@cloud-copilot/iam-data 0.2.202408313 → 0.2.202409011
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/data/actions/bedrock.json +161 -2
- package/data/actions/cloudfront.json +1 -1
- package/data/actions/frauddetector.json +2 -2
- package/data/actions/healthlake.json +1 -1
- package/data/actions/pcs.json +409 -0
- package/data/actions/quicksight.json +41 -2
- package/data/actions/redshift-serverless.json +48 -4
- package/data/actions/redshift.json +41 -3
- package/data/actions/securitylake.json +1 -1
- package/data/actions/thinclient.json +46 -14
- package/data/actions/wickr.json +8 -0
- package/data/actions/wisdom.json +114 -114
- package/data/actions/workspaces-web.json +1 -2
- package/data/conditionKeys/bedrock.json +5 -0
- package/data/conditionKeys/pcs.json +17 -0
- package/data/conditionKeys/ram.json +1 -1
- package/data/resourceTypes/bedrock.json +18 -0
- package/data/resourceTypes/events.json +16 -0
- package/data/resourceTypes/pcs.json +23 -0
- package/data/resourceTypes/wisdom.json +7 -7
- package/data/serviceNames.json +3 -2
- package/data/services.json +1 -0
- package/package.json +1 -1
|
@@ -0,0 +1,409 @@
|
|
|
1
|
+
{
|
|
2
|
+
"allowvendedlogdeliveryforresource": {
|
|
3
|
+
"name": "AllowVendedLogDeliveryForResource",
|
|
4
|
+
"isPermissionOnly": true,
|
|
5
|
+
"description": "Grants permission to configure vended log delivery for Skybridge cluster logs",
|
|
6
|
+
"accessLevel": "Write",
|
|
7
|
+
"resourceTypes": [
|
|
8
|
+
{
|
|
9
|
+
"name": "cluster",
|
|
10
|
+
"required": true,
|
|
11
|
+
"conditionKeys": [],
|
|
12
|
+
"dependentActions": []
|
|
13
|
+
}
|
|
14
|
+
],
|
|
15
|
+
"conditionKeys": [],
|
|
16
|
+
"dependentActions": []
|
|
17
|
+
},
|
|
18
|
+
"createcluster": {
|
|
19
|
+
"name": "CreateCluster",
|
|
20
|
+
"description": "Grants permission to create clusters",
|
|
21
|
+
"accessLevel": "Write",
|
|
22
|
+
"resourceTypes": [],
|
|
23
|
+
"conditionKeys": [
|
|
24
|
+
"aws:ResourceTag/${TagKey}",
|
|
25
|
+
"aws:RequestTag/${TagKey}",
|
|
26
|
+
"aws:TagKeys"
|
|
27
|
+
],
|
|
28
|
+
"dependentActions": [
|
|
29
|
+
"ec2:CreateNetworkInterface",
|
|
30
|
+
"ec2:CreateNetworkInterfacePermission",
|
|
31
|
+
"ec2:DescribeNetworkInterfaces",
|
|
32
|
+
"ec2:DescribeSecurityGroups",
|
|
33
|
+
"ec2:DescribeSubnets",
|
|
34
|
+
"ec2:DescribeVpcs",
|
|
35
|
+
"ec2:GetSecurityGroupsForVpc",
|
|
36
|
+
"iam:CreateServiceLinkedRole",
|
|
37
|
+
"secretsmanager:CreateSecret",
|
|
38
|
+
"secretsmanager:TagResource"
|
|
39
|
+
]
|
|
40
|
+
},
|
|
41
|
+
"createcomputenodegroup": {
|
|
42
|
+
"name": "CreateComputeNodeGroup",
|
|
43
|
+
"description": "Grants permission to create compute node groups",
|
|
44
|
+
"accessLevel": "Write",
|
|
45
|
+
"resourceTypes": [
|
|
46
|
+
{
|
|
47
|
+
"name": "cluster",
|
|
48
|
+
"required": true,
|
|
49
|
+
"conditionKeys": [],
|
|
50
|
+
"dependentActions": [
|
|
51
|
+
"ec2:CreateFleet",
|
|
52
|
+
"ec2:CreateLaunchTemplate",
|
|
53
|
+
"ec2:CreateLaunchTemplateVersion",
|
|
54
|
+
"ec2:CreateTags",
|
|
55
|
+
"ec2:DescribeImages",
|
|
56
|
+
"ec2:DescribeInstanceStatus",
|
|
57
|
+
"ec2:DescribeInstanceTypes",
|
|
58
|
+
"ec2:DescribeInstances",
|
|
59
|
+
"ec2:DescribeLaunchTemplateVersions",
|
|
60
|
+
"ec2:DescribeLaunchTemplates",
|
|
61
|
+
"ec2:DescribeSecurityGroups",
|
|
62
|
+
"ec2:DescribeSubnets",
|
|
63
|
+
"ec2:DescribeVpcs",
|
|
64
|
+
"ec2:RunInstances",
|
|
65
|
+
"iam:GetInstanceProfile",
|
|
66
|
+
"iam:PassRole"
|
|
67
|
+
]
|
|
68
|
+
}
|
|
69
|
+
],
|
|
70
|
+
"conditionKeys": [
|
|
71
|
+
"aws:ResourceTag/${TagKey}",
|
|
72
|
+
"aws:RequestTag/${TagKey}",
|
|
73
|
+
"aws:TagKeys"
|
|
74
|
+
],
|
|
75
|
+
"dependentActions": []
|
|
76
|
+
},
|
|
77
|
+
"createqueue": {
|
|
78
|
+
"name": "CreateQueue",
|
|
79
|
+
"description": "Grants permission to create queues",
|
|
80
|
+
"accessLevel": "Write",
|
|
81
|
+
"resourceTypes": [
|
|
82
|
+
{
|
|
83
|
+
"name": "cluster",
|
|
84
|
+
"required": true,
|
|
85
|
+
"conditionKeys": [],
|
|
86
|
+
"dependentActions": []
|
|
87
|
+
}
|
|
88
|
+
],
|
|
89
|
+
"conditionKeys": [
|
|
90
|
+
"aws:ResourceTag/${TagKey}",
|
|
91
|
+
"aws:RequestTag/${TagKey}",
|
|
92
|
+
"aws:TagKeys"
|
|
93
|
+
],
|
|
94
|
+
"dependentActions": []
|
|
95
|
+
},
|
|
96
|
+
"deletecluster": {
|
|
97
|
+
"name": "DeleteCluster",
|
|
98
|
+
"description": "Grants permission to delete clusters",
|
|
99
|
+
"accessLevel": "Write",
|
|
100
|
+
"resourceTypes": [
|
|
101
|
+
{
|
|
102
|
+
"name": "cluster",
|
|
103
|
+
"required": true,
|
|
104
|
+
"conditionKeys": [],
|
|
105
|
+
"dependentActions": []
|
|
106
|
+
}
|
|
107
|
+
],
|
|
108
|
+
"conditionKeys": [],
|
|
109
|
+
"dependentActions": [
|
|
110
|
+
"ec2:DeleteNetworkInterface",
|
|
111
|
+
"secretsmanager:DeleteSecret"
|
|
112
|
+
]
|
|
113
|
+
},
|
|
114
|
+
"deletecomputenodegroup": {
|
|
115
|
+
"name": "DeleteComputeNodeGroup",
|
|
116
|
+
"description": "Grants permission to delete compute node groups",
|
|
117
|
+
"accessLevel": "Write",
|
|
118
|
+
"resourceTypes": [
|
|
119
|
+
{
|
|
120
|
+
"name": "cluster",
|
|
121
|
+
"required": true,
|
|
122
|
+
"conditionKeys": [],
|
|
123
|
+
"dependentActions": [
|
|
124
|
+
"ec2:DeleteLaunchTemplate",
|
|
125
|
+
"ec2:TerminateInstances"
|
|
126
|
+
]
|
|
127
|
+
},
|
|
128
|
+
{
|
|
129
|
+
"name": "computenodegroup",
|
|
130
|
+
"required": true,
|
|
131
|
+
"conditionKeys": [],
|
|
132
|
+
"dependentActions": []
|
|
133
|
+
}
|
|
134
|
+
],
|
|
135
|
+
"conditionKeys": [],
|
|
136
|
+
"dependentActions": []
|
|
137
|
+
},
|
|
138
|
+
"deletequeue": {
|
|
139
|
+
"name": "DeleteQueue",
|
|
140
|
+
"description": "Grants permission to delete queues",
|
|
141
|
+
"accessLevel": "Write",
|
|
142
|
+
"resourceTypes": [
|
|
143
|
+
{
|
|
144
|
+
"name": "cluster",
|
|
145
|
+
"required": true,
|
|
146
|
+
"conditionKeys": [],
|
|
147
|
+
"dependentActions": []
|
|
148
|
+
},
|
|
149
|
+
{
|
|
150
|
+
"name": "queue",
|
|
151
|
+
"required": true,
|
|
152
|
+
"conditionKeys": [],
|
|
153
|
+
"dependentActions": []
|
|
154
|
+
}
|
|
155
|
+
],
|
|
156
|
+
"conditionKeys": [],
|
|
157
|
+
"dependentActions": []
|
|
158
|
+
},
|
|
159
|
+
"getcluster": {
|
|
160
|
+
"name": "GetCluster",
|
|
161
|
+
"description": "Grants permission to get cluster properties",
|
|
162
|
+
"accessLevel": "Read",
|
|
163
|
+
"resourceTypes": [
|
|
164
|
+
{
|
|
165
|
+
"name": "cluster",
|
|
166
|
+
"required": true,
|
|
167
|
+
"conditionKeys": [],
|
|
168
|
+
"dependentActions": []
|
|
169
|
+
}
|
|
170
|
+
],
|
|
171
|
+
"conditionKeys": [],
|
|
172
|
+
"dependentActions": []
|
|
173
|
+
},
|
|
174
|
+
"getcomputenodegroup": {
|
|
175
|
+
"name": "GetComputeNodeGroup",
|
|
176
|
+
"description": "Grants permission to get compute node group properties",
|
|
177
|
+
"accessLevel": "Read",
|
|
178
|
+
"resourceTypes": [
|
|
179
|
+
{
|
|
180
|
+
"name": "cluster",
|
|
181
|
+
"required": true,
|
|
182
|
+
"conditionKeys": [],
|
|
183
|
+
"dependentActions": []
|
|
184
|
+
},
|
|
185
|
+
{
|
|
186
|
+
"name": "computenodegroup",
|
|
187
|
+
"required": true,
|
|
188
|
+
"conditionKeys": [],
|
|
189
|
+
"dependentActions": []
|
|
190
|
+
}
|
|
191
|
+
],
|
|
192
|
+
"conditionKeys": [],
|
|
193
|
+
"dependentActions": []
|
|
194
|
+
},
|
|
195
|
+
"getqueue": {
|
|
196
|
+
"name": "GetQueue",
|
|
197
|
+
"description": "Grants permission to get queue properties",
|
|
198
|
+
"accessLevel": "Read",
|
|
199
|
+
"resourceTypes": [
|
|
200
|
+
{
|
|
201
|
+
"name": "cluster",
|
|
202
|
+
"required": true,
|
|
203
|
+
"conditionKeys": [],
|
|
204
|
+
"dependentActions": []
|
|
205
|
+
},
|
|
206
|
+
{
|
|
207
|
+
"name": "queue",
|
|
208
|
+
"required": true,
|
|
209
|
+
"conditionKeys": [],
|
|
210
|
+
"dependentActions": []
|
|
211
|
+
}
|
|
212
|
+
],
|
|
213
|
+
"conditionKeys": [],
|
|
214
|
+
"dependentActions": []
|
|
215
|
+
},
|
|
216
|
+
"listclusters": {
|
|
217
|
+
"name": "ListClusters",
|
|
218
|
+
"description": "Grants permission to list clusters",
|
|
219
|
+
"accessLevel": "List",
|
|
220
|
+
"resourceTypes": [],
|
|
221
|
+
"conditionKeys": [],
|
|
222
|
+
"dependentActions": []
|
|
223
|
+
},
|
|
224
|
+
"listcomputenodegroups": {
|
|
225
|
+
"name": "ListComputeNodeGroups",
|
|
226
|
+
"description": "Grants permission to list compute node groups",
|
|
227
|
+
"accessLevel": "List",
|
|
228
|
+
"resourceTypes": [
|
|
229
|
+
{
|
|
230
|
+
"name": "cluster",
|
|
231
|
+
"required": true,
|
|
232
|
+
"conditionKeys": [],
|
|
233
|
+
"dependentActions": []
|
|
234
|
+
}
|
|
235
|
+
],
|
|
236
|
+
"conditionKeys": [],
|
|
237
|
+
"dependentActions": []
|
|
238
|
+
},
|
|
239
|
+
"listqueues": {
|
|
240
|
+
"name": "ListQueues",
|
|
241
|
+
"description": "Grants permission to list queues",
|
|
242
|
+
"accessLevel": "List",
|
|
243
|
+
"resourceTypes": [
|
|
244
|
+
{
|
|
245
|
+
"name": "cluster",
|
|
246
|
+
"required": true,
|
|
247
|
+
"conditionKeys": [],
|
|
248
|
+
"dependentActions": []
|
|
249
|
+
}
|
|
250
|
+
],
|
|
251
|
+
"conditionKeys": [],
|
|
252
|
+
"dependentActions": []
|
|
253
|
+
},
|
|
254
|
+
"listtagsforresource": {
|
|
255
|
+
"name": "ListTagsForResource",
|
|
256
|
+
"description": "Grants permission to list the tags for a resource",
|
|
257
|
+
"accessLevel": "Read",
|
|
258
|
+
"resourceTypes": [],
|
|
259
|
+
"conditionKeys": [],
|
|
260
|
+
"dependentActions": []
|
|
261
|
+
},
|
|
262
|
+
"registercomputenodegroupinstance": {
|
|
263
|
+
"name": "RegisterComputeNodeGroupInstance",
|
|
264
|
+
"description": "Grants permission to register a compute instance in a compute node group",
|
|
265
|
+
"accessLevel": "Write",
|
|
266
|
+
"resourceTypes": [
|
|
267
|
+
{
|
|
268
|
+
"name": "cluster",
|
|
269
|
+
"required": true,
|
|
270
|
+
"conditionKeys": [],
|
|
271
|
+
"dependentActions": []
|
|
272
|
+
}
|
|
273
|
+
],
|
|
274
|
+
"conditionKeys": [],
|
|
275
|
+
"dependentActions": [
|
|
276
|
+
"secretsmanager:GetSecretValue"
|
|
277
|
+
]
|
|
278
|
+
},
|
|
279
|
+
"tagresource": {
|
|
280
|
+
"name": "TagResource",
|
|
281
|
+
"description": "Grants permission to tag a resource",
|
|
282
|
+
"accessLevel": "Tagging",
|
|
283
|
+
"resourceTypes": [
|
|
284
|
+
{
|
|
285
|
+
"name": "cluster",
|
|
286
|
+
"required": false,
|
|
287
|
+
"conditionKeys": [
|
|
288
|
+
"aws:ResourceTag/${TagKey}"
|
|
289
|
+
],
|
|
290
|
+
"dependentActions": []
|
|
291
|
+
},
|
|
292
|
+
{
|
|
293
|
+
"name": "computenodegroup",
|
|
294
|
+
"required": false,
|
|
295
|
+
"conditionKeys": [
|
|
296
|
+
"aws:ResourceTag/${TagKey}"
|
|
297
|
+
],
|
|
298
|
+
"dependentActions": []
|
|
299
|
+
},
|
|
300
|
+
{
|
|
301
|
+
"name": "queue",
|
|
302
|
+
"required": false,
|
|
303
|
+
"conditionKeys": [
|
|
304
|
+
"aws:ResourceTag/${TagKey}"
|
|
305
|
+
],
|
|
306
|
+
"dependentActions": []
|
|
307
|
+
}
|
|
308
|
+
],
|
|
309
|
+
"conditionKeys": [
|
|
310
|
+
"aws:RequestTag/${TagKey}",
|
|
311
|
+
"aws:TagKeys"
|
|
312
|
+
],
|
|
313
|
+
"dependentActions": []
|
|
314
|
+
},
|
|
315
|
+
"untagresource": {
|
|
316
|
+
"name": "UntagResource",
|
|
317
|
+
"description": "Grants permission to untag a resource",
|
|
318
|
+
"accessLevel": "Tagging",
|
|
319
|
+
"resourceTypes": [
|
|
320
|
+
{
|
|
321
|
+
"name": "cluster",
|
|
322
|
+
"required": false,
|
|
323
|
+
"conditionKeys": [
|
|
324
|
+
"aws:ResourceTag/${TagKey}"
|
|
325
|
+
],
|
|
326
|
+
"dependentActions": []
|
|
327
|
+
},
|
|
328
|
+
{
|
|
329
|
+
"name": "computenodegroup",
|
|
330
|
+
"required": false,
|
|
331
|
+
"conditionKeys": [
|
|
332
|
+
"aws:ResourceTag/${TagKey}"
|
|
333
|
+
],
|
|
334
|
+
"dependentActions": []
|
|
335
|
+
},
|
|
336
|
+
{
|
|
337
|
+
"name": "queue",
|
|
338
|
+
"required": false,
|
|
339
|
+
"conditionKeys": [
|
|
340
|
+
"aws:ResourceTag/${TagKey}"
|
|
341
|
+
],
|
|
342
|
+
"dependentActions": []
|
|
343
|
+
}
|
|
344
|
+
],
|
|
345
|
+
"conditionKeys": [
|
|
346
|
+
"aws:TagKeys"
|
|
347
|
+
],
|
|
348
|
+
"dependentActions": []
|
|
349
|
+
},
|
|
350
|
+
"updatecomputenodegroup": {
|
|
351
|
+
"name": "UpdateComputeNodeGroup",
|
|
352
|
+
"description": "Grants permission to update compute node group properties",
|
|
353
|
+
"accessLevel": "Write",
|
|
354
|
+
"resourceTypes": [
|
|
355
|
+
{
|
|
356
|
+
"name": "cluster",
|
|
357
|
+
"required": true,
|
|
358
|
+
"conditionKeys": [],
|
|
359
|
+
"dependentActions": [
|
|
360
|
+
"ec2:CreateFleet",
|
|
361
|
+
"ec2:CreateLaunchTemplate",
|
|
362
|
+
"ec2:CreateLaunchTemplateVersion",
|
|
363
|
+
"ec2:CreateTags",
|
|
364
|
+
"ec2:DescribeImages",
|
|
365
|
+
"ec2:DescribeInstanceStatus",
|
|
366
|
+
"ec2:DescribeInstanceTypes",
|
|
367
|
+
"ec2:DescribeInstances",
|
|
368
|
+
"ec2:DescribeLaunchTemplateVersions",
|
|
369
|
+
"ec2:DescribeLaunchTemplates",
|
|
370
|
+
"ec2:DescribeSecurityGroups",
|
|
371
|
+
"ec2:DescribeSubnets",
|
|
372
|
+
"ec2:DescribeVpcs",
|
|
373
|
+
"ec2:RunInstances",
|
|
374
|
+
"iam:GetInstanceProfile",
|
|
375
|
+
"iam:PassRole"
|
|
376
|
+
]
|
|
377
|
+
},
|
|
378
|
+
{
|
|
379
|
+
"name": "computenodegroup",
|
|
380
|
+
"required": true,
|
|
381
|
+
"conditionKeys": [],
|
|
382
|
+
"dependentActions": []
|
|
383
|
+
}
|
|
384
|
+
],
|
|
385
|
+
"conditionKeys": [],
|
|
386
|
+
"dependentActions": []
|
|
387
|
+
},
|
|
388
|
+
"updatequeue": {
|
|
389
|
+
"name": "UpdateQueue",
|
|
390
|
+
"description": "Grants permission to update queue properties",
|
|
391
|
+
"accessLevel": "Write",
|
|
392
|
+
"resourceTypes": [
|
|
393
|
+
{
|
|
394
|
+
"name": "cluster",
|
|
395
|
+
"required": true,
|
|
396
|
+
"conditionKeys": [],
|
|
397
|
+
"dependentActions": []
|
|
398
|
+
},
|
|
399
|
+
{
|
|
400
|
+
"name": "queue",
|
|
401
|
+
"required": true,
|
|
402
|
+
"conditionKeys": [],
|
|
403
|
+
"dependentActions": []
|
|
404
|
+
}
|
|
405
|
+
],
|
|
406
|
+
"conditionKeys": [],
|
|
407
|
+
"dependentActions": []
|
|
408
|
+
}
|
|
409
|
+
}
|
|
@@ -1818,6 +1818,45 @@
|
|
|
1818
1818
|
"conditionKeys": [],
|
|
1819
1819
|
"dependentActions": []
|
|
1820
1820
|
},
|
|
1821
|
+
"listfoldersforresource": {
|
|
1822
|
+
"name": "ListFoldersForResource",
|
|
1823
|
+
"description": "Grants permission to list all Folders in which a QuickSight resource is a member",
|
|
1824
|
+
"accessLevel": "List",
|
|
1825
|
+
"resourceTypes": [
|
|
1826
|
+
{
|
|
1827
|
+
"name": "analysis",
|
|
1828
|
+
"required": false,
|
|
1829
|
+
"conditionKeys": [],
|
|
1830
|
+
"dependentActions": []
|
|
1831
|
+
},
|
|
1832
|
+
{
|
|
1833
|
+
"name": "dashboard",
|
|
1834
|
+
"required": false,
|
|
1835
|
+
"conditionKeys": [],
|
|
1836
|
+
"dependentActions": []
|
|
1837
|
+
},
|
|
1838
|
+
{
|
|
1839
|
+
"name": "dataset",
|
|
1840
|
+
"required": false,
|
|
1841
|
+
"conditionKeys": [],
|
|
1842
|
+
"dependentActions": []
|
|
1843
|
+
},
|
|
1844
|
+
{
|
|
1845
|
+
"name": "datasource",
|
|
1846
|
+
"required": false,
|
|
1847
|
+
"conditionKeys": [],
|
|
1848
|
+
"dependentActions": []
|
|
1849
|
+
},
|
|
1850
|
+
{
|
|
1851
|
+
"name": "topic",
|
|
1852
|
+
"required": false,
|
|
1853
|
+
"conditionKeys": [],
|
|
1854
|
+
"dependentActions": []
|
|
1855
|
+
}
|
|
1856
|
+
],
|
|
1857
|
+
"conditionKeys": [],
|
|
1858
|
+
"dependentActions": []
|
|
1859
|
+
},
|
|
1821
1860
|
"listgroupmemberships": {
|
|
1822
1861
|
"name": "ListGroupMemberships",
|
|
1823
1862
|
"description": "Grants permission to list member users in a group",
|
|
@@ -2673,7 +2712,7 @@
|
|
|
2673
2712
|
},
|
|
2674
2713
|
"updatedashboardlinks": {
|
|
2675
2714
|
"name": "UpdateDashboardLinks",
|
|
2676
|
-
"description": "Grants permission to update a QuickSight Dashboard
|
|
2715
|
+
"description": "Grants permission to update a QuickSight Dashboard's links",
|
|
2677
2716
|
"accessLevel": "Write",
|
|
2678
2717
|
"resourceTypes": [
|
|
2679
2718
|
{
|
|
@@ -2703,7 +2742,7 @@
|
|
|
2703
2742
|
},
|
|
2704
2743
|
"updatedashboardpublishedversion": {
|
|
2705
2744
|
"name": "UpdateDashboardPublishedVersion",
|
|
2706
|
-
"description": "Grants permission to update a QuickSight Dashboard
|
|
2745
|
+
"description": "Grants permission to update a QuickSight Dashboard's Published Version",
|
|
2707
2746
|
"accessLevel": "Write",
|
|
2708
2747
|
"resourceTypes": [
|
|
2709
2748
|
{
|
|
@@ -64,7 +64,20 @@
|
|
|
64
64
|
"name": "namespace",
|
|
65
65
|
"required": true,
|
|
66
66
|
"conditionKeys": [],
|
|
67
|
-
"dependentActions": [
|
|
67
|
+
"dependentActions": [
|
|
68
|
+
"kms:CreateGrant",
|
|
69
|
+
"kms:Decrypt",
|
|
70
|
+
"kms:DescribeKey",
|
|
71
|
+
"kms:GenerateDataKey",
|
|
72
|
+
"kms:RetireGrant",
|
|
73
|
+
"secretsmanager:CreateSecret",
|
|
74
|
+
"secretsmanager:DeleteSecret",
|
|
75
|
+
"secretsmanager:DescribeSecret",
|
|
76
|
+
"secretsmanager:GetRandomPassword",
|
|
77
|
+
"secretsmanager:RotateSecret",
|
|
78
|
+
"secretsmanager:TagResource",
|
|
79
|
+
"secretsmanager:UpdateSecret"
|
|
80
|
+
]
|
|
68
81
|
}
|
|
69
82
|
],
|
|
70
83
|
"conditionKeys": [
|
|
@@ -190,7 +203,12 @@
|
|
|
190
203
|
}
|
|
191
204
|
],
|
|
192
205
|
"conditionKeys": [],
|
|
193
|
-
"dependentActions": [
|
|
206
|
+
"dependentActions": [
|
|
207
|
+
"kms:DescribeKey",
|
|
208
|
+
"kms:RetireGrant",
|
|
209
|
+
"secretsmanager:DeleteSecret",
|
|
210
|
+
"secretsmanager:DescribeSecret"
|
|
211
|
+
]
|
|
194
212
|
},
|
|
195
213
|
"deleteresourcepolicy": {
|
|
196
214
|
"name": "DeleteResourcePolicy",
|
|
@@ -567,7 +585,20 @@
|
|
|
567
585
|
}
|
|
568
586
|
],
|
|
569
587
|
"conditionKeys": [],
|
|
570
|
-
"dependentActions": [
|
|
588
|
+
"dependentActions": [
|
|
589
|
+
"kms:CreateGrant",
|
|
590
|
+
"kms:Decrypt",
|
|
591
|
+
"kms:DescribeKey",
|
|
592
|
+
"kms:GenerateDataKey",
|
|
593
|
+
"kms:RetireGrant",
|
|
594
|
+
"secretsmanager:CreateSecret",
|
|
595
|
+
"secretsmanager:DeleteSecret",
|
|
596
|
+
"secretsmanager:DescribeSecret",
|
|
597
|
+
"secretsmanager:GetRandomPassword",
|
|
598
|
+
"secretsmanager:RotateSecret",
|
|
599
|
+
"secretsmanager:TagResource",
|
|
600
|
+
"secretsmanager:UpdateSecret"
|
|
601
|
+
]
|
|
571
602
|
},
|
|
572
603
|
"restoretablefromrecoverypoint": {
|
|
573
604
|
"name": "RestoreTableFromRecoveryPoint",
|
|
@@ -728,7 +759,20 @@
|
|
|
728
759
|
}
|
|
729
760
|
],
|
|
730
761
|
"conditionKeys": [],
|
|
731
|
-
"dependentActions": [
|
|
762
|
+
"dependentActions": [
|
|
763
|
+
"kms:CreateGrant",
|
|
764
|
+
"kms:Decrypt",
|
|
765
|
+
"kms:DescribeKey",
|
|
766
|
+
"kms:GenerateDataKey",
|
|
767
|
+
"kms:RetireGrant",
|
|
768
|
+
"secretsmanager:CreateSecret",
|
|
769
|
+
"secretsmanager:DeleteSecret",
|
|
770
|
+
"secretsmanager:DescribeSecret",
|
|
771
|
+
"secretsmanager:GetRandomPassword",
|
|
772
|
+
"secretsmanager:RotateSecret",
|
|
773
|
+
"secretsmanager:TagResource",
|
|
774
|
+
"secretsmanager:UpdateSecret"
|
|
775
|
+
]
|
|
732
776
|
},
|
|
733
777
|
"updatescheduledaction": {
|
|
734
778
|
"name": "UpdateScheduledAction",
|
|
@@ -193,7 +193,20 @@
|
|
|
193
193
|
"name": "cluster",
|
|
194
194
|
"required": true,
|
|
195
195
|
"conditionKeys": [],
|
|
196
|
-
"dependentActions": [
|
|
196
|
+
"dependentActions": [
|
|
197
|
+
"kms:CreateGrant",
|
|
198
|
+
"kms:Decrypt",
|
|
199
|
+
"kms:DescribeKey",
|
|
200
|
+
"kms:GenerateDataKey",
|
|
201
|
+
"kms:RetireGrant",
|
|
202
|
+
"secretsmanager:CreateSecret",
|
|
203
|
+
"secretsmanager:DeleteSecret",
|
|
204
|
+
"secretsmanager:DescribeSecret",
|
|
205
|
+
"secretsmanager:GetRandomPassword",
|
|
206
|
+
"secretsmanager:RotateSecret",
|
|
207
|
+
"secretsmanager:TagResource",
|
|
208
|
+
"secretsmanager:UpdateSecret"
|
|
209
|
+
]
|
|
197
210
|
}
|
|
198
211
|
],
|
|
199
212
|
"conditionKeys": [
|
|
@@ -1696,7 +1709,19 @@
|
|
|
1696
1709
|
],
|
|
1697
1710
|
"conditionKeys": [],
|
|
1698
1711
|
"dependentActions": [
|
|
1699
|
-
"acm:DescribeCertificate"
|
|
1712
|
+
"acm:DescribeCertificate",
|
|
1713
|
+
"kms:CreateGrant",
|
|
1714
|
+
"kms:Decrypt",
|
|
1715
|
+
"kms:DescribeKey",
|
|
1716
|
+
"kms:GenerateDataKey",
|
|
1717
|
+
"kms:RetireGrant",
|
|
1718
|
+
"secretsmanager:CreateSecret",
|
|
1719
|
+
"secretsmanager:DeleteSecret",
|
|
1720
|
+
"secretsmanager:DescribeSecret",
|
|
1721
|
+
"secretsmanager:GetRandomPassword",
|
|
1722
|
+
"secretsmanager:RotateSecret",
|
|
1723
|
+
"secretsmanager:TagResource",
|
|
1724
|
+
"secretsmanager:UpdateSecret"
|
|
1700
1725
|
]
|
|
1701
1726
|
},
|
|
1702
1727
|
"modifyclusterdbrevision": {
|
|
@@ -2047,7 +2072,20 @@
|
|
|
2047
2072
|
"name": "cluster",
|
|
2048
2073
|
"required": true,
|
|
2049
2074
|
"conditionKeys": [],
|
|
2050
|
-
"dependentActions": [
|
|
2075
|
+
"dependentActions": [
|
|
2076
|
+
"kms:CreateGrant",
|
|
2077
|
+
"kms:Decrypt",
|
|
2078
|
+
"kms:DescribeKey",
|
|
2079
|
+
"kms:GenerateDataKey",
|
|
2080
|
+
"kms:RetireGrant",
|
|
2081
|
+
"secretsmanager:CreateSecret",
|
|
2082
|
+
"secretsmanager:DeleteSecret",
|
|
2083
|
+
"secretsmanager:DescribeSecret",
|
|
2084
|
+
"secretsmanager:GetRandomPassword",
|
|
2085
|
+
"secretsmanager:RotateSecret",
|
|
2086
|
+
"secretsmanager:TagResource",
|
|
2087
|
+
"secretsmanager:UpdateSecret"
|
|
2088
|
+
]
|
|
2051
2089
|
},
|
|
2052
2090
|
{
|
|
2053
2091
|
"name": "snapshot",
|
|
@@ -337,7 +337,7 @@
|
|
|
337
337
|
},
|
|
338
338
|
"getdatalakeorganizationconfiguration": {
|
|
339
339
|
"name": "GetDataLakeOrganizationConfiguration",
|
|
340
|
-
"description": "Grants permission to get an organization
|
|
340
|
+
"description": "Grants permission to get an organization's configuration setting for automatically enabling Amazon Security Lake access for new organization accounts",
|
|
341
341
|
"accessLevel": "Read",
|
|
342
342
|
"resourceTypes": [
|
|
343
343
|
{
|