npm - aws-iam-data - Versions diffs - 0.0.22 → 0.0.24 - Mend

aws-iam-data 0.0.22 → 0.0.24

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/data/json/changelog.json CHANGED Viewed

@@ -1,4 +1,24 @@
 [
+  {
+    "dateOfChange": "2023-06-13",
+    "addedServices": [],
+    "removedServices": [],
+    "addedActions": {
+      "Amazon CodeGuru Security": [
+        "codeguru-security:GetMetricsSummary",
+        "codeguru-security:ListFindingsMetrics",
+        "codeguru-security:ListTagsForResource",
+        "codeguru-security:TagResource",
+        "codeguru-security:UntagResource"
+      ],
+      "Amazon Connect": [
+        "connect:SearchHoursOfOperations",
+        "connect:SearchPrompts",
+        "connect:SearchQuickConnects"
+      ]
+    },
+    "removedActions": {}
+  },
   {
     "dateOfChange": "2023-06-10",
     "addedServices": [

package/data/json/iam.json CHANGED Viewed

@@ -48560,8 +48560,8 @@
         "accessLevel": "Read",
         "resourceTypes": [
           {
-            "resourceType": "",
-            "required": false,
+            "resourceType": "ScanName",
+            "required": true,
             "conditionKeys": [],
             "dependentActions": []
           }
@@ -48571,7 +48571,7 @@
         "name": "CreateScan",
         "apiReferenceUrl": "${APIReferenceDocPage}",
         "permissionOnly": true,
-        "description": "Grants permission to create CodeGuru Security scan",
+        "description": "Grants permission to create a CodeGuru Security scan",
         "accessLevel": "Write",
         "resourceTypes": [
           {
@@ -48579,6 +48579,15 @@
             "required": true,
             "conditionKeys": [],
             "dependentActions": []
+          },
+          {
+            "resourceType": "",
+            "required": false,
+            "conditionKeys": [
+              "aws:TagKeys",
+              "aws:RequestTag/${TagKey}"
+            ],
+            "dependentActions": []
           }
         ]
       },
@@ -48642,6 +48651,21 @@
           }
         ]
       },
+      {
+        "name": "GetMetricsSummary",
+        "apiReferenceUrl": "${APIReferenceDocPage}",
+        "permissionOnly": true,
+        "description": "Grants permission to retrieve AWS accout level metrics summary generated by CodeGuru Security",
+        "accessLevel": "Read",
+        "resourceTypes": [
+          {
+            "resourceType": "",
+            "required": false,
+            "conditionKeys": [],
+            "dependentActions": []
+          }
+        ]
+      },
       {
         "name": "GetScan",
         "apiReferenceUrl": "${APIReferenceDocPage}",
@@ -48654,6 +48678,14 @@
             "required": true,
             "conditionKeys": [],
             "dependentActions": []
+          },
+          {
+            "resourceType": "",
+            "required": false,
+            "conditionKeys": [
+              "aws:ResourceTag/${TagKey}"
+            ],
+            "dependentActions": []
           }
         ]
       },
@@ -48672,6 +48704,21 @@
           }
         ]
       },
+      {
+        "name": "ListFindingsMetrics",
+        "apiReferenceUrl": "${APIReferenceDocPage}",
+        "permissionOnly": true,
+        "description": "Grants permission to retrieve a list of account level findings metrics within a date range",
+        "accessLevel": "List",
+        "resourceTypes": [
+          {
+            "resourceType": "",
+            "required": false,
+            "conditionKeys": [],
+            "dependentActions": []
+          }
+        ]
+      },
       {
         "name": "ListScans",
         "apiReferenceUrl": "${APIReferenceDocPage}",
@@ -48687,6 +48734,76 @@
           }
         ]
       },
+      {
+        "name": "ListTagsForResource",
+        "apiReferenceUrl": "${APIReferenceDocPage}",
+        "permissionOnly": true,
+        "description": "Grants permission to retrieve a list of tags for a scan name ARN",
+        "accessLevel": "Read",
+        "resourceTypes": [
+          {
+            "resourceType": "ScanName",
+            "required": true,
+            "conditionKeys": [],
+            "dependentActions": []
+          },
+          {
+            "resourceType": "",
+            "required": false,
+            "conditionKeys": [
+              "aws:ResourceTag/${TagKey}"
+            ],
+            "dependentActions": []
+          }
+        ]
+      },
+      {
+        "name": "TagResource",
+        "apiReferenceUrl": "${APIReferenceDocPage}",
+        "permissionOnly": true,
+        "description": "Grants permission to add tags to a scan name ARN",
+        "accessLevel": "Tagging",
+        "resourceTypes": [
+          {
+            "resourceType": "ScanName",
+            "required": true,
+            "conditionKeys": [],
+            "dependentActions": []
+          },
+          {
+            "resourceType": "",
+            "required": false,
+            "conditionKeys": [
+              "aws:TagKeys",
+              "aws:RequestTag/${TagKey}"
+            ],
+            "dependentActions": []
+          }
+        ]
+      },
+      {
+        "name": "UntagResource",
+        "apiReferenceUrl": "${APIReferenceDocPage}",
+        "permissionOnly": true,
+        "description": "Grants permission to remove tags from a scan name ARN",
+        "accessLevel": "Tagging",
+        "resourceTypes": [
+          {
+            "resourceType": "ScanName",
+            "required": true,
+            "conditionKeys": [],
+            "dependentActions": []
+          },
+          {
+            "resourceType": "",
+            "required": false,
+            "conditionKeys": [
+              "aws:TagKeys"
+            ],
+            "dependentActions": []
+          }
+        ]
+      },
       {
         "name": "UpdateAccountConfiguration",
         "apiReferenceUrl": "${APIReferenceDocPage}",
@@ -48708,10 +48825,31 @@
         "name": "ScanName",
         "apiReferenceUrl": "https://docs.aws.amazon.com/codeguru/latest/security-ug/getting-started.html",
         "arnPattern": "arn:${Partition}:codeguru-security:${Region}:${Account}:scans/${ScanName}",
-        "conditionKeys": []
+        "conditionKeys": [
+          "aws:ResourceTag/${TagKey}"
+        ]
       }
     ],
-    "conditionKeys": []
+    "conditionKeys": [
+      {
+        "name": "aws:RequestTag/${TagKey}",
+        "apiReferenceUrl": "https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag",
+        "description": "Filters access by the tags that are passed in the request",
+        "type": "String"
+      },
+      {
+        "name": "aws:ResourceTag/${TagKey}",
+        "apiReferenceUrl": "https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag",
+        "description": "Filters access by the tags associated with the resource",
+        "type": "String"
+      },
+      {
+        "name": "aws:TagKeys",
+        "apiReferenceUrl": "https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys",
+        "description": "Filters access by the tag keys that are passed in the request",
+        "type": "ArrayOfString"
+      }
+    ]
   },
   {
     "name": "AWS CodePipeline",
@@ -61299,6 +61437,58 @@
           }
         ]
       },
+      {
+        "name": "SearchHoursOfOperations",
+        "apiReferenceUrl": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchHoursOfOperations.html",
+        "permissionOnly": false,
+        "description": "Grants permission to search hours of opeartion resources in an Amazon Connect instance",
+        "accessLevel": "Read",
+        "resourceTypes": [
+          {
+            "resourceType": "instance",
+            "required": true,
+            "conditionKeys": [],
+            "dependentActions": [
+              "connect:DescribeHoursOfOperation"
+            ]
+          },
+          {
+            "resourceType": "",
+            "required": false,
+            "conditionKeys": [
+              "connect:InstanceId",
+              "connect:SearchTag/${TagKey}"
+            ],
+            "dependentActions": []
+          }
+        ]
+      },
+      {
+        "name": "SearchPrompts",
+        "apiReferenceUrl": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchPrompts.html",
+        "permissionOnly": false,
+        "description": "Grants permission to search prompt resources in an Amazon Connect instance",
+        "accessLevel": "Read",
+        "resourceTypes": [
+          {
+            "resourceType": "instance",
+            "required": true,
+            "conditionKeys": [],
+            "dependentActions": [
+              "connect:DescribePrompt"
+            ]
+          },
+          {
+            "resourceType": "",
+            "required": false,
+            "conditionKeys": [
+              "connect:InstanceId",
+              "connect:SearchTag/${TagKey}"
+            ],
+            "dependentActions": []
+          }
+        ]
+      },
       {
         "name": "SearchQueues",
         "apiReferenceUrl": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchQueues.html",
@@ -61325,6 +61515,32 @@
           }
         ]
       },
+      {
+        "name": "SearchQuickConnects",
+        "apiReferenceUrl": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchQuickConnects.html",
+        "permissionOnly": false,
+        "description": "Grants permission to search quick connect resources in an Amazon Connect instance",
+        "accessLevel": "Read",
+        "resourceTypes": [
+          {
+            "resourceType": "instance",
+            "required": true,
+            "conditionKeys": [],
+            "dependentActions": [
+              "connect:DescribeQuickConnect"
+            ]
+          },
+          {
+            "resourceType": "",
+            "required": false,
+            "conditionKeys": [
+              "connect:InstanceId",
+              "connect:SearchTag/${TagKey}"
+            ],
+            "dependentActions": []
+          }
+        ]
+      },
       {
         "name": "SearchRoutingProfiles",
         "apiReferenceUrl": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchRoutingProfiles.html",

package/data/json/metadata.json CHANGED Viewed

@@ -3940,7 +3940,7 @@
       "name": "Amazon CodeGuru Security",
       "servicePrefix": "codeguru-security",
       "authReferenceUrl": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncodegurusecurity.html",
-      "actionsCount": 10,
+      "actionsCount": 15,
       "actions": [
         "BatchGetFindings",
         "CreateScan",
@@ -3948,17 +3948,26 @@
         "DeleteScansByCategory",
         "GetAccountConfiguration",
         "GetFindings",
+        "GetMetricsSummary",
         "GetScan",
         "ListFindings",
+        "ListFindingsMetrics",
         "ListScans",
+        "ListTagsForResource",
+        "TagResource",
+        "UntagResource",
         "UpdateAccountConfiguration"
       ],
       "resourceTypesCount": 1,
       "resourceTypes": [
         "ScanName"
       ],
-      "conditionKeysCount": 0,
-      "conditionKeys": []
+      "conditionKeysCount": 3,
+      "conditionKeys": [
+        "aws:RequestTag/${TagKey}",
+        "aws:ResourceTag/${TagKey}",
+        "aws:TagKeys"
+      ]
     },
     {
       "name": "AWS CodePipeline",
@@ -4690,7 +4699,7 @@
       "name": "Amazon Connect",
       "servicePrefix": "connect",
       "authReferenceUrl": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonconnect.html",
-      "actionsCount": 199,
+      "actionsCount": 202,
       "actions": [
         "ActivateEvaluationForm",
         "AssociateApprovedOrigin",
@@ -4831,7 +4840,10 @@
         "ReplicateInstance",
         "ResumeContactRecording",
         "SearchAvailablePhoneNumbers",
+        "SearchHoursOfOperations",
+        "SearchPrompts",
         "SearchQueues",
+        "SearchQuickConnects",
         "SearchRoutingProfiles",
         "SearchSecurityProfiles",
         "SearchUsers",

package/data/json/reports.json ADDED Viewed

@@ -0,0 +1,420 @@
+{
+  "Actions by type": [
+    {
+      "key": "Write Actions",
+      "value": 8180
+    },
+    {
+      "key": "Read Actions",
+      "value": 3979
+    },
+    {
+      "key": "List Actions",
+      "value": 2326
+    },
+    {
+      "key": "Permissions Actions",
+      "value": 235
+    }
+  ],
+  "Longest action names": [
+    {
+      "key": "servicecatalog:BatchDisassociateServiceActionFromProvisioningArtifact",
+      "value": 69
+    },
+    {
+      "key": "aws-marketplace-management:GetAdditionalSellerNotificationRecipients",
+      "value": 68
+    },
+    {
+      "key": "aws-marketplace-management:PutAdditionalSellerNotificationRecipients",
+      "value": 68
+    },
+    {
+      "key": "servicecatalog:NotifyTerminateProvisionedProductEngineWorkflowResult",
+      "value": 68
+    },
+    {
+      "key": "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations",
+      "value": 67
+    },
+    {
+      "key": "license-manager-linux-subscriptions:ListLinuxSubscriptionInstances",
+      "value": 66
+    },
+    {
+      "key": "servicecatalog:BatchAssociateServiceActionWithProvisioningArtifact",
+      "value": 66
+    },
+    {
+      "key": "vendor-insights:UpdateSecurityProfileSnapshotCreationConfiguration",
+      "value": 66
+    },
+    {
+      "key": "iotwireless:StartBulkDisassociateWirelessDeviceFromMulticastGroup",
+      "value": 65
+    },
+    {
+      "key": "license-manager-user-subscriptions:UpdateIdentityProviderSettings",
+      "value": 65
+    }
+  ],
+  "Longest condition key names": [
+    {
+      "key": "route53:ChangeResourceRecordSetsNormalizedRecordNames",
+      "value": 53
+    },
+    {
+      "key": "vpc-lattice-svcs:RequestQueryString/${QueryStringKey}",
+      "value": 53
+    },
+    {
+      "key": "sagemaker:CustomerMetadataProperties/${MetadataKey}",
+      "value": 51
+    },
+    {
+      "key": "route53-recovery-cluster:AllowSafetyRulesOverrides",
+      "value": 50
+    },
+    {
+      "key": "s3:x-amz-server-side-encryption-customer-algorithm",
+      "value": 50
+    },
+    {
+      "key": "amplifyuibuilder:ComponentResourceEnvironmentName",
+      "value": 49
+    },
+    {
+      "key": "codestar-connections:ProviderPermissionsRequired",
+      "value": 48
+    },
+    {
+      "key": "codestar-notifications:NotificationsForResource",
+      "value": 47
+    },
+    {
+      "key": "fsx:NfsDataRepositoryEncryptionInTransitEnabled",
+      "value": 47
+    },
+    {
+      "key": "sagemaker:MinimumInstanceMetadataServiceVersion",
+      "value": 47
+    }
+  ],
+  "Longest service prefixes": [
+    {
+      "key": "license-manager-linux-subscriptions",
+      "value": 35
+    },
+    {
+      "key": "license-manager-user-subscriptions",
+      "value": 34
+    },
+    {
+      "key": "route53-recovery-control-config",
+      "value": 31
+    },
+    {
+      "key": "sagemaker-groundtruth-synthetic",
+      "value": 31
+    },
+    {
+      "key": "elemental-appliances-software",
+      "value": 29
+    },
+    {
+      "key": "marketplacecommerceanalytics",
+      "value": 28
+    },
+    {
+      "key": "aws-marketplace-management",
+      "value": 26
+    },
+    {
+      "key": "codedeploy-commands-secure",
+      "value": 26
+    },
+    {
+      "key": "route53-recovery-readiness",
+      "value": 26
+    },
+    {
+      "key": "application-cost-profiler",
+      "value": 25
+    }
+  ],
+  "Most referenced resource ARNs": [
+    {
+      "key": "organization - arn:${Partition}:workmail:${Region}:${Account}:organization/${ResourceId}",
+      "value": 126
+    },
+    {
+      "key": "userpool - arn:${Partition}:cognito-idp:${Region}:${Account}:userpool/${UserPoolId}",
+      "value": 79
+    },
+    {
+      "key": "repository - arn:${Partition}:codecommit:${Region}:${Account}:${RepositoryName}",
+      "value": 79
+    },
+    {
+      "key": "instance - arn:${Partition}:connect:${Region}:${Account}:instance/${InstanceId}",
+      "value": 74
+    },
+    {
+      "key": "stack - arn:${Partition}:opsworks:${Region}:${Account}:stack/${StackId}/",
+      "value": 66
+    },
+    {
+      "key": "bot - arn:${Partition}:lex:${Region}:${Account}:bot/${BotId}",
+      "value": 66
+    },
+    {
+      "key": "directory - arn:${Partition}:ds:${Region}:${Account}:directory/${DirectoryId}",
+      "value": 63
+    },
+    {
+      "key": "index - arn:${Partition}:kendra:${Region}:${Account}:index/${IndexId}",
+      "value": 63
+    },
+    {
+      "key": "hub - arn:${Partition}:securityhub:${Region}:${Account}:hub/default",
+      "value": 61
+    },
+    {
+      "key": "gateway - arn:${Partition}:storagegateway:${Region}:${Account}:gateway/${GatewayId}",
+      "value": 57
+    }
+  ],
+  "Services with least actions": [
+    {
+      "key": "AWS CloudTrail Data",
+      "value": 1
+    },
+    {
+      "key": "AWS Marketplace Discovery",
+      "value": 1
+    },
+    {
+      "key": "AWS Marketplace Seller Reporting",
+      "value": 1
+    },
+    {
+      "key": "Amazon WorkSpaces Application Manager",
+      "value": 1
+    },
+    {
+      "key": "AmazonMediaImport",
+      "value": 1
+    },
+    {
+      "key": "Amazon VPC Lattice Services",
+      "value": 1
+    },
+    {
+      "key": "AWS Elemental Support Content",
+      "value": 1
+    },
+    {
+      "key": "AWS Microservice Extractor for .NET",
+      "value": 1
+    },
+    {
+      "key": "AWS Sustainability",
+      "value": 1
+    },
+    {
+      "key": "AWS Verified Access",
+      "value": 1
+    }
+  ],
+  "Services with most actions": [
+    {
+      "key": "Amazon EC2",
+      "value": 606
+    },
+    {
+      "key": "Amazon SageMaker",
+      "value": 328
+    },
+    {
+      "key": "Amazon Chime",
+      "value": 303
+    },
+    {
+      "key": "AWS IoT",
+      "value": 266
+    },
+    {
+      "key": "AWS Glue",
+      "value": 211
+    },
+    {
+      "key": "Amazon Connect",
+      "value": 202
+    },
+    {
+      "key": "Amazon QuickSight",
+      "value": 179
+    },
+    {
+      "key": "AWS Identity and Access Management",
+      "value": 170
+    },
+    {
+      "key": "Amazon Lightsail",
+      "value": 159
+    },
+    {
+      "key": "AWS Systems Manager",
+      "value": 148
+    }
+  ],
+  "Shortest action names": [
+    {
+      "key": "dax:Scan",
+      "value": 8
+    },
+    {
+      "key": "ecs:Poll",
+      "value": 8
+    },
+    {
+      "key": "kms:Sign",
+      "value": 8
+    },
+    {
+      "key": "dax:Query",
+      "value": 9
+    },
+    {
+      "key": "logs:Link",
+      "value": 9
+    },
+    {
+      "key": "xray:Link",
+      "value": 9
+    },
+    {
+      "key": "ce:GetTags",
+      "value": 10
+    },
+    {
+      "key": "es:AddTags",
+      "value": 10
+    },
+    {
+      "key": "iq:EndCall",
+      "value": 10
+    },
+    {
+      "key": "iq:GetCall",
+      "value": 10
+    }
+  ],
+  "Shortest condition key names": [
+    {
+      "key": "ec2:Vpc",
+      "value": 7
+    },
+    {
+      "key": "rds:Vpc",
+      "value": 7
+    },
+    {
+      "key": "saml:cn",
+      "value": 7
+    },
+    {
+      "key": "ecs:task",
+      "value": 8
+    },
+    {
+      "key": "saml:aud",
+      "value": 8
+    },
+    {
+      "key": "saml:doc",
+      "value": 8
+    },
+    {
+      "key": "saml:iss",
+      "value": 8
+    },
+    {
+      "key": "saml:sub",
+      "value": 8
+    },
+    {
+      "key": "saml:uid",
+      "value": 8
+    },
+    {
+      "key": "swf:name",
+      "value": 8
+    }
+  ],
+  "Shortest service prefixes": [
+    {
+      "key": "ce",
+      "value": 2
+    },
+    {
+      "key": "ds",
+      "value": 2
+    },
+    {
+      "key": "es",
+      "value": 2
+    },
+    {
+      "key": "iq",
+      "value": 2
+    },
+    {
+      "key": "m2",
+      "value": 2
+    },
+    {
+      "key": "mq",
+      "value": 2
+    },
+    {
+      "key": "pi",
+      "value": 2
+    },
+    {
+      "key": "s3",
+      "value": 2
+    },
+    {
+      "key": "a2c",
+      "value": 3
+    },
+    {
+      "key": "a4b",
+      "value": 3
+    }
+  ],
+  "Summary": [
+    {
+      "key": "Total number of services",
+      "value": 377
+    },
+    {
+      "key": "Average number of actions per service",
+      "value": 39
+    },
+    {
+      "key": "Median number of actions per service",
+      "value": 28
+    },
+    {
+      "key": "Total number of distinct resource ARNS",
+      "value": 1515
+    },
+    {
+      "key": "Total number of distinct condition keys",
+      "value": 774
+    }
+  ]
+}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "aws-iam-data",
-  "version": "0.0.22",
+  "version": "0.0.24",
   "description": "Provides AWS IAM data gathered from the official AWS IAM docs as a convenient npm package that can be used in other OSS projects.",
   "main": "./src/index.js",
   "types": "./src/awsIamData.d.ts",
@@ -10,6 +10,7 @@
     "update-changelog": "ts-node --transpile-only --log-error process/createChangelog.ts",
     "create-erd": "node_modules/.bin/mmdc -i erd.mmd -o docs/erd.png -w 1600",
     "create-tables": "scripts/create_tables.sh",
+    "create-reports": "scripts/create_reports.sh",
     "export-data": "scripts/export_data.sh"
   },
   "repository": {

package/src/index.js CHANGED Viewed

@@ -1,9 +1,11 @@
 const iamData = require('../data/json/iam.json');
 const metadata = require('../data/json/metadata.json');
 const changelog = require('../data/json/changelog.json');
+const reports = require('../data/json/reports.json');
 module.exports = {
   iamData,
   metadata,
   changelog,
+  reports,
 }