npm - @cloud-copilot/iam-data - Versions diffs - 0.15.202511271 → 0.15.202512061 - Mend

@cloud-copilot/iam-data 0.15.202511271 → 0.15.202512061

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (64) hide show

package/data/actions/aidevops.json +489 -0
package/data/actions/aws-marketplace.json +48 -0
package/data/actions/aws-mcp.json +26 -0
package/data/actions/bedrock-agentcore.json +594 -2
package/data/actions/bedrock-mantle.json +106 -0
package/data/actions/cloudfront.json +239 -0
package/data/actions/cloudwatch.json +45 -0
package/data/actions/connect.json +1081 -8
package/data/actions/datazone.json +16 -0
package/data/actions/ecr.json +78 -0
package/data/actions/eks.json +108 -0
package/data/actions/lambda.json +296 -4
package/data/actions/logs.json +105 -0
package/data/actions/mediaconnect.json +748 -91
package/data/actions/observabilityadmin.json +180 -0
package/data/actions/opensearch.json +40 -0
package/data/actions/partnercentral-account-management.json +22 -0
package/data/actions/partnercentral.json +903 -22
package/data/actions/route53.json +15 -0
package/data/actions/route53globalresolver.json +700 -0
package/data/actions/s3.json +1 -0
package/data/actions/s3tables.json +243 -3
package/data/actions/s3vectors.json +147 -22
package/data/actions/sagemaker-unified-studio-mcp.json +3 -0
package/data/actions/sagemaker.json +110 -0
package/data/actions/security-ir.json +31 -0
package/data/actions/securityagent.json +503 -0
package/data/actions/transform-custom.json +274 -0
package/data/actions/transform.json +72 -0
package/data/conditionKeys/aidevops.json +22 -0
package/data/conditionKeys/aws-mcp.json +1 -0
package/data/conditionKeys/bedrock-agentcore.json +0 -5
package/data/conditionKeys/bedrock-mantle.json +17 -0
package/data/conditionKeys/connect.json +10 -0
package/data/conditionKeys/observabilityadmin.json +5 -0
package/data/conditionKeys/partnercentral-account-management.json +12 -1
package/data/conditionKeys/partnercentral.json +15 -0
package/data/conditionKeys/route53globalresolver.json +17 -0
package/data/conditionKeys/s3tables.json +5 -0
package/data/conditionKeys/s3vectors.json +20 -0
package/data/conditionKeys/securityagent.json +1 -0
package/data/conditionKeys/transform-custom.json +17 -0
package/data/conditionPatterns.json +4 -0
package/data/resourceTypes/aidevops.json +24 -0
package/data/resourceTypes/apigateway.json +3 -0
package/data/resourceTypes/aws-mcp.json +1 -0
package/data/resourceTypes/bedrock-agentcore.json +20 -0
package/data/resourceTypes/bedrock-mantle.json +6 -0
package/data/resourceTypes/cloudfront.json +14 -0
package/data/resourceTypes/connect.json +18 -0
package/data/resourceTypes/eks.json +7 -0
package/data/resourceTypes/lambda.json +11 -0
package/data/resourceTypes/mediaconnect.json +41 -12
package/data/resourceTypes/observabilityadmin.json +14 -0
package/data/resourceTypes/omics.json +0 -4
package/data/resourceTypes/partnercentral.json +42 -0
package/data/resourceTypes/route53globalresolver.json +37 -0
package/data/resourceTypes/s3vectors.json +10 -2
package/data/resourceTypes/sagemaker.json +8 -0
package/data/resourceTypes/securityagent.json +38 -0
package/data/resourceTypes/transform-custom.json +18 -0
package/data/serviceNames.json +7 -1
package/data/services.json +6 -0
package/package.json +2 -2

package/data/actions/bedrock-agentcore.json CHANGED Viewed

@@ -15,6 +15,28 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "authorizeaction": {
+    "name": "AuthorizeAction",
+    "isPermissionOnly": true,
+    "description": "Grants permission to evaluate Cedar policies for authorization requests",
+    "accessLevel": "Permissions management",
+    "resourceTypes": [
+      {
+        "name": "gateway",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "policy-engine",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "batchcreatememoryrecords": {
     "name": "BatchCreateMemoryRecords",
     "description": "Grants permission to create one or more memory records",
@@ -197,6 +219,14 @@
     ],
     "dependentActions": []
   },
+  "createevaluator": {
+    "name": "CreateEvaluator",
+    "description": "Grants permission to create a new evaluator",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "createevent": {
     "name": "CreateEvent",
     "description": "Grants permission to create an Event",
@@ -250,8 +280,7 @@
     "resourceTypes": [],
     "conditionKeys": [
       "aws:RequestTag/${TagKey}",
-      "aws:TagKeys",
-      "bedrock-agentcore:KmsKeyArn"
+      "aws:TagKeys"
     ],
     "dependentActions": [
       "iam:PassRole"
@@ -281,6 +310,39 @@
     ],
     "dependentActions": []
   },
+  "createonlineevaluationconfig": {
+    "name": "CreateOnlineEvaluationConfig",
+    "description": "Grants permission to create a new online evaluation configuration",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": [
+      "iam:PassRole"
+    ]
+  },
+  "createpolicy": {
+    "name": "CreatePolicy",
+    "description": "Grants permission to create a new policy within a policy engine",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "policy-engine",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "createpolicyengine": {
+    "name": "CreatePolicyEngine",
+    "description": "Grants permission to create a new policy engine",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "createworkloadidentity": {
     "name": "CreateWorkloadIdentity",
     "description": "Grants permission to create a new Workload Identity",
@@ -392,6 +454,21 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "deleteevaluator": {
+    "name": "DeleteEvaluator",
+    "description": "Grants permission to delete an evaluator",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "evaluator",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "deleteevent": {
     "name": "DeleteEvent",
     "description": "Grants permission to delete an Event",
@@ -491,6 +568,84 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "deleteonlineevaluationconfig": {
+    "name": "DeleteOnlineEvaluationConfig",
+    "description": "Grants permission to delete an online evaluation configuration",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "online-evaluation-config",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "deletepolicy": {
+    "name": "DeletePolicy",
+    "description": "Grants permission to delete a policy",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "policy",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "policy-engine",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "deletepolicyengine": {
+    "name": "DeletePolicyEngine",
+    "description": "Grants permission to delete a policy engine",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "policy-engine",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "deleteresourcepolicy": {
+    "name": "DeleteResourcePolicy",
+    "description": "Grants permission to delete the resource-based policy for a Bedrock resource",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "gateway",
+        "required": false,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "runtime",
+        "required": false,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "runtime-endpoint",
+        "required": false,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "deleteworkloadidentity": {
     "name": "DeleteWorkloadIdentity",
     "description": "Grants permission to delete a registered Workload Identity",
@@ -512,6 +667,21 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "evaluate": {
+    "name": "Evaluate",
+    "description": "Grants permission to run an evaluation using an evaluator",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "evaluator",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "getagentcard": {
     "name": "GetAgentCard",
     "description": "Grants permission to retrieve an agent card for A2A",
@@ -662,6 +832,21 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "getevaluator": {
+    "name": "GetEvaluator",
+    "description": "Grants permission to get details of an evaluator",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "evaluator",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "getevent": {
     "name": "GetEvent",
     "description": "Grants permission to fetch an Event",
@@ -761,6 +946,78 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "getonlineevaluationconfig": {
+    "name": "GetOnlineEvaluationConfig",
+    "description": "Grants permission to get details of an online evaluation configuration",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "online-evaluation-config",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "getpolicy": {
+    "name": "GetPolicy",
+    "description": "Grants permission to retrieve a policy",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "policy",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "policy-engine",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "getpolicyengine": {
+    "name": "GetPolicyEngine",
+    "description": "Grants permission to retrieve a policy engine",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "policy-engine",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "getpolicygeneration": {
+    "name": "GetPolicyGeneration",
+    "description": "Grants permission to retrieve status and results of a policy generation request",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "policy-engine",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "policy-generation",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "getresourceapikey": {
     "name": "GetResourceApiKey",
     "description": "Grants permission to retrieve an API Key associated with an Api Key Credential Provider",
@@ -827,6 +1084,33 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "getresourcepolicy": {
+    "name": "GetResourcePolicy",
+    "description": "Grants permission to retrieve the resource-based policy for a Bedrock resource",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "gateway",
+        "required": false,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "runtime",
+        "required": false,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "runtime-endpoint",
+        "required": false,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "gettokenvault": {
     "name": "GetTokenVault",
     "description": "Grants permission to fetch the current configuration of the TokenVault, including encryption settings",
@@ -976,6 +1260,48 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "invokeagentruntimewithwebsocketstream": {
+    "name": "InvokeAgentRuntimeWithWebSocketStream",
+    "description": "Grants permission to invoke an agent runtime endpoint with WebSocket stream",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "runtime",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "runtime-endpoint",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "invokeagentruntimewithwebsocketstreamforuser": {
+    "name": "InvokeAgentRuntimeWithWebSocketStreamForUser",
+    "description": "Grants permission to invoke an agent runtime endpoint with WebSocket stream and with X-Amzn-Bedrock-AgentCore-Runtime-User-Id header",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "runtime",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "runtime-endpoint",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "invokecodeinterpreter": {
     "name": "InvokeCodeInterpreter",
     "description": "Grants permission to invoke a code interpreter session",
@@ -1118,6 +1444,14 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "listevaluators": {
+    "name": "ListEvaluators",
+    "description": "Grants permission to list evaluators",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "listevents": {
     "name": "ListEvents",
     "description": "Grants permission to list events",
@@ -1167,6 +1501,21 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "listmemoryextractionjobs": {
+    "name": "ListMemoryExtractionJobs",
+    "description": "Grants permission to list extraction jobs for this memory",
+    "accessLevel": "List",
+    "resourceTypes": [
+      {
+        "name": "memory",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "listmemoryrecords": {
     "name": "ListMemoryRecords",
     "description": "Grants permission to list memory records",
@@ -1206,6 +1555,73 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "listonlineevaluationconfigs": {
+    "name": "ListOnlineEvaluationConfigs",
+    "description": "Grants permission to list online evaluation configurations",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listpolicies": {
+    "name": "ListPolicies",
+    "description": "Grants permission to list policies within a policy engine",
+    "accessLevel": "List",
+    "resourceTypes": [
+      {
+        "name": "policy-engine",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listpolicyengines": {
+    "name": "ListPolicyEngines",
+    "description": "Grants permission to list policy engines",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listpolicygenerationassets": {
+    "name": "ListPolicyGenerationAssets",
+    "description": "Grants permission to list generated policy assets from a generation request",
+    "accessLevel": "List",
+    "resourceTypes": [
+      {
+        "name": "policy-engine",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "policy-generation",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listpolicygenerations": {
+    "name": "ListPolicyGenerations",
+    "description": "Grants permission to list policy generation requests",
+    "accessLevel": "List",
+    "resourceTypes": [
+      {
+        "name": "policy-engine",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "listsessions": {
     "name": "ListSessions",
     "description": "Grants permission to list sessions",
@@ -1319,6 +1735,80 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "manageadminpolicy": {
+    "name": "ManageAdminPolicy",
+    "isPermissionOnly": true,
+    "description": "Grants permission to create or modify wildcard policies that apply to gateway resources",
+    "accessLevel": "Permissions management",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "manageresourcescopedpolicy": {
+    "name": "ManageResourceScopedPolicy",
+    "isPermissionOnly": true,
+    "description": "Grants permission to create or modify policies that apply to specific gateway resources",
+    "accessLevel": "Permissions management",
+    "resourceTypes": [
+      {
+        "name": "gateway",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "partiallyauthorizeactions": {
+    "name": "PartiallyAuthorizeActions",
+    "isPermissionOnly": true,
+    "description": "Grants permission to perform partial evaluation of Cedar policies to authorize a caller to list tools they are allowed to call",
+    "accessLevel": "Permissions management",
+    "resourceTypes": [
+      {
+        "name": "gateway",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "policy-engine",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "putresourcepolicy": {
+    "name": "PutResourcePolicy",
+    "description": "Grants permission to create or update the resource-based policy for a Bedrock resource",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "gateway",
+        "required": false,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "runtime",
+        "required": false,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "runtime-endpoint",
+        "required": false,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "retrievememoryrecords": {
     "name": "RetrieveMemoryRecords",
     "description": "Grants permission to retrieve memory records through sematic query",
@@ -1394,6 +1884,40 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "startmemoryextractionjob": {
+    "name": "StartMemoryExtractionJob",
+    "description": "Grants permission to start memory extraction job",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "memory",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [
+      "bedrock-agentcore:strategyId",
+      "bedrock-agentcore:sessionId",
+      "bedrock-agentcore:actorId"
+    ],
+    "dependentActions": []
+  },
+  "startpolicygeneration": {
+    "name": "StartPolicyGeneration",
+    "description": "Grants permission to start an AI-powered policy generation request",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "policy-engine",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "stopbrowsersession": {
     "name": "StopBrowserSession",
     "description": "Grants permission to stop a browser session",
@@ -1708,6 +2232,21 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "updateevaluator": {
+    "name": "UpdateEvaluator",
+    "description": "Grants permission to update an evaluator",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "evaluator",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "updategateway": {
     "name": "UpdateGateway",
     "description": "Grants permission to update an existing gateway",
@@ -1778,6 +2317,59 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "updateonlineevaluationconfig": {
+    "name": "UpdateOnlineEvaluationConfig",
+    "description": "Grants permission to update an online evaluation configuration",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "online-evaluation-config",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": [
+      "iam:PassRole"
+    ]
+  },
+  "updatepolicy": {
+    "name": "UpdatePolicy",
+    "description": "Grants permission to update an existing policy",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "policy",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "policy-engine",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "updatepolicyengine": {
+    "name": "UpdatePolicyEngine",
+    "description": "Grants permission to update a policy engine",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "policy-engine",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "updateworkloadidentity": {
     "name": "UpdateWorkloadIdentity",
     "description": "Grants permission to update the metadata of an existing Workload Identity",