aws-iam-data 0.0.270 → 0.0.272

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/data/json/changelog.json +61 -0
  2. package/dist/data/json/iam.json +974 -15
  3. package/dist/data/json/metadata.json +64 -8
  4. package/dist/data/json/reports.json +16 -16
  5. package/package.json +1 -1
package/dist/data/json/iam.json CHANGED
@@ -3521,7 +3521,9 @@
3521
3521
  "resourceType": "",
3522
3522
  "required": false,
3523
3523
  "conditionKeys": [],
3524
- "dependentActions": []
3524
+ "dependentActions": [
3525
+ "s3:ListAllMyBuckets"
3526
+ ]
3525
3527
  }
3526
3528
  ]
3527
3529
  },
@@ -71801,6 +71803,35 @@
71801
71803
  }
71802
71804
  ]
71803
71805
  },
71806
+ {
71807
+ "name": "CreateHoursOfOperationOverride",
71808
+ "apiReferenceUrl": "https://docs.aws.amazon.com/connect/latest/APIReference/API_CreateHoursOfOperationOverride.html",
71809
+ "permissionOnly": false,
71810
+ "description": "Grants permission to create an hours of operation override in an Amazon Connect instance",
71811
+ "accessLevel": "Write",
71812
+ "resourceTypes": [
71813
+ {
71814
+ "resourceType": "hours-of-operation",
71815
+ "required": true,
71816
+ "conditionKeys": [],
71817
+ "dependentActions": []
71818
+ },
71819
+ {
71820
+ "resourceType": "instance",
71821
+ "required": true,
71822
+ "conditionKeys": [],
71823
+ "dependentActions": []
71824
+ },
71825
+ {
71826
+ "resourceType": "",
71827
+ "required": false,
71828
+ "conditionKeys": [
71829
+ "connect:InstanceId"
71830
+ ],
71831
+ "dependentActions": []
71832
+ }
71833
+ ]
71834
+ },
71804
71835
  {
71805
71836
  "name": "CreateInstance",
71806
71837
  "apiReferenceUrl": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions",
@@ -72558,6 +72589,35 @@
72558
72589
  }
72559
72590
  ]
72560
72591
  },
72592
+ {
72593
+ "name": "DeleteHoursOfOperationOverride",
72594
+ "apiReferenceUrl": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DeleteHoursOfOperationOverride.html",
72595
+ "permissionOnly": false,
72596
+ "description": "Grants permission to delete an hours of operation override in an Amazon Connect instance",
72597
+ "accessLevel": "Write",
72598
+ "resourceTypes": [
72599
+ {
72600
+ "resourceType": "hours-of-operation",
72601
+ "required": true,
72602
+ "conditionKeys": [],
72603
+ "dependentActions": []
72604
+ },
72605
+ {
72606
+ "resourceType": "instance",
72607
+ "required": true,
72608
+ "conditionKeys": [],
72609
+ "dependentActions": []
72610
+ },
72611
+ {
72612
+ "resourceType": "",
72613
+ "required": false,
72614
+ "conditionKeys": [
72615
+ "connect:InstanceId"
72616
+ ],
72617
+ "dependentActions": []
72618
+ }
72619
+ ]
72620
+ },
72561
72621
  {
72562
72622
  "name": "DeleteInstance",
72563
72623
  "apiReferenceUrl": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions",
@@ -73201,6 +73261,35 @@
73201
73261
  }
73202
73262
  ]
73203
73263
  },
73264
+ {
73265
+ "name": "DescribeHoursOfOperationOverride",
73266
+ "apiReferenceUrl": "https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeHoursOfOperationOverride.html",
73267
+ "permissionOnly": false,
73268
+ "description": "Grants permission to describe an hours of operation override in an Amazon Connect instance",
73269
+ "accessLevel": "Read",
73270
+ "resourceTypes": [
73271
+ {
73272
+ "resourceType": "hours-of-operation",
73273
+ "required": true,
73274
+ "conditionKeys": [],
73275
+ "dependentActions": []
73276
+ },
73277
+ {
73278
+ "resourceType": "instance",
73279
+ "required": true,
73280
+ "conditionKeys": [],
73281
+ "dependentActions": []
73282
+ },
73283
+ {
73284
+ "resourceType": "",
73285
+ "required": false,
73286
+ "conditionKeys": [
73287
+ "connect:InstanceId"
73288
+ ],
73289
+ "dependentActions": []
73290
+ }
73291
+ ]
73292
+ },
73204
73293
  {
73205
73294
  "name": "DescribeInstance",
73206
73295
  "apiReferenceUrl": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions",
@@ -74108,6 +74197,35 @@
74108
74197
  }
74109
74198
  ]
74110
74199
  },
74200
+ {
74201
+ "name": "GetEffectiveHoursOfOperations",
74202
+ "apiReferenceUrl": "https://docs.aws.amazon.com/connect/latest/APIReference/API_GetEffectiveHoursOfOperations.html",
74203
+ "permissionOnly": false,
74204
+ "description": "Grants permission to get effective hours of operation resources in an Amazon Connect instance",
74205
+ "accessLevel": "Read",
74206
+ "resourceTypes": [
74207
+ {
74208
+ "resourceType": "hours-of-operation",
74209
+ "required": true,
74210
+ "conditionKeys": [],
74211
+ "dependentActions": []
74212
+ },
74213
+ {
74214
+ "resourceType": "instance",
74215
+ "required": true,
74216
+ "conditionKeys": [],
74217
+ "dependentActions": []
74218
+ },
74219
+ {
74220
+ "resourceType": "",
74221
+ "required": false,
74222
+ "conditionKeys": [
74223
+ "connect:InstanceId"
74224
+ ],
74225
+ "dependentActions": []
74226
+ }
74227
+ ]
74228
+ },
74111
74229
  {
74112
74230
  "name": "GetFederationToken",
74113
74231
  "apiReferenceUrl": "https://docs.aws.amazon.com/connect/latest/APIReference/API_GetFederationToken.html",
@@ -74576,6 +74694,35 @@
74576
74694
  }
74577
74695
  ]
74578
74696
  },
74697
+ {
74698
+ "name": "ListHoursOfOperationOverrides",
74699
+ "apiReferenceUrl": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListHoursOfOperationOverrides.html",
74700
+ "permissionOnly": false,
74701
+ "description": "Grants permission to list hours of operation override resources in an Amazon Connect instance",
74702
+ "accessLevel": "List",
74703
+ "resourceTypes": [
74704
+ {
74705
+ "resourceType": "hours-of-operation",
74706
+ "required": true,
74707
+ "conditionKeys": [],
74708
+ "dependentActions": []
74709
+ },
74710
+ {
74711
+ "resourceType": "instance",
74712
+ "required": true,
74713
+ "conditionKeys": [],
74714
+ "dependentActions": []
74715
+ },
74716
+ {
74717
+ "resourceType": "",
74718
+ "required": false,
74719
+ "conditionKeys": [
74720
+ "connect:InstanceId"
74721
+ ],
74722
+ "dependentActions": []
74723
+ }
74724
+ ]
74725
+ },
74579
74726
  {
74580
74727
  "name": "ListHoursOfOperations",
74581
74728
  "apiReferenceUrl": "https://docs.aws.amazon.com/connect/latest/APIReference/API_ListHoursOfOperations.html",
@@ -75735,6 +75882,39 @@
75735
75882
  }
75736
75883
  ]
75737
75884
  },
75885
+ {
75886
+ "name": "SearchHoursOfOperationOverrides",
75887
+ "apiReferenceUrl": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchHoursOfOperationOverrides.html",
75888
+ "permissionOnly": false,
75889
+ "description": "Grants permission to search hours of operation override resources in an Amazon Connect instance",
75890
+ "accessLevel": "Read",
75891
+ "resourceTypes": [
75892
+ {
75893
+ "resourceType": "hours-of-operation",
75894
+ "required": true,
75895
+ "conditionKeys": [],
75896
+ "dependentActions": [
75897
+ "connect:DescribeHoursOfOperation",
75898
+ "connect:ListHoursOfOperationOverrides"
75899
+ ]
75900
+ },
75901
+ {
75902
+ "resourceType": "instance",
75903
+ "required": true,
75904
+ "conditionKeys": [],
75905
+ "dependentActions": []
75906
+ },
75907
+ {
75908
+ "resourceType": "",
75909
+ "required": false,
75910
+ "conditionKeys": [
75911
+ "connect:InstanceId",
75912
+ "connect:SearchTag/${TagKey}"
75913
+ ],
75914
+ "dependentActions": []
75915
+ }
75916
+ ]
75917
+ },
75738
75918
  {
75739
75919
  "name": "SearchHoursOfOperations",
75740
75920
  "apiReferenceUrl": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchHoursOfOperations.html",
@@ -76031,6 +76211,35 @@
76031
76211
  }
76032
76212
  ]
76033
76213
  },
76214
+ {
76215
+ "name": "SendOutboundEmail",
76216
+ "apiReferenceUrl": "https://docs.aws.amazon.com/connect/latest/APIReference/API_SendOutboundEmail.html",
76217
+ "permissionOnly": false,
76218
+ "description": "Grants permission to send outbound email using the Amazon Connect API",
76219
+ "accessLevel": "Write",
76220
+ "resourceTypes": [
76221
+ {
76222
+ "resourceType": "instance",
76223
+ "required": true,
76224
+ "conditionKeys": [],
76225
+ "dependentActions": []
76226
+ },
76227
+ {
76228
+ "resourceType": "contact",
76229
+ "required": false,
76230
+ "conditionKeys": [],
76231
+ "dependentActions": []
76232
+ },
76233
+ {
76234
+ "resourceType": "",
76235
+ "required": false,
76236
+ "conditionKeys": [
76237
+ "connect:InstanceId"
76238
+ ],
76239
+ "dependentActions": []
76240
+ }
76241
+ ]
76242
+ },
76034
76243
  {
76035
76244
  "name": "StartAttachedFileUpload",
76036
76245
  "apiReferenceUrl": "https://docs.aws.amazon.com/connect/latest/APIReference/API_StartAttachedFileUpload.html",
@@ -77091,6 +77300,35 @@
77091
77300
  }
77092
77301
  ]
77093
77302
  },
77303
+ {
77304
+ "name": "UpdateHoursOfOperationOverride",
77305
+ "apiReferenceUrl": "https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateHoursOfOperationOverride.html",
77306
+ "permissionOnly": false,
77307
+ "description": "Grants permission to update an hours of operation override in an Amazon Connect instance",
77308
+ "accessLevel": "Write",
77309
+ "resourceTypes": [
77310
+ {
77311
+ "resourceType": "hours-of-operation",
77312
+ "required": true,
77313
+ "conditionKeys": [],
77314
+ "dependentActions": []
77315
+ },
77316
+ {
77317
+ "resourceType": "instance",
77318
+ "required": true,
77319
+ "conditionKeys": [],
77320
+ "dependentActions": []
77321
+ },
77322
+ {
77323
+ "resourceType": "",
77324
+ "required": false,
77325
+ "conditionKeys": [
77326
+ "connect:InstanceId"
77327
+ ],
77328
+ "dependentActions": []
77329
+ }
77330
+ ]
77331
+ },
77094
77332
  {
77095
77333
  "name": "UpdateInstanceAttribute",
77096
77334
  "apiReferenceUrl": "https://docs.aws.amazon.com/console/connect/amazon-connect-console/grant-instance-permissions",
@@ -100762,6 +101000,21 @@
100762
101000
  }
100763
101001
  ]
100764
101002
  },
101003
+ {
101004
+ "name": "DescribeDirectoryDataAccess",
101005
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeDirectoryDataAccess.html",
101006
+ "permissionOnly": false,
101007
+ "description": "Grants permission to describe the Directory Service Data API status for the specified directory",
101008
+ "accessLevel": "Read",
101009
+ "resourceTypes": [
101010
+ {
101011
+ "resourceType": "directory",
101012
+ "required": true,
101013
+ "conditionKeys": [],
101014
+ "dependentActions": []
101015
+ }
101016
+ ]
101017
+ },
100765
101018
  {
100766
101019
  "name": "DescribeDomainControllers",
100767
101020
  "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DescribeDomainControllers.html",
@@ -100912,6 +101165,21 @@
100912
101165
  }
100913
101166
  ]
100914
101167
  },
101168
+ {
101169
+ "name": "DisableDirectoryDataAccess",
101170
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DisableDirectoryDataAccess.html",
101171
+ "permissionOnly": false,
101172
+ "description": "Grants permission to disable the Directory Service Data API for the specified directory",
101173
+ "accessLevel": "Write",
101174
+ "resourceTypes": [
101175
+ {
101176
+ "resourceType": "directory",
101177
+ "required": true,
101178
+ "conditionKeys": [],
101179
+ "dependentActions": []
101180
+ }
101181
+ ]
101182
+ },
100915
101183
  {
100916
101184
  "name": "DisableLDAPS",
100917
101185
  "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DisableLDAPS.html",
@@ -100987,6 +101255,21 @@
100987
101255
  }
100988
101256
  ]
100989
101257
  },
101258
+ {
101259
+ "name": "EnableDirectoryDataAccess",
101260
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_EnableDirectoryDataAccess.html",
101261
+ "permissionOnly": false,
101262
+ "description": "Grants permission to enable the Directory Service Data API for the specified directory",
101263
+ "accessLevel": "Write",
101264
+ "resourceTypes": [
101265
+ {
101266
+ "resourceType": "directory",
101267
+ "required": true,
101268
+ "conditionKeys": [],
101269
+ "dependentActions": []
101270
+ }
101271
+ ]
101272
+ },
100990
101273
  {
100991
101274
  "name": "EnableLDAPS",
100992
101275
  "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservice/latest/devguide/API_EnableLDAPS.html",
@@ -101544,6 +101827,520 @@
101544
101827
  }
101545
101828
  ]
101546
101829
  },
101830
+ {
101831
+ "name": "AWS Directory Service Data",
101832
+ "authReferenceUrl": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsdirectoryservicedata.html",
101833
+ "servicePrefix": "ds-data",
101834
+ "actions": [
101835
+ {
101836
+ "name": "AddGroupMember",
101837
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservicedata/latest/DirectoryServiceDataAPIReference/API_AddGroupMember.html",
101838
+ "permissionOnly": false,
101839
+ "description": "Grants permission to add a member to a group on a directory",
101840
+ "accessLevel": "Write",
101841
+ "resourceTypes": [
101842
+ {
101843
+ "resourceType": "directory",
101844
+ "required": true,
101845
+ "conditionKeys": [],
101846
+ "dependentActions": [
101847
+ "ds:AccessDSData"
101848
+ ]
101849
+ },
101850
+ {
101851
+ "resourceType": "",
101852
+ "required": false,
101853
+ "conditionKeys": [
101854
+ "ds-data:SAMAccountName",
101855
+ "ds-data:MemberName",
101856
+ "ds-data:Realm",
101857
+ "ds-data:MemberRealm",
101858
+ "ds-data:Identifier"
101859
+ ],
101860
+ "dependentActions": []
101861
+ }
101862
+ ]
101863
+ },
101864
+ {
101865
+ "name": "CreateGroup",
101866
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservicedata/latest/DirectoryServiceDataAPIReference/API_CreateGroup.html",
101867
+ "permissionOnly": false,
101868
+ "description": "Grants permission to create a group on a directory",
101869
+ "accessLevel": "Write",
101870
+ "resourceTypes": [
101871
+ {
101872
+ "resourceType": "directory",
101873
+ "required": true,
101874
+ "conditionKeys": [],
101875
+ "dependentActions": [
101876
+ "ds:AccessDSData"
101877
+ ]
101878
+ },
101879
+ {
101880
+ "resourceType": "",
101881
+ "required": false,
101882
+ "conditionKeys": [
101883
+ "ds-data:SAMAccountName",
101884
+ "ds-data:Identifier",
101885
+ "ds-data:Realm"
101886
+ ],
101887
+ "dependentActions": []
101888
+ }
101889
+ ]
101890
+ },
101891
+ {
101892
+ "name": "CreateUser",
101893
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservicedata/latest/DirectoryServiceDataAPIReference/API_CreateUser.html",
101894
+ "permissionOnly": false,
101895
+ "description": "Grants permission to create a user on a directory",
101896
+ "accessLevel": "Write",
101897
+ "resourceTypes": [
101898
+ {
101899
+ "resourceType": "directory",
101900
+ "required": true,
101901
+ "conditionKeys": [],
101902
+ "dependentActions": [
101903
+ "ds:AccessDSData"
101904
+ ]
101905
+ },
101906
+ {
101907
+ "resourceType": "",
101908
+ "required": false,
101909
+ "conditionKeys": [
101910
+ "ds-data:SAMAccountName",
101911
+ "ds-data:Identifier",
101912
+ "ds-data:Realm"
101913
+ ],
101914
+ "dependentActions": []
101915
+ }
101916
+ ]
101917
+ },
101918
+ {
101919
+ "name": "DeleteGroup",
101920
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservicedata/latest/DirectoryServiceDataAPIReference/API_DeleteGroup.html",
101921
+ "permissionOnly": false,
101922
+ "description": "Grants permission to delete a group on a directory",
101923
+ "accessLevel": "Write",
101924
+ "resourceTypes": [
101925
+ {
101926
+ "resourceType": "directory",
101927
+ "required": true,
101928
+ "conditionKeys": [],
101929
+ "dependentActions": [
101930
+ "ds:AccessDSData"
101931
+ ]
101932
+ },
101933
+ {
101934
+ "resourceType": "",
101935
+ "required": false,
101936
+ "conditionKeys": [
101937
+ "ds-data:SAMAccountName",
101938
+ "ds-data:Identifier",
101939
+ "ds-data:Realm"
101940
+ ],
101941
+ "dependentActions": []
101942
+ }
101943
+ ]
101944
+ },
101945
+ {
101946
+ "name": "DeleteUser",
101947
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservicedata/latest/DirectoryServiceDataAPIReference/API_DeleteUser.html",
101948
+ "permissionOnly": false,
101949
+ "description": "Grants permission to delete a user on a directory",
101950
+ "accessLevel": "Write",
101951
+ "resourceTypes": [
101952
+ {
101953
+ "resourceType": "directory",
101954
+ "required": true,
101955
+ "conditionKeys": [],
101956
+ "dependentActions": [
101957
+ "ds:AccessDSData"
101958
+ ]
101959
+ },
101960
+ {
101961
+ "resourceType": "",
101962
+ "required": false,
101963
+ "conditionKeys": [
101964
+ "ds-data:SAMAccountName",
101965
+ "ds-data:Identifier",
101966
+ "ds-data:Realm"
101967
+ ],
101968
+ "dependentActions": []
101969
+ }
101970
+ ]
101971
+ },
101972
+ {
101973
+ "name": "DescribeGroup",
101974
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservicedata/latest/DirectoryServiceDataAPIReference/API_DescribeGroup.html",
101975
+ "permissionOnly": false,
101976
+ "description": "Grants permission to describe a group on a directory",
101977
+ "accessLevel": "Read",
101978
+ "resourceTypes": [
101979
+ {
101980
+ "resourceType": "directory",
101981
+ "required": true,
101982
+ "conditionKeys": [],
101983
+ "dependentActions": [
101984
+ "ds:AccessDSData"
101985
+ ]
101986
+ },
101987
+ {
101988
+ "resourceType": "",
101989
+ "required": false,
101990
+ "conditionKeys": [
101991
+ "ds-data:SAMAccountName",
101992
+ "ds-data:Identifier",
101993
+ "ds-data:Realm"
101994
+ ],
101995
+ "dependentActions": []
101996
+ }
101997
+ ]
101998
+ },
101999
+ {
102000
+ "name": "DescribeUser",
102001
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservicedata/latest/DirectoryServiceDataAPIReference/API_DescribeUser.html",
102002
+ "permissionOnly": false,
102003
+ "description": "Grants permission to describe a user on a directory",
102004
+ "accessLevel": "Read",
102005
+ "resourceTypes": [
102006
+ {
102007
+ "resourceType": "directory",
102008
+ "required": true,
102009
+ "conditionKeys": [],
102010
+ "dependentActions": [
102011
+ "ds:AccessDSData"
102012
+ ]
102013
+ },
102014
+ {
102015
+ "resourceType": "",
102016
+ "required": false,
102017
+ "conditionKeys": [
102018
+ "ds-data:SAMAccountName",
102019
+ "ds-data:Identifier",
102020
+ "ds-data:Realm"
102021
+ ],
102022
+ "dependentActions": []
102023
+ }
102024
+ ]
102025
+ },
102026
+ {
102027
+ "name": "DisableUser",
102028
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservicedata/latest/DirectoryServiceDataAPIReference/API_DisableUser.html",
102029
+ "permissionOnly": false,
102030
+ "description": "Grants permission to disable a user on a directory",
102031
+ "accessLevel": "Write",
102032
+ "resourceTypes": [
102033
+ {
102034
+ "resourceType": "directory",
102035
+ "required": true,
102036
+ "conditionKeys": [],
102037
+ "dependentActions": [
102038
+ "ds:AccessDSData"
102039
+ ]
102040
+ },
102041
+ {
102042
+ "resourceType": "",
102043
+ "required": false,
102044
+ "conditionKeys": [
102045
+ "ds-data:SAMAccountName",
102046
+ "ds-data:Identifier",
102047
+ "ds-data:Realm"
102048
+ ],
102049
+ "dependentActions": []
102050
+ }
102051
+ ]
102052
+ },
102053
+ {
102054
+ "name": "ListGroupMembers",
102055
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservicedata/latest/DirectoryServiceDataAPIReference/API_ListGroupMembers.html",
102056
+ "permissionOnly": false,
102057
+ "description": "Grants permission to list members in a group on a directory",
102058
+ "accessLevel": "List",
102059
+ "resourceTypes": [
102060
+ {
102061
+ "resourceType": "directory",
102062
+ "required": true,
102063
+ "conditionKeys": [],
102064
+ "dependentActions": [
102065
+ "ds:AccessDSData"
102066
+ ]
102067
+ },
102068
+ {
102069
+ "resourceType": "",
102070
+ "required": false,
102071
+ "conditionKeys": [
102072
+ "ds-data:SAMAccountName",
102073
+ "ds-data:Realm",
102074
+ "ds-data:MemberRealm",
102075
+ "ds-data:Identifier"
102076
+ ],
102077
+ "dependentActions": []
102078
+ }
102079
+ ]
102080
+ },
102081
+ {
102082
+ "name": "ListGroups",
102083
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservicedata/latest/DirectoryServiceDataAPIReference/API_ListGroups.html",
102084
+ "permissionOnly": false,
102085
+ "description": "Grants permission to list groups on a directory",
102086
+ "accessLevel": "List",
102087
+ "resourceTypes": [
102088
+ {
102089
+ "resourceType": "directory",
102090
+ "required": true,
102091
+ "conditionKeys": [],
102092
+ "dependentActions": [
102093
+ "ds:AccessDSData"
102094
+ ]
102095
+ },
102096
+ {
102097
+ "resourceType": "",
102098
+ "required": false,
102099
+ "conditionKeys": [
102100
+ "ds-data:Realm"
102101
+ ],
102102
+ "dependentActions": []
102103
+ }
102104
+ ]
102105
+ },
102106
+ {
102107
+ "name": "ListGroupsForMember",
102108
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservicedata/latest/DirectoryServiceDataAPIReference/API_ListGroupsForMember.html",
102109
+ "permissionOnly": false,
102110
+ "description": "Grants permission to list the groups that a member is in on a directory",
102111
+ "accessLevel": "List",
102112
+ "resourceTypes": [
102113
+ {
102114
+ "resourceType": "directory",
102115
+ "required": true,
102116
+ "conditionKeys": [],
102117
+ "dependentActions": [
102118
+ "ds:AccessDSData"
102119
+ ]
102120
+ },
102121
+ {
102122
+ "resourceType": "",
102123
+ "required": false,
102124
+ "conditionKeys": [
102125
+ "ds-data:SAMAccountName",
102126
+ "ds-data:Realm",
102127
+ "ds-data:MemberRealm",
102128
+ "ds-data:Identifier"
102129
+ ],
102130
+ "dependentActions": []
102131
+ }
102132
+ ]
102133
+ },
102134
+ {
102135
+ "name": "ListUsers",
102136
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservicedata/latest/DirectoryServiceDataAPIReference/API_ListUsers.html",
102137
+ "permissionOnly": false,
102138
+ "description": "Grants permission to list users on a directory",
102139
+ "accessLevel": "List",
102140
+ "resourceTypes": [
102141
+ {
102142
+ "resourceType": "directory",
102143
+ "required": true,
102144
+ "conditionKeys": [],
102145
+ "dependentActions": [
102146
+ "ds:AccessDSData"
102147
+ ]
102148
+ },
102149
+ {
102150
+ "resourceType": "",
102151
+ "required": false,
102152
+ "conditionKeys": [
102153
+ "ds-data:Realm"
102154
+ ],
102155
+ "dependentActions": []
102156
+ }
102157
+ ]
102158
+ },
102159
+ {
102160
+ "name": "RemoveGroupMember",
102161
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservicedata/latest/DirectoryServiceDataAPIReference/API_RemoveGroupMember.html",
102162
+ "permissionOnly": false,
102163
+ "description": "Grants permission to remove a member from a group on a directory",
102164
+ "accessLevel": "Write",
102165
+ "resourceTypes": [
102166
+ {
102167
+ "resourceType": "directory",
102168
+ "required": true,
102169
+ "conditionKeys": [],
102170
+ "dependentActions": [
102171
+ "ds:AccessDSData"
102172
+ ]
102173
+ },
102174
+ {
102175
+ "resourceType": "",
102176
+ "required": false,
102177
+ "conditionKeys": [
102178
+ "ds-data:SAMAccountName",
102179
+ "ds-data:MemberName",
102180
+ "ds-data:Realm",
102181
+ "ds-data:MemberRealm",
102182
+ "ds-data:Identifier"
102183
+ ],
102184
+ "dependentActions": []
102185
+ }
102186
+ ]
102187
+ },
102188
+ {
102189
+ "name": "SearchGroups",
102190
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservicedata/latest/DirectoryServiceDataAPIReference/API_SearchGroups.html",
102191
+ "permissionOnly": false,
102192
+ "description": "Grants permission to search for groups on a directory",
102193
+ "accessLevel": "Read",
102194
+ "resourceTypes": [
102195
+ {
102196
+ "resourceType": "directory",
102197
+ "required": true,
102198
+ "conditionKeys": [],
102199
+ "dependentActions": [
102200
+ "ds-data:DescribeGroup",
102201
+ "ds:AccessDSData"
102202
+ ]
102203
+ },
102204
+ {
102205
+ "resourceType": "",
102206
+ "required": false,
102207
+ "conditionKeys": [
102208
+ "ds-data:Realm"
102209
+ ],
102210
+ "dependentActions": []
102211
+ }
102212
+ ]
102213
+ },
102214
+ {
102215
+ "name": "SearchUsers",
102216
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservicedata/latest/DirectoryServiceDataAPIReference/API_SearchUsers.html",
102217
+ "permissionOnly": false,
102218
+ "description": "Grants permission to search for users on a directory",
102219
+ "accessLevel": "Read",
102220
+ "resourceTypes": [
102221
+ {
102222
+ "resourceType": "directory",
102223
+ "required": true,
102224
+ "conditionKeys": [],
102225
+ "dependentActions": [
102226
+ "ds-data:DescribeUser",
102227
+ "ds:AccessDSData"
102228
+ ]
102229
+ },
102230
+ {
102231
+ "resourceType": "",
102232
+ "required": false,
102233
+ "conditionKeys": [
102234
+ "ds-data:Realm"
102235
+ ],
102236
+ "dependentActions": []
102237
+ }
102238
+ ]
102239
+ },
102240
+ {
102241
+ "name": "UpdateGroup",
102242
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservicedata/latest/DirectoryServiceDataAPIReference/API_UpdateGroup.html",
102243
+ "permissionOnly": false,
102244
+ "description": "Grants permission to update a group on a directory",
102245
+ "accessLevel": "Write",
102246
+ "resourceTypes": [
102247
+ {
102248
+ "resourceType": "directory",
102249
+ "required": true,
102250
+ "conditionKeys": [],
102251
+ "dependentActions": [
102252
+ "ds:AccessDSData"
102253
+ ]
102254
+ },
102255
+ {
102256
+ "resourceType": "",
102257
+ "required": false,
102258
+ "conditionKeys": [
102259
+ "ds-data:SAMAccountName",
102260
+ "ds-data:Identifier",
102261
+ "ds-data:Realm"
102262
+ ],
102263
+ "dependentActions": []
102264
+ }
102265
+ ]
102266
+ },
102267
+ {
102268
+ "name": "UpdateUser",
102269
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservicedata/latest/DirectoryServiceDataAPIReference/API_UpdateUser.html",
102270
+ "permissionOnly": false,
102271
+ "description": "Grants permission to update a user on a directory",
102272
+ "accessLevel": "Write",
102273
+ "resourceTypes": [
102274
+ {
102275
+ "resourceType": "directory",
102276
+ "required": true,
102277
+ "conditionKeys": [],
102278
+ "dependentActions": [
102279
+ "ds:AccessDSData"
102280
+ ]
102281
+ },
102282
+ {
102283
+ "resourceType": "",
102284
+ "required": false,
102285
+ "conditionKeys": [
102286
+ "ds-data:SAMAccountName",
102287
+ "ds-data:Identifier",
102288
+ "ds-data:Realm"
102289
+ ],
102290
+ "dependentActions": []
102291
+ }
102292
+ ]
102293
+ }
102294
+ ],
102295
+ "resourceTypes": [
102296
+ {
102297
+ "name": "directory",
102298
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservice/latest/admin-guide/IAM_Auth_Access_Overview.html",
102299
+ "arnPattern": "arn:${Partition}:ds:${Region}:${Account}:directory/${DirectoryId}",
102300
+ "conditionKeys": [
102301
+ "aws:ResourceTag/${TagKey}"
102302
+ ]
102303
+ }
102304
+ ],
102305
+ "conditionKeys": [
102306
+ {
102307
+ "name": "aws:ResourceTag/${TagKey}",
102308
+ "apiReferenceUrl": "https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag",
102309
+ "description": "Filters access by the AWS DS Resource being acted upon",
102310
+ "type": "String"
102311
+ },
102312
+ {
102313
+ "name": "ds-data:Identifier",
102314
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservice/latest/admin-guide/iam_dsdata-condition-keys.html#dsdata_condition-Identifier",
102315
+ "description": "Filters access by the type of identifier provided in the request (i.e. SAM Account Name)",
102316
+ "type": "String"
102317
+ },
102318
+ {
102319
+ "name": "ds-data:MemberName",
102320
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservice/latest/admin-guide/iam_dsdata-condition-keys.html#dsdata_condition-MemberName",
102321
+ "description": "Filters access by the directory SAM Account Name included in the MemberName input of the request",
102322
+ "type": "String"
102323
+ },
102324
+ {
102325
+ "name": "ds-data:MemberRealm",
102326
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservice/latest/admin-guide/iam_dsdata-condition-keys.html#dsdata_condition-MemberRealm",
102327
+ "description": "Filters access by the directory realm name included in the MemberRealm input of the request",
102328
+ "type": "String"
102329
+ },
102330
+ {
102331
+ "name": "ds-data:Realm",
102332
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservice/latest/admin-guide/iam_dsdata-condition-keys.html#dsdata_condition-Realm",
102333
+ "description": "Filters access by the directory realm name for the request",
102334
+ "type": "String"
102335
+ },
102336
+ {
102337
+ "name": "ds-data:SAMAccountName",
102338
+ "apiReferenceUrl": "https://docs.aws.amazon.com/directoryservice/latest/admin-guide/iam_dsdata-condition-keys.html#dsdata_condition-SAMAccountName",
102339
+ "description": "Filters access by the directory SAM Account Name included in the SAMAccountName input of the request",
102340
+ "type": "String"
102341
+ }
102342
+ ]
102343
+ },
101547
102344
  {
101548
102345
  "name": "Amazon DocumentDB Elastic Clusters",
101549
102346
  "authReferenceUrl": "https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazondocumentdbelasticclusters.html",
@@ -190160,6 +190957,23 @@
190160
190957
  }
190161
190958
  ]
190162
190959
  },
190960
+ {
190961
+ "name": "AssociateSbomWithPackageVersion",
190962
+ "apiReferenceUrl": "https://docs.aws.amazon.com/iot/latest/apireference/API_AssociateSbomWithPackageVersion.html",
190963
+ "permissionOnly": false,
190964
+ "description": "Grants permission to associate SBOM files to a package version",
190965
+ "accessLevel": "Write",
190966
+ "resourceTypes": [
190967
+ {
190968
+ "resourceType": "packageversion",
190969
+ "required": true,
190970
+ "conditionKeys": [],
190971
+ "dependentActions": [
190972
+ "iot:GetIndexingConfiguration"
190973
+ ]
190974
+ }
190975
+ ]
190976
+ },
190163
190977
  {
190164
190978
  "name": "AssociateTargetsWithJob",
190165
190979
  "apiReferenceUrl": "https://docs.aws.amazon.com/iot/latest/apireference/API_AssociateTargetsWithJob.html",
@@ -190861,7 +191675,8 @@
190861
191675
  "required": true,
190862
191676
  "conditionKeys": [],
190863
191677
  "dependentActions": [
190864
- "iot:GetIndexingConfiguration"
191678
+ "iot:GetIndexingConfiguration",
191679
+ "s3:GetObjectVersion"
190865
191680
  ]
190866
191681
  },
190867
191682
  {
@@ -192388,6 +193203,21 @@
192388
193203
  }
192389
193204
  ]
192390
193205
  },
193206
+ {
193207
+ "name": "DisassociateSbomFromPackageVersion",
193208
+ "apiReferenceUrl": "https://docs.aws.amazon.com/iot/latest/apireference/API_DisassociateSbomFromPackageVersion.html",
193209
+ "permissionOnly": false,
193210
+ "description": "Grants permission to disassociate SBOM files from a package version",
193211
+ "accessLevel": "Write",
193212
+ "resourceTypes": [
193213
+ {
193214
+ "resourceType": "packageversion",
193215
+ "required": true,
193216
+ "conditionKeys": [],
193217
+ "dependentActions": []
193218
+ }
193219
+ ]
193220
+ },
192391
193221
  {
192392
193222
  "name": "EnableTopicRule",
192393
193223
  "apiReferenceUrl": "https://docs.aws.amazon.com/iot/latest/apireference/API_EnableTopicRule.html",
@@ -193360,6 +194190,21 @@
193360
194190
  }
193361
194191
  ]
193362
194192
  },
194193
+ {
194194
+ "name": "ListSbomValidationResults",
194195
+ "apiReferenceUrl": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListSbomValidationResults.html",
194196
+ "permissionOnly": false,
194197
+ "description": "Grants permission to list SBOM validation results of a package version",
194198
+ "accessLevel": "List",
194199
+ "resourceTypes": [
194200
+ {
194201
+ "resourceType": "packageversion",
194202
+ "required": true,
194203
+ "conditionKeys": [],
194204
+ "dependentActions": []
194205
+ }
194206
+ ]
194207
+ },
193363
194208
  {
193364
194209
  "name": "ListScheduledAudits",
193365
194210
  "apiReferenceUrl": "https://docs.aws.amazon.com/iot/latest/apireference/API_ListScheduledAudits.html",
@@ -194897,7 +195742,8 @@
194897
195742
  "required": true,
194898
195743
  "conditionKeys": [],
194899
195744
  "dependentActions": [
194900
- "iot:GetIndexingConfiguration"
195745
+ "iot:GetIndexingConfiguration",
195746
+ "s3:GetObjectVersion"
194901
195747
  ]
194902
195748
  },
194903
195749
  {
@@ -214717,7 +215563,10 @@
214717
215563
  {
214718
215564
  "resourceType": "",
214719
215565
  "required": false,
214720
- "conditionKeys": [],
215566
+ "conditionKeys": [
215567
+ "aws:RequestTag/${TagKey}",
215568
+ "aws:TagKeys"
215569
+ ],
214721
215570
  "dependentActions": []
214722
215571
  }
214723
215572
  ]
@@ -214733,7 +215582,9 @@
214733
215582
  "resourceType": "",
214734
215583
  "required": false,
214735
215584
  "conditionKeys": [
214736
- "lambda:FunctionArn"
215585
+ "lambda:FunctionArn",
215586
+ "aws:RequestTag/${TagKey}",
215587
+ "aws:TagKeys"
214737
215588
  ],
214738
215589
  "dependentActions": []
214739
215590
  }
@@ -215534,12 +216385,24 @@
215534
216385
  "name": "ListTags",
215535
216386
  "apiReferenceUrl": "https://docs.aws.amazon.com/lambda/latest/dg/API_ListTags.html",
215536
216387
  "permissionOnly": false,
215537
- "description": "Grants permission to retrieve a list of tags for an AWS Lambda function",
216388
+ "description": "Grants permission to retrieve a list of tags for an AWS Lambda function, event source mapping or code signing configuration resource",
215538
216389
  "accessLevel": "Read",
215539
216390
  "resourceTypes": [
216391
+ {
216392
+ "resourceType": "code signing config",
216393
+ "required": false,
216394
+ "conditionKeys": [],
216395
+ "dependentActions": []
216396
+ },
216397
+ {
216398
+ "resourceType": "eventSourceMapping",
216399
+ "required": false,
216400
+ "conditionKeys": [],
216401
+ "dependentActions": []
216402
+ },
215540
216403
  {
215541
216404
  "resourceType": "function",
215542
- "required": true,
216405
+ "required": false,
215543
216406
  "conditionKeys": [],
215544
216407
  "dependentActions": []
215545
216408
  }
@@ -215776,12 +216639,24 @@
215776
216639
  "name": "TagResource",
215777
216640
  "apiReferenceUrl": "https://docs.aws.amazon.com/lambda/latest/dg/API_TagResources.html",
215778
216641
  "permissionOnly": false,
215779
- "description": "Grants permission to add tags to an AWS Lambda function",
216642
+ "description": "Grants permission to add tags to an AWS Lambda function, event source mapping or code signing configuration resource",
215780
216643
  "accessLevel": "Tagging",
215781
216644
  "resourceTypes": [
216645
+ {
216646
+ "resourceType": "code signing config",
216647
+ "required": false,
216648
+ "conditionKeys": [],
216649
+ "dependentActions": []
216650
+ },
216651
+ {
216652
+ "resourceType": "eventSourceMapping",
216653
+ "required": false,
216654
+ "conditionKeys": [],
216655
+ "dependentActions": []
216656
+ },
215782
216657
  {
215783
216658
  "resourceType": "function",
215784
- "required": true,
216659
+ "required": false,
215785
216660
  "conditionKeys": [],
215786
216661
  "dependentActions": []
215787
216662
  },
@@ -215800,12 +216675,24 @@
215800
216675
  "name": "UntagResource",
215801
216676
  "apiReferenceUrl": "https://docs.aws.amazon.com/lambda/latest/dg/API_UntagResource.html",
215802
216677
  "permissionOnly": false,
215803
- "description": "Grants permission to remove tags from an AWS Lambda function",
216678
+ "description": "Grants permission to remove tags from an AWS Lambda function, event source mapping or code signing configuration resource",
215804
216679
  "accessLevel": "Tagging",
215805
216680
  "resourceTypes": [
216681
+ {
216682
+ "resourceType": "code signing config",
216683
+ "required": false,
216684
+ "conditionKeys": [],
216685
+ "dependentActions": []
216686
+ },
216687
+ {
216688
+ "resourceType": "eventSourceMapping",
216689
+ "required": false,
216690
+ "conditionKeys": [],
216691
+ "dependentActions": []
216692
+ },
215806
216693
  {
215807
216694
  "resourceType": "function",
215808
- "required": true,
216695
+ "required": false,
215809
216696
  "conditionKeys": [],
215810
216697
  "dependentActions": []
215811
216698
  },
@@ -215979,13 +216866,17 @@
215979
216866
  "name": "code signing config",
215980
216867
  "apiReferenceUrl": "https://docs.aws.amazon.com/lambda/latest/dg/lambda-api-permissions-ref.html",
215981
216868
  "arnPattern": "arn:${Partition}:lambda:${Region}:${Account}:code-signing-config:${CodeSigningConfigId}",
215982
- "conditionKeys": []
216869
+ "conditionKeys": [
216870
+ "aws:ResourceTag/${TagKey}"
216871
+ ]
215983
216872
  },
215984
216873
  {
215985
216874
  "name": "eventSourceMapping",
215986
216875
  "apiReferenceUrl": "https://docs.aws.amazon.com/lambda/latest/dg/lambda-api-permissions-ref.html",
215987
216876
  "arnPattern": "arn:${Partition}:lambda:${Region}:${Account}:event-source-mapping:${UUID}",
215988
- "conditionKeys": []
216877
+ "conditionKeys": [
216878
+ "aws:ResourceTag/${TagKey}"
216879
+ ]
215989
216880
  },
215990
216881
  {
215991
216882
  "name": "function",
@@ -300038,7 +300929,9 @@
300038
300929
  "s3express:ResourceAccount",
300039
300930
  "s3express:signatureversion",
300040
300931
  "s3express:TlsVersion",
300041
- "s3express:x-amz-content-sha256"
300932
+ "s3express:x-amz-content-sha256",
300933
+ "s3express:x-amz-server-side-encryption",
300934
+ "s3express:x-amz-server-side-encryption-aws-kms-key-id"
300042
300935
  ],
300043
300936
  "dependentActions": []
300044
300937
  }
@@ -300154,6 +301047,33 @@
300154
301047
  }
300155
301048
  ]
300156
301049
  },
301050
+ {
301051
+ "name": "GetEncryptionConfiguration",
301052
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html",
301053
+ "permissionOnly": false,
301054
+ "description": "Grants permission to return the default encryption configuration for a directory bucket",
301055
+ "accessLevel": "Read",
301056
+ "resourceTypes": [
301057
+ {
301058
+ "resourceType": "bucket",
301059
+ "required": true,
301060
+ "conditionKeys": [],
301061
+ "dependentActions": []
301062
+ },
301063
+ {
301064
+ "resourceType": "",
301065
+ "required": false,
301066
+ "conditionKeys": [
301067
+ "s3express:authType",
301068
+ "s3express:ResourceAccount",
301069
+ "s3express:signatureversion",
301070
+ "s3express:TlsVersion",
301071
+ "s3express:x-amz-content-sha256"
301072
+ ],
301073
+ "dependentActions": []
301074
+ }
301075
+ ]
301076
+ },
300157
301077
  {
300158
301078
  "name": "ListAllMyDirectoryBuckets",
300159
301079
  "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListDirectoryBuckets.html",
@@ -300201,12 +301121,39 @@
300201
301121
  "dependentActions": []
300202
301122
  }
300203
301123
  ]
301124
+ },
301125
+ {
301126
+ "name": "PutEncryptionConfiguration",
301127
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketEncryption.html",
301128
+ "permissionOnly": false,
301129
+ "description": "Grants permission to set the encryption configuration for a directory bucket",
301130
+ "accessLevel": "Write",
301131
+ "resourceTypes": [
301132
+ {
301133
+ "resourceType": "bucket",
301134
+ "required": true,
301135
+ "conditionKeys": [],
301136
+ "dependentActions": []
301137
+ },
301138
+ {
301139
+ "resourceType": "",
301140
+ "required": false,
301141
+ "conditionKeys": [
301142
+ "s3express:authType",
301143
+ "s3express:ResourceAccount",
301144
+ "s3express:signatureversion",
301145
+ "s3express:TlsVersion",
301146
+ "s3express:x-amz-content-sha256"
301147
+ ],
301148
+ "dependentActions": []
301149
+ }
301150
+ ]
300204
301151
  }
300205
301152
  ],
300206
301153
  "resourceTypes": [
300207
301154
  {
300208
301155
  "name": "bucket",
300209
- "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-zonal-buckets.html",
301156
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html",
300210
301157
  "arnPattern": "arn:${Partition}:s3express:${Region}:${Account}:bucket/${BucketName}",
300211
301158
  "conditionKeys": []
300212
301159
  }
@@ -300259,6 +301206,18 @@
300259
301206
  "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonS3/latest/API/bucket-policy-s3-sigv4-conditions.html",
300260
301207
  "description": "Filters access by unsigned content in your bucket",
300261
301208
  "type": "String"
301209
+ },
301210
+ {
301211
+ "name": "s3express:x-amz-server-side-encryption",
301212
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-data-protection.html",
301213
+ "description": "Filters access by server-side encryption",
301214
+ "type": "String"
301215
+ },
301216
+ {
301217
+ "name": "s3express:x-amz-server-side-encryption-aws-kms-key-id",
301218
+ "apiReferenceUrl": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-UsingKMSEncryption.html#s3-express-require-sse-kms",
301219
+ "description": "Filters access by AWS KMS customer managed key for server-side encryption",
301220
+ "type": "ARN"
300262
301221
  }
300263
301222
  ]
300264
301223
  },