npm - @cloud-copilot/iam-data - Versions diffs - 0.9.202411251 → 0.9.202412071 - Mend

@cloud-copilot/iam-data 0.9.202411251 → 0.9.202412071

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (80) hide show

package/data/actions/aiops.json +384 -0
package/data/actions/aoss.json +9 -2
package/data/actions/bedrock.json +576 -2
package/data/actions/chime.json +95 -1
package/data/actions/cleanrooms.json +1 -0
package/data/actions/config.json +146 -14
package/data/actions/connect-campaigns.json +15 -0
package/data/actions/connect.json +40 -1
package/data/actions/datazone.json +0 -5
package/data/actions/dsql.json +191 -0
package/data/actions/eks.json +8 -2
package/data/actions/es.json +99 -3
package/data/actions/glue.json +75 -0
package/data/actions/imagebuilder.json +15 -0
package/data/actions/invoicing.json +136 -0
package/data/actions/logs.json +32 -0
package/data/actions/memorydb.json +162 -0
package/data/actions/networkflowmonitor.json +393 -0
package/data/actions/networkmanager.json +59 -0
package/data/actions/observabilityadmin.json +66 -0
package/data/actions/opensearch.json +60 -0
package/data/actions/partnercentral.json +256 -0
package/data/actions/qapps.json +0 -4
package/data/actions/qbusiness.json +377 -0
package/data/actions/quicksight.json +79 -0
package/data/actions/redshift-data.json +19 -2
package/data/actions/redshift-serverless.json +23 -0
package/data/actions/redshift.json +16 -0
package/data/actions/rekognition.json +58 -11
package/data/actions/s3.json +71 -0
package/data/actions/s3tables.json +461 -0
package/data/actions/sagemaker-data-science-assistant.json +11 -0
package/data/actions/sagemaker.json +371 -9
package/data/actions/security-ir.json +344 -0
package/data/actions/transfer.json +127 -0
package/data/actions/vpc-lattice.json +423 -44
package/data/actions/vpce.json +11 -0
package/data/conditionKeys/aiops.json +17 -0
package/data/conditionKeys/bedrock.json +5 -0
package/data/conditionKeys/config.json +5 -0
package/data/conditionKeys/dsql.json +22 -0
package/data/conditionKeys/eks.json +15 -0
package/data/conditionKeys/invoicing.json +17 -1
package/data/conditionKeys/networkflowmonitor.json +17 -0
package/data/conditionKeys/networkmanager.json +10 -0
package/data/conditionKeys/observabilityadmin.json +1 -0
package/data/conditionKeys/redshift-data.json +5 -0
package/data/conditionKeys/redshift-serverless.json +5 -0
package/data/conditionKeys/s3express.json +5 -0
package/data/conditionKeys/s3tables.json +12 -0
package/data/conditionKeys/sagemaker-data-science-assistant.json +1 -0
package/data/conditionKeys/security-ir.json +17 -0
package/data/conditionKeys/vpc-lattice.json +10 -0
package/data/conditionKeys/vpce.json +1 -0
package/data/resourceTypes/aiops.json +9 -0
package/data/resourceTypes/bedrock.json +27 -0
package/data/resourceTypes/config.json +7 -0
package/data/resourceTypes/dsql.json +9 -0
package/data/resourceTypes/es.json +7 -0
package/data/resourceTypes/invoicing.json +9 -1
package/data/resourceTypes/memorydb.json +12 -0
package/data/resourceTypes/networkflowmonitor.json +16 -0
package/data/resourceTypes/observabilityadmin.json +1 -0
package/data/resourceTypes/opensearch.json +4 -0
package/data/resourceTypes/partnercentral.json +12 -0
package/data/resourceTypes/personalize.json +3 -3
package/data/resourceTypes/qbusiness.json +14 -0
package/data/resourceTypes/redshift-data.json +4 -0
package/data/resourceTypes/redshift-serverless.json +4 -0
package/data/resourceTypes/rekognition.json +8 -2
package/data/resourceTypes/s3tables.json +14 -0
package/data/resourceTypes/sagemaker-data-science-assistant.json +1 -0
package/data/resourceTypes/sagemaker.json +32 -0
package/data/resourceTypes/security-ir.json +16 -0
package/data/resourceTypes/transfer.json +7 -0
package/data/resourceTypes/vpc-lattice.json +76 -35
package/data/resourceTypes/vpce.json +1 -0
package/data/serviceNames.json +8 -0
package/data/services.json +8 -0
package/package.json +2 -2

package/data/actions/aiops.json ADDED Viewed

@@ -0,0 +1,384 @@
+{
+  "createinvestigation": {
+    "name": "CreateInvestigation",
+    "description": "Grants permission to create a new investigation in the specified investigation group",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "investigation-group",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": [
+      "kms:Decrypt",
+      "kms:GenerateDataKey",
+      "sts:SetContext"
+    ]
+  },
+  "createinvestigationevent": {
+    "name": "CreateInvestigationEvent",
+    "description": "Grants permission to create a new investigation event in the specified investigation group",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "investigation-group",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": [
+      "kms:Decrypt",
+      "kms:GenerateDataKey",
+      "sts:SetContext"
+    ]
+  },
+  "createinvestigationgroup": {
+    "name": "CreateInvestigationGroup",
+    "description": "Grants permission to create a new investigation group",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [
+      "aws:TagKeys",
+      "aws:RequestTag/${TagKey}"
+    ],
+    "dependentActions": [
+      "aiops:TagResource",
+      "cloudtrail:DescribeTrails",
+      "iam:PassRole",
+      "kms:Decrypt",
+      "kms:DescribeKey",
+      "kms:GenerateDataKey",
+      "sso:CreateApplication",
+      "sso:DeleteApplication",
+      "sso:PutApplicationAccessScope",
+      "sso:PutApplicationAssignmentConfiguration",
+      "sso:PutApplicationAuthenticationMethod",
+      "sso:PutApplicationGrant",
+      "sso:TagResource"
+    ]
+  },
+  "createinvestigationresource": {
+    "name": "CreateInvestigationResource",
+    "description": "Grants permission to create an investigation resource in the specified investigation group",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "investigation-group",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": [
+      "cloudwatch:DescribeAlarmHistory",
+      "cloudwatch:DescribeAlarms",
+      "cloudwatch:GetInsightRuleReport",
+      "cloudwatch:GetMetricData",
+      "kms:GenerateDataKey",
+      "logs:GetQueryResults"
+    ]
+  },
+  "deleteinvestigation": {
+    "name": "DeleteInvestigation",
+    "description": "Grants permission to delete an investigation in the specified investigation group",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "investigation-group",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": [
+      "sts:SetContext"
+    ]
+  },
+  "deleteinvestigationgroup": {
+    "name": "DeleteInvestigationGroup",
+    "description": "Grants permission to delete the specified investigation group",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "investigation-group",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": [
+      "sso:DeleteApplication"
+    ]
+  },
+  "deleteinvestigationgrouppolicy": {
+    "name": "DeleteInvestigationGroupPolicy",
+    "description": "Grants permission to delete the investigation group policy attached to an investigation group",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "investigation-group",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "getinvestigation": {
+    "name": "GetInvestigation",
+    "description": "Grants permission to retrieve an investigation in the specified investigation group",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "investigation-group",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "getinvestigationevent": {
+    "name": "GetInvestigationEvent",
+    "description": "Grants permission to retrieve an investigation event in the specified investigation group",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "investigation-group",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": [
+      "kms:Decrypt"
+    ]
+  },
+  "getinvestigationgroup": {
+    "name": "GetInvestigationGroup",
+    "description": "Grants permission to retrieve the specified investigation group",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "investigation-group",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "getinvestigationgrouppolicy": {
+    "name": "GetInvestigationGroupPolicy",
+    "description": "Grants permission to retrieve the investigation group policy attached to an investigation group",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "investigation-group",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "getinvestigationresource": {
+    "name": "GetInvestigationResource",
+    "description": "Grants permission to retrieve an investigation resource in the specified investigation group",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "investigation-group",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": [
+      "kms:Decrypt"
+    ]
+  },
+  "listinvestigationevents": {
+    "name": "ListInvestigationEvents",
+    "description": "Grants permission to list all investigation events in the specified investigation group",
+    "accessLevel": "List",
+    "resourceTypes": [
+      {
+        "name": "investigation-group",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listinvestigationgroups": {
+    "name": "ListInvestigationGroups",
+    "description": "Grants permission to list all investigation groups in the AWS account making the request",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listinvestigations": {
+    "name": "ListInvestigations",
+    "description": "Grants permission to list all investigations that are in the specified investigation group",
+    "accessLevel": "List",
+    "resourceTypes": [
+      {
+        "name": "investigation-group",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "listtagsforresource": {
+    "name": "ListTagsForResource",
+    "description": "Grants permission to list the tags for the specified resource",
+    "accessLevel": "List",
+    "resourceTypes": [
+      {
+        "name": "investigation-group",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "putinvestigationgrouppolicy": {
+    "name": "PutInvestigationGroupPolicy",
+    "description": "Grants permission to create/update the investigation group policy attached to an investigation group",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "investigation-group",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "tagresource": {
+    "name": "TagResource",
+    "description": "Grants permission to add or update the specified tags for the specified resource",
+    "accessLevel": "Tagging",
+    "resourceTypes": [
+      {
+        "name": "investigation-group",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [
+      "aws:TagKeys",
+      "aws:RequestTag/${TagKey}"
+    ],
+    "dependentActions": []
+  },
+  "untagresource": {
+    "name": "UntagResource",
+    "description": "Grants permission to remove the specified tags from the specified resource",
+    "accessLevel": "Tagging",
+    "resourceTypes": [
+      {
+        "name": "investigation-group",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [
+      "aws:TagKeys"
+    ],
+    "dependentActions": []
+  },
+  "updateinvestigation": {
+    "name": "UpdateInvestigation",
+    "description": "Grants permission to update an investigation in the specified investigation group",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "investigation-group",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": [
+      "kms:Decrypt",
+      "kms:GenerateDataKey",
+      "sts:SetContext"
+    ]
+  },
+  "updateinvestigationevent": {
+    "name": "UpdateInvestigationEvent",
+    "description": "Grants permission to update an investigation event in the specified investigation group",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "investigation-group",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": [
+      "kms:Decrypt",
+      "kms:GenerateDataKey",
+      "sts:SetContext"
+    ]
+  },
+  "updateinvestigationgroup": {
+    "name": "UpdateInvestigationGroup",
+    "description": "Grants permission to update the specified investigation group",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "investigation-group",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": [
+      "cloudtrail:DescribeTrails",
+      "iam:PassRole",
+      "kms:Decrypt",
+      "kms:DescribeKey",
+      "kms:GenerateDataKey",
+      "sso:CreateApplication",
+      "sso:DeleteApplication",
+      "sso:PutApplicationAccessScope",
+      "sso:PutApplicationAssignmentConfiguration",
+      "sso:PutApplicationAuthenticationMethod",
+      "sso:PutApplicationGrant",
+      "sso:TagResource"
+    ]
+  }
+}

package/data/actions/aoss.json CHANGED Viewed

@@ -11,7 +11,10 @@
         "dependentActions": []
       }
     ],
-    "conditionKeys": [],
+    "conditionKeys": [
+      "aoss:collection",
+      "aoss:CollectionId"
+    ],
     "dependentActions": []
   },
   "batchgetcollection": {
@@ -117,7 +120,10 @@
         "dependentActions": []
       }
     ],
-    "conditionKeys": [],
+    "conditionKeys": [
+      "aoss:collection",
+      "aoss:CollectionId"
+    ],
     "dependentActions": []
   },
   "deleteaccesspolicy": {
@@ -290,6 +296,7 @@
     "accessLevel": "Write",
     "resourceTypes": [],
     "conditionKeys": [
+      "aws:ResourceTag/${TagKey}",
       "aws:RequestTag/${TagKey}",
       "aws:TagKeys"
     ],