aws-iam-data 0.0.12 → 0.0.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/data/changelog.json +81 -1
  2. package/data/iam.json +149 -179
  3. package/data/metadata.json +26 -25
  4. package/package.json +1 -1
package/data/changelog.json CHANGED
@@ -1,4 +1,56 @@
1
1
  [
2
+ {
3
+ "dateOfChange": "2023-06-01",
4
+ "addedServices": [],
5
+ "removedServices": [],
6
+ "addedActions": {
7
+ "Amazon Security Lake": [
8
+ "securitylake:CreateDataLake",
9
+ "securitylake:CreateDataLakeExceptionSubscription",
10
+ "securitylake:CreateDataLakeOrganizationConfiguration",
11
+ "securitylake:CreateSubscriberNotification",
12
+ "securitylake:DeleteDataLake",
13
+ "securitylake:DeleteDataLakeExceptionSubscription",
14
+ "securitylake:DeleteDataLakeOrganizationConfiguration",
15
+ "securitylake:DeleteSubscriberNotification",
16
+ "securitylake:DeregisterDataLakeDelegatedAdministrator",
17
+ "securitylake:GetDataLakeExceptionSubscription",
18
+ "securitylake:GetDataLakeOrganizationConfiguration",
19
+ "securitylake:GetDataLakeSources",
20
+ "securitylake:ListDataLakeExceptions",
21
+ "securitylake:ListDataLakes",
22
+ "securitylake:RegisterDataLakeDelegatedAdministrator",
23
+ "securitylake:UpdateDataLake",
24
+ "securitylake:UpdateDataLakeExceptionSubscription",
25
+ "securitylake:UpdateSubscriberNotification"
26
+ ]
27
+ },
28
+ "removedActions": {
29
+ "Amazon Security Lake": [
30
+ "securitylake:CreateDatalake",
31
+ "securitylake:CreateDatalakeAutoEnable",
32
+ "securitylake:CreateDatalakeDelegatedAdmin",
33
+ "securitylake:CreateDatalakeExceptionsSubscription",
34
+ "securitylake:CreateSubscriptionNotificationConfiguration",
35
+ "securitylake:DeleteDatalake",
36
+ "securitylake:DeleteDatalakeAutoEnable",
37
+ "securitylake:DeleteDatalakeDelegatedAdmin",
38
+ "securitylake:DeleteDatalakeExceptionsSubscription",
39
+ "securitylake:DeleteSubscriptionNotificationConfiguration",
40
+ "securitylake:GetDatalake",
41
+ "securitylake:GetDatalakeAutoEnable",
42
+ "securitylake:GetDatalakeExceptionsExpiry",
43
+ "securitylake:GetDatalakeExceptionsSubscription",
44
+ "securitylake:GetDatalakeStatus",
45
+ "securitylake:GetSubscriptionNotificationConfiguration",
46
+ "securitylake:ListDatalakeExceptions",
47
+ "securitylake:UpdateDatalake",
48
+ "securitylake:UpdateDatalakeExceptionsExpiry",
49
+ "securitylake:UpdateDatalakeExceptionsSubscription",
50
+ "securitylake:UpdateSubscriptionNotificationConfiguration"
51
+ ]
52
+ }
53
+ },
2
54
  {
3
55
  "dateOfChange": "2023-05-31",
4
56
  "addedServices": [],
@@ -21,7 +73,35 @@
21
73
  "removedActions": {}
22
74
  },
23
75
  {
24
- "dateOfChange": "2023-05-30",
76
+ "dateOfChange": "2023-05-31",
77
+ "addedServices": [],
78
+ "removedServices": [],
79
+ "addedActions": {},
80
+ "removedActions": {}
81
+ },
82
+ {
83
+ "dateOfChange": "2023-05-31",
84
+ "addedServices": [],
85
+ "removedServices": [],
86
+ "addedActions": {},
87
+ "removedActions": {}
88
+ },
89
+ {
90
+ "dateOfChange": "2023-05-31",
91
+ "addedServices": [],
92
+ "removedServices": [],
93
+ "addedActions": {},
94
+ "removedActions": {}
95
+ },
96
+ {
97
+ "dateOfChange": "2023-05-31",
98
+ "addedServices": [],
99
+ "removedServices": [],
100
+ "addedActions": {},
101
+ "removedActions": {}
102
+ },
103
+ {
104
+ "dateOfChange": "2023-05-31",
25
105
  "addedServices": [],
26
106
  "removedServices": [],
27
107
  "addedActions": {},
package/data/iam.json CHANGED
@@ -75002,7 +75002,7 @@
75002
75002
  {
75003
75003
  "name": "evaluation_job",
75004
75004
  "apiReferenceUrl": "https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-get-started-test-in-simulator.html",
75005
- "arnPattern": "arn:${Partition}:deepracer:${Region}:${Account}: evaluation_job/${ResourceId}",
75005
+ "arnPattern": "arn:${Partition}:deepracer:${Region}:${Account}:evaluation_job/${ResourceId}",
75006
75006
  "conditionKeys": [
75007
75007
  "aws:ResourceTag/${TagKey}"
75008
75008
  ]
@@ -127527,12 +127527,6 @@
127527
127527
  "description": "Grants permission to create an event schema discoverer. Once created, your events will be automatically map into corresponding schema documents",
127528
127528
  "accessLevel": "Write",
127529
127529
  "resourceTypes": [
127530
- {
127531
- "resourceType": "discoverer",
127532
- "required": true,
127533
- "conditionKeys": [],
127534
- "dependentActions": []
127535
- },
127536
127530
  {
127537
127531
  "resourceType": "",
127538
127532
  "required": false,
@@ -128075,7 +128069,7 @@
128075
128069
  "resourceTypes": [
128076
128070
  {
128077
128071
  "name": "discoverer",
128078
- "apiReferenceUrl": "https://docs.aws.amazon.com/eventbridge/latest/userguide/iam-identity-based-access-control-eventbridge.html",
128072
+ "apiReferenceUrl": "https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-schema.html",
128079
128073
  "arnPattern": "arn:${Partition}:schemas:${Region}:${Account}:discoverer/${DiscovererId}",
128080
128074
  "conditionKeys": [
128081
128075
  "aws:ResourceTag/${TagKey}"
@@ -128083,7 +128077,7 @@
128083
128077
  },
128084
128078
  {
128085
128079
  "name": "registry",
128086
- "apiReferenceUrl": "https://docs.aws.amazon.com/eventbridge/latest/userguide/iam-identity-based-access-control-eventbridge.html",
128080
+ "apiReferenceUrl": "https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-schema.html",
128087
128081
  "arnPattern": "arn:${Partition}:schemas:${Region}:${Account}:registry/${RegistryName}",
128088
128082
  "conditionKeys": [
128089
128083
  "aws:ResourceTag/${TagKey}"
@@ -128091,7 +128085,7 @@
128091
128085
  },
128092
128086
  {
128093
128087
  "name": "schema",
128094
- "apiReferenceUrl": "https://docs.aws.amazon.com/eventbridge/latest/userguide/iam-identity-based-access-control-eventbridge.html",
128088
+ "apiReferenceUrl": "https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-schema.html",
128095
128089
  "arnPattern": "arn:${Partition}:schemas:${Region}:${Account}:schema/${RegistryName}/${SchemaName}",
128096
128090
  "conditionKeys": [
128097
128091
  "aws:ResourceTag/${TagKey}"
@@ -164433,7 +164427,8 @@
164433
164427
  "required": false,
164434
164428
  "conditionKeys": [
164435
164429
  "aws:RequestTag/${TagKey}",
164436
- "aws:TagKeys"
164430
+ "aws:TagKeys",
164431
+ "iotfleetwise:DestinationArn"
164437
164432
  ],
164438
164433
  "dependentActions": []
164439
164434
  }
@@ -165386,6 +165381,12 @@
165386
165381
  "description": "Filters access by the presence of tag keys in the request",
165387
165382
  "type": "ArrayOfString"
165388
165383
  },
165384
+ {
165385
+ "name": "iotfleetwise:DestinationArn",
165386
+ "apiReferenceUrl": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotfleetwise.html",
165387
+ "description": "Filters access by campaign destination ARN, eg. an S3 bucket ARN or a Timestream ARN",
165388
+ "type": "String"
165389
+ },
165389
165390
  {
165390
165391
  "name": "iotfleetwise:UpdateToDecoderManifestArn",
165391
165392
  "apiReferenceUrl": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiotfleetwise.html",
@@ -264116,12 +264117,12 @@
264116
264117
  "name": "CreateAwsLogSource",
264117
264118
  "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateAwsLogSource.html",
264118
264119
  "permissionOnly": false,
264119
- "description": "Grants permission to enable any source type in any region for accounts that are either part of a trusted organization or standalone accounts",
264120
+ "description": "Grants permission to enable any source type in any region for accounts that are either part of a trusted organization or standalone account",
264120
264121
  "accessLevel": "Write",
264121
264122
  "resourceTypes": [
264122
264123
  {
264123
- "resourceType": "",
264124
- "required": false,
264124
+ "resourceType": "data-lake",
264125
+ "required": true,
264125
264126
  "conditionKeys": [],
264126
264127
  "dependentActions": [
264127
264128
  "glue:CreateDatabase",
@@ -264139,12 +264140,12 @@
264139
264140
  "name": "CreateCustomLogSource",
264140
264141
  "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateCustomLogSource.html",
264141
264142
  "permissionOnly": false,
264142
- "description": "Grants permission to add a custom source name",
264143
+ "description": "Grants permission to add a custom source",
264143
264144
  "accessLevel": "Write",
264144
264145
  "resourceTypes": [
264145
264146
  {
264146
- "resourceType": "",
264147
- "required": false,
264147
+ "resourceType": "data-lake",
264148
+ "required": true,
264148
264149
  "conditionKeys": [],
264149
264150
  "dependentActions": [
264150
264151
  "glue:CreateCrawler",
@@ -264167,15 +264168,15 @@
264167
264168
  ]
264168
264169
  },
264169
264170
  {
264170
- "name": "CreateDatalake",
264171
- "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateDatalake.html",
264171
+ "name": "CreateDataLake",
264172
+ "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateDataLake.html",
264172
264173
  "permissionOnly": false,
264173
- "description": "Grants permission to create a new Security Data Lake",
264174
+ "description": "Grants permission to create a new security data lake",
264174
264175
  "accessLevel": "Write",
264175
264176
  "resourceTypes": [
264176
264177
  {
264177
- "resourceType": "",
264178
- "required": false,
264178
+ "resourceType": "data-lake",
264179
+ "required": true,
264179
264180
  "conditionKeys": [],
264180
264181
  "dependentActions": [
264181
264182
  "events:PutRule",
@@ -264192,6 +264193,7 @@
264192
264193
  "lambda:CreateEventSourceMapping",
264193
264194
  "lambda:CreateFunction",
264194
264195
  "organizations:DescribeOrganization",
264196
+ "organizations:ListAccounts",
264195
264197
  "organizations:ListDelegatedServicesForAccount",
264196
264198
  "s3:CreateBucket",
264197
264199
  "s3:ListBucket",
@@ -264206,10 +264208,10 @@
264206
264208
  ]
264207
264209
  },
264208
264210
  {
264209
- "name": "CreateDatalakeAutoEnable",
264210
- "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateDatalakeAutoEnable.html",
264211
+ "name": "CreateDataLakeExceptionSubscription",
264212
+ "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateDataLakeExceptionSubscription.html",
264211
264213
  "permissionOnly": false,
264212
- "description": "Grants permission to add to the configuration for automatically enabling Amazon Security Lake access for new organization accounts",
264214
+ "description": "Grants permission to get instant notifications about exceptions. Subscribes to the SNS topics for exception notifications",
264213
264215
  "accessLevel": "Write",
264214
264216
  "resourceTypes": [
264215
264217
  {
@@ -264221,37 +264223,15 @@
264221
264223
  ]
264222
264224
  },
264223
264225
  {
264224
- "name": "CreateDatalakeDelegatedAdmin",
264225
- "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateDatalakeDelegatedAdmin.html",
264226
- "permissionOnly": false,
264227
- "description": "Grants permission to designate the Amazon Security Lake administrator account for the organization",
264228
- "accessLevel": "Write",
264229
- "resourceTypes": [
264230
- {
264231
- "resourceType": "",
264232
- "required": false,
264233
- "conditionKeys": [],
264234
- "dependentActions": [
264235
- "iam:CreateServiceLinkedRole",
264236
- "organizations:DescribeOrganization",
264237
- "organizations:EnableAWSServiceAccess",
264238
- "organizations:ListDelegatedAdministrators",
264239
- "organizations:ListDelegatedServicesForAccount",
264240
- "organizations:RegisterDelegatedAdministrator"
264241
- ]
264242
- }
264243
- ]
264244
- },
264245
- {
264246
- "name": "CreateDatalakeExceptionsSubscription",
264247
- "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateDatalakeExceptionsSubscription.html",
264226
+ "name": "CreateDataLakeOrganizationConfiguration",
264227
+ "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateDataLakeOrganizationConfiguration.html",
264248
264228
  "permissionOnly": false,
264249
- "description": "Grants permission to get instant notifications about exceptions by subscribing to the SNS topics for exception notifications",
264229
+ "description": "Grants permission to automatically enable Amazon Security Lake for new member accounts in your organization",
264250
264230
  "accessLevel": "Write",
264251
264231
  "resourceTypes": [
264252
264232
  {
264253
- "resourceType": "",
264254
- "required": false,
264233
+ "resourceType": "data-lake",
264234
+ "required": true,
264255
264235
  "conditionKeys": [],
264256
264236
  "dependentActions": []
264257
264237
  }
@@ -264261,7 +264241,7 @@
264261
264241
  "name": "CreateSubscriber",
264262
264242
  "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateSubscriber.html",
264263
264243
  "permissionOnly": false,
264264
- "description": "Grants permission to create a subscription permission for accounts that are already enabled",
264244
+ "description": "Grants permission to create a subscriber",
264265
264245
  "accessLevel": "Write",
264266
264246
  "resourceTypes": [
264267
264247
  {
@@ -264286,15 +264266,15 @@
264286
264266
  ]
264287
264267
  },
264288
264268
  {
264289
- "name": "CreateSubscriptionNotificationConfiguration",
264290
- "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateSubscriptionNotificationConfiguration.html",
264269
+ "name": "CreateSubscriberNotification",
264270
+ "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_CreateSubscriberNotification.html",
264291
264271
  "permissionOnly": false,
264292
- "description": "Grants permission to create a webhook invocation to notify a client when there is new data in the Data Lake",
264272
+ "description": "Grants permission to create a webhook invocation to notify a client when there is new data in the data lake",
264293
264273
  "accessLevel": "Write",
264294
264274
  "resourceTypes": [
264295
264275
  {
264296
- "resourceType": "",
264297
- "required": false,
264276
+ "resourceType": "subscriber",
264277
+ "required": true,
264298
264278
  "conditionKeys": [],
264299
264279
  "dependentActions": [
264300
264280
  "events:CreateApiDestination",
@@ -264322,12 +264302,12 @@
264322
264302
  "name": "DeleteAwsLogSource",
264323
264303
  "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteAwsLogSource.html",
264324
264304
  "permissionOnly": false,
264325
- "description": "Grants permission to disable any source type in any region for accounts that are either part of a trusted organization or standalone accounts",
264305
+ "description": "Grants permission to disable any source type in any region for accounts that are part of a trusted organization or standalone accounts",
264326
264306
  "accessLevel": "Write",
264327
264307
  "resourceTypes": [
264328
264308
  {
264329
- "resourceType": "",
264330
- "required": false,
264309
+ "resourceType": "data-lake",
264310
+ "required": true,
264331
264311
  "conditionKeys": [],
264332
264312
  "dependentActions": []
264333
264313
  }
@@ -264337,12 +264317,12 @@
264337
264317
  "name": "DeleteCustomLogSource",
264338
264318
  "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteCustomLogSource.html",
264339
264319
  "permissionOnly": false,
264340
- "description": "Grants permission to remove a custom source name",
264320
+ "description": "Grants permission to remove a custom source",
264341
264321
  "accessLevel": "Write",
264342
264322
  "resourceTypes": [
264343
264323
  {
264344
- "resourceType": "",
264345
- "required": false,
264324
+ "resourceType": "data-lake",
264325
+ "required": true,
264346
264326
  "conditionKeys": [],
264347
264327
  "dependentActions": [
264348
264328
  "glue:StopCrawlerSchedule"
@@ -264351,15 +264331,15 @@
264351
264331
  ]
264352
264332
  },
264353
264333
  {
264354
- "name": "DeleteDatalake",
264355
- "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteDatalake.html",
264334
+ "name": "DeleteDataLake",
264335
+ "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteDataLake.html",
264356
264336
  "permissionOnly": false,
264357
- "description": "Grants permission to delete all Security Data Lakes",
264337
+ "description": "Grants permission to delete security data lake",
264358
264338
  "accessLevel": "Write",
264359
264339
  "resourceTypes": [
264360
264340
  {
264361
- "resourceType": "",
264362
- "required": false,
264341
+ "resourceType": "data-lake",
264342
+ "required": true,
264363
264343
  "conditionKeys": [],
264364
264344
  "dependentActions": [
264365
264345
  "organizations:DescribeOrganization",
@@ -264370,10 +264350,10 @@
264370
264350
  ]
264371
264351
  },
264372
264352
  {
264373
- "name": "DeleteDatalakeAutoEnable",
264374
- "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteDatalakeAutoEnable.html",
264353
+ "name": "DeleteDataLakeExceptionSubscription",
264354
+ "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteDataLakeExceptionSubscription.html",
264375
264355
  "permissionOnly": false,
264376
- "description": "Grants permission to remove from the existing configuration the automatic enabling of Amazon Security Lake access for new organization accounts",
264356
+ "description": "Grants permission to unsubscribe from SNS topics for exception notifications. Removes exception notifications for the SNS topic",
264377
264357
  "accessLevel": "Write",
264378
264358
  "resourceTypes": [
264379
264359
  {
@@ -264385,34 +264365,15 @@
264385
264365
  ]
264386
264366
  },
264387
264367
  {
264388
- "name": "DeleteDatalakeDelegatedAdmin",
264389
- "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteDatalakeDelegatedAdmin.html",
264368
+ "name": "DeleteDataLakeOrganizationConfiguration",
264369
+ "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteDataLakeOrganizationConfiguration.html",
264390
264370
  "permissionOnly": false,
264391
- "description": "Grants permission to remove the Delegated Administrator account and disable Amazon Security Lake as a service for this organization",
264371
+ "description": "Grants permission to remove the automatic enablement of Amazon Security Lake access for new organization accounts",
264392
264372
  "accessLevel": "Write",
264393
264373
  "resourceTypes": [
264394
264374
  {
264395
- "resourceType": "",
264396
- "required": false,
264397
- "conditionKeys": [],
264398
- "dependentActions": [
264399
- "organizations:DeregisterDelegatedAdministrator",
264400
- "organizations:DescribeOrganization",
264401
- "organizations:ListDelegatedServicesForAccount"
264402
- ]
264403
- }
264404
- ]
264405
- },
264406
- {
264407
- "name": "DeleteDatalakeExceptionsSubscription",
264408
- "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteDatalakeExceptionsSubscription.html",
264409
- "permissionOnly": false,
264410
- "description": "Grants permission to unsubscribe from SNS topics for exception notifications. Also, removes the SNS exception notifications topic",
264411
- "accessLevel": "Write",
264412
- "resourceTypes": [
264413
- {
264414
- "resourceType": "",
264415
- "required": false,
264375
+ "resourceType": "data-lake",
264376
+ "required": true,
264416
264377
  "conditionKeys": [],
264417
264378
  "dependentActions": []
264418
264379
  }
@@ -264422,12 +264383,12 @@
264422
264383
  "name": "DeleteSubscriber",
264423
264384
  "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteSubscriber.html",
264424
264385
  "permissionOnly": false,
264425
- "description": "Grants permission to delete the specified subscription permissions for accounts that are already enabled",
264386
+ "description": "Grants permission to delete the specified subscriber",
264426
264387
  "accessLevel": "Write",
264427
264388
  "resourceTypes": [
264428
264389
  {
264429
- "resourceType": "",
264430
- "required": false,
264390
+ "resourceType": "subscriber",
264391
+ "required": true,
264431
264392
  "conditionKeys": [],
264432
264393
  "dependentActions": [
264433
264394
  "events:DeleteApiDestination",
@@ -264450,15 +264411,15 @@
264450
264411
  ]
264451
264412
  },
264452
264413
  {
264453
- "name": "DeleteSubscriptionNotificationConfiguration",
264454
- "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteSubscriptionNotificationConfiguration.html",
264414
+ "name": "DeleteSubscriberNotification",
264415
+ "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteSubscriberNotification.html",
264455
264416
  "permissionOnly": false,
264456
- "description": "Grants permission to remove a webhook invocation to notify a client when there is new data in the Data Lake",
264417
+ "description": "Grants permission to remove a webhook invocation to notify a client when there is new data in the data lake",
264457
264418
  "accessLevel": "Write",
264458
264419
  "resourceTypes": [
264459
264420
  {
264460
- "resourceType": "",
264461
- "required": false,
264421
+ "resourceType": "subscriber",
264422
+ "required": true,
264462
264423
  "conditionKeys": [],
264463
264424
  "dependentActions": [
264464
264425
  "events:DeleteApiDestination",
@@ -264480,42 +264441,29 @@
264480
264441
  ]
264481
264442
  },
264482
264443
  {
264483
- "name": "GetDatalake",
264484
- "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_GetDatalake.html",
264444
+ "name": "DeregisterDataLakeDelegatedAdministrator",
264445
+ "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeregisterDataLakeDelegatedAdministrator.html",
264485
264446
  "permissionOnly": false,
264486
- "description": "Grants permission to get information on the Security Data Lake",
264487
- "accessLevel": "Read",
264488
- "resourceTypes": [
264489
- {
264490
- "resourceType": "",
264491
- "required": false,
264492
- "conditionKeys": [],
264493
- "dependentActions": []
264494
- }
264495
- ]
264496
- },
264497
- {
264498
- "name": "GetDatalakeAutoEnable",
264499
- "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_GetDatalakeAutoEnable.html",
264500
- "permissionOnly": false,
264501
- "description": "Grants permission to get an organization’s configuration setting for the automatic enabling of Amazon Security Lake access for new organization accounts",
264502
- "accessLevel": "Read",
264447
+ "description": "Grants permission to remove the Delegated Administrator account and disable Amazon Security Lake as a service for this organization",
264448
+ "accessLevel": "Write",
264503
264449
  "resourceTypes": [
264504
264450
  {
264505
264451
  "resourceType": "",
264506
264452
  "required": false,
264507
264453
  "conditionKeys": [],
264508
264454
  "dependentActions": [
264509
- "organizations:DescribeOrganization"
264455
+ "organizations:DeregisterDelegatedAdministrator",
264456
+ "organizations:DescribeOrganization",
264457
+ "organizations:ListDelegatedServicesForAccount"
264510
264458
  ]
264511
264459
  }
264512
264460
  ]
264513
264461
  },
264514
264462
  {
264515
- "name": "GetDatalakeExceptionsExpiry",
264516
- "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_GetDatalakeExceptionsExpiry.html",
264463
+ "name": "GetDataLakeExceptionSubscription",
264464
+ "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_GetDataLakeExceptionSubscription.html",
264517
264465
  "permissionOnly": false,
264518
- "description": "Grants permission to allow user to query what was set as the expiration period for the exception message",
264466
+ "description": "Grants permission to query the protocol and endpoint that were provided when subscribing to SNS topics for exception notifications",
264519
264467
  "accessLevel": "Read",
264520
264468
  "resourceTypes": [
264521
264469
  {
@@ -264527,30 +264475,32 @@
264527
264475
  ]
264528
264476
  },
264529
264477
  {
264530
- "name": "GetDatalakeExceptionsSubscription",
264531
- "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_GetDatalakeExceptionsSubscription.html",
264478
+ "name": "GetDataLakeOrganizationConfiguration",
264479
+ "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_GetDataLakeOrganizationConfiguration.html",
264532
264480
  "permissionOnly": false,
264533
- "description": "Grants permission to query the protocol and endpoint that were supplied when subscribing to the SNS topics for exception notifications",
264481
+ "description": "Grants permission to get an organization’s configuration setting for automatically enabling Amazon Security Lake access for new organization accounts",
264534
264482
  "accessLevel": "Read",
264535
264483
  "resourceTypes": [
264536
264484
  {
264537
- "resourceType": "",
264538
- "required": false,
264485
+ "resourceType": "data-lake",
264486
+ "required": true,
264539
264487
  "conditionKeys": [],
264540
- "dependentActions": []
264488
+ "dependentActions": [
264489
+ "organizations:DescribeOrganization"
264490
+ ]
264541
264491
  }
264542
264492
  ]
264543
264493
  },
264544
264494
  {
264545
- "name": "GetDatalakeStatus",
264546
- "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_GetDatalakeStatus.html",
264495
+ "name": "GetDataLakeSources",
264496
+ "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_GetDataLakeSources.html",
264547
264497
  "permissionOnly": false,
264548
- "description": "Grants permission to get a static snapshot of the Security Data Lake in the current region, including enabled accounts and log sources",
264498
+ "description": "Grants permission to get a static snapshot of the security data lake in the current region. The snapshot includes enabled accounts and log sources",
264549
264499
  "accessLevel": "Read",
264550
264500
  "resourceTypes": [
264551
264501
  {
264552
- "resourceType": "",
264553
- "required": false,
264502
+ "resourceType": "data-lake",
264503
+ "required": true,
264554
264504
  "conditionKeys": [],
264555
264505
  "dependentActions": []
264556
264506
  }
@@ -264560,23 +264510,23 @@
264560
264510
  "name": "GetSubscriber",
264561
264511
  "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_GetSubscriber.html",
264562
264512
  "permissionOnly": false,
264563
- "description": "Grants permission to get subscription information for a subscription permission for accounts that are already enabled",
264513
+ "description": "Grants permission to get information about subscriber that is already created",
264564
264514
  "accessLevel": "Read",
264565
264515
  "resourceTypes": [
264566
264516
  {
264567
- "resourceType": "",
264568
- "required": false,
264517
+ "resourceType": "subscriber",
264518
+ "required": true,
264569
264519
  "conditionKeys": [],
264570
264520
  "dependentActions": []
264571
264521
  }
264572
264522
  ]
264573
264523
  },
264574
264524
  {
264575
- "name": "GetSubscriptionNotificationConfiguration",
264576
- "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_GetSubscriptionNotificationConfiguration.html",
264525
+ "name": "ListDataLakeExceptions",
264526
+ "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_ListDataLakeExceptions.html",
264577
264527
  "permissionOnly": false,
264578
- "description": "Grants permission to get information for a webhook invocation to notify a client when there is new data in the Data Lake",
264579
- "accessLevel": "Read",
264528
+ "description": "Grants permission to get the list of all non-retryable failures",
264529
+ "accessLevel": "List",
264580
264530
  "resourceTypes": [
264581
264531
  {
264582
264532
  "resourceType": "",
@@ -264587,10 +264537,10 @@
264587
264537
  ]
264588
264538
  },
264589
264539
  {
264590
- "name": "ListDatalakeExceptions",
264591
- "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_ListDatalakeExceptions.html",
264540
+ "name": "ListDataLakes",
264541
+ "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_ListDataLakes.html",
264592
264542
  "permissionOnly": false,
264593
- "description": "Grants permission to get the list of all non-retry-able failures",
264543
+ "description": "Grants permission to list information about the security data lakes",
264594
264544
  "accessLevel": "List",
264595
264545
  "resourceTypes": [
264596
264546
  {
@@ -264605,7 +264555,7 @@
264605
264555
  "name": "ListLogSources",
264606
264556
  "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_ListLogSources.html",
264607
264557
  "permissionOnly": false,
264608
- "description": "Grants permission to show the estate view of enabled accounts with the enabled sources in the enabled regions",
264558
+ "description": "Grants permission to view the enabled accounts. You can view the enabled sources in the enabled regions",
264609
264559
  "accessLevel": "List",
264610
264560
  "resourceTypes": [
264611
264561
  {
@@ -264620,7 +264570,7 @@
264620
264570
  "name": "ListSubscribers",
264621
264571
  "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_ListSubscribers.html",
264622
264572
  "permissionOnly": false,
264623
- "description": "Grants permission to list all subscription permissions for accounts that are already enabled",
264573
+ "description": "Grants permission to list all subscribers",
264624
264574
  "accessLevel": "List",
264625
264575
  "resourceTypes": [
264626
264576
  {
@@ -264632,16 +264582,38 @@
264632
264582
  ]
264633
264583
  },
264634
264584
  {
264635
- "name": "UpdateDatalake",
264636
- "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_UpdateDatalake.html",
264585
+ "name": "RegisterDataLakeDelegatedAdministrator",
264586
+ "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_RegisterDataLakeDelegatedAdministrator.html",
264637
264587
  "permissionOnly": false,
264638
- "description": "Grants permission to update a Security Data Lake",
264588
+ "description": "Grants permission to designate an account as the Amazon Security Lake administrator account for the organization",
264639
264589
  "accessLevel": "Write",
264640
264590
  "resourceTypes": [
264641
264591
  {
264642
264592
  "resourceType": "",
264643
264593
  "required": false,
264644
264594
  "conditionKeys": [],
264595
+ "dependentActions": [
264596
+ "iam:CreateServiceLinkedRole",
264597
+ "organizations:DescribeOrganization",
264598
+ "organizations:EnableAWSServiceAccess",
264599
+ "organizations:ListDelegatedAdministrators",
264600
+ "organizations:ListDelegatedServicesForAccount",
264601
+ "organizations:RegisterDelegatedAdministrator"
264602
+ ]
264603
+ }
264604
+ ]
264605
+ },
264606
+ {
264607
+ "name": "UpdateDataLake",
264608
+ "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_UpdateDataLake.html",
264609
+ "permissionOnly": false,
264610
+ "description": "Grants permission to update a security data lake",
264611
+ "accessLevel": "Write",
264612
+ "resourceTypes": [
264613
+ {
264614
+ "resourceType": "data-lake",
264615
+ "required": true,
264616
+ "conditionKeys": [],
264645
264617
  "dependentActions": [
264646
264618
  "events:PutRule",
264647
264619
  "events:PutTargets",
@@ -264670,23 +264642,8 @@
264670
264642
  ]
264671
264643
  },
264672
264644
  {
264673
- "name": "UpdateDatalakeExceptionsExpiry",
264674
- "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_UpdateDatalakeExceptionsExpiry.html",
264675
- "permissionOnly": false,
264676
- "description": "Grants permission to control the time-to-live (TTL) for the exception message to remain in service cache",
264677
- "accessLevel": "Write",
264678
- "resourceTypes": [
264679
- {
264680
- "resourceType": "",
264681
- "required": false,
264682
- "conditionKeys": [],
264683
- "dependentActions": []
264684
- }
264685
- ]
264686
- },
264687
- {
264688
- "name": "UpdateDatalakeExceptionsSubscription",
264689
- "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_UpdateDatalakeExceptionsSubscription.html",
264645
+ "name": "UpdateDataLakeExceptionSubscription",
264646
+ "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_UpdateDataLakeExceptionSubscription.html",
264690
264647
  "permissionOnly": false,
264691
264648
  "description": "Grants permission to update subscriptions to the SNS topics for exception notifications",
264692
264649
  "accessLevel": "Write",
@@ -264703,12 +264660,12 @@
264703
264660
  "name": "UpdateSubscriber",
264704
264661
  "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_UpdateSubscriber.html",
264705
264662
  "permissionOnly": false,
264706
- "description": "Grants permission to update subscription information for a subscription permission for accounts that are already enabled",
264663
+ "description": "Grants permission to update subscriber",
264707
264664
  "accessLevel": "Write",
264708
264665
  "resourceTypes": [
264709
264666
  {
264710
- "resourceType": "",
264711
- "required": false,
264667
+ "resourceType": "subscriber",
264668
+ "required": true,
264712
264669
  "conditionKeys": [],
264713
264670
  "dependentActions": [
264714
264671
  "events:CreateApiDestination",
@@ -264726,15 +264683,15 @@
264726
264683
  ]
264727
264684
  },
264728
264685
  {
264729
- "name": "UpdateSubscriptionNotificationConfiguration",
264730
- "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_UpdateSubscriptionNotificationConfiguration.html",
264686
+ "name": "UpdateSubscriberNotification",
264687
+ "apiReferenceUrl": "https://docs.aws.amazon.com/security-lake/latest/APIReference/API_UpdateSubscriberNotification.html",
264731
264688
  "permissionOnly": false,
264732
- "description": "Grants permission to update a webhook invocation to notify a client when there is new data in the Data Lake",
264689
+ "description": "Grants permission to update a webhook invocation to notify a client when there is new data in the data lake",
264733
264690
  "accessLevel": "Write",
264734
264691
  "resourceTypes": [
264735
264692
  {
264736
- "resourceType": "",
264737
- "required": false,
264693
+ "resourceType": "subscriber",
264694
+ "required": true,
264738
264695
  "conditionKeys": [],
264739
264696
  "dependentActions": [
264740
264697
  "events:CreateApiDestination",
@@ -264767,7 +264724,20 @@
264767
264724
  ]
264768
264725
  }
264769
264726
  ],
264770
- "resourceTypes": [],
264727
+ "resourceTypes": [
264728
+ {
264729
+ "name": "data-lake",
264730
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonSecurityLake/latest/data_lake.html",
264731
+ "arnPattern": "arn:${Partition}:securitylake:${Region}:${Account}:data-lake/default",
264732
+ "conditionKeys": []
264733
+ },
264734
+ {
264735
+ "name": "subscriber",
264736
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonSecurityLake/latest/subscriber.html",
264737
+ "arnPattern": "arn:${Partition}:securitylake:${Region}:${Account}:subscriber/${SubscriberId}",
264738
+ "conditionKeys": []
264739
+ }
264740
+ ],
264771
264741
  "conditionKeys": []
264772
264742
  },
264773
264743
  {
package/data/metadata.json CHANGED
@@ -11993,11 +11993,12 @@
11993
11993
  "signalcatalog",
11994
11994
  "vehicle"
11995
11995
  ],
11996
- "conditionKeysCount": 5,
11996
+ "conditionKeysCount": 6,
11997
11997
  "conditionKeys": [
11998
11998
  "aws:RequestTag/${TagKey}",
11999
11999
  "aws:ResourceTag/${TagKey}",
12000
12000
  "aws:TagKeys",
12001
+ "iotfleetwise:DestinationArn",
12001
12002
  "iotfleetwise:UpdateToDecoderManifestArn",
12002
12003
  "iotfleetwise:UpdateToModelManifestArn"
12003
12004
  ]
@@ -19500,42 +19501,42 @@
19500
19501
  "name": "Amazon Security Lake",
19501
19502
  "servicePrefix": "securitylake",
19502
19503
  "authReferenceUrl": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonsecuritylake.html",
19503
- "actionsCount": 31,
19504
+ "actionsCount": 28,
19504
19505
  "actions": [
19505
19506
  "CreateAwsLogSource",
19506
19507
  "CreateCustomLogSource",
19507
- "CreateDatalake",
19508
- "CreateDatalakeAutoEnable",
19509
- "CreateDatalakeDelegatedAdmin",
19510
- "CreateDatalakeExceptionsSubscription",
19508
+ "CreateDataLake",
19509
+ "CreateDataLakeExceptionSubscription",
19510
+ "CreateDataLakeOrganizationConfiguration",
19511
19511
  "CreateSubscriber",
19512
- "CreateSubscriptionNotificationConfiguration",
19512
+ "CreateSubscriberNotification",
19513
19513
  "DeleteAwsLogSource",
19514
19514
  "DeleteCustomLogSource",
19515
- "DeleteDatalake",
19516
- "DeleteDatalakeAutoEnable",
19517
- "DeleteDatalakeDelegatedAdmin",
19518
- "DeleteDatalakeExceptionsSubscription",
19515
+ "DeleteDataLake",
19516
+ "DeleteDataLakeExceptionSubscription",
19517
+ "DeleteDataLakeOrganizationConfiguration",
19519
19518
  "DeleteSubscriber",
19520
- "DeleteSubscriptionNotificationConfiguration",
19521
- "GetDatalake",
19522
- "GetDatalakeAutoEnable",
19523
- "GetDatalakeExceptionsExpiry",
19524
- "GetDatalakeExceptionsSubscription",
19525
- "GetDatalakeStatus",
19519
+ "DeleteSubscriberNotification",
19520
+ "DeregisterDataLakeDelegatedAdministrator",
19521
+ "GetDataLakeExceptionSubscription",
19522
+ "GetDataLakeOrganizationConfiguration",
19523
+ "GetDataLakeSources",
19526
19524
  "GetSubscriber",
19527
- "GetSubscriptionNotificationConfiguration",
19528
- "ListDatalakeExceptions",
19525
+ "ListDataLakeExceptions",
19526
+ "ListDataLakes",
19529
19527
  "ListLogSources",
19530
19528
  "ListSubscribers",
19531
- "UpdateDatalake",
19532
- "UpdateDatalakeExceptionsExpiry",
19533
- "UpdateDatalakeExceptionsSubscription",
19529
+ "RegisterDataLakeDelegatedAdministrator",
19530
+ "UpdateDataLake",
19531
+ "UpdateDataLakeExceptionSubscription",
19534
19532
  "UpdateSubscriber",
19535
- "UpdateSubscriptionNotificationConfiguration"
19533
+ "UpdateSubscriberNotification"
19534
+ ],
19535
+ "resourceTypesCount": 2,
19536
+ "resourceTypes": [
19537
+ "data-lake",
19538
+ "subscriber"
19536
19539
  ],
19537
- "resourceTypesCount": 0,
19538
- "resourceTypes": [],
19539
19540
  "conditionKeysCount": 0,
19540
19541
  "conditionKeys": []
19541
19542
  },
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "aws-iam-data",
3
- "version": "0.0.12",
3
+ "version": "0.0.13",
4
4
  "description": "Provides AWS IAM data gathered from the official AWS IAM docs as a convenient npm package that can be used in other OSS projects.",
5
5
  "main": "./src/index.js",
6
6
  "types": "./src/awsIamData.d.ts",