iamdata 0.1.202504261__py3-none-any.whl → 0.1.202511181__py3-none-any.whl

iamdata/data/actions/ds.json

@@ -218,6 +218,35 @@
       "ec2:DescribeVpcs"
     ]
   },
+  "createhybridad": {
+    "name": "CreateHybridAD",
+    "description": "Grants permission to create a Hybrid Managed AD directory",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [
+      "aws:RequestTag/${TagKey}",
+      "aws:TagKeys"
+    ],
+    "dependentActions": [
+      "ec2:AuthorizeSecurityGroupEgress",
+      "ec2:AuthorizeSecurityGroupIngress",
+      "ec2:CreateNetworkInterface",
+      "ec2:CreateNetworkInterfacePermission",
+      "ec2:CreateSecurityGroup",
+      "ec2:CreateTags",
+      "ec2:DescribeNetworkInterfaces",
+      "ec2:DescribeSubnets",
+      "ec2:DescribeVpcs",
+      "iam:CreateServiceLinkedRole",
+      "iam:GetRole",
+      "secretsmanager:DescribeSecret",
+      "secretsmanager:GetSecretValue",
+      "ssm:GetCommandInvocation",
+      "ssm:GetConnectionStatus",
+      "ssm:ListCommands",
+      "ssm:SendCommand"
+    ]
+  },
   "createidentitypooldirectory": {
     "name": "CreateIdentityPoolDirectory",
     "isPermissionOnly": true,
@@ -295,6 +324,14 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "deleteadassessment": {
+    "name": "DeleteADAssessment",
+    "description": "Grants permission to delete a directory assessment",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "deleteconditionalforwarder": {
     "name": "DeleteConditionalForwarder",
     "description": "Grants permission to delete a conditional forwarder that has been set up for your AWS directory",
@@ -406,6 +443,29 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "describeadassessment": {
+    "name": "DescribeADAssessment",
+    "description": "Grants permission to describe a directory assessment",
+    "accessLevel": "Read",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "describecaenrollmentpolicy": {
+    "name": "DescribeCAEnrollmentPolicy",
+    "description": "Grants permission to describe the ca enrollment status of a specified directory",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "directory",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "describecertificate": {
     "name": "DescribeCertificate",
     "description": "Grants permission to display information about the certificate registered for a secured LDAP connection",
@@ -504,6 +564,21 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "describehybridadupdate": {
+    "name": "DescribeHybridADUpdate",
+    "description": "Grants permission to describe the updates of a specified hybrid directory",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "directory",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "describeldapssettings": {
     "name": "DescribeLDAPSSettings",
     "description": "Grants permission to describe the status of LDAP security for the specified directory",
@@ -595,6 +670,21 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "disablecaenrollmentpolicy": {
+    "name": "DisableCAEnrollmentPolicy",
+    "description": "Grants permission to disable the ca enrollment of a specified directory",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "directory",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "disableclientauthentication": {
     "name": "DisableClientAuthentication",
     "description": "Grants permission to disable alternative client authentication methods for the specified directory",
@@ -686,6 +776,24 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "enablecaenrollmentpolicy": {
+    "name": "EnableCAEnrollmentPolicy",
+    "description": "Grants permission to enable the ca enrollment of a specified directory",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "directory",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": [
+      "acm-pca:DescribeCertificateAuthority",
+      "pca-connector-ad:GetConnector"
+    ]
+  },
   "enableclientauthentication": {
     "name": "EnableClientAuthentication",
     "description": "Grants permission to enable alternative client authentication methods for the specified directory",
@@ -818,6 +926,14 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "listadassessments": {
+    "name": "ListADAssessments",
+    "description": "Grants permission to list directory assessments",
+    "accessLevel": "List",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "listauthorizedapplications": {
     "name": "ListAuthorizedApplications",
     "isPermissionOnly": true,
@@ -1044,6 +1160,29 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "startadassessment": {
+    "name": "StartADAssessment",
+    "description": "Grants permission to start a directory assessment",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": [
+      "ec2:AuthorizeSecurityGroupEgress",
+      "ec2:AuthorizeSecurityGroupIngress",
+      "ec2:CreateNetworkInterface",
+      "ec2:CreateNetworkInterfacePermission",
+      "ec2:CreateSecurityGroup",
+      "ec2:DeleteNetworkInterface",
+      "ec2:DeleteSecurityGroup",
+      "ec2:DescribeNetworkInterfaces",
+      "ec2:DescribeSubnets",
+      "ec2:DescribeVpcs",
+      "ssm:GetCommandInvocation",
+      "ssm:GetConnectionStatus",
+      "ssm:ListCommands",
+      "ssm:SendCommand"
+    ]
+  },
   "startschemaextension": {
     "name": "StartSchemaExtension",
     "description": "Grants permission to apply a schema extension to a Microsoft AD directory",
@@ -1152,6 +1291,37 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "updatehybridad": {
+    "name": "UpdateHybridAD",
+    "description": "Grants permission to update configurations for a specified hybrid directory",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "directory",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": [
+      "ec2:AuthorizeSecurityGroupEgress",
+      "ec2:AuthorizeSecurityGroupIngress",
+      "ec2:CreateNetworkInterface",
+      "ec2:CreateNetworkInterfacePermission",
+      "ec2:CreateSecurityGroup",
+      "ec2:CreateTags",
+      "ec2:DescribeNetworkInterfaces",
+      "ec2:DescribeSubnets",
+      "ec2:DescribeVpcs",
+      "secretsmanager:DescribeSecret",
+      "secretsmanager:GetSecretValue",
+      "ssm:GetCommandInvocation",
+      "ssm:GetConnectionStatus",
+      "ssm:ListCommands",
+      "ssm:SendCommand"
+    ]
+  },
   "updatenumberofdomaincontrollers": {
     "name": "UpdateNumberOfDomainControllers",
     "description": "Grants permission to add or remove domain controllers to or from the directory. Based on the difference between current value and new value (provided through this API call), domain controllers will be added or removed. It may take up to 45 minutes for any new domain controllers to become fully active once the requested number of domain controllers is updated. During this time, you cannot make another update request",

iamdata/data/actions/dsql.json

@@ -1,27 +1,25 @@
 {
-  "createcluster": {
-    "name": "CreateCluster",
-    "description": "Grants permission to create new clusters",
+  "addpeercluster": {
+    "name": "AddPeerCluster",
+    "isPermissionOnly": true,
+    "description": "Grants permission to add a peer cluster to a multi-Region cluster",
     "accessLevel": "Write",
     "resourceTypes": [
       {
         "name": "Cluster",
         "required": true,
         "conditionKeys": [],
-        "dependentActions": [
-          "iam:CreateServiceLinkedRole"
-        ]
+        "dependentActions": []
       }
     ],
-    "conditionKeys": [
-      "aws:RequestTag/${TagKey}",
-      "aws:TagKeys"
-    ],
-    "dependentActions": []
+    "conditionKeys": [],
+    "dependentActions": [
+      "dsql:PutMultiRegionProperties"
+    ]
   },
-  "createmultiregionclusters": {
-    "name": "CreateMultiRegionClusters",
-    "description": "Grants permission to create multi-Region clusters. Creating multi-Region clusters also requires CreateCluster permission in each specified Region",
+  "createcluster": {
+    "name": "CreateCluster",
+    "description": "Grants permission to create new clusters",
     "accessLevel": "Write",
     "resourceTypes": [
       {
@@ -29,11 +27,13 @@
         "required": true,
         "conditionKeys": [],
         "dependentActions": [
-          "dsql:CreateCluster"
+          "iam:CreateServiceLinkedRole"
         ]
       }
     ],
     "conditionKeys": [
+      "aws:RequestTag/${TagKey}",
+      "aws:TagKeys",
       "dsql:WitnessRegion"
     ],
     "dependentActions": []
@@ -83,9 +83,9 @@
     "conditionKeys": [],
     "dependentActions": []
   },
-  "deletemultiregionclusters": {
-    "name": "DeleteMultiRegionClusters",
-    "description": "Grants permission to delete multi-Region clusters. Deleting multi-Region clusters also requires DeleteCluster permission in each specified Region",
+  "deleteclusterpolicy": {
+    "name": "DeleteClusterPolicy",
+    "description": "Grants permission to remove the inline resource-based policy attached to a cluster",
     "accessLevel": "Write",
     "resourceTypes": [
       {
@@ -96,9 +96,22 @@
       }
     ],
     "conditionKeys": [],
-    "dependentActions": [
-      "dsql:DeleteCluster"
-    ]
+    "dependentActions": []
+  },
+  "getbackupjob": {
+    "name": "GetBackupJob",
+    "description": "Grants permission to get the status of an Aurora DSQL cluster backup job",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "Cluster",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
   },
   "getcluster": {
     "name": "GetCluster",
@@ -115,6 +128,63 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "getclusterpolicy": {
+    "name": "GetClusterPolicy",
+    "description": "Grants permission to retrieve the inline resource-based policy attached to a cluster",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "Cluster",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "getrestorejob": {
+    "name": "GetRestoreJob",
+    "description": "Grants permission to get the status of an Aurora DSQL cluster restore job",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "Cluster",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "getvpcendpointservicename": {
+    "name": "GetVpcEndpointServiceName",
+    "description": "Grants permission to retrieve the VPC endpoint service name for a cluster",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "Cluster",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "injecterror": {
+    "name": "InjectError",
+    "isPermissionOnly": true,
+    "description": "Grants permission to inject errors in targeted clusters",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [
+      "dsql:FisActionId",
+      "dsql:FisTargetArns"
+    ],
+    "dependentActions": []
+  },
   "listclusters": {
     "name": "ListClusters",
     "description": "Grants permission to retrieve a list of clusters",
@@ -138,6 +208,138 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "putclusterpolicy": {
+    "name": "PutClusterPolicy",
+    "description": "Grants permission to attach or update the inline resource-based policy attached to a cluster",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "Cluster",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "putmultiregionproperties": {
+    "name": "PutMultiRegionProperties",
+    "isPermissionOnly": true,
+    "description": "Grants permission to update multi-Region properties of a cluster",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "Cluster",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "putwitnessregion": {
+    "name": "PutWitnessRegion",
+    "isPermissionOnly": true,
+    "description": "Grants permission to configure and update the witness Region of a multi-Region cluster",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "Cluster",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": [
+          "dsql:PutMultiRegionProperties"
+        ]
+      }
+    ],
+    "conditionKeys": [
+      "dsql:WitnessRegion"
+    ],
+    "dependentActions": []
+  },
+  "removepeercluster": {
+    "name": "RemovePeerCluster",
+    "isPermissionOnly": true,
+    "description": "Grants permission to remove a peer cluster from a multi-Region cluster",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "Cluster",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": [
+      "dsql:PutMultiRegionProperties"
+    ]
+  },
+  "startbackupjob": {
+    "name": "StartBackupJob",
+    "description": "Grants permission to start a backup job for an Aurora DSQL cluster",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "Cluster",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "startrestorejob": {
+    "name": "StartRestoreJob",
+    "description": "Grants permission to start a restore job for an Aurora DSQL cluster",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "Cluster",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": [
+      "dsql:CreateCluster",
+      "iam:CreateServiceLinkedRole"
+    ]
+  },
+  "stopbackupjob": {
+    "name": "StopBackupJob",
+    "description": "Grants permission to stop a backup job for an Aurora DSQL cluster",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "Cluster",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "stoprestorejob": {
+    "name": "StopRestoreJob",
+    "description": "Grants permission to stop a restore job for an Aurora DSQL Cluster",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "Cluster",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "tagresource": {
     "name": "TagResource",
     "description": "Grants permission to add tags to Aurora DSQL resources",
@@ -185,7 +387,9 @@
         "dependentActions": []
       }
     ],
-    "conditionKeys": [],
+    "conditionKeys": [
+      "dsql:WitnessRegion"
+    ],
     "dependentActions": []
   }
 }

iamdata/data/actions/dynamodb.json

@@ -94,6 +94,22 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "createglobaltablewitness": {
+    "name": "CreateGlobalTableWitness",
+    "isPermissionOnly": true,
+    "description": "Grants permission to add a Witness to a Global Table",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "table",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "createtable": {
     "name": "CreateTable",
     "description": "Grants permission to the CreateTable operation adds a new table to your account",
@@ -143,6 +159,22 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "deleteglobaltablewitness": {
+    "name": "DeleteGlobalTableWitness",
+    "isPermissionOnly": true,
+    "description": "Grants permission to remove a Witness from a Global Table",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "table",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "deleteitem": {
     "name": "DeleteItem",
     "description": "Grants permission to deletes a single item in a table by primary key",