierFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": "glacier:*",
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonWorkMailFullAccess": {
+    "VersionId": "v2",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "ds:AuthorizeApplication",
+            "ds:CheckAlias",
+            "ds:CreateAlias",
+            "ds:CreateDirectory",
+            "ds:CreateDomain",
+            "ds:DeleteAlias",
+            "ds:DeleteDirectory",
+            "ds:DescribeDirectories",
+            "ds:ExtendDirectory",
+            "ds:GetDirectoryLimits",
+            "ds:ListAuthorizedApplications",
+            "ds:UnauthorizeApplication",
+            "ec2:AuthorizeSecurityGroupEgress",
+            "ec2:AuthorizeSecurityGroupIngress",
+            "ec2:CreateNetworkInterface",
+            "ec2:CreateSecurityGroup",
+            "ec2:CreateSubnet",
+            "ec2:CreateTags",
+            "ec2:CreateVpc",
+            "ec2:DeleteSecurityGroup",
+            "ec2:DeleteSubnet",
+            "ec2:DeleteVpc",
+            "ec2:DescribeAvailabilityZones",
+            "ec2:DescribeDomains",
+            "ec2:DescribeRouteTables",
+            "ec2:DescribeSubnets",
+            "ec2:DescribeVpcs",
+            "ec2:RevokeSecurityGroupEgress",
+            "ec2:RevokeSecurityGroupIngress",
+            "kms:DescribeKey",
+            "kms:ListAliases",
+            "ses:*",
+            "workmail:*"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSMarketplaceManageSubscriptions": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "aws-marketplace:ViewSubscriptions",
+            "aws-marketplace:Subscribe",
+            "aws-marketplace:Unsubscribe"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSSupportAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "support:*"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSLambdaInvocation-DynamoDB": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "lambda:InvokeFunction"
+          ],
+          "Resource": "*"
+        },
+        {
+          "Effect": "Allow",
+          "Action": [
+            "dynamodb:DescribeStream",
+            "dynamodb:GetRecords",
+            "dynamodb:GetShardIterator",
+            "dynamodb:ListStreams"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSCodeDeployDeployerAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "codedeploy:Batch*",
+            "codedeploy:CreateDeployment",
+            "codedeploy:Get*",
+            "codedeploy:List*",
+            "codedeploy:RegisterApplicationRevision"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSDataPipelinePowerUser": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "s3:List*",
+            "dynamodb:DescribeTable",
+            "rds:DescribeDBInstances",
+            "rds:DescribeDBSecurityGroups",
+            "redshift:DescribeClusters",
+            "redshift:DescribeClusterSecurityGroups",
+            "sns:ListTopics",
+            "iam:PassRole",
+            "iam:ListRoles",
+            "iam:PutRolePolicy",
+            "iam:GetRolePolicy",
+            "iam:GetInstanceProfiles",
+            "iam:ListInstanceProfiles",
+            "iam:CreateInstanceProfile",
+            "iam:AddRoleToInstanceProfile",
+            "datapipeline:*",
+            "cloudwatch:*"
+          ],
+          "Effect": "Allow",
+          "Resource": [
+            "*"
+          ]
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonSNSFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "sns:*"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/CloudSearchReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "cloudsearch:Describe*",
+            "cloudsearch:List*"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSCloudFormationReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "cloudformation:DescribeStacks",
+            "cloudformation:DescribeStackEvents",
+            "cloudformation:DescribeStackResource",
+            "cloudformation:DescribeStackResources",
+            "cloudformation:GetTemplate",
+            "cloudformation:List*"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonRoute53FullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "route53:*"
+          ],
+          "Resource": [
+            "*"
+          ]
+        },
+        {
+          "Effect": "Allow",
+          "Action": [
+            "elasticloadbalancing:DescribeLoadBalancers"
+          ],
+          "Resource": [
+            "*"
+          ]
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/service-role/AWSLambdaRole": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "lambda:InvokeFunction"
+          ],
+          "Resource": [
+            "*"
+          ]
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AmazonAppStreamReadOnlyAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "appstream:Get*"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/PowerUserAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "NotAction": "iam:*",
+          "Resource": "*"
+        }
+      ]
+    }
+  },
+  "arn:aws:iam::aws:policy/AWSDataPipelineFullAccess": {
+    "VersionId": "v1",
+    "IsDefaultVersion": true,
+    "Document": {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "s3:List*",
+            "dynamodb:DescribeTable",
+            "rds:DescribeDBInstances",
+            "rds:DescribeDBSecurityGroups",
+            "redshift:DescribeClusters",
+            "redshift:DescribeClusterSecurityGroups",
+            "sns:CreateTopic",
+            "sns:ListTopics",
+            "sns:Subscribe",
+            "iam:PassRole",
+            "iam:ListRoles",
+            "iam:CreateRole",
+            "iam:PutRolePolicy",
+            "iam:GetRolePolicy",
+            "iam:GetInstanceProfiles",
+            "iam:ListInstanceProfiles",
+            "iam:CreateInstanceProfile",
+            "iam:AddRoleToInstanceProfile",
+            "datapipeline:*",
+            "cloudwatch:*"
+          ],
+          "Effect": "Allow",
+          "Resource": [
+            "*"
+          ]
+        }
+      ]
+    }
+  }
+}