@cloud-copilot/iam-data 0.19.202606031 → 0.19.202606051

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/data/actions/aidevops.json +188 -0
  2. package/data/actions/cognito-idp.json +60 -0
  3. package/data/actions/finops-agent.json +416 -0
  4. package/data/actions/glue.json +15 -0
  5. package/data/actions/health-agent.json +30 -0
  6. package/data/actions/iot.json +3 -1
  7. package/data/actions/ivs.json +8 -0
  8. package/data/actions/quicksight.json +251 -8
  9. package/data/actions/securityagent.json +273 -0
  10. package/data/conditionKeys/finops-agent.json +1 -0
  11. package/data/conditionKeys/iot.json +2 -2
  12. package/data/resourceTypes/finops-agent.json +1 -0
  13. package/data/resourceTypes/glue.json +12 -3
  14. package/data/resourceTypes/quicksight.json +26 -2
  15. package/data/serviceNames.json +1 -0
  16. package/data/services.json +1 -0
  17. package/package.json +2 -2
package/data/actions/quicksight.json CHANGED
@@ -35,6 +35,21 @@
35
35
  ],
36
36
  "dependentActions": []
37
37
  },
38
+ "batchdeleteknowledgebase": {
39
+ "name": "BatchDeleteKnowledgeBase",
40
+ "description": "Grants permission to delete one or more knowledge bases",
41
+ "accessLevel": "Write",
42
+ "resourceTypes": [
43
+ {
44
+ "name": "knowledgeBase",
45
+ "required": true,
46
+ "conditionKeys": [],
47
+ "dependentActions": []
48
+ }
49
+ ],
50
+ "conditionKeys": [],
51
+ "dependentActions": []
52
+ },
38
53
  "batchdeletetopicreviewedanswer": {
39
54
  "name": "BatchDeleteTopicReviewedAnswer",
40
55
  "description": "Grants permission to delete reviewed answers for a topic",
@@ -443,13 +458,27 @@
443
458
  "name": "namespace",
444
459
  "required": true,
445
460
  "conditionKeys": [],
446
- "dependentActions": []
461
+ "dependentActions": [
462
+ "ds:CreateIdentityPoolDirectory"
463
+ ]
447
464
  }
448
465
  ],
449
- "conditionKeys": [],
450
- "dependentActions": [
451
- "ds:CreateIdentityPoolDirectory"
452
- ]
466
+ "conditionKeys": [
467
+ "aws:RequestTag/${TagKey}",
468
+ "aws:TagKeys"
469
+ ],
470
+ "dependentActions": []
471
+ },
472
+ "createoauthclientapplication": {
473
+ "name": "CreateOAuthClientApplication",
474
+ "description": "Grants permission to create an OAuth client application",
475
+ "accessLevel": "Write",
476
+ "resourceTypes": [],
477
+ "conditionKeys": [
478
+ "aws:RequestTag/${TagKey}",
479
+ "aws:TagKeys"
480
+ ],
481
+ "dependentActions": []
453
482
  },
454
483
  "createreader": {
455
484
  "name": "CreateReader",
@@ -981,6 +1010,21 @@
981
1010
  "conditionKeys": [],
982
1011
  "dependentActions": []
983
1012
  },
1013
+ "deleteknowledgebase": {
1014
+ "name": "DeleteKnowledgeBase",
1015
+ "description": "Grants permission to delete a knowledge base",
1016
+ "accessLevel": "Write",
1017
+ "resourceTypes": [
1018
+ {
1019
+ "name": "knowledgeBase",
1020
+ "required": true,
1021
+ "conditionKeys": [],
1022
+ "dependentActions": []
1023
+ }
1024
+ ],
1025
+ "conditionKeys": [],
1026
+ "dependentActions": []
1027
+ },
984
1028
  "deletenamespace": {
985
1029
  "name": "DeleteNamespace",
986
1030
  "description": "Grants permission to delete a QuickSight namespace",
@@ -998,6 +1042,24 @@
998
1042
  "ds:DeleteDirectory"
999
1043
  ]
1000
1044
  },
1045
+ "deleteoauthclientapplication": {
1046
+ "name": "DeleteOAuthClientApplication",
1047
+ "description": "Grants permission to delete an OAuth client application",
1048
+ "accessLevel": "Write",
1049
+ "resourceTypes": [
1050
+ {
1051
+ "name": "oauthClientApplication",
1052
+ "required": true,
1053
+ "conditionKeys": [],
1054
+ "dependentActions": []
1055
+ }
1056
+ ],
1057
+ "conditionKeys": [
1058
+ "aws:RequestTag/${TagKey}",
1059
+ "aws:TagKeys"
1060
+ ],
1061
+ "dependentActions": []
1062
+ },
1001
1063
  "deleterefreshschedule": {
1002
1064
  "name": "DeleteRefreshSchedule",
1003
1065
  "description": "Grants permission to delete a refresh schedule for a dataset",
@@ -1781,6 +1843,36 @@
1781
1843
  "conditionKeys": [],
1782
1844
  "dependentActions": []
1783
1845
  },
1846
+ "describeknowledgebase": {
1847
+ "name": "DescribeKnowledgeBase",
1848
+ "description": "Grants permission to describe a knowledge base",
1849
+ "accessLevel": "Read",
1850
+ "resourceTypes": [
1851
+ {
1852
+ "name": "knowledgeBase",
1853
+ "required": true,
1854
+ "conditionKeys": [],
1855
+ "dependentActions": []
1856
+ }
1857
+ ],
1858
+ "conditionKeys": [],
1859
+ "dependentActions": []
1860
+ },
1861
+ "describeknowledgebasepermissions": {
1862
+ "name": "DescribeKnowledgeBasePermissions",
1863
+ "description": "Grants permission to describe the resource policy of a knowledge base",
1864
+ "accessLevel": "Permissions management",
1865
+ "resourceTypes": [
1866
+ {
1867
+ "name": "knowledgeBase",
1868
+ "required": true,
1869
+ "conditionKeys": [],
1870
+ "dependentActions": []
1871
+ }
1872
+ ],
1873
+ "conditionKeys": [],
1874
+ "dependentActions": []
1875
+ },
1784
1876
  "describenamespace": {
1785
1877
  "name": "DescribeNamespace",
1786
1878
  "description": "Grants permission to describe a QuickSight namespace",
@@ -1796,6 +1888,24 @@
1796
1888
  "conditionKeys": [],
1797
1889
  "dependentActions": []
1798
1890
  },
1891
+ "describeoauthclientapplication": {
1892
+ "name": "DescribeOAuthClientApplication",
1893
+ "description": "Grants permission to describe an OAuth client application",
1894
+ "accessLevel": "Read",
1895
+ "resourceTypes": [
1896
+ {
1897
+ "name": "oauthClientApplication",
1898
+ "required": true,
1899
+ "conditionKeys": [],
1900
+ "dependentActions": []
1901
+ }
1902
+ ],
1903
+ "conditionKeys": [
1904
+ "aws:RequestTag/${TagKey}",
1905
+ "aws:TagKeys"
1906
+ ],
1907
+ "dependentActions": []
1908
+ },
1799
1909
  "describeqpersonalizationconfiguration": {
1800
1910
  "name": "DescribeQPersonalizationConfiguration",
1801
1911
  "description": "Grants permission to describe a personalization configuration",
@@ -2566,6 +2676,14 @@
2566
2676
  "conditionKeys": [],
2567
2677
  "dependentActions": []
2568
2678
  },
2679
+ "listknowledgebases": {
2680
+ "name": "ListKnowledgeBases",
2681
+ "description": "Grants permission to list all knowledge bases in an account",
2682
+ "accessLevel": "List",
2683
+ "resourceTypes": [],
2684
+ "conditionKeys": [],
2685
+ "dependentActions": []
2686
+ },
2569
2687
  "listnamespaces": {
2570
2688
  "name": "ListNamespaces",
2571
2689
  "description": "Grants permission to lists all namespaces in a QuickSight account",
@@ -2574,6 +2692,17 @@
2574
2692
  "conditionKeys": [],
2575
2693
  "dependentActions": []
2576
2694
  },
2695
+ "listoauthclientapplications": {
2696
+ "name": "ListOAuthClientApplications",
2697
+ "description": "Grants permission to list OAuth client applications in an account",
2698
+ "accessLevel": "List",
2699
+ "resourceTypes": [],
2700
+ "conditionKeys": [
2701
+ "aws:RequestTag/${TagKey}",
2702
+ "aws:TagKeys"
2703
+ ],
2704
+ "dependentActions": []
2705
+ },
2577
2706
  "listrefreshschedules": {
2578
2707
  "name": "ListRefreshSchedules",
2579
2708
  "description": "Grants permission to list all refresh schedules on a dataset",
@@ -2699,6 +2828,18 @@
2699
2828
  "conditionKeys": [],
2700
2829
  "dependentActions": []
2701
2830
  },
2831
+ {
2832
+ "name": "namespace",
2833
+ "required": false,
2834
+ "conditionKeys": [],
2835
+ "dependentActions": []
2836
+ },
2837
+ {
2838
+ "name": "oauthClientApplication",
2839
+ "required": false,
2840
+ "conditionKeys": [],
2841
+ "dependentActions": []
2842
+ },
2702
2843
  {
2703
2844
  "name": "template",
2704
2845
  "required": false,
@@ -2717,6 +2858,12 @@
2717
2858
  "conditionKeys": [],
2718
2859
  "dependentActions": []
2719
2860
  },
2861
+ {
2862
+ "name": "user",
2863
+ "required": false,
2864
+ "conditionKeys": [],
2865
+ "dependentActions": []
2866
+ },
2720
2867
  {
2721
2868
  "name": "vpcconnection",
2722
2869
  "required": false,
@@ -2877,6 +3024,15 @@
2877
3024
  "conditionKeys": [],
2878
3025
  "dependentActions": []
2879
3026
  },
3027
+ "listusersindexcapacity": {
3028
+ "name": "ListUsersIndexCapacity",
3029
+ "isPermissionOnly": true,
3030
+ "description": "Grants permission to list users index capacity",
3031
+ "accessLevel": "List",
3032
+ "resourceTypes": [],
3033
+ "conditionKeys": [],
3034
+ "dependentActions": []
3035
+ },
2880
3036
  "listvpcconnections": {
2881
3037
  "name": "ListVPCConnections",
2882
3038
  "description": "Grants permission to list all vpc connections",
@@ -2988,13 +3144,16 @@
2988
3144
  {
2989
3145
  "name": "user",
2990
3146
  "required": true,
2991
- "conditionKeys": [],
3147
+ "conditionKeys": [
3148
+ "quicksight:IamArn",
3149
+ "quicksight:SessionName"
3150
+ ],
2992
3151
  "dependentActions": []
2993
3152
  }
2994
3153
  ],
2995
3154
  "conditionKeys": [
2996
- "quicksight:IamArn",
2997
- "quicksight:SessionName"
3155
+ "aws:RequestTag/${TagKey}",
3156
+ "aws:TagKeys"
2998
3157
  ],
2999
3158
  "dependentActions": []
3000
3159
  },
@@ -3168,6 +3327,21 @@
3168
3327
  "conditionKeys": [],
3169
3328
  "dependentActions": []
3170
3329
  },
3330
+ "searchknowledgebases": {
3331
+ "name": "SearchKnowledgeBases",
3332
+ "description": "Grants permission to search for a sub-set of knowledge bases",
3333
+ "accessLevel": "List",
3334
+ "resourceTypes": [
3335
+ {
3336
+ "name": "knowledgeBase",
3337
+ "required": true,
3338
+ "conditionKeys": [],
3339
+ "dependentActions": []
3340
+ }
3341
+ ],
3342
+ "conditionKeys": [],
3343
+ "dependentActions": []
3344
+ },
3171
3345
  "searchspaces": {
3172
3346
  "name": "SearchSpaces",
3173
3347
  "description": "Grants permission to search spaces",
@@ -3373,6 +3547,18 @@
3373
3547
  "conditionKeys": [],
3374
3548
  "dependentActions": []
3375
3549
  },
3550
+ {
3551
+ "name": "namespace",
3552
+ "required": false,
3553
+ "conditionKeys": [],
3554
+ "dependentActions": []
3555
+ },
3556
+ {
3557
+ "name": "oauthClientApplication",
3558
+ "required": false,
3559
+ "conditionKeys": [],
3560
+ "dependentActions": []
3561
+ },
3376
3562
  {
3377
3563
  "name": "template",
3378
3564
  "required": false,
@@ -3391,6 +3577,12 @@
3391
3577
  "conditionKeys": [],
3392
3578
  "dependentActions": []
3393
3579
  },
3580
+ {
3581
+ "name": "user",
3582
+ "required": false,
3583
+ "conditionKeys": [],
3584
+ "dependentActions": []
3585
+ },
3394
3586
  {
3395
3587
  "name": "vpcconnection",
3396
3588
  "required": false,
@@ -3506,6 +3698,18 @@
3506
3698
  "conditionKeys": [],
3507
3699
  "dependentActions": []
3508
3700
  },
3701
+ {
3702
+ "name": "namespace",
3703
+ "required": false,
3704
+ "conditionKeys": [],
3705
+ "dependentActions": []
3706
+ },
3707
+ {
3708
+ "name": "oauthClientApplication",
3709
+ "required": false,
3710
+ "conditionKeys": [],
3711
+ "dependentActions": []
3712
+ },
3509
3713
  {
3510
3714
  "name": "template",
3511
3715
  "required": false,
@@ -3524,6 +3728,12 @@
3524
3728
  "conditionKeys": [],
3525
3729
  "dependentActions": []
3526
3730
  },
3731
+ {
3732
+ "name": "user",
3733
+ "required": false,
3734
+ "conditionKeys": [],
3735
+ "dependentActions": []
3736
+ },
3527
3737
  {
3528
3738
  "name": "vpcconnection",
3529
3739
  "required": false,
@@ -4031,6 +4241,39 @@
4031
4241
  "conditionKeys": [],
4032
4242
  "dependentActions": []
4033
4243
  },
4244
+ "updateknowledgebasepermissions": {
4245
+ "name": "UpdateKnowledgeBasePermissions",
4246
+ "description": "Grants permission to update the resource policy of a knowledge base",
4247
+ "accessLevel": "Permissions management",
4248
+ "resourceTypes": [
4249
+ {
4250
+ "name": "knowledgeBase",
4251
+ "required": true,
4252
+ "conditionKeys": [],
4253
+ "dependentActions": []
4254
+ }
4255
+ ],
4256
+ "conditionKeys": [],
4257
+ "dependentActions": []
4258
+ },
4259
+ "updateoauthclientapplication": {
4260
+ "name": "UpdateOAuthClientApplication",
4261
+ "description": "Grants permission to update an OAuth client application",
4262
+ "accessLevel": "Write",
4263
+ "resourceTypes": [
4264
+ {
4265
+ "name": "oauthClientApplication",
4266
+ "required": true,
4267
+ "conditionKeys": [],
4268
+ "dependentActions": []
4269
+ }
4270
+ ],
4271
+ "conditionKeys": [
4272
+ "aws:RequestTag/${TagKey}",
4273
+ "aws:TagKeys"
4274
+ ],
4275
+ "dependentActions": []
4276
+ },
4034
4277
  "updatepublicsharingsettings": {
4035
4278
  "name": "UpdatePublicSharingSettings",
4036
4279
  "description": "Grants permission to enable or disable public sharing on an account",
package/data/actions/securityagent.json CHANGED
@@ -48,6 +48,40 @@
48
48
  "kms:Decrypt"
49
49
  ]
50
50
  },
51
+ "batchdeletethreatmodels": {
52
+ "name": "BatchDeleteThreatModels",
53
+ "description": "Grants permission to delete multiple threat models in a single request",
54
+ "accessLevel": "Write",
55
+ "resourceTypes": [
56
+ {
57
+ "name": "AgentSpace",
58
+ "required": true,
59
+ "conditionKeys": [],
60
+ "dependentActions": []
61
+ }
62
+ ],
63
+ "conditionKeys": [],
64
+ "dependentActions": [
65
+ "kms:Decrypt"
66
+ ]
67
+ },
68
+ "batchdeletethreats": {
69
+ "name": "BatchDeleteThreats",
70
+ "description": "Grants permission to delete multiple threats",
71
+ "accessLevel": "Write",
72
+ "resourceTypes": [
73
+ {
74
+ "name": "AgentSpace",
75
+ "required": true,
76
+ "conditionKeys": [],
77
+ "dependentActions": []
78
+ }
79
+ ],
80
+ "conditionKeys": [],
81
+ "dependentActions": [
82
+ "kms:Decrypt"
83
+ ]
84
+ },
51
85
  "batchgetagentspaces": {
52
86
  "name": "BatchGetAgentSpaces",
53
87
  "description": "Grants permission to retrieve multiple agent spaces in a single request",
@@ -231,6 +265,74 @@
231
265
  "conditionKeys": [],
232
266
  "dependentActions": []
233
267
  },
268
+ "batchgetthreatmodeljobtasks": {
269
+ "name": "BatchGetThreatModelJobTasks",
270
+ "description": "Grants permission to retrieve multiple tasks for a threat model job in a single request",
271
+ "accessLevel": "Read",
272
+ "resourceTypes": [
273
+ {
274
+ "name": "AgentSpace",
275
+ "required": true,
276
+ "conditionKeys": [],
277
+ "dependentActions": []
278
+ }
279
+ ],
280
+ "conditionKeys": [],
281
+ "dependentActions": [
282
+ "kms:Decrypt"
283
+ ]
284
+ },
285
+ "batchgetthreatmodeljobs": {
286
+ "name": "BatchGetThreatModelJobs",
287
+ "description": "Grants permission to retrieve details for one or more threat model jobs",
288
+ "accessLevel": "Read",
289
+ "resourceTypes": [
290
+ {
291
+ "name": "AgentSpace",
292
+ "required": true,
293
+ "conditionKeys": [],
294
+ "dependentActions": []
295
+ }
296
+ ],
297
+ "conditionKeys": [],
298
+ "dependentActions": [
299
+ "kms:Decrypt"
300
+ ]
301
+ },
302
+ "batchgetthreatmodels": {
303
+ "name": "BatchGetThreatModels",
304
+ "description": "Grants permission to retrieve multiple threat models in a single request",
305
+ "accessLevel": "Read",
306
+ "resourceTypes": [
307
+ {
308
+ "name": "AgentSpace",
309
+ "required": true,
310
+ "conditionKeys": [],
311
+ "dependentActions": []
312
+ }
313
+ ],
314
+ "conditionKeys": [],
315
+ "dependentActions": [
316
+ "kms:Decrypt"
317
+ ]
318
+ },
319
+ "batchgetthreats": {
320
+ "name": "BatchGetThreats",
321
+ "description": "Grants permission to retrieve details for one or more threats",
322
+ "accessLevel": "Read",
323
+ "resourceTypes": [
324
+ {
325
+ "name": "AgentSpace",
326
+ "required": true,
327
+ "conditionKeys": [],
328
+ "dependentActions": []
329
+ }
330
+ ],
331
+ "conditionKeys": [],
332
+ "dependentActions": [
333
+ "kms:Decrypt"
334
+ ]
335
+ },
234
336
  "createagentspace": {
235
337
  "name": "CreateAgentSpace",
236
338
  "description": "Grants permission to create an agent space record",
@@ -374,6 +476,40 @@
374
476
  "conditionKeys": [],
375
477
  "dependentActions": []
376
478
  },
479
+ "createthreat": {
480
+ "name": "CreateThreat",
481
+ "description": "Grants permission to create a threat in a threat model",
482
+ "accessLevel": "Write",
483
+ "resourceTypes": [
484
+ {
485
+ "name": "AgentSpace",
486
+ "required": true,
487
+ "conditionKeys": [],
488
+ "dependentActions": []
489
+ }
490
+ ],
491
+ "conditionKeys": [],
492
+ "dependentActions": [
493
+ "kms:Decrypt"
494
+ ]
495
+ },
496
+ "createthreatmodel": {
497
+ "name": "CreateThreatModel",
498
+ "description": "Grants permission to create a new threat model configuration",
499
+ "accessLevel": "Write",
500
+ "resourceTypes": [
501
+ {
502
+ "name": "AgentSpace",
503
+ "required": true,
504
+ "conditionKeys": [],
505
+ "dependentActions": []
506
+ }
507
+ ],
508
+ "conditionKeys": [],
509
+ "dependentActions": [
510
+ "kms:Decrypt"
511
+ ]
512
+ },
377
513
  "deleteagentspace": {
378
514
  "name": "DeleteAgentSpace",
379
515
  "description": "Grants permission to delete an agent space record",
@@ -921,6 +1057,74 @@
921
1057
  "conditionKeys": [],
922
1058
  "dependentActions": []
923
1059
  },
1060
+ "listthreatmodeljobtasks": {
1061
+ "name": "ListThreatModelJobTasks",
1062
+ "description": "Grants permission to list tasks associated with a specific threat model job",
1063
+ "accessLevel": "List",
1064
+ "resourceTypes": [
1065
+ {
1066
+ "name": "AgentSpace",
1067
+ "required": true,
1068
+ "conditionKeys": [],
1069
+ "dependentActions": []
1070
+ }
1071
+ ],
1072
+ "conditionKeys": [],
1073
+ "dependentActions": [
1074
+ "kms:Decrypt"
1075
+ ]
1076
+ },
1077
+ "listthreatmodeljobs": {
1078
+ "name": "ListThreatModelJobs",
1079
+ "description": "Grants permission to list threat model jobs for a threat model",
1080
+ "accessLevel": "List",
1081
+ "resourceTypes": [
1082
+ {
1083
+ "name": "AgentSpace",
1084
+ "required": true,
1085
+ "conditionKeys": [],
1086
+ "dependentActions": []
1087
+ }
1088
+ ],
1089
+ "conditionKeys": [],
1090
+ "dependentActions": [
1091
+ "kms:Decrypt"
1092
+ ]
1093
+ },
1094
+ "listthreatmodels": {
1095
+ "name": "ListThreatModels",
1096
+ "description": "Grants permission to list threat models for an agent space",
1097
+ "accessLevel": "List",
1098
+ "resourceTypes": [
1099
+ {
1100
+ "name": "AgentSpace",
1101
+ "required": true,
1102
+ "conditionKeys": [],
1103
+ "dependentActions": []
1104
+ }
1105
+ ],
1106
+ "conditionKeys": [],
1107
+ "dependentActions": [
1108
+ "kms:Decrypt"
1109
+ ]
1110
+ },
1111
+ "listthreats": {
1112
+ "name": "ListThreats",
1113
+ "description": "Grants permission to list threats for a threat model job with filtering and pagination support",
1114
+ "accessLevel": "List",
1115
+ "resourceTypes": [
1116
+ {
1117
+ "name": "AgentSpace",
1118
+ "required": true,
1119
+ "conditionKeys": [],
1120
+ "dependentActions": []
1121
+ }
1122
+ ],
1123
+ "conditionKeys": [],
1124
+ "dependentActions": [
1125
+ "kms:Decrypt"
1126
+ ]
1127
+ },
924
1128
  "putdesignreviewfeedback": {
925
1129
  "name": "PutDesignReviewFeedback",
926
1130
  "description": "Grants permission to submit feedback for a design review comment",
@@ -990,6 +1194,24 @@
990
1194
  "kms:GenerateDataKey"
991
1195
  ]
992
1196
  },
1197
+ "startthreatmodeljob": {
1198
+ "name": "StartThreatModelJob",
1199
+ "description": "Grants permission to initiate the execution of a threat model job",
1200
+ "accessLevel": "Write",
1201
+ "resourceTypes": [
1202
+ {
1203
+ "name": "AgentSpace",
1204
+ "required": true,
1205
+ "conditionKeys": [],
1206
+ "dependentActions": []
1207
+ }
1208
+ ],
1209
+ "conditionKeys": [],
1210
+ "dependentActions": [
1211
+ "kms:Decrypt",
1212
+ "kms:GenerateDataKey"
1213
+ ]
1214
+ },
993
1215
  "stopcodereviewjob": {
994
1216
  "name": "StopCodeReviewJob",
995
1217
  "description": "Grants permission to stop the execution of a running code review",
@@ -1024,6 +1246,23 @@
1024
1246
  "kms:Decrypt"
1025
1247
  ]
1026
1248
  },
1249
+ "stopthreatmodeljob": {
1250
+ "name": "StopThreatModelJob",
1251
+ "description": "Grants permission to stop a running threat model job",
1252
+ "accessLevel": "Write",
1253
+ "resourceTypes": [
1254
+ {
1255
+ "name": "AgentSpace",
1256
+ "required": true,
1257
+ "conditionKeys": [],
1258
+ "dependentActions": []
1259
+ }
1260
+ ],
1261
+ "conditionKeys": [],
1262
+ "dependentActions": [
1263
+ "kms:Decrypt"
1264
+ ]
1265
+ },
1027
1266
  "tagresource": {
1028
1267
  "name": "TagResource",
1029
1268
  "description": "Grants permission to add tags to a resource",
@@ -1253,6 +1492,40 @@
1253
1492
  "conditionKeys": [],
1254
1493
  "dependentActions": []
1255
1494
  },
1495
+ "updatethreat": {
1496
+ "name": "UpdateThreat",
1497
+ "description": "Grants permission to update a threat",
1498
+ "accessLevel": "Write",
1499
+ "resourceTypes": [
1500
+ {
1501
+ "name": "AgentSpace",
1502
+ "required": true,
1503
+ "conditionKeys": [],
1504
+ "dependentActions": []
1505
+ }
1506
+ ],
1507
+ "conditionKeys": [],
1508
+ "dependentActions": [
1509
+ "kms:Decrypt"
1510
+ ]
1511
+ },
1512
+ "updatethreatmodel": {
1513
+ "name": "UpdateThreatModel",
1514
+ "description": "Grants permission to update an existing threat model with new configuration",
1515
+ "accessLevel": "Write",
1516
+ "resourceTypes": [
1517
+ {
1518
+ "name": "AgentSpace",
1519
+ "required": true,
1520
+ "conditionKeys": [],
1521
+ "dependentActions": []
1522
+ }
1523
+ ],
1524
+ "conditionKeys": [],
1525
+ "dependentActions": [
1526
+ "kms:Decrypt"
1527
+ ]
1528
+ },
1256
1529
  "verifytargetdomain": {
1257
1530
  "name": "VerifyTargetDomain",
1258
1531
  "description": "Grants permission to verify ownership for a registered target domain",
package/data/conditionKeys/finops-agent.json ADDED
@@ -0,0 +1 @@
1
+ {}