@cloud-copilot/iam-data 0.15.202512191 → 0.15.202512231

package/data/actions/logs.json

@@ -30,6 +30,14 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "cancelimporttask": {
+    "name": "CancelImportTask",
+    "description": "Grants permission to cancel an import from CloudTrail Lake to CloudWatch",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "createdelivery": {
     "name": "CreateDelivery",
     "description": "Grants permission to create a delivery connecting a delivery source to a delivery destination",
@@ -75,6 +83,14 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "createimporttask": {
+    "name": "CreateImportTask",
+    "description": "Grants permission to start an asynchronous process to import data from a CloudTrail Lake event data store into a managed log group in CloudWatch",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "createloganomalydetector": {
     "name": "CreateLogAnomalyDetector",
     "description": "Grants permission to create a log anomaly detector",
@@ -485,6 +501,22 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "describeimporttaskbatches": {
+    "name": "DescribeImportTaskBatches",
+    "description": "Grants permission to return detailed information about the individual batches within an import task, including status and any error",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "describeimporttasks": {
+    "name": "DescribeImportTasks",
+    "description": "Grants permission to return all the import tasks associated with the AWS account making the request",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "describeindexpolicies": {
     "name": "DescribeIndexPolicies",
     "description": "Grants permission to return all the index policies that are attached with the log groups",

package/data/actions/network-firewall.json

@@ -65,6 +65,27 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "attachrulegroupstoproxyconfiguration": {
+    "name": "AttachRuleGroupsToProxyConfiguration",
+    "description": "Grants permission to attach proxy rule groups to a proxy configuration",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "ProxyConfiguration",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "ProxyRuleGroup",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "createfirewall": {
     "name": "CreateFirewall",
     "description": "Grants permission to create an AWS Network Firewall firewall",
@@ -127,6 +148,89 @@
     ],
     "dependentActions": []
   },
+  "createproxy": {
+    "name": "CreateProxy",
+    "description": "Grants permission to create an AWS Network Firewall proxy",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "Proxy",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": [
+          "ec2:AttachApplianceToNatGateway"
+        ]
+      },
+      {
+        "name": "ProxyConfiguration",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [
+      "aws:RequestTag/${TagKey}",
+      "aws:TagKeys"
+    ],
+    "dependentActions": []
+  },
+  "createproxyconfiguration": {
+    "name": "CreateProxyConfiguration",
+    "description": "Grants permission to create an AWS Network Firewall proxy configuration",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "ProxyConfiguration",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "ProxyRuleGroup",
+        "required": false,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [
+      "aws:RequestTag/${TagKey}",
+      "aws:TagKeys"
+    ],
+    "dependentActions": []
+  },
+  "createproxyrulegroup": {
+    "name": "CreateProxyRuleGroup",
+    "description": "Grants permission to create an AWS Network Firewall proxy rule group",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "ProxyRuleGroup",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [
+      "aws:RequestTag/${TagKey}",
+      "aws:TagKeys"
+    ],
+    "dependentActions": []
+  },
+  "createproxyrules": {
+    "name": "CreateProxyRules",
+    "description": "Grants permission to add proxy rules to a proxy rule group",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "ProxyRuleGroup",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "createrulegroup": {
     "name": "CreateRuleGroup",
     "description": "Grants permission to create an AWS Network Firewall rule group",
@@ -242,6 +346,68 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "deleteproxy": {
+    "name": "DeleteProxy",
+    "description": "Grants permission to delete a proxy",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "Proxy",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": [
+      "ec2:DetachApplianceFromNatGateway"
+    ]
+  },
+  "deleteproxyconfiguration": {
+    "name": "DeleteProxyConfiguration",
+    "description": "Grants permission to delete a proxy configuration",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "ProxyConfiguration",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "deleteproxyrulegroup": {
+    "name": "DeleteProxyRuleGroup",
+    "description": "Grants permission to delete a proxy rule group",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "ProxyRuleGroup",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "deleteproxyrules": {
+    "name": "DeleteProxyRules",
+    "description": "Grants permission to remove proxy rules from a proxy rule group",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "ProxyRuleGroup",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "deleteresourcepolicy": {
     "name": "DeleteResourcePolicy",
     "description": "Grants permission to delete a resource policy for a firewall policy or rule group or firewall",
@@ -422,6 +588,66 @@
       "logs:ListLogDeliveries"
     ]
   },
+  "describeproxy": {
+    "name": "DescribeProxy",
+    "description": "Grants permission to retrieve the data objects that define a proxy",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "Proxy",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "describeproxyconfiguration": {
+    "name": "DescribeProxyConfiguration",
+    "description": "Grants permission to retrieve the data objects that define a proxy configuration",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "ProxyConfiguration",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "describeproxyrule": {
+    "name": "DescribeProxyRule",
+    "description": "Grants permission to retrieve the data objects that define a proxy rule",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "ProxyRuleGroup",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "describeproxyrulegroup": {
+    "name": "DescribeProxyRuleGroup",
+    "description": "Grants permission to retrieve the data objects that define a proxy rule group",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "ProxyRuleGroup",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "describeresourcepolicy": {
     "name": "DescribeResourcePolicy",
     "description": "Grants permission to describe a resource policy for a firewall policy or rule group or firewall",
@@ -548,6 +774,27 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "detachrulegroupsfromproxyconfiguration": {
+    "name": "DetachRuleGroupsFromProxyConfiguration",
+    "description": "Grants permission to detach proxy rule groups from a proxy configuration",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "ProxyConfiguration",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "ProxyRuleGroup",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "disassociateavailabilityzones": {
     "name": "DisassociateAvailabilityZones",
     "description": "Grants permission to disassociate availability zones to a firewall",
@@ -668,6 +915,51 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "listproxies": {
+    "name": "ListProxies",
+    "description": "Grants permission to retrieve the metadata for proxies",
+    "accessLevel": "List",
+    "resourceTypes": [
+      {
+        "name": "Proxy",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listproxyconfigurations": {
+    "name": "ListProxyConfigurations",
+    "description": "Grants permission to retrieve the metadata for proxy configurations",
+    "accessLevel": "List",
+    "resourceTypes": [
+      {
+        "name": "ProxyConfiguration",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listproxyrulegroups": {
+    "name": "ListProxyRuleGroups",
+    "description": "Grants permission to retrieve the metadata for proxy rule groups",
+    "accessLevel": "List",
+    "resourceTypes": [
+      {
+        "name": "ProxyRuleGroup",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "listrulegroups": {
     "name": "ListRuleGroups",
     "description": "Grants permission to retrieve the metadata for rule groups",
@@ -861,6 +1153,24 @@
         "conditionKeys": [],
         "dependentActions": []
       },
+      {
+        "name": "Proxy",
+        "required": false,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "ProxyConfiguration",
+        "required": false,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "ProxyRuleGroup",
+        "required": false,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
       {
         "name": "StatefulRuleGroup",
         "required": false,
@@ -909,6 +1219,24 @@
         "conditionKeys": [],
         "dependentActions": []
       },
+      {
+        "name": "Proxy",
+        "required": false,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "ProxyConfiguration",
+        "required": false,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "ProxyRuleGroup",
+        "required": false,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
       {
         "name": "StatefulRuleGroup",
         "required": false,
@@ -1077,6 +1405,81 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "updateproxy": {
+    "name": "UpdateProxy",
+    "description": "Grants permission to modify a proxy",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "Proxy",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "updateproxyconfiguration": {
+    "name": "UpdateProxyConfiguration",
+    "description": "Grants permission to modify a proxy configuration",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "ProxyConfiguration",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "updateproxyrule": {
+    "name": "UpdateProxyRule",
+    "description": "Grants permission to update an existing proxy rule on a proxy rule group",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "ProxyRuleGroup",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "updateproxyrulegrouppriorities": {
+    "name": "UpdateProxyRuleGroupPriorities",
+    "description": "Grants permission to modify rule group priorities on a proxy configuration",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "ProxyConfiguration",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "updateproxyrulepriorities": {
+    "name": "UpdateProxyRulePriorities",
+    "description": "Grants permission to update proxy rule priorities within a proxy rule group",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "ProxyRuleGroup",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "updaterulegroup": {
     "name": "UpdateRuleGroup",
     "description": "Grants permission to modify a rule group",

package/data/actions/payment-cryptography.json

@@ -1,4 +1,25 @@
 {
+  "addkeyreplicationregions": {
+    "name": "AddKeyReplicationRegions",
+    "description": "Grants permission to add replication regions to an existing AWS Payment Cryptography key",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "alias",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "key",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "createalias": {
     "name": "CreateAlias",
     "description": "Grants permission to create a user-friendly name for a Key",
@@ -87,6 +108,22 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "disabledefaultkeyreplicationregions": {
+    "name": "DisableDefaultKeyReplicationRegions",
+    "description": "Grants permission to disable default key replication regions for account-level replication",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "enabledefaultkeyreplicationregions": {
+    "name": "EnableDefaultKeyReplicationRegions",
+    "description": "Grants permission to enable default key replication regions for account-level replication",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "encryptdata": {
     "name": "EncryptData",
     "description": "Grants permission to encrypt plaintext data to ciphertext using symmetric, asymmetric or DUKPT data encryption key",
@@ -231,6 +268,35 @@
     ],
     "dependentActions": []
   },
+  "getcertificatesigningrequest": {
+    "name": "GetCertificateSigningRequest",
+    "description": "Grants permission to return the Certificate Signing Request for a public key from a key of class PUBLIC_KEY",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "alias",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "key",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "getdefaultkeyreplicationregions": {
+    "name": "GetDefaultKeyReplicationRegions",
+    "description": "Grants permission to retrieve the default key replication regions configured at the account level",
+    "accessLevel": "Read",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "getkey": {
     "name": "GetKey",
     "description": "Grants permission to return the detailed information about the specified key",
@@ -342,6 +408,27 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "removekeyreplicationregions": {
+    "name": "RemoveKeyReplicationRegions",
+    "description": "Grants permission to remove replication regions from an existing AWS Payment Cryptography key",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "alias",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "key",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "restorekey": {
     "name": "RestoreKey",
     "description": "Grants permission to cancel a scheduled key deletion if at any point during the waiting period a Key needs to be revived",
@@ -405,6 +492,27 @@
     ],
     "dependentActions": []
   },
+  "translatekeymaterial": {
+    "name": "TranslateKeyMaterial",
+    "description": "Grants permission to translate wrapping key type for a wrapped key",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "alias",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "key",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "translatepindata": {
     "name": "TranslatePinData",
     "description": "Grants permission to translate encrypted PIN block from and to ISO 9564 formats 0,1,3,4",