@cloud-copilot/iam-data 0.9.202502251 → 0.9.202502271

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/data/actions/cloudshell.json +16 -0
  2. package/data/actions/ecs.json +37 -10
  3. package/data/actions/ram.json +2 -1
  4. package/data/conditionKeys/ecs.json +41 -1
  5. package/package.json +2 -2
package/data/actions/cloudshell.json CHANGED
@@ -1,4 +1,20 @@
1
1
  {
2
+ "approvecommand": {
3
+ "name": "ApproveCommand",
4
+ "isPermissionOnly": true,
5
+ "description": "Grants permission to approve a command sent by another AWS service",
6
+ "accessLevel": "Read",
7
+ "resourceTypes": [
8
+ {
9
+ "name": "Environment",
10
+ "required": true,
11
+ "conditionKeys": [],
12
+ "dependentActions": []
13
+ }
14
+ ],
15
+ "conditionKeys": [],
16
+ "dependentActions": []
17
+ },
2
18
  "createenvironment": {
3
19
  "name": "CreateEnvironment",
4
20
  "isPermissionOnly": true,
package/data/actions/ecs.json CHANGED
@@ -38,22 +38,29 @@
38
38
  {
39
39
  "name": "service",
40
40
  "required": true,
41
- "conditionKeys": [],
41
+ "conditionKeys": [
42
+ "ecs:cluster",
43
+ "aws:ResourceTag/${TagKey}"
44
+ ],
42
45
  "dependentActions": []
43
46
  }
44
47
  ],
45
48
  "conditionKeys": [
46
49
  "aws:RequestTag/${TagKey}",
47
- "aws:ResourceTag/${TagKey}",
48
50
  "aws:TagKeys",
49
- "ecs:cluster",
50
51
  "ecs:capacity-provider",
51
52
  "ecs:task-definition",
52
53
  "ecs:enable-ebs-volumes",
53
54
  "ecs:enable-execute-command",
54
55
  "ecs:enable-service-connect",
55
56
  "ecs:namespace",
56
- "ecs:enable-vpc-lattice"
57
+ "ecs:enable-vpc-lattice",
58
+ "ecs:enable-ecs-managed-tags",
59
+ "ecs:propagate-tags",
60
+ "ecs:auto-assign-public-ip",
61
+ "ecs:subnet",
62
+ "ecs:task-cpu",
63
+ "ecs:task-memory"
57
64
  ],
58
65
  "dependentActions": []
59
66
  },
@@ -708,10 +715,23 @@
708
715
  "name": "RegisterTaskDefinition",
709
716
  "description": "Grants permission to register a new task definition from the supplied family and containerDefinitions",
710
717
  "accessLevel": "Write",
711
- "resourceTypes": [],
718
+ "resourceTypes": [
719
+ {
720
+ "name": "task-definition",
721
+ "required": true,
722
+ "conditionKeys": [
723
+ "aws:ResourceTag/${TagKey}"
724
+ ],
725
+ "dependentActions": []
726
+ }
727
+ ],
712
728
  "conditionKeys": [
713
729
  "aws:RequestTag/${TagKey}",
714
- "aws:TagKeys"
730
+ "aws:TagKeys",
731
+ "ecs:compute-compatibility",
732
+ "ecs:privileged",
733
+ "ecs:task-cpu",
734
+ "ecs:task-memory"
715
735
  ],
716
736
  "dependentActions": []
717
737
  },
@@ -1057,20 +1077,27 @@
1057
1077
  {
1058
1078
  "name": "service",
1059
1079
  "required": true,
1060
- "conditionKeys": [],
1080
+ "conditionKeys": [
1081
+ "ecs:cluster",
1082
+ "aws:ResourceTag/${TagKey}"
1083
+ ],
1061
1084
  "dependentActions": []
1062
1085
  }
1063
1086
  ],
1064
1087
  "conditionKeys": [
1065
- "aws:ResourceTag/${TagKey}",
1066
- "ecs:cluster",
1067
1088
  "ecs:capacity-provider",
1068
1089
  "ecs:enable-ebs-volumes",
1069
1090
  "ecs:enable-execute-command",
1070
1091
  "ecs:enable-service-connect",
1071
1092
  "ecs:namespace",
1072
1093
  "ecs:task-definition",
1073
- "ecs:enable-vpc-lattice"
1094
+ "ecs:enable-vpc-lattice",
1095
+ "ecs:enable-ecs-managed-tags",
1096
+ "ecs:propagate-tags",
1097
+ "ecs:auto-assign-public-ip",
1098
+ "ecs:subnet",
1099
+ "ecs:task-cpu",
1100
+ "ecs:task-memory"
1074
1101
  ],
1075
1102
  "dependentActions": []
1076
1103
  },
package/data/actions/ram.json CHANGED
@@ -112,7 +112,8 @@
112
112
  "ram:RequestedResourceType",
113
113
  "ram:ResourceArn",
114
114
  "ram:RequestedAllowsExternalPrincipals",
115
- "ram:Principal"
115
+ "ram:Principal",
116
+ "ram:AllowsExternalPrincipals"
116
117
  ],
117
118
  "dependentActions": []
118
119
  },
package/data/conditionKeys/ecs.json CHANGED
@@ -29,16 +29,26 @@
29
29
  "description": "Filters access by the Amazon ECS account setting name",
30
30
  "type": "String"
31
31
  },
32
+ "ecs:auto-assign-public-ip": {
33
+ "key": "ecs:auto-assign-public-ip",
34
+ "description": "Filters access by the public IP assignment configuration of your Amazon ECS task or Amazon ECS service that uses awsvpc network mode",
35
+ "type": "Bool"
36
+ },
32
37
  "ecs:capacity-provider": {
33
38
  "key": "ecs:capacity-provider",
34
39
  "description": "Filters access by the ARN of an Amazon ECS capacity provider",
35
- "type": "ARN"
40
+ "type": "ArrayOfARN"
36
41
  },
37
42
  "ecs:cluster": {
38
43
  "key": "ecs:cluster",
39
44
  "description": "Filters access by the ARN of an Amazon ECS cluster",
40
45
  "type": "ARN"
41
46
  },
47
+ "ecs:compute-compatibility": {
48
+ "key": "ecs:compute-compatibility",
49
+ "description": "Filters access by the required compatibilities field provided in the request",
50
+ "type": "ArrayOfString"
51
+ },
42
52
  "ecs:container-instances": {
43
53
  "key": "ecs:container-instances",
44
54
  "description": "Filters access by the ARN of an Amazon ECS container instance",
@@ -54,6 +64,11 @@
54
64
  "description": "Filters access by the Amazon ECS managed Amazon EBS volume capability of your ECS task or service",
55
65
  "type": "String"
56
66
  },
67
+ "ecs:enable-ecs-managed-tags": {
68
+ "key": "ecs:enable-ecs-managed-tags",
69
+ "description": "Filters access by the enableECSManagedTags configuration of your Amazon ECS task or Amazon ECS service",
70
+ "type": "Bool"
71
+ },
57
72
  "ecs:enable-execute-command": {
58
73
  "key": "ecs:enable-execute-command",
59
74
  "description": "Filters access by the execute-command capability of your Amazon ECS task or Amazon ECS service",
@@ -79,19 +94,44 @@
79
94
  "description": "Filters access by the ARN of AWS Cloud Map namespace which is defined in the Service Connect Configuration",
80
95
  "type": "ARN"
81
96
  },
97
+ "ecs:privileged": {
98
+ "key": "ecs:privileged",
99
+ "description": "Filters access by the privileged field provided in the request",
100
+ "type": "String"
101
+ },
102
+ "ecs:propagate-tags": {
103
+ "key": "ecs:propagate-tags",
104
+ "description": "Filters access by the tag propagation configuration of your Amazon ECS task or Amazon ECS service",
105
+ "type": "String"
106
+ },
82
107
  "ecs:service": {
83
108
  "key": "ecs:service",
84
109
  "description": "Filters access by the ARN of an Amazon ECS service",
85
110
  "type": "ARN"
86
111
  },
112
+ "ecs:subnet": {
113
+ "key": "ecs:subnet",
114
+ "description": "Filters access by the subnet configuration of your Amazon ECS task or Amazon ECS service that uses awsvpc network mode",
115
+ "type": "ArrayOfString"
116
+ },
87
117
  "ecs:task": {
88
118
  "key": "ecs:task",
89
119
  "description": "Filters access by the ARN of an Amazon ECS task",
90
120
  "type": "ARN"
91
121
  },
122
+ "ecs:task-cpu": {
123
+ "key": "ecs:task-cpu",
124
+ "description": "Filters access by the task cpu, as an integer with 1024 = 1 vCPU, provided in the request",
125
+ "type": "Numeric"
126
+ },
92
127
  "ecs:task-definition": {
93
128
  "key": "ecs:task-definition",
94
129
  "description": "Filters access by the ARN of an Amazon ECS task definition",
95
130
  "type": "ARN"
131
+ },
132
+ "ecs:task-memory": {
133
+ "key": "ecs:task-memory",
134
+ "description": "Filters access by the task memory, as an integer representing MiB, provided in the request",
135
+ "type": "Numeric"
96
136
  }
97
137
  }
package/package.json CHANGED
@@ -1,9 +1,9 @@
1
1
  {
2
2
  "name": "@cloud-copilot/iam-data",
3
- "version": "0.9.202502251",
3
+ "version": "0.9.202502271",
4
4
  "description": "AWS IAM Data",
5
5
  "repository": "github:cloud-copilot/iam-data",
6
- "updatedAt": "2025-02-25T04:44:50.867Z",
6
+ "updatedAt": "2025-02-27T04:45:51.639Z",
7
7
  "exports": {
8
8
  ".": {
9
9
  "import": "./dist/esm/index.js",