iam-floyd 0.797.0 → 0.799.0

package/README.md

@@ -15,10 +15,10 @@
 <!-- stats -->
 Support for:
 
-- 449 Services
-- 20939 Actions
-- 2221 Resource Types
-- 2359 Condition keys
+- 450 Services
+- 21072 Actions
+- 2230 Resource Types
+- 2360 Condition keys
 <!-- /stats -->
 
 ![EXPERIMENTAL](https://img.shields.io/badge/stability-experimantal-orange?style=for-the-badge)**<br>This is an early version of the package. The API will change while I implement new features. Therefore make sure you use an exact version in your `package.json` before it reaches 1.0.0.**

package/lib/generated/aws-managed-policies/cdk-iam-floyd.d.ts

@@ -904,6 +904,10 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
     AmazonSageMakerHyperPodServiceRolePolicy(): aws_iam.IManagedPolicy;
     /** This policy provides administrative permissions required to set up the SageMaker HyperPod training operator. It enables access to Amazon SageMaker HyperPod and EKS add-ons. The policy includes permissions to describe the SageMaker HyperPod resources in your account. */
     AmazonSageMakerHyperPodTrainingOperatorAccess(): aws_iam.IManagedPolicy;
+    /** Provides permissions for Amazon SageMaker job execution roles to access data in Amazon S3, invoke agents through Amazon Bedrock AgentCore, track experiments with MLflow, publish model packages, write logs to Amazon CloudWatch, invoke AWS Lambda functions, and manage Amazon VPC network interfaces. */
+    AmazonSageMakerJobFullAccess(): aws_iam.IManagedPolicy;
+    /** Provides permissions for agent runtimes to invoke the Amazon SageMaker job runtime APIs used during model customization for sample generation, trajectory completion, and reward submission. */
+    AmazonSageMakerJobRuntimeAccess(): aws_iam.IManagedPolicy;
     /** Provides access to create Amazon Augmented AI FlowDefinition resources against any Workteam. */
     AmazonSageMakerMechanicalTurkAccess(): aws_iam.IManagedPolicy;
     /** Grants permissions for SageMaker model customization workflows including serverless training, custom reward function for reinforcement learning, model evaluation, and deployment to SageMaker or Bedrock endpoints. */
@@ -2154,8 +2158,12 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
     AWSQuickSetupPatchPolicyBaselineAccess(): aws_iam.IManagedPolicy;
     /** Provides permissions that allow Quick Setup to create resources associated with a patch policy configuration. */
     AWSQuickSetupPatchPolicyDeploymentRolePolicy(): aws_iam.IManagedPolicy;
+    /** Grants permissions to manage State Manager associations for automated cleanup operations when Quick Setup configurations are deleted. */
+    AWSQuickSetupPatchPolicyLambdaExecutionPolicy(): aws_iam.IManagedPolicy;
     /** QuickSetup creates IAM roles which enable it to configure the Systems Manager Patch Manager feature on your behalf, and uses this policy when creating such roles to define the boundary of their permissions. */
     AWSQuickSetupPatchPolicyPermissionsBoundary(): aws_iam.IManagedPolicy;
+    /** Grants permissions to track which instances are managed by Quick Setup patch policy configurations through automated tagging and inventory collection. */
+    AWSQuickSetupPatchPolicyTagManagementExecutionPolicy(): aws_iam.IManagedPolicy;
     /** The AWSQuickSetupSchedulerPermissionsBoundary policy defines the list of permissions that are permitted in an IAM role created by Quick Setup. Quick Setup uses a role created with this policy to enable and configure scheduled operations on Amazon EC2 instances and other resources. */
     AWSQuickSetupSchedulerPermissionsBoundary(): aws_iam.IManagedPolicy;
     /** This policy grants administrative permssions that allow Quick Setup to create resources that are used during the Systems Manager onboarding process. */
@@ -2674,6 +2682,8 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
     EC2FleetTimeShiftableServiceRolePolicy(): aws_iam.IManagedPolicy;
     /** Permissions need by EC2 Image Builder to perform a cross account distribution. */
     Ec2ImageBuilderCrossAccountDistributionAccess(): aws_iam.IManagedPolicy;
+    /** Grants permissions that allow EC2 Image Builder to call AWS services on your behalf */
+    EC2ImageBuilderExecutionPolicy(): aws_iam.IManagedPolicy;
     /** The EC2ImageBuilderLifecycleExecutionPolicy policy grants permissions for Image Builder to perform actions such as deprecate or delete Image Builder image resources and their underlying resources (AMIs, snapshots) to support automated rules for image lifecycle management tasks. */
     EC2ImageBuilderLifecycleExecutionPolicy(): aws_iam.IManagedPolicy;
     /** Allows customers to call EC2 Instance Connect to publish ephemeral keys to their EC2 instances and connect via ssh or the EC2 Instance Connect CLI. */
@@ -2710,6 +2720,10 @@ export declare class AwsManagedPolicy extends AwsManagedPolicyStatic {
     ElementalSupportCenterFullAccess(): aws_iam.IManagedPolicy;
     /** This policy grants read-only permissions that allow the WAL service for Amazon EMR to find and return the status of a cluster */
     EMRDescribeClusterPolicyForEMRWAL(): aws_iam.IManagedPolicy;
+    /** Provides permissions required by the AWS FinOps Agent to perform cost analysis and spot cost saving opportunity on customer AWS resources. */
+    FinOpsAgentAgentPolicy(): aws_iam.IManagedPolicy;
+    /** Provides access to use the AWS FinOps Agent web app for an Agent. */
+    FinOpsAgentOperatorPolicy(): aws_iam.IManagedPolicy;
     /** Access policy to allow FM service linked role to perform FM-related actions on FM-managed resources within a customer AWS Organization account. */
     FMSServiceRolePolicy(): aws_iam.IManagedPolicy;
     /** Allows Amazon FSx to delete its Service Linked Roles for Amazon S3 access */