npm - aws-iam-ls - Versions diffs - 0.0.0 - Mend

aws-iam-ls 0.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (522) hide show

package/src/data/servicereference/services/workmail.json ADDED Viewed

@@ -0,0 +1 @@

+ {"name":"workmail","actions":{"AllowVendedLogDeliveryForResource":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to configure vended log delivery for WorkMail audit logs","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"AssociateDelegateToResource":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to add a member (user or group) to the resource's set of delegates","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"AssociateMemberToGroup":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to add a member (user or group) to the group's set","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"AssumeImpersonationRole":{"conditionKeys":["workmail:ImpersonationRoleId"],"resources":[{"name":"organization"}],"description":"Grants permission to assume an impersonation role for the given Amazon WorkMail organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"CancelMailboxExportJob":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to cancel a currently running mailbox export job","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"CreateAlias":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to add an alias to the set of a given member (user or group) of WorkMail","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"CreateAvailabilityConfiguration":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to create an AvailabilityConfiguration for the given Amazon WorkMail organization and domain","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"CreateGroup":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to create a group that can be used in WorkMail by calling the RegisterToWorkMail operation","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"CreateIdentityCenterApplication":{"conditionKeys":[],"resources":[],"description":"Grants permission to create an Identity Center application for WorkMail","accessLevel":"Write","resourceTypes":[]},"CreateImpersonationRole":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to create an impersonation role for the given Amazon WorkMail organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"CreateInboundMailFlowRule":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to create an inbound email flow rule which will apply to all email sent to an organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"CreateMailDomain":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to create a mail domain","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"CreateMobileDeviceAccessRule":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to create a new mobile device access rule","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"CreateOrganization":{"conditionKeys":[],"resources":[],"description":"Grants permission to create a new Amazon WorkMail organization","accessLevel":"Write","resourceTypes":[]},"CreateOutboundMailFlowRule":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to create an outbound email flow rule which will apply to all email sent from an organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"CreateResource":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to create a new WorkMail resource","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"CreateSmtpGateway":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to register an SMTP gateway to a WorkMail organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"CreateUser":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to create a user, which can be enabled afterwards by calling the RegisterToWorkMail operation","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"DeleteAccessControlRule":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to delete an access control rule","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"DeleteAlias":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to remove one or more specified aliases from a set of aliases for a given user","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"DeleteAvailabilityConfiguration":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to delete the AvailabilityConfiguration for the given Amazon WorkMail organization and domain","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"DeleteEmailMonitoringConfiguration":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to delete the email monitoring configuration for an organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"DeleteGroup":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to delete a group from WorkMail","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"DeleteIdentityCenterApplication":{"conditionKeys":[],"resources":[],"description":"Grants permission to delete an Identity Center application for WorkMail","accessLevel":"Write","resourceTypes":[]},"DeleteIdentityProviderConfiguration":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to delete the identity provider configuration for the organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"DeleteImpersonationRole":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to delete an impersonation role for the given Amazon WorkMail organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"DeleteInboundMailFlowRule":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to remove an inbound email flow rule to no longer apply to emails sent to an organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"DeleteMailDomain":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to remove an unused mail domain from an organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"DeleteMailboxPermissions":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to delete permissions granted to a member (user or group)","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"DeleteMobileDevice":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to remove a mobile device from a user","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"DeleteMobileDeviceAccessOverride":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to delete a mobile device access override","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"DeleteMobileDeviceAccessRule":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to delete a mobile device access rule","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"DeleteOrganization":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to delete an Amazon WorkMail organization and all underlying AWS resources managed by Amazon WorkMail as part of the organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"DeleteOutboundMailFlowRule":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to remove an outbound email flow rule so that it no longer applies to emails sent from an organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"DeletePersonalAccessToken":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to delete a personal access token","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"DeleteResource":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to delete the specified resource","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"DeleteRetentionPolicy":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to delete the retention policy based on the supplied organization and policy identifiers","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"DeleteSmtpGateway":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to remove an SMTP gateway from an organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"DeleteUser":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to delete a user from WorkMail and all subsequent systems","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"DeliverToMailbox":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to deliver emails to a WorkMail organization via the SES MailManager DeliverToMailbox action","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"DeregisterFromWorkMail":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to mark a user, group, or resource as no longer used in WorkMail","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"DeregisterMailDomain":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to deregister a mail domain from an organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"DescribeEmailMonitoringConfiguration":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to retrieve the email monitoring configuration for an organization","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}]},"DescribeEntity":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to read details of an entity","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}]},"DescribeGroup":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to read the details for a group","accessLevel":"List","resourceTypes":[{"name":"organization","required":true}]},"DescribeIdentityProviderConfiguration":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to read the identity provider configuration for the organization","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}]},"DescribeInboundDmarcSettings":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to read the settings in a DMARC policy for a specified organization","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}]},"DescribeInboundMailFlowRule":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to read the details of an inbound mail flow rule configured for an organization","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"DescribeMailDomains":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to show the details of all mail domains associated with the organization","accessLevel":"List","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"DescribeMailboxExportJob":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to retrieve details of a mailbox export job","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}]},"DescribeOrganization":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to read details of an organization","accessLevel":"List","resourceTypes":[{"name":"organization","required":true}]},"DescribeOutboundMailFlowRule":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to read the details of an outbound mail flow rule configured for an organization","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"DescribeResource":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to read the details for a resource","accessLevel":"List","resourceTypes":[{"name":"organization","required":true}]},"DescribeSmtpGateway":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to read the details of an SMTP gateway registered to an organization","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"DescribeUser":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to read details for a user","accessLevel":"List","resourceTypes":[{"name":"organization","required":true}]},"DisassociateDelegateFromResource":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to remove a member from the resource's set of delegates","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"DisassociateMemberFromGroup":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to remove a member from a group","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"EnableMailDomain":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to enable a mail domain in the organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"GetAccessControlEffect":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to get the effects of access control rules as they apply to a specified IPv4 address, access protocol action, or user ID","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}]},"GetDefaultRetentionPolicy":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to retrieve the retention policy associated at an organizational level","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}]},"GetImpersonationRole":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to retrieve an impersonation role for the given Amazon WorkMail organization","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}]},"GetImpersonationRoleEffect":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to get the effect of the rules associated to an impersonation role for a specific user","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}]},"GetJournalingRules":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to read the configured journaling and fallback email addresses for email journaling","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"GetMailDomain":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to retrieve details of a given mail domain in an organization","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}]},"GetMailDomainDetails":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to get the details of the mail domain","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"GetMailboxDetails":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to read the details of the user's mailbox","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}]},"GetMobileDeviceAccessEffect":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to simulate the effect of the mobile device access rules for the given attributes of a sample access event","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}]},"GetMobileDeviceAccessOverride":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to retrieve a mobile device access override","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}]},"GetMobileDeviceDetails":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to get the details of the mobile device","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"GetMobileDevicesForUser":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to get a list of the mobile devices associated with the user","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"GetMobilePolicyDetails":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to get the details of the mobile device policy associated with the organization","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"GetPersonalAccessTokenMetadata":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to read metadata for a personal access token","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}]},"ListAccessControlRules":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to list the access control rules","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}]},"ListAliases":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to list the aliases associated with a given entity","accessLevel":"List","resourceTypes":[{"name":"organization","required":true}]},"ListAvailabilityConfigurations":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to list all the AvailabilityConfiguration's for the given Amazon WorkMail organization","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}]},"ListGroupMembers":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to read an overview of the members of a group. Users and groups can be members of a group","accessLevel":"List","resourceTypes":[{"name":"organization","required":true}]},"ListGroups":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to list summaries of the organization's groups","accessLevel":"List","resourceTypes":[{"name":"organization","required":true}]},"ListGroupsForEntity":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to list the groups to which an entity belongs","accessLevel":"List","resourceTypes":[{"name":"organization","required":true}]},"ListImpersonationRoles":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to list the impersonation roles for the given Amazon WorkMail organization","accessLevel":"List","resourceTypes":[{"name":"organization","required":true}]},"ListInboundMailFlowRules":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to list inbound mail flow rules configured for an organization","accessLevel":"List","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"ListMailDomains":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to list the mail domains for a given organization","accessLevel":"List","resourceTypes":[{"name":"organization","required":true}]},"ListMailboxExportJobs":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to list mailbox export jobs","accessLevel":"List","resourceTypes":[{"name":"organization","required":true}]},"ListMailboxPermissions":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to list the mailbox permissions associated with a user, group, or resource mailbox","accessLevel":"List","resourceTypes":[{"name":"organization","required":true}]},"ListMobileDeviceAccessOverrides":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to list the mobile device access overrides","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}]},"ListMobileDeviceAccessRules":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to list the mobile device access rules","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}]},"ListOrganizations":{"conditionKeys":[],"resources":[],"description":"Grants permission to list the non-deleted organizations","accessLevel":"List","resourceTypes":[]},"ListOutboundMailFlowRules":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to list outbound mail flow rules configured for an organization","accessLevel":"List","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"ListPersonalAccessTokens":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to list metadata for personal access tokens","accessLevel":"List","resourceTypes":[{"name":"organization","required":true}]},"ListResourceDelegates":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to list the delegates associated with a resource","accessLevel":"List","resourceTypes":[{"name":"organization","required":true}]},"ListResources":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to list the organization's resources","accessLevel":"List","resourceTypes":[{"name":"organization","required":true}]},"ListSmtpGateways":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to list SMTP gateways registered to the organization","accessLevel":"List","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"ListTagsForResource":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"organization"}],"description":"Grants permission to list the tags applied to an Amazon WorkMail organization resource","accessLevel":"List","resourceTypes":[{"name":"organization","required":true}]},"ListUsers":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to list the organization's users","accessLevel":"List","resourceTypes":[{"name":"organization","required":true}]},"PutAccessControlRule":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to add a new access control rule","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"PutEmailMonitoringConfiguration":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to add or update the email monitoring configuration for an organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"PutIdentityProviderConfiguration":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to add or update the identity provider configuration for the organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"PutInboundDmarcSettings":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to enable or disable a DMARC policy for a given organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"PutMailboxPermissions":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to set permissions for a user, group, or resource, replacing any existing permissions","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"PutMobileDeviceAccessOverride":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to add or update a mobile device access override","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"PutRetentionPolicy":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to add or update the retention policy","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"RegisterMailDomain":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to register a new mail domain in an organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"RegisterToWorkMail":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to register an existing and disabled user, group, or resource for use by associating a mailbox and calendaring capabilities","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"ResetPassword":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to allow the administrator to reset the password for a user","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"SearchMembers":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to perform a prefix search to find a specific user in a mail group","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"SetDefaultMailDomain":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to set the default mail domain for the organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"SetJournalingRules":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to set journaling and fallback email addresses for email journaling","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"SetMobilePolicyDetails":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to set the details of a mobile policy associated with the organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"StartMailboxExportJob":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to start a new mailbox export job","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"TagResource":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"organization"}],"description":"Grants permission to tag the specified Amazon WorkMail organization resource","accessLevel":"Tagging","resourceTypes":[{"name":"organization","required":true}]},"TestAvailabilityConfiguration":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to performs a test on an availability provider to ensure that access is allowed","accessLevel":"Read","resourceTypes":[{"name":"organization","required":true}]},"TestInboundMailFlowRules":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to test what inbound rules will apply to an email with a given sender and recipient","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"TestOutboundMailFlowRules":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to test what outbound rules will apply to an email with a given sender and recipient","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"UntagResource":{"conditionKeys":["aws:TagKeys"],"resources":[{"name":"organization"}],"description":"Grants permission to untag the specified Amazon WorkMail organization resource","accessLevel":"Tagging","resourceTypes":[{"name":"organization","required":true}]},"UpdateAvailabilityConfiguration":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to update an existing AvailabilityConfiguration for the given Amazon WorkMail organization and domain","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"UpdateDefaultMailDomain":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to update which domain is the default domain for an organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"UpdateGroup":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to update details of a group","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"UpdateImpersonationRole":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to update an existing impersonation role for the given Amazon WorkMail organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"UpdateInboundMailFlowRule":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to update the details of an inbound email flow rule which will apply to all email sent to an organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"UpdateMailboxQuota":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to update the maximum size (in MB) of the user's mailbox","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"UpdateMobileDeviceAccessRule":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to update a mobile device access rule","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"UpdateOutboundMailFlowRule":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to update the details of an outbound email flow rule which will apply to all email sent from an organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"UpdatePrimaryEmailAddress":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to update the primary email for a user, group, or resource","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"UpdateResource":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to update details for the resource","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"UpdateSmtpGateway":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to update the details of an existing SMTP gateway registered to an organization","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true},"UpdateUser":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to update details of a user","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}]},"WipeMobileDevice":{"conditionKeys":[],"resources":[{"name":"organization"}],"description":"Grants permission to remotely wipe the mobile device associated with a user's account","accessLevel":"Write","resourceTypes":[{"name":"organization","required":true}],"permissionOnly":true}},"resources":[{"name":"organization","arnFormats":["arn:${Partition}:workmail:${Region}:${Account}:organization/${ResourceId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]}],"conditionKeys":{"aws:RequestTag/${TagKey}":{"types":["String"],"description":"Filters access by the tag key-value pairs that are passed in the request"},"aws:ResourceTag/${TagKey}":{"types":["String"],"description":"Filters access by the tag key-value pairs attached to the resource"},"aws:TagKeys":{"types":["ArrayOfString"],"description":"Filters access by the tag keys that are passed in the request"},"workmail:ImpersonationRoleId":{"types":["String"],"description":"Filters access by the ImpersonationRoleId that is passed in the request"}}}

package/src/data/servicereference/services/workmailmessageflow.json ADDED Viewed

@@ -0,0 +1 @@

+ {"name":"workmailmessageflow","actions":{"GetRawMessageContent":{"conditionKeys":[],"resources":[{"name":"RawMessage"}],"description":"Grants permission to read the content of email messages with the specified message ID","accessLevel":"Read","resourceTypes":[{"name":"RawMessage","required":true}]},"PutRawMessageContent":{"conditionKeys":[],"resources":[{"name":"RawMessage"}],"description":"Grants permission to update the content of email messages with the specified message ID","accessLevel":"Write","resourceTypes":[{"name":"RawMessage","required":true}]}},"resources":[{"name":"RawMessage","arnFormats":["arn:${Partition}:workmailmessageflow:${Region}:${Account}:message/${OrganizationId}/${Context}/${MessageId}"],"conditionKeys":[]}],"conditionKeys":{}}

package/src/data/servicereference/services/workspaces-instances.json ADDED Viewed

@@ -0,0 +1 @@

+ {"name":"workspaces-instances","actions":{"AssociateVolume":{"conditionKeys":[],"resources":[{"name":"WorkspaceInstanceId"}],"description":"Grants permission to associate a workspace managed volume to a workspace managed instance in your account","accessLevel":"Write","resourceTypes":[{"name":"WorkspaceInstanceId","required":true}],"dependentActions":["ec2:AttachVolume","ec2:DescribeVolumes"]},"CreateVolume":{"conditionKeys":[],"resources":[],"description":"Grants permission to create a workspace managed volume in your account","accessLevel":"Write","resourceTypes":[],"dependentActions":["ec2:CreateVolume"]},"CreateWorkspaceInstance":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create a workspace managed instance in your account","accessLevel":"Write","resourceTypes":[],"dependentActions":["ec2:DescribeInstances","ec2:RunInstances"]},"DeleteVolume":{"conditionKeys":[],"resources":[{"name":"VolumeId"}],"description":"Grants permission to delete a workspace managed volume in your account","accessLevel":"Write","resourceTypes":[{"name":"VolumeId","required":true}],"dependentActions":["ec2:DeleteVolume","ec2:DescribeVolumes"]},"DeleteWorkspaceInstance":{"conditionKeys":[],"resources":[{"name":"WorkspaceInstanceId"}],"description":"Grants permission to delete a workspace managed instance in your account","accessLevel":"Write","resourceTypes":[{"name":"WorkspaceInstanceId","required":true}],"dependentActions":["ec2:TerminateInstances"]},"DisassociateVolume":{"conditionKeys":[],"resources":[{"name":"WorkspaceInstanceId"}],"description":"Grants permission to disassociate a workspace managed volume from a workspace managed instance in your account","accessLevel":"Write","resourceTypes":[{"name":"WorkspaceInstanceId","required":true}],"dependentActions":["ec2:DescribeVolumes","ec2:DetachVolume"]},"GetWorkspaceInstance":{"conditionKeys":[],"resources":[{"name":"WorkspaceInstanceId"}],"description":"Grants permission to get details for a specific workspace managed instance in your account","accessLevel":"Read","resourceTypes":[{"name":"WorkspaceInstanceId","required":true}]},"ListInstanceTypes":{"conditionKeys":[],"resources":[],"description":"Grants permission to list all supported instance types","accessLevel":"List","resourceTypes":[]},"ListRegions":{"conditionKeys":[],"resources":[],"description":"Grants permission to list all supported AWS regions","accessLevel":"List","resourceTypes":[]},"ListTagsForResource":{"conditionKeys":[],"resources":[{"name":"WorkspaceInstanceId"}],"description":"Grants permission to list user tags for resources in your account","accessLevel":"List","resourceTypes":[{"name":"WorkspaceInstanceId","required":true}]},"ListWorkspaceInstances":{"conditionKeys":[],"resources":[],"description":"Grants permission to list workspace managed instances in your account","accessLevel":"List","resourceTypes":[]},"TagResource":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"WorkspaceInstanceId"}],"description":"Grants permission to add user tags to resources in your account","accessLevel":"Tagging","resourceTypes":[{"name":"WorkspaceInstanceId","required":true}]},"UntagResource":{"conditionKeys":["aws:TagKeys"],"resources":[{"name":"WorkspaceInstanceId"}],"description":"Grants permission to remove user tags from resources in your account","accessLevel":"Tagging","resourceTypes":[{"name":"WorkspaceInstanceId","required":true}]}},"resources":[{"name":"VolumeId","arnFormats":["arn:${Partition}:ec2:${Region}:${Account}:volume/${VolumeId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"WorkspaceInstanceId","arnFormats":["arn:${Partition}:workspaces-instances:${Region}:${Account}:workspaceinstance/${WorkspaceInstanceId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]}],"conditionKeys":{"aws:RequestTag/${TagKey}":{"types":["String"],"description":"Filters access based on the tags that are passed in the request"},"aws:ResourceTag/${TagKey}":{"types":["String"],"description":"Filters access based on the tags associated with the resource"},"aws:TagKeys":{"types":["ArrayOfString"],"description":"Filters access based on the tag keys that are passed in the request"}}}

package/src/data/servicereference/services/workspaces-web.json ADDED Viewed

@@ -0,0 +1 @@

+ {"name":"workspaces-web","actions":{"AssociateBrowserSettings":{"conditionKeys":[],"resources":[{"name":"browserSettings"},{"name":"portal"}],"description":"Grants permission to associate browser settings to web portals","accessLevel":"Write","resourceTypes":[{"name":"browserSettings","required":true},{"name":"portal","required":true}]},"AssociateDataProtectionSettings":{"conditionKeys":[],"resources":[{"name":"dataProtectionSettings"},{"name":"portal"}],"description":"Grants permission to associate data protection settings with web portals","accessLevel":"Write","resourceTypes":[{"name":"dataProtectionSettings","required":true},{"name":"portal","required":true}]},"AssociateIpAccessSettings":{"conditionKeys":[],"resources":[{"name":"ipAccessSettings"},{"name":"portal"}],"description":"Grants permission to associate ip access settings with web portals","accessLevel":"Write","resourceTypes":[{"name":"ipAccessSettings","required":true},{"name":"portal","required":true}]},"AssociateNetworkSettings":{"conditionKeys":[],"resources":[{"name":"networkSettings"},{"name":"portal"}],"description":"Grants permission to associate network settings to web portals","accessLevel":"Write","resourceTypes":[{"name":"networkSettings","required":true},{"name":"portal","required":true}],"dependentActions":["ec2:CreateNetworkInterface","ec2:CreateNetworkInterfacePermission","ec2:CreateTags","ec2:DeleteNetworkInterface","ec2:DeleteNetworkInterfacePermission","ec2:ModifyNetworkInterfaceAttribute"]},"AssociateSessionLogger":{"conditionKeys":[],"resources":[{"name":"portal"},{"name":"sessionLogger"}],"description":"Grants permission to associate session logger with web portals","accessLevel":"Write","resourceTypes":[{"name":"portal","required":true},{"name":"sessionLogger","required":true}]},"AssociateTrustStore":{"conditionKeys":[],"resources":[{"name":"portal"},{"name":"trustStore"}],"description":"Grants permission to associate trust stores with web portals","accessLevel":"Write","resourceTypes":[{"name":"portal","required":true},{"name":"trustStore","required":true}]},"AssociateUserAccessLoggingSettings":{"conditionKeys":[],"resources":[{"name":"portal"},{"name":"userAccessLoggingSettings"}],"description":"Grants permission to associate user access logging settings with web portals","accessLevel":"Write","resourceTypes":[{"name":"portal","required":true},{"name":"userAccessLoggingSettings","required":true}],"dependentActions":["kinesis:PutRecord","kinesis:PutRecords"]},"AssociateUserSettings":{"conditionKeys":[],"resources":[{"name":"portal"},{"name":"userSettings"}],"description":"Grants permission to associate user settings with web portals","accessLevel":"Write","resourceTypes":[{"name":"portal","required":true},{"name":"userSettings","required":true}]},"CreateBrowserSettings":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create browser settings","accessLevel":"Write","resourceTypes":[],"dependentActions":["kms:CreateGrant","kms:Decrypt","kms:DescribeKey","kms:GenerateDataKey","workspaces-web:TagResource"]},"CreateDataProtectionSettings":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create data protection settings","accessLevel":"Write","resourceTypes":[],"dependentActions":["workspaces-web:TagResource"]},"CreateIdentityProvider":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"identityProvider"},{"name":"portal"}],"description":"Grants permission to create identity providers","accessLevel":"Write","resourceTypes":[{"name":"identityProvider","required":true},{"name":"portal","required":true}]},"CreateIpAccessSettings":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create ip access settings","accessLevel":"Write","resourceTypes":[],"dependentActions":["workspaces-web:TagResource"]},"CreateNetworkSettings":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create network settings","accessLevel":"Write","resourceTypes":[],"dependentActions":["iam:CreateServiceLinkedRole","workspaces-web:TagResource"]},"CreatePortal":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create web portals","accessLevel":"Write","resourceTypes":[],"dependentActions":["iam:CreateServiceLinkedRole","kms:CreateGrant","kms:Decrypt","kms:DescribeKey","kms:GenerateDataKey","workspaces-web:TagResource"]},"CreateSessionLogger":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create session logger","accessLevel":"Write","resourceTypes":[],"dependentActions":["s3:PutObject","workspaces-web:TagResource"]},"CreateTrustStore":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create trust stores","accessLevel":"Write","resourceTypes":[],"dependentActions":["workspaces-web:TagResource"]},"CreateUserAccessLoggingSettings":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create user access logging settings","accessLevel":"Write","resourceTypes":[],"dependentActions":["workspaces-web:TagResource"]},"CreateUserSettings":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create user settings","accessLevel":"Write","resourceTypes":[],"dependentActions":["workspaces-web:TagResource"]},"DeleteBrowserSettings":{"conditionKeys":[],"resources":[{"name":"browserSettings"}],"description":"Grants permission to delete browser settings","accessLevel":"Write","resourceTypes":[{"name":"browserSettings","required":true}]},"DeleteDataProtectionSettings":{"conditionKeys":[],"resources":[{"name":"dataProtectionSettings"}],"description":"Grants permission to delete data protection settings","accessLevel":"Write","resourceTypes":[{"name":"dataProtectionSettings","required":true}]},"DeleteIdentityProvider":{"conditionKeys":[],"resources":[{"name":"identityProvider"},{"name":"portal"}],"description":"Grants permission to delete identity providers","accessLevel":"Write","resourceTypes":[{"name":"identityProvider","required":true},{"name":"portal","required":true}]},"DeleteIpAccessSettings":{"conditionKeys":[],"resources":[{"name":"ipAccessSettings"}],"description":"Grants permission to delete ip access settings","accessLevel":"Write","resourceTypes":[{"name":"ipAccessSettings","required":true}]},"DeleteNetworkSettings":{"conditionKeys":[],"resources":[{"name":"networkSettings"}],"description":"Grants permission to delete network settings","accessLevel":"Write","resourceTypes":[{"name":"networkSettings","required":true}]},"DeletePortal":{"conditionKeys":[],"resources":[{"name":"portal"}],"description":"Grants permission to delete web portals","accessLevel":"Write","resourceTypes":[{"name":"portal","required":true}]},"DeleteSessionLogger":{"conditionKeys":[],"resources":[{"name":"sessionLogger"}],"description":"Grants permission to delete session logger","accessLevel":"Write","resourceTypes":[{"name":"sessionLogger","required":true}]},"DeleteTrustStore":{"conditionKeys":[],"resources":[{"name":"trustStore"}],"description":"Grants permission to delete trust stores","accessLevel":"Write","resourceTypes":[{"name":"trustStore","required":true}]},"DeleteUserAccessLoggingSettings":{"conditionKeys":[],"resources":[{"name":"userAccessLoggingSettings"}],"description":"Grants permission to delete user access logging settings","accessLevel":"Write","resourceTypes":[{"name":"userAccessLoggingSettings","required":true}]},"DeleteUserSettings":{"conditionKeys":[],"resources":[{"name":"userSettings"}],"description":"Grants permission to delete user settings","accessLevel":"Write","resourceTypes":[{"name":"userSettings","required":true}]},"DisassociateBrowserSettings":{"conditionKeys":[],"resources":[{"name":"portal"}],"description":"Grants permission to disassociate browser settings from web portals","accessLevel":"Write","resourceTypes":[{"name":"portal","required":true}]},"DisassociateDataProtectionSettings":{"conditionKeys":[],"resources":[{"name":"portal"}],"description":"Grants permission to disassociate data protection logging from web portals","accessLevel":"Write","resourceTypes":[{"name":"portal","required":true}]},"DisassociateIpAccessSettings":{"conditionKeys":[],"resources":[{"name":"portal"}],"description":"Grants permission to disassociate ip access logging from web portals","accessLevel":"Write","resourceTypes":[{"name":"portal","required":true}]},"DisassociateNetworkSettings":{"conditionKeys":[],"resources":[{"name":"portal"}],"description":"Grants permission to disassociate network settings from web portals","accessLevel":"Write","resourceTypes":[{"name":"portal","required":true}]},"DisassociateSessionLogger":{"conditionKeys":[],"resources":[{"name":"portal"}],"description":"Grants permission to disassociate session logger from web portals","accessLevel":"Write","resourceTypes":[{"name":"portal","required":true}]},"DisassociateTrustStore":{"conditionKeys":[],"resources":[{"name":"portal"}],"description":"Grants permission to disassociate trust stores from web portals","accessLevel":"Write","resourceTypes":[{"name":"portal","required":true}]},"DisassociateUserAccessLoggingSettings":{"conditionKeys":[],"resources":[{"name":"portal"}],"description":"Grants permission to disassociate user access logging settings from web portals","accessLevel":"Write","resourceTypes":[{"name":"portal","required":true}]},"DisassociateUserSettings":{"conditionKeys":[],"resources":[{"name":"portal"}],"description":"Grants permission to disassociate user settings from web portals","accessLevel":"Write","resourceTypes":[{"name":"portal","required":true}]},"ExpireSession":{"conditionKeys":[],"resources":[{"name":"portal"}],"description":"Grants permission to expire a session from a specific portal","accessLevel":"Write","resourceTypes":[{"name":"portal","required":true}]},"GetBrowserSettings":{"conditionKeys":[],"resources":[{"name":"browserSettings"}],"description":"Grants permission to get details on browser settings","accessLevel":"Read","resourceTypes":[{"name":"browserSettings","required":true}]},"GetDataProtectionSettings":{"conditionKeys":[],"resources":[{"name":"dataProtectionSettings"}],"description":"Grants permission to get details on data protection settings","accessLevel":"Read","resourceTypes":[{"name":"dataProtectionSettings","required":true}]},"GetIdentityProvider":{"conditionKeys":[],"resources":[{"name":"identityProvider"}],"description":"Grants permission to get details on identity providers","accessLevel":"Read","resourceTypes":[{"name":"identityProvider","required":true}]},"GetIpAccessSettings":{"conditionKeys":[],"resources":[{"name":"ipAccessSettings"}],"description":"Grants permission to get details on ip access settings","accessLevel":"Read","resourceTypes":[{"name":"ipAccessSettings","required":true}]},"GetNetworkSettings":{"conditionKeys":[],"resources":[{"name":"networkSettings"}],"description":"Grants permission to get details on network settings","accessLevel":"Read","resourceTypes":[{"name":"networkSettings","required":true}]},"GetPortal":{"conditionKeys":[],"resources":[{"name":"portal"}],"description":"Grants permission to get details on web portals","accessLevel":"Read","resourceTypes":[{"name":"portal","required":true}]},"GetPortalServiceProviderMetadata":{"conditionKeys":[],"resources":[{"name":"portal"}],"description":"Grants permission to get service provider metadata information for web portals","accessLevel":"Read","resourceTypes":[{"name":"portal","required":true}]},"GetSession":{"conditionKeys":[],"resources":[{"name":"portal"}],"description":"Grants permission to get information about a particular session for a portal","accessLevel":"Read","resourceTypes":[{"name":"portal","required":true}]},"GetSessionLogger":{"conditionKeys":[],"resources":[{"name":"sessionLogger"}],"description":"Grants permission to get details on session logger","accessLevel":"Read","resourceTypes":[{"name":"sessionLogger","required":true}]},"GetTrustStore":{"conditionKeys":[],"resources":[{"name":"trustStore"}],"description":"Grants permission to get details on trust stores","accessLevel":"Read","resourceTypes":[{"name":"trustStore","required":true}]},"GetTrustStoreCertificate":{"conditionKeys":[],"resources":[{"name":"trustStore"}],"description":"Grants permission to get certificates from trust stores","accessLevel":"Read","resourceTypes":[{"name":"trustStore","required":true}]},"GetUserAccessLoggingSettings":{"conditionKeys":[],"resources":[{"name":"userAccessLoggingSettings"}],"description":"Grants permission to get details on user access logging settings","accessLevel":"Read","resourceTypes":[{"name":"userAccessLoggingSettings","required":true}]},"GetUserSettings":{"conditionKeys":[],"resources":[{"name":"userSettings"}],"description":"Grants permission to get details on user settings","accessLevel":"Read","resourceTypes":[{"name":"userSettings","required":true}]},"ListBrowserSettings":{"conditionKeys":[],"resources":[],"description":"Grants permission to list browser settings","accessLevel":"Read","resourceTypes":[]},"ListDataProtectionSettings":{"conditionKeys":[],"resources":[],"description":"Grants permission to list data protection settings","accessLevel":"Read","resourceTypes":[]},"ListIdentityProviders":{"conditionKeys":[],"resources":[{"name":"identityProvider"}],"description":"Grants permission to list identity providers","accessLevel":"Read","resourceTypes":[{"name":"identityProvider","required":true}]},"ListIpAccessSettings":{"conditionKeys":[],"resources":[],"description":"Grants permission to list ip access settings","accessLevel":"Read","resourceTypes":[]},"ListNetworkSettings":{"conditionKeys":[],"resources":[],"description":"Grants permission to list network settings","accessLevel":"Read","resourceTypes":[]},"ListPortals":{"conditionKeys":[],"resources":[],"description":"Grants permission to list web portals","accessLevel":"Read","resourceTypes":[]},"ListSessionLoggers":{"conditionKeys":[],"resources":[],"description":"Grants permission to list session loggers","accessLevel":"Read","resourceTypes":[]},"ListSessions":{"conditionKeys":[],"resources":[{"name":"portal"}],"description":"Grants permission to list sessions for a Portal using optional filters","accessLevel":"Read","resourceTypes":[{"name":"portal","required":true}]},"ListTagsForResource":{"conditionKeys":[],"resources":[],"description":"Grants permission to list tags for a resource","accessLevel":"Read","resourceTypes":[]},"ListTrustStoreCertificates":{"conditionKeys":[],"resources":[],"description":"Grants permission to list certificates in a trust store","accessLevel":"Read","resourceTypes":[]},"ListTrustStores":{"conditionKeys":[],"resources":[],"description":"Grants permission to list trust stores","accessLevel":"Read","resourceTypes":[]},"ListUserAccessLoggingSettings":{"conditionKeys":[],"resources":[],"description":"Grants permission to list user access logging settings","accessLevel":"Read","resourceTypes":[]},"ListUserSettings":{"conditionKeys":[],"resources":[],"description":"Grants permission to list user settings","accessLevel":"Read","resourceTypes":[]},"TagResource":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"browserSettings"},{"name":"dataProtectionSettings"},{"name":"identityProvider"},{"name":"ipAccessSettings"},{"name":"networkSettings"},{"name":"portal"},{"name":"sessionLogger"},{"name":"trustStore"},{"name":"userAccessLoggingSettings"},{"name":"userSettings"}],"description":"Grants permission to add one or more tags to a resource","accessLevel":"Tagging","resourceTypes":[{"name":"browserSettings","required":false},{"name":"dataProtectionSettings","required":false},{"name":"identityProvider","required":false},{"name":"ipAccessSettings","required":false},{"name":"networkSettings","required":false},{"name":"portal","required":false},{"name":"sessionLogger","required":false},{"name":"trustStore","required":false},{"name":"userAccessLoggingSettings","required":false},{"name":"userSettings","required":false}]},"UntagResource":{"conditionKeys":["aws:TagKeys"],"resources":[{"name":"browserSettings"},{"name":"dataProtectionSettings"},{"name":"identityProvider"},{"name":"ipAccessSettings"},{"name":"networkSettings"},{"name":"portal"},{"name":"sessionLogger"},{"name":"trustStore"},{"name":"userAccessLoggingSettings"},{"name":"userSettings"}],"description":"Grants permission to remove one or more tags from a resource","accessLevel":"Tagging","resourceTypes":[{"name":"browserSettings","required":false},{"name":"dataProtectionSettings","required":false},{"name":"identityProvider","required":false},{"name":"ipAccessSettings","required":false},{"name":"networkSettings","required":false},{"name":"portal","required":false},{"name":"sessionLogger","required":false},{"name":"trustStore","required":false},{"name":"userAccessLoggingSettings","required":false},{"name":"userSettings","required":false}]},"UpdateBrowserSettings":{"conditionKeys":[],"resources":[{"name":"browserSettings"}],"description":"Grants permission to update browser settings","accessLevel":"Write","resourceTypes":[{"name":"browserSettings","required":true}]},"UpdateDataProtectionSettings":{"conditionKeys":[],"resources":[{"name":"dataProtectionSettings"}],"description":"Grants permission to update data protection settings","accessLevel":"Write","resourceTypes":[{"name":"dataProtectionSettings","required":true}]},"UpdateIdentityProvider":{"conditionKeys":[],"resources":[{"name":"identityProvider"},{"name":"portal"}],"description":"Grants permission to update identity provider","accessLevel":"Write","resourceTypes":[{"name":"identityProvider","required":true},{"name":"portal","required":true}]},"UpdateIpAccessSettings":{"conditionKeys":[],"resources":[{"name":"ipAccessSettings"}],"description":"Grants permission to update ip access settings","accessLevel":"Write","resourceTypes":[{"name":"ipAccessSettings","required":true}]},"UpdateNetworkSettings":{"conditionKeys":[],"resources":[{"name":"networkSettings"}],"description":"Grants permission to update network settings","accessLevel":"Write","resourceTypes":[{"name":"networkSettings","required":true}],"dependentActions":["ec2:CreateNetworkInterface","ec2:CreateNetworkInterfacePermission","ec2:CreateTags","ec2:DeleteNetworkInterface","ec2:DeleteNetworkInterfacePermission","ec2:ModifyNetworkInterfaceAttribute"]},"UpdatePortal":{"conditionKeys":[],"resources":[{"name":"portal"}],"description":"Grants permission to update web portals","accessLevel":"Write","resourceTypes":[{"name":"portal","required":true}]},"UpdateSessionLogger":{"conditionKeys":[],"resources":[{"name":"sessionLogger"}],"description":"Grants permission to update session logger","accessLevel":"Write","resourceTypes":[{"name":"sessionLogger","required":true}]},"UpdateTrustStore":{"conditionKeys":[],"resources":[{"name":"trustStore"}],"description":"Grants permission to update trust stores","accessLevel":"Write","resourceTypes":[{"name":"trustStore","required":true}]},"UpdateUserAccessLoggingSettings":{"conditionKeys":[],"resources":[{"name":"userAccessLoggingSettings"}],"description":"Grants permission to update user access logging settings","accessLevel":"Write","resourceTypes":[{"name":"userAccessLoggingSettings","required":true}],"dependentActions":["kinesis:PutRecord","kinesis:PutRecords"]},"UpdateUserSettings":{"conditionKeys":[],"resources":[{"name":"userSettings"}],"description":"Grants permission to update user settings","accessLevel":"Write","resourceTypes":[{"name":"userSettings","required":true}]}},"resources":[{"name":"browserSettings","arnFormats":["arn:${Partition}:workspaces-web:${Region}:${Account}:browserSettings/${BrowserSettingsId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"dataProtectionSettings","arnFormats":["arn:${Partition}:workspaces-web:${Region}:${Account}:dataProtectionSettings/${DataProtectionSettingsId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"identityProvider","arnFormats":["arn:${Partition}:workspaces-web:${Region}:${Account}:identityProvider/${PortalId}/${IdentityProviderId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"ipAccessSettings","arnFormats":["arn:${Partition}:workspaces-web:${Region}:${Account}:ipAccessSettings/${IpAccessSettingsId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"networkSettings","arnFormats":["arn:${Partition}:workspaces-web:${Region}:${Account}:networkSettings/${NetworkSettingsId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"portal","arnFormats":["arn:${Partition}:workspaces-web:${Region}:${Account}:portal/${PortalId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"sessionLogger","arnFormats":["arn:${Partition}:workspaces-web:${Region}:${Account}:sessionLogger/${SessionLoggerId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"trustStore","arnFormats":["arn:${Partition}:workspaces-web:${Region}:${Account}:trustStore/${TrustStoreId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"userAccessLoggingSettings","arnFormats":["arn:${Partition}:workspaces-web:${Region}:${Account}:userAccessLoggingSettings/${UserAccessLoggingSettingsId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"userSettings","arnFormats":["arn:${Partition}:workspaces-web:${Region}:${Account}:userSettings/${UserSettingsId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]}],"conditionKeys":{"aws:RequestTag/${TagKey}":{"types":["String"],"description":"Filters access by the tags that are passed in the request"},"aws:ResourceTag/${TagKey}":{"types":["String"],"description":"Filters access by the tags associated with the resource"},"aws:TagKeys":{"types":["ArrayOfString"],"description":"Filters access by the tag keys that are passed in the request"}}}

package/src/data/servicereference/services/workspaces.json ADDED Viewed

@@ -0,0 +1 @@

+ {"name":"workspaces","actions":{"AcceptAccountLinkInvitation":{"conditionKeys":[],"resources":[],"description":"Grants permission to accept invitations from other AWS accounts to share the same configuration for WorkSpaces BYOL","accessLevel":"Write","resourceTypes":[]},"AssociateConnectionAlias":{"conditionKeys":[],"resources":[{"name":"connectionalias"},{"name":"directoryid"}],"description":"Grants permission to associate connection aliases with directories","accessLevel":"Write","resourceTypes":[{"name":"connectionalias","required":true},{"name":"directoryid","required":true}]},"AssociateIpGroups":{"conditionKeys":[],"resources":[{"name":"directoryid"},{"name":"workspaceipgroup"}],"description":"Grants permission to associate IP access control groups with directories","accessLevel":"Write","resourceTypes":[{"name":"directoryid","required":true},{"name":"workspaceipgroup","required":true}]},"AssociateWorkspaceApplication":{"conditionKeys":["aws:ResourceTag/${TagKey}"],"resources":[{"name":"workspaceapplication"},{"name":"workspaceid"}],"description":"Grants permission to associate a workspace application with a WorkSpace","accessLevel":"Write","resourceTypes":[{"name":"workspaceapplication","required":true},{"name":"workspaceid","required":true}]},"AuthorizeIpRules":{"conditionKeys":[],"resources":[{"name":"workspaceipgroup"}],"description":"Grants permission to add rules to IP access control groups","accessLevel":"Write","resourceTypes":[{"name":"workspaceipgroup","required":true}],"dependentActions":["workspaces:UpdateRulesOfIpGroup"]},"CopyWorkspaceImage":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"workspaceimage"}],"description":"Grants permission to copy a WorkSpace image","accessLevel":"Write","resourceTypes":[{"name":"workspaceimage","required":true}],"dependentActions":["workspaces:DescribeWorkspaceImages"]},"CreateAccountLinkInvitation":{"conditionKeys":[],"resources":[],"description":"Grants permission to invite other AWS accounts to share the same configuration for WorkSpaces BYOL","accessLevel":"Write","resourceTypes":[]},"CreateConnectClientAddIn":{"conditionKeys":[],"resources":[{"name":"directoryid"}],"description":"Grants permission to create an Amazon Connect client add-in within a directory","accessLevel":"Write","resourceTypes":[{"name":"directoryid","required":true}]},"CreateConnectionAlias":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create connection aliases for use with cross-Region redirection","accessLevel":"Write","resourceTypes":[]},"CreateIpGroup":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create IP access control groups","accessLevel":"Write","resourceTypes":[]},"CreateRootClientCertificate":{"conditionKeys":[],"resources":[{"name":"certificateid"}],"description":"Grants permission to create a root client certificate","accessLevel":"Write","resourceTypes":[{"name":"certificateid","required":true}],"permissionOnly":true},"CreateStandbyWorkspaces":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"directoryid"},{"name":"workspaceid"}],"description":"Grants permission to create one or more Standby WorkSpaces","accessLevel":"Write","resourceTypes":[{"name":"directoryid","required":true},{"name":"workspaceid","required":true}]},"CreateTags":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to create tags for WorkSpaces resources","accessLevel":"Tagging","resourceTypes":[]},"CreateUpdatedWorkspaceImage":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"workspaceimage"}],"description":"Grants permission to create an updated WorkSpace image","accessLevel":"Write","resourceTypes":[{"name":"workspaceimage","required":true}]},"CreateWorkspaceBundle":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"workspacebundle"},{"name":"workspaceimage"}],"description":"Grants permission to create a WorkSpace bundle","accessLevel":"Write","resourceTypes":[{"name":"workspacebundle","required":true},{"name":"workspaceimage","required":true}],"dependentActions":["workspaces:CreateTags"]},"CreateWorkspaceImage":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"workspaceid"}],"description":"Grants permission to create a new WorkSpace image","accessLevel":"Write","resourceTypes":[{"name":"workspaceid","required":true}]},"CreateWorkspaces":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"directoryid"},{"name":"workspacebundle"},{"name":"workspaceid"}],"description":"Grants permission to create one or more WorkSpaces","accessLevel":"Write","resourceTypes":[{"name":"directoryid","required":true},{"name":"workspacebundle","required":true},{"name":"workspaceid","required":true}]},"CreateWorkspacesPool":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"directoryid"},{"name":"workspacebundle"},{"name":"workspacespoolid"}],"description":"Grants permission to create a WorkSpaces Pool","accessLevel":"Write","resourceTypes":[{"name":"directoryid","required":true},{"name":"workspacebundle","required":true},{"name":"workspacespoolid","required":true}]},"DeleteAccountLinkInvitation":{"conditionKeys":[],"resources":[],"description":"Grants permission to delete invitations to other AWS accounts to share the same configuration for WorkSpaces BYOL","accessLevel":"Write","resourceTypes":[]},"DeleteClientBranding":{"conditionKeys":[],"resources":[{"name":"directoryid"}],"description":"Grants permission to delete AWS WorkSpaces Client branding data within a directory","accessLevel":"Write","resourceTypes":[{"name":"directoryid","required":true}]},"DeleteConnectClientAddIn":{"conditionKeys":[],"resources":[{"name":"directoryid"}],"description":"Grants permission to delete an Amazon Connect client add-in that is configured within a directory","accessLevel":"Write","resourceTypes":[{"name":"directoryid","required":true}]},"DeleteConnectionAlias":{"conditionKeys":[],"resources":[{"name":"connectionalias"}],"description":"Grants permission to delete connection aliases","accessLevel":"Write","resourceTypes":[{"name":"connectionalias","required":true}]},"DeleteIpGroup":{"conditionKeys":[],"resources":[{"name":"workspaceipgroup"}],"description":"Grants permission to delete IP access control groups","accessLevel":"Write","resourceTypes":[{"name":"workspaceipgroup","required":true}]},"DeleteRootClientCertificate":{"conditionKeys":[],"resources":[{"name":"certificateid"}],"description":"Grants permission to delete root client certificate","accessLevel":"Write","resourceTypes":[{"name":"certificateid","required":true}],"permissionOnly":true},"DeleteTags":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to delete tags from WorkSpaces resources","accessLevel":"Tagging","resourceTypes":[]},"DeleteWorkspaceBundle":{"conditionKeys":[],"resources":[{"name":"workspacebundle"}],"description":"Grants permission to delete WorkSpace bundles","accessLevel":"Write","resourceTypes":[{"name":"workspacebundle","required":true}]},"DeleteWorkspaceImage":{"conditionKeys":[],"resources":[{"name":"workspaceimage"}],"description":"Grants permission to delete WorkSpace images","accessLevel":"Write","resourceTypes":[{"name":"workspaceimage","required":true}]},"DeployWorkspaceApplications":{"conditionKeys":["aws:ResourceTag/${TagKey}"],"resources":[{"name":"workspaceid"}],"description":"Grants permission to deploy all pending workspace applications on a WorkSpace","accessLevel":"Write","resourceTypes":[{"name":"workspaceid","required":true}]},"DeregisterWorkspaceDirectory":{"conditionKeys":[],"resources":[{"name":"directoryid"}],"description":"Grants permission to deregister directories from use with Amazon WorkSpaces","accessLevel":"Write","resourceTypes":[{"name":"directoryid","required":true}]},"DescribeAccount":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve the configuration of Bring Your Own License (BYOL) for WorkSpaces accounts","accessLevel":"Read","resourceTypes":[]},"DescribeAccountModifications":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve modifications to the configuration of Bring Your Own License (BYOL) for WorkSpaces accounts","accessLevel":"Read","resourceTypes":[]},"DescribeApplicationAssociations":{"conditionKeys":["aws:ResourceTag/${TagKey}"],"resources":[{"name":"workspaceapplication"}],"description":"Grants permission to retrieve information about resources associated with a WorkSpace application","accessLevel":"List","resourceTypes":[{"name":"workspaceapplication","required":true}]},"DescribeApplications":{"conditionKeys":[],"resources":[],"description":"Grants permission to obtain information about WorkSpace applications","accessLevel":"List","resourceTypes":[]},"DescribeBundleAssociations":{"conditionKeys":["aws:ResourceTag/${TagKey}"],"resources":[{"name":"workspacebundle"}],"description":"Grants permission to retrieve information about resources associated with a WorkSpace bundle","accessLevel":"List","resourceTypes":[{"name":"workspacebundle","required":true}]},"DescribeClientBranding":{"conditionKeys":[],"resources":[{"name":"directoryid"}],"description":"Grants permission to retrieve AWS WorkSpaces Client branding data within a directory","accessLevel":"Read","resourceTypes":[{"name":"directoryid","required":true}]},"DescribeClientProperties":{"conditionKeys":[],"resources":[{"name":"directoryid"}],"description":"Grants permission to retrieve information about WorkSpaces clients","accessLevel":"List","resourceTypes":[{"name":"directoryid","required":true}]},"DescribeConnectClientAddIns":{"conditionKeys":[],"resources":[{"name":"directoryid"}],"description":"Grants permission to retrieve a list of Amazon Connect client add-ins that have been created","accessLevel":"List","resourceTypes":[{"name":"directoryid","required":true}]},"DescribeConnectionAliasPermissions":{"conditionKeys":[],"resources":[{"name":"connectionalias"}],"description":"Grants permission to retrieve the permissions that the owners of connection aliases have granted to other AWS accounts for connection aliases","accessLevel":"Read","resourceTypes":[{"name":"connectionalias","required":true}]},"DescribeConnectionAliases":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve a list that describes the connection aliases used for cross-Region redirection","accessLevel":"Read","resourceTypes":[]},"DescribeConsent":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve information about consent agreement to BYOL minimum requirements","accessLevel":"Read","resourceTypes":[],"permissionOnly":true},"DescribeCustomWorkspaceImageImport":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve information about WorkSpace BYOL image import task","accessLevel":"Read","resourceTypes":[]},"DescribeImageAssociations":{"conditionKeys":["aws:ResourceTag/${TagKey}"],"resources":[{"name":"workspaceimage"}],"description":"Grants permission to retrieve information about resources associated with a WorkSpace image","accessLevel":"List","resourceTypes":[{"name":"workspaceimage","required":true}]},"DescribeIpGroups":{"conditionKeys":[],"resources":[{"name":"workspaceipgroup"}],"description":"Grants permission to retrieve information about IP access control groups","accessLevel":"Read","resourceTypes":[{"name":"workspaceipgroup","required":true}]},"DescribeTags":{"conditionKeys":[],"resources":[],"description":"Grants permission to describe the tags for WorkSpaces resources","accessLevel":"Read","resourceTypes":[]},"DescribeWorkspaceAssociations":{"conditionKeys":["aws:ResourceTag/${TagKey}"],"resources":[{"name":"workspaceid"}],"description":"Grants permission to retrieve information about resources associated with a WorkSpace","accessLevel":"List","resourceTypes":[{"name":"workspaceid","required":true}]},"DescribeWorkspaceBundles":{"conditionKeys":[],"resources":[],"description":"Grants permission to obtain information about WorkSpace bundles","accessLevel":"List","resourceTypes":[]},"DescribeWorkspaceDirectories":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve information about directories that are registered with WorkSpaces","accessLevel":"Read","resourceTypes":[]},"DescribeWorkspaceImagePermissions":{"conditionKeys":[],"resources":[{"name":"workspaceimage"}],"description":"Grants permission to retrieve information about WorkSpace image permissions","accessLevel":"Read","resourceTypes":[{"name":"workspaceimage","required":true}]},"DescribeWorkspaceImages":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve information about WorkSpace images","accessLevel":"List","resourceTypes":[]},"DescribeWorkspaceSnapshots":{"conditionKeys":[],"resources":[{"name":"workspaceid"}],"description":"Grants permission to retrieve information about WorkSpace snapshots","accessLevel":"List","resourceTypes":[{"name":"workspaceid","required":true}]},"DescribeWorkspaces":{"conditionKeys":[],"resources":[],"description":"Grants permission to obtain information about WorkSpaces","accessLevel":"List","resourceTypes":[]},"DescribeWorkspacesConnectionStatus":{"conditionKeys":[],"resources":[],"description":"Grants permission to obtain the connection status of WorkSpaces","accessLevel":"Read","resourceTypes":[]},"DescribeWorkspacesPoolSessions":{"conditionKeys":[],"resources":[{"name":"workspacespoolid"}],"description":"Grants permission to retrieve information about the sessions of a WorkSpaces Pool","accessLevel":"List","resourceTypes":[{"name":"workspacespoolid","required":true}]},"DescribeWorkspacesPools":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve information about WorkSpaces Pools","accessLevel":"List","resourceTypes":[]},"DirectoryAccessManagement":{"conditionKeys":[],"resources":[{"name":"directoryid"}],"description":"Grants permission to directory management actions while managing and provisioning workspaces","accessLevel":"List","resourceTypes":[{"name":"directoryid","required":true}],"permissionOnly":true},"DisassociateConnectionAlias":{"conditionKeys":[],"resources":[{"name":"connectionalias"}],"description":"Grants permission to disassociate connection aliases from directories","accessLevel":"Write","resourceTypes":[{"name":"connectionalias","required":true}]},"DisassociateIpGroups":{"conditionKeys":[],"resources":[{"name":"directoryid"},{"name":"workspaceipgroup"}],"description":"Grants permission to disassociate IP access control groups from directories","accessLevel":"Write","resourceTypes":[{"name":"directoryid","required":true},{"name":"workspaceipgroup","required":true}]},"DisassociateWorkspaceApplication":{"conditionKeys":["aws:ResourceTag/${TagKey}"],"resources":[{"name":"workspaceapplication"},{"name":"workspaceid"}],"description":"Grants permission to disassociate a workspace application from a WorkSpace","accessLevel":"Write","resourceTypes":[{"name":"workspaceapplication","required":true},{"name":"workspaceid","required":true}]},"GetAccountLink":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve a link with another AWS Account for sharing configuration for WorkSpaces BYOL","accessLevel":"Read","resourceTypes":[]},"ImportClientBranding":{"conditionKeys":[],"resources":[{"name":"directoryid"}],"description":"Grants permission to import AWS WorkSpaces Client branding data within a directory","accessLevel":"Write","resourceTypes":[{"name":"directoryid","required":true}]},"ImportCustomWorkspaceImage":{"conditionKeys":[],"resources":[],"description":"Grants permission to import Bring Your Own License (BYOL) images into Amazon WorkSpaces","accessLevel":"Write","resourceTypes":[]},"ImportWorkspaceImage":{"conditionKeys":[],"resources":[],"description":"Grants permission to import Bring Your Own License (BYOL) images into Amazon WorkSpaces","accessLevel":"Write","resourceTypes":[],"dependentActions":["ec2:DescribeImages","ec2:ModifyImageAttribute"]},"ListAccountLinks":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve links with the AWS Account(s) that share your configuration for WorkSpaces BYOL","accessLevel":"List","resourceTypes":[]},"ListAvailableManagementCidrRanges":{"conditionKeys":[],"resources":[],"description":"Grants permission to list the available CIDR ranges for enabling Bring Your Own License (BYOL) for WorkSpaces accounts","accessLevel":"List","resourceTypes":[]},"MigrateWorkspace":{"conditionKeys":[],"resources":[{"name":"workspacebundle"},{"name":"workspaceid"}],"description":"Grants permission to migrate WorkSpaces","accessLevel":"Write","resourceTypes":[{"name":"workspacebundle","required":true},{"name":"workspaceid","required":true}]},"ModifyAccount":{"conditionKeys":[],"resources":[],"description":"Grants permission to modify the configuration of Bring Your Own License (BYOL) for WorkSpaces accounts","accessLevel":"Write","resourceTypes":[]},"ModifyCertificateBasedAuthProperties":{"conditionKeys":[],"resources":[{"name":"directoryid"}],"description":"Grants permission to modify the certificate-based authorization properties of a directory","accessLevel":"Write","resourceTypes":[{"name":"directoryid","required":true}]},"ModifyClientProperties":{"conditionKeys":[],"resources":[{"name":"directoryid"}],"description":"Grants permission to modify the properties of WorkSpaces clients","accessLevel":"Write","resourceTypes":[{"name":"directoryid","required":true}]},"ModifyEndpointEncryptionMode":{"conditionKeys":[],"resources":[{"name":"directoryid"}],"description":"Grants permission to configure the specified directory between Standard TLS and FIPS 140-2 validated mode","accessLevel":"Write","resourceTypes":[{"name":"directoryid","required":true}]},"ModifySamlProperties":{"conditionKeys":[],"resources":[{"name":"directoryid"}],"description":"Grants permission to modify the SAML properties of a directory","accessLevel":"Write","resourceTypes":[{"name":"directoryid","required":true}]},"ModifySelfservicePermissions":{"conditionKeys":[],"resources":[{"name":"directoryid"}],"description":"Grants permission to modify the self-service WorkSpace management capabilities for your users","accessLevel":"Permissions management","resourceTypes":[{"name":"directoryid","required":true}]},"ModifyStreamingProperties":{"conditionKeys":[],"resources":[{"name":"directoryid"}],"description":"Grants permission to modify the streaming properties","accessLevel":"Write","resourceTypes":[{"name":"directoryid","required":true}]},"ModifyWorkspaceAccessProperties":{"conditionKeys":[],"resources":[{"name":"directoryid"}],"description":"Grants permission to specify which devices and operating systems users can use to access their WorkSpaces","accessLevel":"Write","resourceTypes":[{"name":"directoryid","required":true}]},"ModifyWorkspaceCreationProperties":{"conditionKeys":[],"resources":[{"name":"directoryid"}],"description":"Grants permission to modify the default properties used to create WorkSpaces","accessLevel":"Write","resourceTypes":[{"name":"directoryid","required":true}]},"ModifyWorkspaceProperties":{"conditionKeys":[],"resources":[{"name":"workspaceid"}],"description":"Grants permission to modify WorkSpace properties, including the running mode and the AutoStop period","accessLevel":"Write","resourceTypes":[{"name":"workspaceid","required":true}]},"ModifyWorkspaceState":{"conditionKeys":[],"resources":[{"name":"workspaceid"}],"description":"Grants permission to modify the state of WorkSpaces","accessLevel":"Write","resourceTypes":[{"name":"workspaceid","required":true}]},"RebootWorkspaces":{"conditionKeys":[],"resources":[{"name":"workspaceid"}],"description":"Grants permission to reboot WorkSpaces","accessLevel":"Write","resourceTypes":[{"name":"workspaceid","required":true}]},"RebuildWorkspaces":{"conditionKeys":[],"resources":[{"name":"workspaceid"}],"description":"Grants permission to rebuild WorkSpaces","accessLevel":"Write","resourceTypes":[{"name":"workspaceid","required":true}]},"RegisterWorkspaceDirectory":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"directoryid"}],"description":"Grants permission to register directories for use with Amazon WorkSpaces","accessLevel":"Write","resourceTypes":[{"name":"directoryid","required":true}]},"RejectAccountLinkInvitation":{"conditionKeys":[],"resources":[],"description":"Grants permission to reject invitations from other AWS accounts to share the same configuration for WorkSpaces BYOL","accessLevel":"Write","resourceTypes":[]},"RestoreWorkspace":{"conditionKeys":[],"resources":[{"name":"workspaceid"}],"description":"Grants permission to restore WorkSpaces","accessLevel":"Write","resourceTypes":[{"name":"workspaceid","required":true}]},"RevokeIpRules":{"conditionKeys":[],"resources":[{"name":"workspaceipgroup"}],"description":"Grants permission to remove rules from IP access control groups","accessLevel":"Write","resourceTypes":[{"name":"workspaceipgroup","required":true}],"dependentActions":["workspaces:UpdateRulesOfIpGroup"]},"StartWorkspaces":{"conditionKeys":[],"resources":[{"name":"workspaceid"}],"description":"Grants permission to start AutoStop WorkSpaces","accessLevel":"Write","resourceTypes":[{"name":"workspaceid","required":true}]},"StartWorkspacesPool":{"conditionKeys":[],"resources":[{"name":"workspacespoolid"}],"description":"Grants permission to start a WorkSpaces Pool","accessLevel":"Write","resourceTypes":[{"name":"workspacespoolid","required":true}]},"StopWorkspaces":{"conditionKeys":[],"resources":[{"name":"workspaceid"}],"description":"Grants permission to stop AutoStop WorkSpaces","accessLevel":"Write","resourceTypes":[{"name":"workspaceid","required":true}]},"StopWorkspacesPool":{"conditionKeys":[],"resources":[{"name":"workspacespoolid"}],"description":"Grants permission to stop a WorkSpaces Pool","accessLevel":"Write","resourceTypes":[{"name":"workspacespoolid","required":true}]},"Stream":{"conditionKeys":["workspaces:userId"],"resources":[{"name":"directoryid"}],"description":"Grants permission to federated users to sign in by using their existing credentials and stream their workspace","accessLevel":"Write","resourceTypes":[{"name":"directoryid","required":true}]},"TerminateWorkspaces":{"conditionKeys":[],"resources":[{"name":"workspaceid"}],"description":"Grants permission to terminate WorkSpaces","accessLevel":"Write","resourceTypes":[{"name":"workspaceid","required":true}]},"TerminateWorkspacesPool":{"conditionKeys":[],"resources":[{"name":"workspacespoolid"}],"description":"Grants permission to terminate a WorkSpaces Pool","accessLevel":"Write","resourceTypes":[{"name":"workspacespoolid","required":true}]},"TerminateWorkspacesPoolSession":{"conditionKeys":[],"resources":[],"description":"Grants permission to terminate a WorkSpaces Pool session","accessLevel":"Write","resourceTypes":[]},"UpdateConnectClientAddIn":{"conditionKeys":[],"resources":[{"name":"directoryid"}],"description":"Grants permission to update an Amazon Connect client add-in. Use this action to update the name and endpoint URL of an Amazon Connect client add-in","accessLevel":"Write","resourceTypes":[{"name":"directoryid","required":true}]},"UpdateConnectionAliasPermission":{"conditionKeys":[],"resources":[{"name":"connectionalias"}],"description":"Grants permission to share or unshare connection aliases with other accounts","accessLevel":"Permissions management","resourceTypes":[{"name":"connectionalias","required":true}]},"UpdateConsent":{"conditionKeys":[],"resources":[],"description":"Grants permission to update the consent agreement to BYOL minimum requirements","accessLevel":"Write","resourceTypes":[],"permissionOnly":true},"UpdateRootClientCertificate":{"conditionKeys":[],"resources":[{"name":"certificateid"}],"description":"Grants permission to update a root client certificate","accessLevel":"Write","resourceTypes":[{"name":"certificateid","required":true}],"permissionOnly":true},"UpdateRulesOfIpGroup":{"conditionKeys":[],"resources":[{"name":"workspaceipgroup"}],"description":"Grants permission to replace rules for IP access control groups","accessLevel":"Write","resourceTypes":[{"name":"workspaceipgroup","required":true}],"dependentActions":["workspaces:AuthorizeIpRules","workspaces:RevokeIpRules"]},"UpdateWorkspaceBundle":{"conditionKeys":[],"resources":[{"name":"workspacebundle"},{"name":"workspaceimage"}],"description":"Grants permission to update the WorkSpace images used in WorkSpace bundles","accessLevel":"Write","resourceTypes":[{"name":"workspacebundle","required":true},{"name":"workspaceimage","required":true}]},"UpdateWorkspaceImagePermission":{"conditionKeys":[],"resources":[{"name":"workspaceimage"}],"description":"Grants permission to share or unshare WorkSpace images with other accounts by specifying whether other accounts have permission to copy the image","accessLevel":"Permissions management","resourceTypes":[{"name":"workspaceimage","required":true}]},"UpdateWorkspacesPool":{"conditionKeys":[],"resources":[{"name":"workspacespoolid"}],"description":"Grants permission to update the WorkSpaces pool","accessLevel":"Write","resourceTypes":[{"name":"workspacespoolid","required":true}]}},"resources":[{"name":"certificateid","arnFormats":["arn:${Partition}:workspaces:${Region}:${Account}:workspacecertificate/${CertificateId}"],"conditionKeys":[]},{"name":"connectionalias","arnFormats":["arn:${Partition}:workspaces:${Region}:${Account}:connectionalias/${ConnectionAliasId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"directoryid","arnFormats":["arn:${Partition}:workspaces:${Region}:${Account}:directory/${DirectoryId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"workspaceapplication","arnFormats":["arn:${Partition}:workspaces:${Region}:${Account}:workspaceapplication/${WorkSpaceApplicationId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"workspacebundle","arnFormats":["arn:${Partition}:workspaces:${Region}:${Account}:workspacebundle/${BundleId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"workspaceid","arnFormats":["arn:${Partition}:workspaces:${Region}:${Account}:workspace/${WorkspaceId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"workspaceimage","arnFormats":["arn:${Partition}:workspaces:${Region}:${Account}:workspaceimage/${ImageId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"workspaceipgroup","arnFormats":["arn:${Partition}:workspaces:${Region}:${Account}:workspaceipgroup/${GroupId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"workspacespoolid","arnFormats":["arn:${Partition}:workspaces:${Region}:${Account}:workspacespool/${PoolId}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]}],"conditionKeys":{"aws:RequestTag/${TagKey}":{"types":["String"],"description":"Filters access based on the tags that are passed in the request"},"aws:ResourceTag/${TagKey}":{"types":["String"],"description":"Filters access based on the tags associated with the resource"},"aws:TagKeys":{"types":["ArrayOfString"],"description":"Filters access based on the tag keys that are passed in the request"},"workspaces:userId":{"types":["String"],"description":"Filters access by the ID of the Workspaces user"}}}

package/src/data/servicereference/services/xray.json ADDED Viewed

@@ -0,0 +1 @@

+ {"name":"xray","actions":{"BatchGetTraceSummaryById":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve metadata for a list of traces specified by ID","accessLevel":"Read","resourceTypes":[],"permissionOnly":true},"BatchGetTraces":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve a list of traces specified by ID. Each trace is a collection of segment documents that originates from a single request. Use GetTraceSummaries to get a list of trace IDs","accessLevel":"List","resourceTypes":[]},"CancelTraceRetrieval":{"conditionKeys":[],"resources":[],"description":"Grants permission to cancel an ongoing trace retrieval job initiated by StartTraceRetrieval using the provided RetrievalToken. A successful cancellation will return an HTTP 200 response","accessLevel":"Read","resourceTypes":[]},"CreateGroup":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"group"}],"description":"Grants permission to create a group resource with a name and a filter expression","accessLevel":"Write","resourceTypes":[{"name":"group","required":true}]},"CreateSamplingRule":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"sampling-rule"}],"description":"Grants permission to create a rule to control sampling behavior for instrumented applications","accessLevel":"Write","resourceTypes":[{"name":"sampling-rule","required":true}]},"DeleteGroup":{"conditionKeys":["aws:ResourceTag/${TagKey}"],"resources":[{"name":"group"}],"description":"Grants permission to delete a group resource","accessLevel":"Write","resourceTypes":[{"name":"group","required":true}]},"DeleteResourcePolicy":{"conditionKeys":["xray:ResourcePolicyName"],"resources":[],"description":"Grants permission to delete resource policies","accessLevel":"Write","resourceTypes":[]},"DeleteSamplingRule":{"conditionKeys":["aws:ResourceTag/${TagKey}"],"resources":[{"name":"sampling-rule"}],"description":"Grants permission to delete a sampling rule","accessLevel":"Write","resourceTypes":[{"name":"sampling-rule","required":true}]},"GetDistinctTraceGraphs":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve distinct service graphs for one or more specific trace IDs","accessLevel":"Read","resourceTypes":[],"permissionOnly":true},"GetEncryptionConfig":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve the current encryption configuration for X-Ray data","accessLevel":"Read","resourceTypes":[]},"GetGroup":{"conditionKeys":["aws:ResourceTag/${TagKey}"],"resources":[{"name":"group"}],"description":"Grants permission to retrieve group resource details","accessLevel":"Read","resourceTypes":[{"name":"group","required":true}]},"GetGroups":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve all active group details","accessLevel":"Read","resourceTypes":[]},"GetIndexingRules":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve all indexing rules. Indexing rules are used to determine the server-side sampling rate for spans ingested through the CloudWatchLogs destination and indexed by X-Ray","accessLevel":"Read","resourceTypes":[]},"GetInsight":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve the details of a specific insight","accessLevel":"Read","resourceTypes":[]},"GetInsightEvents":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve the events of a specific insight","accessLevel":"Read","resourceTypes":[]},"GetInsightImpactGraph":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve the part of the service graph which is impacted for a specific insight","accessLevel":"Read","resourceTypes":[]},"GetInsightSummaries":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve the summary of all insights for a group and time range with optional filters","accessLevel":"Read","resourceTypes":[]},"GetRetrievedTracesGraph":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve a service graph for traces based on the specified RetrievalToken from the Transaction Search CloudWatch log group","accessLevel":"Read","resourceTypes":[]},"GetSamplingRules":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve all sampling rules","accessLevel":"Read","resourceTypes":[]},"GetSamplingStatisticSummaries":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve information about recent sampling results for all sampling rules","accessLevel":"Read","resourceTypes":[]},"GetSamplingTargets":{"conditionKeys":[],"resources":[],"description":"Grants permission to request a sampling quota for rules that the service is using to sample requests","accessLevel":"Read","resourceTypes":[]},"GetServiceGraph":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve a document that describes services that process incoming requests, and downstream services that they call as a result","accessLevel":"Read","resourceTypes":[]},"GetTimeSeriesServiceStatistics":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve an aggregation of service statistics defined by a specific time range bucketed into time intervals","accessLevel":"Read","resourceTypes":[]},"GetTraceGraph":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve a service graph for one or more specific trace IDs","accessLevel":"Read","resourceTypes":[]},"GetTraceSegmentDestination":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve the current destination of data sent to PutTraceSegments and OpenTelemetry API","accessLevel":"Read","resourceTypes":[]},"GetTraceSummaries":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve IDs and metadata for traces available for a specified time frame using an optional filter. To get the full traces, pass the trace IDs to BatchGetTraces","accessLevel":"Read","resourceTypes":[]},"Link":{"conditionKeys":[],"resources":[],"description":"Grants permission to share X-Ray resources with a monitoring account","accessLevel":"Write","resourceTypes":[],"permissionOnly":true},"ListResourcePolicies":{"conditionKeys":[],"resources":[],"description":"Grants permission to list resource policies","accessLevel":"List","resourceTypes":[]},"ListRetrievedTraces":{"conditionKeys":[],"resources":[],"description":"Grants permission to retrieve a list of traces for a given RetrievalToken from the Transaction Search CloudWatch log group","accessLevel":"List","resourceTypes":[]},"ListTagsForResource":{"conditionKeys":[],"resources":[{"name":"group"},{"name":"sampling-rule"}],"description":"Grants permission to list tags for an X-Ray resource","accessLevel":"List","resourceTypes":[{"name":"group","required":false},{"name":"sampling-rule","required":false}]},"PutEncryptionConfig":{"conditionKeys":[],"resources":[],"description":"Grants permission to update the encryption configuration for X-Ray data","accessLevel":"Permissions management","resourceTypes":[]},"PutResourcePolicy":{"conditionKeys":["xray:ResourcePolicyName"],"resources":[],"description":"Grants permission to create or update resource policies","accessLevel":"Write","resourceTypes":[]},"PutSpans":{"conditionKeys":["logs:LogGeneratingResourceArns"],"resources":[],"description":"Grants permission to upload OpenTelemetry spans to AWS X-Ray","accessLevel":"Write","resourceTypes":[]},"PutSpansForIndexing":{"conditionKeys":[],"resources":[],"description":"Grants permission to upload spans to AWS X-Ray to be indexed","accessLevel":"Write","resourceTypes":[],"permissionOnly":true},"PutTelemetryRecords":{"conditionKeys":[],"resources":[],"description":"Grants permission to send AWS X-Ray daemon telemetry to the service","accessLevel":"Write","resourceTypes":[]},"PutTraceSegments":{"conditionKeys":["logs:LogGeneratingResourceArns"],"resources":[],"description":"Grants permission to upload segment documents to AWS X-Ray. The X-Ray SDK generates segment documents and sends them to the X-Ray daemon, which uploads them in batches","accessLevel":"Write","resourceTypes":[]},"StartTraceRetrieval":{"conditionKeys":[],"resources":[],"description":"Grants permission to initiate a trace retrieval process using the specified time range and for the given trace IDs on the Transaction Search CloudWatch log group","accessLevel":"Read","resourceTypes":[]},"TagResource":{"conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"group"},{"name":"sampling-rule"}],"description":"Grants permission to add tags to an X-Ray resource","accessLevel":"Tagging","resourceTypes":[{"name":"group","required":false},{"name":"sampling-rule","required":false}]},"UntagResource":{"conditionKeys":["aws:TagKeys"],"resources":[{"name":"group"},{"name":"sampling-rule"}],"description":"Grants permission to remove tags from an X-Ray resource","accessLevel":"Tagging","resourceTypes":[{"name":"group","required":false},{"name":"sampling-rule","required":false}]},"UpdateGroup":{"conditionKeys":["aws:ResourceTag/${TagKey}"],"resources":[{"name":"group"}],"description":"Grants permission to update a group resource","accessLevel":"Write","resourceTypes":[{"name":"group","required":true}]},"UpdateIndexingRule":{"conditionKeys":[],"resources":[],"description":"Grants permission to modify an indexing rule's configuration","accessLevel":"Write","resourceTypes":[]},"UpdateSamplingRule":{"conditionKeys":["aws:ResourceTag/${TagKey}"],"resources":[{"name":"sampling-rule"}],"description":"Grants permission to modify a sampling rule's configuration","accessLevel":"Write","resourceTypes":[{"name":"sampling-rule","required":true}]},"UpdateTraceSegmentDestination":{"conditionKeys":["xray:TraceSegmentDestination"],"resources":[],"description":"Grants permission to modify the destination of data sent to PutTraceSegments and OpenTelemetry API","accessLevel":"Write","resourceTypes":[]}},"resources":[{"name":"group","arnFormats":["arn:${Partition}:xray:${Region}:${Account}:group/${GroupName}/${Id}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]},{"name":"sampling-rule","arnFormats":["arn:${Partition}:xray:${Region}:${Account}:sampling-rule/${SamplingRuleName}"],"conditionKeys":["aws:ResourceTag/${TagKey}"]}],"conditionKeys":{"aws:RequestTag/${TagKey}":{"types":["String"],"description":"Filters access by the tags that are passed in the request"},"aws:ResourceTag/${TagKey}":{"types":["String"],"description":"Filters access by the tags associated with the resource"},"aws:TagKeys":{"types":["ArrayOfString"],"description":"Filters access by the tag keys that are passed in the request"},"logs:LogGeneratingResourceArns":{"types":["ArrayOfARN"],"description":"Filters access by LogGeneratingResourceArn in the request"},"xray:ResourcePolicyName":{"types":["String"],"description":"Filters access by PolicyName in the request"},"xray:TraceSegmentDestination":{"types":["String"],"description":"Filters access by TraceSegmentDestination type in the request"}}}

package/src/data/servicereference/services.json ADDED Viewed

@@ -0,0 +1 @@

+ ["a2c","a4b","access-analyzer","account","acm","acm-pca","aco-automation","action-recommendations","activate","aidevops","aiops","airflow","airflow-serverless","amplify","amplifybackend","amplifyuibuilder","aoss","apigateway","app-integrations","appconfig","appfabric","appflow","application-autoscaling","application-signals","application-transformation","applicationinsights","appmesh","appmesh-preview","apprunner","appstream","appstudio","appsync","apptest","aps","arc-region-switch","arc-zonal-shift","arsenal","artifact","athena","auditmanager","autoscaling","autoscaling-plans","aws-marketplace","aws-marketplace-management","aws-mcp","aws-portal","awsconnector","b2bi","backup","backup-gateway","backup-search","backup-storage","batch","bcm-dashboards","bcm-data-exports","bcm-pricing-calculator","bcm-recommended-actions","bedrock","bedrock-agentcore","bedrock-mantle","billing","billingconductor","braket","budgets","bugbust","cases","cassandra","ce","chatbot","chime","cleanrooms","cleanrooms-ml","cloud9","clouddirectory","cloudformation","cloudfront","cloudfront-keyvaluestore","cloudhsm","cloudsearch","cloudshell","cloudtrail","cloudtrail-data","cloudwatch","codeartifact","codebuild","codecatalyst","codecommit","codeconnections","codedeploy","codedeploy-commands-secure","codeguru","codeguru-profiler","codeguru-reviewer","codeguru-security","codepipeline","codestar","codestar-connections","codestar-notifications","codewhisperer","cognito-identity","cognito-idp","cognito-sync","comprehend","comprehendmedical","compute-optimizer","config","connect","connect-campaigns","consoleapp","consolidatedbilling","controlcatalog","controltower","cost-optimization-hub","cur","customer-verification","databrew","dataexchange","datapipeline","datasync","datazone","dax","dbqms","deadline","detective","devicefarm","devops-guru","directconnect","discovery","dlm","dms","docdb-elastic","drs","ds","ds-data","dsql","dynamodb","ebs","ec2","ec2-instance-connect","ec2messages","ecr","ecr-public","ecs","ecs-mcp","eks","eks-auth","eks-mcp","elasticache","elasticbeanstalk","elasticfilesystem","elasticloadbalancing","elasticmapreduce","elastictranscoder","elemental-activations","elemental-appliances-software","elemental-inference","elemental-support-cases","elemental-support-content","emr-containers","emr-serverless","entityresolution","es","events","evidently","evs","execute-api","finspace","finspace-api","firehose","fis","fms","forecast","frauddetector","freertos","freetier","fsx","gamelift","gameliftstreams","geo","geo-maps","geo-places","geo-routes","glacier","globalaccelerator","glue","grafana","greengrass","groundstation","groundtruthlabeling","guardduty","health","health-agent","healthlake","honeycode","iam","identity-sync","identitystore","identitystore-auth","imagebuilder","importexport","inspector","inspector-scan","inspector2","inspector2-telemetry","interconnect","internetmonitor","invoicing","iot","iot-device-tester","iotanalytics","iotdeviceadvisor","iotevents","iotfleethub","iotfleetwise","iotjobsdata","iotmanagedintegrations","iotsitewise","iottwinmaker","iotwireless","iq","iq-permission","ivs","ivschat","kafka","kafka-cluster","kafkaconnect","kendra","kendra-ranking","kinesis","kinesisanalytics","kinesisvideo","kms","lakeformation","lambda","launchwizard","lex","license-manager","license-manager-linux-subscriptions","license-manager-user-subscriptions","lightsail","logs","lookoutequipment","lookoutmetrics","lookoutvision","m2","machinelearning","macie2","managedblockchain","managedblockchain-query","mapcredits","marketplacecommerceanalytics","mechanicalturk","mediaconnect","mediaconvert","mediaimport","medialive","mediapackage","mediapackage-vod","mediapackagev2","mediastore","mediatailor","medical-imaging","memorydb","mgh","mgn","migrationhub-orchestrator","migrationhub-strategy","mobileanalytics","mobiletargeting","monitron","mpa","mq","neptune-db","neptune-graph","network-firewall","network-security-director","networkflowmonitor","networkmanager","networkmanager-chat","networkmonitor","nimble","notifications","notifications-contacts","nova-act","oam","observabilityadmin","odb","omics","one","opensearch","opsworks","opsworks-cm","organizations","osis","outposts","panorama","partnercentral","partnercentral-account-management","payment-cryptography","payments","pca-connector-ad","pca-connector-scep","pcs","personalize","pi","pipes","polly","pricing","pricingplanmanager","private-networks","profile","proton","purchase-orders","q","qapps","qbusiness","qdeveloper","qldb","quicksight","ram","rbin","rds","rds-data","rds-db","redshift","redshift-data","redshift-serverless","refactor-spaces","rekognition","repostspace","resiliencehub","resource-explorer","resource-explorer-2","resource-groups","rhelkb","robomaker","rolesanywhere","route53","route53-recovery-cluster","route53-recovery-control-config","route53-recovery-readiness","route53domains","route53globalresolver","route53profiles","route53resolver","rtbfabric","rum","s3","s3-object-lambda","s3-outposts","s3express","s3tables","s3vectors","sagemaker","sagemaker-data-science-assistant","sagemaker-geospatial","sagemaker-mlflow","sagemaker-unified-studio-mcp","savingsplans","scheduler","schemas","scn","sdb","secretsmanager","security-ir","securityagent","securityhub","securitylake","serverlessrepo","servicecatalog","servicediscovery","serviceextract","servicequotas","ses","shield","signer","signin","simspaceweaver","sms","sms-voice","snow-device-management","snowball","sns","social-messaging","sqlworkbench","sqs","ssm","ssm-contacts","ssm-guiconnect","ssm-incidents","ssm-quicksetup","ssm-sap","ssmmessages","sso","sso-directory","sso-oauth","states","storagegateway","sts","support","support-console","supportapp","supportplans","sustainability","swf","synthetics","tag","tax","textract","thinclient","timestream","timestream-influxdb","tiros","tnb","transcribe","transfer","transform","transform-custom","translate","trustedadvisor","ts","user-subscriptions","uxc","vendor-insights","verified-access","verifiedpermissions","voiceid","vpc-lattice","vpc-lattice-svcs","vpce","waf","waf-regional","wafv2","wam","wellarchitected","wickr","wisdom","workdocs","worklink","workmail","workmailmessageflow","workspaces","workspaces-instances","workspaces-web","xray"]

package/src/extension.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import type { ExtensionContext } from 'vscode';
+export declare function activate(context: ExtensionContext): void;
+export declare function deactivate(): Promise<void> | undefined;

package/src/extension.js ADDED Viewed

@@ -0,0 +1,23 @@
+import path from 'node:path';
+import { LanguageClient, TransportKind } from 'vscode-languageclient/node.js';
+let client;
+export function activate(context) {
+    const serverModule = context.asAbsolutePath(path.join('src', 'server.js'));
+    const serverOptions = {
+        run: { module: serverModule, transport: TransportKind.stdio },
+        debug: { module: serverModule, transport: TransportKind.stdio },
+    };
+    client = new LanguageClient('aws-iam-ls', 'AWS IAM Language Server', serverOptions, {
+        documentSelector: [
+            { scheme: 'file', language: 'json' },
+            { scheme: 'file', language: 'yaml' },
+            { scheme: 'file', language: 'terraform' },
+        ],
+    });
+    client.start();
+}
+export function deactivate() {
+    if (client) {
+        return client.stop();
+    }
+}

package/src/grammars/tree-sitter-hcl.wasm ADDED Viewed

Binary file

package/src/grammars/tree-sitter-json.wasm ADDED Viewed

Binary file

package/src/grammars/tree-sitter-yaml.wasm ADDED Viewed

Binary file

package/src/handlers/completion/action-value.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+import type { CompletionList } from 'vscode-languageserver';
+import type { ActionValueLocation } from '../../lib/iam-policy/location.ts';
+import type { CompletionContext } from './index.ts';
+export declare function completeActionValue(location: ActionValueLocation, _context: CompletionContext): CompletionList;

package/src/handlers/completion/action-value.js ADDED Viewed

@@ -0,0 +1,46 @@
+import { CompletionItemKind, MarkupKind } from 'vscode-languageserver';
+import { ServiceReference } from "../../lib/iam-policy/reference/services.js";
+export function completeActionValue(location, _context) {
+    const potentialLabels = ServiceReference.getAllActions();
+    const items = [];
+    for (const label of potentialLabels) {
+        if (location.partial && !label.toLowerCase().startsWith(location.partial.toLowerCase()))
+            continue;
+        const item = {
+            label,
+            kind: CompletionItemKind.Enum,
+        };
+        const [service, actionName] = label.split(':');
+        if (service && actionName) {
+            const action = ServiceReference.getAction(service, actionName);
+            if (action) {
+                item.detail = action.description;
+                if (action.description) {
+                    item.documentation = {
+                        kind: MarkupKind.Markdown,
+                        value: formatActionDocumentation(action),
+                    };
+                }
+            }
+        }
+        items.push(item);
+    }
+    return { items, isIncomplete: false };
+}
+function formatActionDocumentation(action) {
+    const parts = [];
+    if (action.accessLevel)
+        parts.push(`**Access Level**: ${action.accessLevel}`);
+    if (action.resourceTypes && action.resourceTypes.length > 0) {
+        const resources = action.resourceTypes.map((resourceType) => resourceType.required ? `- \`${resourceType.name}\` *(required)*` : `- \`${resourceType.name}\``);
+        parts.push(`**Resource types**\n${resources.join('\n')}`);
+    }
+    if (action.conditionKeys.length > 0) {
+        const keys = action.conditionKeys.map((key) => `- \`${key}\``);
+        parts.push(`**Condition keys**\n${keys.join('\n')}`);
+    }
+    if (action.dependentActions && action.dependentActions.length > 0) {
+        parts.push(`**Dependent actions:** ${action.dependentActions.map((depAction) => `\`${depAction}\``).join(', ')}`);
+    }
+    return parts.join('\n\n');
+}

package/src/handlers/completion/condition-block.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+import type { CompletionList } from 'vscode-languageserver';
+import type { ConditionBlockLocation } from '../../lib/iam-policy/location.ts';
+import type { CompletionContext } from './index.ts';
+export declare function completeConditionBlock(location: ConditionBlockLocation, context: CompletionContext): CompletionList;

package/src/handlers/completion/condition-block.js ADDED Viewed

@@ -0,0 +1,31 @@
+import { CompletionItemKind, MarkupKind } from 'vscode-languageserver';
+const conditionBlockAttributes = {
+    test: {
+        description: 'The condition operator to evaluate (e.g., `StringEquals`, `ArnLike`, `IpAddress`).',
+    },
+    variable: {
+        description: 'The condition key to evaluate (e.g., `aws:SourceIp`, `s3:prefix`).',
+    },
+    values: {
+        description: 'List of values to compare against the condition key.',
+    },
+};
+export function completeConditionBlock(location, context) {
+    const siblingKeys = context.handler.getSiblingKeys(context.uri, context.position);
+    const items = [];
+    for (const [name, attr] of Object.entries(conditionBlockAttributes)) {
+        if (siblingKeys.includes(name))
+            continue;
+        if (location.partial && !name.toLowerCase().startsWith(location.partial.toLowerCase()))
+            continue;
+        items.push({
+            label: name,
+            kind: CompletionItemKind.Field,
+            documentation: {
+                kind: MarkupKind.Markdown,
+                value: attr.description,
+            },
+        });
+    }
+    return { items, isIncomplete: false };
+}

package/src/handlers/completion/condition-key.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+import type { CompletionList } from 'vscode-languageserver';
+import type { ConditionKeyLocation } from '../../lib/iam-policy/location.ts';
+import type { CompletionContext } from './index.ts';
+export declare function completeConditionKey(location: ConditionKeyLocation, context: CompletionContext): CompletionList;

package/src/handlers/completion/condition-key.js ADDED Viewed

@@ -0,0 +1,80 @@
+import { CompletionItemKind, MarkupKind } from 'vscode-languageserver';
+import { ServiceReference } from "../../lib/iam-policy/reference/services.js";
+import { expandActionPattern } from "../../lib/iam-policy/wildcard.js";
+export function completeConditionKey(location, context) {
+    const statement = context.handler.getStatementContext(context.uri, context.position);
+    const existingKeys = location.operator ? Object.keys(statement?.Condition?.[location.operator] ?? {}) : [];
+    const items = [];
+    const seen = new Set();
+    // Build a lookup for global keys so we can enrich service-specific keys with descriptions
+    const globalByName = new Map();
+    for (const global of ServiceReference.getGlobalConditionKeys()) {
+        globalByName.set(global.name, global);
+    }
+    // Action-specific condition keys
+    const actions = statement?.Action ?? statement?.NotAction;
+    if (actions && actions.length > 0) {
+        const expandedActions = [];
+        for (const action of actions) {
+            for (const expanded of expandActionPattern(action)) {
+                expandedActions.push(expanded);
+            }
+        }
+        for (const key of ServiceReference.getConditionKeysForActions(expandedActions)) {
+            if (seen.has(key.name))
+                continue;
+            if (existingKeys.includes(key.name))
+                continue;
+            if (location.partial && !key.name.toLowerCase().startsWith(location.partial.toLowerCase()))
+                continue;
+            seen.add(key.name);
+            const global = globalByName.get(key.name);
+            const service = key.name.split(':')[0];
+            const conditionKeyData = service ? ServiceReference.getConditionKey(service, key.name) : undefined;
+            items.push({
+                label: key.name,
+                kind: CompletionItemKind.Property,
+                documentation: {
+                    kind: MarkupKind.Markdown,
+                    value: formatDocumentation(key.types, global, conditionKeyData),
+                },
+            });
+        }
+    }
+    // Global condition keys not already added via action-specific keys
+    for (const global of ServiceReference.getGlobalConditionKeys()) {
+        if (seen.has(global.name))
+            continue;
+        if (existingKeys.includes(global.name))
+            continue;
+        if (location.partial && !global.name.toLowerCase().startsWith(location.partial.toLowerCase()))
+            continue;
+        seen.add(global.name);
+        items.push({
+            label: global.name,
+            kind: CompletionItemKind.Property,
+            documentation: {
+                kind: MarkupKind.Markdown,
+                value: formatDocumentation([], global),
+            },
+        });
+    }
+    return { items, isIncomplete: false };
+}
+function formatDocumentation(types, global, conditionKey) {
+    const parts = [];
+    const description = global?.description ?? conditionKey?.description;
+    if (description)
+        parts.push(description);
+    const meta = [];
+    const type = types.length > 0 ? types.join(', ') : undefined;
+    if (type)
+        meta.push(`**Type:** ${type}`);
+    if (global?.valueType === 'multi')
+        meta.push('**Value type:** Multivalued');
+    if (global?.availability)
+        meta.push(`**Availability:** ${global.availability}`);
+    if (meta.length > 0)
+        parts.push(meta.join('\n\n'));
+    return parts.join('\n\n');
+}

package/src/handlers/completion/condition-operator.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+import type { CompletionList } from 'vscode-languageserver';
+import type { ConditionOperatorLocation } from '../../lib/iam-policy/location.ts';
+import type { CompletionContext } from './index.ts';
+export declare function completeConditionOperator(location: ConditionOperatorLocation, context: CompletionContext): CompletionList;