aws-iam-ls 0.0.0

package/src/data/servicereference/services/clouddirectory.json

@@ -0,0 +1 @@
+{"name":"clouddirectory","actions":{"AddFacetToObject":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to add a new Facet to an object","accessLevel":"Write","resourceTypes":[{"name":"directory","required":true}]},"ApplySchema":{"conditionKeys":[],"resources":[{"name":"directory"},{"name":"publishedSchema"}],"description":"Grants permission to copy input published schema into Directory with same name and version as that of published schema","accessLevel":"Write","resourceTypes":[{"name":"directory","required":true},{"name":"publishedSchema","required":true}]},"AttachObject":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to attach an existing object to another existing object","accessLevel":"Write","resourceTypes":[{"name":"directory","required":true}]},"AttachPolicy":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to attach a policy object to any other object","accessLevel":"Write","resourceTypes":[{"name":"directory","required":true}]},"AttachToIndex":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to attach the specified object to the specified index","accessLevel":"Write","resourceTypes":[{"name":"directory","required":true}]},"AttachTypedLink":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to attach a typed link b/w a source & target object reference","accessLevel":"Write","resourceTypes":[{"name":"directory","required":true}]},"BatchRead":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to perform all the read operations in a batch. Each individual operation inside BatchRead needs to be granted permissions explicitly","accessLevel":"Read","resourceTypes":[{"name":"directory","required":true}]},"BatchWrite":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to perform all the write operations in a batch. Each individual operation inside BatchWrite needs to be granted permissions explicitly","accessLevel":"Write","resourceTypes":[{"name":"directory","required":true}]},"CreateDirectory":{"conditionKeys":[],"resources":[{"name":"publishedSchema"}],"description":"Grants permission to create a Directory by copying the published schema into the directory","accessLevel":"Write","resourceTypes":[{"name":"publishedSchema","required":true}]},"CreateFacet":{"conditionKeys":[],"resources":[{"name":"appliedSchema"},{"name":"developmentSchema"}],"description":"Grants permission to create a new Facet in a schema","accessLevel":"Write","resourceTypes":[{"name":"appliedSchema","required":true},{"name":"developmentSchema","required":true}]},"CreateIndex":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to create an index object","accessLevel":"Write","resourceTypes":[{"name":"directory","required":true}]},"CreateObject":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to create an object in a Directory","accessLevel":"Write","resourceTypes":[{"name":"directory","required":true}]},"CreateSchema":{"conditionKeys":[],"resources":[],"description":"Grants permission to create a new schema in a development state","accessLevel":"Write","resourceTypes":[]},"CreateTypedLinkFacet":{"conditionKeys":[],"resources":[{"name":"appliedSchema"},{"name":"developmentSchema"}],"description":"Grants permission to create a new Typed Link facet in a schema","accessLevel":"Write","resourceTypes":[{"name":"appliedSchema","required":true},{"name":"developmentSchema","required":true}]},"DeleteDirectory":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to delete a directory. Only disabled directories can be deleted","accessLevel":"Write","resourceTypes":[{"name":"directory","required":true}]},"DeleteFacet":{"conditionKeys":[],"resources":[{"name":"developmentSchema"}],"description":"Grants permission to delete a given Facet. All attributes and Rules associated with the facet will be deleted","accessLevel":"Write","resourceTypes":[{"name":"developmentSchema","required":true}]},"DeleteObject":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to delete an object and its associated attributes","accessLevel":"Write","resourceTypes":[{"name":"directory","required":true}]},"DeleteSchema":{"conditionKeys":[],"resources":[{"name":"developmentSchema"},{"name":"publishedSchema"}],"description":"Grants permission to delete a given schema","accessLevel":"Write","resourceTypes":[{"name":"developmentSchema","required":true},{"name":"publishedSchema","required":true}]},"DeleteTypedLinkFacet":{"conditionKeys":[],"resources":[{"name":"developmentSchema"}],"description":"Grants permission to delete a given TypedLink Facet. All attributes and Rules associated with the facet will be deleted","accessLevel":"Write","resourceTypes":[{"name":"developmentSchema","required":true}]},"DetachFromIndex":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to detach the specified object from the specified index","accessLevel":"Write","resourceTypes":[{"name":"directory","required":true}]},"DetachObject":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to detach a given object from the parent object","accessLevel":"Write","resourceTypes":[{"name":"directory","required":true}]},"DetachPolicy":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to detach a policy from an object","accessLevel":"Write","resourceTypes":[{"name":"directory","required":true}]},"DetachTypedLink":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to detach a given typed link b/w given source and target object reference","accessLevel":"Write","resourceTypes":[{"name":"directory","required":true}]},"DisableDirectory":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to disable the specified directory","accessLevel":"Write","resourceTypes":[{"name":"directory","required":true}]},"EnableDirectory":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to enable the specified directory","accessLevel":"Write","resourceTypes":[{"name":"directory","required":true}]},"GetAppliedSchemaVersion":{"conditionKeys":[],"resources":[{"name":"appliedSchema"}],"description":"Grants permission to return current applied schema version ARN, including the minor version in use","accessLevel":"Read","resourceTypes":[{"name":"appliedSchema","required":true}]},"GetDirectory":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to retrieve metadata about a directory","accessLevel":"Read","resourceTypes":[{"name":"directory","required":true}]},"GetFacet":{"conditionKeys":[],"resources":[{"name":"appliedSchema"},{"name":"developmentSchema"},{"name":"publishedSchema"}],"description":"Grants permission to get details of the Facet, such as Facet Name, Attributes, Rules, or ObjectType","accessLevel":"Read","resourceTypes":[{"name":"appliedSchema","required":true},{"name":"developmentSchema","required":true},{"name":"publishedSchema","required":true}]},"GetLinkAttributes":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to retrieve attributes that are associated with a typed link","accessLevel":"Read","resourceTypes":[{"name":"directory","required":true}]},"GetObjectAttributes":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to retrieve attributes within a facet that are associated with an object","accessLevel":"Read","resourceTypes":[{"name":"directory","required":true}]},"GetObjectInformation":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to retrieve metadata about an object","accessLevel":"Read","resourceTypes":[{"name":"directory","required":true}]},"GetSchemaAsJson":{"conditionKeys":[],"resources":[{"name":"appliedSchema"},{"name":"developmentSchema"},{"name":"publishedSchema"}],"description":"Grants permission to retrieve a JSON representation of the schema","accessLevel":"Read","resourceTypes":[{"name":"appliedSchema","required":true},{"name":"developmentSchema","required":true},{"name":"publishedSchema","required":true}]},"GetTypedLinkFacetInformation":{"conditionKeys":[],"resources":[{"name":"appliedSchema"},{"name":"developmentSchema"},{"name":"publishedSchema"}],"description":"Grants permission to return identity attributes order information associated with a given typed link facet","accessLevel":"Read","resourceTypes":[{"name":"appliedSchema","required":true},{"name":"developmentSchema","required":true},{"name":"publishedSchema","required":true}]},"ListAppliedSchemaArns":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to list schemas applied to a directory","accessLevel":"List","resourceTypes":[{"name":"directory","required":true}]},"ListAttachedIndices":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to list indices attached to an object","accessLevel":"Read","resourceTypes":[{"name":"directory","required":true}]},"ListDevelopmentSchemaArns":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve the ARNs of schemas in the development state","accessLevel":"List","resourceTypes":[]},"ListDirectories":{"conditionKeys":[],"resources":[],"description":"Grants permission to list directories created within an account","accessLevel":"List","resourceTypes":[]},"ListFacetAttributes":{"conditionKeys":[],"resources":[{"name":"appliedSchema"},{"name":"developmentSchema"},{"name":"publishedSchema"}],"description":"Grants permission to retrieve attributes attached to the facet","accessLevel":"Read","resourceTypes":[{"name":"appliedSchema","required":true},{"name":"developmentSchema","required":true},{"name":"publishedSchema","required":true}]},"ListFacetNames":{"conditionKeys":[],"resources":[{"name":"appliedSchema"},{"name":"developmentSchema"},{"name":"publishedSchema"}],"description":"Grants permission to retrieve the names of facets that exist in a schema","accessLevel":"Read","resourceTypes":[{"name":"appliedSchema","required":true},{"name":"developmentSchema","required":true},{"name":"publishedSchema","required":true}]},"ListIncomingTypedLinks":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to return a paginated list of all incoming TypedLinks for a given object","accessLevel":"Read","resourceTypes":[{"name":"directory","required":true}]},"ListIndex":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to list objects attached to the specified index","accessLevel":"Read","resourceTypes":[{"name":"directory","required":true}]},"ListManagedSchemaArns":{"conditionKeys":[],"resources":[],"description":"Grants permission to list the major version families of each managed schema. If a major version ARN is provided as SchemaArn, the minor version revisions in that family are listed instead","accessLevel":"List","resourceTypes":[]},"ListObjectAttributes":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to list all attributes associated with an object","accessLevel":"Read","resourceTypes":[{"name":"directory","required":true}]},"ListObjectChildren":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to return a paginated list of child objects associated with a given object","accessLevel":"Read","resourceTypes":[{"name":"directory","required":true}]},"ListObjectParentPaths":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to retrieve all available parent paths for any object type such as node, leaf node, policy node, and index node objects","accessLevel":"Read","resourceTypes":[{"name":"directory","required":true}]},"ListObjectParents":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to list parent objects associated with a given object in pagination fashion","accessLevel":"Read","resourceTypes":[{"name":"directory","required":true}]},"ListObjectPolicies":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to return policies attached to an object in pagination fashion","accessLevel":"Read","resourceTypes":[{"name":"directory","required":true}]},"ListOutgoingTypedLinks":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to return a paginated list of all outgoing TypedLinks for a given object","accessLevel":"Read","resourceTypes":[{"name":"directory","required":true}]},"ListPolicyAttachments":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to return all of the ObjectIdentifiers to which a given policy is attached","accessLevel":"Read","resourceTypes":[{"name":"directory","required":true}]},"ListPublishedSchemaArns":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve published schema ARNs","accessLevel":"List","resourceTypes":[]},"ListTagsForResource":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to return tags for a resource","accessLevel":"Read","resourceTypes":[{"name":"directory","required":true}]},"ListTypedLinkFacetAttributes":{"conditionKeys":[],"resources":[{"name":"appliedSchema"},{"name":"developmentSchema"},{"name":"publishedSchema"}],"description":"Grants permission to return a paginated list of attributes associated with typed link facet","accessLevel":"Read","resourceTypes":[{"name":"appliedSchema","required":true},{"name":"developmentSchema","required":true},{"name":"publishedSchema","required":true}]},"ListTypedLinkFacetNames":{"conditionKeys":[],"resources":[{"name":"appliedSchema"},{"name":"developmentSchema"},{"name":"publishedSchema"}],"description":"Grants permission to return a paginated list of typed link facet names that exist in a schema","accessLevel":"Read","resourceTypes":[{"name":"appliedSchema","required":true},{"name":"developmentSchema","required":true},{"name":"publishedSchema","required":true}]},"LookupPolicy":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to list all policies from the root of the Directory to the object specified","accessLevel":"Read","resourceTypes":[{"name":"directory","required":true}]},"PublishSchema":{"conditionKeys":[],"resources":[{"name":"developmentSchema"}],"description":"Grants permission to publish a development schema with a version","accessLevel":"Write","resourceTypes":[{"name":"developmentSchema","required":true}]},"PutSchemaFromJson":{"conditionKeys":[],"resources":[],"description":"Grants permission to update a schema using JSON upload. Only available for development schemas","accessLevel":"Write","resourceTypes":[]},"RemoveFacetFromObject":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to remove the specified facet from the specified object","accessLevel":"Write","resourceTypes":[{"name":"directory","required":true}]},"TagResource":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to add tags to a resource","accessLevel":"Tagging","resourceTypes":[{"name":"directory","required":true}]},"UntagResource":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to remove tags from a resource","accessLevel":"Tagging","resourceTypes":[{"name":"directory","required":true}]},"UpdateFacet":{"conditionKeys":[],"resources":[{"name":"appliedSchema"},{"name":"developmentSchema"}],"description":"Grants permission to add/update/delete existing Attributes, Rules, or ObjectType of a Facet","accessLevel":"Write","resourceTypes":[{"name":"appliedSchema","required":true},{"name":"developmentSchema","required":true}]},"UpdateLinkAttributes":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to update a given typed link's attributes. Attributes to be updated must not contribute to the typed link's identity, as defined by its IdentityAttributeOrder","accessLevel":"Write","resourceTypes":[{"name":"directory","required":true}]},"UpdateObjectAttributes":{"conditionKeys":[],"resources":[{"name":"directory"}],"description":"Grants permission to update a given object's attributes","accessLevel":"Write","resourceTypes":[{"name":"directory","required":true}]},"UpdateSchema":{"conditionKeys":[],"resources":[{"name":"developmentSchema"}],"description":"Grants permission to update the schema name with a new name","accessLevel":"Write","resourceTypes":[{"name":"developmentSchema","required":true}]},"UpdateTypedLinkFacet":{"conditionKeys":[],"resources":[{"name":"developmentSchema"}],"description":"Grants permission to add/update/delete existing Attributes, Rules, identity attribute order of a TypedLink Facet","accessLevel":"Write","resourceTypes":[{"name":"developmentSchema","required":true}]},"UpgradeAppliedSchema":{"conditionKeys":[],"resources":[{"name":"directory"},{"name":"publishedSchema"}],"description":"Grants permission to upgrade a single directory in-place using the PublishedSchemaArn with schema updates found in MinorVersion. Backwards-compatible minor version upgrades are instantaneously available for readers on all objects in the directory","accessLevel":"Write","resourceTypes":[{"name":"directory","required":true},{"name":"publishedSchema","required":true}]},"UpgradePublishedSchema":{"conditionKeys":[],"resources":[{"name":"developmentSchema"},{"name":"publishedSchema"}],"description":"Grants permission to upgrade a published schema under a new minor version revision using the current contents of DevelopmentSchemaArn","accessLevel":"Write","resourceTypes":[{"name":"developmentSchema","required":true},{"name":"publishedSchema","required":true}]}},"resources":[{"name":"appliedSchema","arnFormats":["arn:${Partition}:clouddirectory:${Region}:${Account}:directory/${DirectoryId}/schema/${SchemaName}/${Version}"],"conditionKeys":[]},{"name":"developmentSchema","arnFormats":["arn:${Partition}:clouddirectory:${Region}:${Account}:schema/development/${SchemaName}"],"conditionKeys":[]},{"name":"directory","arnFormats":["arn:${Partition}:clouddirectory:${Region}:${Account}:directory/${DirectoryId}"],"conditionKeys":[]},{"name":"publishedSchema","arnFormats":["arn:${Partition}:clouddirectory:${Region}:${Account}:schema/published/${SchemaName}/${Version}"],"conditionKeys":[]}],"conditionKeys":{}}

package/src/data/servicereference/services/cloudformation.json

@@ -0,0 +1 @@
+{"name":"cloudformation","actions":{"ActivateOrganizationsAccess":{"conditionKeys":[],"resources":[],"description":"Grants permission to activate trusted access between StackSets and Organizations. With trusted access between StackSets and Organizations activated, the management account has permissions to create and manage StackSets for your organization","accessLevel":"Write","resourceTypes":[]},"ActivateType":{"conditionKeys":[],"resources":[],"description":"Grants permission to activate a public third-party extension, making it available for use in stack templates","accessLevel":"Write","resourceTypes":[]},"BatchDescribeTypeConfigurations":{"conditionKeys":[],"resources":[],"description":"Grants permission to return configuration data for the specified CloudFormation extensions","accessLevel":"Read","resourceTypes":[]},"CancelResourceRequest":{"conditionKeys":[],"resources":[],"description":"Grants permission to cancel resource requests in your account","accessLevel":"Write","resourceTypes":[]},"CancelUpdateStack":{"conditionKeys":[],"resources":[{"name":"stack"}],"description":"Grants permission to cancel an update on the specified stack","accessLevel":"Write","resourceTypes":[{"name":"stack","required":true}]},"ContinueUpdateRollback":{"conditionKeys":["cloudformation:RoleArn"],"resources":[{"name":"stack"}],"description":"Grants permission to continue rolling back a stack that is in the UPDATE_ROLLBACK_FAILED state to the UPDATE_ROLLBACK_COMPLETE state","accessLevel":"Write","resourceTypes":[{"name":"stack","required":true}]},"CreateChangeSet":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys","cloudformation:ChangeSetName","cloudformation:ImportResourceTypes","cloudformation:ResourceTypes","cloudformation:RoleArn","cloudformation:StackPolicyUrl","cloudformation:TemplateUrl"],"resources":[{"name":"stack"}],"description":"Grants permission to create a list of changes for a stack","accessLevel":"Write","resourceTypes":[{"name":"stack","required":true}]},"CreateGeneratedTemplate":{"conditionKeys":[],"resources":[],"description":"Grants permission to create a template from existing resources that are not already managed with CloudFormation","accessLevel":"Write","resourceTypes":[]},"CreateResource":{"conditionKeys":[],"resources":[],"description":"Grants permission to create resources in your account","accessLevel":"Write","resourceTypes":[]},"CreateStack":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys","cloudformation:ResourceTypes","cloudformation:RoleArn","cloudformation:StackPolicyUrl","cloudformation:TemplateUrl"],"resources":[{"name":"stack"}],"description":"Grants permission to create a stack as specified in the template","accessLevel":"Write","resourceTypes":[{"name":"stack","required":true}]},"CreateStackInstances":{"conditionKeys":["aws:TagKeys","cloudformation:TargetRegion"],"resources":[{"name":"stackset"},{"name":"stackset-target"},{"name":"type"}],"description":"Grants permission to create stack instances for the specified accounts, within the specified regions","accessLevel":"Write","resourceTypes":[{"name":"stackset","required":true},{"name":"stackset-target","required":false},{"name":"type","required":false}]},"CreateStackRefactor":{"conditionKeys":[],"resources":[{"name":"stack"}],"description":"Grants permission to create a stack refactor","accessLevel":"Write","resourceTypes":[{"name":"stack","required":true}]},"CreateStackSet":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys","cloudformation:RoleArn","cloudformation:TemplateUrl"],"resources":[],"description":"Grants permission to create a stackset as specified in the template","accessLevel":"Write","resourceTypes":[]},"CreateUploadBucket":{"conditionKeys":[],"resources":[],"description":"Grants permission to upload templates to Amazon S3 buckets. Used only by the AWS CloudFormation console and is not documented in the API reference","accessLevel":"Write","resourceTypes":[],"permissionOnly":true},"DeactivateOrganizationsAccess":{"conditionKeys":[],"resources":[],"description":"Grants permission to deactivate trusted access between StackSets and Organizations. If trusted access is deactivated, the management account does not have permissions to create and manage service-managed StackSets for your organization","accessLevel":"Write","resourceTypes":[]},"DeactivateType":{"conditionKeys":[],"resources":[],"description":"Grants permission to deactivate a public extension that was previously activated in this account and region","accessLevel":"Write","resourceTypes":[]},"DeleteChangeSet":{"conditionKeys":["cloudformation:ChangeSetName"],"resources":[{"name":"stack"}],"description":"Grants permission to delete the specified change set. Deleting change sets ensures that no one executes the wrong change set","accessLevel":"Write","resourceTypes":[{"name":"stack","required":true}]},"DeleteGeneratedTemplate":{"conditionKeys":[],"resources":[],"description":"Grants permission to delete a generated template","accessLevel":"Write","resourceTypes":[]},"DeleteResource":{"conditionKeys":[],"resources":[],"description":"Grants permission to delete resources in your account","accessLevel":"Write","resourceTypes":[]},"DeleteStack":{"conditionKeys":["cloudformation:RoleArn"],"resources":[{"name":"stack"}],"description":"Grants permission to delete a specified stack","accessLevel":"Write","resourceTypes":[{"name":"stack","required":true}]},"DeleteStackInstances":{"conditionKeys":["cloudformation:TargetRegion"],"resources":[{"name":"stackset"},{"name":"stackset-target"},{"name":"type"}],"description":"Grants permission to delete stack instances for the specified accounts, in the specified regions","accessLevel":"Write","resourceTypes":[{"name":"stackset","required":true},{"name":"stackset-target","required":false},{"name":"type","required":false}]},"DeleteStackSet":{"conditionKeys":[],"resources":[{"name":"stackset"}],"description":"Grants permission to delete a specified stackset","accessLevel":"Write","resourceTypes":[{"name":"stackset","required":true}]},"DeregisterType":{"conditionKeys":[],"resources":[],"description":"Grants permission to deregister an existing CloudFormation type or type version","accessLevel":"Write","resourceTypes":[]},"DescribeAccountLimits":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve your account's AWS CloudFormation limits","accessLevel":"Read","resourceTypes":[]},"DescribeChangeSet":{"conditionKeys":["cloudformation:ChangeSetName"],"resources":[{"name":"stack"}],"description":"Grants permission to return the description for the specified change set","accessLevel":"Read","resourceTypes":[{"name":"stack","required":true}]},"DescribeChangeSetHooks":{"conditionKeys":["cloudformation:ChangeSetName"],"resources":[{"name":"stack"}],"description":"Grants permission to return the Hook invocation information for the specified change set","accessLevel":"Read","resourceTypes":[{"name":"stack","required":true}]},"DescribeEvents":{"conditionKeys":[],"resources":[{"name":"changeset"},{"name":"stack"}],"description":"Grants permission to return all related events for a specified operation","accessLevel":"Read","resourceTypes":[{"name":"changeset","required":false},{"name":"stack","required":false}]},"DescribeGeneratedTemplate":{"conditionKeys":[],"resources":[],"description":"Grants permission to describe a generated template. The output includes details about the progress of the creation of a generated template","accessLevel":"Read","resourceTypes":[]},"DescribeOrganizationsAccess":{"conditionKeys":[],"resources":[],"description":"Grants permission to return information about the account's OrganizationAccess status","accessLevel":"Read","resourceTypes":[]},"DescribePublisher":{"conditionKeys":[],"resources":[],"description":"Grants permission to return information about a CloudFormation extension publisher","accessLevel":"Read","resourceTypes":[]},"DescribeResourceScan":{"conditionKeys":[],"resources":[],"description":"Grants permission to describe details of a resource scan","accessLevel":"Read","resourceTypes":[]},"DescribeStackDriftDetectionStatus":{"conditionKeys":[],"resources":[],"description":"Grants permission to return information about a stack drift detection operation","accessLevel":"Read","resourceTypes":[]},"DescribeStackEvents":{"conditionKeys":[],"resources":[{"name":"stack"}],"description":"Grants permission to return all stack related events for a specified stack","accessLevel":"Read","resourceTypes":[{"name":"stack","required":true}]},"DescribeStackInstance":{"conditionKeys":[],"resources":[{"name":"stackset"}],"description":"Grants permission to return the stack instance that's associated with the specified stack set, AWS account, and region","accessLevel":"Read","resourceTypes":[{"name":"stackset","required":true}]},"DescribeStackRefactor":{"conditionKeys":[],"resources":[{"name":"stack"}],"description":"Grants permission to return the description for the specified stack refactor","accessLevel":"Read","resourceTypes":[{"name":"stack","required":true}]},"DescribeStackResource":{"conditionKeys":[],"resources":[{"name":"stack"}],"description":"Grants permission to return a description of the specified resource in the specified stack","accessLevel":"Read","resourceTypes":[{"name":"stack","required":true}]},"DescribeStackResourceDrifts":{"conditionKeys":[],"resources":[{"name":"stack"}],"description":"Grants permission to return drift information for the resources that have been checked for drift in the specified stack","accessLevel":"Read","resourceTypes":[{"name":"stack","required":true}]},"DescribeStackResources":{"conditionKeys":[],"resources":[{"name":"stack"}],"description":"Grants permission to return AWS resource descriptions for running and deleted stacks","accessLevel":"Read","resourceTypes":[{"name":"stack","required":true}]},"DescribeStackSet":{"conditionKeys":[],"resources":[{"name":"stackset"}],"description":"Grants permission to return the description of the specified stack set","accessLevel":"Read","resourceTypes":[{"name":"stackset","required":true}]},"DescribeStackSetOperation":{"conditionKeys":[],"resources":[{"name":"stackset"}],"description":"Grants permission to return the description of the specified stack set operation","accessLevel":"Read","resourceTypes":[{"name":"stackset","required":true}]},"DescribeStacks":{"conditionKeys":[],"resources":[{"name":"stack"}],"description":"Grants permission to return the description for the specified stack, and to all stacks when used in combination with the ListStacks action","accessLevel":"List","resourceTypes":[{"name":"stack","required":false}],"dependentActions":["cloudformation:ListStacks"]},"DescribeType":{"conditionKeys":[],"resources":[],"description":"Grants permission to return information about the CloudFormation type requested","accessLevel":"Read","resourceTypes":[]},"DescribeTypeRegistration":{"conditionKeys":[],"resources":[],"description":"Grants permission to return information about the registration process for a CloudFormation type","accessLevel":"Read","resourceTypes":[]},"DetectStackDrift":{"conditionKeys":[],"resources":[{"name":"stack"}],"description":"Grants permission to detects whether a stack's actual configuration differs, or has drifted, from it's expected configuration, as defined in the stack template and any values specified as template parameters","accessLevel":"Read","resourceTypes":[{"name":"stack","required":true}]},"DetectStackResourceDrift":{"conditionKeys":[],"resources":[{"name":"stack"}],"description":"Grants permission to return information about whether a resource's actual configuration differs, or has drifted, from it's expected configuration, as defined in the stack template and any values specified as template parameters","accessLevel":"Read","resourceTypes":[{"name":"stack","required":true}]},"DetectStackSetDrift":{"conditionKeys":[],"resources":[{"name":"stackset"}],"description":"Grants permission to enable users to detect drift on a stack set and the stack instances that belong to that stack set","accessLevel":"Read","resourceTypes":[{"name":"stackset","required":true}]},"EstimateTemplateCost":{"conditionKeys":["cloudformation:TemplateUrl"],"resources":[],"description":"Grants permission to return the estimated monthly cost of a template","accessLevel":"Read","resourceTypes":[]},"ExecuteChangeSet":{"conditionKeys":["cloudformation:ChangeSetName"],"resources":[{"name":"stack"}],"description":"Grants permission to update a stack using the input information that was provided when the specified change set was created","accessLevel":"Write","resourceTypes":[{"name":"stack","required":true}]},"ExecuteStackRefactor":{"conditionKeys":[],"resources":[{"name":"stack"}],"description":"Grants permission to execute a stack refactor using the input information that was provided when the specified stack refactor was created","accessLevel":"Write","resourceTypes":[{"name":"stack","required":true}]},"GetGeneratedTemplate":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve a generated template","accessLevel":"Read","resourceTypes":[]},"GetHookResult":{"conditionKeys":["cloudformation:TypeArn"],"resources":[],"description":"Grants permission to return detailed information about a specific hook invocation result","accessLevel":"Read","resourceTypes":[],"dependentActions":["kms:Decrypt"]},"GetResource":{"conditionKeys":[],"resources":[],"description":"Grants permission to get resources in your account","accessLevel":"Read","resourceTypes":[]},"GetResourceRequestStatus":{"conditionKeys":[],"resources":[],"description":"Grants permission to get resource requests in your account","accessLevel":"Read","resourceTypes":[]},"GetStackPolicy":{"conditionKeys":[],"resources":[{"name":"stack"}],"description":"Grants permission to return the stack policy for a specified stack","accessLevel":"Read","resourceTypes":[{"name":"stack","required":true}]},"GetTemplate":{"conditionKeys":[],"resources":[{"name":"stack"}],"description":"Grants permission to return the template body for a specified stack","accessLevel":"Read","resourceTypes":[{"name":"stack","required":true}]},"GetTemplateSummary":{"conditionKeys":["cloudformation:TemplateUrl"],"resources":[{"name":"stack"},{"name":"stackset"}],"description":"Grants permission to return information about a new or existing template","accessLevel":"Read","resourceTypes":[{"name":"stack","required":false},{"name":"stackset","required":false}]},"ImportStacksToStackSet":{"conditionKeys":[],"resources":[{"name":"stackset"}],"description":"Grants permission to enable users to import existing stacks to a new or existing stackset","accessLevel":"Write","resourceTypes":[{"name":"stackset","required":true}]},"ListAllHookResults":{"conditionKeys":["cloudformation:TypeArn"],"resources":[],"description":"Grants permission to return Hook invocations result information for a specified Hook, a combination of Hook and status, or all Hooks","accessLevel":"List","resourceTypes":[]},"ListChangeSets":{"conditionKeys":[],"resources":[{"name":"stack"}],"description":"Grants permission to return the ID and status of each active change set for a stack. For example, AWS CloudFormation lists change sets that are in the CREATE_IN_PROGRESS or CREATE_PENDING state","accessLevel":"List","resourceTypes":[{"name":"stack","required":true}]},"ListExports":{"conditionKeys":[],"resources":[],"description":"Grants permission to list all exported output values in the account and region in which you call this action","accessLevel":"List","resourceTypes":[]},"ListGeneratedTemplates":{"conditionKeys":[],"resources":[],"description":"Grants permission to list your generated templates in this Region","accessLevel":"List","resourceTypes":[]},"ListHookResults":{"conditionKeys":["cloudformation:ChangeSetName"],"resources":[{"name":"stack"}],"description":"Grants permission to return Hook invocations result information for the specified target","accessLevel":"List","resourceTypes":[{"name":"stack","required":false}]},"ListImports":{"conditionKeys":[],"resources":[],"description":"Grants permission to list all stacks that are importing an exported output value","accessLevel":"List","resourceTypes":[]},"ListResourceRequests":{"conditionKeys":[],"resources":[],"description":"Grants permission to list resource requests in your account","accessLevel":"Read","resourceTypes":[]},"ListResourceScanRelatedResources":{"conditionKeys":[],"resources":[],"description":"Grants permission to list the related resources for a list of resources from a resource scan. The response indicates whether each returned resource is already managed by CloudFormation","accessLevel":"List","resourceTypes":[]},"ListResourceScanResources":{"conditionKeys":[],"resources":[],"description":"Grants permission to list the resources from a resource scan. The results can be filtered by resource identifier, resource type prefix, tag key, and tag value","accessLevel":"List","resourceTypes":[]},"ListResourceScans":{"conditionKeys":[],"resources":[],"description":"Grants permission to list the resource scans from newest to oldest. By default it will return up to 10 resource scans","accessLevel":"List","resourceTypes":[]},"ListResources":{"conditionKeys":[],"resources":[],"description":"Grants permission to list resources in your account","accessLevel":"Read","resourceTypes":[]},"ListStackInstanceResourceDrifts":{"conditionKeys":[],"resources":[{"name":"stackset"}],"description":"Grants permission to return drift information for the resources that have been checked for drift in the specified stack instance","accessLevel":"List","resourceTypes":[{"name":"stackset","required":true}]},"ListStackInstances":{"conditionKeys":[],"resources":[{"name":"stackset"}],"description":"Grants permission to return summary information about stack instances that are associated with the specified stack set","accessLevel":"List","resourceTypes":[{"name":"stackset","required":true}]},"ListStackRefactorActions":{"conditionKeys":[],"resources":[{"name":"stack"}],"description":"Grants permission to return the list of actions of the specified stack refactor","accessLevel":"List","resourceTypes":[{"name":"stack","required":true}]},"ListStackRefactors":{"conditionKeys":[],"resources":[{"name":"stack"}],"description":"Grants permission to return the ID and status of each active stack refactor","accessLevel":"List","resourceTypes":[{"name":"stack","required":true}]},"ListStackResources":{"conditionKeys":[],"resources":[{"name":"stack"}],"description":"Grants permission to return descriptions of all resources of the specified stack","accessLevel":"List","resourceTypes":[{"name":"stack","required":true}]},"ListStackSetAutoDeploymentTargets":{"conditionKeys":[],"resources":[{"name":"stackset"}],"description":"Grants permission to return summary information about StackSet Auto Deployment Targets","accessLevel":"List","resourceTypes":[{"name":"stackset","required":true}]},"ListStackSetOperationResults":{"conditionKeys":[],"resources":[{"name":"stackset"}],"description":"Grants permission to return summary information about the results of a stack set operation","accessLevel":"List","resourceTypes":[{"name":"stackset","required":true}]},"ListStackSetOperations":{"conditionKeys":[],"resources":[{"name":"stackset"}],"description":"Grants permission to return summary information about operations performed on a stack set","accessLevel":"List","resourceTypes":[{"name":"stackset","required":true}]},"ListStackSets":{"conditionKeys":[],"resources":[],"description":"Grants permission to return summary information about stack sets that are associated with the user","accessLevel":"List","resourceTypes":[]},"ListStacks":{"conditionKeys":[],"resources":[],"description":"Grants permission to return the summary information for stacks whose status matches the specified StackStatusFilter. In combination with the DescribeStacks action, grants permission to list descriptions for stacks","accessLevel":"List","resourceTypes":[]},"ListTypeRegistrations":{"conditionKeys":[],"resources":[],"description":"Grants permission to list CloudFormation type registration attempts","accessLevel":"List","resourceTypes":[]},"ListTypeVersions":{"conditionKeys":[],"resources":[],"description":"Grants permission to list versions of a particular CloudFormation type","accessLevel":"List","resourceTypes":[]},"ListTypes":{"conditionKeys":[],"resources":[],"description":"Grants permission to list available CloudFormation types","accessLevel":"List","resourceTypes":[]},"PublishType":{"conditionKeys":[],"resources":[],"description":"Grants permission to publish the specified extension to the CloudFormation registry as a public extension in this region","accessLevel":"Write","resourceTypes":[]},"RecordHandlerProgress":{"conditionKeys":[],"resources":[{"name":"stack"}],"description":"Grants permission to record the handler progress","accessLevel":"Write","resourceTypes":[{"name":"stack","required":true}]},"RegisterPublisher":{"conditionKeys":[],"resources":[],"description":"Grants permission to register account as a publisher of public extensions in the CloudFormation registry","accessLevel":"Write","resourceTypes":[]},"RegisterType":{"conditionKeys":[],"resources":[],"description":"Grants permission to register a new CloudFormation type","accessLevel":"Write","resourceTypes":[]},"RollbackStack":{"conditionKeys":["cloudformation:RoleArn"],"resources":[{"name":"stack"}],"description":"Grants permission to rollback the stack to the last stable state","accessLevel":"Write","resourceTypes":[{"name":"stack","required":true}]},"SetStackPolicy":{"conditionKeys":["cloudformation:StackPolicyUrl"],"resources":[{"name":"stack"}],"description":"Grants permission to set a stack policy for a specified stack","accessLevel":"Permissions management","resourceTypes":[{"name":"stack","required":true}]},"SetTypeConfiguration":{"conditionKeys":[],"resources":[],"description":"Grants permission to set the configuration data for a registered CloudFormation extension, in the given account and region","accessLevel":"Write","resourceTypes":[]},"SetTypeDefaultVersion":{"conditionKeys":[],"resources":[],"description":"Grants permission to set which version of a CloudFormation type applies to CloudFormation operations","accessLevel":"Write","resourceTypes":[]},"SignalResource":{"conditionKeys":[],"resources":[{"name":"stack"}],"description":"Grants permission to send a signal to the specified resource with a success or failure status","accessLevel":"Write","resourceTypes":[{"name":"stack","required":true}]},"StartResourceScan":{"conditionKeys":[],"resources":[],"description":"Grants permission to start a scan of the resources in this account in this Region","accessLevel":"Write","resourceTypes":[]},"StopStackSetOperation":{"conditionKeys":[],"resources":[{"name":"stackset"}],"description":"Grants permission to stop an in-progress operation on a stack set and its associated stack instances","accessLevel":"Write","resourceTypes":[{"name":"stackset","required":true}]},"TagResource":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys","cloudformation:CreateAction"],"resources":[{"name":"changeset"},{"name":"stack"},{"name":"stackset"}],"description":"Grants permission to tag cloudformation resources","accessLevel":"Tagging","resourceTypes":[{"name":"changeset","required":false},{"name":"stack","required":false},{"name":"stackset","required":false}]},"TestType":{"conditionKeys":[],"resources":[],"description":"Grants permission to test a registered extension to make sure it meets all necessary requirements for being published in the CloudFormation registry","accessLevel":"Write","resourceTypes":[]},"UntagResource":{"conditionKeys":["aws:TagKeys","cloudformation:CreateAction"],"resources":[{"name":"changeset"},{"name":"stack"},{"name":"stackset"}],"description":"Grants permission to untag cloudformation resources","accessLevel":"Tagging","resourceTypes":[{"name":"changeset","required":false},{"name":"stack","required":false},{"name":"stackset","required":false}]},"UpdateGeneratedTemplate":{"conditionKeys":[],"resources":[],"description":"Grants permission to update a generated template. This can be used to change the name, add and remove resources, refresh resources, and change the DeletionPolicy and UpdateReplacePolicy settings","accessLevel":"Write","resourceTypes":[]},"UpdateResource":{"conditionKeys":[],"resources":[],"description":"Grants permission to update resources in your account","accessLevel":"Write","resourceTypes":[]},"UpdateStack":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys","cloudformation:ResourceTypes","cloudformation:RoleArn","cloudformation:StackPolicyUrl","cloudformation:TemplateUrl"],"resources":[{"name":"stack"}],"description":"Grants permission to update a stack as specified in the template","accessLevel":"Write","resourceTypes":[{"name":"stack","required":true}]},"UpdateStackInstances":{"conditionKeys":["cloudformation:TargetRegion"],"resources":[{"name":"stackset"},{"name":"stackset-target"},{"name":"type"}],"description":"Grants permission to update the parameter values for stack instances for the specified accounts, within the specified regions","accessLevel":"Write","resourceTypes":[{"name":"stackset","required":true},{"name":"stackset-target","required":false},{"name":"type","required":false}]},"UpdateStackSet":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys","cloudformation:RoleArn","cloudformation:TargetRegion","cloudformation:TemplateUrl"],"resources":[{"name":"stackset"},{"name":"stackset-target"},{"name":"type"}],"description":"Grants permission to update a stackset as specified in the template","accessLevel":"Write","resourceTypes":[{"name":"stackset","required":true},{"name":"stackset-target","required":false},{"name":"type","required":false}]},"UpdateTerminationProtection":{"conditionKeys":[],"resources":[{"name":"stack"}],"description":"Grants permission to update termination protection for the specified stack","accessLevel":"Write","resourceTypes":[{"name":"stack","required":true}]},"ValidateTemplate":{"conditionKeys":["cloudformation:TemplateUrl"],"resources":[],"description":"Grants permission to validate a specified template","accessLevel":"Read","resourceTypes":[]}},"resources":[{"name":"changeset","arnFormats":["arn:${Partition}:cloudformation:${Region}:${Account}:changeSet/${ChangeSetName}/${Id}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"generatedtemplate","arnFormats":["arn:${Partition}:cloudformation:${Region}:${Account}:generatedTemplate/${Id}"],"conditionKeys":[]},{"name":"resourcescan","arnFormats":["arn:${Partition}:cloudformation:${Region}:${Account}:resourceScan/${Id}"],"conditionKeys":[]},{"name":"stack","arnFormats":["arn:${Partition}:cloudformation:${Region}:${Account}:stack/${StackName}/${Id}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"stackset","arnFormats":["arn:${Partition}:cloudformation:${Region}:${Account}:stackset/${StackSetName}:${Id}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"stackset-target","arnFormats":["arn:${Partition}:cloudformation:${Region}:${Account}:stackset-target/${StackSetTarget}"],"conditionKeys":[]},{"name":"type","arnFormats":["arn:${Partition}:cloudformation:${Region}:${Account}:type/resource/${Type}"],"conditionKeys":[]},{"name":"typeHook","arnFormats":["arn:${Partition}:cloudformation:${Region}:${Account}:type/hook/${Type}"],"conditionKeys":[]}],"conditionKeys":{"aws:RequestTag/${TagKey}":{"types":["String"],"description":"Filters access by the tags that are passed in the request"},"aws:ResourceTag/${TagKey}":{"types":["String"],"description":"Filters access by the tags associated with the resource"},"aws:TagKeys":{"types":["ArrayOfString"],"description":"Filters access by the tag keys that are passed in the request"},"cloudformation:ChangeSetName":{"types":["String"],"description":"Filters access by an AWS CloudFormation change set name. Use to control which change sets IAM users can execute or delete"},"cloudformation:CreateAction":{"types":["String"],"description":"Filters access by the name of a resource-mutating API action. Use to control which APIs IAM users can use to add or remove tags on a stack or stack set"},"cloudformation:ImportResourceTypes":{"types":["String"],"description":"Filters access by the template resource types, such as AWS::EC2::Instance. Use to control which resource types IAM users can work with when they want to import a resource into a stack"},"cloudformation:ResourceTypes":{"types":["ArrayOfString"],"description":"Filters access by the template resource types, such as AWS::EC2::Instance. Use to control which resource types IAM users can work with when they create or update a stack"},"cloudformation:RoleArn":{"types":["ARN"],"description":"Filters access by the ARN of an IAM service role. Use to control which service role IAM users can use to work with stacks or change sets"},"cloudformation:StackPolicyUrl":{"types":["String"],"description":"Filters access by an Amazon S3 stack policy URL. Use to control which stack policies IAM users can associate with a stack during a create or update stack action"},"cloudformation:TargetRegion":{"types":["ArrayOfString"],"description":"Filters access by stack set target region. Use to control which regions IAM users can use when they create or update stack sets"},"cloudformation:TemplateUrl":{"types":["String"],"description":"Filters access by an Amazon S3 template URL. Use to control which templates IAM users can use when they create or update stacks"},"cloudformation:TypeArn":{"types":["ARN"],"description":"Filters access by the ARN of a CloudFormation extension"}}}

package/src/data/servicereference/services/cloudfront-keyvaluestore.json

@@ -0,0 +1 @@
+{"name":"cloudfront-keyvaluestore","actions":{"DeleteKey":{"conditionKeys":[],"resources":[{"name":"key-value-store"}],"description":"Grants permission to delete the key value pair specified by the key","accessLevel":"Write","resourceTypes":[{"name":"key-value-store","required":true}]},"DescribeKeyValueStore":{"conditionKeys":[],"resources":[{"name":"key-value-store"}],"description":"Grants permission to return metadata information about Key Value Store","accessLevel":"Read","resourceTypes":[{"name":"key-value-store","required":true}]},"GetKey":{"conditionKeys":[],"resources":[{"name":"key-value-store"}],"description":"Grants permission to return a key value pair","accessLevel":"Read","resourceTypes":[{"name":"key-value-store","required":true}]},"ListKeys":{"conditionKeys":[],"resources":[{"name":"key-value-store"}],"description":"Grants permission to returns a list of key value pairs","accessLevel":"List","resourceTypes":[{"name":"key-value-store","required":true}]},"PutKey":{"conditionKeys":[],"resources":[{"name":"key-value-store"}],"description":"Grants permission to create a new key value pair or replace the value of an existing key","accessLevel":"Write","resourceTypes":[{"name":"key-value-store","required":true}]},"UpdateKeys":{"conditionKeys":[],"resources":[{"name":"key-value-store"}],"description":"Grants permission to put or delete multiple key value pairs in a single, all-or-nothing operation","accessLevel":"Write","resourceTypes":[{"name":"key-value-store","required":true}]}},"resources":[{"name":"key-value-store","arnFormats":["arn:${Partition}:cloudfront::${Account}:key-value-store/${ResourceId}"],"conditionKeys":[]}],"conditionKeys":{}}

package/src/data/servicereference/services/cloudfront.json

@@ -0,0 +1 @@
+{"name":"cloudfront","actions":{"AllowVendedLogDeliveryForResource":{"conditionKeys":[],"resources":[{"name":"distribution"}],"description":"Grants permission to configure vended log delivery for a distribution","accessLevel":"Permissions management","resourceTypes":[{"name":"distribution","required":false}],"permissionOnly":true},"AssociateAlias":{"conditionKeys":[],"resources":[{"name":"distribution"}],"description":"Grants permission to associate an alias to a CloudFront distribution","accessLevel":"Write","resourceTypes":[{"name":"distribution","required":true}]},"AssociateDistributionTenantWebACL":{"conditionKeys":[],"resources":[{"name":"distribution-tenant"}],"description":"Grants permission to associate a distribution tenant with an AWS WAF web ACL","accessLevel":"Write","resourceTypes":[{"name":"distribution-tenant","required":true}]},"AssociateDistributionWebACL":{"conditionKeys":[],"resources":[{"name":"distribution"}],"description":"Grants permission to associate a distribution with an AWS WAF web ACL","accessLevel":"Write","resourceTypes":[{"name":"distribution","required":true}]},"CopyDistribution":{"conditionKeys":[],"resources":[{"name":"distribution"}],"description":"Grants permission to copy an existing distribution and create a new web distribution","accessLevel":"Write","resourceTypes":[{"name":"distribution","required":true}],"dependentActions":["cloudfront:CopyDistribution","cloudfront:CreateDistribution","cloudfront:GetDistribution"]},"CreateAnycastIpList":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create an Anycast static IP list","accessLevel":"Write","resourceTypes":[]},"CreateCachePolicy":{"conditionKeys":[],"resources":[],"description":"Grants permission to add a new cache policy to CloudFront","accessLevel":"Write","resourceTypes":[]},"CreateCloudFrontOriginAccessIdentity":{"conditionKeys":[],"resources":[],"description":"Grants permission to create a new CloudFront origin access identity","accessLevel":"Write","resourceTypes":[]},"CreateConnectionFunction":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create a connection function","accessLevel":"Write","resourceTypes":[]},"CreateConnectionGroup":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create a connection group","accessLevel":"Write","resourceTypes":[]},"CreateContinuousDeploymentPolicy":{"conditionKeys":[],"resources":[],"description":"Grants permission to add a new continuous-deployment policy to CloudFront","accessLevel":"Write","resourceTypes":[]},"CreateDistribution":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create a new web distribution","accessLevel":"Write","resourceTypes":[],"dependentActions":["cloudfront:CreateConnectionGroup"]},"CreateDistributionTenant":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create a distribution tenant","accessLevel":"Write","resourceTypes":[]},"CreateFieldLevelEncryptionConfig":{"conditionKeys":[],"resources":[],"description":"Grants permission to create a new field-level encryption configuration","accessLevel":"Write","resourceTypes":[]},"CreateFieldLevelEncryptionProfile":{"conditionKeys":[],"resources":[],"description":"Grants permission to create a field-level encryption profile","accessLevel":"Write","resourceTypes":[]},"CreateFunction":{"conditionKeys":[],"resources":[],"description":"Grants permission to create a CloudFront function","accessLevel":"Write","resourceTypes":[]},"CreateInvalidation":{"conditionKeys":[],"resources":[{"name":"distribution"}],"description":"Grants permission to create a new invalidation batch request","accessLevel":"Write","resourceTypes":[{"name":"distribution","required":true}]},"CreateInvalidationForDistributionTenant":{"conditionKeys":[],"resources":[{"name":"distribution-tenant"}],"description":"Grants permission to create an invalidation for a distribution tenant","accessLevel":"Write","resourceTypes":[{"name":"distribution-tenant","required":true}]},"CreateKeyGroup":{"conditionKeys":[],"resources":[],"description":"Grants permission to add a new key group to CloudFront","accessLevel":"Write","resourceTypes":[]},"CreateKeyValueStore":{"conditionKeys":[],"resources":[],"description":"Grants permission to create a CloudFront KeyValueStore","accessLevel":"Write","resourceTypes":[]},"CreateMonitoringSubscription":{"conditionKeys":[],"resources":[],"description":"Grants permission to enable additional CloudWatch metrics for the specified CloudFront distribution. The additional metrics incur an additional cost","accessLevel":"Write","resourceTypes":[]},"CreateOriginAccessControl":{"conditionKeys":[],"resources":[],"description":"Grants permission to create a new origin access control","accessLevel":"Write","resourceTypes":[]},"CreateOriginRequestPolicy":{"conditionKeys":[],"resources":[],"description":"Grants permission to add a new origin request policy to CloudFront","accessLevel":"Write","resourceTypes":[]},"CreatePublicKey":{"conditionKeys":[],"resources":[],"description":"Grants permission to add a new public key to CloudFront","accessLevel":"Write","resourceTypes":[]},"CreateRealtimeLogConfig":{"conditionKeys":[],"resources":[],"description":"Grants permission to create a real-time log configuration","accessLevel":"Write","resourceTypes":[]},"CreateResponseHeadersPolicy":{"conditionKeys":[],"resources":[],"description":"Grants permission to add a new response headers policy to CloudFront","accessLevel":"Write","resourceTypes":[]},"CreateSavingsPlan":{"conditionKeys":[],"resources":[],"description":"Grants permission to create a new savings plan","accessLevel":"Write","resourceTypes":[],"permissionOnly":true},"CreateStreamingDistribution":{"conditionKeys":[],"resources":[],"description":"Grants permission to create a new RTMP distribution","accessLevel":"Write","resourceTypes":[]},"CreateStreamingDistributionWithTags":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create a new RTMP distribution with tags","accessLevel":"Write","resourceTypes":[]},"CreateTrustStore":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create a trust store","accessLevel":"Write","resourceTypes":[]},"CreateVpcOrigin":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create a VPC origin","accessLevel":"Write","resourceTypes":[]},"DeleteAnycastIpList":{"conditionKeys":[],"resources":[{"name":"anycast-ip-list"}],"description":"Grants permission to delete an Anycast static IP list","accessLevel":"Write","resourceTypes":[{"name":"anycast-ip-list","required":true}]},"DeleteCachePolicy":{"conditionKeys":[],"resources":[{"name":"cache-policy"}],"description":"Grants permission to delete a cache policy","accessLevel":"Write","resourceTypes":[{"name":"cache-policy","required":true}]},"DeleteCloudFrontOriginAccessIdentity":{"conditionKeys":[],"resources":[{"name":"origin-access-identity"}],"description":"Grants permission to delete a CloudFront origin access identity","accessLevel":"Write","resourceTypes":[{"name":"origin-access-identity","required":true}]},"DeleteConnectionFunction":{"conditionKeys":[],"resources":[{"name":"connection-function"}],"description":"Grants permission to delete a connection function","accessLevel":"Write","resourceTypes":[{"name":"connection-function","required":true}]},"DeleteConnectionGroup":{"conditionKeys":[],"resources":[{"name":"connection-group"}],"description":"Grants permission to delete a connection group","accessLevel":"Write","resourceTypes":[{"name":"connection-group","required":true}]},"DeleteContinuousDeploymentPolicy":{"conditionKeys":[],"resources":[{"name":"continuous-deployment-policy"}],"description":"Grants permission to delete a continuous-deployment policy","accessLevel":"Write","resourceTypes":[{"name":"continuous-deployment-policy","required":true}]},"DeleteDistribution":{"conditionKeys":[],"resources":[{"name":"distribution"}],"description":"Grants permission to delete a web distribution","accessLevel":"Write","resourceTypes":[{"name":"distribution","required":true}]},"DeleteDistributionTenant":{"conditionKeys":[],"resources":[{"name":"distribution-tenant"}],"description":"Grants permission to delete a distribution tenant","accessLevel":"Write","resourceTypes":[{"name":"distribution-tenant","required":true}]},"DeleteFieldLevelEncryptionConfig":{"conditionKeys":[],"resources":[{"name":"field-level-encryption-config"}],"description":"Grants permission to delete a field-level encryption configuration","accessLevel":"Write","resourceTypes":[{"name":"field-level-encryption-config","required":true}]},"DeleteFieldLevelEncryptionProfile":{"conditionKeys":[],"resources":[{"name":"field-level-encryption-profile"}],"description":"Grants permission to delete a field-level encryption profile","accessLevel":"Write","resourceTypes":[{"name":"field-level-encryption-profile","required":true}]},"DeleteFunction":{"conditionKeys":[],"resources":[{"name":"function"}],"description":"Grants permission to delete a CloudFront function","accessLevel":"Write","resourceTypes":[{"name":"function","required":true}]},"DeleteKeyGroup":{"conditionKeys":[],"resources":[],"description":"Grants permission to delete a key group","accessLevel":"Write","resourceTypes":[]},"DeleteKeyValueStore":{"conditionKeys":[],"resources":[{"name":"key-value-store"}],"description":"Grants permission to delete a CloudFront KeyValueStore","accessLevel":"Write","resourceTypes":[{"name":"key-value-store","required":true}]},"DeleteMonitoringSubscription":{"conditionKeys":[],"resources":[],"description":"Grants permission to disable additional CloudWatch metrics for the specified CloudFront distribution","accessLevel":"Write","resourceTypes":[]},"DeleteOriginAccessControl":{"conditionKeys":[],"resources":[{"name":"origin-access-control"}],"description":"Grants permission to delete an origin access control","accessLevel":"Write","resourceTypes":[{"name":"origin-access-control","required":true}]},"DeleteOriginRequestPolicy":{"conditionKeys":[],"resources":[{"name":"origin-request-policy"}],"description":"Grants permission to delete an origin request policy","accessLevel":"Write","resourceTypes":[{"name":"origin-request-policy","required":true}]},"DeletePublicKey":{"conditionKeys":[],"resources":[],"description":"Grants permission to delete a public key from CloudFront","accessLevel":"Write","resourceTypes":[]},"DeleteRealtimeLogConfig":{"conditionKeys":[],"resources":[{"name":"realtime-log-config"}],"description":"Grants permission to delete a real-time log configuration","accessLevel":"Write","resourceTypes":[{"name":"realtime-log-config","required":true}]},"DeleteResourcePolicy":{"conditionKeys":[],"resources":[{"name":"vpcorigin"}],"description":"Grants permission to delete a resource's policy document","accessLevel":"Write","resourceTypes":[{"name":"vpcorigin","required":false}]},"DeleteResponseHeadersPolicy":{"conditionKeys":[],"resources":[{"name":"response-headers-policy"}],"description":"Grants permission to delete a response headers policy","accessLevel":"Write","resourceTypes":[{"name":"response-headers-policy","required":true}]},"DeleteStreamingDistribution":{"conditionKeys":[],"resources":[{"name":"streaming-distribution"}],"description":"Grants permission to delete an RTMP distribution","accessLevel":"Write","resourceTypes":[{"name":"streaming-distribution","required":true}]},"DeleteTrustStore":{"conditionKeys":[],"resources":[{"name":"trust-store"}],"description":"Grants permission to delete a trust store","accessLevel":"Write","resourceTypes":[{"name":"trust-store","required":true}]},"DeleteVpcOrigin":{"conditionKeys":[],"resources":[{"name":"vpcorigin"}],"description":"Grants permission to delete a VPC origin","accessLevel":"Write","resourceTypes":[{"name":"vpcorigin","required":true}]},"DescribeConnectionFunction":{"conditionKeys":[],"resources":[{"name":"connection-function"}],"description":"Grants permission to get a connection function summary","accessLevel":"Read","resourceTypes":[{"name":"connection-function","required":true}]},"DescribeFunction":{"conditionKeys":[],"resources":[{"name":"function"}],"description":"Grants permission to get a CloudFront function summary","accessLevel":"Read","resourceTypes":[{"name":"function","required":true}]},"DescribeKeyValueStore":{"conditionKeys":[],"resources":[{"name":"key-value-store"}],"description":"Grants permission to get a CloudFront KeyValueStore summary","accessLevel":"Read","resourceTypes":[{"name":"key-value-store","required":true}]},"DisassociateDistributionTenantWebACL":{"conditionKeys":[],"resources":[{"name":"distribution-tenant"}],"description":"Grants permission to disassociate a distribution tenant from an AWS WAF web ACL","accessLevel":"Write","resourceTypes":[{"name":"distribution-tenant","required":true}]},"DisassociateDistributionWebACL":{"conditionKeys":[],"resources":[{"name":"distribution"}],"description":"Grants permission to disassociate a distribution from an AWS WAF web ACL","accessLevel":"Write","resourceTypes":[{"name":"distribution","required":true}]},"GetAnycastIpList":{"conditionKeys":[],"resources":[{"name":"anycast-ip-list"}],"description":"Grants permission to get an Anycast static IP list","accessLevel":"Read","resourceTypes":[{"name":"anycast-ip-list","required":true}]},"GetCachePolicy":{"conditionKeys":[],"resources":[{"name":"cache-policy"}],"description":"Grants permission to get the cache policy","accessLevel":"Read","resourceTypes":[{"name":"cache-policy","required":true}]},"GetCachePolicyConfig":{"conditionKeys":[],"resources":[{"name":"cache-policy"}],"description":"Grants permission to get the cache policy configuration","accessLevel":"Read","resourceTypes":[{"name":"cache-policy","required":true}]},"GetCloudFrontOriginAccessIdentity":{"conditionKeys":[],"resources":[{"name":"origin-access-identity"}],"description":"Grants permission to get the information about a CloudFront origin access identity","accessLevel":"Read","resourceTypes":[{"name":"origin-access-identity","required":true}]},"GetCloudFrontOriginAccessIdentityConfig":{"conditionKeys":[],"resources":[{"name":"origin-access-identity"}],"description":"Grants permission to get the configuration information about a Cloudfront origin access identity","accessLevel":"Read","resourceTypes":[{"name":"origin-access-identity","required":true}]},"GetConnectionFunction":{"conditionKeys":[],"resources":[{"name":"connection-function"}],"description":"Grants permission to get a connection function's code","accessLevel":"Read","resourceTypes":[{"name":"connection-function","required":true}]},"GetConnectionGroup":{"conditionKeys":[],"resources":[{"name":"connection-group"}],"description":"Grants permission to get information about a connection group","accessLevel":"Read","resourceTypes":[{"name":"connection-group","required":true}]},"GetConnectionGroupByRoutingEndpoint":{"conditionKeys":[],"resources":[{"name":"connection-group"}],"description":"Grants permission to get information about a connection group by the specified routing endpoint","accessLevel":"Read","resourceTypes":[{"name":"connection-group","required":true}]},"GetContinuousDeploymentPolicy":{"conditionKeys":[],"resources":[{"name":"continuous-deployment-policy"}],"description":"Grants permission to get the continuous-deployment policy","accessLevel":"Read","resourceTypes":[{"name":"continuous-deployment-policy","required":true}]},"GetContinuousDeploymentPolicyConfig":{"conditionKeys":[],"resources":[{"name":"continuous-deployment-policy"}],"description":"Grants permission to get the continuous-deployment policy configuration","accessLevel":"Read","resourceTypes":[{"name":"continuous-deployment-policy","required":true}]},"GetDistribution":{"conditionKeys":[],"resources":[{"name":"distribution"}],"description":"Grants permission to get the information about a web distribution","accessLevel":"Read","resourceTypes":[{"name":"distribution","required":true}]},"GetDistributionConfig":{"conditionKeys":[],"resources":[{"name":"distribution"}],"description":"Grants permission to get the configuration information about a distribution","accessLevel":"Read","resourceTypes":[{"name":"distribution","required":true}]},"GetDistributionTenant":{"conditionKeys":[],"resources":[{"name":"distribution-tenant"}],"description":"Grants permission to get information about a distribution tenant","accessLevel":"Read","resourceTypes":[{"name":"distribution-tenant","required":true}]},"GetDistributionTenantByDomain":{"conditionKeys":[],"resources":[{"name":"distribution-tenant"}],"description":"Grants permission to get information about a distribution tenant by the associated domain","accessLevel":"Read","resourceTypes":[{"name":"distribution-tenant","required":true}]},"GetFieldLevelEncryption":{"conditionKeys":[],"resources":[{"name":"field-level-encryption-config"}],"description":"Grants permission to get the field-level encryption configuration information","accessLevel":"Read","resourceTypes":[{"name":"field-level-encryption-config","required":true}]},"GetFieldLevelEncryptionConfig":{"conditionKeys":[],"resources":[{"name":"field-level-encryption-config"}],"description":"Grants permission to get the field-level encryption configuration information","accessLevel":"Read","resourceTypes":[{"name":"field-level-encryption-config","required":true}]},"GetFieldLevelEncryptionProfile":{"conditionKeys":[],"resources":[{"name":"field-level-encryption-profile"}],"description":"Grants permission to get the field-level encryption configuration information","accessLevel":"Read","resourceTypes":[{"name":"field-level-encryption-profile","required":true}]},"GetFieldLevelEncryptionProfileConfig":{"conditionKeys":[],"resources":[{"name":"field-level-encryption-profile"}],"description":"Grants permission to get the field-level encryption profile configuration information","accessLevel":"Read","resourceTypes":[{"name":"field-level-encryption-profile","required":true}]},"GetFunction":{"conditionKeys":[],"resources":[{"name":"function"}],"description":"Grants permission to get a CloudFront function's code","accessLevel":"Read","resourceTypes":[{"name":"function","required":true}]},"GetInvalidation":{"conditionKeys":[],"resources":[{"name":"distribution"}],"description":"Grants permission to get the information about an invalidation","accessLevel":"Read","resourceTypes":[{"name":"distribution","required":true}]},"GetInvalidationForDistributionTenant":{"conditionKeys":[],"resources":[{"name":"distribution-tenant"}],"description":"Grants permission to get information about an invalidation for a distribution tenant","accessLevel":"Read","resourceTypes":[{"name":"distribution-tenant","required":true}]},"GetKeyGroup":{"conditionKeys":[],"resources":[],"description":"Grants permission to get a key group","accessLevel":"Read","resourceTypes":[]},"GetKeyGroupConfig":{"conditionKeys":[],"resources":[],"description":"Grants permission to get a key group configuration","accessLevel":"Read","resourceTypes":[]},"GetManagedCertificateDetails":{"conditionKeys":[],"resources":[{"name":"distribution-tenant"}],"description":"Grants permission to get details about a CloudFront managed certificate","accessLevel":"Read","resourceTypes":[{"name":"distribution-tenant","required":true}]},"GetMonitoringSubscription":{"conditionKeys":[],"resources":[],"description":"Grants permission to get information about whether additional CloudWatch metrics are enabled for the specified CloudFront distribution","accessLevel":"Read","resourceTypes":[]},"GetOriginAccessControl":{"conditionKeys":[],"resources":[{"name":"origin-access-control"}],"description":"Grants permission to get the origin access control","accessLevel":"Read","resourceTypes":[{"name":"origin-access-control","required":true}]},"GetOriginAccessControlConfig":{"conditionKeys":[],"resources":[{"name":"origin-access-control"}],"description":"Grants permission to get the origin access control configuration","accessLevel":"Read","resourceTypes":[{"name":"origin-access-control","required":true}]},"GetOriginRequestPolicy":{"conditionKeys":[],"resources":[{"name":"origin-request-policy"}],"description":"Grants permission to get the origin request policy","accessLevel":"Read","resourceTypes":[{"name":"origin-request-policy","required":true}]},"GetOriginRequestPolicyConfig":{"conditionKeys":[],"resources":[{"name":"origin-request-policy"}],"description":"Grants permission to get the origin request policy configuration","accessLevel":"Read","resourceTypes":[{"name":"origin-request-policy","required":true}]},"GetPublicKey":{"conditionKeys":[],"resources":[],"description":"Grants permission to get the public key information","accessLevel":"Read","resourceTypes":[]},"GetPublicKeyConfig":{"conditionKeys":[],"resources":[],"description":"Grants permission to get the public key configuration information","accessLevel":"Read","resourceTypes":[]},"GetRealtimeLogConfig":{"conditionKeys":[],"resources":[{"name":"realtime-log-config"}],"description":"Grants permission to get a real-time log configuration","accessLevel":"Read","resourceTypes":[{"name":"realtime-log-config","required":true}]},"GetResourcePolicy":{"conditionKeys":[],"resources":[{"name":"vpcorigin"}],"description":"Grants permission to get the information about a resource's policy document","accessLevel":"Read","resourceTypes":[{"name":"vpcorigin","required":false}]},"GetResponseHeadersPolicy":{"conditionKeys":[],"resources":[{"name":"response-headers-policy"}],"description":"Grants permission to get the response headers policy","accessLevel":"Read","resourceTypes":[{"name":"response-headers-policy","required":true}]},"GetResponseHeadersPolicyConfig":{"conditionKeys":[],"resources":[{"name":"response-headers-policy"}],"description":"Grants permission to get the response headers policy configuration","accessLevel":"Read","resourceTypes":[{"name":"response-headers-policy","required":true}]},"GetSavingsPlan":{"conditionKeys":[],"resources":[],"description":"Grants permission to get a savings plan","accessLevel":"Read","resourceTypes":[],"permissionOnly":true},"GetStreamingDistribution":{"conditionKeys":[],"resources":[{"name":"streaming-distribution"}],"description":"Grants permission to get the information about an RTMP distribution","accessLevel":"Read","resourceTypes":[{"name":"streaming-distribution","required":true}]},"GetStreamingDistributionConfig":{"conditionKeys":[],"resources":[{"name":"streaming-distribution"}],"description":"Grants permission to get the configuration information about a streaming distribution","accessLevel":"Read","resourceTypes":[{"name":"streaming-distribution","required":true}]},"GetTrustStore":{"conditionKeys":[],"resources":[{"name":"trust-store"}],"description":"Grants permission to get information about a trust store","accessLevel":"Read","resourceTypes":[{"name":"trust-store","required":true}]},"GetVpcOrigin":{"conditionKeys":[],"resources":[{"name":"vpcorigin"}],"description":"Grants permission to get the information about a VPC origin","accessLevel":"Read","resourceTypes":[{"name":"vpcorigin","required":true}]},"ListAnycastIpLists":{"conditionKeys":[],"resources":[],"description":"Grants permission to list your Anycast static IP lists","accessLevel":"List","resourceTypes":[]},"ListCachePolicies":{"conditionKeys":[],"resources":[],"description":"Grants permission to list all cache policies that have been created in CloudFront for this account","accessLevel":"List","resourceTypes":[]},"ListCloudFrontOriginAccessIdentities":{"conditionKeys":[],"resources":[],"description":"Grants permission to list your CloudFront origin access identities","accessLevel":"List","resourceTypes":[]},"ListConflictingAliases":{"conditionKeys":[],"resources":[{"name":"distribution"}],"description":"Grants permission to list all aliases that conflict with the given alias in CloudFront","accessLevel":"List","resourceTypes":[{"name":"distribution","required":true}]},"ListConnectionFunctions":{"conditionKeys":[],"resources":[],"description":"Grants permission to list the connection functions in your AWS account","accessLevel":"List","resourceTypes":[]},"ListConnectionGroups":{"conditionKeys":[],"resources":[],"description":"Grants permission to list the connection groups in your AWS account","accessLevel":"List","resourceTypes":[]},"ListContinuousDeploymentPolicies":{"conditionKeys":[],"resources":[],"description":"Grants permission to list all continuous-deployment policies in the account","accessLevel":"List","resourceTypes":[]},"ListDistributionTenants":{"conditionKeys":[],"resources":[],"description":"Grants permission to list the distribution tenants in your AWS account","accessLevel":"List","resourceTypes":[]},"ListDistributionTenantsByCustomization":{"conditionKeys":[],"resources":[],"description":"Grants permission to list the distribution tenants by the customization that you specify","accessLevel":"List","resourceTypes":[]},"ListDistributions":{"conditionKeys":[],"resources":[],"description":"Grants permission to list the distributions associated with your AWS account","accessLevel":"List","resourceTypes":[]},"ListDistributionsByAnycastIpListId":{"conditionKeys":[],"resources":[],"description":"Grants permission to list the distributions in your account that are associated with the specified AnycastIpListId","accessLevel":"List","resourceTypes":[]},"ListDistributionsByCachePolicyId":{"conditionKeys":[],"resources":[],"description":"Grants permission to list distribution IDs for distributions that have a cache behavior that's associated with the specified cache policy","accessLevel":"List","resourceTypes":[]},"ListDistributionsByConnectionFunction":{"conditionKeys":[],"resources":[{"name":"connection-function"}],"description":"Grants permission to list summaries for distributions associated with the specified connection function","accessLevel":"List","resourceTypes":[{"name":"connection-function","required":true}]},"ListDistributionsByConnectionMode":{"conditionKeys":[],"resources":[],"description":"Grants permission to list the distributions by the specified connection mode","accessLevel":"List","resourceTypes":[]},"ListDistributionsByKeyGroup":{"conditionKeys":[],"resources":[],"description":"Grants permission to list distribution IDs for distributions that have a cache behavior that's associated with the specified key group","accessLevel":"List","resourceTypes":[]},"ListDistributionsByLambdaFunction":{"conditionKeys":[],"resources":[],"description":"Grants permission to list the distributions associated a Lambda function","accessLevel":"List","resourceTypes":[],"permissionOnly":true},"ListDistributionsByOriginRequestPolicyId":{"conditionKeys":[],"resources":[],"description":"Grants permission to list distribution IDs for distributions that have a cache behavior that's associated with the specified origin request policy","accessLevel":"List","resourceTypes":[]},"ListDistributionsByRealtimeLogConfig":{"conditionKeys":[],"resources":[],"description":"Grants permission to get a list of distributions that have a cache behavior that's associated with the specified real-time log configuration","accessLevel":"List","resourceTypes":[]},"ListDistributionsByResponseHeadersPolicyId":{"conditionKeys":[],"resources":[],"description":"Grants permission to list distribution IDs for distributions that have a cache behavior that's associated with the specified response headers policy","accessLevel":"List","resourceTypes":[]},"ListDistributionsByTrustStore":{"conditionKeys":[],"resources":[{"name":"trust-store"}],"description":"Grants permission to list summaries for distributions associated with the specified trust store","accessLevel":"List","resourceTypes":[{"name":"trust-store","required":true}]},"ListDistributionsByVpcOriginId":{"conditionKeys":[],"resources":[],"description":"Grants permission to list IDs for distributions associated with the specified VPC origin","accessLevel":"List","resourceTypes":[]},"ListDistributionsByWebACLId":{"conditionKeys":[],"resources":[],"description":"Grants permission to list the distributions associated with your AWS account with given AWS WAF web ACL","accessLevel":"List","resourceTypes":[]},"ListDomainConflicts":{"conditionKeys":[],"resources":[{"name":"distribution"},{"name":"distribution-tenant"}],"description":"Grants permission to list domain conflicts for a specified domain","accessLevel":"List","resourceTypes":[{"name":"distribution","required":false},{"name":"distribution-tenant","required":false}]},"ListFieldLevelEncryptionConfigs":{"conditionKeys":[],"resources":[],"description":"Grants permission to list all field-level encryption configurations that have been created in CloudFront for this account","accessLevel":"List","resourceTypes":[]},"ListFieldLevelEncryptionProfiles":{"conditionKeys":[],"resources":[],"description":"Grants permission to list all field-level encryption profiles that have been created in CloudFront for this account","accessLevel":"List","resourceTypes":[]},"ListFunctions":{"conditionKeys":[],"resources":[],"description":"Grants permission to get a list of CloudFront functions","accessLevel":"List","resourceTypes":[]},"ListInvalidations":{"conditionKeys":[],"resources":[{"name":"distribution"}],"description":"Grants permission to list your invalidation batches","accessLevel":"List","resourceTypes":[{"name":"distribution","required":true}]},"ListInvalidationsForDistributionTenant":{"conditionKeys":[],"resources":[{"name":"distribution-tenant"}],"description":"Grants permission to list the invalidations for a distribution tenant","accessLevel":"List","resourceTypes":[{"name":"distribution-tenant","required":true}]},"ListKeyGroups":{"conditionKeys":[],"resources":[],"description":"Grants permission to list all key groups that have been created in CloudFront for this account","accessLevel":"List","resourceTypes":[]},"ListKeyValueStores":{"conditionKeys":[],"resources":[],"description":"Grants permission to get a list of CloudFront KeyValueStores","accessLevel":"List","resourceTypes":[]},"ListOriginAccessControls":{"conditionKeys":[],"resources":[],"description":"Grants permission to list all origin access controls in the account","accessLevel":"List","resourceTypes":[]},"ListOriginRequestPolicies":{"conditionKeys":[],"resources":[],"description":"Grants permission to list all origin request policies that have been created in CloudFront for this account","accessLevel":"List","resourceTypes":[]},"ListPublicKeys":{"conditionKeys":[],"resources":[],"description":"Grants permission to list all public keys that have been added to CloudFront for this account","accessLevel":"List","resourceTypes":[]},"ListRateCards":{"conditionKeys":[],"resources":[],"description":"Grants permission to list CloudFront rate cards for the account","accessLevel":"List","resourceTypes":[],"permissionOnly":true},"ListRealtimeLogConfigs":{"conditionKeys":[],"resources":[],"description":"Grants permission to get a list of real-time log configurations","accessLevel":"List","resourceTypes":[]},"ListResponseHeadersPolicies":{"conditionKeys":[],"resources":[],"description":"Grants permission to list all response headers policies that have been created in CloudFront for this account","accessLevel":"List","resourceTypes":[]},"ListSavingsPlans":{"conditionKeys":[],"resources":[],"description":"Grants permission to list savings plans in the account","accessLevel":"List","resourceTypes":[],"permissionOnly":true},"ListStreamingDistributions":{"conditionKeys":[],"resources":[],"description":"Grants permission to list your RTMP distributions","accessLevel":"List","resourceTypes":[]},"ListTagsForResource":{"conditionKeys":[],"resources":[{"name":"anycast-ip-list"},{"name":"connection-function"},{"name":"connection-group"},{"name":"distribution"},{"name":"distribution-tenant"},{"name":"trust-store"},{"name":"vpcorigin"}],"description":"Grants permission to list tags for a CloudFront resource","accessLevel":"Read","resourceTypes":[{"name":"anycast-ip-list","required":false},{"name":"connection-function","required":false},{"name":"connection-group","required":false},{"name":"distribution","required":false},{"name":"distribution-tenant","required":false},{"name":"trust-store","required":false},{"name":"vpcorigin","required":false}]},"ListTrustStores":{"conditionKeys":[],"resources":[],"description":"Grants permission to list the trust stores in your AWS account","accessLevel":"List","resourceTypes":[]},"ListUsages":{"conditionKeys":[],"resources":[],"description":"Grants permission to list CloudFront usage","accessLevel":"List","resourceTypes":[],"permissionOnly":true},"ListVpcOrigins":{"conditionKeys":[],"resources":[],"description":"Grants permission to list VPC origins","accessLevel":"List","resourceTypes":[]},"PublishConnectionFunction":{"conditionKeys":[],"resources":[{"name":"connection-function"}],"description":"Grants permission to publish a connection function","accessLevel":"Write","resourceTypes":[{"name":"connection-function","required":true}]},"PublishFunction":{"conditionKeys":[],"resources":[{"name":"function"}],"description":"Grants permission to publish a CloudFront function","accessLevel":"Write","resourceTypes":[{"name":"function","required":true}]},"PutResourcePolicy":{"conditionKeys":[],"resources":[{"name":"vpcorigin"}],"description":"Grants permission to update or create a resource's policy document","accessLevel":"Write","resourceTypes":[{"name":"vpcorigin","required":false}]},"TagResource":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"anycast-ip-list"},{"name":"connection-function"},{"name":"connection-group"},{"name":"distribution"},{"name":"distribution-tenant"},{"name":"streaming-distribution"},{"name":"trust-store"},{"name":"vpcorigin"}],"description":"Grants permission to add tags to a CloudFront resource","accessLevel":"Tagging","resourceTypes":[{"name":"anycast-ip-list","required":false},{"name":"connection-function","required":false},{"name":"connection-group","required":false},{"name":"distribution","required":false},{"name":"distribution-tenant","required":false},{"name":"streaming-distribution","required":false},{"name":"trust-store","required":false},{"name":"vpcorigin","required":false}]},"TestConnectionFunction":{"conditionKeys":[],"resources":[{"name":"connection-function"}],"description":"Grants permission to test a connection function","accessLevel":"Write","resourceTypes":[{"name":"connection-function","required":true}]},"TestFunction":{"conditionKeys":[],"resources":[{"name":"function"}],"description":"Grants permission to test a CloudFront function","accessLevel":"Write","resourceTypes":[{"name":"function","required":true}]},"UntagResource":{"conditionKeys":["aws:TagKeys"],"resources":[{"name":"anycast-ip-list"},{"name":"connection-function"},{"name":"connection-group"},{"name":"distribution"},{"name":"distribution-tenant"},{"name":"streaming-distribution"},{"name":"trust-store"},{"name":"vpcorigin"}],"description":"Grants permission to remove tags from a CloudFront resource","accessLevel":"Tagging","resourceTypes":[{"name":"anycast-ip-list","required":false},{"name":"connection-function","required":false},{"name":"connection-group","required":false},{"name":"distribution","required":false},{"name":"distribution-tenant","required":false},{"name":"streaming-distribution","required":false},{"name":"trust-store","required":false},{"name":"vpcorigin","required":false}]},"UpdateAnycastIpList":{"conditionKeys":[],"resources":[{"name":"anycast-ip-list"}],"description":"Grants permission to update an Anycast static IP list","accessLevel":"Write","resourceTypes":[{"name":"anycast-ip-list","required":true}]},"UpdateCachePolicy":{"conditionKeys":[],"resources":[{"name":"cache-policy"}],"description":"Grants permission to update a cache policy","accessLevel":"Write","resourceTypes":[{"name":"cache-policy","required":true}]},"UpdateCloudFrontOriginAccessIdentity":{"conditionKeys":[],"resources":[{"name":"origin-access-identity"}],"description":"Grants permission to set the configuration for a CloudFront origin access identity","accessLevel":"Write","resourceTypes":[{"name":"origin-access-identity","required":true}]},"UpdateConnectionFunction":{"conditionKeys":[],"resources":[{"name":"connection-function"}],"description":"Grants permission to update a connection function","accessLevel":"Write","resourceTypes":[{"name":"connection-function","required":true}]},"UpdateConnectionGroup":{"conditionKeys":[],"resources":[{"name":"connection-group"}],"description":"Grants permission to update a connection group","accessLevel":"Write","resourceTypes":[{"name":"connection-group","required":true}]},"UpdateContinuousDeploymentPolicy":{"conditionKeys":[],"resources":[{"name":"continuous-deployment-policy"}],"description":"Grants permission to update a continuous-deployment policy","accessLevel":"Write","resourceTypes":[{"name":"continuous-deployment-policy","required":true}]},"UpdateDistribution":{"conditionKeys":[],"resources":[{"name":"distribution"}],"description":"Grants permission to update the configuration for a web distribution","accessLevel":"Write","resourceTypes":[{"name":"distribution","required":true}]},"UpdateDistributionTenant":{"conditionKeys":[],"resources":[{"name":"distribution-tenant"}],"description":"Grants permission to update a distribution tenant","accessLevel":"Write","resourceTypes":[{"name":"distribution-tenant","required":true}]},"UpdateDistributionWithStagingConfig":{"conditionKeys":[],"resources":[{"name":"distribution"}],"description":"Grants permission to copy the configuration from a staging web distribution to its corresponding primary web distribution","accessLevel":"Write","resourceTypes":[{"name":"distribution","required":true}]},"UpdateDomainAssociation":{"conditionKeys":[],"resources":[{"name":"distribution"},{"name":"distribution-tenant"}],"description":"Grants permission to update a domain association","accessLevel":"Write","resourceTypes":[{"name":"distribution","required":false},{"name":"distribution-tenant","required":false}]},"UpdateFieldLevelEncryptionConfig":{"conditionKeys":[],"resources":[],"description":"Grants permission to update a field-level encryption configuration","accessLevel":"Write","resourceTypes":[]},"UpdateFieldLevelEncryptionProfile":{"conditionKeys":[],"resources":[{"name":"field-level-encryption-profile"}],"description":"Grants permission to update a field-level encryption profile","accessLevel":"Write","resourceTypes":[{"name":"field-level-encryption-profile","required":true}]},"UpdateFunction":{"conditionKeys":[],"resources":[{"name":"function"}],"description":"Grants permission to update a CloudFront function","accessLevel":"Write","resourceTypes":[{"name":"function","required":true}]},"UpdateKeyGroup":{"conditionKeys":[],"resources":[],"description":"Grants permission to update a key group","accessLevel":"Write","resourceTypes":[]},"UpdateKeyValueStore":{"conditionKeys":[],"resources":[{"name":"key-value-store"}],"description":"Grants permission to update a CloudFront KeyValueStore","accessLevel":"Write","resourceTypes":[{"name":"key-value-store","required":true}]},"UpdateOriginAccessControl":{"conditionKeys":[],"resources":[{"name":"origin-access-control"}],"description":"Grants permission to update an origin access control","accessLevel":"Write","resourceTypes":[{"name":"origin-access-control","required":true}]},"UpdateOriginRequestPolicy":{"conditionKeys":[],"resources":[{"name":"origin-request-policy"}],"description":"Grants permission to update an origin request policy","accessLevel":"Write","resourceTypes":[{"name":"origin-request-policy","required":true}]},"UpdatePublicKey":{"conditionKeys":[],"resources":[],"description":"Grants permission to update public key information","accessLevel":"Write","resourceTypes":[]},"UpdateRealtimeLogConfig":{"conditionKeys":[],"resources":[{"name":"realtime-log-config"}],"description":"Grants permission to update a real-time log configuration","accessLevel":"Write","resourceTypes":[{"name":"realtime-log-config","required":true}]},"UpdateResponseHeadersPolicy":{"conditionKeys":[],"resources":[{"name":"response-headers-policy"}],"description":"Grants permission to update a response headers policy","accessLevel":"Write","resourceTypes":[{"name":"response-headers-policy","required":true}]},"UpdateSavingsPlan":{"conditionKeys":[],"resources":[],"description":"Grants permission to update a savings plan","accessLevel":"Write","resourceTypes":[],"permissionOnly":true},"UpdateStreamingDistribution":{"conditionKeys":[],"resources":[{"name":"streaming-distribution"}],"description":"Grants permission to update the configuration for an RTMP distribution","accessLevel":"Write","resourceTypes":[{"name":"streaming-distribution","required":true}]},"UpdateTrustStore":{"conditionKeys":[],"resources":[{"name":"trust-store"}],"description":"Grants permission to update a trust store","accessLevel":"Write","resourceTypes":[{"name":"trust-store","required":true}]},"UpdateVpcOrigin":{"conditionKeys":[],"resources":[{"name":"vpcorigin"}],"description":"Grants permission to update a VPC origin","accessLevel":"Write","resourceTypes":[{"name":"vpcorigin","required":true}]},"VerifyDnsConfiguration":{"conditionKeys":[],"resources":[{"name":"distribution-tenant"}],"description":"Grants permission to verify the DNS configuration for a specified domain","accessLevel":"Read","resourceTypes":[{"name":"distribution-tenant","required":false}]}},"resources":[{"name":"anycast-ip-list","arnFormats":["arn:${Partition}:cloudfront::${Account}:anycast-ip-list/${Id}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"cache-policy","arnFormats":["arn:${Partition}:cloudfront::${Account}:cache-policy/${Id}"],"conditionKeys":[]},{"name":"connection-function","arnFormats":["arn:${Partition}:cloudfront::${Account}:connection-function/${Id}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"connection-group","arnFormats":["arn:${Partition}:cloudfront::${Account}:connection-group/${Id}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"continuous-deployment-policy","arnFormats":["arn:${Partition}:cloudfront::${Account}:continuous-deployment-policy/${Id}"],"conditionKeys":[]},{"name":"distribution","arnFormats":["arn:${Partition}:cloudfront::${Account}:distribution/${DistributionId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"distribution-tenant","arnFormats":["arn:${Partition}:cloudfront::${Account}:distribution-tenant/${Id}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"field-level-encryption-config","arnFormats":["arn:${Partition}:cloudfront::${Account}:field-level-encryption-config/${Id}"],"conditionKeys":[]},{"name":"field-level-encryption-profile","arnFormats":["arn:${Partition}:cloudfront::${Account}:field-level-encryption-profile/${Id}"],"conditionKeys":[]},{"name":"function","arnFormats":["arn:${Partition}:cloudfront::${Account}:function/${Name}"],"conditionKeys":[]},{"name":"key-value-store","arnFormats":["arn:${Partition}:cloudfront::${Account}:key-value-store/${Name}"],"conditionKeys":[]},{"name":"origin-access-control","arnFormats":["arn:${Partition}:cloudfront::${Account}:origin-access-control/${Id}"],"conditionKeys":[]},{"name":"origin-access-identity","arnFormats":["arn:${Partition}:cloudfront::${Account}:origin-access-identity/${Id}"],"conditionKeys":[]},{"name":"origin-request-policy","arnFormats":["arn:${Partition}:cloudfront::${Account}:origin-request-policy/${Id}"],"conditionKeys":[]},{"name":"realtime-log-config","arnFormats":["arn:${Partition}:cloudfront::${Account}:realtime-log-config/${Name}"],"conditionKeys":[]},{"name":"response-headers-policy","arnFormats":["arn:${Partition}:cloudfront::${Account}:response-headers-policy/${Id}"],"conditionKeys":[]},{"name":"streaming-distribution","arnFormats":["arn:${Partition}:cloudfront::${Account}:streaming-distribution/${DistributionId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"trust-store","arnFormats":["arn:${Partition}:cloudfront::${Account}:trust-store/${Id}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"vpcorigin","arnFormats":["arn:${Partition}:cloudfront::${Account}:vpcorigin/${Id}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]}],"conditionKeys":{"aws:RequestTag/${TagKey}":{"types":["String"],"description":"Filters access by the presence of tag key-value pairs in the request"},"aws:ResourceTag/${TagKey}":{"types":["String"],"description":"Filters access by tag key-value pairs attached to the resource"},"aws:TagKeys":{"types":["ArrayOfString"],"description":"Filters access by the presence of tag keys in the request"}}}

package/src/data/servicereference/services/cloudhsm.json

@@ -0,0 +1 @@
+{"name":"cloudhsm","actions":{"CopyBackupToRegion":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"backup"}],"description":"Grants permission to create a copy of a backup in the specified region","accessLevel":"Write","resourceTypes":[{"name":"backup","required":true}],"dependentActions":["cloudhsm:CopyBackupToRegion","cloudhsm:TagResource","cloudhsm:UntagResource"]},"CreateCluster":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"backup"}],"description":"Grants permission to create a new AWS CloudHSM cluster","accessLevel":"Write","resourceTypes":[{"name":"backup","required":false}],"dependentActions":["cloudhsm:TagResource","ec2:AuthorizeSecurityGroupEgress","ec2:AuthorizeSecurityGroupIngress","ec2:CreateSecurityGroup","ec2:DescribeSecurityGroups","ec2:DescribeSubnets","ec2:RevokeSecurityGroupEgress","iam:CreateServiceLinkedRole"]},"CreateHsm":{"conditionKeys":[],"resources":[{"name":"cluster"}],"description":"Grants permission to create a new hardware security module (HSM) in the specified AWS CloudHSM cluster","accessLevel":"Write","resourceTypes":[{"name":"cluster","required":true}],"dependentActions":["ec2:AuthorizeSecurityGroupEgress","ec2:AuthorizeSecurityGroupIngress","ec2:CreateNetworkInterface","ec2:CreateSecurityGroup","ec2:DeleteNetworkInterface","ec2:DescribeNetworkInterfaces","ec2:DescribeSecurityGroups","ec2:DescribeSubnets","ec2:RevokeSecurityGroupEgress"]},"DeleteBackup":{"conditionKeys":[],"resources":[{"name":"backup"}],"description":"Grants permission to delete the specified CloudHSM backup","accessLevel":"Write","resourceTypes":[{"name":"backup","required":true}]},"DeleteCluster":{"conditionKeys":[],"resources":[{"name":"cluster"}],"description":"Grants permission to delete the specified AWS CloudHSM cluster","accessLevel":"Write","resourceTypes":[{"name":"cluster","required":true}],"dependentActions":["ec2:DeleteNetworkInterface","ec2:DeleteSecurityGroup"]},"DeleteHsm":{"conditionKeys":[],"resources":[],"description":"Grants permission to delete the specified HSM","accessLevel":"Write","resourceTypes":[],"dependentActions":["ec2:DeleteNetworkInterface"]},"DeleteResourcePolicy":{"conditionKeys":[],"resources":[{"name":"backup"}],"description":"Grants permission to delete the policy attached to CloudHSM resources","accessLevel":"Write","resourceTypes":[{"name":"backup","required":true}]},"DescribeBackups":{"conditionKeys":[],"resources":[],"description":"Grants permission to get information about backups of AWS CloudHSM clusters","accessLevel":"Read","resourceTypes":[]},"DescribeClusters":{"conditionKeys":[],"resources":[],"description":"Grants permission to get information about AWS CloudHSM clusters","accessLevel":"Read","resourceTypes":[]},"GetResourcePolicy":{"conditionKeys":[],"resources":[{"name":"backup"}],"description":"Grants permission to get information about the policy attached to a AWS CloudHSM resource","accessLevel":"Read","resourceTypes":[{"name":"backup","required":true}]},"InitializeCluster":{"conditionKeys":[],"resources":[{"name":"cluster"}],"description":"Grants permission to claim an AWS CloudHSM cluster","accessLevel":"Write","resourceTypes":[{"name":"cluster","required":true}]},"ListTags":{"conditionKeys":[],"resources":[{"name":"backup"},{"name":"cluster"}],"description":"Grants permission to get a list of tags for the specified AWS CloudHSM cluster","accessLevel":"Read","resourceTypes":[{"name":"backup","required":false},{"name":"cluster","required":false}]},"ModifyBackupAttributes":{"conditionKeys":[],"resources":[{"name":"backup"}],"description":"Grants permission to modify attributes for an AWS CloudHSM backup","accessLevel":"Write","resourceTypes":[{"name":"backup","required":true}]},"ModifyCluster":{"conditionKeys":[],"resources":[{"name":"cluster"}],"description":"Grants permission to modify AWS CloudHSM cluster","accessLevel":"Write","resourceTypes":[{"name":"cluster","required":true}],"dependentActions":["ec2:DescribeSubnets"]},"PutResourcePolicy":{"conditionKeys":[],"resources":[{"name":"backup"}],"description":"Grants permission to attach a policy to an AWS CloudHSM resource","accessLevel":"Write","resourceTypes":[{"name":"backup","required":true}]},"RestoreBackup":{"conditionKeys":[],"resources":[{"name":"backup"}],"description":"Grants permission to restore the specified CloudHSM backup","accessLevel":"Write","resourceTypes":[{"name":"backup","required":true}]},"TagResource":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"backup"},{"name":"cluster"}],"description":"Grants permission to add or overwrite one or more tags for the specified AWS CloudHSM cluster","accessLevel":"Tagging","resourceTypes":[{"name":"backup","required":false},{"name":"cluster","required":false}]},"UntagResource":{"conditionKeys":["aws:TagKeys"],"resources":[{"name":"backup"},{"name":"cluster"}],"description":"Grants permission to remove the specified tag or tags from the specified AWS CloudHSM cluster","accessLevel":"Tagging","resourceTypes":[{"name":"backup","required":false},{"name":"cluster","required":false}]}},"resources":[{"name":"backup","arnFormats":["arn:${Partition}:cloudhsm:${Region}:${Account}:backup/${CloudHsmBackupInstanceName}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"cluster","arnFormats":["arn:${Partition}:cloudhsm:${Region}:${Account}:cluster/${CloudHsmClusterInstanceName}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]}],"conditionKeys":{"aws:RequestTag/${TagKey}":{"types":["String"],"description":"Filters access by the presence of tag key-value pairs in the request"},"aws:ResourceTag/${TagKey}":{"types":["String"],"description":"Filters access by tag key-value pairs attached to the resource"},"aws:TagKeys":{"types":["ArrayOfString"],"description":"Filters access by the presence of tag keys in the request"}}}

package/src/data/servicereference/services/cloudsearch.json

@@ -0,0 +1 @@
+{"name":"cloudsearch","actions":{"AddTags":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Attaches resource tags to an Amazon CloudSearch domain","accessLevel":"Tagging","resourceTypes":[{"name":"domain","required":true}]},"BuildSuggesters":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Indexes the search suggestions","accessLevel":"Write","resourceTypes":[{"name":"domain","required":true}]},"CreateDomain":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Creates a new search domain","accessLevel":"Write","resourceTypes":[{"name":"domain","required":true}]},"DefineAnalysisScheme":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Configures an analysis scheme that can be applied to a text or text-array field to define language-specific text processing options","accessLevel":"Write","resourceTypes":[{"name":"domain","required":true}]},"DefineExpression":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Configures an Expression for the search domain","accessLevel":"Write","resourceTypes":[{"name":"domain","required":true}]},"DefineIndexField":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Configures an IndexField for the search domain","accessLevel":"Write","resourceTypes":[{"name":"domain","required":true}]},"DefineSuggester":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Configures a suggester for a domain","accessLevel":"Write","resourceTypes":[{"name":"domain","required":true}]},"DeleteAnalysisScheme":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Deletes an analysis scheme","accessLevel":"Write","resourceTypes":[{"name":"domain","required":true}]},"DeleteDomain":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Permanently deletes a search domain and all of its data","accessLevel":"Write","resourceTypes":[{"name":"domain","required":true}]},"DeleteExpression":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Removes an Expression from the search domain","accessLevel":"Write","resourceTypes":[{"name":"domain","required":true}]},"DeleteIndexField":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Removes an IndexField from the search domain","accessLevel":"Write","resourceTypes":[{"name":"domain","required":true}]},"DeleteSuggester":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Deletes a suggester","accessLevel":"Write","resourceTypes":[{"name":"domain","required":true}]},"DescribeAnalysisSchemes":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Gets the analysis schemes configured for a domain","accessLevel":"Read","resourceTypes":[{"name":"domain","required":true}]},"DescribeAvailabilityOptions":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Gets the availability options configured for a domain","accessLevel":"Read","resourceTypes":[{"name":"domain","required":true}]},"DescribeDomainEndpointOptions":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Gets the domain endpoint options configured for a domain","accessLevel":"Read","resourceTypes":[{"name":"domain","required":true}]},"DescribeDomains":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Gets information about the search domains owned by this account","accessLevel":"List","resourceTypes":[{"name":"domain","required":true}]},"DescribeExpressions":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Gets the expressions configured for the search domain","accessLevel":"Read","resourceTypes":[{"name":"domain","required":true}]},"DescribeIndexFields":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Gets information about the index fields configured for the search domain","accessLevel":"Read","resourceTypes":[{"name":"domain","required":true}]},"DescribeScalingParameters":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Gets the scaling parameters configured for a domain","accessLevel":"Read","resourceTypes":[{"name":"domain","required":true}]},"DescribeServiceAccessPolicies":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Gets information about the access policies that control access to the domain's document and search endpoints","accessLevel":"Read","resourceTypes":[{"name":"domain","required":true}]},"DescribeSuggesters":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Gets the suggesters configured for a domain","accessLevel":"Read","resourceTypes":[{"name":"domain","required":true}]},"IndexDocuments":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Tells the search domain to start indexing its documents using the latest indexing options","accessLevel":"Write","resourceTypes":[{"name":"domain","required":true}]},"ListDomainNames":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Lists all search domains owned by an account","accessLevel":"List","resourceTypes":[{"name":"domain","required":true}]},"ListTags":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Displays all of the resource tags for an Amazon CloudSearch domain","accessLevel":"Read","resourceTypes":[{"name":"domain","required":true}]},"RemoveTags":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Removes the specified resource tags from an Amazon ES domain","accessLevel":"Tagging","resourceTypes":[{"name":"domain","required":true}]},"UpdateAvailabilityOptions":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Configures the availability options for a domain","accessLevel":"Write","resourceTypes":[{"name":"domain","required":true}]},"UpdateDomainEndpointOptions":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Configures the domain endpoint options for a domain","accessLevel":"Write","resourceTypes":[{"name":"domain","required":true}]},"UpdateScalingParameters":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Configures scaling parameters for a domain","accessLevel":"Write","resourceTypes":[{"name":"domain","required":true}]},"UpdateServiceAccessPolicies":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Configures the access rules that control access to the domain's document and search endpoints","accessLevel":"Permissions management","resourceTypes":[{"name":"domain","required":true}]},"document":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Allows access to the document service operations","accessLevel":"Write","resourceTypes":[{"name":"domain","required":false}],"permissionOnly":true},"search":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Allows access to the search operations","accessLevel":"Read","resourceTypes":[{"name":"domain","required":false}],"permissionOnly":true},"suggest":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Allows access to the suggest operations","accessLevel":"Read","resourceTypes":[{"name":"domain","required":false}],"permissionOnly":true}},"resources":[{"name":"domain","arnFormats":["arn:${Partition}:cloudsearch:${Region}:${Account}:domain/${DomainName}"],"conditionKeys":[]}],"conditionKeys":{}}

package/src/data/servicereference/services/cloudshell.json

@@ -0,0 +1 @@
+{"name":"cloudshell","actions":{"ApproveCommand":{"conditionKeys":[],"resources":[{"name":"Environment"}],"description":"Grants permission to approve a command sent by another AWS service","accessLevel":"Read","resourceTypes":[{"name":"Environment","required":true}],"permissionOnly":true},"CreateEnvironment":{"conditionKeys":["cloudshell:SecurityGroupIds","cloudshell:SubnetIds","cloudshell:VpcIds"],"resources":[],"description":"Grants permissions to create a CloudShell environment","accessLevel":"Write","resourceTypes":[],"permissionOnly":true},"CreateSession":{"conditionKeys":[],"resources":[{"name":"Environment"}],"description":"Grants permissions to connect to a CloudShell environment from the AWS Management Console","accessLevel":"Write","resourceTypes":[{"name":"Environment","required":true}],"permissionOnly":true},"DeleteEnvironment":{"conditionKeys":[],"resources":[{"name":"Environment"}],"description":"Grants permission to delete a CloudShell environment","accessLevel":"Write","resourceTypes":[{"name":"Environment","required":true}],"permissionOnly":true},"DescribeEnvironments":{"conditionKeys":[],"resources":[],"description":"Grants permission to return descriptions of existing user's environments","accessLevel":"List","resourceTypes":[],"permissionOnly":true},"GetEnvironmentStatus":{"conditionKeys":[],"resources":[{"name":"Environment"}],"description":"Grants permission to read a CloudShell environment status","accessLevel":"Read","resourceTypes":[{"name":"Environment","required":true}],"permissionOnly":true},"GetFileDownloadUrls":{"conditionKeys":[],"resources":[{"name":"Environment"}],"description":"Grants permissions to download files from a CloudShell environment","accessLevel":"Write","resourceTypes":[{"name":"Environment","required":true}],"permissionOnly":true},"GetFileUploadUrls":{"conditionKeys":[],"resources":[{"name":"Environment"}],"description":"Grants permissions to upload files to a CloudShell environment","accessLevel":"Write","resourceTypes":[{"name":"Environment","required":true}],"permissionOnly":true},"PutCredentials":{"conditionKeys":[],"resources":[{"name":"Environment"}],"description":"Grants permissions to forward console credentials to the environment","accessLevel":"Write","resourceTypes":[{"name":"Environment","required":true}],"permissionOnly":true},"StartEnvironment":{"conditionKeys":[],"resources":[{"name":"Environment"}],"description":"Grants permission to start a stopped CloudShell environment","accessLevel":"Write","resourceTypes":[{"name":"Environment","required":true}],"permissionOnly":true},"StopEnvironment":{"conditionKeys":[],"resources":[{"name":"Environment"}],"description":"Grants permission to stop a running CloudShell environment","accessLevel":"Write","resourceTypes":[{"name":"Environment","required":true}],"permissionOnly":true}},"resources":[{"name":"Environment","arnFormats":["arn:${Partition}:cloudshell:${Region}:${Account}:environment/${EnvironmentId}"],"conditionKeys":[]}],"conditionKeys":{"cloudshell:SecurityGroupIds":{"types":["ArrayOfString"],"description":"Filters access by security group ids. Available during CreateEnvironment operation"},"cloudshell:SubnetIds":{"types":["ArrayOfString"],"description":"Filters access by subnet ids. Available during CreateEnvironment operation"},"cloudshell:VpcIds":{"types":["ArrayOfString"],"description":"Filters access by vpc ids. Available during CreateEnvironment operation"}}}

package/src/data/servicereference/services/cloudtrail-data.json

@@ -0,0 +1 @@
+{"name":"cloudtrail-data","actions":{"PutAuditEvents":{"conditionKeys":[],"resources":[{"name":"channel"}],"description":"Grants permission to ingest your application events into CloudTrail Lake","accessLevel":"Write","resourceTypes":[{"name":"channel","required":true}]}},"resources":[{"name":"channel","arnFormats":["arn:${Partition}:cloudtrail:${Region}:${Account}:channel/${ChannelId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]}],"conditionKeys":{"aws:RequestTag/${TagKey}":{"types":["String"],"description":"Filters access by a tag's key and value in a request"},"aws:ResourceTag/${TagKey}":{"types":["String"],"description":"Filters actions based on the presence of tag key-value pairs in the request"},"aws:TagKeys":{"types":["ArrayOfString"],"description":"Filters access by the tag keys in a request"}}}

package/src/data/servicereference/services/cloudtrail.json

@@ -0,0 +1 @@
+{"name":"cloudtrail","actions":{"AddTags":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"channel"},{"name":"dashboard"},{"name":"eventdatastore"},{"name":"trail"}],"description":"Grants permission to add one or more tags to a trail, event data store, channel or dashboard, up to a limit of 50","accessLevel":"Tagging","resourceTypes":[{"name":"channel","required":false},{"name":"dashboard","required":false},{"name":"eventdatastore","required":false},{"name":"trail","required":false}]},"CancelQuery":{"conditionKeys":[],"resources":[{"name":"eventdatastore"}],"description":"Grants permission to cancel a running query","accessLevel":"Write","resourceTypes":[{"name":"eventdatastore","required":true}]},"CreateChannel":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"channel"},{"name":"eventdatastore"}],"description":"Grants permission to create a channel","accessLevel":"Write","resourceTypes":[{"name":"channel","required":true},{"name":"eventdatastore","required":true}],"dependentActions":["cloudtrail:AddTags"]},"CreateDashboard":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"dashboard"}],"description":"Grants permission to create a dashboard","accessLevel":"Write","resourceTypes":[{"name":"dashboard","required":true}],"dependentActions":["cloudtrail:AddTags","cloudtrail:StartDashboardRefresh","cloudtrail:StartQuery"]},"CreateEventDataStore":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"eventdatastore"}],"description":"Grants permission to create an event data store","accessLevel":"Write","resourceTypes":[{"name":"eventdatastore","required":true}],"dependentActions":["cloudtrail:AddTags","iam:CreateServiceLinkedRole","iam:GetRole","kms:Decrypt","kms:GenerateDataKey","organizations:ListAWSServiceAccessForOrganization"]},"CreateServiceLinkedChannel":{"conditionKeys":[],"resources":[{"name":"channel"}],"description":"Grants permission to create a service-linked channel that specifies the settings for delivery of log data to an AWS service","accessLevel":"Write","resourceTypes":[{"name":"channel","required":true}],"permissionOnly":true},"CreateTrail":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"trail"}],"description":"Grants permission to create a trail that specifies the settings for delivery of log data to an Amazon S3 bucket","accessLevel":"Write","resourceTypes":[{"name":"trail","required":true}],"dependentActions":["cloudtrail:AddTags","iam:CreateServiceLinkedRole","iam:GetRole","organizations:ListAWSServiceAccessForOrganization"]},"DeleteChannel":{"conditionKeys":[],"resources":[{"name":"channel"}],"description":"Grants permission to delete a channel","accessLevel":"Write","resourceTypes":[{"name":"channel","required":true}]},"DeleteDashboard":{"conditionKeys":[],"resources":[{"name":"dashboard"}],"description":"Grants permission to delete a dashboard","accessLevel":"Write","resourceTypes":[{"name":"dashboard","required":true}]},"DeleteEventDataStore":{"conditionKeys":[],"resources":[{"name":"eventdatastore"}],"description":"Grants permission to delete an event data store","accessLevel":"Write","resourceTypes":[{"name":"eventdatastore","required":true}]},"DeleteResourcePolicy":{"conditionKeys":[],"resources":[{"name":"channel"},{"name":"dashboard"},{"name":"eventdatastore"}],"description":"Grants permission to delete a resource policy from the provided resource","accessLevel":"Write","resourceTypes":[{"name":"channel","required":false},{"name":"dashboard","required":false},{"name":"eventdatastore","required":false}]},"DeleteServiceLinkedChannel":{"conditionKeys":[],"resources":[{"name":"channel"}],"description":"Grants permission to delete a service-linked channel","accessLevel":"Write","resourceTypes":[{"name":"channel","required":true}],"permissionOnly":true},"DeleteTrail":{"conditionKeys":[],"resources":[{"name":"trail"}],"description":"Grants permission to delete a trail","accessLevel":"Write","resourceTypes":[{"name":"trail","required":true}]},"DeregisterOrganizationDelegatedAdmin":{"conditionKeys":[],"resources":[],"description":"Grants permission to deregister an AWS Organizations member account as a delegated administrator","accessLevel":"Write","resourceTypes":[],"dependentActions":["organizations:DeregisterDelegatedAdministrator","organizations:ListAWSServiceAccessForOrganization"]},"DescribeQuery":{"conditionKeys":[],"resources":[{"name":"eventdatastore"}],"description":"Grants permission to list details for the query","accessLevel":"Read","resourceTypes":[{"name":"eventdatastore","required":true}]},"DescribeTrails":{"conditionKeys":[],"resources":[],"description":"Grants permission to list settings for the trails associated with the current region for your account","accessLevel":"Read","resourceTypes":[]},"DisableFederation":{"conditionKeys":[],"resources":[{"name":"eventdatastore"}],"description":"Grants permission to disable federation of event data store data by using the AWS Glue Data Catalog","accessLevel":"Write","resourceTypes":[{"name":"eventdatastore","required":true}],"dependentActions":["glue:DeleteDatabase","glue:DeleteTable","glue:PassConnection","lakeformation:DeregisterResource","lakeformation:RegisterResource"]},"EnableFederation":{"conditionKeys":[],"resources":[{"name":"eventdatastore"}],"description":"Grants permission to enable federation of event data store data by using the AWS Glue Data Catalog","accessLevel":"Write","resourceTypes":[{"name":"eventdatastore","required":true}],"dependentActions":["glue:CreateDatabase","glue:CreateTable","iam:GetRole","iam:PassRole","lakeformation:DeregisterResource","lakeformation:RegisterResource"]},"GenerateQuery":{"conditionKeys":[],"resources":[{"name":"eventdatastore"}],"description":"Grants permission to generate a query for a specified event data store using the CloudTrail Lake query generator","accessLevel":"Write","resourceTypes":[{"name":"eventdatastore","required":true}]},"GenerateQueryResultsSummary":{"conditionKeys":[],"resources":[{"name":"eventdatastore"}],"description":"Grants permission to generate a results summary for specified queries using the CloudTrail natural language generator","accessLevel":"Read","resourceTypes":[{"name":"eventdatastore","required":true}],"dependentActions":["cloudtrail:GetQueryResults","kms:Decrypt","kms:GenerateDataKey"],"permissionOnly":true},"GetChannel":{"conditionKeys":[],"resources":[{"name":"channel"}],"description":"Grants permission to return information about a specific channel","accessLevel":"Read","resourceTypes":[{"name":"channel","required":true}]},"GetDashboard":{"conditionKeys":[],"resources":[{"name":"dashboard"}],"description":"Grants permission to list settings for the dashboard","accessLevel":"Read","resourceTypes":[{"name":"dashboard","required":true}]},"GetEventConfiguration":{"conditionKeys":[],"resources":[{"name":"eventdatastore"},{"name":"trail"}],"description":"Grants permission to list event configurations that are configured for a trail or an event data store","accessLevel":"Read","resourceTypes":[{"name":"eventdatastore","required":false},{"name":"trail","required":false}]},"GetEventDataStore":{"conditionKeys":[],"resources":[{"name":"eventdatastore"}],"description":"Grants permission to list settings for the event data store","accessLevel":"Read","resourceTypes":[{"name":"eventdatastore","required":true}]},"GetEventDataStoreData":{"conditionKeys":[],"resources":[{"name":"eventdatastore"}],"description":"Grants permission to get data from an event data store by using the AWS Glue Data Catalog","accessLevel":"Read","resourceTypes":[{"name":"eventdatastore","required":true}],"dependentActions":["kms:Decrypt","kms:GenerateDataKey"]},"GetEventSelectors":{"conditionKeys":[],"resources":[{"name":"trail"}],"description":"Grants permission to list settings for event selectors configured for a trail","accessLevel":"Read","resourceTypes":[{"name":"trail","required":true}]},"GetImport":{"conditionKeys":[],"resources":[],"description":"Grants permission to return information about a specific import","accessLevel":"Read","resourceTypes":[]},"GetInsightSelectors":{"conditionKeys":[],"resources":[{"name":"eventdatastore"},{"name":"trail"}],"description":"Grants permission to list CloudTrail Insights selectors that are configured for a trail or event data store","accessLevel":"Read","resourceTypes":[{"name":"eventdatastore","required":false},{"name":"trail","required":false}]},"GetQueryResults":{"conditionKeys":[],"resources":[{"name":"eventdatastore"}],"description":"Grants permission to fetch results of a complete query","accessLevel":"Read","resourceTypes":[{"name":"eventdatastore","required":true}],"dependentActions":["kms:Decrypt","kms:GenerateDataKey"]},"GetResourcePolicy":{"conditionKeys":[],"resources":[{"name":"channel"},{"name":"dashboard"},{"name":"eventdatastore"}],"description":"Grants permission to get the resource policy attached to the provided resource","accessLevel":"Read","resourceTypes":[{"name":"channel","required":false},{"name":"dashboard","required":false},{"name":"eventdatastore","required":false}]},"GetServiceLinkedChannel":{"conditionKeys":[],"resources":[{"name":"channel"}],"description":"Grants permission to list settings for the service-linked channel","accessLevel":"Read","resourceTypes":[{"name":"channel","required":true}],"permissionOnly":true},"GetTrail":{"conditionKeys":[],"resources":[{"name":"trail"}],"description":"Grants permission to list settings for the trail","accessLevel":"Read","resourceTypes":[{"name":"trail","required":true}]},"GetTrailStatus":{"conditionKeys":[],"resources":[{"name":"trail"}],"description":"Grants permission to retrieve a JSON-formatted list of information about the specified trail","accessLevel":"Read","resourceTypes":[{"name":"trail","required":true}]},"ListChannels":{"conditionKeys":[],"resources":[],"description":"Grants permission to list the channels in the current account, and their source names","accessLevel":"List","resourceTypes":[]},"ListDashboards":{"conditionKeys":[],"resources":[],"description":"Grants permission to list dashboards associated with the current region for your account","accessLevel":"List","resourceTypes":[]},"ListEventDataStores":{"conditionKeys":[],"resources":[],"description":"Grants permission to list event data stores associated with the current region for your account","accessLevel":"List","resourceTypes":[]},"ListImportFailures":{"conditionKeys":[],"resources":[],"description":"Grants permission to return a list of failures for the specified import","accessLevel":"Read","resourceTypes":[]},"ListImports":{"conditionKeys":[],"resources":[],"description":"Grants permission to return information on all imports, or a select set of imports by ImportStatus or Destination","accessLevel":"List","resourceTypes":[]},"ListInsightsData":{"conditionKeys":[],"resources":[{"name":"trail"}],"description":"Grants permission to retrieve data captured by CloudTrail Insights","accessLevel":"List","resourceTypes":[{"name":"trail","required":true}]},"ListPublicKeys":{"conditionKeys":[],"resources":[],"description":"Grants permission to list the public keys whose private keys were used to sign trail digest files within a specified time range","accessLevel":"Read","resourceTypes":[]},"ListQueries":{"conditionKeys":[],"resources":[{"name":"eventdatastore"}],"description":"Grants permission to list queries associated with an event data store","accessLevel":"List","resourceTypes":[{"name":"eventdatastore","required":true}]},"ListServiceLinkedChannels":{"conditionKeys":[],"resources":[],"description":"Grants permission to list service-linked channels associated with the current region for a specified account","accessLevel":"List","resourceTypes":[],"permissionOnly":true},"ListTags":{"conditionKeys":[],"resources":[{"name":"channel"},{"name":"dashboard"},{"name":"eventdatastore"},{"name":"trail"}],"description":"Grants permission to list the tags for trails, event data stores, channels or dashboards in the current region","accessLevel":"Read","resourceTypes":[{"name":"channel","required":false},{"name":"dashboard","required":false},{"name":"eventdatastore","required":false},{"name":"trail","required":false}]},"ListTrails":{"conditionKeys":[],"resources":[],"description":"Grants permission to list trails associated with the current region for your account","accessLevel":"List","resourceTypes":[]},"LookupEvents":{"conditionKeys":[],"resources":[],"description":"Grants permission to look up and retrieve metric data for API activity events captured by CloudTrail that create, update, or delete resources in your account","accessLevel":"Read","resourceTypes":[]},"PutEventConfiguration":{"conditionKeys":[],"resources":[{"name":"eventdatastore"},{"name":"trail"}],"description":"Grants permission to create and update event configurations for a trail or an event data store","accessLevel":"Write","resourceTypes":[{"name":"eventdatastore","required":false},{"name":"trail","required":false}],"dependentActions":["iam:CreateServiceLinkedRole","iam:GetRole"]},"PutEventSelectors":{"conditionKeys":[],"resources":[{"name":"trail"}],"description":"Grants permission to create and update event selectors for a trail","accessLevel":"Write","resourceTypes":[{"name":"trail","required":true}]},"PutInsightSelectors":{"conditionKeys":[],"resources":[{"name":"eventdatastore"},{"name":"trail"}],"description":"Grants permission to create and update CloudTrail Insights selectors for a trail or event data store","accessLevel":"Write","resourceTypes":[{"name":"eventdatastore","required":false},{"name":"trail","required":false}]},"PutResourcePolicy":{"conditionKeys":[],"resources":[{"name":"channel"},{"name":"dashboard"},{"name":"eventdatastore"}],"description":"Grants permission to attach a resource policy to the provided resource","accessLevel":"Write","resourceTypes":[{"name":"channel","required":false},{"name":"dashboard","required":false},{"name":"eventdatastore","required":false}]},"RegisterOrganizationDelegatedAdmin":{"conditionKeys":[],"resources":[],"description":"Grants permission to register an AWS Organizations member account as a delegated administrator","accessLevel":"Write","resourceTypes":[],"dependentActions":["iam:CreateServiceLinkedRole","iam:GetRole","organizations:ListAWSServiceAccessForOrganization","organizations:RegisterDelegatedAdministrator"]},"RemoveTags":{"conditionKeys":["aws:TagKeys"],"resources":[{"name":"channel"},{"name":"dashboard"},{"name":"eventdatastore"},{"name":"trail"}],"description":"Grants permission to remove tags from a trail, event data store, channel or dashboard","accessLevel":"Tagging","resourceTypes":[{"name":"channel","required":false},{"name":"dashboard","required":false},{"name":"eventdatastore","required":false},{"name":"trail","required":false}]},"RestoreEventDataStore":{"conditionKeys":[],"resources":[{"name":"eventdatastore"}],"description":"Grants permission to restore an event data store","accessLevel":"Write","resourceTypes":[{"name":"eventdatastore","required":true}]},"SearchSampleQueries":{"conditionKeys":[],"resources":[],"description":"Grants permission to perform semantic search for CloudTrail Lake sample queries","accessLevel":"Read","resourceTypes":[]},"StartDashboardRefresh":{"conditionKeys":[],"resources":[{"name":"dashboard"}],"description":"Grants permission to start a refresh on the specified dashboard","accessLevel":"Write","resourceTypes":[{"name":"dashboard","required":true}],"dependentActions":["cloudtrail:StartQuery"]},"StartEventDataStoreIngestion":{"conditionKeys":[],"resources":[{"name":"eventdatastore"}],"description":"Grants permission to start ingestion on an event data store","accessLevel":"Write","resourceTypes":[{"name":"eventdatastore","required":true}]},"StartImport":{"conditionKeys":[],"resources":[],"description":"Grants permission to start an import of logged trail events from a source S3 bucket to a destination event data store","accessLevel":"Write","resourceTypes":[]},"StartLogging":{"conditionKeys":[],"resources":[{"name":"trail"}],"description":"Grants permission to start the recording of AWS API calls and log file delivery for a trail","accessLevel":"Write","resourceTypes":[{"name":"trail","required":true}]},"StartQuery":{"conditionKeys":[],"resources":[{"name":"eventdatastore"}],"description":"Grants permission to start a new query on a specified event data store","accessLevel":"Write","resourceTypes":[{"name":"eventdatastore","required":true}],"dependentActions":["kms:Decrypt","kms:GenerateDataKey"]},"StopEventDataStoreIngestion":{"conditionKeys":[],"resources":[{"name":"eventdatastore"}],"description":"Grants permission to stop ingestion on an event data store","accessLevel":"Write","resourceTypes":[{"name":"eventdatastore","required":true}]},"StopImport":{"conditionKeys":[],"resources":[],"description":"Grants permission to stop a specified import","accessLevel":"Write","resourceTypes":[]},"StopLogging":{"conditionKeys":[],"resources":[{"name":"trail"}],"description":"Grants permission to stop the recording of AWS API calls and log file delivery for a trail","accessLevel":"Write","resourceTypes":[{"name":"trail","required":true}]},"UpdateChannel":{"conditionKeys":[],"resources":[{"name":"channel"}],"description":"Grants permission to update a channel","accessLevel":"Write","resourceTypes":[{"name":"channel","required":true}]},"UpdateDashboard":{"conditionKeys":[],"resources":[{"name":"dashboard"}],"description":"Grants permission to update a dashboard","accessLevel":"Write","resourceTypes":[{"name":"dashboard","required":true}],"dependentActions":["cloudtrail:StartDashboardRefresh","cloudtrail:StartQuery"]},"UpdateEventDataStore":{"conditionKeys":[],"resources":[{"name":"eventdatastore"}],"description":"Grants permission to update an event data store","accessLevel":"Write","resourceTypes":[{"name":"eventdatastore","required":true}],"dependentActions":["iam:CreateServiceLinkedRole","iam:GetRole","kms:Decrypt","kms:GenerateDataKey","organizations:ListAWSServiceAccessForOrganization"]},"UpdateServiceLinkedChannel":{"conditionKeys":[],"resources":[{"name":"channel"}],"description":"Grants permission to update the service-linked channel settings for delivery of log data to an AWS service","accessLevel":"Write","resourceTypes":[{"name":"channel","required":true}],"permissionOnly":true},"UpdateTrail":{"conditionKeys":[],"resources":[{"name":"trail"}],"description":"Grants permission to update the settings that specify delivery of log files","accessLevel":"Write","resourceTypes":[{"name":"trail","required":true}],"dependentActions":["iam:CreateServiceLinkedRole","iam:GetRole","organizations:ListAWSServiceAccessForOrganization"]}},"resources":[{"name":"channel","arnFormats":["arn:${Partition}:cloudtrail:${Region}:${Account}:channel/${ChannelId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"dashboard","arnFormats":["arn:${Partition}:cloudtrail:${Region}:${Account}:dashboard/${DashboardName}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"eventdatastore","arnFormats":["arn:${Partition}:cloudtrail:${Region}:${Account}:eventdatastore/${EventDataStoreId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"trail","arnFormats":["arn:${Partition}:cloudtrail:${Region}:${Account}:trail/${TrailName}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]}],"conditionKeys":{"aws:RequestTag/${TagKey}":{"types":["String"],"description":"Filters access by the tag key-value pairs in the request"},"aws:ResourceTag/${TagKey}":{"types":["String"],"description":"Filters access by the tags attached to the resource"},"aws:TagKeys":{"types":["ArrayOfString"],"description":"Filters access by the tag keys in a request"}}}

package/src/data/servicereference/services/cloudwatch.json

@@ -0,0 +1 @@
+{"name":"cloudwatch","actions":{"BatchGetServiceLevelIndicatorReport":{"conditionKeys":[],"resources":[],"description":"Grants permission to batch get service level indicator report","accessLevel":"Read","resourceTypes":[]},"BatchGetServiceLevelObjectiveBudgetReport":{"conditionKeys":[],"resources":[{"name":"slo"}],"description":"Grants permission to batch retrieve a service level objective budget report","accessLevel":"Read","resourceTypes":[{"name":"slo","required":true}]},"CreateServiceLevelObjective":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create a service level objective","accessLevel":"Write","resourceTypes":[]},"DeleteAlarmMuteRule":{"conditionKeys":[],"resources":[{"name":"alarm-mute-rule"}],"description":"Grants permission to delete an alarm mute rule","accessLevel":"Write","resourceTypes":[{"name":"alarm-mute-rule","required":true}]},"DeleteAlarms":{"conditionKeys":[],"resources":[{"name":"alarm"}],"description":"Grants permission to delete a collection of alarms","accessLevel":"Write","resourceTypes":[{"name":"alarm","required":true}]},"DeleteAnomalyDetector":{"conditionKeys":[],"resources":[],"description":"Grants permission to delete the specified anomaly detection model from your account","accessLevel":"Write","resourceTypes":[]},"DeleteDashboards":{"conditionKeys":[],"resources":[{"name":"dashboard"}],"description":"Grants permission to delete all CloudWatch dashboards that you specify","accessLevel":"Write","resourceTypes":[{"name":"dashboard","required":true}]},"DeleteInsightRules":{"conditionKeys":[],"resources":[{"name":"insight-rule"}],"description":"Grants permission to delete a collection of insight rules","accessLevel":"Write","resourceTypes":[{"name":"insight-rule","required":true}]},"DeleteMetricStream":{"conditionKeys":[],"resources":[{"name":"metric-stream"}],"description":"Grants permission to delete the CloudWatch metric stream that you specify","accessLevel":"Write","resourceTypes":[{"name":"metric-stream","required":true}]},"DeleteServiceLevelObjective":{"conditionKeys":[],"resources":[{"name":"slo"}],"description":"Grants permission to delete a service level objective","accessLevel":"Write","resourceTypes":[{"name":"slo","required":true}]},"DescribeAlarmHistory":{"conditionKeys":[],"resources":[{"name":"alarm"}],"description":"Grants permission to retrieve the history for the specified alarm","accessLevel":"Read","resourceTypes":[{"name":"alarm","required":true}]},"DescribeAlarms":{"conditionKeys":[],"resources":[{"name":"alarm"}],"description":"Grants permission to describe all alarms, currently owned by the user's account","accessLevel":"Read","resourceTypes":[{"name":"alarm","required":true}]},"DescribeAlarmsForMetric":{"conditionKeys":[],"resources":[],"description":"Grants permission to describe all alarms configured on the specified metric, currently owned by the user's account","accessLevel":"Read","resourceTypes":[]},"DescribeAnomalyDetectors":{"conditionKeys":[],"resources":[],"description":"Grants permission to list the anomaly detection models that you have created in your account","accessLevel":"Read","resourceTypes":[]},"DescribeInsightRules":{"conditionKeys":[],"resources":[],"description":"Grants permission to describe all insight rules, currently owned by the user's account","accessLevel":"Read","resourceTypes":[]},"DisableAlarmActions":{"conditionKeys":[],"resources":[{"name":"alarm"}],"description":"Grants permission to disable actions for a collection of alarms","accessLevel":"Write","resourceTypes":[{"name":"alarm","required":true}]},"DisableInsightRules":{"conditionKeys":[],"resources":[{"name":"insight-rule"}],"description":"Grants permission to disable a collection of insight rules","accessLevel":"Write","resourceTypes":[{"name":"insight-rule","required":true}]},"EnableAlarmActions":{"conditionKeys":[],"resources":[{"name":"alarm"}],"description":"Grants permission to enable actions for a collection of alarms","accessLevel":"Write","resourceTypes":[{"name":"alarm","required":true}]},"EnableInsightRules":{"conditionKeys":[],"resources":[{"name":"insight-rule"}],"description":"Grants permission to enable a collection of insight rules","accessLevel":"Write","resourceTypes":[{"name":"insight-rule","required":true}]},"EnableTopologyDiscovery":{"conditionKeys":[],"resources":[],"description":"Grants permission to enable a CloudWatch topology discovery","accessLevel":"Write","resourceTypes":[]},"GenerateQuery":{"conditionKeys":[],"resources":[],"description":"Grants permission to generate a Metrics Insights or Logs Insights query string from a natural language prompt","accessLevel":"Read","resourceTypes":[]},"GenerateQueryResultsSummary":{"conditionKeys":[],"resources":[],"description":"Grants permission to generate a summary of CloudWatch LogInsights query results in natural language using generative AI","accessLevel":"Read","resourceTypes":[]},"GetAlarmMuteRule":{"conditionKeys":[],"resources":[{"name":"alarm-mute-rule"}],"description":"Grants permission to get an alarm mute rule","accessLevel":"Read","resourceTypes":[{"name":"alarm-mute-rule","required":true}]},"GetDashboard":{"conditionKeys":[],"resources":[{"name":"dashboard"}],"description":"Grants permission to display the details of the CloudWatch dashboard you specify","accessLevel":"Read","resourceTypes":[{"name":"dashboard","required":true}]},"GetInsightRuleReport":{"conditionKeys":[],"resources":[{"name":"insight-rule"}],"description":"Grants permission to return the top-N report of unique contributors over a time range for a given insight rule","accessLevel":"Read","resourceTypes":[{"name":"insight-rule","required":true}]},"GetMetricData":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve batch amounts of CloudWatch metric data and perform metric math on retrieved data","accessLevel":"Read","resourceTypes":[]},"GetMetricStatistics":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve statistics for the specified metric","accessLevel":"Read","resourceTypes":[]},"GetMetricStream":{"conditionKeys":[],"resources":[{"name":"metric-stream"}],"description":"Grants permission to return the details of a CloudWatch metric stream","accessLevel":"Read","resourceTypes":[{"name":"metric-stream","required":true}]},"GetMetricWidgetImage":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve snapshots of metric widgets","accessLevel":"Read","resourceTypes":[]},"GetService":{"conditionKeys":[],"resources":[{"name":"service"}],"description":"Grants permission to retrieve information about a service","accessLevel":"Read","resourceTypes":[{"name":"service","required":true}]},"GetServiceData":{"conditionKeys":[],"resources":[{"name":"service"}],"description":"Grants permission to retrieve service data","accessLevel":"Read","resourceTypes":[{"name":"service","required":true}],"permissionOnly":true},"GetServiceLevelObjective":{"conditionKeys":[],"resources":[{"name":"slo"}],"description":"Grants permission to retrieve information about service level objective","accessLevel":"Read","resourceTypes":[{"name":"slo","required":true}]},"GetTopologyDiscoveryStatus":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve a CloudWatch topology discovery status","accessLevel":"Read","resourceTypes":[],"permissionOnly":true},"GetTopologyMap":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve a CloudWatch topology map","accessLevel":"Read","resourceTypes":[]},"Link":{"conditionKeys":[],"resources":[],"description":"Grants permission to share CloudWatch resources with a monitoring account","accessLevel":"Write","resourceTypes":[],"permissionOnly":true},"ListAlarmMuteRules":{"conditionKeys":[],"resources":[{"name":"alarm-mute-rule"}],"description":"Grants permission to retrieve a list of alarm mute rules owned by the user's account","accessLevel":"List","resourceTypes":[{"name":"alarm-mute-rule","required":true}]},"ListDashboards":{"conditionKeys":[],"resources":[],"description":"Grants permission to return a list of all CloudWatch dashboards in your account","accessLevel":"List","resourceTypes":[]},"ListEntitiesForMetric":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve all the entities that are emitting a given metric","accessLevel":"List","resourceTypes":[],"permissionOnly":true},"ListManagedInsightRules":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys","cloudwatch:requestManagedResourceARNs"],"resources":[],"description":"Grants permission to list available managed Insight Rules for a given Resource ARN","accessLevel":"Read","resourceTypes":[]},"ListMetricStreams":{"conditionKeys":[],"resources":[],"description":"Grants permission to return a list of all CloudWatch metric streams in your account","accessLevel":"List","resourceTypes":[]},"ListMetrics":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve a list of valid metrics stored for the AWS account owner","accessLevel":"List","resourceTypes":[]},"ListServiceLevelObjectives":{"conditionKeys":[],"resources":[],"description":"Grants permission to list service level objectives","accessLevel":"List","resourceTypes":[]},"ListServices":{"conditionKeys":[],"resources":[],"description":"Grants permission to list services","accessLevel":"List","resourceTypes":[]},"ListTagsForResource":{"conditionKeys":[],"resources":[{"name":"alarm"},{"name":"alarm-mute-rule"},{"name":"insight-rule"},{"name":"slo"}],"description":"Grants permission to list tags for an Amazon CloudWatch resource","accessLevel":"List","resourceTypes":[{"name":"alarm","required":false},{"name":"alarm-mute-rule","required":false},{"name":"insight-rule","required":false},{"name":"slo","required":false}]},"PutAlarmMuteRule":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"alarm"},{"name":"alarm-mute-rule"}],"description":"Grants permission to create or update an alarm mute rule","accessLevel":"Write","resourceTypes":[{"name":"alarm-mute-rule","required":true},{"name":"alarm","required":false}]},"PutAnomalyDetector":{"conditionKeys":[],"resources":[],"description":"Grants permission to create or update an anomaly detection model for a CloudWatch metric","accessLevel":"Write","resourceTypes":[]},"PutCompositeAlarm":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys","cloudwatch:AlarmActions"],"resources":[{"name":"alarm"}],"description":"Grants permission to create or update a composite alarm","accessLevel":"Write","resourceTypes":[{"name":"alarm","required":true}]},"PutDashboard":{"conditionKeys":[],"resources":[{"name":"dashboard"}],"description":"Grants permission to create a CloudWatch dashboard, or update an existing dashboard if it already exists","accessLevel":"Write","resourceTypes":[{"name":"dashboard","required":true}]},"PutInsightRule":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys","cloudwatch:requestInsightRuleLogGroups"],"resources":[{"name":"insight-rule"}],"description":"Grants permission to create a new insight rule or replace an existing insight rule","accessLevel":"Write","resourceTypes":[{"name":"insight-rule","required":true}]},"PutManagedInsightRules":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys","cloudwatch:requestManagedResourceARNs"],"resources":[],"description":"Grants permission to create managed Insight Rules","accessLevel":"Write","resourceTypes":[]},"PutMetricAlarm":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys","cloudwatch:AlarmActions"],"resources":[{"name":"alarm"}],"description":"Grants permission to create or update an alarm and associates it with the specified Amazon CloudWatch metric","accessLevel":"Write","resourceTypes":[{"name":"alarm","required":true}]},"PutMetricData":{"conditionKeys":["cloudwatch:namespace"],"resources":[],"description":"Grants permission to publish metric data points to Amazon CloudWatch","accessLevel":"Write","resourceTypes":[]},"PutMetricStream":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"metric-stream"}],"description":"Grants permission to create a CloudWatch metric stream, or update an existing metric stream if it already exists","accessLevel":"Write","resourceTypes":[{"name":"metric-stream","required":true}]},"SetAlarmState":{"conditionKeys":[],"resources":[{"name":"alarm"}],"description":"Grants permission to temporarily set the state of an alarm for testing purposes","accessLevel":"Write","resourceTypes":[{"name":"alarm","required":true}]},"StartMetricStreams":{"conditionKeys":[],"resources":[{"name":"metric-stream"}],"description":"Grants permission to start all CloudWatch metric streams that you specify","accessLevel":"Write","resourceTypes":[{"name":"metric-stream","required":true}]},"StopMetricStreams":{"conditionKeys":[],"resources":[{"name":"metric-stream"}],"description":"Grants permission to stop all CloudWatch metric streams that you specify","accessLevel":"Write","resourceTypes":[{"name":"metric-stream","required":true}]},"TagResource":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"alarm"},{"name":"alarm-mute-rule"},{"name":"insight-rule"},{"name":"slo"}],"description":"Grants permission to add tags to an Amazon CloudWatch resource","accessLevel":"Tagging","resourceTypes":[{"name":"alarm","required":false},{"name":"alarm-mute-rule","required":false},{"name":"insight-rule","required":false},{"name":"slo","required":false}]},"UntagResource":{"conditionKeys":["aws:TagKeys"],"resources":[{"name":"alarm"},{"name":"alarm-mute-rule"},{"name":"insight-rule"},{"name":"slo"}],"description":"Grants permission to remove a tag from an Amazon CloudWatch resource","accessLevel":"Tagging","resourceTypes":[{"name":"alarm","required":false},{"name":"alarm-mute-rule","required":false},{"name":"insight-rule","required":false},{"name":"slo","required":false}]},"UpdateServiceLevelObjective":{"conditionKeys":[],"resources":[{"name":"slo"}],"description":"Grants permission to update a service level objective","accessLevel":"Write","resourceTypes":[{"name":"slo","required":true}]}},"resources":[{"name":"alarm","arnFormats":["arn:${Partition}:cloudwatch:${Region}:${Account}:alarm:${AlarmName}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"alarm-mute-rule","arnFormats":["arn:${Partition}:cloudwatch:${Region}:${Account}:alarm-mute-rule:${AlarmMuteRuleName}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"dashboard","arnFormats":["arn:${Partition}:cloudwatch::${Account}:dashboard/${DashboardName}"],"conditionKeys":[]},{"name":"insight-rule","arnFormats":["arn:${Partition}:cloudwatch:${Region}:${Account}:insight-rule/${InsightRuleName}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"metric-stream","arnFormats":["arn:${Partition}:cloudwatch:${Region}:${Account}:metric-stream/${MetricStreamName}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"service","arnFormats":["arn:${Partition}:cloudwatch:${Region}:${Account}:service/${ServiceName}-${UniqueAttributesHex}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"slo","arnFormats":["arn:${Partition}:cloudwatch:${Region}:${Account}:slo/${SloName}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]}],"conditionKeys":{"aws:RequestTag/${TagKey}":{"types":["String"],"description":"Filters actions based on the allowed set of values for each of the tags"},"aws:ResourceTag/${TagKey}":{"types":["String"],"description":"Filters actions based on tag-value associated with the resource"},"aws:TagKeys":{"types":["ArrayOfString"],"description":"Filters actions based on the presence of mandatory tags in the request"},"cloudwatch:AlarmActions":{"types":["ArrayOfString"],"description":"Filters actions based on defined alarm actions"},"cloudwatch:namespace":{"types":["String"],"description":"Filters actions based on the presence of optional namespace values"},"cloudwatch:requestInsightRuleLogGroups":{"types":["ArrayOfString"],"description":"Filters actions based on the Log Groups specified in an Insight Rule"},"cloudwatch:requestManagedResourceARNs":{"types":["ArrayOfARN"],"description":"Filters access by the Resource ARNs specified in a managed Insight Rule"}}}

package/src/data/servicereference/services/codeartifact.json

@@ -0,0 +1 @@
+{"name":"codeartifact","actions":{"AssociateExternalConnection":{"conditionKeys":[],"resources":[{"name":"repository"}],"description":"Grants permission to add an external connection to a repository","accessLevel":"Write","resourceTypes":[{"name":"repository","required":true}]},"AssociateWithDownstreamRepository":{"conditionKeys":[],"resources":[{"name":"repository"}],"description":"Grants permission to associate an existing repository as an upstream repository to another repository","accessLevel":"Write","resourceTypes":[{"name":"repository","required":true}]},"CopyPackageVersions":{"conditionKeys":[],"resources":[{"name":"package"},{"name":"repository"}],"description":"Grants permission to copy package versions from one repository to another repository in the same domain","accessLevel":"Write","resourceTypes":[{"name":"package","required":true},{"name":"repository","required":true}]},"CreateDomain":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create a new domain","accessLevel":"Write","resourceTypes":[]},"CreatePackageGroup":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create a package group","accessLevel":"Write","resourceTypes":[]},"CreateRepository":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create a new repository","accessLevel":"Write","resourceTypes":[]},"DeleteDomain":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Grants permission to delete a domain","accessLevel":"Write","resourceTypes":[{"name":"domain","required":true}]},"DeleteDomainPermissionsPolicy":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Grants permission to delete the resource policy set on a domain","accessLevel":"Permissions management","resourceTypes":[{"name":"domain","required":true}]},"DeletePackage":{"conditionKeys":[],"resources":[{"name":"package"}],"description":"Grants permission to delete a package","accessLevel":"Write","resourceTypes":[{"name":"package","required":true}]},"DeletePackageGroup":{"conditionKeys":[],"resources":[{"name":"package-group"}],"description":"Grants permission to delete a package group","accessLevel":"Write","resourceTypes":[{"name":"package-group","required":true}]},"DeletePackageVersions":{"conditionKeys":[],"resources":[{"name":"package"}],"description":"Grants permission to delete package versions","accessLevel":"Write","resourceTypes":[{"name":"package","required":true}]},"DeleteRepository":{"conditionKeys":[],"resources":[{"name":"repository"}],"description":"Grants permission to delete a repository","accessLevel":"Write","resourceTypes":[{"name":"repository","required":true}]},"DeleteRepositoryPermissionsPolicy":{"conditionKeys":[],"resources":[{"name":"repository"}],"description":"Grants permission to delete the resource policy set on a repository","accessLevel":"Permissions management","resourceTypes":[{"name":"repository","required":true}]},"DescribeDomain":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Grants permission to return information about a domain","accessLevel":"Read","resourceTypes":[{"name":"domain","required":true}]},"DescribePackage":{"conditionKeys":[],"resources":[{"name":"package"}],"description":"Grants permission to retrieve information about a package","accessLevel":"Read","resourceTypes":[{"name":"package","required":true}]},"DescribePackageGroup":{"conditionKeys":[],"resources":[{"name":"package-group"}],"description":"Grants permission to return detailed information about a package group","accessLevel":"Read","resourceTypes":[{"name":"package-group","required":true}]},"DescribePackageVersion":{"conditionKeys":[],"resources":[{"name":"package"}],"description":"Grants permission to return information about a package version","accessLevel":"Read","resourceTypes":[{"name":"package","required":true}]},"DescribeRepository":{"conditionKeys":[],"resources":[{"name":"repository"}],"description":"Grants permission to return detailed information about a repository","accessLevel":"Read","resourceTypes":[{"name":"repository","required":true}]},"DisassociateExternalConnection":{"conditionKeys":[],"resources":[{"name":"repository"}],"description":"Grants permission to disassociate an external connection from a repository","accessLevel":"Write","resourceTypes":[{"name":"repository","required":true}]},"DisposePackageVersions":{"conditionKeys":[],"resources":[{"name":"package"}],"description":"Grants permission to set the status of package versions to Disposed and delete their assets","accessLevel":"Write","resourceTypes":[{"name":"package","required":true}]},"GetAssociatedPackageGroup":{"conditionKeys":[],"resources":[{"name":"package-group"}],"description":"Grants permission to return a package's associated package group","accessLevel":"Read","resourceTypes":[{"name":"package-group","required":true}]},"GetAuthorizationToken":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Grants permission to generate a temporary authentication token for accessing repositories in a domain","accessLevel":"Read","resourceTypes":[{"name":"domain","required":true}]},"GetDomainPermissionsPolicy":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Grants permission to return a domain's resource policy","accessLevel":"Read","resourceTypes":[{"name":"domain","required":true}]},"GetPackageVersionAsset":{"conditionKeys":[],"resources":[{"name":"package"}],"description":"Grants permission to return an asset (or file) that is part of a package version","accessLevel":"Read","resourceTypes":[{"name":"package","required":true}]},"GetPackageVersionReadme":{"conditionKeys":[],"resources":[{"name":"package"}],"description":"Grants permission to return a package version's readme file","accessLevel":"Read","resourceTypes":[{"name":"package","required":true}]},"GetRepositoryEndpoint":{"conditionKeys":[],"resources":[{"name":"repository"}],"description":"Grants permission to return an endpoint for a repository","accessLevel":"Read","resourceTypes":[{"name":"repository","required":true}]},"GetRepositoryPermissionsPolicy":{"conditionKeys":[],"resources":[{"name":"repository"}],"description":"Grants permission to return a repository's resource policy","accessLevel":"Read","resourceTypes":[{"name":"repository","required":true}]},"ListAllowedRepositoriesForGroup":{"conditionKeys":[],"resources":[{"name":"package-group"}],"description":"Grants permission to list the allowed repositories for a package group","accessLevel":"List","resourceTypes":[{"name":"package-group","required":true}]},"ListAssociatedPackages":{"conditionKeys":[],"resources":[{"name":"package-group"}],"description":"Grants permission to list the packages associated to a package group","accessLevel":"List","resourceTypes":[{"name":"package-group","required":true}]},"ListDomains":{"conditionKeys":[],"resources":[],"description":"Grants permission to list the domains in the current user's AWS account","accessLevel":"List","resourceTypes":[]},"ListPackageGroups":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Grants permission to list the package groups in a domain","accessLevel":"List","resourceTypes":[{"name":"domain","required":true}]},"ListPackageVersionAssets":{"conditionKeys":[],"resources":[{"name":"package"}],"description":"Grants permission to list a package version's assets","accessLevel":"List","resourceTypes":[{"name":"package","required":true}]},"ListPackageVersionDependencies":{"conditionKeys":[],"resources":[{"name":"package"}],"description":"Grants permission to list the direct dependencies of a package version","accessLevel":"List","resourceTypes":[{"name":"package","required":true}]},"ListPackageVersions":{"conditionKeys":[],"resources":[{"name":"package"}],"description":"Grants permission to list a package's versions","accessLevel":"List","resourceTypes":[{"name":"package","required":true}]},"ListPackages":{"conditionKeys":[],"resources":[{"name":"repository"}],"description":"Grants permission to list the packages in a repository","accessLevel":"List","resourceTypes":[{"name":"repository","required":true}]},"ListRepositories":{"conditionKeys":[],"resources":[],"description":"Grants permission to list the repositories administered by the calling account","accessLevel":"List","resourceTypes":[]},"ListRepositoriesInDomain":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Grants permission to list the repositories in a domain","accessLevel":"List","resourceTypes":[{"name":"domain","required":true}]},"ListSubPackageGroups":{"conditionKeys":[],"resources":[{"name":"package-group"}],"description":"Grants permission to list the sub package groups for a parent package group","accessLevel":"List","resourceTypes":[{"name":"package-group","required":true}]},"ListTagsForResource":{"conditionKeys":[],"resources":[{"name":"domain"},{"name":"package-group"},{"name":"repository"}],"description":"Grants permission to list tags for a CodeArtifact resource","accessLevel":"List","resourceTypes":[{"name":"domain","required":false},{"name":"package-group","required":false},{"name":"repository","required":false}]},"PublishPackageVersion":{"conditionKeys":[],"resources":[{"name":"package"}],"description":"Grants permission to publish assets and metadata to a repository endpoint","accessLevel":"Write","resourceTypes":[{"name":"package","required":true}]},"PutDomainPermissionsPolicy":{"conditionKeys":[],"resources":[{"name":"domain"}],"description":"Grants permission to attach a resource policy to a domain","accessLevel":"Write","resourceTypes":[{"name":"domain","required":true}]},"PutPackageMetadata":{"conditionKeys":[],"resources":[{"name":"package"}],"description":"Grants permission to add, modify or remove package metadata using a repository endpoint","accessLevel":"Write","resourceTypes":[{"name":"package","required":true}]},"PutPackageOriginConfiguration":{"conditionKeys":[],"resources":[{"name":"package"}],"description":"Grants permission to set origin configuration for a package","accessLevel":"Write","resourceTypes":[{"name":"package","required":true}]},"PutRepositoryPermissionsPolicy":{"conditionKeys":[],"resources":[{"name":"repository"}],"description":"Grants permission to attach a resource policy to a repository","accessLevel":"Write","resourceTypes":[{"name":"repository","required":true}]},"ReadFromRepository":{"conditionKeys":[],"resources":[{"name":"repository"}],"description":"Grants permission to return package assets and metadata from a repository endpoint","accessLevel":"Read","resourceTypes":[{"name":"repository","required":true}]},"TagResource":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"domain"},{"name":"package-group"},{"name":"repository"}],"description":"Grants permission to tag a CodeArtifact resource","accessLevel":"Tagging","resourceTypes":[{"name":"domain","required":false},{"name":"package-group","required":false},{"name":"repository","required":false}]},"UntagResource":{"conditionKeys":["aws:TagKeys"],"resources":[{"name":"domain"},{"name":"package-group"},{"name":"repository"}],"description":"Grants permission to remove a tag from a CodeArtifact resource","accessLevel":"Tagging","resourceTypes":[{"name":"domain","required":false},{"name":"package-group","required":false},{"name":"repository","required":false}]},"UpdatePackageGroup":{"conditionKeys":[],"resources":[{"name":"package-group"}],"description":"Grants permission to modify the properties of a package group","accessLevel":"Write","resourceTypes":[{"name":"package-group","required":true}]},"UpdatePackageGroupOriginConfiguration":{"conditionKeys":[],"resources":[{"name":"package-group"}],"description":"Grants permission to modify the package origin configuration of a package group","accessLevel":"Write","resourceTypes":[{"name":"package-group","required":true}]},"UpdatePackageVersionsStatus":{"conditionKeys":[],"resources":[{"name":"package"}],"description":"Grants permission to modify the status of one or more versions of a package","accessLevel":"Write","resourceTypes":[{"name":"package","required":true}]},"UpdateRepository":{"conditionKeys":[],"resources":[{"name":"repository"}],"description":"Grants permission to modify the properties of a repository","accessLevel":"Write","resourceTypes":[{"name":"repository","required":true}]}},"resources":[{"name":"domain","arnFormats":["arn:${Partition}:codeartifact:${Region}:${Account}:domain/${DomainName}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"package","arnFormats":["arn:${Partition}:codeartifact:${Region}:${Account}:package/${DomainName}/${RepositoryName}/${PackageFormat}/${PackageNamespace}/${PackageName}"],"conditionKeys":[]},{"name":"package-group","arnFormats":["arn:${Partition}:codeartifact:${Region}:${Account}:package-group/${DomainName}${EncodedPackageGroupPattern}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"repository","arnFormats":["arn:${Partition}:codeartifact:${Region}:${Account}:repository/${DomainName}/${RepositoryName}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]}],"conditionKeys":{"aws:RequestTag/${TagKey}":{"types":["String"],"description":"Filters access by the presence of tag key-value pairs in the request"},"aws:ResourceTag/${TagKey}":{"types":["String"],"description":"Filters access by tag key-value pairs attached to the resource"},"aws:TagKeys":{"types":["ArrayOfString"],"description":"Filters access by the presence of tag keys in the request"}}}