aws-iam-data 0.0.112 → 0.0.114

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/data/json/changelog.json +76 -0
  2. package/dist/data/json/iam.json +1368 -105
  3. package/dist/data/json/metadata.json +105 -25
  4. package/dist/data/json/reports.json +18 -18
  5. package/package.json +1 -1
package/dist/data/json/iam.json CHANGED
@@ -41931,12 +41931,18 @@
41931
41931
  "name": "GetInsightSelectors",
41932
41932
  "apiReferenceUrl": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_GetInsightSelectors.html",
41933
41933
  "permissionOnly": false,
41934
- "description": "Grants permission to list CloudTrail Insights selectors that are configured for a trail",
41934
+ "description": "Grants permission to list CloudTrail Insights selectors that are configured for a trail or event data store",
41935
41935
  "accessLevel": "Read",
41936
41936
  "resourceTypes": [
41937
+ {
41938
+ "resourceType": "eventdatastore",
41939
+ "required": false,
41940
+ "conditionKeys": [],
41941
+ "dependentActions": []
41942
+ },
41937
41943
  {
41938
41944
  "resourceType": "trail",
41939
- "required": true,
41945
+ "required": false,
41940
41946
  "conditionKeys": [],
41941
41947
  "dependentActions": []
41942
41948
  }
@@ -42201,12 +42207,18 @@
42201
42207
  "name": "PutInsightSelectors",
42202
42208
  "apiReferenceUrl": "https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_PutInsightSelectors.html",
42203
42209
  "permissionOnly": false,
42204
- "description": "Grants permission to create and update CloudTrail Insights selectors for a trail",
42210
+ "description": "Grants permission to create and update CloudTrail Insights selectors for a trail or event data store",
42205
42211
  "accessLevel": "Write",
42206
42212
  "resourceTypes": [
42213
+ {
42214
+ "resourceType": "eventdatastore",
42215
+ "required": false,
42216
+ "conditionKeys": [],
42217
+ "dependentActions": []
42218
+ },
42207
42219
  {
42208
42220
  "resourceType": "trail",
42209
- "required": true,
42221
+ "required": false,
42210
42222
  "conditionKeys": [],
42211
42223
  "dependentActions": []
42212
42224
  }
@@ -44911,6 +44923,42 @@
44911
44923
  }
44912
44924
  ]
44913
44925
  },
44926
+ {
44927
+ "name": "CreateDelivery",
44928
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateDelivery.html",
44929
+ "permissionOnly": false,
44930
+ "description": "Grants permission to create a delivery connecting a delivery source to a delivery destination",
44931
+ "accessLevel": "Write",
44932
+ "resourceTypes": [
44933
+ {
44934
+ "resourceType": "delivery",
44935
+ "required": true,
44936
+ "conditionKeys": [],
44937
+ "dependentActions": []
44938
+ },
44939
+ {
44940
+ "resourceType": "delivery-destination",
44941
+ "required": true,
44942
+ "conditionKeys": [],
44943
+ "dependentActions": []
44944
+ },
44945
+ {
44946
+ "resourceType": "delivery-source",
44947
+ "required": true,
44948
+ "conditionKeys": [],
44949
+ "dependentActions": []
44950
+ },
44951
+ {
44952
+ "resourceType": "",
44953
+ "required": false,
44954
+ "conditionKeys": [
44955
+ "aws:TagKeys",
44956
+ "aws:RequestTag/${TagKey}"
44957
+ ],
44958
+ "dependentActions": []
44959
+ }
44960
+ ]
44961
+ },
44914
44962
  {
44915
44963
  "name": "CreateExportTask",
44916
44964
  "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateExportTask.html",
@@ -45010,6 +45058,66 @@
45010
45058
  }
45011
45059
  ]
45012
45060
  },
45061
+ {
45062
+ "name": "DeleteDelivery",
45063
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteDelivery.html",
45064
+ "permissionOnly": false,
45065
+ "description": "Grants permission to delete a delivery",
45066
+ "accessLevel": "Write",
45067
+ "resourceTypes": [
45068
+ {
45069
+ "resourceType": "delivery",
45070
+ "required": true,
45071
+ "conditionKeys": [],
45072
+ "dependentActions": []
45073
+ }
45074
+ ]
45075
+ },
45076
+ {
45077
+ "name": "DeleteDeliveryDestination",
45078
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteDeliveryDestination.html",
45079
+ "permissionOnly": false,
45080
+ "description": "Grants permission to delete a delivery destination after all associated deliveries are deleted",
45081
+ "accessLevel": "Write",
45082
+ "resourceTypes": [
45083
+ {
45084
+ "resourceType": "delivery-destination",
45085
+ "required": true,
45086
+ "conditionKeys": [],
45087
+ "dependentActions": []
45088
+ }
45089
+ ]
45090
+ },
45091
+ {
45092
+ "name": "DeleteDeliveryDestinationPolicy",
45093
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteDeliveryDestinationPolicy.html",
45094
+ "permissionOnly": false,
45095
+ "description": "Grants permission to delete a delivery destination policy associated with a delivery destination",
45096
+ "accessLevel": "Write",
45097
+ "resourceTypes": [
45098
+ {
45099
+ "resourceType": "delivery-destination",
45100
+ "required": true,
45101
+ "conditionKeys": [],
45102
+ "dependentActions": []
45103
+ }
45104
+ ]
45105
+ },
45106
+ {
45107
+ "name": "DeleteDeliverySource",
45108
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteDeliverySource.html",
45109
+ "permissionOnly": false,
45110
+ "description": "Grants permission to delete a delivery source after all associated deliveries are deleted",
45111
+ "accessLevel": "Write",
45112
+ "resourceTypes": [
45113
+ {
45114
+ "resourceType": "delivery-destination",
45115
+ "required": true,
45116
+ "conditionKeys": [],
45117
+ "dependentActions": []
45118
+ }
45119
+ ]
45120
+ },
45013
45121
  {
45014
45122
  "name": "DeleteDestination",
45015
45123
  "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteDestination.html",
@@ -45160,6 +45268,51 @@
45160
45268
  }
45161
45269
  ]
45162
45270
  },
45271
+ {
45272
+ "name": "DescribeDeliveries",
45273
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeDeliveries.html",
45274
+ "permissionOnly": false,
45275
+ "description": "Grants permission to retrieve a list of deliveries an account",
45276
+ "accessLevel": "List",
45277
+ "resourceTypes": [
45278
+ {
45279
+ "resourceType": "",
45280
+ "required": false,
45281
+ "conditionKeys": [],
45282
+ "dependentActions": []
45283
+ }
45284
+ ]
45285
+ },
45286
+ {
45287
+ "name": "DescribeDeliveryDestinations",
45288
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeDeliveryDestinations.html",
45289
+ "permissionOnly": false,
45290
+ "description": "Grants permission to retrieve a list of delivery destinations an account",
45291
+ "accessLevel": "List",
45292
+ "resourceTypes": [
45293
+ {
45294
+ "resourceType": "",
45295
+ "required": false,
45296
+ "conditionKeys": [],
45297
+ "dependentActions": []
45298
+ }
45299
+ ]
45300
+ },
45301
+ {
45302
+ "name": "DescribeDeliverySources",
45303
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeDeliverySources.html",
45304
+ "permissionOnly": false,
45305
+ "description": "Grants permission to retrieve a list of delivery sources in an account",
45306
+ "accessLevel": "List",
45307
+ "resourceTypes": [
45308
+ {
45309
+ "resourceType": "",
45310
+ "required": false,
45311
+ "conditionKeys": [],
45312
+ "dependentActions": []
45313
+ }
45314
+ ]
45315
+ },
45163
45316
  {
45164
45317
  "name": "DescribeDestinations",
45165
45318
  "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeDestinations.html",
@@ -45340,6 +45493,66 @@
45340
45493
  }
45341
45494
  ]
45342
45495
  },
45496
+ {
45497
+ "name": "GetDelivery",
45498
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetDelivery.html",
45499
+ "permissionOnly": false,
45500
+ "description": "Grants permission to retrieve a single delivery",
45501
+ "accessLevel": "Read",
45502
+ "resourceTypes": [
45503
+ {
45504
+ "resourceType": "delivery",
45505
+ "required": true,
45506
+ "conditionKeys": [],
45507
+ "dependentActions": []
45508
+ }
45509
+ ]
45510
+ },
45511
+ {
45512
+ "name": "GetDeliveryDestination",
45513
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetDeliveryDestination.html",
45514
+ "permissionOnly": false,
45515
+ "description": "Grants permission to retrieve a single delivery destination",
45516
+ "accessLevel": "Read",
45517
+ "resourceTypes": [
45518
+ {
45519
+ "resourceType": "delivery-destination",
45520
+ "required": true,
45521
+ "conditionKeys": [],
45522
+ "dependentActions": []
45523
+ }
45524
+ ]
45525
+ },
45526
+ {
45527
+ "name": "GetDeliveryDestinationPolicy",
45528
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetDeliveryDestinationPolicy.html",
45529
+ "permissionOnly": false,
45530
+ "description": "Grants permission to retrieve a delivery destination policy attached to a delivery destination",
45531
+ "accessLevel": "Read",
45532
+ "resourceTypes": [
45533
+ {
45534
+ "resourceType": "delivery-destination",
45535
+ "required": true,
45536
+ "conditionKeys": [],
45537
+ "dependentActions": []
45538
+ }
45539
+ ]
45540
+ },
45541
+ {
45542
+ "name": "GetDeliverySource",
45543
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetDeliverySource.html",
45544
+ "permissionOnly": false,
45545
+ "description": "Grants permission to retrieve a single delivery source",
45546
+ "accessLevel": "Read",
45547
+ "resourceTypes": [
45548
+ {
45549
+ "resourceType": "delivery-source",
45550
+ "required": true,
45551
+ "conditionKeys": [],
45552
+ "dependentActions": []
45553
+ }
45554
+ ]
45555
+ },
45343
45556
  {
45344
45557
  "name": "GetLogDelivery",
45345
45558
  "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html",
@@ -45452,6 +45665,24 @@
45452
45665
  "description": "Grants permission to list the tags for the specified resource",
45453
45666
  "accessLevel": "List",
45454
45667
  "resourceTypes": [
45668
+ {
45669
+ "resourceType": "delivery",
45670
+ "required": false,
45671
+ "conditionKeys": [],
45672
+ "dependentActions": []
45673
+ },
45674
+ {
45675
+ "resourceType": "delivery-destination",
45676
+ "required": false,
45677
+ "conditionKeys": [],
45678
+ "dependentActions": []
45679
+ },
45680
+ {
45681
+ "resourceType": "delivery-source",
45682
+ "required": false,
45683
+ "conditionKeys": [],
45684
+ "dependentActions": []
45685
+ },
45455
45686
  {
45456
45687
  "resourceType": "destination",
45457
45688
  "required": false,
@@ -45511,6 +45742,71 @@
45511
45742
  }
45512
45743
  ]
45513
45744
  },
45745
+ {
45746
+ "name": "PutDeliveryDestination",
45747
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestination.html",
45748
+ "permissionOnly": false,
45749
+ "description": "Grants permission to create/update a delivery destination",
45750
+ "accessLevel": "Write",
45751
+ "resourceTypes": [
45752
+ {
45753
+ "resourceType": "delivery-destination",
45754
+ "required": true,
45755
+ "conditionKeys": [],
45756
+ "dependentActions": []
45757
+ },
45758
+ {
45759
+ "resourceType": "",
45760
+ "required": false,
45761
+ "conditionKeys": [
45762
+ "aws:TagKeys",
45763
+ "aws:RequestTag/${TagKey}",
45764
+ "logs:DeliveryDestinationResourceArn"
45765
+ ],
45766
+ "dependentActions": []
45767
+ }
45768
+ ]
45769
+ },
45770
+ {
45771
+ "name": "PutDeliveryDestinationPolicy",
45772
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestinationPolicy.html",
45773
+ "permissionOnly": false,
45774
+ "description": "Grants permission to attach a delivery destination policy to a delivery destination",
45775
+ "accessLevel": "Write",
45776
+ "resourceTypes": [
45777
+ {
45778
+ "resourceType": "delivery-destination",
45779
+ "required": true,
45780
+ "conditionKeys": [],
45781
+ "dependentActions": []
45782
+ }
45783
+ ]
45784
+ },
45785
+ {
45786
+ "name": "PutDeliverySource",
45787
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliverySource.html",
45788
+ "permissionOnly": false,
45789
+ "description": "Grants permission to create/update a delivery source",
45790
+ "accessLevel": "Write",
45791
+ "resourceTypes": [
45792
+ {
45793
+ "resourceType": "delivery-source",
45794
+ "required": true,
45795
+ "conditionKeys": [],
45796
+ "dependentActions": []
45797
+ },
45798
+ {
45799
+ "resourceType": "",
45800
+ "required": false,
45801
+ "conditionKeys": [
45802
+ "aws:TagKeys",
45803
+ "aws:RequestTag/${TagKey}",
45804
+ "logs:LogGeneratingResourceArns"
45805
+ ],
45806
+ "dependentActions": []
45807
+ }
45808
+ ]
45809
+ },
45514
45810
  {
45515
45811
  "name": "PutDestination",
45516
45812
  "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html",
@@ -45741,6 +46037,24 @@
45741
46037
  "description": "Grants permission to add or update the specified tags for the specified resource",
45742
46038
  "accessLevel": "Tagging",
45743
46039
  "resourceTypes": [
46040
+ {
46041
+ "resourceType": "delivery",
46042
+ "required": false,
46043
+ "conditionKeys": [],
46044
+ "dependentActions": []
46045
+ },
46046
+ {
46047
+ "resourceType": "delivery-destination",
46048
+ "required": false,
46049
+ "conditionKeys": [],
46050
+ "dependentActions": []
46051
+ },
46052
+ {
46053
+ "resourceType": "delivery-source",
46054
+ "required": false,
46055
+ "conditionKeys": [],
46056
+ "dependentActions": []
46057
+ },
45744
46058
  {
45745
46059
  "resourceType": "destination",
45746
46060
  "required": false,
@@ -45824,6 +46138,24 @@
45824
46138
  "description": "Grants permission to remove the specified tags from the specified resource",
45825
46139
  "accessLevel": "Tagging",
45826
46140
  "resourceTypes": [
46141
+ {
46142
+ "resourceType": "delivery",
46143
+ "required": false,
46144
+ "conditionKeys": [],
46145
+ "dependentActions": []
46146
+ },
46147
+ {
46148
+ "resourceType": "delivery-destination",
46149
+ "required": false,
46150
+ "conditionKeys": [],
46151
+ "dependentActions": []
46152
+ },
46153
+ {
46154
+ "resourceType": "delivery-source",
46155
+ "required": false,
46156
+ "conditionKeys": [],
46157
+ "dependentActions": []
46158
+ },
45827
46159
  {
45828
46160
  "resourceType": "destination",
45829
46161
  "required": false,
@@ -45886,6 +46218,30 @@
45886
46218
  "conditionKeys": [
45887
46219
  "aws:ResourceTag/${TagKey}"
45888
46220
  ]
46221
+ },
46222
+ {
46223
+ "name": "delivery-source",
46224
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeliverySource.html",
46225
+ "arnPattern": "arn:${Partition}:logs:${Region}:${Account}:delivery-source:${DeliverySourceName}",
46226
+ "conditionKeys": [
46227
+ "aws:ResourceTag/${TagKey}"
46228
+ ]
46229
+ },
46230
+ {
46231
+ "name": "delivery",
46232
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_Delivery.html",
46233
+ "arnPattern": "arn:${Partition}:logs:${Region}:${Account}:delivery:${DeliveryName}",
46234
+ "conditionKeys": [
46235
+ "aws:ResourceTag/${TagKey}"
46236
+ ]
46237
+ },
46238
+ {
46239
+ "name": "delivery-destination",
46240
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeliveryDestination.html",
46241
+ "arnPattern": "arn:${Partition}:logs:${Region}:${Account}:delivery-destination:${DeliverySourceName}",
46242
+ "conditionKeys": [
46243
+ "aws:ResourceTag/${TagKey}"
46244
+ ]
45889
46245
  }
45890
46246
  ],
45891
46247
  "conditionKeys": [
@@ -45906,6 +46262,18 @@
45906
46262
  "apiReferenceUrl": "https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys",
45907
46263
  "description": "Filters access by the tag keys that are passed in the request",
45908
46264
  "type": "ArrayOfString"
46265
+ },
46266
+ {
46267
+ "name": "logs:DeliveryDestinationResourceArn",
46268
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/iam-identity-based-access-control-cwl.html",
46269
+ "description": "Filters access by the Log Destination ARN passed in the request",
46270
+ "type": "ARN"
46271
+ },
46272
+ {
46273
+ "name": "logs:LogGeneratingResourceArns",
46274
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/iam-identity-based-access-control-cwl.html",
46275
+ "description": "Filters access by the Log Generating Resource ARNs passed in the request",
46276
+ "type": "ArrayOfARN"
45909
46277
  }
45910
46278
  ]
45911
46279
  },
@@ -57661,7 +58029,10 @@
57661
58029
  {
57662
58030
  "resourceType": "document-classifier-endpoint",
57663
58031
  "required": true,
57664
- "conditionKeys": [],
58032
+ "conditionKeys": [
58033
+ "aws:RequestTag/${TagKey}",
58034
+ "aws:TagKeys"
58035
+ ],
57665
58036
  "dependentActions": []
57666
58037
  },
57667
58038
  {
@@ -57673,7 +58044,10 @@
57673
58044
  {
57674
58045
  "resourceType": "entity-recognizer-endpoint",
57675
58046
  "required": true,
57676
- "conditionKeys": [],
58047
+ "conditionKeys": [
58048
+ "aws:RequestTag/${TagKey}",
58049
+ "aws:TagKeys"
58050
+ ],
57677
58051
  "dependentActions": []
57678
58052
  },
57679
58053
  {
@@ -57681,15 +58055,6 @@
57681
58055
  "required": false,
57682
58056
  "conditionKeys": [],
57683
58057
  "dependentActions": []
57684
- },
57685
- {
57686
- "resourceType": "",
57687
- "required": false,
57688
- "conditionKeys": [
57689
- "aws:RequestTag/${TagKey}",
57690
- "aws:TagKeys"
57691
- ],
57692
- "dependentActions": []
57693
58058
  }
57694
58059
  ]
57695
58060
  },
@@ -57731,7 +58096,15 @@
57731
58096
  {
57732
58097
  "resourceType": "flywheel",
57733
58098
  "required": true,
57734
- "conditionKeys": [],
58099
+ "conditionKeys": [
58100
+ "aws:RequestTag/${TagKey}",
58101
+ "aws:TagKeys",
58102
+ "comprehend:VolumeKmsKey",
58103
+ "comprehend:ModelKmsKey",
58104
+ "comprehend:DataLakeKmsKey",
58105
+ "comprehend:VpcSecurityGroupIds",
58106
+ "comprehend:VpcSubnets"
58107
+ ],
57735
58108
  "dependentActions": []
57736
58109
  },
57737
58110
  {
@@ -57745,20 +58118,6 @@
57745
58118
  "required": false,
57746
58119
  "conditionKeys": [],
57747
58120
  "dependentActions": []
57748
- },
57749
- {
57750
- "resourceType": "",
57751
- "required": false,
57752
- "conditionKeys": [
57753
- "aws:RequestTag/${TagKey}",
57754
- "aws:TagKeys",
57755
- "comprehend:VolumeKmsKey",
57756
- "comprehend:ModelKmsKey",
57757
- "comprehend:DataLakeKmsKey",
57758
- "comprehend:VpcSecurityGroupIds",
57759
- "comprehend:VpcSubnets"
57760
- ],
57761
- "dependentActions": []
57762
58121
  }
57763
58122
  ]
57764
58123
  },
@@ -58214,6 +58573,21 @@
58214
58573
  }
58215
58574
  ]
58216
58575
  },
58576
+ {
58577
+ "name": "DetectToxicContent",
58578
+ "apiReferenceUrl": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_DetectToxicContent.html",
58579
+ "permissionOnly": false,
58580
+ "description": "Grants permission to detect toxic content within the given list of text segments",
58581
+ "accessLevel": "Read",
58582
+ "resourceTypes": [
58583
+ {
58584
+ "resourceType": "",
58585
+ "required": false,
58586
+ "conditionKeys": [],
58587
+ "dependentActions": []
58588
+ }
58589
+ ]
58590
+ },
58217
58591
  {
58218
58592
  "name": "ImportModel",
58219
58593
  "apiReferenceUrl": "https://docs.aws.amazon.com/comprehend/latest/APIReference/API_ImportModel.html",
@@ -58630,7 +59004,14 @@
58630
59004
  {
58631
59005
  "resourceType": "document-classification-job",
58632
59006
  "required": true,
58633
- "conditionKeys": [],
59007
+ "conditionKeys": [
59008
+ "aws:RequestTag/${TagKey}",
59009
+ "aws:TagKeys",
59010
+ "comprehend:VolumeKmsKey",
59011
+ "comprehend:OutputKmsKey",
59012
+ "comprehend:VpcSecurityGroupIds",
59013
+ "comprehend:VpcSubnets"
59014
+ ],
58634
59015
  "dependentActions": []
58635
59016
  },
58636
59017
  {
@@ -58644,19 +59025,6 @@
58644
59025
  "required": false,
58645
59026
  "conditionKeys": [],
58646
59027
  "dependentActions": []
58647
- },
58648
- {
58649
- "resourceType": "",
58650
- "required": false,
58651
- "conditionKeys": [
58652
- "aws:RequestTag/${TagKey}",
58653
- "aws:TagKeys",
58654
- "comprehend:VolumeKmsKey",
58655
- "comprehend:OutputKmsKey",
58656
- "comprehend:VpcSecurityGroupIds",
58657
- "comprehend:VpcSubnets"
58658
- ],
58659
- "dependentActions": []
58660
59028
  }
58661
59029
  ]
58662
59030
  },
@@ -58698,7 +59066,14 @@
58698
59066
  {
58699
59067
  "resourceType": "entities-detection-job",
58700
59068
  "required": true,
58701
- "conditionKeys": [],
59069
+ "conditionKeys": [
59070
+ "aws:RequestTag/${TagKey}",
59071
+ "aws:TagKeys",
59072
+ "comprehend:VolumeKmsKey",
59073
+ "comprehend:OutputKmsKey",
59074
+ "comprehend:VpcSecurityGroupIds",
59075
+ "comprehend:VpcSubnets"
59076
+ ],
58702
59077
  "dependentActions": []
58703
59078
  },
58704
59079
  {
@@ -58712,19 +59087,6 @@
58712
59087
  "required": false,
58713
59088
  "conditionKeys": [],
58714
59089
  "dependentActions": []
58715
- },
58716
- {
58717
- "resourceType": "",
58718
- "required": false,
58719
- "conditionKeys": [
58720
- "aws:RequestTag/${TagKey}",
58721
- "aws:TagKeys",
58722
- "comprehend:VolumeKmsKey",
58723
- "comprehend:OutputKmsKey",
58724
- "comprehend:VpcSecurityGroupIds",
58725
- "comprehend:VpcSubnets"
58726
- ],
58727
- "dependentActions": []
58728
59090
  }
58729
59091
  ]
58730
59092
  },
@@ -59292,7 +59654,12 @@
59292
59654
  {
59293
59655
  "resourceType": "flywheel",
59294
59656
  "required": true,
59295
- "conditionKeys": [],
59657
+ "conditionKeys": [
59658
+ "comprehend:VolumeKmsKey",
59659
+ "comprehend:ModelKmsKey",
59660
+ "comprehend:VpcSecurityGroupIds",
59661
+ "comprehend:VpcSubnets"
59662
+ ],
59296
59663
  "dependentActions": []
59297
59664
  },
59298
59665
  {
@@ -59306,17 +59673,6 @@
59306
59673
  "required": false,
59307
59674
  "conditionKeys": [],
59308
59675
  "dependentActions": []
59309
- },
59310
- {
59311
- "resourceType": "",
59312
- "required": false,
59313
- "conditionKeys": [
59314
- "comprehend:VolumeKmsKey",
59315
- "comprehend:ModelKmsKey",
59316
- "comprehend:VpcSecurityGroupIds",
59317
- "comprehend:VpcSubnets"
59318
- ],
59319
- "dependentActions": []
59320
59676
  }
59321
59677
  ]
59322
59678
  }
@@ -62408,6 +62764,35 @@
62408
62764
  }
62409
62765
  ]
62410
62766
  },
62767
+ {
62768
+ "name": "BatchPutContact",
62769
+ "apiReferenceUrl": "https://docs.aws.amazon.com/connect/latest/APIReference/API_BatchPutContact.html",
62770
+ "permissionOnly": false,
62771
+ "description": "Grants permission to put contacts in an Amazon Connect instance",
62772
+ "accessLevel": "Write",
62773
+ "resourceTypes": [
62774
+ {
62775
+ "resourceType": "instance",
62776
+ "required": true,
62777
+ "conditionKeys": [],
62778
+ "dependentActions": []
62779
+ },
62780
+ {
62781
+ "resourceType": "queue",
62782
+ "required": false,
62783
+ "conditionKeys": [],
62784
+ "dependentActions": []
62785
+ },
62786
+ {
62787
+ "resourceType": "",
62788
+ "required": false,
62789
+ "conditionKeys": [
62790
+ "connect:InstanceId"
62791
+ ],
62792
+ "dependentActions": []
62793
+ }
62794
+ ]
62795
+ },
62411
62796
  {
62412
62797
  "name": "ClaimPhoneNumber",
62413
62798
  "apiReferenceUrl": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ClaimPhoneNumber.html",
@@ -68503,6 +68888,14 @@
68503
68888
  "required": true,
68504
68889
  "conditionKeys": [],
68505
68890
  "dependentActions": []
68891
+ },
68892
+ {
68893
+ "resourceType": "",
68894
+ "required": false,
68895
+ "conditionKeys": [
68896
+ "connect:UserArn"
68897
+ ],
68898
+ "dependentActions": []
68506
68899
  }
68507
68900
  ]
68508
68901
  },
@@ -69075,6 +69468,12 @@
69075
69468
  "apiReferenceUrl": "https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys",
69076
69469
  "description": "Filters access by tag keys that are passed in the request",
69077
69470
  "type": "ArrayOfString"
69471
+ },
69472
+ {
69473
+ "name": "connect:UserArn",
69474
+ "apiReferenceUrl": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UserReference.html",
69475
+ "description": "Filters access by connect's UserArn",
69476
+ "type": "String"
69078
69477
  }
69079
69478
  ]
69080
69479
  },
@@ -104625,6 +105024,34 @@
104625
105024
  }
104626
105025
  ]
104627
105026
  },
105027
+ {
105028
+ "name": "GetSecurityGroupsForVpc",
105029
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSecurityGroupsForVpc.html",
105030
+ "permissionOnly": false,
105031
+ "description": "Grants permission to retrieve a list of security groups for a specified VPC",
105032
+ "accessLevel": "Read",
105033
+ "resourceTypes": [
105034
+ {
105035
+ "resourceType": "vpc",
105036
+ "required": true,
105037
+ "conditionKeys": [
105038
+ "aws:ResourceTag/${TagKey}",
105039
+ "ec2:ResourceTag/${TagKey}",
105040
+ "ec2:Tenancy",
105041
+ "ec2:VpcID"
105042
+ ],
105043
+ "dependentActions": []
105044
+ },
105045
+ {
105046
+ "resourceType": "",
105047
+ "required": false,
105048
+ "conditionKeys": [
105049
+ "ec2:Region"
105050
+ ],
105051
+ "dependentActions": []
105052
+ }
105053
+ ]
105054
+ },
104628
105055
  {
104629
105056
  "name": "GetSerialConsoleAccessStatus",
104630
105057
  "apiReferenceUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSerialConsoleAccessStatus.html",
@@ -105261,6 +105688,25 @@
105261
105688
  }
105262
105689
  ]
105263
105690
  },
105691
+ {
105692
+ "name": "InjectApiError",
105693
+ "apiReferenceUrl": "https://docs.aws.amazon.com/fis/latest/userguide/fis-actions-reference.html",
105694
+ "permissionOnly": true,
105695
+ "description": "Grants permission to temporarily inject errors for target API requests",
105696
+ "accessLevel": "Write",
105697
+ "resourceTypes": [
105698
+ {
105699
+ "resourceType": "",
105700
+ "required": false,
105701
+ "conditionKeys": [
105702
+ "ec2:FisActionId",
105703
+ "ec2:FisTargetArns",
105704
+ "ec2:Region"
105705
+ ],
105706
+ "dependentActions": []
105707
+ }
105708
+ ]
105709
+ },
105264
105710
  {
105265
105711
  "name": "ListImagesInRecycleBin",
105266
105712
  "apiReferenceUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ListImagesInRecycleBin.html",
@@ -106517,8 +106963,6 @@
106517
106963
  "required": true,
106518
106964
  "conditionKeys": [
106519
106965
  "aws:ResourceTag/${TagKey}",
106520
- "ec2:Attribute",
106521
- "ec2:Attribute/${AttributeName}",
106522
106966
  "ec2:ResourceTag/${TagKey}",
106523
106967
  "ec2:SecurityGroupID",
106524
106968
  "ec2:Vpc"
@@ -111594,6 +112038,18 @@
111594
112038
  "description": "Filters access by whether the EBS volume is encrypted",
111595
112039
  "type": "Bool"
111596
112040
  },
112041
+ {
112042
+ "name": "ec2:FisActionId",
112043
+ "apiReferenceUrl": "https://docs.aws.amazon.com/fis/latest/userguide/fis-actions-reference.html",
112044
+ "description": "Filters access by the ID of an AWS FIS action",
112045
+ "type": "String"
112046
+ },
112047
+ {
112048
+ "name": "ec2:FisTargetArns",
112049
+ "apiReferenceUrl": "https://docs.aws.amazon.com/fis/latest/userguide/fis-actions-reference.html",
112050
+ "description": "Filters access by the ARN of an AWS FIS target",
112051
+ "type": "ArrayOfARN"
112052
+ },
111597
112053
  {
111598
112054
  "name": "ec2:GatewayType",
111599
112055
  "apiReferenceUrl": "https://docs.aws.amazon.com/vpn/latest/s2svpn/vpn-authentication-access-control.html",
@@ -121791,6 +122247,21 @@
121791
122247
  }
121792
122248
  ]
121793
122249
  },
122250
+ {
122251
+ "name": "CreateEksAnywhereSubscription",
122252
+ "apiReferenceUrl": "https://docs.aws.amazon.com/eks/latest/APIReference/API_CreateEksAnywhereSubscription.html",
122253
+ "permissionOnly": false,
122254
+ "description": "Grants permission to create an EKS Anywhere subscription",
122255
+ "accessLevel": "Write",
122256
+ "resourceTypes": [
122257
+ {
122258
+ "resourceType": "",
122259
+ "required": false,
122260
+ "conditionKeys": [],
122261
+ "dependentActions": []
122262
+ }
122263
+ ]
122264
+ },
121794
122265
  {
121795
122266
  "name": "CreateFargateProfile",
121796
122267
  "apiReferenceUrl": "https://docs.aws.amazon.com/eks/latest/APIReference/API_CreateFargateProfile.html",
@@ -121869,6 +122340,21 @@
121869
122340
  }
121870
122341
  ]
121871
122342
  },
122343
+ {
122344
+ "name": "DeleteEksAnywhereSubscription",
122345
+ "apiReferenceUrl": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DeleteEksAnywhereSubscription.html",
122346
+ "permissionOnly": false,
122347
+ "description": "Grants permission to describe an EKS Anywhere subscription",
122348
+ "accessLevel": "Write",
122349
+ "resourceTypes": [
122350
+ {
122351
+ "resourceType": "eks-anywhere-subscription",
122352
+ "required": true,
122353
+ "conditionKeys": [],
122354
+ "dependentActions": []
122355
+ }
122356
+ ]
122357
+ },
121872
122358
  {
121873
122359
  "name": "DeleteFargateProfile",
121874
122360
  "apiReferenceUrl": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DeleteFargateProfile.html",
@@ -121974,6 +122460,21 @@
121974
122460
  }
121975
122461
  ]
121976
122462
  },
122463
+ {
122464
+ "name": "DescribeEksAnywhereSubscription",
122465
+ "apiReferenceUrl": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeEksAnywhereSubscription.html",
122466
+ "permissionOnly": false,
122467
+ "description": "Grants permission to describe an EKS Anywhere subscription",
122468
+ "accessLevel": "Read",
122469
+ "resourceTypes": [
122470
+ {
122471
+ "resourceType": "eks-anywhere-subscription",
122472
+ "required": true,
122473
+ "conditionKeys": [],
122474
+ "dependentActions": []
122475
+ }
122476
+ ]
122477
+ },
121977
122478
  {
121978
122479
  "name": "DescribeFargateProfile",
121979
122480
  "apiReferenceUrl": "https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeFargateProfile.html",
@@ -122091,6 +122592,21 @@
122091
122592
  }
122092
122593
  ]
122093
122594
  },
122595
+ {
122596
+ "name": "ListEksAnywhereSubscriptions",
122597
+ "apiReferenceUrl": "https://docs.aws.amazon.com/eks/latest/APIReference/ListEksAnywhereSubscriptions.html",
122598
+ "permissionOnly": false,
122599
+ "description": "Grants permission to list EKS Anywhere subscriptions",
122600
+ "accessLevel": "List",
122601
+ "resourceTypes": [
122602
+ {
122603
+ "resourceType": "",
122604
+ "required": false,
122605
+ "conditionKeys": [],
122606
+ "dependentActions": []
122607
+ }
122608
+ ]
122609
+ },
122094
122610
  {
122095
122611
  "name": "ListFargateProfiles",
122096
122612
  "apiReferenceUrl": "https://docs.aws.amazon.com/eks/latest/APIReference/API_ListFargateProfiles.html",
@@ -122155,6 +122671,12 @@
122155
122671
  "conditionKeys": [],
122156
122672
  "dependentActions": []
122157
122673
  },
122674
+ {
122675
+ "resourceType": "eks-anywhere-subscription",
122676
+ "required": false,
122677
+ "conditionKeys": [],
122678
+ "dependentActions": []
122679
+ },
122158
122680
  {
122159
122681
  "resourceType": "fargateprofile",
122160
122682
  "required": false,
@@ -122239,6 +122761,12 @@
122239
122761
  "conditionKeys": [],
122240
122762
  "dependentActions": []
122241
122763
  },
122764
+ {
122765
+ "resourceType": "eks-anywhere-subscription",
122766
+ "required": false,
122767
+ "conditionKeys": [],
122768
+ "dependentActions": []
122769
+ },
122242
122770
  {
122243
122771
  "resourceType": "fargateprofile",
122244
122772
  "required": false,
@@ -122287,6 +122815,12 @@
122287
122815
  "conditionKeys": [],
122288
122816
  "dependentActions": []
122289
122817
  },
122818
+ {
122819
+ "resourceType": "eks-anywhere-subscription",
122820
+ "required": false,
122821
+ "conditionKeys": [],
122822
+ "dependentActions": []
122823
+ },
122290
122824
  {
122291
122825
  "resourceType": "fargateprofile",
122292
122826
  "required": false,
@@ -122360,6 +122894,21 @@
122360
122894
  }
122361
122895
  ]
122362
122896
  },
122897
+ {
122898
+ "name": "UpdateEksAnywhereSubscription",
122899
+ "apiReferenceUrl": "https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateEksAnywhereSubscription.html",
122900
+ "permissionOnly": false,
122901
+ "description": "Grants permission to update an EKS Anywhere subscription",
122902
+ "accessLevel": "Write",
122903
+ "resourceTypes": [
122904
+ {
122905
+ "resourceType": "eks-anywhere-subscription",
122906
+ "required": true,
122907
+ "conditionKeys": [],
122908
+ "dependentActions": []
122909
+ }
122910
+ ]
122911
+ },
122363
122912
  {
122364
122913
  "name": "UpdateNodegroupConfig",
122365
122914
  "apiReferenceUrl": "https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateNodegroupConfig.html",
@@ -122431,6 +122980,12 @@
122431
122980
  "conditionKeys": [
122432
122981
  "aws:ResourceTag/${TagKey}"
122433
122982
  ]
122983
+ },
122984
+ {
122985
+ "name": "eks-anywhere-subscription",
122986
+ "apiReferenceUrl": "https://anywhere.eks.amazonaws.com/docs/clustermgmt/support/cluster-license/",
122987
+ "arnPattern": "arn:${Partition}:eks:${Region}:${Account}:eks-anywhere-subscription/${UUID}",
122988
+ "conditionKeys": []
122434
122989
  }
122435
122990
  ],
122436
122991
  "conditionKeys": [
@@ -122516,7 +123071,8 @@
122516
123071
  "required": false,
122517
123072
  "conditionKeys": [
122518
123073
  "aws:ResourceTag/${TagKey}",
122519
- "elasticloadbalancing:ResourceTag/${TagKey}"
123074
+ "elasticloadbalancing:ResourceTag/${TagKey}",
123075
+ "elasticloadbalancing:SecurityGroup"
122520
123076
  ],
122521
123077
  "dependentActions": []
122522
123078
  }
@@ -122540,7 +123096,8 @@
122540
123096
  "required": false,
122541
123097
  "conditionKeys": [
122542
123098
  "aws:ResourceTag/${TagKey}",
122543
- "elasticloadbalancing:ResourceTag/${TagKey}"
123099
+ "elasticloadbalancing:ResourceTag/${TagKey}",
123100
+ "elasticloadbalancing:Subnet"
122544
123101
  ],
122545
123102
  "dependentActions": []
122546
123103
  }
@@ -122640,7 +123197,11 @@
122640
123197
  "aws:RequestTag/${TagKey}",
122641
123198
  "aws:TagKeys",
122642
123199
  "aws:ResourceTag/${TagKey}",
122643
- "elasticloadbalancing:ResourceTag/${TagKey}"
123200
+ "elasticloadbalancing:ResourceTag/${TagKey}",
123201
+ "elasticloadbalancing:SecurityGroup",
123202
+ "elasticloadbalancing:Subnet",
123203
+ "elasticloadbalancing:Scheme",
123204
+ "elasticloadbalancing:ListenerProtocol"
122644
123205
  ],
122645
123206
  "dependentActions": []
122646
123207
  }
@@ -122664,7 +123225,8 @@
122664
123225
  "required": false,
122665
123226
  "conditionKeys": [
122666
123227
  "aws:ResourceTag/${TagKey}",
122667
- "elasticloadbalancing:ResourceTag/${TagKey}"
123228
+ "elasticloadbalancing:ResourceTag/${TagKey}",
123229
+ "elasticloadbalancing:ListenerProtocol"
122668
123230
  ],
122669
123231
  "dependentActions": []
122670
123232
  }
@@ -122688,7 +123250,8 @@
122688
123250
  "required": false,
122689
123251
  "conditionKeys": [
122690
123252
  "aws:ResourceTag/${TagKey}",
122691
- "elasticloadbalancing:ResourceTag/${TagKey}"
123253
+ "elasticloadbalancing:ResourceTag/${TagKey}",
123254
+ "elasticloadbalancing:SecurityPolicy"
122692
123255
  ],
122693
123256
  "dependentActions": []
122694
123257
  }
@@ -123092,7 +123655,8 @@
123092
123655
  "required": false,
123093
123656
  "conditionKeys": [
123094
123657
  "aws:ResourceTag/${TagKey}",
123095
- "elasticloadbalancing:ResourceTag/${TagKey}"
123658
+ "elasticloadbalancing:ResourceTag/${TagKey}",
123659
+ "elasticloadbalancing:SecurityPolicy"
123096
123660
  ],
123097
123661
  "dependentActions": []
123098
123662
  }
@@ -123135,6 +123699,12 @@
123135
123699
  "description": "Filters access by the name of a resource-creating API action",
123136
123700
  "type": "String"
123137
123701
  },
123702
+ {
123703
+ "name": "elasticloadbalancing:ListenerProtocol",
123704
+ "apiReferenceUrl": "https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/security_iam_service-with-iam.html#listenerprotocol-condition",
123705
+ "description": "Filters access by the listener protocols that are allowed in the request",
123706
+ "type": "ArrayOfString"
123707
+ },
123138
123708
  {
123139
123709
  "name": "elasticloadbalancing:ResourceTag/",
123140
123710
  "apiReferenceUrl": "https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag",
@@ -123146,6 +123716,30 @@
123146
123716
  "apiReferenceUrl": "https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag",
123147
123717
  "description": "Filters access by the preface string for a tag key and value pair that are attached to a resource",
123148
123718
  "type": "String"
123719
+ },
123720
+ {
123721
+ "name": "elasticloadbalancing:Scheme",
123722
+ "apiReferenceUrl": "https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/security_iam_service-with-iam.html#scheme-condition",
123723
+ "description": "Filters access by the load balancer scheme that are allowed in the request",
123724
+ "type": "String"
123725
+ },
123726
+ {
123727
+ "name": "elasticloadbalancing:SecurityGroup",
123728
+ "apiReferenceUrl": "https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/security_iam_service-with-iam.html#securitygroup-condition",
123729
+ "description": "Filters access by the security-group IDs that are allowed in the request",
123730
+ "type": "ArrayOfString"
123731
+ },
123732
+ {
123733
+ "name": "elasticloadbalancing:SecurityPolicy",
123734
+ "apiReferenceUrl": "https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/security_iam_service-with-iam.html#securitypolicy-condition",
123735
+ "description": "Filters access by the SSL Security Policies that are allowed in the request",
123736
+ "type": "ArrayOfString"
123737
+ },
123738
+ {
123739
+ "name": "elasticloadbalancing:Subnet",
123740
+ "apiReferenceUrl": "https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/security_iam_service-with-iam.html#subnet-condition",
123741
+ "description": "Filters access by the subnet IDs that are allowed in the request",
123742
+ "type": "ArrayOfString"
123149
123743
  }
123150
123744
  ]
123151
123745
  },
@@ -123275,7 +123869,9 @@
123275
123869
  "aws:RequestTag/${TagKey}",
123276
123870
  "aws:TagKeys",
123277
123871
  "aws:ResourceTag/${TagKey}",
123278
- "elasticloadbalancing:ResourceTag/${TagKey}"
123872
+ "elasticloadbalancing:ResourceTag/${TagKey}",
123873
+ "elasticloadbalancing:SecurityPolicy",
123874
+ "elasticloadbalancing:ListenerProtocol"
123279
123875
  ],
123280
123876
  "dependentActions": []
123281
123877
  }
@@ -123309,7 +123905,10 @@
123309
123905
  "aws:RequestTag/${TagKey}",
123310
123906
  "aws:TagKeys",
123311
123907
  "aws:ResourceTag/${TagKey}",
123312
- "elasticloadbalancing:ResourceTag/${TagKey}"
123908
+ "elasticloadbalancing:ResourceTag/${TagKey}",
123909
+ "elasticloadbalancing:SecurityGroup",
123910
+ "elasticloadbalancing:Subnet",
123911
+ "elasticloadbalancing:Scheme"
123313
123912
  ],
123314
123913
  "dependentActions": []
123315
123914
  }
@@ -123704,7 +124303,9 @@
123704
124303
  "required": false,
123705
124304
  "conditionKeys": [
123706
124305
  "aws:ResourceTag/${TagKey}",
123707
- "elasticloadbalancing:ResourceTag/${TagKey}"
124306
+ "elasticloadbalancing:ResourceTag/${TagKey}",
124307
+ "elasticloadbalancing:SecurityPolicy",
124308
+ "elasticloadbalancing:ListenerProtocol"
123708
124309
  ],
123709
124310
  "dependentActions": []
123710
124311
  }
@@ -124009,7 +124610,8 @@
124009
124610
  "required": false,
124010
124611
  "conditionKeys": [
124011
124612
  "aws:ResourceTag/${TagKey}",
124012
- "elasticloadbalancing:ResourceTag/${TagKey}"
124613
+ "elasticloadbalancing:ResourceTag/${TagKey}",
124614
+ "elasticloadbalancing:SecurityGroup"
124013
124615
  ],
124014
124616
  "dependentActions": []
124015
124617
  }
@@ -124039,7 +124641,8 @@
124039
124641
  "required": false,
124040
124642
  "conditionKeys": [
124041
124643
  "aws:ResourceTag/${TagKey}",
124042
- "elasticloadbalancing:ResourceTag/${TagKey}"
124644
+ "elasticloadbalancing:ResourceTag/${TagKey}",
124645
+ "elasticloadbalancing:Subnet"
124043
124646
  ],
124044
124647
  "dependentActions": []
124045
124648
  }
@@ -124151,11 +124754,41 @@
124151
124754
  "description": "Filters access by the name of a resource-creating API action",
124152
124755
  "type": "String"
124153
124756
  },
124757
+ {
124758
+ "name": "elasticloadbalancing:ListenerProtocol",
124759
+ "apiReferenceUrl": "https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/security_iam_service-with-iam.html#listenerprotocol-condition",
124760
+ "description": "Filters access by the listener protocol that is allowed in the request",
124761
+ "type": "String"
124762
+ },
124154
124763
  {
124155
124764
  "name": "elasticloadbalancing:ResourceTag/${TagKey}",
124156
124765
  "apiReferenceUrl": "https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag",
124157
124766
  "description": "Filters access by the preface string for a tag key and value pair that are attached to a resource",
124158
124767
  "type": "String"
124768
+ },
124769
+ {
124770
+ "name": "elasticloadbalancing:Scheme",
124771
+ "apiReferenceUrl": "https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/security_iam_service-with-iam.html#scheme-condition",
124772
+ "description": "Filters access by the load balancer scheme that is allowed in the request",
124773
+ "type": "String"
124774
+ },
124775
+ {
124776
+ "name": "elasticloadbalancing:SecurityGroup",
124777
+ "apiReferenceUrl": "https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/security_iam_service-with-iam.html#securitygroup-condition",
124778
+ "description": "Filters access by the security-group IDs that are allowed in the request",
124779
+ "type": "ArrayOfString"
124780
+ },
124781
+ {
124782
+ "name": "elasticloadbalancing:SecurityPolicy",
124783
+ "apiReferenceUrl": "https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/security_iam_service-with-iam.html#securitypolicy-condition",
124784
+ "description": "Filters access by the SSL Security Policies that are allowed in the request",
124785
+ "type": "ArrayOfString"
124786
+ },
124787
+ {
124788
+ "name": "elasticloadbalancing:Subnet",
124789
+ "apiReferenceUrl": "https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/security_iam_service-with-iam.html#subnet-condition",
124790
+ "description": "Filters access by the subnet IDs that are allowed in the request",
124791
+ "type": "ArrayOfString"
124159
124792
  }
124160
124793
  ]
124161
124794
  },
@@ -221949,7 +222582,10 @@
221949
222582
  {
221950
222583
  "resourceType": "",
221951
222584
  "required": false,
221952
- "conditionKeys": [],
222585
+ "conditionKeys": [
222586
+ "aoss:collection",
222587
+ "aoss:index"
222588
+ ],
221953
222589
  "dependentActions": []
221954
222590
  }
221955
222591
  ]
@@ -221982,7 +222618,10 @@
221982
222618
  {
221983
222619
  "resourceType": "",
221984
222620
  "required": false,
221985
- "conditionKeys": [],
222621
+ "conditionKeys": [
222622
+ "aoss:collection",
222623
+ "aoss:index"
222624
+ ],
221986
222625
  "dependentActions": []
221987
222626
  }
221988
222627
  ]
@@ -222012,7 +222651,9 @@
222012
222651
  {
222013
222652
  "resourceType": "",
222014
222653
  "required": false,
222015
- "conditionKeys": [],
222654
+ "conditionKeys": [
222655
+ "aoss:collection"
222656
+ ],
222016
222657
  "dependentActions": []
222017
222658
  }
222018
222659
  ]
@@ -222057,7 +222698,10 @@
222057
222698
  {
222058
222699
  "resourceType": "",
222059
222700
  "required": false,
222060
- "conditionKeys": [],
222701
+ "conditionKeys": [
222702
+ "aoss:collection",
222703
+ "aoss:index"
222704
+ ],
222061
222705
  "dependentActions": []
222062
222706
  }
222063
222707
  ]
@@ -222087,7 +222731,10 @@
222087
222731
  {
222088
222732
  "resourceType": "",
222089
222733
  "required": false,
222090
- "conditionKeys": [],
222734
+ "conditionKeys": [
222735
+ "aoss:collection",
222736
+ "aoss:index"
222737
+ ],
222091
222738
  "dependentActions": []
222092
222739
  }
222093
222740
  ]
@@ -222117,7 +222764,9 @@
222117
222764
  {
222118
222765
  "resourceType": "",
222119
222766
  "required": false,
222120
- "conditionKeys": [],
222767
+ "conditionKeys": [
222768
+ "aoss:collection"
222769
+ ],
222121
222770
  "dependentActions": []
222122
222771
  }
222123
222772
  ]
@@ -222147,7 +222796,10 @@
222147
222796
  {
222148
222797
  "resourceType": "",
222149
222798
  "required": false,
222150
- "conditionKeys": [],
222799
+ "conditionKeys": [
222800
+ "aoss:collection",
222801
+ "aoss:index"
222802
+ ],
222151
222803
  "dependentActions": []
222152
222804
  }
222153
222805
  ]
@@ -222207,7 +222859,9 @@
222207
222859
  {
222208
222860
  "resourceType": "",
222209
222861
  "required": false,
222210
- "conditionKeys": [],
222862
+ "conditionKeys": [
222863
+ "aoss:collection"
222864
+ ],
222211
222865
  "dependentActions": []
222212
222866
  }
222213
222867
  ]
@@ -222362,7 +223016,10 @@
222362
223016
  {
222363
223017
  "resourceType": "",
222364
223018
  "required": false,
222365
- "conditionKeys": [],
223019
+ "conditionKeys": [
223020
+ "aoss:collection",
223021
+ "aoss:index"
223022
+ ],
222366
223023
  "dependentActions": []
222367
223024
  }
222368
223025
  ]
@@ -222407,7 +223064,10 @@
222407
223064
  {
222408
223065
  "resourceType": "",
222409
223066
  "required": false,
222410
- "conditionKeys": [],
223067
+ "conditionKeys": [
223068
+ "aoss:collection",
223069
+ "aoss:index"
223070
+ ],
222411
223071
  "dependentActions": []
222412
223072
  }
222413
223073
  ]
@@ -222437,7 +223097,9 @@
222437
223097
  {
222438
223098
  "resourceType": "",
222439
223099
  "required": false,
222440
- "conditionKeys": [],
223100
+ "conditionKeys": [
223101
+ "aoss:collection"
223102
+ ],
222441
223103
  "dependentActions": []
222442
223104
  }
222443
223105
  ]
@@ -227808,6 +228470,60 @@
227808
228470
  }
227809
228471
  ]
227810
228472
  },
228473
+ {
228474
+ "name": "AWS Partner central account management",
228475
+ "authReferenceUrl": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awspartnercentralaccountmanagement.html",
228476
+ "servicePrefix": "partnercentral-account-management",
228477
+ "actions": [
228478
+ {
228479
+ "name": "AssociatePartnerAccount",
228480
+ "apiReferenceUrl": "https://docs.aws.amazon.com/partner-central/latest/getting-started/controlling-access-in-apc-account-management.html",
228481
+ "permissionOnly": true,
228482
+ "description": "Grants permission to associate Partner account to AWS account",
228483
+ "accessLevel": "Write",
228484
+ "resourceTypes": [
228485
+ {
228486
+ "resourceType": "",
228487
+ "required": false,
228488
+ "conditionKeys": [],
228489
+ "dependentActions": []
228490
+ }
228491
+ ]
228492
+ },
228493
+ {
228494
+ "name": "AssociatePartnerUser",
228495
+ "apiReferenceUrl": "https://docs.aws.amazon.com/partner-central/latest/getting-started/controlling-access-in-apc-account-management.html",
228496
+ "permissionOnly": false,
228497
+ "description": "Grants permission to associate Partner user to IAM role",
228498
+ "accessLevel": "Write",
228499
+ "resourceTypes": [
228500
+ {
228501
+ "resourceType": "",
228502
+ "required": false,
228503
+ "conditionKeys": [],
228504
+ "dependentActions": []
228505
+ }
228506
+ ]
228507
+ },
228508
+ {
228509
+ "name": "DisassociatePartnerUser",
228510
+ "apiReferenceUrl": "https://docs.aws.amazon.com/partner-central/latest/getting-started/controlling-access-in-apc-account-management.html",
228511
+ "permissionOnly": false,
228512
+ "description": "Grants permission to disassociate Partner user to IAM role",
228513
+ "accessLevel": "Write",
228514
+ "resourceTypes": [
228515
+ {
228516
+ "resourceType": "",
228517
+ "required": false,
228518
+ "conditionKeys": [],
228519
+ "dependentActions": []
228520
+ }
228521
+ ]
228522
+ }
228523
+ ],
228524
+ "resourceTypes": [],
228525
+ "conditionKeys": []
228526
+ },
227811
228527
  {
227812
228528
  "name": "AWS Payment Cryptography",
227813
228529
  "authReferenceUrl": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awspaymentcryptography.html",
@@ -242781,6 +243497,12 @@
242781
243497
  "conditionKeys": [],
242782
243498
  "dependentActions": []
242783
243499
  },
243500
+ {
243501
+ "resourceType": "integration",
243502
+ "required": false,
243503
+ "conditionKeys": [],
243504
+ "dependentActions": []
243505
+ },
242784
243506
  {
242785
243507
  "resourceType": "og",
242786
243508
  "required": false,
@@ -242823,6 +243545,12 @@
242823
243545
  "conditionKeys": [],
242824
243546
  "dependentActions": []
242825
243547
  },
243548
+ {
243549
+ "resourceType": "snapshot-tenant-database",
243550
+ "required": false,
243551
+ "conditionKeys": [],
243552
+ "dependentActions": []
243553
+ },
242826
243554
  {
242827
243555
  "resourceType": "subgrp",
242828
243556
  "required": false,
@@ -242835,6 +243563,12 @@
242835
243563
  "conditionKeys": [],
242836
243564
  "dependentActions": []
242837
243565
  },
243566
+ {
243567
+ "resourceType": "tenant-database",
243568
+ "required": false,
243569
+ "conditionKeys": [],
243570
+ "dependentActions": []
243571
+ },
242838
243572
  {
242839
243573
  "resourceType": "",
242840
243574
  "required": false,
@@ -243323,6 +244057,7 @@
243323
244057
  "kms:DescribeKey",
243324
244058
  "kms:GenerateDataKey",
243325
244059
  "rds:AddTagsToResource",
244060
+ "rds:CreateTenantDatabase",
243326
244061
  "secretsmanager:CreateSecret",
243327
244062
  "secretsmanager:TagResource"
243328
244063
  ]
@@ -243365,7 +244100,8 @@
243365
244100
  "aws:RequestTag/${TagKey}",
243366
244101
  "aws:TagKeys",
243367
244102
  "rds:req-tag/${TagKey}",
243368
- "rds:ManageMasterUserPassword"
244103
+ "rds:ManageMasterUserPassword",
244104
+ "rds:MultiTenant"
243369
244105
  ],
243370
244106
  "dependentActions": []
243371
244107
  }
@@ -243379,7 +244115,7 @@
243379
244115
  "accessLevel": "Write",
243380
244116
  "resourceTypes": [
243381
244117
  {
243382
- "resourceType": "db",
244118
+ "resourceType": "cluster",
243383
244119
  "required": true,
243384
244120
  "conditionKeys": [],
243385
244121
  "dependentActions": [
@@ -243387,12 +244123,24 @@
243387
244123
  "rds:AddTagsToResource"
243388
244124
  ]
243389
244125
  },
244126
+ {
244127
+ "resourceType": "db",
244128
+ "required": true,
244129
+ "conditionKeys": [],
244130
+ "dependentActions": []
244131
+ },
243390
244132
  {
243391
244133
  "resourceType": "og",
243392
244134
  "required": true,
243393
244135
  "conditionKeys": [],
243394
244136
  "dependentActions": []
243395
244137
  },
244138
+ {
244139
+ "resourceType": "pg",
244140
+ "required": true,
244141
+ "conditionKeys": [],
244142
+ "dependentActions": []
244143
+ },
243396
244144
  {
243397
244145
  "resourceType": "subgrp",
243398
244146
  "required": true,
@@ -243536,6 +244284,12 @@
243536
244284
  "conditionKeys": [],
243537
244285
  "dependentActions": []
243538
244286
  },
244287
+ {
244288
+ "resourceType": "snapshot-tenant-database",
244289
+ "required": true,
244290
+ "conditionKeys": [],
244291
+ "dependentActions": []
244292
+ },
243539
244293
  {
243540
244294
  "resourceType": "",
243541
244295
  "required": false,
@@ -243624,6 +244378,41 @@
243624
244378
  }
243625
244379
  ]
243626
244380
  },
244381
+ {
244382
+ "name": "CreateIntegration",
244383
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateIntegration.html",
244384
+ "permissionOnly": false,
244385
+ "description": "Grants permission to create an Aurora zero-ETL integration with Redshift",
244386
+ "accessLevel": "Write",
244387
+ "resourceTypes": [
244388
+ {
244389
+ "resourceType": "cluster",
244390
+ "required": true,
244391
+ "conditionKeys": [],
244392
+ "dependentActions": [
244393
+ "kms:CreateGrant",
244394
+ "kms:DescribeKey",
244395
+ "rds:AddTagsToResource"
244396
+ ]
244397
+ },
244398
+ {
244399
+ "resourceType": "integration",
244400
+ "required": true,
244401
+ "conditionKeys": [],
244402
+ "dependentActions": []
244403
+ },
244404
+ {
244405
+ "resourceType": "",
244406
+ "required": false,
244407
+ "conditionKeys": [
244408
+ "aws:RequestTag/${TagKey}",
244409
+ "aws:TagKeys",
244410
+ "rds:req-tag/${TagKey}"
244411
+ ],
244412
+ "dependentActions": []
244413
+ }
244414
+ ]
244415
+ },
243627
244416
  {
243628
244417
  "name": "CreateOptionGroup",
243629
244418
  "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateOptionGroup.html",
@@ -243651,6 +244440,39 @@
243651
244440
  }
243652
244441
  ]
243653
244442
  },
244443
+ {
244444
+ "name": "CreateTenantDatabase",
244445
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateTenantDatabase.html",
244446
+ "permissionOnly": false,
244447
+ "description": "Grants permission to create a new tenant database",
244448
+ "accessLevel": "Write",
244449
+ "resourceTypes": [
244450
+ {
244451
+ "resourceType": "db",
244452
+ "required": true,
244453
+ "conditionKeys": [],
244454
+ "dependentActions": [
244455
+ "rds:AddTagsToResource"
244456
+ ]
244457
+ },
244458
+ {
244459
+ "resourceType": "tenant-database",
244460
+ "required": true,
244461
+ "conditionKeys": [],
244462
+ "dependentActions": []
244463
+ },
244464
+ {
244465
+ "resourceType": "",
244466
+ "required": false,
244467
+ "conditionKeys": [
244468
+ "aws:RequestTag/${TagKey}",
244469
+ "aws:TagKeys",
244470
+ "rds:TenantDatabaseName"
244471
+ ],
244472
+ "dependentActions": []
244473
+ }
244474
+ ]
244475
+ },
243654
244476
  {
243655
244477
  "name": "CrossRegionCommunication",
243656
244478
  "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/security_iam_service-with-iam.html#UsingWithRDS.IAM.Conditions",
@@ -243805,7 +244627,9 @@
243805
244627
  "resourceType": "db",
243806
244628
  "required": true,
243807
244629
  "conditionKeys": [],
243808
- "dependentActions": []
244630
+ "dependentActions": [
244631
+ "rds:DeleteTenantDatabase"
244632
+ ]
243809
244633
  }
243810
244634
  ]
243811
244635
  },
@@ -243817,8 +244641,8 @@
243817
244641
  "accessLevel": "Write",
243818
244642
  "resourceTypes": [
243819
244643
  {
243820
- "resourceType": "",
243821
- "required": false,
244644
+ "resourceType": "auto-backup",
244645
+ "required": true,
243822
244646
  "conditionKeys": [],
243823
244647
  "dependentActions": []
243824
244648
  }
@@ -243944,6 +244768,29 @@
243944
244768
  }
243945
244769
  ]
243946
244770
  },
244771
+ {
244772
+ "name": "DeleteIntegration",
244773
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteIntegration.html",
244774
+ "permissionOnly": false,
244775
+ "description": "Grants permission to delete an Aurora zero-ETL integration with Redshift",
244776
+ "accessLevel": "Write",
244777
+ "resourceTypes": [
244778
+ {
244779
+ "resourceType": "integration",
244780
+ "required": true,
244781
+ "conditionKeys": [],
244782
+ "dependentActions": []
244783
+ },
244784
+ {
244785
+ "resourceType": "",
244786
+ "required": false,
244787
+ "conditionKeys": [
244788
+ "aws:ResourceTag/${TagKey}"
244789
+ ],
244790
+ "dependentActions": []
244791
+ }
244792
+ ]
244793
+ },
243947
244794
  {
243948
244795
  "name": "DeleteOptionGroup",
243949
244796
  "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteOptionGroup.html",
@@ -243959,6 +244806,27 @@
243959
244806
  }
243960
244807
  ]
243961
244808
  },
244809
+ {
244810
+ "name": "DeleteTenantDatabase",
244811
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeleteTenantDatabase.html",
244812
+ "permissionOnly": false,
244813
+ "description": "Grants permission to delete a tenant database",
244814
+ "accessLevel": "Write",
244815
+ "resourceTypes": [
244816
+ {
244817
+ "resourceType": "db",
244818
+ "required": true,
244819
+ "conditionKeys": [],
244820
+ "dependentActions": []
244821
+ },
244822
+ {
244823
+ "resourceType": "tenant-database",
244824
+ "required": true,
244825
+ "conditionKeys": [],
244826
+ "dependentActions": []
244827
+ }
244828
+ ]
244829
+ },
243962
244830
  {
243963
244831
  "name": "DeregisterDBProxyTargets",
243964
244832
  "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DeregisterDBProxyTargets.html",
@@ -244191,6 +245059,12 @@
244191
245059
  "description": "Grants permission to return a list of automated backups for both current and deleted instances",
244192
245060
  "accessLevel": "List",
244193
245061
  "resourceTypes": [
245062
+ {
245063
+ "resourceType": "auto-backup",
245064
+ "required": false,
245065
+ "conditionKeys": [],
245066
+ "dependentActions": []
245067
+ },
244194
245068
  {
244195
245069
  "resourceType": "db",
244196
245070
  "required": false,
@@ -244409,6 +245283,33 @@
244409
245283
  }
244410
245284
  ]
244411
245285
  },
245286
+ {
245287
+ "name": "DescribeDbSnapshotTenantDatabases",
245288
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBSnapshotTenantDatabases.html",
245289
+ "permissionOnly": false,
245290
+ "description": "Grants permission to return information about tenant databases in DB snapshots. You can filter by Region or snapshot",
245291
+ "accessLevel": "List",
245292
+ "resourceTypes": [
245293
+ {
245294
+ "resourceType": "snapshot-tenant-database",
245295
+ "required": true,
245296
+ "conditionKeys": [],
245297
+ "dependentActions": []
245298
+ },
245299
+ {
245300
+ "resourceType": "db",
245301
+ "required": false,
245302
+ "conditionKeys": [],
245303
+ "dependentActions": []
245304
+ },
245305
+ {
245306
+ "resourceType": "snapshot",
245307
+ "required": false,
245308
+ "conditionKeys": [],
245309
+ "dependentActions": []
245310
+ }
245311
+ ]
245312
+ },
244412
245313
  {
244413
245314
  "name": "DescribeEngineDefaultClusterParameters",
244414
245315
  "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEngineDefaultClusterParameters.html",
@@ -244514,6 +245415,29 @@
244514
245415
  }
244515
245416
  ]
244516
245417
  },
245418
+ {
245419
+ "name": "DescribeIntegrations",
245420
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeIntegrations.html",
245421
+ "permissionOnly": false,
245422
+ "description": "Grants permission to describe an Aurora zero-ETL integration with Redshift",
245423
+ "accessLevel": "List",
245424
+ "resourceTypes": [
245425
+ {
245426
+ "resourceType": "integration",
245427
+ "required": true,
245428
+ "conditionKeys": [],
245429
+ "dependentActions": []
245430
+ },
245431
+ {
245432
+ "resourceType": "",
245433
+ "required": false,
245434
+ "conditionKeys": [
245435
+ "aws:ResourceTag/${TagKey}"
245436
+ ],
245437
+ "dependentActions": []
245438
+ }
245439
+ ]
245440
+ },
244517
245441
  {
244518
245442
  "name": "DescribeOptionGroupOptions",
244519
245443
  "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeOptionGroupOptions.html",
@@ -244655,6 +245579,27 @@
244655
245579
  }
244656
245580
  ]
244657
245581
  },
245582
+ {
245583
+ "name": "DescribeTenantDatabases",
245584
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeTenantDatabases.html",
245585
+ "permissionOnly": false,
245586
+ "description": "Grants permission to return information about provisioned tenant databases. You can filter by Region or snapshot",
245587
+ "accessLevel": "List",
245588
+ "resourceTypes": [
245589
+ {
245590
+ "resourceType": "tenant-database",
245591
+ "required": true,
245592
+ "conditionKeys": [],
245593
+ "dependentActions": []
245594
+ },
245595
+ {
245596
+ "resourceType": "db",
245597
+ "required": false,
245598
+ "conditionKeys": [],
245599
+ "dependentActions": []
245600
+ }
245601
+ ]
245602
+ },
244658
245603
  {
244659
245604
  "name": "DescribeValidDBInstanceModifications",
244660
245605
  "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeValidDBInstanceModifications.html",
@@ -244785,6 +245730,12 @@
244785
245730
  "conditionKeys": [],
244786
245731
  "dependentActions": []
244787
245732
  },
245733
+ {
245734
+ "resourceType": "integration",
245735
+ "required": false,
245736
+ "conditionKeys": [],
245737
+ "dependentActions": []
245738
+ },
244788
245739
  {
244789
245740
  "resourceType": "og",
244790
245741
  "required": false,
@@ -244827,6 +245778,12 @@
244827
245778
  "conditionKeys": [],
244828
245779
  "dependentActions": []
244829
245780
  },
245781
+ {
245782
+ "resourceType": "snapshot-tenant-database",
245783
+ "required": false,
245784
+ "conditionKeys": [],
245785
+ "dependentActions": []
245786
+ },
244830
245787
  {
244831
245788
  "resourceType": "subgrp",
244832
245789
  "required": false,
@@ -244838,6 +245795,12 @@
244838
245795
  "required": false,
244839
245796
  "conditionKeys": [],
244840
245797
  "dependentActions": []
245798
+ },
245799
+ {
245800
+ "resourceType": "tenant-database",
245801
+ "required": false,
245802
+ "conditionKeys": [],
245803
+ "dependentActions": []
244841
245804
  }
244842
245805
  ]
244843
245806
  },
@@ -245011,6 +245974,8 @@
245011
245974
  "kms:Decrypt",
245012
245975
  "kms:DescribeKey",
245013
245976
  "kms:GenerateDataKey",
245977
+ "rds:AddTagsToResource",
245978
+ "rds:CreateTenantDatabase",
245014
245979
  "secretsmanager:CreateSecret",
245015
245980
  "secretsmanager:RotateSecret",
245016
245981
  "secretsmanager:TagResource"
@@ -245038,7 +246003,8 @@
245038
246003
  "resourceType": "",
245039
246004
  "required": false,
245040
246005
  "conditionKeys": [
245041
- "rds:ManageMasterUserPassword"
246006
+ "rds:ManageMasterUserPassword",
246007
+ "rds:MultiTenant"
245042
246008
  ],
245043
246009
  "dependentActions": []
245044
246010
  }
@@ -245219,6 +246185,35 @@
245219
246185
  }
245220
246186
  ]
245221
246187
  },
246188
+ {
246189
+ "name": "ModifyTenantDatabase",
246190
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyTenantDatabase.html",
246191
+ "permissionOnly": false,
246192
+ "description": "Grants permission to modify a tenant database",
246193
+ "accessLevel": "Write",
246194
+ "resourceTypes": [
246195
+ {
246196
+ "resourceType": "db",
246197
+ "required": true,
246198
+ "conditionKeys": [],
246199
+ "dependentActions": []
246200
+ },
246201
+ {
246202
+ "resourceType": "tenant-database",
246203
+ "required": true,
246204
+ "conditionKeys": [],
246205
+ "dependentActions": []
246206
+ },
246207
+ {
246208
+ "resourceType": "",
246209
+ "required": false,
246210
+ "conditionKeys": [
246211
+ "rds:TenantDatabaseName"
246212
+ ],
246213
+ "dependentActions": []
246214
+ }
246215
+ ]
246216
+ },
245222
246217
  {
245223
246218
  "name": "PromoteReadReplica",
245224
246219
  "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_PromoteReadReplica.html",
@@ -245445,6 +246440,12 @@
245445
246440
  "conditionKeys": [],
245446
246441
  "dependentActions": []
245447
246442
  },
246443
+ {
246444
+ "resourceType": "integration",
246445
+ "required": false,
246446
+ "conditionKeys": [],
246447
+ "dependentActions": []
246448
+ },
245448
246449
  {
245449
246450
  "resourceType": "og",
245450
246451
  "required": false,
@@ -245487,6 +246488,12 @@
245487
246488
  "conditionKeys": [],
245488
246489
  "dependentActions": []
245489
246490
  },
246491
+ {
246492
+ "resourceType": "snapshot-tenant-database",
246493
+ "required": false,
246494
+ "conditionKeys": [],
246495
+ "dependentActions": []
246496
+ },
245490
246497
  {
245491
246498
  "resourceType": "subgrp",
245492
246499
  "required": false,
@@ -245499,6 +246506,12 @@
245499
246506
  "conditionKeys": [],
245500
246507
  "dependentActions": []
245501
246508
  },
246509
+ {
246510
+ "resourceType": "tenant-database",
246511
+ "required": false,
246512
+ "conditionKeys": [],
246513
+ "dependentActions": []
246514
+ },
245502
246515
  {
245503
246516
  "resourceType": "",
245504
246517
  "required": false,
@@ -245722,7 +246735,8 @@
245722
246735
  "conditionKeys": [],
245723
246736
  "dependentActions": [
245724
246737
  "iam:PassRole",
245725
- "rds:AddTagsToResource"
246738
+ "rds:AddTagsToResource",
246739
+ "rds:CreateTenantDatabase"
245726
246740
  ]
245727
246741
  },
245728
246742
  {
@@ -245828,7 +246842,8 @@
245828
246842
  "conditionKeys": [],
245829
246843
  "dependentActions": [
245830
246844
  "iam:PassRole",
245831
- "rds:AddTagsToResource"
246845
+ "rds:AddTagsToResource",
246846
+ "rds:CreateTenantDatabase"
245832
246847
  ]
245833
246848
  },
245834
246849
  {
@@ -245849,6 +246864,12 @@
245849
246864
  "conditionKeys": [],
245850
246865
  "dependentActions": []
245851
246866
  },
246867
+ {
246868
+ "resourceType": "auto-backup",
246869
+ "required": false,
246870
+ "conditionKeys": [],
246871
+ "dependentActions": []
246872
+ },
245852
246873
  {
245853
246874
  "resourceType": "",
245854
246875
  "required": false,
@@ -245935,6 +246956,12 @@
245935
246956
  "description": "Grants permission to start replication of automated backups to a different AWS Region",
245936
246957
  "accessLevel": "Write",
245937
246958
  "resourceTypes": [
246959
+ {
246960
+ "resourceType": "auto-backup",
246961
+ "required": true,
246962
+ "conditionKeys": [],
246963
+ "dependentActions": []
246964
+ },
245938
246965
  {
245939
246966
  "resourceType": "db",
245940
246967
  "required": true,
@@ -246110,6 +247137,12 @@
246110
247137
  "arnPattern": "arn:${Partition}:rds:${Region}:${Account}:cluster-auto-backup:${DbClusterAutomatedBackupId}",
246111
247138
  "conditionKeys": []
246112
247139
  },
247140
+ {
247141
+ "name": "auto-backup",
247142
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html",
247143
+ "arnPattern": "arn:${Partition}:rds:${Region}:${Account}:auto-backup:${DbInstanceAutomatedBackupId}",
247144
+ "conditionKeys": []
247145
+ },
246113
247146
  {
246114
247147
  "name": "cluster-endpoint",
246115
247148
  "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.Endpoints.html",
@@ -246267,6 +247300,30 @@
246267
247300
  "conditionKeys": [
246268
247301
  "aws:ResourceTag/${TagKey}"
246269
247302
  ]
247303
+ },
247304
+ {
247305
+ "name": "integration",
247306
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/zero-etl.html",
247307
+ "arnPattern": "arn:${Partition}:rds:${Region}:${Account}:integration:${IntegrationIdentifier}",
247308
+ "conditionKeys": [
247309
+ "aws:ResourceTag/${TagKey}"
247310
+ ]
247311
+ },
247312
+ {
247313
+ "name": "snapshot-tenant-database",
247314
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Oracle.Concepts.single-tenant.snapshots.html#br-cdb.db-snapshots",
247315
+ "arnPattern": "arn:${Partition}:rds:${Region}:${Account}:snapshot-tenant-database:${SnapshotName}:${TenantResourceId}",
247316
+ "conditionKeys": [
247317
+ "aws:ResourceTag/${TagKey}"
247318
+ ]
247319
+ },
247320
+ {
247321
+ "name": "tenant-database",
247322
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Oracle.Concepts.CDBs.html#multi-tenant-configuration",
247323
+ "arnPattern": "arn:${Partition}:rds:${Region}:${Account}:tenant-database:${TenantResourceId}",
247324
+ "conditionKeys": [
247325
+ "aws:ResourceTag/${TagKey}"
247326
+ ]
246270
247327
  }
246271
247328
  ],
246272
247329
  "conditionKeys": [
@@ -246336,6 +247393,12 @@
246336
247393
  "description": "Filters access by the value that specifies whether the DB instance runs in multiple Availability Zones. To indicate that the DB instance is using Multi-AZ, specify true",
246337
247394
  "type": "Bool"
246338
247395
  },
247396
+ {
247397
+ "name": "rds:MultiTenant",
247398
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/security_iam_service-with-iam.html#UsingWithRDS.IAM.Conditions",
247399
+ "description": "Filters access by the value that specifies whether the DB instance is in the multi-tenant configuration",
247400
+ "type": "String"
247401
+ },
246339
247402
  {
246340
247403
  "name": "rds:Piops",
246341
247404
  "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/security_iam_service-with-iam.html#UsingWithRDS.IAM.Conditions",
@@ -246354,6 +247417,12 @@
246354
247417
  "description": "Filters access by the storage volume size (in GB)",
246355
247418
  "type": "Numeric"
246356
247419
  },
247420
+ {
247421
+ "name": "rds:TenantDatabaseName",
247422
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/security_iam_service-with-iam.html#UsingWithRDS.IAM.Conditions",
247423
+ "description": "Filters access by the tenant database name in CreateTenantDatabase and by the new tenant database name in ModifyTenantDatabase",
247424
+ "type": "String"
247425
+ },
246357
247426
  {
246358
247427
  "name": "rds:Vpc",
246359
247428
  "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/security_iam_service-with-iam.html#UsingWithRDS.IAM.Conditions",
@@ -267876,6 +268945,14 @@
267876
268945
  ],
267877
268946
  "dependentActions": []
267878
268947
  },
268948
+ {
268949
+ "resourceType": "inference-component",
268950
+ "required": false,
268951
+ "conditionKeys": [
268952
+ "aws:ResourceTag/${TagKey}"
268953
+ ],
268954
+ "dependentActions": []
268955
+ },
267879
268956
  {
267880
268957
  "resourceType": "inference-recommendations-job",
267881
268958
  "required": false,
@@ -268674,6 +269751,7 @@
268674
269751
  "aws:ResourceTag/${TagKey}"
268675
269752
  ],
268676
269753
  "dependentActions": [
269754
+ "iam:PassRole",
268677
269755
  "sagemaker:AddTags"
268678
269756
  ]
268679
269757
  },
@@ -268688,7 +269766,10 @@
268688
269766
  "sagemaker:ModelArn",
268689
269767
  "sagemaker:VolumeKmsKey",
268690
269768
  "sagemaker:ServerlessMaxConcurrency",
268691
- "sagemaker:ServerlessMemorySize"
269769
+ "sagemaker:ServerlessMemorySize",
269770
+ "sagemaker:NetworkIsolation",
269771
+ "sagemaker:VpcSecurityGroupIds",
269772
+ "sagemaker:VpcSubnets"
268692
269773
  ],
268693
269774
  "dependentActions": []
268694
269775
  }
@@ -268931,6 +270012,43 @@
268931
270012
  }
268932
270013
  ]
268933
270014
  },
270015
+ {
270016
+ "name": "CreateInferenceComponent",
270017
+ "apiReferenceUrl": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateInferenceComponent.html",
270018
+ "permissionOnly": false,
270019
+ "description": "Grants permission to create an inference component on an endpoint",
270020
+ "accessLevel": "Write",
270021
+ "resourceTypes": [
270022
+ {
270023
+ "resourceType": "endpoint",
270024
+ "required": true,
270025
+ "conditionKeys": [
270026
+ "aws:ResourceTag/${TagKey}"
270027
+ ],
270028
+ "dependentActions": [
270029
+ "sagemaker:AddTags"
270030
+ ]
270031
+ },
270032
+ {
270033
+ "resourceType": "inference-component",
270034
+ "required": true,
270035
+ "conditionKeys": [
270036
+ "aws:ResourceTag/${TagKey}"
270037
+ ],
270038
+ "dependentActions": []
270039
+ },
270040
+ {
270041
+ "resourceType": "",
270042
+ "required": false,
270043
+ "conditionKeys": [
270044
+ "aws:RequestTag/${TagKey}",
270045
+ "aws:TagKeys",
270046
+ "sagemaker:ModelArn"
270047
+ ],
270048
+ "dependentActions": []
270049
+ }
270050
+ ]
270051
+ },
268934
270052
  {
268935
270053
  "name": "CreateInferenceExperiment",
268936
270054
  "apiReferenceUrl": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateInferenceExperiment.html",
@@ -270262,6 +271380,23 @@
270262
271380
  }
270263
271381
  ]
270264
271382
  },
271383
+ {
271384
+ "name": "DeleteInferenceComponent",
271385
+ "apiReferenceUrl": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteInferenceComponent.html",
271386
+ "permissionOnly": false,
271387
+ "description": "Grants permission to delete an inference component. Amazon SageMaker frees up the resources that were reserved when the inference component was created",
271388
+ "accessLevel": "Write",
271389
+ "resourceTypes": [
271390
+ {
271391
+ "resourceType": "inference-component",
271392
+ "required": true,
271393
+ "conditionKeys": [
271394
+ "aws:ResourceTag/${TagKey}"
271395
+ ],
271396
+ "dependentActions": []
271397
+ }
271398
+ ]
271399
+ },
270265
271400
  {
270266
271401
  "name": "DeleteInferenceExperiment",
270267
271402
  "apiReferenceUrl": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteInferenceExperiment.html",
@@ -270769,6 +271904,14 @@
270769
271904
  ],
270770
271905
  "dependentActions": []
270771
271906
  },
271907
+ {
271908
+ "resourceType": "inference-component",
271909
+ "required": false,
271910
+ "conditionKeys": [
271911
+ "aws:ResourceTag/${TagKey}"
271912
+ ],
271913
+ "dependentActions": []
271914
+ },
270772
271915
  {
270773
271916
  "resourceType": "inference-recommendations-job",
270774
271917
  "required": false,
@@ -271530,6 +272673,23 @@
271530
272673
  }
271531
272674
  ]
271532
272675
  },
272676
+ {
272677
+ "name": "DescribeInferenceComponent",
272678
+ "apiReferenceUrl": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeInferenceComponent.html",
272679
+ "permissionOnly": false,
272680
+ "description": "Grants permission to return the description of an inference component",
272681
+ "accessLevel": "Read",
272682
+ "resourceTypes": [
272683
+ {
272684
+ "resourceType": "inference-component",
272685
+ "required": true,
272686
+ "conditionKeys": [
272687
+ "aws:ResourceTag/${TagKey}"
272688
+ ],
272689
+ "dependentActions": []
272690
+ }
272691
+ ]
272692
+ },
271533
272693
  {
271534
272694
  "name": "DescribeInferenceExperiment",
271535
272695
  "apiReferenceUrl": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeInferenceExperiment.html",
@@ -272293,7 +273453,17 @@
272293
273453
  {
272294
273454
  "resourceType": "endpoint",
272295
273455
  "required": true,
272296
- "conditionKeys": [],
273456
+ "conditionKeys": [
273457
+ "aws:ResourceTag/${TagKey}"
273458
+ ],
273459
+ "dependentActions": []
273460
+ },
273461
+ {
273462
+ "resourceType": "inference-component",
273463
+ "required": false,
273464
+ "conditionKeys": [
273465
+ "aws:ResourceTag/${TagKey}"
273466
+ ],
272297
273467
  "dependentActions": []
272298
273468
  },
272299
273469
  {
@@ -272316,7 +273486,34 @@
272316
273486
  {
272317
273487
  "resourceType": "endpoint",
272318
273488
  "required": true,
272319
- "conditionKeys": [],
273489
+ "conditionKeys": [
273490
+ "aws:ResourceTag/${TagKey}"
273491
+ ],
273492
+ "dependentActions": []
273493
+ }
273494
+ ]
273495
+ },
273496
+ {
273497
+ "name": "InvokeEndpointWithResponseStream",
273498
+ "apiReferenceUrl": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_runtime_InvokeEndpointWithResponseStream.html",
273499
+ "permissionOnly": false,
273500
+ "description": "Grants permission to get the inference response as a stream from the specified endpoint",
273501
+ "accessLevel": "Read",
273502
+ "resourceTypes": [
273503
+ {
273504
+ "resourceType": "endpoint",
273505
+ "required": true,
273506
+ "conditionKeys": [
273507
+ "aws:ResourceTag/${TagKey}"
273508
+ ],
273509
+ "dependentActions": []
273510
+ },
273511
+ {
273512
+ "resourceType": "inference-component",
273513
+ "required": false,
273514
+ "conditionKeys": [
273515
+ "aws:ResourceTag/${TagKey}"
273516
+ ],
272320
273517
  "dependentActions": []
272321
273518
  }
272322
273519
  ]
@@ -272806,6 +274003,21 @@
272806
274003
  }
272807
274004
  ]
272808
274005
  },
274006
+ {
274007
+ "name": "ListInferenceComponents",
274008
+ "apiReferenceUrl": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListInferenceComponents.html",
274009
+ "permissionOnly": false,
274010
+ "description": "Grants permission to list inference components",
274011
+ "accessLevel": "List",
274012
+ "resourceTypes": [
274013
+ {
274014
+ "resourceType": "",
274015
+ "required": false,
274016
+ "conditionKeys": [],
274017
+ "dependentActions": []
274018
+ }
274019
+ ]
274020
+ },
272809
274021
  {
272810
274022
  "name": "ListInferenceExperiments",
272811
274023
  "apiReferenceUrl": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ListInferenceExperiments.html",
@@ -273563,6 +274775,14 @@
273563
274775
  ],
273564
274776
  "dependentActions": []
273565
274777
  },
274778
+ {
274779
+ "resourceType": "inference-component",
274780
+ "required": false,
274781
+ "conditionKeys": [
274782
+ "aws:ResourceTag/${TagKey}"
274783
+ ],
274784
+ "dependentActions": []
274785
+ },
273566
274786
  {
273567
274787
  "resourceType": "inference-recommendations-job",
273568
274788
  "required": false,
@@ -274667,6 +275887,40 @@
274667
275887
  }
274668
275888
  ]
274669
275889
  },
275890
+ {
275891
+ "name": "UpdateInferenceComponent",
275892
+ "apiReferenceUrl": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateInferenceComponent.html",
275893
+ "permissionOnly": false,
275894
+ "description": "Grants permission to update an inference component to use the specification and configurations specified in the request",
275895
+ "accessLevel": "Write",
275896
+ "resourceTypes": [
275897
+ {
275898
+ "resourceType": "inference-component",
275899
+ "required": true,
275900
+ "conditionKeys": [
275901
+ "aws:ResourceTag/${TagKey}"
275902
+ ],
275903
+ "dependentActions": []
275904
+ }
275905
+ ]
275906
+ },
275907
+ {
275908
+ "name": "UpdateInferenceComponentRuntimeConfig",
275909
+ "apiReferenceUrl": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateInferenceComponentRuntimeConfig.html",
275910
+ "permissionOnly": false,
275911
+ "description": "Grants permission to update the runtime config of a given inference component",
275912
+ "accessLevel": "Write",
275913
+ "resourceTypes": [
275914
+ {
275915
+ "resourceType": "inference-component",
275916
+ "required": true,
275917
+ "conditionKeys": [
275918
+ "aws:ResourceTag/${TagKey}"
275919
+ ],
275920
+ "dependentActions": []
275921
+ }
275922
+ ]
275923
+ },
274670
275924
  {
274671
275925
  "name": "UpdateInferenceExperiment",
274672
275926
  "apiReferenceUrl": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateInferenceExperiment.html",
@@ -275358,6 +276612,15 @@
275358
276612
  "sagemaker:ResourceTag/${TagKey}"
275359
276613
  ]
275360
276614
  },
276615
+ {
276616
+ "name": "inference-component",
276617
+ "apiReferenceUrl": "https://docs.aws.amazon.com/sagemaker/latest/dg/realtime-endpoints.html",
276618
+ "arnPattern": "arn:${Partition}:sagemaker:${Region}:${Account}:inference-component/${InferenceComponentName}",
276619
+ "conditionKeys": [
276620
+ "aws:ResourceTag/${TagKey}",
276621
+ "sagemaker:ResourceTag/${TagKey}"
276622
+ ]
276623
+ },
275361
276624
  {
275362
276625
  "name": "transform-job",
275363
276626
  "apiReferenceUrl": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_TransformJob.html.html",