@cloud-copilot/iam-data 0.15.202511271 → 0.15.202512061

package/data/actions/securityagent.json

@@ -0,0 +1,503 @@
+{
+  "addartifact": {
+    "name": "AddArtifact",
+    "description": "Grants permission to add an Artifact for the given Agent Instance",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "addcontrol": {
+    "name": "AddControl",
+    "description": "Grants permission to add a customer managed Control",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "batchdeletepentests": {
+    "name": "BatchDeletePentests",
+    "description": "Grants permission to delete multiple penetration tests in a single request",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "batchgetagentinstances": {
+    "name": "BatchGetAgentInstances",
+    "description": "Grants permission to retrieve multiple agent instances in a single request",
+    "accessLevel": "Read",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "batchgetartifactmetadata": {
+    "name": "BatchGetArtifactMetadata",
+    "description": "Grants permission to retrieve one or more Artifact Metadata records for the given Agent Instance",
+    "accessLevel": "Read",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "batchgetfindings": {
+    "name": "BatchGetFindings",
+    "description": "Grants permission to retrieve multiple security testing findings in a single request",
+    "accessLevel": "Read",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "batchgetpentestjobs": {
+    "name": "BatchGetPentestJobs",
+    "description": "Grants permission to retrieve multiple security testing jobs in a single request",
+    "accessLevel": "Read",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "batchgetpentests": {
+    "name": "BatchGetPentests",
+    "description": "Grants permission to retrieve multiple penetration tests in a single request",
+    "accessLevel": "Read",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "batchgetsecuritytestcontentmetadata": {
+    "name": "BatchGetSecurityTestContentMetadata",
+    "description": "Grants permission to retrieve multiple security testing contents metadata in a single request",
+    "accessLevel": "Read",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "batchgettasks": {
+    "name": "BatchGetTasks",
+    "description": "Grants permission to retrieve multiple security testing tasks in a single request",
+    "accessLevel": "Read",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "createagentinstance": {
+    "name": "CreateAgentInstance",
+    "description": "Grants permission to create an agent instance record",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "createapplication": {
+    "name": "CreateApplication",
+    "description": "Grants permission to create a new application",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": [
+      "iam:PassRole",
+      "sso:CreateApplication"
+    ]
+  },
+  "createdocumentreview": {
+    "name": "CreateDocumentReview",
+    "description": "Grants permission to create a document review",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "createintegration": {
+    "name": "CreateIntegration",
+    "description": "Grants permission to create a security testing integration",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "createmembership": {
+    "name": "CreateMembership",
+    "description": "Grants permission to add a single member to a agent instance with specified role",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "createonetimeloginsession": {
+    "name": "CreateOneTimeLoginSession",
+    "description": "Grants permission to create a one time login session",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "createpentest": {
+    "name": "CreatePentest",
+    "description": "Grants permission to create a new penetration test configuration",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "deleteagentinstance": {
+    "name": "DeleteAgentInstance",
+    "description": "Grants permission to delete an agent instance record",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "deleteapplication": {
+    "name": "DeleteApplication",
+    "description": "Grants permission to delete application",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "deleteartifact": {
+    "name": "DeleteArtifact",
+    "description": "Grants permission to delete an Artifact",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "deletecontrol": {
+    "name": "DeleteControl",
+    "description": "Grants permission to delete a customer managed Control",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "deleteintegration": {
+    "name": "DeleteIntegration",
+    "description": "Grants permission to delete the integration of an application",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "deletemembership": {
+    "name": "DeleteMembership",
+    "description": "Grants permission to remove a single member associated to an agent instance",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "describefindings": {
+    "name": "DescribeFindings",
+    "description": "Grants permission to retrieve security findings for a penetration test or security testing tasks in a penetration test",
+    "accessLevel": "Read",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "getapplication": {
+    "name": "GetApplication",
+    "description": "Grants permission to get application details by application ID",
+    "accessLevel": "Read",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "getartifact": {
+    "name": "GetArtifact",
+    "description": "Grants permission to retrieve an Artifact for the given Agent Instance",
+    "accessLevel": "Read",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "getcodereviewtask": {
+    "name": "GetCodeReviewTask",
+    "description": "Grants permission to retrieve a Code Review Task",
+    "accessLevel": "Read",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "getcontrol": {
+    "name": "GetControl",
+    "description": "Grants permission to retrieve a Control",
+    "accessLevel": "Read",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "getdocreviewtask": {
+    "name": "GetDocReviewTask",
+    "description": "Grants permission to retrieve a document review task",
+    "accessLevel": "Read",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "getdocumentreview": {
+    "name": "GetDocumentReview",
+    "description": "Grants permission to get the status of the associated agent instance document review",
+    "accessLevel": "Read",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "getdocumentreviewartifact": {
+    "name": "GetDocumentReviewArtifact",
+    "description": "Grants permission to get document review artifact for a specific document",
+    "accessLevel": "Read",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "getintegration": {
+    "name": "GetIntegration",
+    "description": "Grants permission to get the integration metadata by ID",
+    "accessLevel": "Read",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "getloginsessioncredentials": {
+    "name": "GetLoginSessionCredentials",
+    "description": "Grants permission to retrieve credentials for a one time login session",
+    "accessLevel": "Read",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "handleonetimeloginsession": {
+    "name": "HandleOneTimeLoginSession",
+    "description": "Grants permission to process and invalidate a one time login session",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "initiateproviderregistration": {
+    "name": "InitiateProviderRegistration",
+    "description": "Grants permission to initiate the registration of Security Agent App for the given provider (eg: GitHub)",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listagentinstancetasks": {
+    "name": "ListAgentInstanceTasks",
+    "description": "Grants permission to list tasks for a specific agent instance",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listagentinstances": {
+    "name": "ListAgentInstances",
+    "description": "Grants permission to list agent instances",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listapplications": {
+    "name": "ListApplications",
+    "description": "Grants permission to list all applications in the account",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listartifacts": {
+    "name": "ListArtifacts",
+    "description": "Grants permission to list all artifacts for the given project",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listcontrols": {
+    "name": "ListControls",
+    "description": "Grants permission to list all Controls",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listdiscoveredendpoints": {
+    "name": "ListDiscoveredEndpoints",
+    "description": "Grants permission to list discovered endpoints associated with a pentest job with optional URI prefix filtering",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listdocumentreviewcomments": {
+    "name": "ListDocumentReviewComments",
+    "description": "Grants permission to list document review comments",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listdocumentreviews": {
+    "name": "ListDocumentReviews",
+    "description": "Grants permission to list all document reviews for the given project",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listfindings": {
+    "name": "ListFindings",
+    "description": "Grants permission to list findings with filtering and pagination support",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listintegratedresources": {
+    "name": "ListIntegratedResources",
+    "description": "Grants permission to list integrated resources for an agent instance",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listintegrations": {
+    "name": "ListIntegrations",
+    "description": "Grants permission to get the integrations owned by the caller's AWS account",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listmemberships": {
+    "name": "ListMemberships",
+    "description": "Grants permission to list all members associated to an agent instance with pagination support",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listpentestjobsforpentest": {
+    "name": "ListPentestJobsForPentest",
+    "description": "Grants permission to list penetration test jobs associated with a penetration test",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listpentests": {
+    "name": "ListPentests",
+    "description": "Grants permission to list penetration tests with optional filtering by status",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listresourcesfromintegration": {
+    "name": "ListResourcesFromIntegration",
+    "description": "Grants permission to list resources from Integration",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listtasks": {
+    "name": "ListTasks",
+    "description": "Grants permission to list security testing tasks associated with a pentest job",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "startcoderemediation": {
+    "name": "StartCodeRemediation",
+    "description": "Grants permission to start code remediation for the findings",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "startpentestexecution": {
+    "name": "StartPentestExecution",
+    "description": "Grants permission to initiate the execution of a penetration test",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "stoppentestexecution": {
+    "name": "StopPentestExecution",
+    "description": "Grants permission to stop the execution of a running penetration test",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "togglemanagedcontrol": {
+    "name": "ToggleManagedControl",
+    "description": "Grants permission to toggle the status",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "updateagentinstance": {
+    "name": "UpdateAgentInstance",
+    "description": "Grants permission to update an agent instance record",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "updateapplication": {
+    "name": "UpdateApplication",
+    "description": "Grants permission to update application configuration",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": [
+      "iam:PassRole"
+    ]
+  },
+  "updatecontrol": {
+    "name": "UpdateControl",
+    "description": "Grants permission to update a customer managed Control",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "updatefinding": {
+    "name": "UpdateFinding",
+    "description": "Grants permission to update an existing security finding with new details or status",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "updateintegratedresources": {
+    "name": "UpdateIntegratedResources",
+    "description": "Grants permission to update integrated resources for an agent instance",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "updatepentest": {
+    "name": "UpdatePentest",
+    "description": "Grants permission to update an existing penetration test with new configuration or settings",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "verifytargetdomain": {
+    "name": "VerifyTargetDomain",
+    "description": "Grants permission to verify ownership for a registered target domain in an agent instance",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  }
+}