aws-iam-data 0.0.220 → 0.0.221

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/data/db/iam.duckdb +0 -0
  2. package/dist/data/json/changelog.json +36 -0
  3. package/dist/data/json/iam.json +445 -19
  4. package/dist/data/json/metadata.json +47 -6
  5. package/dist/data/json/reports.json +9 -9
  6. package/package.json +2 -1
package/data/db/iam.duckdb ADDED
Binary file
package/dist/data/json/changelog.json CHANGED
@@ -10,6 +10,42 @@
10
10
  },
11
11
  "removedActions": {}
12
12
  },
13
+ {
14
+ "dateOfChange": "2024-06-11",
15
+ "addedServices": [
16
+ "AWS Private CA Connector for SCEP"
17
+ ],
18
+ "removedServices": [],
19
+ "addedActions": {
20
+ "Amazon GuardDuty": [
21
+ "guardduty:CreateMalwareProtectionPlan",
22
+ "guardduty:DeleteMalwareProtectionPlan",
23
+ "guardduty:GetMalwareProtectionPlan",
24
+ "guardduty:ListMalwareProtectionPlans",
25
+ "guardduty:UpdateMalwareProtectionPlan"
26
+ ],
27
+ "AWS IAM Access Analyzer": [
28
+ "access-analyzer:CheckNoPublicAccess",
29
+ "access-analyzer:GenerateFindingRecommendation",
30
+ "access-analyzer:GetFindingRecommendation"
31
+ ],
32
+ "AWS Private CA Connector for SCEP": [
33
+ "pca-connector-scep:CreateChallenge",
34
+ "pca-connector-scep:CreateConnector",
35
+ "pca-connector-scep:DeleteChallenge",
36
+ "pca-connector-scep:DeleteConnector",
37
+ "pca-connector-scep:GetChallengeMetadata",
38
+ "pca-connector-scep:GetChallengePassword",
39
+ "pca-connector-scep:GetConnector",
40
+ "pca-connector-scep:ListChallengeMetadata",
41
+ "pca-connector-scep:ListConnectors",
42
+ "pca-connector-scep:ListTagsForResource",
43
+ "pca-connector-scep:TagResource",
44
+ "pca-connector-scep:UntagResource"
45
+ ]
46
+ },
47
+ "removedActions": {}
48
+ },
13
49
  {
14
50
  "dateOfChange": "2024-06-08",
15
51
  "addedServices": [],
package/dist/data/json/iam.json CHANGED
@@ -48358,7 +48358,7 @@
48358
48358
  "actions": [
48359
48359
  {
48360
48360
  "name": "BatchGetServiceLevelObjectiveBudgetReport",
48361
- "apiReferenceUrl": "https://docs.aws.amazon.com/cloudwatchapplicationsignals/latest/APIReference/API_BatchGetServiceLevelObjectiveBudgetReport.html",
48361
+ "apiReferenceUrl": "https://docs.aws.amazon.com/applicationsignals/latest/APIReference/API_BatchGetServiceLevelObjectiveBudgetReport.html",
48362
48362
  "permissionOnly": false,
48363
48363
  "description": "Grants permission to batch retrieve a service level objective budget report",
48364
48364
  "accessLevel": "Read",
@@ -48373,7 +48373,7 @@
48373
48373
  },
48374
48374
  {
48375
48375
  "name": "CreateServiceLevelObjective",
48376
- "apiReferenceUrl": "https://docs.aws.amazon.com/cloudwatchapplicationsignals/latest/APIReference/API_CreateServiceLevelObjective.html",
48376
+ "apiReferenceUrl": "https://docs.aws.amazon.com/applicationsignals/latest/APIReference/API_CreateServiceLevelObjective.html",
48377
48377
  "permissionOnly": false,
48378
48378
  "description": "Grants permission to create a service level objective",
48379
48379
  "accessLevel": "Write",
@@ -48391,7 +48391,7 @@
48391
48391
  },
48392
48392
  {
48393
48393
  "name": "DeleteServiceLevelObjective",
48394
- "apiReferenceUrl": "https://docs.aws.amazon.com/cloudwatchapplicationsignals/latest/APIReference/API_DeleteServiceLevelObjective.html",
48394
+ "apiReferenceUrl": "https://docs.aws.amazon.com/applicationsignals/latest/APIReference/API_DeleteServiceLevelObjective.html",
48395
48395
  "permissionOnly": false,
48396
48396
  "description": "Grants permission to delete a service level objective",
48397
48397
  "accessLevel": "Write",
@@ -48406,7 +48406,7 @@
48406
48406
  },
48407
48407
  {
48408
48408
  "name": "GetService",
48409
- "apiReferenceUrl": "https://docs.aws.amazon.com/cloudwatchapplicationsignals/latest/APIReference/API_GetService.html",
48409
+ "apiReferenceUrl": "https://docs.aws.amazon.com/applicationsignals/latest/APIReference/API_GetService.html",
48410
48410
  "permissionOnly": false,
48411
48411
  "description": "Grants permission to retrieve information about a service",
48412
48412
  "accessLevel": "Read",
@@ -48421,7 +48421,7 @@
48421
48421
  },
48422
48422
  {
48423
48423
  "name": "GetServiceLevelObjective",
48424
- "apiReferenceUrl": "https://docs.aws.amazon.com/cloudwatchapplicationsignals/latest/APIReference/API_GetServiceLevelObjective.html",
48424
+ "apiReferenceUrl": "https://docs.aws.amazon.com/applicationsignals/latest/APIReference/API_GetServiceLevelObjective.html",
48425
48425
  "permissionOnly": false,
48426
48426
  "description": "Grants permission to retrieve information about service level objective",
48427
48427
  "accessLevel": "Read",
@@ -48436,7 +48436,7 @@
48436
48436
  },
48437
48437
  {
48438
48438
  "name": "ListServiceDependencies",
48439
- "apiReferenceUrl": "https://docs.aws.amazon.com/cloudwatchapplicationsignals/latest/APIReference/API_ListServiceDependencies.html",
48439
+ "apiReferenceUrl": "https://docs.aws.amazon.com/applicationsignals/latest/APIReference/API_ListServiceDependencies.html",
48440
48440
  "permissionOnly": false,
48441
48441
  "description": "Grants permission to list service dependencies",
48442
48442
  "accessLevel": "Read",
@@ -48451,7 +48451,7 @@
48451
48451
  },
48452
48452
  {
48453
48453
  "name": "ListServiceDependents",
48454
- "apiReferenceUrl": "https://docs.aws.amazon.com/cloudwatchapplicationsignals/latest/APIReference/API_ListServiceDependents.html",
48454
+ "apiReferenceUrl": "https://docs.aws.amazon.com/applicationsignals/latest/APIReference/API_ListServiceDependents.html",
48455
48455
  "permissionOnly": false,
48456
48456
  "description": "Grants permission to list service dependents",
48457
48457
  "accessLevel": "Read",
@@ -48466,7 +48466,7 @@
48466
48466
  },
48467
48467
  {
48468
48468
  "name": "ListServiceLevelObjectives",
48469
- "apiReferenceUrl": "https://docs.aws.amazon.com/cloudwatchapplicationsignals/latest/APIReference/API_ListServiceLevelObjectives.html",
48469
+ "apiReferenceUrl": "https://docs.aws.amazon.com/applicationsignals/latest/APIReference/API_ListServiceLevelObjectives.html",
48470
48470
  "permissionOnly": false,
48471
48471
  "description": "Grants permission to list service level objectives",
48472
48472
  "accessLevel": "List",
@@ -48481,7 +48481,7 @@
48481
48481
  },
48482
48482
  {
48483
48483
  "name": "ListServiceOperations",
48484
- "apiReferenceUrl": "https://docs.aws.amazon.com/cloudwatchapplicationsignals/latest/APIReference/API_ListServiceOperations.html",
48484
+ "apiReferenceUrl": "https://docs.aws.amazon.com/applicationsignals/latest/APIReference/API_ListServiceOperations.html",
48485
48485
  "permissionOnly": false,
48486
48486
  "description": "Grants permission to list service operations",
48487
48487
  "accessLevel": "Read",
@@ -48496,7 +48496,7 @@
48496
48496
  },
48497
48497
  {
48498
48498
  "name": "ListServices",
48499
- "apiReferenceUrl": "https://docs.aws.amazon.com/cloudwatchapplicationsignals/latest/APIReference/API_ListServices.html",
48499
+ "apiReferenceUrl": "https://docs.aws.amazon.com/applicationsignals/latest/APIReference/API_ListServices.html",
48500
48500
  "permissionOnly": false,
48501
48501
  "description": "Grants permission to list services",
48502
48502
  "accessLevel": "List",
@@ -48511,7 +48511,7 @@
48511
48511
  },
48512
48512
  {
48513
48513
  "name": "ListTagsForResource",
48514
- "apiReferenceUrl": "https://docs.aws.amazon.com/cloudwatchapplicationsignals/latest/APIReference/API_ListTagsForResource.html",
48514
+ "apiReferenceUrl": "https://docs.aws.amazon.com/applicationsignals/latest/APIReference/API_ListTagsForResource.html",
48515
48515
  "permissionOnly": false,
48516
48516
  "description": "Grants permission to list tags for an Amazon CloudWatch SLO",
48517
48517
  "accessLevel": "Read",
@@ -48526,7 +48526,7 @@
48526
48526
  },
48527
48527
  {
48528
48528
  "name": "StartDiscovery",
48529
- "apiReferenceUrl": "https://docs.aws.amazon.com/cloudwatchapplicationsignals/latest/APIReference/API_StartDiscovery.html",
48529
+ "apiReferenceUrl": "https://docs.aws.amazon.com/applicationsignals/latest/APIReference/API_StartDiscovery.html",
48530
48530
  "permissionOnly": false,
48531
48531
  "description": "Grants permission to enable CloudWatch discovery",
48532
48532
  "accessLevel": "Write",
@@ -48541,7 +48541,7 @@
48541
48541
  },
48542
48542
  {
48543
48543
  "name": "TagResource",
48544
- "apiReferenceUrl": "https://docs.aws.amazon.com/cloudwatchapplicationsignals/latest/APIReference/API_TagResource.html",
48544
+ "apiReferenceUrl": "https://docs.aws.amazon.com/applicationsignals/latest/APIReference/API_TagResource.html",
48545
48545
  "permissionOnly": false,
48546
48546
  "description": "Grants permission to add tags to an Amazon CloudWatch SLO",
48547
48547
  "accessLevel": "Tagging",
@@ -48565,7 +48565,7 @@
48565
48565
  },
48566
48566
  {
48567
48567
  "name": "UntagResource",
48568
- "apiReferenceUrl": "https://docs.aws.amazon.com/cloudwatchapplicationsignals/latest/APIReference/API_UntagResource.html",
48568
+ "apiReferenceUrl": "https://docs.aws.amazon.com/applicationsignals/latest/APIReference/API_UntagResource.html",
48569
48569
  "permissionOnly": false,
48570
48570
  "description": "Grants permission to untag to an Amazon CloudWatch SLO",
48571
48571
  "accessLevel": "Tagging",
@@ -48588,7 +48588,7 @@
48588
48588
  },
48589
48589
  {
48590
48590
  "name": "UpdateServiceLevelObjective",
48591
- "apiReferenceUrl": "https://docs.aws.amazon.com/cloudwatchapplicationsignals/latest/APIReference/API_UpdateServiceLevelObjective.html",
48591
+ "apiReferenceUrl": "https://docs.aws.amazon.com/applicationsignals/latest/APIReference/API_UpdateServiceLevelObjective.html",
48592
48592
  "permissionOnly": false,
48593
48593
  "description": "Grants permission to update a service level objective",
48594
48594
  "accessLevel": "Write",
@@ -129630,7 +129630,8 @@
129630
129630
  "conditionKeys": [
129631
129631
  "aws:RequestTag/${TagKey}",
129632
129632
  "aws:TagKeys",
129633
- "ecs:capacity-provider"
129633
+ "ecs:capacity-provider",
129634
+ "ecs:fargate-ephemeral-storage-kms-key"
129634
129635
  ],
129635
129636
  "dependentActions": []
129636
129637
  }
@@ -130498,7 +130499,9 @@
130498
130499
  "resourceType": "task-definition",
130499
130500
  "required": true,
130500
130501
  "conditionKeys": [],
130501
- "dependentActions": []
130502
+ "dependentActions": [
130503
+ "iam:PassRole"
130504
+ ]
130502
130505
  },
130503
130506
  {
130504
130507
  "resourceType": "",
@@ -130527,7 +130530,9 @@
130527
130530
  "resourceType": "task-definition",
130528
130531
  "required": true,
130529
130532
  "conditionKeys": [],
130530
- "dependentActions": []
130533
+ "dependentActions": [
130534
+ "iam:PassRole"
130535
+ ]
130531
130536
  },
130532
130537
  {
130533
130538
  "resourceType": "",
@@ -130823,7 +130828,8 @@
130823
130828
  "resourceType": "",
130824
130829
  "required": false,
130825
130830
  "conditionKeys": [
130826
- "aws:ResourceTag/${TagKey}"
130831
+ "aws:ResourceTag/${TagKey}",
130832
+ "ecs:fargate-ephemeral-storage-kms-key"
130827
130833
  ],
130828
130834
  "dependentActions": []
130829
130835
  }
@@ -131148,6 +131154,12 @@
131148
131154
  "description": "Filters access by the enable field value in the Service Connect configuration",
131149
131155
  "type": "String"
131150
131156
  },
131157
+ {
131158
+ "name": "ecs:fargate-ephemeral-storage-kms-key",
131159
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys",
131160
+ "description": "Filters access by the AWS KMS key id provided in the request",
131161
+ "type": "String"
131162
+ },
131151
131163
  {
131152
131164
  "name": "ecs:namespace",
131153
131165
  "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys",
@@ -169779,6 +169791,24 @@
169779
169791
  }
169780
169792
  ]
169781
169793
  },
169794
+ {
169795
+ "name": "CreateMalwareProtectionPlan",
169796
+ "apiReferenceUrl": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMalwareProtectionPlan.html",
169797
+ "permissionOnly": false,
169798
+ "description": "Grants permission to create a new Malware Protection plan",
169799
+ "accessLevel": "Write",
169800
+ "resourceTypes": [
169801
+ {
169802
+ "resourceType": "",
169803
+ "required": false,
169804
+ "conditionKeys": [
169805
+ "aws:RequestTag/${TagKey}",
169806
+ "aws:TagKeys"
169807
+ ],
169808
+ "dependentActions": []
169809
+ }
169810
+ ]
169811
+ },
169782
169812
  {
169783
169813
  "name": "CreateMembers",
169784
169814
  "apiReferenceUrl": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html",
@@ -169920,6 +169950,21 @@
169920
169950
  }
169921
169951
  ]
169922
169952
  },
169953
+ {
169954
+ "name": "DeleteMalwareProtectionPlan",
169955
+ "apiReferenceUrl": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMalwareProtectionPlan.html",
169956
+ "permissionOnly": false,
169957
+ "description": "Grants permission to delete a Malware Protection plan",
169958
+ "accessLevel": "Write",
169959
+ "resourceTypes": [
169960
+ {
169961
+ "resourceType": "malwareprotectionplan",
169962
+ "required": true,
169963
+ "conditionKeys": [],
169964
+ "dependentActions": []
169965
+ }
169966
+ ]
169967
+ },
169923
169968
  {
169924
169969
  "name": "DeleteMembers",
169925
169970
  "apiReferenceUrl": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html",
@@ -170205,6 +170250,21 @@
170205
170250
  }
170206
170251
  ]
170207
170252
  },
170253
+ {
170254
+ "name": "GetMalwareProtectionPlan",
170255
+ "apiReferenceUrl": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMalwareProtectionPlan.html",
170256
+ "permissionOnly": false,
170257
+ "description": "Grants permission to retrieve a Malware Protection plan details",
170258
+ "accessLevel": "Read",
170259
+ "resourceTypes": [
170260
+ {
170261
+ "resourceType": "malwareprotectionplan",
170262
+ "required": true,
170263
+ "conditionKeys": [],
170264
+ "dependentActions": []
170265
+ }
170266
+ ]
170267
+ },
170208
170268
  {
170209
170269
  "name": "GetMalwareScanSettings",
170210
170270
  "apiReferenceUrl": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMalwareScanSettings.html",
@@ -170430,6 +170490,21 @@
170430
170490
  }
170431
170491
  ]
170432
170492
  },
170493
+ {
170494
+ "name": "ListMalwareProtectionPlans",
170495
+ "apiReferenceUrl": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListMalwareProtectionPlans.html",
170496
+ "permissionOnly": false,
170497
+ "description": "Grants permission to retrieve a list of Malware Protection plans",
170498
+ "accessLevel": "List",
170499
+ "resourceTypes": [
170500
+ {
170501
+ "resourceType": "",
170502
+ "required": false,
170503
+ "conditionKeys": [],
170504
+ "dependentActions": []
170505
+ }
170506
+ ]
170507
+ },
170433
170508
  {
170434
170509
  "name": "ListMembers",
170435
170510
  "apiReferenceUrl": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListMembers.html",
@@ -170500,6 +170575,12 @@
170500
170575
  "conditionKeys": [],
170501
170576
  "dependentActions": []
170502
170577
  },
170578
+ {
170579
+ "resourceType": "malwareprotectionplan",
170580
+ "required": false,
170581
+ "conditionKeys": [],
170582
+ "dependentActions": []
170583
+ },
170503
170584
  {
170504
170585
  "resourceType": "threatintelset",
170505
170586
  "required": false,
@@ -170608,6 +170689,12 @@
170608
170689
  "conditionKeys": [],
170609
170690
  "dependentActions": []
170610
170691
  },
170692
+ {
170693
+ "resourceType": "malwareprotectionplan",
170694
+ "required": false,
170695
+ "conditionKeys": [],
170696
+ "dependentActions": []
170697
+ },
170611
170698
  {
170612
170699
  "resourceType": "threatintelset",
170613
170700
  "required": false,
@@ -170665,6 +170752,12 @@
170665
170752
  "conditionKeys": [],
170666
170753
  "dependentActions": []
170667
170754
  },
170755
+ {
170756
+ "resourceType": "malwareprotectionplan",
170757
+ "required": false,
170758
+ "conditionKeys": [],
170759
+ "dependentActions": []
170760
+ },
170668
170761
  {
170669
170762
  "resourceType": "threatintelset",
170670
170763
  "required": false,
@@ -170744,6 +170837,21 @@
170744
170837
  }
170745
170838
  ]
170746
170839
  },
170840
+ {
170841
+ "name": "UpdateMalwareProtectionPlan",
170842
+ "apiReferenceUrl": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateMalwareProtectionPlan.html",
170843
+ "permissionOnly": false,
170844
+ "description": "Grants permission to update the Malware Protection plan",
170845
+ "accessLevel": "Write",
170846
+ "resourceTypes": [
170847
+ {
170848
+ "resourceType": "malwareprotectionplan",
170849
+ "required": true,
170850
+ "conditionKeys": [],
170851
+ "dependentActions": []
170852
+ }
170853
+ ]
170854
+ },
170747
170855
  {
170748
170856
  "name": "UpdateMalwareScanSettings",
170749
170857
  "apiReferenceUrl": "https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateMalwareScanSettings.html",
@@ -170864,6 +170972,14 @@
170864
170972
  "apiReferenceUrl": "https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_managing_access.html#guardduty-resources",
170865
170973
  "arnPattern": "arn:${Partition}:guardduty:${Region}:${Account}:detector/${DetectorId}/publishingDestination/${PublishingDestinationId}",
170866
170974
  "conditionKeys": []
170975
+ },
170976
+ {
170977
+ "name": "malwareprotectionplan",
170978
+ "apiReferenceUrl": "https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_managing_access.html#guardduty-resources",
170979
+ "arnPattern": "arn:${Partition}:guardduty:${Region}:${Account}:malware-protection-plan/${MalwareProtectionPlanId}",
170980
+ "conditionKeys": [
170981
+ "aws:ResourceTag/${TagKey}"
170982
+ ]
170867
170983
  }
170868
170984
  ],
170869
170985
  "conditionKeys": [
@@ -174499,6 +174615,21 @@
174499
174615
  }
174500
174616
  ]
174501
174617
  },
174618
+ {
174619
+ "name": "CheckNoPublicAccess",
174620
+ "apiReferenceUrl": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_CheckNoPublicAccess.html",
174621
+ "permissionOnly": false,
174622
+ "description": "Grants permission to check that public access is not allowed by a resource policy",
174623
+ "accessLevel": "Read",
174624
+ "resourceTypes": [
174625
+ {
174626
+ "resourceType": "",
174627
+ "required": false,
174628
+ "conditionKeys": [],
174629
+ "dependentActions": []
174630
+ }
174631
+ ]
174632
+ },
174502
174633
  {
174503
174634
  "name": "CreateAccessPreview",
174504
174635
  "apiReferenceUrl": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_CreateAccessPreview.html",
@@ -174585,6 +174716,21 @@
174585
174716
  }
174586
174717
  ]
174587
174718
  },
174719
+ {
174720
+ "name": "GenerateFindingRecommendation",
174721
+ "apiReferenceUrl": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_GenerateFindingRecommendation.html",
174722
+ "permissionOnly": false,
174723
+ "description": "Grants permission to generate recommendation steps to resolve a finding",
174724
+ "accessLevel": "Write",
174725
+ "resourceTypes": [
174726
+ {
174727
+ "resourceType": "Analyzer",
174728
+ "required": true,
174729
+ "conditionKeys": [],
174730
+ "dependentActions": []
174731
+ }
174732
+ ]
174733
+ },
174588
174734
  {
174589
174735
  "name": "GetAccessPreview",
174590
174736
  "apiReferenceUrl": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_GetAccessPreview.html",
@@ -174669,6 +174815,21 @@
174669
174815
  }
174670
174816
  ]
174671
174817
  },
174818
+ {
174819
+ "name": "GetFindingRecommendation",
174820
+ "apiReferenceUrl": "https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_GetFindingRecommendation.html",
174821
+ "permissionOnly": false,
174822
+ "description": "Grants permission to retrieve recommendation steps to resolve a finding",
174823
+ "accessLevel": "Read",
174824
+ "resourceTypes": [
174825
+ {
174826
+ "resourceType": "Analyzer",
174827
+ "required": true,
174828
+ "conditionKeys": [],
174829
+ "dependentActions": []
174830
+ }
174831
+ ]
174832
+ },
174672
174833
  {
174673
174834
  "name": "GetFindingsStatistics",
174674
174835
  "apiReferenceUrl": "https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#access-analyzer-permissions",
@@ -257898,6 +258059,271 @@
257898
258059
  }
257899
258060
  ]
257900
258061
  },
258062
+ {
258063
+ "name": "AWS Private CA Connector for SCEP",
258064
+ "authReferenceUrl": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsprivatecaconnectorforscep.html",
258065
+ "servicePrefix": "pca-connector-scep",
258066
+ "actions": [
258067
+ {
258068
+ "name": "CreateChallenge",
258069
+ "apiReferenceUrl": "https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_CreateChallenge.html",
258070
+ "permissionOnly": false,
258071
+ "description": "Grants permission to create a Challenge for a Connector",
258072
+ "accessLevel": "Write",
258073
+ "resourceTypes": [
258074
+ {
258075
+ "resourceType": "",
258076
+ "required": false,
258077
+ "conditionKeys": [
258078
+ "aws:RequestTag/${TagKey}",
258079
+ "aws:TagKeys"
258080
+ ],
258081
+ "dependentActions": []
258082
+ }
258083
+ ]
258084
+ },
258085
+ {
258086
+ "name": "CreateConnector",
258087
+ "apiReferenceUrl": "https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_CreateConnector.html",
258088
+ "permissionOnly": false,
258089
+ "description": "Grants permission to create a SCEP Connector in your account",
258090
+ "accessLevel": "Write",
258091
+ "resourceTypes": [
258092
+ {
258093
+ "resourceType": "",
258094
+ "required": false,
258095
+ "conditionKeys": [
258096
+ "aws:RequestTag/${TagKey}",
258097
+ "aws:TagKeys"
258098
+ ],
258099
+ "dependentActions": [
258100
+ "acm-pca:DescribeCertificateAuthority",
258101
+ "acm-pca:GetCertificate",
258102
+ "acm-pca:GetCertificateAuthorityCertificate",
258103
+ "acm-pca:IssueCertificate"
258104
+ ]
258105
+ }
258106
+ ]
258107
+ },
258108
+ {
258109
+ "name": "DeleteChallenge",
258110
+ "apiReferenceUrl": "https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_DeleteChallenge.html",
258111
+ "permissionOnly": false,
258112
+ "description": "Grants permission to delete a Challenge for a Connector",
258113
+ "accessLevel": "Write",
258114
+ "resourceTypes": [
258115
+ {
258116
+ "resourceType": "Challenge",
258117
+ "required": true,
258118
+ "conditionKeys": [],
258119
+ "dependentActions": []
258120
+ }
258121
+ ]
258122
+ },
258123
+ {
258124
+ "name": "DeleteConnector",
258125
+ "apiReferenceUrl": "https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_DeleteConnector.html",
258126
+ "permissionOnly": false,
258127
+ "description": "Grants permission to delete a SCEP Connector in your account",
258128
+ "accessLevel": "Write",
258129
+ "resourceTypes": [
258130
+ {
258131
+ "resourceType": "Connector",
258132
+ "required": true,
258133
+ "conditionKeys": [],
258134
+ "dependentActions": []
258135
+ }
258136
+ ]
258137
+ },
258138
+ {
258139
+ "name": "GetChallengeMetadata",
258140
+ "apiReferenceUrl": "https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_GetChallengeMetadata.html",
258141
+ "permissionOnly": false,
258142
+ "description": "Grants permission to get a Challenge for a Connector",
258143
+ "accessLevel": "Read",
258144
+ "resourceTypes": [
258145
+ {
258146
+ "resourceType": "Challenge",
258147
+ "required": true,
258148
+ "conditionKeys": [],
258149
+ "dependentActions": []
258150
+ }
258151
+ ]
258152
+ },
258153
+ {
258154
+ "name": "GetChallengePassword",
258155
+ "apiReferenceUrl": "https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_GetChallengePassword.html",
258156
+ "permissionOnly": false,
258157
+ "description": "Grants permission to get a Challenge password for a Connector",
258158
+ "accessLevel": "Read",
258159
+ "resourceTypes": [
258160
+ {
258161
+ "resourceType": "Challenge",
258162
+ "required": true,
258163
+ "conditionKeys": [],
258164
+ "dependentActions": []
258165
+ }
258166
+ ]
258167
+ },
258168
+ {
258169
+ "name": "GetConnector",
258170
+ "apiReferenceUrl": "https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_GetConnector.html",
258171
+ "permissionOnly": false,
258172
+ "description": "Grants permission to get a SCEP Connector in your account",
258173
+ "accessLevel": "Read",
258174
+ "resourceTypes": [
258175
+ {
258176
+ "resourceType": "Connector",
258177
+ "required": true,
258178
+ "conditionKeys": [],
258179
+ "dependentActions": []
258180
+ }
258181
+ ]
258182
+ },
258183
+ {
258184
+ "name": "ListChallengeMetadata",
258185
+ "apiReferenceUrl": "https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_ListChallengeMetadata.html",
258186
+ "permissionOnly": false,
258187
+ "description": "Grants permission to list Challenges for a Connector",
258188
+ "accessLevel": "List",
258189
+ "resourceTypes": [
258190
+ {
258191
+ "resourceType": "",
258192
+ "required": false,
258193
+ "conditionKeys": [],
258194
+ "dependentActions": []
258195
+ }
258196
+ ]
258197
+ },
258198
+ {
258199
+ "name": "ListConnectors",
258200
+ "apiReferenceUrl": "https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_ListConnectors.html",
258201
+ "permissionOnly": false,
258202
+ "description": "Grants permission to list the SCEP Connectors in your account",
258203
+ "accessLevel": "List",
258204
+ "resourceTypes": [
258205
+ {
258206
+ "resourceType": "",
258207
+ "required": false,
258208
+ "conditionKeys": [],
258209
+ "dependentActions": []
258210
+ }
258211
+ ]
258212
+ },
258213
+ {
258214
+ "name": "ListTagsForResource",
258215
+ "apiReferenceUrl": "https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_ListTagsForResource.html",
258216
+ "permissionOnly": false,
258217
+ "description": "Grants permission to list the tags for a pca-connector-scep resource in your account",
258218
+ "accessLevel": "Read",
258219
+ "resourceTypes": [
258220
+ {
258221
+ "resourceType": "",
258222
+ "required": false,
258223
+ "conditionKeys": [],
258224
+ "dependentActions": []
258225
+ }
258226
+ ]
258227
+ },
258228
+ {
258229
+ "name": "TagResource",
258230
+ "apiReferenceUrl": "https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_TagResource.html",
258231
+ "permissionOnly": false,
258232
+ "description": "Grants permission to tag a pca-connector-scep resource in your account",
258233
+ "accessLevel": "Tagging",
258234
+ "resourceTypes": [
258235
+ {
258236
+ "resourceType": "Challenge",
258237
+ "required": false,
258238
+ "conditionKeys": [],
258239
+ "dependentActions": []
258240
+ },
258241
+ {
258242
+ "resourceType": "Connector",
258243
+ "required": false,
258244
+ "conditionKeys": [],
258245
+ "dependentActions": []
258246
+ },
258247
+ {
258248
+ "resourceType": "",
258249
+ "required": false,
258250
+ "conditionKeys": [
258251
+ "aws:RequestTag/${TagKey}",
258252
+ "aws:TagKeys"
258253
+ ],
258254
+ "dependentActions": []
258255
+ }
258256
+ ]
258257
+ },
258258
+ {
258259
+ "name": "UntagResource",
258260
+ "apiReferenceUrl": "https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_UntagResource.html",
258261
+ "permissionOnly": false,
258262
+ "description": "Grants permission to untag a pca-connector-scep resource in your account",
258263
+ "accessLevel": "Tagging",
258264
+ "resourceTypes": [
258265
+ {
258266
+ "resourceType": "Challenge",
258267
+ "required": false,
258268
+ "conditionKeys": [],
258269
+ "dependentActions": []
258270
+ },
258271
+ {
258272
+ "resourceType": "Connector",
258273
+ "required": false,
258274
+ "conditionKeys": [],
258275
+ "dependentActions": []
258276
+ },
258277
+ {
258278
+ "resourceType": "",
258279
+ "required": false,
258280
+ "conditionKeys": [
258281
+ "aws:TagKeys"
258282
+ ],
258283
+ "dependentActions": []
258284
+ }
258285
+ ]
258286
+ }
258287
+ ],
258288
+ "resourceTypes": [
258289
+ {
258290
+ "name": "Challenge",
258291
+ "apiReferenceUrl": "https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_Challenge.html",
258292
+ "arnPattern": "arn:${Partition}:pca-connector-scep:${Region}:${Account}:connector/${ConnectorId}/challenge/${ChallengeId}",
258293
+ "conditionKeys": [
258294
+ "aws:ResourceTag/${TagKey}"
258295
+ ]
258296
+ },
258297
+ {
258298
+ "name": "Connector",
258299
+ "apiReferenceUrl": "https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_Connector.html",
258300
+ "arnPattern": "arn:${Partition}:pca-connector-scep:${Region}:${Account}:connector/${ConnectorId}",
258301
+ "conditionKeys": [
258302
+ "aws:ResourceTag/${TagKey}"
258303
+ ]
258304
+ }
258305
+ ],
258306
+ "conditionKeys": [
258307
+ {
258308
+ "name": "aws:RequestTag/${TagKey}",
258309
+ "apiReferenceUrl": "https://docs.aws.amazon.com/privateca/latest/userguide/connector-for-scep.htmlreference_policies_iam-condition-keys.html#condition-keys-requesttag",
258310
+ "description": "Filters access by the tags that are passed in the request",
258311
+ "type": "String"
258312
+ },
258313
+ {
258314
+ "name": "aws:ResourceTag/${TagKey}",
258315
+ "apiReferenceUrl": "https://docs.aws.amazon.com/privateca/latest/userguide/connector-for-scep.htmlreference_policies_iam-condition-keys.html#condition-keys-resourcetag",
258316
+ "description": "Filters access by the tags associated with the resource",
258317
+ "type": "String"
258318
+ },
258319
+ {
258320
+ "name": "aws:TagKeys",
258321
+ "apiReferenceUrl": "https://docs.aws.amazon.com/privateca/latest/userguide/connector-for-scep.htmlreference_policies_iam-condition-keys.html#condition-keys-tagkeys",
258322
+ "description": "Filters access by the tag keys that are passed in the request",
258323
+ "type": "ArrayOfString"
258324
+ }
258325
+ ]
258326
+ },
257901
258327
  {
257902
258328
  "name": "AWS Private Certificate Authority",
257903
258329
  "authReferenceUrl": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsprivatecertificateauthority.html",
package/dist/data/json/metadata.json CHANGED
@@ -1,5 +1,5 @@
1
1
  {
2
- "serviceCount": 415,
2
+ "serviceCount": 416,
3
3
  "services": [
4
4
  {
5
5
  "name": "AWS Account Management",
@@ -9117,7 +9117,7 @@
9117
9117
  "capacity-provider",
9118
9118
  "task-set"
9119
9119
  ],
9120
- "conditionKeysCount": 17,
9120
+ "conditionKeysCount": 18,
9121
9121
  "conditionKeys": [
9122
9122
  "aws:RequestTag/${TagKey}",
9123
9123
  "aws:ResourceTag/${TagKey}",
@@ -9132,6 +9132,7 @@
9132
9132
  "ecs:enable-ebs-volumes",
9133
9133
  "ecs:enable-execute-command",
9134
9134
  "ecs:enable-service-connect",
9135
+ "ecs:fargate-ephemeral-storage-kms-key",
9135
9136
  "ecs:namespace",
9136
9137
  "ecs:service",
9137
9138
  "ecs:task",
@@ -11947,7 +11948,7 @@
11947
11948
  "name": "Amazon GuardDuty",
11948
11949
  "servicePrefix": "guardduty",
11949
11950
  "authReferenceUrl": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonguardduty.html",
11950
- "actionsCount": 70,
11951
+ "actionsCount": 75,
11951
11952
  "actions": [
11952
11953
  "AcceptAdministratorInvitation",
11953
11954
  "AcceptInvitation",
@@ -11955,6 +11956,7 @@
11955
11956
  "CreateDetector",
11956
11957
  "CreateFilter",
11957
11958
  "CreateIPSet",
11959
+ "CreateMalwareProtectionPlan",
11958
11960
  "CreateMembers",
11959
11961
  "CreatePublishingDestination",
11960
11962
  "CreateSampleFindings",
@@ -11964,6 +11966,7 @@
11964
11966
  "DeleteFilter",
11965
11967
  "DeleteIPSet",
11966
11968
  "DeleteInvitations",
11969
+ "DeleteMalwareProtectionPlan",
11967
11970
  "DeleteMembers",
11968
11971
  "DeletePublishingDestination",
11969
11972
  "DeleteThreatIntelSet",
@@ -11983,6 +11986,7 @@
11983
11986
  "GetFindingsStatistics",
11984
11987
  "GetIPSet",
11985
11988
  "GetInvitationsCount",
11989
+ "GetMalwareProtectionPlan",
11986
11990
  "GetMalwareScanSettings",
11987
11991
  "GetMasterAccount",
11988
11992
  "GetMemberDetectors",
@@ -11998,6 +12002,7 @@
11998
12002
  "ListFindings",
11999
12003
  "ListIPSets",
12000
12004
  "ListInvitations",
12005
+ "ListMalwareProtectionPlans",
12001
12006
  "ListMembers",
12002
12007
  "ListOrganizationAdminAccounts",
12003
12008
  "ListPublishingDestinations",
@@ -12014,19 +12019,21 @@
12014
12019
  "UpdateFilter",
12015
12020
  "UpdateFindingsFeedback",
12016
12021
  "UpdateIPSet",
12022
+ "UpdateMalwareProtectionPlan",
12017
12023
  "UpdateMalwareScanSettings",
12018
12024
  "UpdateMemberDetectors",
12019
12025
  "UpdateOrganizationConfiguration",
12020
12026
  "UpdatePublishingDestination",
12021
12027
  "UpdateThreatIntelSet"
12022
12028
  ],
12023
- "resourceTypesCount": 5,
12029
+ "resourceTypesCount": 6,
12024
12030
  "resourceTypes": [
12025
12031
  "detector",
12026
12032
  "filter",
12027
12033
  "ipset",
12028
12034
  "threatintelset",
12029
- "publishingDestination"
12035
+ "publishingDestination",
12036
+ "malwareprotectionplan"
12030
12037
  ],
12031
12038
  "conditionKeysCount": 3,
12032
12039
  "conditionKeys": [
@@ -12352,22 +12359,25 @@
12352
12359
  "name": "AWS IAM Access Analyzer",
12353
12360
  "servicePrefix": "access-analyzer",
12354
12361
  "authReferenceUrl": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiamaccessanalyzer.html",
12355
- "actionsCount": 31,
12362
+ "actionsCount": 34,
12356
12363
  "actions": [
12357
12364
  "ApplyArchiveRule",
12358
12365
  "CancelPolicyGeneration",
12359
12366
  "CheckAccessNotGranted",
12360
12367
  "CheckNoNewAccess",
12368
+ "CheckNoPublicAccess",
12361
12369
  "CreateAccessPreview",
12362
12370
  "CreateAnalyzer",
12363
12371
  "CreateArchiveRule",
12364
12372
  "DeleteAnalyzer",
12365
12373
  "DeleteArchiveRule",
12374
+ "GenerateFindingRecommendation",
12366
12375
  "GetAccessPreview",
12367
12376
  "GetAnalyzedResource",
12368
12377
  "GetAnalyzer",
12369
12378
  "GetArchiveRule",
12370
12379
  "GetFinding",
12380
+ "GetFindingRecommendation",
12371
12381
  "GetFindingsStatistics",
12372
12382
  "GetGeneratedPolicy",
12373
12383
  "ListAccessPreviewFindings",
@@ -18988,6 +18998,37 @@
18988
18998
  "aws:TagKeys"
18989
18999
  ]
18990
19000
  },
19001
+ {
19002
+ "name": "AWS Private CA Connector for SCEP",
19003
+ "servicePrefix": "pca-connector-scep",
19004
+ "authReferenceUrl": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsprivatecaconnectorforscep.html",
19005
+ "actionsCount": 12,
19006
+ "actions": [
19007
+ "CreateChallenge",
19008
+ "CreateConnector",
19009
+ "DeleteChallenge",
19010
+ "DeleteConnector",
19011
+ "GetChallengeMetadata",
19012
+ "GetChallengePassword",
19013
+ "GetConnector",
19014
+ "ListChallengeMetadata",
19015
+ "ListConnectors",
19016
+ "ListTagsForResource",
19017
+ "TagResource",
19018
+ "UntagResource"
19019
+ ],
19020
+ "resourceTypesCount": 2,
19021
+ "resourceTypes": [
19022
+ "Challenge",
19023
+ "Connector"
19024
+ ],
19025
+ "conditionKeysCount": 3,
19026
+ "conditionKeys": [
19027
+ "aws:RequestTag/${TagKey}",
19028
+ "aws:ResourceTag/${TagKey}",
19029
+ "aws:TagKeys"
19030
+ ]
19031
+ },
18991
19032
  {
18992
19033
  "name": "AWS Private Certificate Authority",
18993
19034
  "servicePrefix": "acm-pca",
package/dist/data/json/reports.json CHANGED
@@ -1,20 +1,20 @@
1
1
  {
2
2
  "Actions by type": [
3
- {
4
- "key": "Write Actions",
5
- "value": 9325
6
- },
7
3
  {
8
4
  "key": "Read Actions",
9
- "value": 4538
5
+ "value": 4545
10
6
  },
11
7
  {
12
8
  "key": "List Actions",
13
- "value": 2741
9
+ "value": 2744
14
10
  },
15
11
  {
16
12
  "key": "Permissions Actions",
17
13
  "value": 289
14
+ },
15
+ {
16
+ "key": "Write Actions",
17
+ "value": 9335
18
18
  }
19
19
  ],
20
20
  "Longest action names": [
@@ -398,7 +398,7 @@
398
398
  "Summary": [
399
399
  {
400
400
  "key": "Total number of services",
401
- "value": 415
401
+ "value": 416
402
402
  },
403
403
  {
404
404
  "key": "Average number of actions per service",
@@ -410,11 +410,11 @@
410
410
  },
411
411
  {
412
412
  "key": "Total number of distinct resource ARNS",
413
- "value": 1727
413
+ "value": 1730
414
414
  },
415
415
  {
416
416
  "key": "Total number of distinct condition keys",
417
- "value": 919
417
+ "value": 920
418
418
  }
419
419
  ]
420
420
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "aws-iam-data",
3
- "version": "0.0.220",
3
+ "version": "0.0.221",
4
4
  "description": "Provides AWS IAM data gathered from the official AWS IAM docs as a convenient npm package that can be used in other OSS projects.",
5
5
  "main": "./dist/index.js",
6
6
  "types": "./dist/index.d.ts",
@@ -14,6 +14,7 @@
14
14
  "create-erd": "node_modules/.bin/mmdc -i erd.mmd -o docs/erd.png -w 1600",
15
15
  "create-tables": "scripts/create_tables.sh",
16
16
  "create-reports": "scripts/create_reports.sh",
17
+ "copy-database": "scripts/copy_database.sh",
17
18
  "export-data": "scripts/export_data.sh",
18
19
  "build": "rm -rf dist/ && mkdir -p src/data/json && cp data/json/*.json src/data/json && tsc --build src/ && rm -rf src/data"
19
20
  },