@cloud-copilot/iam-data 0.15.202511201 → 0.15.202511221
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/data/actions/action-recommendations.json +1 -1
- package/data/actions/application-signals.json +8 -0
- package/data/actions/autoscaling.json +16 -0
- package/data/actions/backup.json +170 -2
- package/data/actions/bedrock-agentcore.json +2 -1
- package/data/actions/bedrock.json +31 -2
- package/data/actions/braket.json +62 -0
- package/data/actions/cloudformation.json +21 -0
- package/data/actions/cloudshell.json +1 -1
- package/data/actions/cloudtrail.json +35 -8
- package/data/actions/cost-optimization-hub.json +8 -0
- package/data/actions/dms.json +27 -0
- package/data/actions/ds.json +2 -2
- package/data/actions/ecs.json +90 -0
- package/data/actions/glue.json +38 -1
- package/data/actions/guardduty.json +24 -0
- package/data/actions/iam.json +158 -5
- package/data/actions/identitystore.json +76 -27
- package/data/actions/imagebuilder.json +40 -0
- package/data/actions/invoicing.json +56 -0
- package/data/actions/kafka.json +57 -1
- package/data/actions/kinesisvideo.json +30 -0
- package/data/actions/lakeformation.json +16 -0
- package/data/actions/license-manager.json +217 -3
- package/data/actions/logs.json +98 -0
- package/data/actions/mgn.json +54 -1
- package/data/actions/notifications-contacts.json +2 -1
- package/data/actions/odb.json +22 -0
- package/data/actions/organizations.json +117 -0
- package/data/actions/partnercentral.json +307 -3
- package/data/actions/pricingplanmanager.json +66 -0
- package/data/actions/quicksight.json +9 -0
- package/data/actions/s3.json +65 -1
- package/data/actions/secretsmanager.json +42 -20
- package/data/actions/securityhub.json +30 -0
- package/data/actions/signin.json +18 -2
- package/data/actions/ssm.json +1 -1
- package/data/actions/tag.json +8 -0
- package/data/conditionKeys/bedrock-agentcore.json +5 -0
- package/data/conditionKeys/bedrock.json +5 -0
- package/data/conditionKeys/dynamodb.json +21 -1
- package/data/conditionKeys/glue.json +1 -1
- package/data/conditionKeys/iam.json +20 -0
- package/data/conditionKeys/identitystore.json +26 -1
- package/data/conditionKeys/organizations.json +10 -0
- package/data/conditionKeys/partnercentral.json +7 -2
- package/data/conditionKeys/pricingplanmanager.json +1 -0
- package/data/conditionKeys/s3.json +5 -0
- package/data/conditionKeys/secretsmanager.json +15 -0
- package/data/conditionPatterns.json +1 -0
- package/data/resourceTypes/backup.json +7 -0
- package/data/resourceTypes/braket.json +7 -0
- package/data/resourceTypes/iam.json +7 -0
- package/data/resourceTypes/invoicing.json +7 -0
- package/data/resourceTypes/license-manager.json +14 -0
- package/data/resourceTypes/logs.json +7 -0
- package/data/resourceTypes/organizations.json +7 -0
- package/data/resourceTypes/partnercentral.json +21 -0
- package/data/resourceTypes/pricingplanmanager.json +6 -0
- package/data/resourceTypes/s3.json +11 -2
- package/data/resourceTypes/secretsmanager.json +2 -1
- package/data/serviceNames.json +4 -3
- package/data/services.json +1 -0
- package/package.json +2 -2
package/data/actions/ecs.json
CHANGED
|
@@ -42,6 +42,36 @@
|
|
|
42
42
|
],
|
|
43
43
|
"dependentActions": []
|
|
44
44
|
},
|
|
45
|
+
"createexpressgatewayservice": {
|
|
46
|
+
"name": "CreateExpressGatewayService",
|
|
47
|
+
"description": "Grants permission to create a new Amazon ECS Express Gateway service with cluster and task definition",
|
|
48
|
+
"accessLevel": "Write",
|
|
49
|
+
"resourceTypes": [
|
|
50
|
+
{
|
|
51
|
+
"name": "service",
|
|
52
|
+
"required": true,
|
|
53
|
+
"conditionKeys": [
|
|
54
|
+
"ecs:cluster",
|
|
55
|
+
"aws:ResourceTag/${TagKey}"
|
|
56
|
+
],
|
|
57
|
+
"dependentActions": [
|
|
58
|
+
"ecs:RegisterTaskDefinition",
|
|
59
|
+
"iam:PassRole"
|
|
60
|
+
]
|
|
61
|
+
}
|
|
62
|
+
],
|
|
63
|
+
"conditionKeys": [
|
|
64
|
+
"aws:RequestTag/${TagKey}",
|
|
65
|
+
"aws:TagKeys",
|
|
66
|
+
"ecs:task-definition",
|
|
67
|
+
"ecs:subnet",
|
|
68
|
+
"ecs:enable-ecs-managed-tags",
|
|
69
|
+
"ecs:propagate-tags",
|
|
70
|
+
"ecs:task-cpu",
|
|
71
|
+
"ecs:task-memory"
|
|
72
|
+
],
|
|
73
|
+
"dependentActions": []
|
|
74
|
+
},
|
|
45
75
|
"createservice": {
|
|
46
76
|
"name": "CreateService",
|
|
47
77
|
"description": "Grants permission to run and maintain a desired number of tasks from a specified task definition via service creation",
|
|
@@ -160,6 +190,24 @@
|
|
|
160
190
|
],
|
|
161
191
|
"dependentActions": []
|
|
162
192
|
},
|
|
193
|
+
"deleteexpressgatewayservice": {
|
|
194
|
+
"name": "DeleteExpressGatewayService",
|
|
195
|
+
"description": "Grants permission to delete a specified Express Gateway service",
|
|
196
|
+
"accessLevel": "Write",
|
|
197
|
+
"resourceTypes": [
|
|
198
|
+
{
|
|
199
|
+
"name": "service",
|
|
200
|
+
"required": true,
|
|
201
|
+
"conditionKeys": [],
|
|
202
|
+
"dependentActions": []
|
|
203
|
+
}
|
|
204
|
+
],
|
|
205
|
+
"conditionKeys": [
|
|
206
|
+
"ecs:cluster",
|
|
207
|
+
"aws:ResourceTag/${TagKey}"
|
|
208
|
+
],
|
|
209
|
+
"dependentActions": []
|
|
210
|
+
},
|
|
163
211
|
"deleteservice": {
|
|
164
212
|
"name": "DeleteService",
|
|
165
213
|
"description": "Grants permission to delete a specified service within a cluster",
|
|
@@ -291,6 +339,24 @@
|
|
|
291
339
|
],
|
|
292
340
|
"dependentActions": []
|
|
293
341
|
},
|
|
342
|
+
"describeexpressgatewayservice": {
|
|
343
|
+
"name": "DescribeExpressGatewayService",
|
|
344
|
+
"description": "Grants permission to describe the specified Express Gateway service",
|
|
345
|
+
"accessLevel": "Read",
|
|
346
|
+
"resourceTypes": [
|
|
347
|
+
{
|
|
348
|
+
"name": "service",
|
|
349
|
+
"required": true,
|
|
350
|
+
"conditionKeys": [],
|
|
351
|
+
"dependentActions": []
|
|
352
|
+
}
|
|
353
|
+
],
|
|
354
|
+
"conditionKeys": [
|
|
355
|
+
"ecs:cluster",
|
|
356
|
+
"aws:ResourceTag/${TagKey}"
|
|
357
|
+
],
|
|
358
|
+
"dependentActions": []
|
|
359
|
+
},
|
|
294
360
|
"describeservicedeployments": {
|
|
295
361
|
"name": "DescribeServiceDeployments",
|
|
296
362
|
"description": "Grants permission to describe one or more of your service deployments",
|
|
@@ -1147,6 +1213,30 @@
|
|
|
1147
1213
|
],
|
|
1148
1214
|
"dependentActions": []
|
|
1149
1215
|
},
|
|
1216
|
+
"updateexpressgatewayservice": {
|
|
1217
|
+
"name": "UpdateExpressGatewayService",
|
|
1218
|
+
"description": "Grants permission to modify the parameters of an Express Gateway service",
|
|
1219
|
+
"accessLevel": "Write",
|
|
1220
|
+
"resourceTypes": [
|
|
1221
|
+
{
|
|
1222
|
+
"name": "service",
|
|
1223
|
+
"required": true,
|
|
1224
|
+
"conditionKeys": [
|
|
1225
|
+
"ecs:cluster",
|
|
1226
|
+
"aws:ResourceTag/${TagKey}"
|
|
1227
|
+
],
|
|
1228
|
+
"dependentActions": []
|
|
1229
|
+
}
|
|
1230
|
+
],
|
|
1231
|
+
"conditionKeys": [
|
|
1232
|
+
"ecs:subnet",
|
|
1233
|
+
"ecs:enable-ecs-managed-tags",
|
|
1234
|
+
"ecs:propagate-tags",
|
|
1235
|
+
"ecs:task-cpu",
|
|
1236
|
+
"ecs:task-memory"
|
|
1237
|
+
],
|
|
1238
|
+
"dependentActions": []
|
|
1239
|
+
},
|
|
1150
1240
|
"updateservice": {
|
|
1151
1241
|
"name": "UpdateService",
|
|
1152
1242
|
"description": "Grants permission to modify the parameters of a service",
|
package/data/actions/glue.json
CHANGED
|
@@ -4042,6 +4042,42 @@
|
|
|
4042
4042
|
"conditionKeys": [],
|
|
4043
4043
|
"dependentActions": []
|
|
4044
4044
|
},
|
|
4045
|
+
"renametable": {
|
|
4046
|
+
"name": "RenameTable",
|
|
4047
|
+
"description": "Grants permission to rename a table",
|
|
4048
|
+
"accessLevel": "Write",
|
|
4049
|
+
"resourceTypes": [
|
|
4050
|
+
{
|
|
4051
|
+
"name": "database",
|
|
4052
|
+
"required": true,
|
|
4053
|
+
"conditionKeys": [],
|
|
4054
|
+
"dependentActions": []
|
|
4055
|
+
},
|
|
4056
|
+
{
|
|
4057
|
+
"name": "rootcatalog",
|
|
4058
|
+
"required": true,
|
|
4059
|
+
"conditionKeys": [],
|
|
4060
|
+
"dependentActions": []
|
|
4061
|
+
},
|
|
4062
|
+
{
|
|
4063
|
+
"name": "table",
|
|
4064
|
+
"required": true,
|
|
4065
|
+
"conditionKeys": [],
|
|
4066
|
+
"dependentActions": []
|
|
4067
|
+
},
|
|
4068
|
+
{
|
|
4069
|
+
"name": "catalog",
|
|
4070
|
+
"required": false,
|
|
4071
|
+
"conditionKeys": [],
|
|
4072
|
+
"dependentActions": []
|
|
4073
|
+
}
|
|
4074
|
+
],
|
|
4075
|
+
"conditionKeys": [
|
|
4076
|
+
"glue:LakeFormationPermissions",
|
|
4077
|
+
"glue:FederatedAuthorizationSource"
|
|
4078
|
+
],
|
|
4079
|
+
"dependentActions": []
|
|
4080
|
+
},
|
|
4045
4081
|
"requestlogparsing": {
|
|
4046
4082
|
"name": "RequestLogParsing",
|
|
4047
4083
|
"description": "Grants permission to request log parsing for SparkUI",
|
|
@@ -4996,7 +5032,8 @@
|
|
|
4996
5032
|
}
|
|
4997
5033
|
],
|
|
4998
5034
|
"conditionKeys": [
|
|
4999
|
-
"glue:LakeFormationPermissions"
|
|
5035
|
+
"glue:LakeFormationPermissions",
|
|
5036
|
+
"glue:FederatedAuthorizationSource"
|
|
5000
5037
|
],
|
|
5001
5038
|
"dependentActions": []
|
|
5002
5039
|
},
|
|
@@ -471,6 +471,14 @@
|
|
|
471
471
|
"conditionKeys": [],
|
|
472
472
|
"dependentActions": []
|
|
473
473
|
},
|
|
474
|
+
"getmalwarescan": {
|
|
475
|
+
"name": "GetMalwareScan",
|
|
476
|
+
"description": "Grants permission to retrieve a malware scan's details",
|
|
477
|
+
"accessLevel": "Read",
|
|
478
|
+
"resourceTypes": [],
|
|
479
|
+
"conditionKeys": [],
|
|
480
|
+
"dependentActions": []
|
|
481
|
+
},
|
|
474
482
|
"getmalwarescansettings": {
|
|
475
483
|
"name": "GetMalwareScanSettings",
|
|
476
484
|
"description": "Grants permission to retrieve the malware scan settings",
|
|
@@ -643,6 +651,14 @@
|
|
|
643
651
|
"conditionKeys": [],
|
|
644
652
|
"dependentActions": []
|
|
645
653
|
},
|
|
654
|
+
"listmalwarescans": {
|
|
655
|
+
"name": "ListMalwareScans",
|
|
656
|
+
"description": "Grants permission to retrieve a list of malware scans",
|
|
657
|
+
"accessLevel": "List",
|
|
658
|
+
"resourceTypes": [],
|
|
659
|
+
"conditionKeys": [],
|
|
660
|
+
"dependentActions": []
|
|
661
|
+
},
|
|
646
662
|
"listmembers": {
|
|
647
663
|
"name": "ListMembers",
|
|
648
664
|
"description": "Grants permission to retrieve a list of GuardDuty member accounts associated with an administrator account",
|
|
@@ -748,6 +764,14 @@
|
|
|
748
764
|
"conditionKeys": [],
|
|
749
765
|
"dependentActions": []
|
|
750
766
|
},
|
|
767
|
+
"sendobjectmalwarescan": {
|
|
768
|
+
"name": "SendObjectMalwareScan",
|
|
769
|
+
"description": "Grants permission to initiate a new object malware scan",
|
|
770
|
+
"accessLevel": "Write",
|
|
771
|
+
"resourceTypes": [],
|
|
772
|
+
"conditionKeys": [],
|
|
773
|
+
"dependentActions": []
|
|
774
|
+
},
|
|
751
775
|
"sendsecuritytelemetry": {
|
|
752
776
|
"name": "SendSecurityTelemetry",
|
|
753
777
|
"description": "Grants permission to send security telemetry for a specific GuardDuty account in a Region",
|
package/data/actions/iam.json
CHANGED
|
@@ -1,4 +1,19 @@
|
|
|
1
1
|
{
|
|
2
|
+
"acceptdelegationrequest": {
|
|
3
|
+
"name": "AcceptDelegationRequest",
|
|
4
|
+
"description": "Accepts a delegation request resource, granting the requested temporary access",
|
|
5
|
+
"accessLevel": "Write",
|
|
6
|
+
"resourceTypes": [
|
|
7
|
+
{
|
|
8
|
+
"name": "delegation-request",
|
|
9
|
+
"required": true,
|
|
10
|
+
"conditionKeys": [],
|
|
11
|
+
"dependentActions": []
|
|
12
|
+
}
|
|
13
|
+
],
|
|
14
|
+
"conditionKeys": [],
|
|
15
|
+
"dependentActions": []
|
|
16
|
+
},
|
|
2
17
|
"addclientidtoopenidconnectprovider": {
|
|
3
18
|
"name": "AddClientIDToOpenIDConnectProvider",
|
|
4
19
|
"description": "Grants permission to add a new client ID (audience) to the list of registered IDs for the specified IAM OpenID Connect (OIDC) provider resource",
|
|
@@ -46,6 +61,21 @@
|
|
|
46
61
|
"conditionKeys": [],
|
|
47
62
|
"dependentActions": []
|
|
48
63
|
},
|
|
64
|
+
"associatedelegationrequest": {
|
|
65
|
+
"name": "AssociateDelegationRequest",
|
|
66
|
+
"description": "Associates a delegation request resource with the calling identity",
|
|
67
|
+
"accessLevel": "Write",
|
|
68
|
+
"resourceTypes": [
|
|
69
|
+
{
|
|
70
|
+
"name": "delegation-request",
|
|
71
|
+
"required": true,
|
|
72
|
+
"conditionKeys": [],
|
|
73
|
+
"dependentActions": []
|
|
74
|
+
}
|
|
75
|
+
],
|
|
76
|
+
"conditionKeys": [],
|
|
77
|
+
"dependentActions": []
|
|
78
|
+
},
|
|
49
79
|
"attachgrouppolicy": {
|
|
50
80
|
"name": "AttachGroupPolicy",
|
|
51
81
|
"description": "Grants permission to attach a managed policy to the specified IAM group",
|
|
@@ -137,6 +167,25 @@
|
|
|
137
167
|
"conditionKeys": [],
|
|
138
168
|
"dependentActions": []
|
|
139
169
|
},
|
|
170
|
+
"createdelegationrequest": {
|
|
171
|
+
"name": "CreateDelegationRequest",
|
|
172
|
+
"description": "Creates an IAM delegation request resource for temporary access delegation",
|
|
173
|
+
"accessLevel": "Write",
|
|
174
|
+
"resourceTypes": [
|
|
175
|
+
{
|
|
176
|
+
"name": "delegation-request",
|
|
177
|
+
"required": true,
|
|
178
|
+
"conditionKeys": [],
|
|
179
|
+
"dependentActions": []
|
|
180
|
+
}
|
|
181
|
+
],
|
|
182
|
+
"conditionKeys": [
|
|
183
|
+
"iam:DelegationDuration",
|
|
184
|
+
"iam:NotificationChannel",
|
|
185
|
+
"iam:TemplateArn"
|
|
186
|
+
],
|
|
187
|
+
"dependentActions": []
|
|
188
|
+
},
|
|
140
189
|
"creategroup": {
|
|
141
190
|
"name": "CreateGroup",
|
|
142
191
|
"description": "Grants permission to create a new group",
|
|
@@ -516,7 +565,9 @@
|
|
|
516
565
|
"dependentActions": []
|
|
517
566
|
}
|
|
518
567
|
],
|
|
519
|
-
"conditionKeys": [
|
|
568
|
+
"conditionKeys": [
|
|
569
|
+
"iam:PermissionsBoundary"
|
|
570
|
+
],
|
|
520
571
|
"dependentActions": []
|
|
521
572
|
},
|
|
522
573
|
"deleterolepermissionsboundary": {
|
|
@@ -784,6 +835,14 @@
|
|
|
784
835
|
"conditionKeys": [],
|
|
785
836
|
"dependentActions": []
|
|
786
837
|
},
|
|
838
|
+
"disableoutboundwebidentityfederation": {
|
|
839
|
+
"name": "DisableOutboundWebIdentityFederation",
|
|
840
|
+
"description": "Disables the outbound identity federation feature for the callers account",
|
|
841
|
+
"accessLevel": "Write",
|
|
842
|
+
"resourceTypes": [],
|
|
843
|
+
"conditionKeys": [],
|
|
844
|
+
"dependentActions": []
|
|
845
|
+
},
|
|
787
846
|
"enablemfadevice": {
|
|
788
847
|
"name": "EnableMFADevice",
|
|
789
848
|
"description": "Grants permission to enable an MFA device and associate it with the specified IAM user",
|
|
@@ -820,6 +879,14 @@
|
|
|
820
879
|
"conditionKeys": [],
|
|
821
880
|
"dependentActions": []
|
|
822
881
|
},
|
|
882
|
+
"enableoutboundwebidentityfederation": {
|
|
883
|
+
"name": "EnableOutboundWebIdentityFederation",
|
|
884
|
+
"description": "Enables the outbound identity federation feature for the callers account",
|
|
885
|
+
"accessLevel": "Write",
|
|
886
|
+
"resourceTypes": [],
|
|
887
|
+
"conditionKeys": [],
|
|
888
|
+
"dependentActions": []
|
|
889
|
+
},
|
|
823
890
|
"generatecredentialreport": {
|
|
824
891
|
"name": "GenerateCredentialReport",
|
|
825
892
|
"description": "Grants permission to generate a credential report for the AWS account",
|
|
@@ -991,6 +1058,21 @@
|
|
|
991
1058
|
"conditionKeys": [],
|
|
992
1059
|
"dependentActions": []
|
|
993
1060
|
},
|
|
1061
|
+
"getdelegationrequest": {
|
|
1062
|
+
"name": "GetDelegationRequest",
|
|
1063
|
+
"description": "Retrieves information about a specific delegation request",
|
|
1064
|
+
"accessLevel": "Read",
|
|
1065
|
+
"resourceTypes": [
|
|
1066
|
+
{
|
|
1067
|
+
"name": "delegation-request",
|
|
1068
|
+
"required": true,
|
|
1069
|
+
"conditionKeys": [],
|
|
1070
|
+
"dependentActions": []
|
|
1071
|
+
}
|
|
1072
|
+
],
|
|
1073
|
+
"conditionKeys": [],
|
|
1074
|
+
"dependentActions": []
|
|
1075
|
+
},
|
|
994
1076
|
"getgroup": {
|
|
995
1077
|
"name": "GetGroup",
|
|
996
1078
|
"description": "Grants permission to retrieve a list of IAM users in the specified IAM group",
|
|
@@ -1021,6 +1103,21 @@
|
|
|
1021
1103
|
"conditionKeys": [],
|
|
1022
1104
|
"dependentActions": []
|
|
1023
1105
|
},
|
|
1106
|
+
"gethumanreadablesummary": {
|
|
1107
|
+
"name": "GetHumanReadableSummary",
|
|
1108
|
+
"description": "Retrieves a human readable summary for a given entity. At this time, only delegation request are supported",
|
|
1109
|
+
"accessLevel": "Read",
|
|
1110
|
+
"resourceTypes": [
|
|
1111
|
+
{
|
|
1112
|
+
"name": "delegation-request",
|
|
1113
|
+
"required": true,
|
|
1114
|
+
"conditionKeys": [],
|
|
1115
|
+
"dependentActions": []
|
|
1116
|
+
}
|
|
1117
|
+
],
|
|
1118
|
+
"conditionKeys": [],
|
|
1119
|
+
"dependentActions": []
|
|
1120
|
+
},
|
|
1024
1121
|
"getinstanceprofile": {
|
|
1025
1122
|
"name": "GetInstanceProfile",
|
|
1026
1123
|
"description": "Grants permission to retrieve information about the specified instance profile, including the instance profile's path, GUID, ARN, and role",
|
|
@@ -1089,6 +1186,14 @@
|
|
|
1089
1186
|
"conditionKeys": [],
|
|
1090
1187
|
"dependentActions": []
|
|
1091
1188
|
},
|
|
1189
|
+
"getoutboundwebidentityfederationinfo": {
|
|
1190
|
+
"name": "GetOutboundWebIdentityFederationInfo",
|
|
1191
|
+
"description": "Retrieves the configuration information for the outbound identity federation feature for the callers account",
|
|
1192
|
+
"accessLevel": "Read",
|
|
1193
|
+
"resourceTypes": [],
|
|
1194
|
+
"conditionKeys": [],
|
|
1195
|
+
"dependentActions": []
|
|
1196
|
+
},
|
|
1092
1197
|
"getpolicy": {
|
|
1093
1198
|
"name": "GetPolicy",
|
|
1094
1199
|
"description": "Grants permission to retrieve information about the specified managed policy, including the policy's default version and the total number of identities to which the policy is attached",
|
|
@@ -1131,7 +1236,9 @@
|
|
|
1131
1236
|
"dependentActions": []
|
|
1132
1237
|
}
|
|
1133
1238
|
],
|
|
1134
|
-
"conditionKeys": [
|
|
1239
|
+
"conditionKeys": [
|
|
1240
|
+
"iam:PermissionsBoundary"
|
|
1241
|
+
],
|
|
1135
1242
|
"dependentActions": []
|
|
1136
1243
|
},
|
|
1137
1244
|
"getrolepolicy": {
|
|
@@ -1331,6 +1438,16 @@
|
|
|
1331
1438
|
"conditionKeys": [],
|
|
1332
1439
|
"dependentActions": []
|
|
1333
1440
|
},
|
|
1441
|
+
"listdelegationrequests": {
|
|
1442
|
+
"name": "ListDelegationRequests",
|
|
1443
|
+
"description": "Lists delegation requests based on the specified criteria",
|
|
1444
|
+
"accessLevel": "List",
|
|
1445
|
+
"resourceTypes": [],
|
|
1446
|
+
"conditionKeys": [
|
|
1447
|
+
"iam:DelegationRequestOwner"
|
|
1448
|
+
],
|
|
1449
|
+
"dependentActions": []
|
|
1450
|
+
},
|
|
1334
1451
|
"listentitiesforpolicy": {
|
|
1335
1452
|
"name": "ListEntitiesForPolicy",
|
|
1336
1453
|
"description": "Grants permission to list all IAM identities to which the specified managed policy is attached",
|
|
@@ -1833,6 +1950,21 @@
|
|
|
1833
1950
|
],
|
|
1834
1951
|
"dependentActions": []
|
|
1835
1952
|
},
|
|
1953
|
+
"rejectdelegationrequest": {
|
|
1954
|
+
"name": "RejectDelegationRequest",
|
|
1955
|
+
"description": "Rejects a delegation request, denying the requested temporary access",
|
|
1956
|
+
"accessLevel": "Write",
|
|
1957
|
+
"resourceTypes": [
|
|
1958
|
+
{
|
|
1959
|
+
"name": "delegation-request",
|
|
1960
|
+
"required": true,
|
|
1961
|
+
"conditionKeys": [],
|
|
1962
|
+
"dependentActions": []
|
|
1963
|
+
}
|
|
1964
|
+
],
|
|
1965
|
+
"conditionKeys": [],
|
|
1966
|
+
"dependentActions": []
|
|
1967
|
+
},
|
|
1836
1968
|
"removeclientidfromopenidconnectprovider": {
|
|
1837
1969
|
"name": "RemoveClientIDFromOpenIDConnectProvider",
|
|
1838
1970
|
"description": "Grants permission to remove the client ID (audience) from the list of client IDs in the specified IAM OpenID Connect (OIDC) provider resource",
|
|
@@ -1910,6 +2042,21 @@
|
|
|
1910
2042
|
"conditionKeys": [],
|
|
1911
2043
|
"dependentActions": []
|
|
1912
2044
|
},
|
|
2045
|
+
"senddelegationtoken": {
|
|
2046
|
+
"name": "SendDelegationToken",
|
|
2047
|
+
"description": "Sends the exchange token for an accepted delegation request",
|
|
2048
|
+
"accessLevel": "Write",
|
|
2049
|
+
"resourceTypes": [
|
|
2050
|
+
{
|
|
2051
|
+
"name": "delegation-request",
|
|
2052
|
+
"required": true,
|
|
2053
|
+
"conditionKeys": [],
|
|
2054
|
+
"dependentActions": []
|
|
2055
|
+
}
|
|
2056
|
+
],
|
|
2057
|
+
"conditionKeys": [],
|
|
2058
|
+
"dependentActions": []
|
|
2059
|
+
},
|
|
1913
2060
|
"setdefaultpolicyversion": {
|
|
1914
2061
|
"name": "SetDefaultPolicyVersion",
|
|
1915
2062
|
"description": "Grants permission to set the version of the specified policy as the policy's default version",
|
|
@@ -2307,7 +2454,9 @@
|
|
|
2307
2454
|
"dependentActions": []
|
|
2308
2455
|
}
|
|
2309
2456
|
],
|
|
2310
|
-
"conditionKeys": [
|
|
2457
|
+
"conditionKeys": [
|
|
2458
|
+
"iam:PermissionsBoundary"
|
|
2459
|
+
],
|
|
2311
2460
|
"dependentActions": []
|
|
2312
2461
|
},
|
|
2313
2462
|
"updatecloudfrontpublickey": {
|
|
@@ -2375,7 +2524,9 @@
|
|
|
2375
2524
|
"dependentActions": []
|
|
2376
2525
|
}
|
|
2377
2526
|
],
|
|
2378
|
-
"conditionKeys": [
|
|
2527
|
+
"conditionKeys": [
|
|
2528
|
+
"iam:PermissionsBoundary"
|
|
2529
|
+
],
|
|
2379
2530
|
"dependentActions": []
|
|
2380
2531
|
},
|
|
2381
2532
|
"updateroledescription": {
|
|
@@ -2390,7 +2541,9 @@
|
|
|
2390
2541
|
"dependentActions": []
|
|
2391
2542
|
}
|
|
2392
2543
|
],
|
|
2393
|
-
"conditionKeys": [
|
|
2544
|
+
"conditionKeys": [
|
|
2545
|
+
"iam:PermissionsBoundary"
|
|
2546
|
+
],
|
|
2394
2547
|
"dependentActions": []
|
|
2395
2548
|
},
|
|
2396
2549
|
"updatesamlprovider": {
|