@cloud-copilot/iam-data 0.15.202510281 → 0.15.202511081
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/data/actions/aps.json +190 -0
- package/data/actions/autoscaling.json +25 -3
- package/data/actions/batch.json +28 -18
- package/data/actions/bedrock-agentcore.json +8 -17
- package/data/actions/bedrock.json +15 -0
- package/data/actions/cloudfront.json +71 -88
- package/data/actions/cognito-idp.json +75 -0
- package/data/actions/connect.json +48 -0
- package/data/actions/ec2.json +219 -33
- package/data/actions/elasticloadbalancing.json +9 -0
- package/data/actions/emr-containers.json +15 -0
- package/data/actions/guardduty.json +23 -1
- package/data/actions/iotmanagedintegrations.json +15 -0
- package/data/actions/kinesis.json +50 -0
- package/data/actions/kms.json +4 -1
- package/data/actions/lambda.json +2 -1
- package/data/actions/mediaconnect.json +83 -10
- package/data/actions/profile.json +368 -0
- package/data/actions/redshift-serverless.json +2 -2
- package/data/actions/rtbfabric.json +116 -12
- package/data/actions/s3tables.json +85 -2
- package/data/actions/sts.json +34 -0
- package/data/actions/support-console.json +18 -0
- package/data/actions/support.json +8 -0
- package/data/actions/user-subscriptions.json +8 -0
- package/data/actions/vpc-lattice.json +81 -0
- package/data/conditionKeys/bedrock-agentcore.json +0 -10
- package/data/conditionKeys/ec2.json +15 -15
- package/data/conditionKeys/lambda.json +5 -0
- package/data/conditionKeys/mediaconnect.json +17 -1
- package/data/conditionKeys/s3tables.json +20 -0
- package/data/conditionKeys/sts.json +10 -0
- package/data/conditionKeys/vpc-lattice.json +15 -0
- package/data/conditionPatterns.json +3 -0
- package/data/resourceTypes/aps.json +9 -0
- package/data/resourceTypes/bedrock.json +4 -0
- package/data/resourceTypes/ec2.json +19 -5
- package/data/resourceTypes/guardduty.json +4 -1
- package/data/resourceTypes/mediaconnect.json +16 -4
- package/data/resourceTypes/profile.json +14 -0
- package/data/resourceTypes/rtbfabric.json +5 -0
- package/data/resourceTypes/s3tables.json +7 -1
- package/data/resourceTypes/vpc-lattice.json +12 -0
- package/package.json +2 -2
package/data/actions/ec2.json
CHANGED
|
@@ -167,8 +167,8 @@
|
|
|
167
167
|
"conditionKeys": [
|
|
168
168
|
"aws:ResourceTag/${TagKey}",
|
|
169
169
|
"ec2:ResourceTag/${TagKey}",
|
|
170
|
-
"ec2:
|
|
171
|
-
"ec2:
|
|
170
|
+
"ec2:VpceMultiRegion",
|
|
171
|
+
"ec2:VpceSupportedRegion"
|
|
172
172
|
],
|
|
173
173
|
"dependentActions": []
|
|
174
174
|
}
|
|
@@ -1324,6 +1324,7 @@
|
|
|
1324
1324
|
"ec2:Encrypted",
|
|
1325
1325
|
"ec2:ManagedResourceOperator",
|
|
1326
1326
|
"ec2:ParentSnapshot",
|
|
1327
|
+
"ec2:ParentVolume",
|
|
1327
1328
|
"ec2:ResourceTag/${TagKey}",
|
|
1328
1329
|
"ec2:VolumeID",
|
|
1329
1330
|
"ec2:VolumeInitializationRate",
|
|
@@ -1781,6 +1782,61 @@
|
|
|
1781
1782
|
],
|
|
1782
1783
|
"dependentActions": []
|
|
1783
1784
|
},
|
|
1785
|
+
"copyvolumes": {
|
|
1786
|
+
"name": "CopyVolumes",
|
|
1787
|
+
"description": "Grants permission to create a copy of an EBS volume. Resource-level permissions specified for this action apply to the source and copied volume. Condition keys for the copied volume correspond to parameters specified in the CopyVolumes API request",
|
|
1788
|
+
"accessLevel": "Write",
|
|
1789
|
+
"resourceTypes": [
|
|
1790
|
+
{
|
|
1791
|
+
"name": "volume",
|
|
1792
|
+
"required": true,
|
|
1793
|
+
"conditionKeys": [
|
|
1794
|
+
"aws:RequestTag/${TagKey}",
|
|
1795
|
+
"aws:TagKeys",
|
|
1796
|
+
"ec2:AvailabilityZone",
|
|
1797
|
+
"ec2:AvailabilityZoneId",
|
|
1798
|
+
"ec2:Encrypted",
|
|
1799
|
+
"ec2:ManagedResourceOperator",
|
|
1800
|
+
"ec2:ParentSnapshot",
|
|
1801
|
+
"ec2:ParentVolume",
|
|
1802
|
+
"ec2:VolumeInitializationRate",
|
|
1803
|
+
"ec2:VolumeIops",
|
|
1804
|
+
"ec2:VolumeSize",
|
|
1805
|
+
"ec2:VolumeThroughput",
|
|
1806
|
+
"ec2:VolumeType"
|
|
1807
|
+
],
|
|
1808
|
+
"dependentActions": [
|
|
1809
|
+
"ec2:CreateTags"
|
|
1810
|
+
]
|
|
1811
|
+
}
|
|
1812
|
+
],
|
|
1813
|
+
"conditionKeys": [
|
|
1814
|
+
"ec2:Region"
|
|
1815
|
+
],
|
|
1816
|
+
"dependentActions": []
|
|
1817
|
+
},
|
|
1818
|
+
"createcapacitymanagerdataexport": {
|
|
1819
|
+
"name": "CreateCapacityManagerDataExport",
|
|
1820
|
+
"description": "Grants permission to create a new S3 Data Export for Capacity Manager",
|
|
1821
|
+
"accessLevel": "Write",
|
|
1822
|
+
"resourceTypes": [
|
|
1823
|
+
{
|
|
1824
|
+
"name": "capacity-manager-data-export",
|
|
1825
|
+
"required": true,
|
|
1826
|
+
"conditionKeys": [
|
|
1827
|
+
"aws:RequestTag/${TagKey}",
|
|
1828
|
+
"aws:TagKeys"
|
|
1829
|
+
],
|
|
1830
|
+
"dependentActions": [
|
|
1831
|
+
"ec2:CreateTags"
|
|
1832
|
+
]
|
|
1833
|
+
}
|
|
1834
|
+
],
|
|
1835
|
+
"conditionKeys": [
|
|
1836
|
+
"ec2:Region"
|
|
1837
|
+
],
|
|
1838
|
+
"dependentActions": []
|
|
1839
|
+
},
|
|
1784
1840
|
"createcapacityreservation": {
|
|
1785
1841
|
"name": "CreateCapacityReservation",
|
|
1786
1842
|
"description": "Grants permission to create a Capacity Reservation",
|
|
@@ -2462,6 +2518,7 @@
|
|
|
2462
2518
|
"ec2:InstanceMetadataTags",
|
|
2463
2519
|
"ec2:InstanceProfile",
|
|
2464
2520
|
"ec2:InstanceType",
|
|
2521
|
+
"ec2:ManagedResourceOperator",
|
|
2465
2522
|
"ec2:MetadataHttpEndpoint",
|
|
2466
2523
|
"ec2:MetadataHttpPutResponseHopLimit",
|
|
2467
2524
|
"ec2:MetadataHttpTokens",
|
|
@@ -2631,6 +2688,7 @@
|
|
|
2631
2688
|
"ec2:InstanceMetadataTags",
|
|
2632
2689
|
"ec2:InstanceProfile",
|
|
2633
2690
|
"ec2:InstanceType",
|
|
2691
|
+
"ec2:ManagedResourceOperator",
|
|
2634
2692
|
"ec2:MetadataHttpEndpoint",
|
|
2635
2693
|
"ec2:MetadataHttpPutResponseHopLimit",
|
|
2636
2694
|
"ec2:MetadataHttpTokens",
|
|
@@ -2865,6 +2923,7 @@
|
|
|
2865
2923
|
"required": true,
|
|
2866
2924
|
"conditionKeys": [
|
|
2867
2925
|
"aws:ResourceTag/${TagKey}",
|
|
2926
|
+
"ec2:ManagedResourceOperator",
|
|
2868
2927
|
"ec2:ResourceTag/${TagKey}"
|
|
2869
2928
|
],
|
|
2870
2929
|
"dependentActions": [
|
|
@@ -3506,6 +3565,7 @@
|
|
|
3506
3565
|
"ec2:AuthorizedService",
|
|
3507
3566
|
"ec2:AuthorizedUser",
|
|
3508
3567
|
"ec2:AvailabilityZone",
|
|
3568
|
+
"ec2:ManagedResourceOperator",
|
|
3509
3569
|
"ec2:NetworkInterfaceID",
|
|
3510
3570
|
"ec2:Permission",
|
|
3511
3571
|
"ec2:ResourceTag/${TagKey}",
|
|
@@ -3587,6 +3647,7 @@
|
|
|
3587
3647
|
"ec2:InstanceMetadataTags",
|
|
3588
3648
|
"ec2:InstanceProfile",
|
|
3589
3649
|
"ec2:InstanceType",
|
|
3650
|
+
"ec2:ManagedResourceOperator",
|
|
3590
3651
|
"ec2:MetadataHttpEndpoint",
|
|
3591
3652
|
"ec2:MetadataHttpPutResponseHopLimit",
|
|
3592
3653
|
"ec2:MetadataHttpTokens",
|
|
@@ -3915,6 +3976,8 @@
|
|
|
3915
3976
|
"aws:ResourceTag/${TagKey}",
|
|
3916
3977
|
"ec2:AvailabilityZoneId",
|
|
3917
3978
|
"ec2:Encrypted",
|
|
3979
|
+
"ec2:ManagedResourceOperator",
|
|
3980
|
+
"ec2:ParentVolume",
|
|
3918
3981
|
"ec2:ResourceTag/${TagKey}",
|
|
3919
3982
|
"ec2:VolumeID",
|
|
3920
3983
|
"ec2:VolumeInitializationRate",
|
|
@@ -4117,6 +4180,17 @@
|
|
|
4117
4180
|
],
|
|
4118
4181
|
"dependentActions": []
|
|
4119
4182
|
},
|
|
4183
|
+
{
|
|
4184
|
+
"name": "capacity-manager-data-export",
|
|
4185
|
+
"required": false,
|
|
4186
|
+
"conditionKeys": [
|
|
4187
|
+
"aws:RequestTag/${TagKey}",
|
|
4188
|
+
"aws:ResourceTag/${TagKey}",
|
|
4189
|
+
"aws:TagKeys",
|
|
4190
|
+
"ec2:ResourceTag/${TagKey}"
|
|
4191
|
+
],
|
|
4192
|
+
"dependentActions": []
|
|
4193
|
+
},
|
|
4120
4194
|
{
|
|
4121
4195
|
"name": "capacity-reservation",
|
|
4122
4196
|
"required": false,
|
|
@@ -4390,6 +4464,7 @@
|
|
|
4390
4464
|
"ec2:InstanceMetadataTags",
|
|
4391
4465
|
"ec2:InstanceProfile",
|
|
4392
4466
|
"ec2:InstanceType",
|
|
4467
|
+
"ec2:ManagedResourceOperator",
|
|
4393
4468
|
"ec2:MetadataHttpEndpoint",
|
|
4394
4469
|
"ec2:MetadataHttpPutResponseHopLimit",
|
|
4395
4470
|
"ec2:MetadataHttpTokens",
|
|
@@ -4544,6 +4619,7 @@
|
|
|
4544
4619
|
"aws:RequestTag/${TagKey}",
|
|
4545
4620
|
"aws:ResourceTag/${TagKey}",
|
|
4546
4621
|
"aws:TagKeys",
|
|
4622
|
+
"ec2:ManagedResourceOperator",
|
|
4547
4623
|
"ec2:ResourceTag/${TagKey}"
|
|
4548
4624
|
],
|
|
4549
4625
|
"dependentActions": []
|
|
@@ -4691,6 +4767,7 @@
|
|
|
4691
4767
|
"aws:TagKeys",
|
|
4692
4768
|
"ec2:AuthorizedUser",
|
|
4693
4769
|
"ec2:AvailabilityZone",
|
|
4770
|
+
"ec2:ManagedResourceOperator",
|
|
4694
4771
|
"ec2:NetworkInterfaceID",
|
|
4695
4772
|
"ec2:Permission",
|
|
4696
4773
|
"ec2:ResourceTag/${TagKey}",
|
|
@@ -5088,7 +5165,9 @@
|
|
|
5088
5165
|
"ec2:AvailabilityZone",
|
|
5089
5166
|
"ec2:AvailabilityZoneId",
|
|
5090
5167
|
"ec2:Encrypted",
|
|
5168
|
+
"ec2:ManagedResourceOperator",
|
|
5091
5169
|
"ec2:ParentSnapshot",
|
|
5170
|
+
"ec2:ParentVolume",
|
|
5092
5171
|
"ec2:ResourceTag/${TagKey}",
|
|
5093
5172
|
"ec2:VolumeID",
|
|
5094
5173
|
"ec2:VolumeInitializationRate",
|
|
@@ -5153,9 +5232,9 @@
|
|
|
5153
5232
|
"aws:ResourceTag/${TagKey}",
|
|
5154
5233
|
"aws:TagKeys",
|
|
5155
5234
|
"ec2:ResourceTag/${TagKey}",
|
|
5156
|
-
"ec2:
|
|
5157
|
-
"ec2:
|
|
5158
|
-
"ec2:
|
|
5235
|
+
"ec2:VpceMultiRegion",
|
|
5236
|
+
"ec2:VpceServiceRegion",
|
|
5237
|
+
"ec2:VpceSupportedRegion"
|
|
5159
5238
|
],
|
|
5160
5239
|
"dependentActions": []
|
|
5161
5240
|
},
|
|
@@ -5306,6 +5385,7 @@
|
|
|
5306
5385
|
"conditionKeys": [
|
|
5307
5386
|
"aws:ResourceTag/${TagKey}",
|
|
5308
5387
|
"ec2:AvailabilityZone",
|
|
5388
|
+
"ec2:ManagedResourceOperator",
|
|
5309
5389
|
"ec2:NetworkInterfaceID",
|
|
5310
5390
|
"ec2:ResourceTag/${TagKey}",
|
|
5311
5391
|
"ec2:Subnet",
|
|
@@ -6082,10 +6162,10 @@
|
|
|
6082
6162
|
"conditionKeys": [
|
|
6083
6163
|
"aws:RequestTag/${TagKey}",
|
|
6084
6164
|
"aws:TagKeys",
|
|
6165
|
+
"ec2:VpceMultiRegion",
|
|
6085
6166
|
"ec2:VpceServiceName",
|
|
6086
6167
|
"ec2:VpceServiceOwner",
|
|
6087
|
-
"ec2:
|
|
6088
|
-
"ec2:vpceServiceRegion"
|
|
6168
|
+
"ec2:VpceServiceRegion"
|
|
6089
6169
|
],
|
|
6090
6170
|
"dependentActions": []
|
|
6091
6171
|
},
|
|
@@ -6145,8 +6225,8 @@
|
|
|
6145
6225
|
"conditionKeys": [
|
|
6146
6226
|
"aws:ResourceTag/${TagKey}",
|
|
6147
6227
|
"ec2:ResourceTag/${TagKey}",
|
|
6148
|
-
"ec2:
|
|
6149
|
-
"ec2:
|
|
6228
|
+
"ec2:VpceMultiRegion",
|
|
6229
|
+
"ec2:VpceServiceRegion"
|
|
6150
6230
|
],
|
|
6151
6231
|
"dependentActions": []
|
|
6152
6232
|
}
|
|
@@ -6167,9 +6247,9 @@
|
|
|
6167
6247
|
"conditionKeys": [
|
|
6168
6248
|
"aws:RequestTag/${TagKey}",
|
|
6169
6249
|
"aws:TagKeys",
|
|
6250
|
+
"ec2:VpceMultiRegion",
|
|
6170
6251
|
"ec2:VpceServicePrivateDnsName",
|
|
6171
|
-
"ec2:
|
|
6172
|
-
"ec2:vpceServiceRegion"
|
|
6252
|
+
"ec2:VpceServiceRegion"
|
|
6173
6253
|
],
|
|
6174
6254
|
"dependentActions": [
|
|
6175
6255
|
"ec2:CreateTags"
|
|
@@ -6337,6 +6417,26 @@
|
|
|
6337
6417
|
],
|
|
6338
6418
|
"dependentActions": []
|
|
6339
6419
|
},
|
|
6420
|
+
"deletecapacitymanagerdataexport": {
|
|
6421
|
+
"name": "DeleteCapacityManagerDataExport",
|
|
6422
|
+
"description": "Grants permission to delete an existing Capacity Manager data export configuration",
|
|
6423
|
+
"accessLevel": "Write",
|
|
6424
|
+
"resourceTypes": [
|
|
6425
|
+
{
|
|
6426
|
+
"name": "capacity-manager-data-export",
|
|
6427
|
+
"required": true,
|
|
6428
|
+
"conditionKeys": [
|
|
6429
|
+
"aws:ResourceTag/${TagKey}",
|
|
6430
|
+
"ec2:ResourceTag/${TagKey}"
|
|
6431
|
+
],
|
|
6432
|
+
"dependentActions": []
|
|
6433
|
+
}
|
|
6434
|
+
],
|
|
6435
|
+
"conditionKeys": [
|
|
6436
|
+
"ec2:Region"
|
|
6437
|
+
],
|
|
6438
|
+
"dependentActions": []
|
|
6439
|
+
},
|
|
6340
6440
|
"deletecarriergateway": {
|
|
6341
6441
|
"name": "DeleteCarrierGateway",
|
|
6342
6442
|
"description": "Grants permission to delete a carrier gateway",
|
|
@@ -7545,6 +7645,17 @@
|
|
|
7545
7645
|
],
|
|
7546
7646
|
"dependentActions": []
|
|
7547
7647
|
},
|
|
7648
|
+
{
|
|
7649
|
+
"name": "capacity-manager-data-export",
|
|
7650
|
+
"required": false,
|
|
7651
|
+
"conditionKeys": [
|
|
7652
|
+
"aws:RequestTag/${TagKey}",
|
|
7653
|
+
"aws:ResourceTag/${TagKey}",
|
|
7654
|
+
"aws:TagKeys",
|
|
7655
|
+
"ec2:ResourceTag/${TagKey}"
|
|
7656
|
+
],
|
|
7657
|
+
"dependentActions": []
|
|
7658
|
+
},
|
|
7548
7659
|
{
|
|
7549
7660
|
"name": "capacity-reservation",
|
|
7550
7661
|
"required": false,
|
|
@@ -8977,6 +9088,7 @@
|
|
|
8977
9088
|
"ec2:Encrypted",
|
|
8978
9089
|
"ec2:ManagedResourceOperator",
|
|
8979
9090
|
"ec2:ParentSnapshot",
|
|
9091
|
+
"ec2:ParentVolume",
|
|
8980
9092
|
"ec2:ResourceTag/${TagKey}",
|
|
8981
9093
|
"ec2:VolumeID",
|
|
8982
9094
|
"ec2:VolumeInitializationRate",
|
|
@@ -9055,8 +9167,8 @@
|
|
|
9055
9167
|
"conditionKeys": [
|
|
9056
9168
|
"aws:ResourceTag/${TagKey}",
|
|
9057
9169
|
"ec2:ResourceTag/${TagKey}",
|
|
9058
|
-
"ec2:
|
|
9059
|
-
"ec2:
|
|
9170
|
+
"ec2:VpceMultiRegion",
|
|
9171
|
+
"ec2:VpceSupportedRegion"
|
|
9060
9172
|
],
|
|
9061
9173
|
"dependentActions": []
|
|
9062
9174
|
}
|
|
@@ -9077,8 +9189,8 @@
|
|
|
9077
9189
|
"conditionKeys": [
|
|
9078
9190
|
"aws:ResourceTag/${TagKey}",
|
|
9079
9191
|
"ec2:ResourceTag/${TagKey}",
|
|
9080
|
-
"ec2:
|
|
9081
|
-
"ec2:
|
|
9192
|
+
"ec2:VpceMultiRegion",
|
|
9193
|
+
"ec2:VpceSupportedRegion"
|
|
9082
9194
|
],
|
|
9083
9195
|
"dependentActions": []
|
|
9084
9196
|
}
|
|
@@ -9099,9 +9211,9 @@
|
|
|
9099
9211
|
"conditionKeys": [
|
|
9100
9212
|
"aws:ResourceTag/${TagKey}",
|
|
9101
9213
|
"ec2:ResourceTag/${TagKey}",
|
|
9214
|
+
"ec2:VpceMultiRegion",
|
|
9102
9215
|
"ec2:VpceServiceName",
|
|
9103
|
-
"ec2:
|
|
9104
|
-
"ec2:vpceServiceRegion"
|
|
9216
|
+
"ec2:VpceServiceRegion"
|
|
9105
9217
|
],
|
|
9106
9218
|
"dependentActions": []
|
|
9107
9219
|
}
|
|
@@ -9534,6 +9646,16 @@
|
|
|
9534
9646
|
],
|
|
9535
9647
|
"dependentActions": []
|
|
9536
9648
|
},
|
|
9649
|
+
"describecapacitymanagerdataexports": {
|
|
9650
|
+
"name": "DescribeCapacityManagerDataExports",
|
|
9651
|
+
"description": "Grants permission to describe one or more Capacity Manager data export configurations",
|
|
9652
|
+
"accessLevel": "List",
|
|
9653
|
+
"resourceTypes": [],
|
|
9654
|
+
"conditionKeys": [
|
|
9655
|
+
"ec2:Region"
|
|
9656
|
+
],
|
|
9657
|
+
"dependentActions": []
|
|
9658
|
+
},
|
|
9537
9659
|
"describecapacityreservationbillingrequests": {
|
|
9538
9660
|
"name": "DescribeCapacityReservationBillingRequests",
|
|
9539
9661
|
"description": "Grants permission to describe one or more requests to assign the billing of the unused capacity of a Capacity Reservation",
|
|
@@ -11136,6 +11258,7 @@
|
|
|
11136
11258
|
"ec2:Encrypted",
|
|
11137
11259
|
"ec2:ManagedResourceOperator",
|
|
11138
11260
|
"ec2:ParentSnapshot",
|
|
11261
|
+
"ec2:ParentVolume",
|
|
11139
11262
|
"ec2:ResourceTag/${TagKey}",
|
|
11140
11263
|
"ec2:VolumeID",
|
|
11141
11264
|
"ec2:VolumeInitializationRate",
|
|
@@ -11295,8 +11418,8 @@
|
|
|
11295
11418
|
"conditionKeys": [
|
|
11296
11419
|
"aws:ResourceTag/${TagKey}",
|
|
11297
11420
|
"ec2:ResourceTag/${TagKey}",
|
|
11298
|
-
"ec2:
|
|
11299
|
-
"ec2:
|
|
11421
|
+
"ec2:VpceMultiRegion",
|
|
11422
|
+
"ec2:VpceSupportedRegion"
|
|
11300
11423
|
],
|
|
11301
11424
|
"dependentActions": []
|
|
11302
11425
|
}
|
|
@@ -11541,6 +11664,7 @@
|
|
|
11541
11664
|
"ec2:Encrypted",
|
|
11542
11665
|
"ec2:ManagedResourceOperator",
|
|
11543
11666
|
"ec2:ParentSnapshot",
|
|
11667
|
+
"ec2:ParentVolume",
|
|
11544
11668
|
"ec2:ResourceTag/${TagKey}",
|
|
11545
11669
|
"ec2:VolumeID",
|
|
11546
11670
|
"ec2:VolumeInitializationRate",
|
|
@@ -11659,6 +11783,16 @@
|
|
|
11659
11783
|
],
|
|
11660
11784
|
"dependentActions": []
|
|
11661
11785
|
},
|
|
11786
|
+
"disablecapacitymanager": {
|
|
11787
|
+
"name": "DisableCapacityManager",
|
|
11788
|
+
"description": "Grants permission to disable EC2 Capacity Manager for your account",
|
|
11789
|
+
"accessLevel": "Write",
|
|
11790
|
+
"resourceTypes": [],
|
|
11791
|
+
"conditionKeys": [
|
|
11792
|
+
"ec2:Region"
|
|
11793
|
+
],
|
|
11794
|
+
"dependentActions": []
|
|
11795
|
+
},
|
|
11662
11796
|
"disableebsencryptionbydefault": {
|
|
11663
11797
|
"name": "DisableEbsEncryptionByDefault",
|
|
11664
11798
|
"description": "Grants permission to disable EBS encryption by default for your account",
|
|
@@ -12609,6 +12743,16 @@
|
|
|
12609
12743
|
],
|
|
12610
12744
|
"dependentActions": []
|
|
12611
12745
|
},
|
|
12746
|
+
"enablecapacitymanager": {
|
|
12747
|
+
"name": "EnableCapacityManager",
|
|
12748
|
+
"description": "Grants permission to enable EC2 Capacity Manager for your account",
|
|
12749
|
+
"accessLevel": "Write",
|
|
12750
|
+
"resourceTypes": [],
|
|
12751
|
+
"conditionKeys": [
|
|
12752
|
+
"ec2:Region"
|
|
12753
|
+
],
|
|
12754
|
+
"dependentActions": []
|
|
12755
|
+
},
|
|
12612
12756
|
"enableebsencryptionbydefault": {
|
|
12613
12757
|
"name": "EnableEbsEncryptionByDefault",
|
|
12614
12758
|
"description": "Grants permission to enable EBS encryption by default for your account",
|
|
@@ -13202,6 +13346,36 @@
|
|
|
13202
13346
|
],
|
|
13203
13347
|
"dependentActions": []
|
|
13204
13348
|
},
|
|
13349
|
+
"getcapacitymanagerattributes": {
|
|
13350
|
+
"name": "GetCapacityManagerAttributes",
|
|
13351
|
+
"description": "Grants permission to retrieve the current configuration and status of EC2 Capacity Manager",
|
|
13352
|
+
"accessLevel": "Read",
|
|
13353
|
+
"resourceTypes": [],
|
|
13354
|
+
"conditionKeys": [
|
|
13355
|
+
"ec2:Region"
|
|
13356
|
+
],
|
|
13357
|
+
"dependentActions": []
|
|
13358
|
+
},
|
|
13359
|
+
"getcapacitymanagermetricdata": {
|
|
13360
|
+
"name": "GetCapacityManagerMetricData",
|
|
13361
|
+
"description": "Grants permission to retrieve capacity usage metrics for your EC2 resources",
|
|
13362
|
+
"accessLevel": "Read",
|
|
13363
|
+
"resourceTypes": [],
|
|
13364
|
+
"conditionKeys": [
|
|
13365
|
+
"ec2:Region"
|
|
13366
|
+
],
|
|
13367
|
+
"dependentActions": []
|
|
13368
|
+
},
|
|
13369
|
+
"getcapacitymanagermetricdimensions": {
|
|
13370
|
+
"name": "GetCapacityManagerMetricDimensions",
|
|
13371
|
+
"description": "Grants permission to retrieve the available dimension values for capacity metrics within a specified time range",
|
|
13372
|
+
"accessLevel": "Read",
|
|
13373
|
+
"resourceTypes": [],
|
|
13374
|
+
"conditionKeys": [
|
|
13375
|
+
"ec2:Region"
|
|
13376
|
+
],
|
|
13377
|
+
"dependentActions": []
|
|
13378
|
+
},
|
|
13205
13379
|
"getcapacityreservationusage": {
|
|
13206
13380
|
"name": "GetCapacityReservationUsage",
|
|
13207
13381
|
"description": "Grants permission to get usage information about a Capacity Reservation",
|
|
@@ -16359,6 +16533,7 @@
|
|
|
16359
16533
|
"ec2:Encrypted",
|
|
16360
16534
|
"ec2:ManagedResourceOperator",
|
|
16361
16535
|
"ec2:ParentSnapshot",
|
|
16536
|
+
"ec2:ParentVolume",
|
|
16362
16537
|
"ec2:ResourceTag/${TagKey}",
|
|
16363
16538
|
"ec2:VolumeID",
|
|
16364
16539
|
"ec2:VolumeInitializationRate",
|
|
@@ -16392,6 +16567,7 @@
|
|
|
16392
16567
|
"ec2:Encrypted",
|
|
16393
16568
|
"ec2:ManagedResourceOperator",
|
|
16394
16569
|
"ec2:ParentSnapshot",
|
|
16570
|
+
"ec2:ParentVolume",
|
|
16395
16571
|
"ec2:ResourceTag/${TagKey}",
|
|
16396
16572
|
"ec2:VolumeID",
|
|
16397
16573
|
"ec2:VolumeInitializationRate",
|
|
@@ -16477,8 +16653,8 @@
|
|
|
16477
16653
|
"ec2:Attribute",
|
|
16478
16654
|
"ec2:Attribute/${AttributeName}",
|
|
16479
16655
|
"ec2:ResourceTag/${TagKey}",
|
|
16480
|
-
"ec2:
|
|
16481
|
-
"ec2:
|
|
16656
|
+
"ec2:VpceMultiRegion",
|
|
16657
|
+
"ec2:VpceServiceRegion"
|
|
16482
16658
|
],
|
|
16483
16659
|
"dependentActions": []
|
|
16484
16660
|
},
|
|
@@ -16542,8 +16718,8 @@
|
|
|
16542
16718
|
"conditionKeys": [
|
|
16543
16719
|
"aws:ResourceTag/${TagKey}",
|
|
16544
16720
|
"ec2:ResourceTag/${TagKey}",
|
|
16545
|
-
"ec2:
|
|
16546
|
-
"ec2:
|
|
16721
|
+
"ec2:VpceMultiRegion",
|
|
16722
|
+
"ec2:VpceSupportedRegion"
|
|
16547
16723
|
],
|
|
16548
16724
|
"dependentActions": []
|
|
16549
16725
|
}
|
|
@@ -16566,9 +16742,9 @@
|
|
|
16566
16742
|
"ec2:Attribute",
|
|
16567
16743
|
"ec2:Attribute/${AttributeName}",
|
|
16568
16744
|
"ec2:ResourceTag/${TagKey}",
|
|
16745
|
+
"ec2:VpceMultiRegion",
|
|
16569
16746
|
"ec2:VpceServicePrivateDnsName",
|
|
16570
|
-
"ec2:
|
|
16571
|
-
"ec2:vpceSupportedRegion"
|
|
16747
|
+
"ec2:VpceSupportedRegion"
|
|
16572
16748
|
],
|
|
16573
16749
|
"dependentActions": []
|
|
16574
16750
|
}
|
|
@@ -16591,8 +16767,8 @@
|
|
|
16591
16767
|
"ec2:Attribute",
|
|
16592
16768
|
"ec2:Attribute/${AttributeName}",
|
|
16593
16769
|
"ec2:ResourceTag/${TagKey}",
|
|
16594
|
-
"ec2:
|
|
16595
|
-
"ec2:
|
|
16770
|
+
"ec2:VpceMultiRegion",
|
|
16771
|
+
"ec2:VpceSupportedRegion"
|
|
16596
16772
|
],
|
|
16597
16773
|
"dependentActions": []
|
|
16598
16774
|
}
|
|
@@ -16615,8 +16791,8 @@
|
|
|
16615
16791
|
"ec2:Attribute",
|
|
16616
16792
|
"ec2:Attribute/${AttributeName}",
|
|
16617
16793
|
"ec2:ResourceTag/${TagKey}",
|
|
16618
|
-
"ec2:
|
|
16619
|
-
"ec2:
|
|
16794
|
+
"ec2:VpceMultiRegion",
|
|
16795
|
+
"ec2:VpceSupportedRegion"
|
|
16620
16796
|
],
|
|
16621
16797
|
"dependentActions": []
|
|
16622
16798
|
}
|
|
@@ -17451,8 +17627,8 @@
|
|
|
17451
17627
|
"conditionKeys": [
|
|
17452
17628
|
"aws:ResourceTag/${TagKey}",
|
|
17453
17629
|
"ec2:ResourceTag/${TagKey}",
|
|
17454
|
-
"ec2:
|
|
17455
|
-
"ec2:
|
|
17630
|
+
"ec2:VpceMultiRegion",
|
|
17631
|
+
"ec2:VpceSupportedRegion"
|
|
17456
17632
|
],
|
|
17457
17633
|
"dependentActions": []
|
|
17458
17634
|
}
|
|
@@ -19106,8 +19282,8 @@
|
|
|
19106
19282
|
"conditionKeys": [
|
|
19107
19283
|
"aws:ResourceTag/${TagKey}",
|
|
19108
19284
|
"ec2:ResourceTag/${TagKey}",
|
|
19109
|
-
"ec2:
|
|
19110
|
-
"ec2:
|
|
19285
|
+
"ec2:VpceMultiRegion",
|
|
19286
|
+
"ec2:VpceSupportedRegion"
|
|
19111
19287
|
],
|
|
19112
19288
|
"dependentActions": []
|
|
19113
19289
|
}
|
|
@@ -19357,6 +19533,16 @@
|
|
|
19357
19533
|
],
|
|
19358
19534
|
"dependentActions": []
|
|
19359
19535
|
},
|
|
19536
|
+
"updatecapacitymanagerorganizationsaccess": {
|
|
19537
|
+
"name": "UpdateCapacityManagerOrganizationsAccess",
|
|
19538
|
+
"description": "Grants permission to update the Organizations access setting for EC2 Capacity Manager",
|
|
19539
|
+
"accessLevel": "Write",
|
|
19540
|
+
"resourceTypes": [],
|
|
19541
|
+
"conditionKeys": [
|
|
19542
|
+
"ec2:Region"
|
|
19543
|
+
],
|
|
19544
|
+
"dependentActions": []
|
|
19545
|
+
},
|
|
19360
19546
|
"updatesecuritygroupruledescriptionsegress": {
|
|
19361
19547
|
"name": "UpdateSecurityGroupRuleDescriptionsEgress",
|
|
19362
19548
|
"description": "Grants permission to update descriptions for one or more outbound rules in a VPC security group",
|
|
@@ -62,6 +62,15 @@
|
|
|
62
62
|
],
|
|
63
63
|
"dependentActions": []
|
|
64
64
|
},
|
|
65
|
+
"allowvendedlogdeliveryforresource": {
|
|
66
|
+
"name": "AllowVendedLogDeliveryForResource",
|
|
67
|
+
"isPermissionOnly": true,
|
|
68
|
+
"description": "Grants permission to configure vended log delivery for load balancers",
|
|
69
|
+
"accessLevel": "Permissions management",
|
|
70
|
+
"resourceTypes": [],
|
|
71
|
+
"conditionKeys": [],
|
|
72
|
+
"dependentActions": []
|
|
73
|
+
},
|
|
65
74
|
"createlistener": {
|
|
66
75
|
"name": "CreateListener",
|
|
67
76
|
"description": "Grants permission to create a listener for the specified Application Load Balancer",
|
|
@@ -104,6 +104,21 @@
|
|
|
104
104
|
"conditionKeys": [],
|
|
105
105
|
"dependentActions": []
|
|
106
106
|
},
|
|
107
|
+
"deletesecurityconfiguration": {
|
|
108
|
+
"name": "DeleteSecurityConfiguration",
|
|
109
|
+
"description": "Grants permission to delete a security configuration",
|
|
110
|
+
"accessLevel": "Write",
|
|
111
|
+
"resourceTypes": [
|
|
112
|
+
{
|
|
113
|
+
"name": "securityConfiguration",
|
|
114
|
+
"required": true,
|
|
115
|
+
"conditionKeys": [],
|
|
116
|
+
"dependentActions": []
|
|
117
|
+
}
|
|
118
|
+
],
|
|
119
|
+
"conditionKeys": [],
|
|
120
|
+
"dependentActions": []
|
|
121
|
+
},
|
|
107
122
|
"deletevirtualcluster": {
|
|
108
123
|
"name": "DeleteVirtualCluster",
|
|
109
124
|
"description": "Grants permission to delete a virtual cluster",
|
|
@@ -93,7 +93,11 @@
|
|
|
93
93
|
"description": "Grants permission to create a publishing destination",
|
|
94
94
|
"accessLevel": "Write",
|
|
95
95
|
"resourceTypes": [],
|
|
96
|
-
"conditionKeys": [
|
|
96
|
+
"conditionKeys": [
|
|
97
|
+
"aws:RequestTag/${TagKey}",
|
|
98
|
+
"aws:ResourceTag/${TagKey}",
|
|
99
|
+
"aws:TagKeys"
|
|
100
|
+
],
|
|
97
101
|
"dependentActions": [
|
|
98
102
|
"s3:GetObject",
|
|
99
103
|
"s3:ListBucket"
|
|
@@ -692,6 +696,12 @@
|
|
|
692
696
|
"conditionKeys": [],
|
|
693
697
|
"dependentActions": []
|
|
694
698
|
},
|
|
699
|
+
{
|
|
700
|
+
"name": "publishingDestination",
|
|
701
|
+
"required": false,
|
|
702
|
+
"conditionKeys": [],
|
|
703
|
+
"dependentActions": []
|
|
704
|
+
},
|
|
695
705
|
{
|
|
696
706
|
"name": "threatentityset",
|
|
697
707
|
"required": false,
|
|
@@ -799,6 +809,12 @@
|
|
|
799
809
|
"conditionKeys": [],
|
|
800
810
|
"dependentActions": []
|
|
801
811
|
},
|
|
812
|
+
{
|
|
813
|
+
"name": "publishingDestination",
|
|
814
|
+
"required": false,
|
|
815
|
+
"conditionKeys": [],
|
|
816
|
+
"dependentActions": []
|
|
817
|
+
},
|
|
802
818
|
{
|
|
803
819
|
"name": "threatentityset",
|
|
804
820
|
"required": false,
|
|
@@ -861,6 +877,12 @@
|
|
|
861
877
|
"conditionKeys": [],
|
|
862
878
|
"dependentActions": []
|
|
863
879
|
},
|
|
880
|
+
{
|
|
881
|
+
"name": "publishingDestination",
|
|
882
|
+
"required": false,
|
|
883
|
+
"conditionKeys": [],
|
|
884
|
+
"dependentActions": []
|
|
885
|
+
},
|
|
864
886
|
{
|
|
865
887
|
"name": "threatentityset",
|
|
866
888
|
"required": false,
|
|
@@ -382,6 +382,21 @@
|
|
|
382
382
|
"conditionKeys": [],
|
|
383
383
|
"dependentActions": []
|
|
384
384
|
},
|
|
385
|
+
"getmanagedthingcertificate": {
|
|
386
|
+
"name": "GetManagedThingCertificate",
|
|
387
|
+
"description": "Grants permission to get the certificate pem for a managed thing",
|
|
388
|
+
"accessLevel": "Read",
|
|
389
|
+
"resourceTypes": [
|
|
390
|
+
{
|
|
391
|
+
"name": "managed-thing",
|
|
392
|
+
"required": true,
|
|
393
|
+
"conditionKeys": [],
|
|
394
|
+
"dependentActions": []
|
|
395
|
+
}
|
|
396
|
+
],
|
|
397
|
+
"conditionKeys": [],
|
|
398
|
+
"dependentActions": []
|
|
399
|
+
},
|
|
385
400
|
"getmanagedthingconnectivitydata": {
|
|
386
401
|
"name": "GetManagedThingConnectivityData",
|
|
387
402
|
"description": "Grants permission to get the connectivity data for a managed thing",
|