iamdata 0.1.202505111__py3-none-any.whl → 0.1.202512121__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (365) hide show
  1. iamdata/data/actions/access-analyzer.json +4 -1
  2. iamdata/data/actions/account.json +21 -0
  3. iamdata/data/actions/acm.json +23 -3
  4. iamdata/data/actions/aco-automation.json +252 -0
  5. iamdata/data/actions/action-recommendations.json +10 -0
  6. iamdata/data/actions/aidevops.json +481 -0
  7. iamdata/data/actions/aiops.json +189 -1
  8. iamdata/data/actions/airflow-serverless.json +225 -0
  9. iamdata/data/actions/amplify.json +2 -12
  10. iamdata/data/actions/aoss.json +36 -4
  11. iamdata/data/actions/apigateway.json +104 -0
  12. iamdata/data/actions/app-integrations.json +108 -0
  13. iamdata/data/actions/application-signals.json +48 -0
  14. iamdata/data/actions/appstream.json +138 -103
  15. iamdata/data/actions/appsync.json +1 -1
  16. iamdata/data/actions/aps.json +309 -0
  17. iamdata/data/actions/{deepcomposer.json → arc-region-switch.json} +132 -114
  18. iamdata/data/actions/arc-zonal-shift.json +53 -1
  19. iamdata/data/actions/artifact.json +8 -36
  20. iamdata/data/actions/athena.json +88 -1
  21. iamdata/data/actions/auditmanager.json +60 -7
  22. iamdata/data/actions/autoscaling.json +42 -3
  23. iamdata/data/actions/aws-marketplace.json +48 -32
  24. iamdata/data/actions/aws-mcp.json +26 -0
  25. iamdata/data/actions/backup-search.json +1 -0
  26. iamdata/data/actions/backup.json +250 -2
  27. iamdata/data/actions/batch.json +183 -17
  28. iamdata/data/actions/bcm-dashboards.json +79 -0
  29. iamdata/data/actions/bcm-data-exports.json +12 -0
  30. iamdata/data/actions/bcm-recommended-actions.json +10 -0
  31. iamdata/data/actions/bedrock-agentcore.json +2394 -0
  32. iamdata/data/actions/bedrock-mantle.json +106 -0
  33. iamdata/data/actions/bedrock.json +959 -58
  34. iamdata/data/actions/billing.json +88 -5
  35. iamdata/data/actions/braket.json +64 -9
  36. iamdata/data/actions/budgets.json +6 -2
  37. iamdata/data/actions/cases.json +22 -2
  38. iamdata/data/actions/cassandra.json +67 -2
  39. iamdata/data/actions/ce.json +42 -0
  40. iamdata/data/actions/chatbot.json +87 -20
  41. iamdata/data/actions/cleanrooms-ml.json +11 -0
  42. iamdata/data/actions/cleanrooms.json +93 -0
  43. iamdata/data/actions/cloud9.json +4 -10
  44. iamdata/data/actions/cloudformation.json +43 -0
  45. iamdata/data/actions/cloudfront.json +309 -87
  46. iamdata/data/actions/cloudtrail.json +60 -0
  47. iamdata/data/actions/cloudwatch.json +53 -0
  48. iamdata/data/actions/codebuild.json +367 -12
  49. iamdata/data/actions/codepipeline.json +15 -0
  50. iamdata/data/actions/cognito-idp.json +83 -0
  51. iamdata/data/actions/connect-campaigns.json +16 -0
  52. iamdata/data/actions/connect.json +1242 -11
  53. iamdata/data/actions/controlcatalog.json +8 -0
  54. iamdata/data/actions/cost-optimization-hub.json +8 -0
  55. iamdata/data/actions/cur.json +5 -1
  56. iamdata/data/actions/databrew.json +14 -7
  57. iamdata/data/actions/dataexchange.json +61 -9
  58. iamdata/data/actions/datazone.json +316 -6
  59. iamdata/data/actions/deadline.json +40 -12
  60. iamdata/data/actions/dms.json +133 -8
  61. iamdata/data/actions/ds.json +170 -0
  62. iamdata/data/actions/dsql.json +212 -23
  63. iamdata/data/actions/dynamodb.json +32 -0
  64. iamdata/data/actions/ec2.json +986 -51
  65. iamdata/data/actions/ecr.json +78 -0
  66. iamdata/data/actions/ecs.json +149 -9
  67. iamdata/data/actions/eks-mcp.json +26 -0
  68. iamdata/data/actions/eks.json +208 -2
  69. iamdata/data/actions/elasticloadbalancing.json +9 -0
  70. iamdata/data/actions/elasticmapreduce.json +15 -0
  71. iamdata/data/actions/emr-containers.json +34 -1
  72. iamdata/data/actions/emr-serverless.json +16 -0
  73. iamdata/data/actions/entityresolution.json +16 -8
  74. iamdata/data/actions/es.json +60 -0
  75. iamdata/data/actions/events.json +40 -0
  76. iamdata/data/actions/evs.json +193 -0
  77. iamdata/data/actions/freetier.json +32 -0
  78. iamdata/data/actions/fsx.json +59 -6
  79. iamdata/data/actions/glacier.json +1 -4
  80. iamdata/data/actions/glue.json +265 -54
  81. iamdata/data/actions/groundstation.json +15 -0
  82. iamdata/data/actions/guardduty.json +220 -1
  83. iamdata/data/actions/healthlake.json +226 -0
  84. iamdata/data/actions/iam.json +171 -9
  85. iamdata/data/actions/identitystore.json +177 -37
  86. iamdata/data/actions/imagebuilder.json +235 -243
  87. iamdata/data/actions/inspector2.json +208 -12
  88. iamdata/data/actions/invoicing.json +84 -3
  89. iamdata/data/actions/iot.json +37 -5
  90. iamdata/data/actions/iotfleetwise.json +6 -63
  91. iamdata/data/actions/iotmanagedintegrations.json +507 -75
  92. iamdata/data/actions/iotsitewise.json +271 -0
  93. iamdata/data/actions/ivs.json +48 -0
  94. iamdata/data/actions/kafka.json +71 -0
  95. iamdata/data/actions/kinesis.json +63 -0
  96. iamdata/data/actions/kinesisvideo.json +30 -0
  97. iamdata/data/actions/kms.json +125 -2
  98. iamdata/data/actions/lakeformation.json +16 -0
  99. iamdata/data/actions/lambda.json +300 -6
  100. iamdata/data/actions/lex.json +42 -0
  101. iamdata/data/actions/license-manager.json +285 -9
  102. iamdata/data/actions/logs.json +211 -0
  103. iamdata/data/actions/mediaconnect.json +776 -60
  104. iamdata/data/actions/mediaconvert.json +15 -0
  105. iamdata/data/actions/medialive.json +26 -2
  106. iamdata/data/actions/medical-imaging.json +105 -0
  107. iamdata/data/actions/memorydb.json +18 -0
  108. iamdata/data/actions/mgn.json +74 -3
  109. iamdata/data/actions/mpa.json +313 -0
  110. iamdata/data/actions/mq.json +16 -0
  111. iamdata/data/actions/neptune-graph.json +37 -0
  112. iamdata/data/actions/network-firewall.json +236 -3
  113. iamdata/data/actions/network-security-director.json +74 -0
  114. iamdata/data/actions/notifications-contacts.json +2 -1
  115. iamdata/data/actions/notifications.json +62 -2
  116. iamdata/data/actions/nova-act.json +276 -0
  117. iamdata/data/actions/observabilityadmin.json +510 -0
  118. iamdata/data/actions/odb.json +833 -0
  119. iamdata/data/actions/one.json +8 -0
  120. iamdata/data/actions/opensearch.json +40 -0
  121. iamdata/data/actions/organizations.json +156 -8
  122. iamdata/data/actions/osis.json +111 -0
  123. iamdata/data/actions/outposts.json +41 -3
  124. iamdata/data/actions/partnercentral-account-management.json +22 -0
  125. iamdata/data/actions/partnercentral.json +1420 -171
  126. iamdata/data/actions/pcs.json +27 -1
  127. iamdata/data/actions/pi.json +6 -0
  128. iamdata/data/actions/pricingplanmanager.json +66 -0
  129. iamdata/data/actions/profile.json +670 -20
  130. iamdata/data/actions/q.json +18 -0
  131. iamdata/data/actions/qapps.json +0 -78
  132. iamdata/data/actions/qbusiness.json +156 -46
  133. iamdata/data/actions/quicksight.json +493 -7
  134. iamdata/data/actions/rds.json +149 -48
  135. iamdata/data/actions/redshift-serverless.json +2 -2
  136. iamdata/data/actions/redshift.json +0 -6
  137. iamdata/data/actions/rekognition.json +1 -8
  138. iamdata/data/actions/repostspace.json +90 -0
  139. iamdata/data/actions/resiliencehub.json +19 -5
  140. iamdata/data/actions/resource-explorer-2.json +84 -2
  141. iamdata/data/actions/route53.json +15 -0
  142. iamdata/data/actions/route53globalresolver.json +700 -0
  143. iamdata/data/actions/rtbfabric.json +481 -0
  144. iamdata/data/actions/s3.json +406 -144
  145. iamdata/data/actions/s3express.json +109 -5
  146. iamdata/data/actions/s3tables.json +325 -2
  147. iamdata/data/actions/s3vectors.json +367 -0
  148. iamdata/data/actions/sagemaker-mlflow.json +135 -0
  149. iamdata/data/actions/sagemaker-unified-studio-mcp.json +29 -0
  150. iamdata/data/actions/sagemaker.json +422 -11
  151. iamdata/data/actions/scn.json +151 -4
  152. iamdata/data/actions/secretsmanager.json +42 -20
  153. iamdata/data/actions/security-ir.json +54 -8
  154. iamdata/data/actions/securityagent.json +503 -0
  155. iamdata/data/actions/securityhub.json +390 -4
  156. iamdata/data/actions/securitylake.json +1 -0
  157. iamdata/data/actions/servicediscovery.json +140 -14
  158. iamdata/data/actions/servicequotas.json +40 -0
  159. iamdata/data/actions/ses.json +286 -2
  160. iamdata/data/actions/shield.json +47 -0
  161. iamdata/data/actions/signin.json +16 -0
  162. iamdata/data/actions/snow-device-management.json +1 -0
  163. iamdata/data/actions/social-messaging.json +120 -0
  164. iamdata/data/actions/ssm-sap.json +51 -3
  165. iamdata/data/actions/ssm.json +4 -1
  166. iamdata/data/actions/sso-directory.json +108 -36
  167. iamdata/data/actions/sso-oauth.json +40 -2
  168. iamdata/data/actions/sso.json +369 -157
  169. iamdata/data/actions/sts.json +40 -0
  170. iamdata/data/actions/support-console.json +119 -0
  171. iamdata/data/actions/support.json +58 -0
  172. iamdata/data/actions/synthetics.json +18 -0
  173. iamdata/data/actions/tag.json +8 -0
  174. iamdata/data/actions/tax.json +48 -0
  175. iamdata/data/actions/thinclient.json +1 -0
  176. iamdata/data/actions/transcribe.json +12 -0
  177. iamdata/data/actions/transfer.json +30 -14
  178. iamdata/data/actions/transform-custom.json +274 -0
  179. iamdata/data/actions/transform.json +257 -0
  180. iamdata/data/actions/user-subscriptions.json +8 -0
  181. iamdata/data/actions/uxc.json +26 -0
  182. iamdata/data/actions/vpc-lattice-svcs.json +2 -0
  183. iamdata/data/actions/vpc-lattice.json +90 -0
  184. iamdata/data/actions/vpce.json +14 -1
  185. iamdata/data/actions/wisdom.json +31 -214
  186. iamdata/data/actions/workspaces-instances.json +186 -0
  187. iamdata/data/actions/workspaces-web.json +136 -8
  188. iamdata/data/actions/workspaces.json +98 -0
  189. iamdata/data/actions/xray.json +15 -5
  190. iamdata/data/conditionKeys/acm.json +5 -0
  191. iamdata/data/conditionKeys/aco-automation.json +17 -0
  192. iamdata/data/conditionKeys/aidevops.json +22 -0
  193. iamdata/data/conditionKeys/airflow-serverless.json +17 -0
  194. iamdata/data/conditionKeys/apigateway.json +30 -0
  195. iamdata/data/conditionKeys/arc-region-switch.json +17 -0
  196. iamdata/data/conditionKeys/autoscaling.json +5 -0
  197. iamdata/data/conditionKeys/backup.json +6 -1
  198. iamdata/data/conditionKeys/bcm-dashboards.json +12 -0
  199. iamdata/data/conditionKeys/bedrock-agentcore.json +72 -0
  200. iamdata/data/conditionKeys/bedrock-mantle.json +17 -0
  201. iamdata/data/conditionKeys/bedrock.json +10 -0
  202. iamdata/data/conditionKeys/chatbot.json +17 -1
  203. iamdata/data/conditionKeys/cloudformation.json +5 -0
  204. iamdata/data/conditionKeys/codebuild.json +550 -0
  205. iamdata/data/conditionKeys/connect.json +25 -0
  206. iamdata/data/conditionKeys/dsql.json +12 -2
  207. iamdata/data/conditionKeys/dynamodb.json +21 -1
  208. iamdata/data/conditionKeys/ebs.json +2 -2
  209. iamdata/data/conditionKeys/ec2.json +20 -15
  210. iamdata/data/conditionKeys/eks.json +5 -0
  211. iamdata/data/conditionKeys/events.json +1 -1
  212. iamdata/data/conditionKeys/evs.json +17 -0
  213. iamdata/data/conditionKeys/glacier.json +0 -10
  214. iamdata/data/conditionKeys/glue.json +10 -0
  215. iamdata/data/conditionKeys/iam.json +30 -0
  216. iamdata/data/conditionKeys/identitystore.json +26 -1
  217. iamdata/data/conditionKeys/imagebuilder.json +2 -2
  218. iamdata/data/conditionKeys/iotmanagedintegrations.json +27 -1
  219. iamdata/data/conditionKeys/kinesis.json +15 -0
  220. iamdata/data/conditionKeys/kms.json +127 -7
  221. iamdata/data/conditionKeys/lambda.json +5 -0
  222. iamdata/data/conditionKeys/license-manager.json +5 -0
  223. iamdata/data/conditionKeys/mediaconnect.json +17 -1
  224. iamdata/data/conditionKeys/mpa.json +27 -0
  225. iamdata/data/conditionKeys/observabilityadmin.json +37 -1
  226. iamdata/data/conditionKeys/odb.json +17 -0
  227. iamdata/data/conditionKeys/organizations.json +10 -0
  228. iamdata/data/conditionKeys/partnercentral-account-management.json +12 -1
  229. iamdata/data/conditionKeys/partnercentral.json +22 -2
  230. iamdata/data/conditionKeys/pricingplanmanager.json +1 -0
  231. iamdata/data/conditionKeys/quicksight.json +0 -5
  232. iamdata/data/conditionKeys/rds.json +5 -0
  233. iamdata/data/conditionKeys/route53.json +1 -1
  234. iamdata/data/conditionKeys/route53globalresolver.json +17 -0
  235. iamdata/data/conditionKeys/rtbfabric.json +47 -0
  236. iamdata/data/conditionKeys/s3.json +20 -0
  237. iamdata/data/conditionKeys/s3express.json +26 -1
  238. iamdata/data/conditionKeys/s3tables.json +25 -0
  239. iamdata/data/conditionKeys/s3vectors.json +32 -0
  240. iamdata/data/conditionKeys/sagemaker-unified-studio-mcp.json +1 -0
  241. iamdata/data/conditionKeys/sagemaker.json +25 -0
  242. iamdata/data/conditionKeys/savingsplans.json +1 -1
  243. iamdata/data/conditionKeys/secretsmanager.json +16 -1
  244. iamdata/data/conditionKeys/securityagent.json +1 -0
  245. iamdata/data/conditionKeys/securityhub.json +5 -0
  246. iamdata/data/conditionKeys/servicediscovery.json +5 -0
  247. iamdata/data/conditionKeys/ses.json +5 -0
  248. iamdata/data/conditionKeys/ssm.json +10 -0
  249. iamdata/data/conditionKeys/sso.json +10 -0
  250. iamdata/data/conditionKeys/sts.json +10 -0
  251. iamdata/data/conditionKeys/support-console.json +1 -0
  252. iamdata/data/conditionKeys/transcribe.json +1 -1
  253. iamdata/data/conditionKeys/transfer.json +20 -0
  254. iamdata/data/conditionKeys/transform-custom.json +17 -0
  255. iamdata/data/conditionKeys/transform.json +12 -0
  256. iamdata/data/conditionKeys/uxc.json +1 -0
  257. iamdata/data/conditionKeys/vpc-lattice-svcs.json +5 -0
  258. iamdata/data/conditionKeys/vpc-lattice.json +15 -0
  259. iamdata/data/conditionKeys/workspaces-instances.json +17 -0
  260. iamdata/data/conditionKeys/xray.json +15 -0
  261. iamdata/data/conditionPatterns.json +146 -0
  262. iamdata/data/metadata.json +2 -2
  263. iamdata/data/resourceTypes/aco-automation.json +9 -0
  264. iamdata/data/resourceTypes/action-recommendations.json +1 -0
  265. iamdata/data/resourceTypes/aidevops.json +24 -0
  266. iamdata/data/resourceTypes/airflow-serverless.json +9 -0
  267. iamdata/data/resourceTypes/apigateway.json +15 -0
  268. iamdata/data/resourceTypes/aps.json +9 -0
  269. iamdata/data/resourceTypes/arc-region-switch.json +9 -0
  270. iamdata/data/resourceTypes/artifact.json +5 -5
  271. iamdata/data/resourceTypes/athena.json +7 -0
  272. iamdata/data/resourceTypes/auditmanager.json +8 -2
  273. iamdata/data/resourceTypes/aws-mcp.json +1 -0
  274. iamdata/data/resourceTypes/backup.json +7 -0
  275. iamdata/data/resourceTypes/batch.json +14 -0
  276. iamdata/data/resourceTypes/bcm-dashboards.json +1 -0
  277. iamdata/data/resourceTypes/bcm-data-exports.json +7 -0
  278. iamdata/data/resourceTypes/bcm-recommended-actions.json +1 -0
  279. iamdata/data/resourceTypes/bedrock-agentcore.json +107 -0
  280. iamdata/data/resourceTypes/bedrock-mantle.json +6 -0
  281. iamdata/data/resourceTypes/bedrock.json +45 -3
  282. iamdata/data/resourceTypes/braket.json +7 -0
  283. iamdata/data/resourceTypes/cassandra.json +7 -0
  284. iamdata/data/resourceTypes/chatbot.json +8 -2
  285. iamdata/data/resourceTypes/cloudformation.json +4 -0
  286. iamdata/data/resourceTypes/cloudfront.json +14 -0
  287. iamdata/data/resourceTypes/connect.json +18 -0
  288. iamdata/data/resourceTypes/dataexchange.json +4 -1
  289. iamdata/data/resourceTypes/deadline.json +4 -1
  290. iamdata/data/resourceTypes/ec2.json +88 -6
  291. iamdata/data/resourceTypes/eks-mcp.json +1 -0
  292. iamdata/data/resourceTypes/eks.json +14 -0
  293. iamdata/data/resourceTypes/emr-containers.json +0 -4
  294. iamdata/data/resourceTypes/events.json +8 -0
  295. iamdata/data/resourceTypes/evs.json +9 -0
  296. iamdata/data/resourceTypes/guardduty.json +18 -1
  297. iamdata/data/resourceTypes/iam.json +7 -0
  298. iamdata/data/resourceTypes/imagebuilder.json +12 -18
  299. iamdata/data/resourceTypes/inspector2.json +14 -0
  300. iamdata/data/resourceTypes/invoicing.json +7 -0
  301. iamdata/data/resourceTypes/iotmanagedintegrations.json +31 -12
  302. iamdata/data/resourceTypes/iotsitewise.json +7 -0
  303. iamdata/data/resourceTypes/kinesis.json +4 -1
  304. iamdata/data/resourceTypes/lambda.json +11 -0
  305. iamdata/data/resourceTypes/license-manager.json +24 -2
  306. iamdata/data/resourceTypes/logs.json +7 -0
  307. iamdata/data/resourceTypes/mediaconnect.json +55 -14
  308. iamdata/data/resourceTypes/mpa.json +23 -0
  309. iamdata/data/resourceTypes/network-firewall.json +7 -0
  310. iamdata/data/resourceTypes/network-security-director.json +1 -0
  311. iamdata/data/resourceTypes/nova-act.json +10 -0
  312. iamdata/data/resourceTypes/observabilityadmin.json +37 -1
  313. iamdata/data/resourceTypes/odb.json +44 -0
  314. iamdata/data/resourceTypes/omics.json +0 -4
  315. iamdata/data/resourceTypes/organizations.json +7 -0
  316. iamdata/data/resourceTypes/osis.json +7 -0
  317. iamdata/data/resourceTypes/partnercentral.json +71 -2
  318. iamdata/data/resourceTypes/pi.json +4 -1
  319. iamdata/data/resourceTypes/pricingplanmanager.json +6 -0
  320. iamdata/data/resourceTypes/profile.json +21 -0
  321. iamdata/data/resourceTypes/qbusiness.json +7 -4
  322. iamdata/data/resourceTypes/quicksight.json +26 -1
  323. iamdata/data/resourceTypes/rds.json +12 -3
  324. iamdata/data/resourceTypes/redshift.json +1 -4
  325. iamdata/data/resourceTypes/route53globalresolver.json +37 -0
  326. iamdata/data/resourceTypes/rtbfabric.json +46 -0
  327. iamdata/data/resourceTypes/s3.json +30 -3
  328. iamdata/data/resourceTypes/s3express.json +10 -2
  329. iamdata/data/resourceTypes/s3tables.json +7 -1
  330. iamdata/data/resourceTypes/s3vectors.json +18 -0
  331. iamdata/data/resourceTypes/sagemaker-unified-studio-mcp.json +1 -0
  332. iamdata/data/resourceTypes/sagemaker.json +26 -3
  333. iamdata/data/resourceTypes/scn.json +19 -3
  334. iamdata/data/resourceTypes/secretsmanager.json +2 -1
  335. iamdata/data/resourceTypes/securityagent.json +38 -0
  336. iamdata/data/resourceTypes/securityhub.json +36 -2
  337. iamdata/data/resourceTypes/ses.json +11 -0
  338. iamdata/data/resourceTypes/sts.json +4 -0
  339. iamdata/data/resourceTypes/support-console.json +1 -0
  340. iamdata/data/resourceTypes/transform-custom.json +18 -0
  341. iamdata/data/resourceTypes/transform.json +10 -0
  342. iamdata/data/resourceTypes/uxc.json +1 -0
  343. iamdata/data/resourceTypes/vpc-lattice.json +12 -0
  344. iamdata/data/resourceTypes/vpce.json +10 -1
  345. iamdata/data/resourceTypes/workspaces-instances.json +16 -0
  346. iamdata/data/resourceTypes/workspaces-web.json +7 -0
  347. iamdata/data/resourceTypes/workspaces.json +4 -0
  348. iamdata/data/serviceNames.json +32 -9
  349. iamdata/data/services.json +27 -4
  350. iamdata/data/unassociatedConditions.json +23 -0
  351. {iamdata-0.1.202505111.dist-info → iamdata-0.1.202512121.dist-info}/METADATA +1 -1
  352. {iamdata-0.1.202505111.dist-info → iamdata-0.1.202512121.dist-info}/RECORD +360 -289
  353. {iamdata-0.1.202505111.dist-info → iamdata-0.1.202512121.dist-info}/WHEEL +1 -1
  354. iamdata/data/actions/application-cost-profiler.json +0 -50
  355. iamdata/data/actions/sagemaker-groundtruth-synthetic.json +0 -110
  356. iamdata/data/actions/supportrecommendations.json +0 -20
  357. iamdata/data/conditionKeys/deepcomposer.json +0 -17
  358. iamdata/data/resourceTypes/deepcomposer.json +0 -20
  359. /iamdata/data/conditionKeys/{application-cost-profiler.json → action-recommendations.json} +0 -0
  360. /iamdata/data/conditionKeys/{sagemaker-groundtruth-synthetic.json → aws-mcp.json} +0 -0
  361. /iamdata/data/conditionKeys/{supportrecommendations.json → bcm-recommended-actions.json} +0 -0
  362. /iamdata/data/{resourceTypes/application-cost-profiler.json → conditionKeys/eks-mcp.json} +0 -0
  363. /iamdata/data/{resourceTypes/sagemaker-groundtruth-synthetic.json → conditionKeys/network-security-director.json} +0 -0
  364. /iamdata/data/{resourceTypes/supportrecommendations.json → conditionKeys/nova-act.json} +0 -0
  365. {iamdata-0.1.202505111.dist-info → iamdata-0.1.202512121.dist-info}/licenses/LICENSE.txt +0 -0
iamdata/data/actions/s3.json CHANGED
@@ -4,18 +4,21 @@
4
4
  "description": "Grants permission to abort a multipart upload",
5
5
  "accessLevel": "Write",
6
6
  "resourceTypes": [
7
+ {
8
+ "name": "accesspointobject",
9
+ "required": false,
10
+ "conditionKeys": [],
11
+ "dependentActions": []
12
+ },
7
13
  {
8
14
  "name": "object",
9
- "required": true,
15
+ "required": false,
10
16
  "conditionKeys": [],
11
17
  "dependentActions": []
12
18
  }
13
19
  ],
14
20
  "conditionKeys": [
15
- "s3:DataAccessPointArn",
16
21
  "s3:AccessGrantsInstanceArn",
17
- "s3:DataAccessPointAccount",
18
- "s3:AccessPointNetworkOrigin",
19
22
  "s3:authType",
20
23
  "s3:ResourceAccount",
21
24
  "s3:signatureAge",
@@ -28,7 +31,7 @@
28
31
  "associateaccessgrantsidentitycenter": {
29
32
  "name": "AssociateAccessGrantsIdentityCenter",
30
33
  "description": "Grants permission to associate Access Grants identity center",
31
- "accessLevel": "Write",
34
+ "accessLevel": "Permissions management",
32
35
  "resourceTypes": [
33
36
  {
34
37
  "name": "accessgrantsinstance",
@@ -53,17 +56,20 @@
53
56
  "description": "Grants permission to allow circumvention of governance-mode object retention settings",
54
57
  "accessLevel": "Permissions management",
55
58
  "resourceTypes": [
59
+ {
60
+ "name": "accesspointobject",
61
+ "required": false,
62
+ "conditionKeys": [],
63
+ "dependentActions": []
64
+ },
56
65
  {
57
66
  "name": "object",
58
- "required": true,
67
+ "required": false,
59
68
  "conditionKeys": [],
60
69
  "dependentActions": []
61
70
  }
62
71
  ],
63
72
  "conditionKeys": [
64
- "s3:DataAccessPointAccount",
65
- "s3:DataAccessPointArn",
66
- "s3:AccessPointNetworkOrigin",
67
73
  "s3:RequestObjectTag/<key>",
68
74
  "s3:RequestObjectTagKeys",
69
75
  "s3:authType",
@@ -91,7 +97,7 @@
91
97
  "createaccessgrant": {
92
98
  "name": "CreateAccessGrant",
93
99
  "description": "Grants permission to create Access Grant",
94
- "accessLevel": "Write",
100
+ "accessLevel": "Permissions management",
95
101
  "resourceTypes": [
96
102
  {
97
103
  "name": "accessgrantslocation",
@@ -101,6 +107,7 @@
101
107
  }
102
108
  ],
103
109
  "conditionKeys": [
110
+ "s3:AccessGrantScope",
104
111
  "s3:authType",
105
112
  "s3:ResourceAccount",
106
113
  "s3:signatureAge",
@@ -116,7 +123,7 @@
116
123
  "createaccessgrantsinstance": {
117
124
  "name": "CreateAccessGrantsInstance",
118
125
  "description": "Grants permission to Create Access Grants Instance",
119
- "accessLevel": "Write",
126
+ "accessLevel": "Permissions management",
120
127
  "resourceTypes": [
121
128
  {
122
129
  "name": "accessgrantsinstance",
@@ -141,7 +148,7 @@
141
148
  "createaccessgrantslocation": {
142
149
  "name": "CreateAccessGrantsLocation",
143
150
  "description": "Grants permission to create Access Grants location",
144
- "accessLevel": "Write",
151
+ "accessLevel": "Permissions management",
145
152
  "resourceTypes": [
146
153
  {
147
154
  "name": "accessgrantsinstance",
@@ -151,6 +158,7 @@
151
158
  }
152
159
  ],
153
160
  "conditionKeys": [
161
+ "s3:AccessGrantsLocationScope",
154
162
  "s3:authType",
155
163
  "s3:ResourceAccount",
156
164
  "s3:signatureAge",
@@ -186,7 +194,11 @@
186
194
  "s3:signatureversion",
187
195
  "s3:TlsVersion",
188
196
  "s3:x-amz-acl",
189
- "s3:x-amz-content-sha256"
197
+ "s3:x-amz-content-sha256",
198
+ "s3:AccessPointTag/${TagKey}",
199
+ "aws:RequestTag/${TagKey}",
200
+ "aws:ResourceTag/${TagKey}",
201
+ "aws:TagKeys"
190
202
  ],
191
203
  "dependentActions": []
192
204
  },
@@ -241,13 +253,15 @@
241
253
  "s3:x-amz-grant-read-acp",
242
254
  "s3:x-amz-grant-write",
243
255
  "s3:x-amz-grant-write-acp",
244
- "s3:x-amz-object-ownership"
256
+ "s3:x-amz-object-ownership",
257
+ "aws:RequestTag/${TagKey}",
258
+ "aws:TagKeys"
245
259
  ],
246
260
  "dependentActions": []
247
261
  },
248
262
  "createbucketmetadatatableconfiguration": {
249
263
  "name": "CreateBucketMetadataTableConfiguration",
250
- "description": "Grants permission to create a new S3 Metadata configuration for a specified bucket",
264
+ "description": "Grants permission to create a new S3 Metadata configuration for a specified general purpose bucket",
251
265
  "accessLevel": "Write",
252
266
  "resourceTypes": [
253
267
  {
@@ -255,9 +269,13 @@
255
269
  "required": true,
256
270
  "conditionKeys": [],
257
271
  "dependentActions": [
272
+ "kms:DescribeKey",
258
273
  "s3tables:CreateNamespace",
259
274
  "s3tables:CreateTable",
275
+ "s3tables:CreateTableBucket",
260
276
  "s3tables:GetTable",
277
+ "s3tables:PutTableBucketPolicy",
278
+ "s3tables:PutTableEncryption",
261
279
  "s3tables:PutTablePolicy"
262
280
  ]
263
281
  }
@@ -337,7 +355,7 @@
337
355
  "deleteaccessgrant": {
338
356
  "name": "DeleteAccessGrant",
339
357
  "description": "Grants permission to delete Access Grant",
340
- "accessLevel": "Write",
358
+ "accessLevel": "Permissions management",
341
359
  "resourceTypes": [
342
360
  {
343
361
  "name": "accessgrant",
@@ -347,6 +365,7 @@
347
365
  }
348
366
  ],
349
367
  "conditionKeys": [
368
+ "s3:AccessGrantScope",
350
369
  "s3:authType",
351
370
  "s3:ResourceAccount",
352
371
  "s3:signatureAge",
@@ -360,7 +379,7 @@
360
379
  "deleteaccessgrantsinstance": {
361
380
  "name": "DeleteAccessGrantsInstance",
362
381
  "description": "Grants permission to Delete Access Grants Instance",
363
- "accessLevel": "Write",
382
+ "accessLevel": "Permissions management",
364
383
  "resourceTypes": [
365
384
  {
366
385
  "name": "accessgrantsinstance",
@@ -383,7 +402,7 @@
383
402
  "deleteaccessgrantsinstanceresourcepolicy": {
384
403
  "name": "DeleteAccessGrantsInstanceResourcePolicy",
385
404
  "description": "Grants permission to read Access grants instance resource policy",
386
- "accessLevel": "Write",
405
+ "accessLevel": "Permissions management",
387
406
  "resourceTypes": [
388
407
  {
389
408
  "name": "accessgrantsinstance",
@@ -406,7 +425,7 @@
406
425
  "deleteaccessgrantslocation": {
407
426
  "name": "DeleteAccessGrantsLocation",
408
427
  "description": "Grants permission to delete Access Grants location",
409
- "accessLevel": "Write",
428
+ "accessLevel": "Permissions management",
410
429
  "resourceTypes": [
411
430
  {
412
431
  "name": "accessgrantslocation",
@@ -416,6 +435,7 @@
416
435
  }
417
436
  ],
418
437
  "conditionKeys": [
438
+ "s3:AccessGrantsLocationScope",
419
439
  "s3:authType",
420
440
  "s3:ResourceAccount",
421
441
  "s3:signatureAge",
@@ -447,7 +467,9 @@
447
467
  "s3:signatureAge",
448
468
  "s3:signatureversion",
449
469
  "s3:TlsVersion",
450
- "s3:x-amz-content-sha256"
470
+ "s3:x-amz-content-sha256",
471
+ "s3:AccessPointTag/${TagKey}",
472
+ "aws:ResourceTag/${TagKey}"
451
473
  ],
452
474
  "dependentActions": []
453
475
  },
@@ -497,7 +519,9 @@
497
519
  "s3:signatureAge",
498
520
  "s3:signatureversion",
499
521
  "s3:TlsVersion",
500
- "s3:x-amz-content-sha256"
522
+ "s3:x-amz-content-sha256",
523
+ "s3:AccessPointTag/${TagKey}",
524
+ "aws:ResourceTag/${TagKey}"
501
525
  ],
502
526
  "dependentActions": []
503
527
  },
@@ -550,7 +574,7 @@
550
574
  },
551
575
  "deletebucketmetadatatableconfiguration": {
552
576
  "name": "DeleteBucketMetadataTableConfiguration",
553
- "description": "Grants permission to delete the S3 Metadata configuration for a specified bucket",
577
+ "description": "Grants permission to delete the S3 Metadata configuration for a specified general purpose bucket",
554
578
  "accessLevel": "Write",
555
579
  "resourceTypes": [
556
580
  {
@@ -667,24 +691,28 @@
667
691
  "description": "Grants permission to remove the null version of an object and insert a delete marker, which becomes the current version of the object",
668
692
  "accessLevel": "Write",
669
693
  "resourceTypes": [
694
+ {
695
+ "name": "accesspointobject",
696
+ "required": false,
697
+ "conditionKeys": [],
698
+ "dependentActions": []
699
+ },
670
700
  {
671
701
  "name": "object",
672
- "required": true,
702
+ "required": false,
673
703
  "conditionKeys": [],
674
704
  "dependentActions": []
675
705
  }
676
706
  ],
677
707
  "conditionKeys": [
678
708
  "s3:AccessGrantsInstanceArn",
679
- "s3:DataAccessPointAccount",
680
- "s3:DataAccessPointArn",
681
- "s3:AccessPointNetworkOrigin",
682
709
  "s3:authType",
683
710
  "s3:ResourceAccount",
684
711
  "s3:signatureAge",
685
712
  "s3:signatureversion",
686
713
  "s3:TlsVersion",
687
- "s3:x-amz-content-sha256"
714
+ "s3:x-amz-content-sha256",
715
+ "s3:if-match"
688
716
  ],
689
717
  "dependentActions": []
690
718
  },
@@ -693,17 +721,20 @@
693
721
  "description": "Grants permission to use the tagging subresource to remove the entire tag set from the specified object",
694
722
  "accessLevel": "Tagging",
695
723
  "resourceTypes": [
724
+ {
725
+ "name": "accesspointobject",
726
+ "required": false,
727
+ "conditionKeys": [],
728
+ "dependentActions": []
729
+ },
696
730
  {
697
731
  "name": "object",
698
- "required": true,
732
+ "required": false,
699
733
  "conditionKeys": [],
700
734
  "dependentActions": []
701
735
  }
702
736
  ],
703
737
  "conditionKeys": [
704
- "s3:DataAccessPointAccount",
705
- "s3:DataAccessPointArn",
706
- "s3:AccessPointNetworkOrigin",
707
738
  "s3:ExistingObjectTag/<key>",
708
739
  "s3:authType",
709
740
  "s3:ResourceAccount",
@@ -719,18 +750,21 @@
719
750
  "description": "Grants permission to remove a specific version of an object",
720
751
  "accessLevel": "Write",
721
752
  "resourceTypes": [
753
+ {
754
+ "name": "accesspointobject",
755
+ "required": false,
756
+ "conditionKeys": [],
757
+ "dependentActions": []
758
+ },
722
759
  {
723
760
  "name": "object",
724
- "required": true,
761
+ "required": false,
725
762
  "conditionKeys": [],
726
763
  "dependentActions": []
727
764
  }
728
765
  ],
729
766
  "conditionKeys": [
730
767
  "s3:AccessGrantsInstanceArn",
731
- "s3:DataAccessPointAccount",
732
- "s3:DataAccessPointArn",
733
- "s3:AccessPointNetworkOrigin",
734
768
  "s3:authType",
735
769
  "s3:ResourceAccount",
736
770
  "s3:signatureAge",
@@ -746,17 +780,20 @@
746
780
  "description": "Grants permission to remove the entire tag set for a specific version of the object",
747
781
  "accessLevel": "Tagging",
748
782
  "resourceTypes": [
783
+ {
784
+ "name": "accesspointobject",
785
+ "required": false,
786
+ "conditionKeys": [],
787
+ "dependentActions": []
788
+ },
749
789
  {
750
790
  "name": "object",
751
- "required": true,
791
+ "required": false,
752
792
  "conditionKeys": [],
753
793
  "dependentActions": []
754
794
  }
755
795
  ],
756
796
  "conditionKeys": [
757
- "s3:DataAccessPointAccount",
758
- "s3:DataAccessPointArn",
759
- "s3:AccessPointNetworkOrigin",
760
797
  "s3:ExistingObjectTag/<key>",
761
798
  "s3:authType",
762
799
  "s3:ResourceAccount",
@@ -880,7 +917,7 @@
880
917
  "dissociateaccessgrantsidentitycenter": {
881
918
  "name": "DissociateAccessGrantsIdentityCenter",
882
919
  "description": "Grants permission to disassociate Access Grants identity center",
883
- "accessLevel": "Write",
920
+ "accessLevel": "Permissions management",
884
921
  "resourceTypes": [
885
922
  {
886
923
  "name": "accessgrantsinstance",
@@ -935,6 +972,7 @@
935
972
  }
936
973
  ],
937
974
  "conditionKeys": [
975
+ "s3:AccessGrantScope",
938
976
  "s3:authType",
939
977
  "s3:ResourceAccount",
940
978
  "s3:signatureAge",
@@ -1027,6 +1065,7 @@
1027
1065
  }
1028
1066
  ],
1029
1067
  "conditionKeys": [
1068
+ "s3:AccessGrantsLocationScope",
1030
1069
  "s3:authType",
1031
1070
  "s3:ResourceAccount",
1032
1071
  "s3:signatureAge",
@@ -1051,7 +1090,9 @@
1051
1090
  "s3:signatureAge",
1052
1091
  "s3:signatureversion",
1053
1092
  "s3:TlsVersion",
1054
- "s3:x-amz-content-sha256"
1093
+ "s3:x-amz-content-sha256",
1094
+ "s3:AccessPointTag/${TagKey}",
1095
+ "aws:ResourceTag/${TagKey}"
1055
1096
  ],
1056
1097
  "dependentActions": []
1057
1098
  },
@@ -1126,7 +1167,9 @@
1126
1167
  "s3:signatureAge",
1127
1168
  "s3:signatureversion",
1128
1169
  "s3:TlsVersion",
1129
- "s3:x-amz-content-sha256"
1170
+ "s3:x-amz-content-sha256",
1171
+ "s3:AccessPointTag/${TagKey}",
1172
+ "aws:ResourceTag/${TagKey}"
1130
1173
  ],
1131
1174
  "dependentActions": []
1132
1175
  },
@@ -1176,7 +1219,9 @@
1176
1219
  "s3:signatureAge",
1177
1220
  "s3:signatureversion",
1178
1221
  "s3:TlsVersion",
1179
- "s3:x-amz-content-sha256"
1222
+ "s3:x-amz-content-sha256",
1223
+ "s3:AccessPointTag/${TagKey}",
1224
+ "aws:ResourceTag/${TagKey}"
1180
1225
  ],
1181
1226
  "dependentActions": []
1182
1227
  },
@@ -1242,14 +1287,42 @@
1242
1287
  ],
1243
1288
  "dependentActions": []
1244
1289
  },
1290
+ "getbucketabac": {
1291
+ "name": "GetBucketAbac",
1292
+ "description": "Grants permission to retrieve ABAC configuration for a general purpose bucket",
1293
+ "accessLevel": "Read",
1294
+ "resourceTypes": [
1295
+ {
1296
+ "name": "bucket",
1297
+ "required": true,
1298
+ "conditionKeys": [],
1299
+ "dependentActions": []
1300
+ }
1301
+ ],
1302
+ "conditionKeys": [
1303
+ "s3:authType",
1304
+ "s3:ResourceAccount",
1305
+ "s3:signatureAge",
1306
+ "s3:signatureversion",
1307
+ "s3:TlsVersion",
1308
+ "s3:x-amz-content-sha256"
1309
+ ],
1310
+ "dependentActions": []
1311
+ },
1245
1312
  "getbucketacl": {
1246
1313
  "name": "GetBucketAcl",
1247
1314
  "description": "Grants permission to use the acl subresource to return the access control list (ACL) of an Amazon S3 bucket",
1248
1315
  "accessLevel": "Read",
1249
1316
  "resourceTypes": [
1317
+ {
1318
+ "name": "accesspoint",
1319
+ "required": false,
1320
+ "conditionKeys": [],
1321
+ "dependentActions": []
1322
+ },
1250
1323
  {
1251
1324
  "name": "bucket",
1252
- "required": true,
1325
+ "required": false,
1253
1326
  "conditionKeys": [],
1254
1327
  "dependentActions": []
1255
1328
  }
@@ -1269,9 +1342,15 @@
1269
1342
  "description": "Grants permission to return the CORS configuration information set for an Amazon S3 bucket",
1270
1343
  "accessLevel": "Read",
1271
1344
  "resourceTypes": [
1345
+ {
1346
+ "name": "accesspoint",
1347
+ "required": false,
1348
+ "conditionKeys": [],
1349
+ "dependentActions": []
1350
+ },
1272
1351
  {
1273
1352
  "name": "bucket",
1274
- "required": true,
1353
+ "required": false,
1275
1354
  "conditionKeys": [],
1276
1355
  "dependentActions": []
1277
1356
  }
@@ -1291,9 +1370,15 @@
1291
1370
  "description": "Grants permission to return the Region that an Amazon S3 bucket resides in",
1292
1371
  "accessLevel": "Read",
1293
1372
  "resourceTypes": [
1373
+ {
1374
+ "name": "accesspoint",
1375
+ "required": false,
1376
+ "conditionKeys": [],
1377
+ "dependentActions": []
1378
+ },
1294
1379
  {
1295
1380
  "name": "bucket",
1296
- "required": true,
1381
+ "required": false,
1297
1382
  "conditionKeys": [],
1298
1383
  "dependentActions": []
1299
1384
  }
@@ -1332,7 +1417,7 @@
1332
1417
  },
1333
1418
  "getbucketmetadatatableconfiguration": {
1334
1419
  "name": "GetBucketMetadataTableConfiguration",
1335
- "description": "Grants permission to return the S3 Metadata configuration for a specified bucket",
1420
+ "description": "Grants permission to return the S3 Metadata configuration for a specified general purpose bucket",
1336
1421
  "accessLevel": "Read",
1337
1422
  "resourceTypes": [
1338
1423
  {
@@ -1357,9 +1442,15 @@
1357
1442
  "description": "Grants permission to get the notification configuration of an Amazon S3 bucket",
1358
1443
  "accessLevel": "Read",
1359
1444
  "resourceTypes": [
1445
+ {
1446
+ "name": "accesspoint",
1447
+ "required": false,
1448
+ "conditionKeys": [],
1449
+ "dependentActions": []
1450
+ },
1360
1451
  {
1361
1452
  "name": "bucket",
1362
- "required": true,
1453
+ "required": false,
1363
1454
  "conditionKeys": [],
1364
1455
  "dependentActions": []
1365
1456
  }
@@ -1423,9 +1514,15 @@
1423
1514
  "description": "Grants permission to return the policy of the specified bucket",
1424
1515
  "accessLevel": "Read",
1425
1516
  "resourceTypes": [
1517
+ {
1518
+ "name": "accesspoint",
1519
+ "required": false,
1520
+ "conditionKeys": [],
1521
+ "dependentActions": []
1522
+ },
1426
1523
  {
1427
1524
  "name": "bucket",
1428
- "required": true,
1525
+ "required": false,
1429
1526
  "conditionKeys": [],
1430
1527
  "dependentActions": []
1431
1528
  }
@@ -1828,27 +1925,28 @@
1828
1925
  "description": "Grants permission to retrieve objects from Amazon S3",
1829
1926
  "accessLevel": "Read",
1830
1927
  "resourceTypes": [
1928
+ {
1929
+ "name": "accesspointobject",
1930
+ "required": false,
1931
+ "conditionKeys": [],
1932
+ "dependentActions": []
1933
+ },
1831
1934
  {
1832
1935
  "name": "object",
1833
- "required": true,
1936
+ "required": false,
1834
1937
  "conditionKeys": [],
1835
1938
  "dependentActions": []
1836
1939
  }
1837
1940
  ],
1838
1941
  "conditionKeys": [
1839
1942
  "s3:AccessGrantsInstanceArn",
1840
- "s3:DataAccessPointAccount",
1841
- "s3:DataAccessPointArn",
1842
- "s3:AccessPointNetworkOrigin",
1843
1943
  "s3:ExistingObjectTag/<key>",
1844
1944
  "s3:authType",
1845
1945
  "s3:ResourceAccount",
1846
1946
  "s3:signatureAge",
1847
1947
  "s3:signatureversion",
1848
1948
  "s3:TlsVersion",
1849
- "s3:x-amz-content-sha256",
1850
- "s3:if-match",
1851
- "s3:if-none-match"
1949
+ "s3:x-amz-content-sha256"
1852
1950
  ],
1853
1951
  "dependentActions": []
1854
1952
  },
@@ -1857,18 +1955,21 @@
1857
1955
  "description": "Grants permission to return the access control list (ACL) of an object",
1858
1956
  "accessLevel": "Read",
1859
1957
  "resourceTypes": [
1958
+ {
1959
+ "name": "accesspointobject",
1960
+ "required": false,
1961
+ "conditionKeys": [],
1962
+ "dependentActions": []
1963
+ },
1860
1964
  {
1861
1965
  "name": "object",
1862
- "required": true,
1966
+ "required": false,
1863
1967
  "conditionKeys": [],
1864
1968
  "dependentActions": []
1865
1969
  }
1866
1970
  ],
1867
1971
  "conditionKeys": [
1868
1972
  "s3:AccessGrantsInstanceArn",
1869
- "s3:DataAccessPointAccount",
1870
- "s3:DataAccessPointArn",
1871
- "s3:AccessPointNetworkOrigin",
1872
1973
  "s3:ExistingObjectTag/<key>",
1873
1974
  "s3:authType",
1874
1975
  "s3:ResourceAccount",
@@ -1885,22 +1986,19 @@
1885
1986
  "accessLevel": "Read",
1886
1987
  "resourceTypes": [
1887
1988
  {
1888
- "name": "accesspoint",
1889
- "required": true,
1989
+ "name": "accesspointobject",
1990
+ "required": false,
1890
1991
  "conditionKeys": [],
1891
1992
  "dependentActions": []
1892
1993
  },
1893
1994
  {
1894
1995
  "name": "object",
1895
- "required": true,
1996
+ "required": false,
1896
1997
  "conditionKeys": [],
1897
1998
  "dependentActions": []
1898
1999
  }
1899
2000
  ],
1900
2001
  "conditionKeys": [
1901
- "s3:DataAccessPointAccount",
1902
- "s3:DataAccessPointArn",
1903
- "s3:AccessPointNetworkOrigin",
1904
2002
  "s3:ExistingObjectTag/<key>",
1905
2003
  "s3:authType",
1906
2004
  "s3:ResourceAccount",
@@ -1916,17 +2014,20 @@
1916
2014
  "description": "Grants permission to get an object's current Legal Hold status",
1917
2015
  "accessLevel": "Read",
1918
2016
  "resourceTypes": [
2017
+ {
2018
+ "name": "accesspointobject",
2019
+ "required": false,
2020
+ "conditionKeys": [],
2021
+ "dependentActions": []
2022
+ },
1919
2023
  {
1920
2024
  "name": "object",
1921
- "required": true,
2025
+ "required": false,
1922
2026
  "conditionKeys": [],
1923
2027
  "dependentActions": []
1924
2028
  }
1925
2029
  ],
1926
2030
  "conditionKeys": [
1927
- "s3:DataAccessPointAccount",
1928
- "s3:DataAccessPointArn",
1929
- "s3:AccessPointNetworkOrigin",
1930
2031
  "s3:authType",
1931
2032
  "s3:ResourceAccount",
1932
2033
  "s3:signatureAge",
@@ -1941,17 +2042,20 @@
1941
2042
  "description": "Grants permission to retrieve the retention settings for an object",
1942
2043
  "accessLevel": "Read",
1943
2044
  "resourceTypes": [
2045
+ {
2046
+ "name": "accesspointobject",
2047
+ "required": false,
2048
+ "conditionKeys": [],
2049
+ "dependentActions": []
2050
+ },
1944
2051
  {
1945
2052
  "name": "object",
1946
- "required": true,
2053
+ "required": false,
1947
2054
  "conditionKeys": [],
1948
2055
  "dependentActions": []
1949
2056
  }
1950
2057
  ],
1951
2058
  "conditionKeys": [
1952
- "s3:DataAccessPointAccount",
1953
- "s3:DataAccessPointArn",
1954
- "s3:AccessPointNetworkOrigin",
1955
2059
  "s3:authType",
1956
2060
  "s3:ResourceAccount",
1957
2061
  "s3:signatureAge",
@@ -1966,17 +2070,20 @@
1966
2070
  "description": "Grants permission to return the tag set of an object",
1967
2071
  "accessLevel": "Read",
1968
2072
  "resourceTypes": [
2073
+ {
2074
+ "name": "accesspointobject",
2075
+ "required": false,
2076
+ "conditionKeys": [],
2077
+ "dependentActions": []
2078
+ },
1969
2079
  {
1970
2080
  "name": "object",
1971
- "required": true,
2081
+ "required": false,
1972
2082
  "conditionKeys": [],
1973
2083
  "dependentActions": []
1974
2084
  }
1975
2085
  ],
1976
2086
  "conditionKeys": [
1977
- "s3:DataAccessPointAccount",
1978
- "s3:DataAccessPointArn",
1979
- "s3:AccessPointNetworkOrigin",
1980
2087
  "s3:ExistingObjectTag/<key>",
1981
2088
  "s3:authType",
1982
2089
  "s3:ResourceAccount",
@@ -2014,18 +2121,21 @@
2014
2121
  "description": "Grants permission to retrieve a specific version of an object",
2015
2122
  "accessLevel": "Read",
2016
2123
  "resourceTypes": [
2124
+ {
2125
+ "name": "accesspointobject",
2126
+ "required": false,
2127
+ "conditionKeys": [],
2128
+ "dependentActions": []
2129
+ },
2017
2130
  {
2018
2131
  "name": "object",
2019
- "required": true,
2132
+ "required": false,
2020
2133
  "conditionKeys": [],
2021
2134
  "dependentActions": []
2022
2135
  }
2023
2136
  ],
2024
2137
  "conditionKeys": [
2025
2138
  "s3:AccessGrantsInstanceArn",
2026
- "s3:DataAccessPointAccount",
2027
- "s3:DataAccessPointArn",
2028
- "s3:AccessPointNetworkOrigin",
2029
2139
  "s3:ExistingObjectTag/<key>",
2030
2140
  "s3:authType",
2031
2141
  "s3:ResourceAccount",
@@ -2042,18 +2152,21 @@
2042
2152
  "description": "Grants permission to return the access control list (ACL) of a specific object version",
2043
2153
  "accessLevel": "Read",
2044
2154
  "resourceTypes": [
2155
+ {
2156
+ "name": "accesspointobject",
2157
+ "required": false,
2158
+ "conditionKeys": [],
2159
+ "dependentActions": []
2160
+ },
2045
2161
  {
2046
2162
  "name": "object",
2047
- "required": true,
2163
+ "required": false,
2048
2164
  "conditionKeys": [],
2049
2165
  "dependentActions": []
2050
2166
  }
2051
2167
  ],
2052
2168
  "conditionKeys": [
2053
2169
  "s3:AccessGrantsInstanceArn",
2054
- "s3:DataAccessPointAccount",
2055
- "s3:DataAccessPointArn",
2056
- "s3:AccessPointNetworkOrigin",
2057
2170
  "s3:ExistingObjectTag/<key>",
2058
2171
  "s3:authType",
2059
2172
  "s3:ResourceAccount",
@@ -2070,17 +2183,20 @@
2070
2183
  "description": "Grants permission to retrieve attributes related to a specific version of an object",
2071
2184
  "accessLevel": "Read",
2072
2185
  "resourceTypes": [
2186
+ {
2187
+ "name": "accesspointobject",
2188
+ "required": false,
2189
+ "conditionKeys": [],
2190
+ "dependentActions": []
2191
+ },
2073
2192
  {
2074
2193
  "name": "object",
2075
- "required": true,
2194
+ "required": false,
2076
2195
  "conditionKeys": [],
2077
2196
  "dependentActions": []
2078
2197
  }
2079
2198
  ],
2080
2199
  "conditionKeys": [
2081
- "s3:DataAccessPointAccount",
2082
- "s3:DataAccessPointArn",
2083
- "s3:AccessPointNetworkOrigin",
2084
2200
  "s3:ExistingObjectTag/<key>",
2085
2201
  "s3:authType",
2086
2202
  "s3:ResourceAccount",
@@ -2119,17 +2235,20 @@
2119
2235
  "description": "Grants permission to return the tag set for a specific version of the object",
2120
2236
  "accessLevel": "Read",
2121
2237
  "resourceTypes": [
2238
+ {
2239
+ "name": "accesspointobject",
2240
+ "required": false,
2241
+ "conditionKeys": [],
2242
+ "dependentActions": []
2243
+ },
2122
2244
  {
2123
2245
  "name": "object",
2124
- "required": true,
2246
+ "required": false,
2125
2247
  "conditionKeys": [],
2126
2248
  "dependentActions": []
2127
2249
  }
2128
2250
  ],
2129
2251
  "conditionKeys": [
2130
- "s3:DataAccessPointAccount",
2131
- "s3:DataAccessPointArn",
2132
- "s3:AccessPointNetworkOrigin",
2133
2252
  "s3:ExistingObjectTag/<key>",
2134
2253
  "s3:authType",
2135
2254
  "s3:ResourceAccount",
@@ -2403,18 +2522,21 @@
2403
2522
  "description": "Grants permission to list some or all of the objects in an Amazon S3 bucket (up to 1000)",
2404
2523
  "accessLevel": "List",
2405
2524
  "resourceTypes": [
2525
+ {
2526
+ "name": "accesspoint",
2527
+ "required": false,
2528
+ "conditionKeys": [],
2529
+ "dependentActions": []
2530
+ },
2406
2531
  {
2407
2532
  "name": "bucket",
2408
- "required": true,
2533
+ "required": false,
2409
2534
  "conditionKeys": [],
2410
2535
  "dependentActions": []
2411
2536
  }
2412
2537
  ],
2413
2538
  "conditionKeys": [
2414
2539
  "s3:AccessGrantsInstanceArn",
2415
- "s3:DataAccessPointAccount",
2416
- "s3:DataAccessPointArn",
2417
- "s3:AccessPointNetworkOrigin",
2418
2540
  "s3:authType",
2419
2541
  "s3:delimiter",
2420
2542
  "s3:max-keys",
@@ -2449,7 +2571,9 @@
2449
2571
  "s3:signatureAge",
2450
2572
  "s3:signatureversion",
2451
2573
  "s3:TlsVersion",
2452
- "s3:x-amz-content-sha256"
2574
+ "s3:x-amz-content-sha256",
2575
+ "s3:AccessPointTag/${TagKey}",
2576
+ "aws:ResourceTag/${TagKey}"
2453
2577
  ],
2454
2578
  "dependentActions": []
2455
2579
  },
@@ -2458,18 +2582,21 @@
2458
2582
  "description": "Grants permission to list metadata about all the versions of objects in an Amazon S3 bucket",
2459
2583
  "accessLevel": "List",
2460
2584
  "resourceTypes": [
2585
+ {
2586
+ "name": "accesspoint",
2587
+ "required": false,
2588
+ "conditionKeys": [],
2589
+ "dependentActions": []
2590
+ },
2461
2591
  {
2462
2592
  "name": "bucket",
2463
- "required": true,
2593
+ "required": false,
2464
2594
  "conditionKeys": [],
2465
2595
  "dependentActions": []
2466
2596
  }
2467
2597
  ],
2468
2598
  "conditionKeys": [
2469
2599
  "s3:AccessGrantsInstanceArn",
2470
- "s3:DataAccessPointAccount",
2471
- "s3:DataAccessPointArn",
2472
- "s3:AccessPointNetworkOrigin",
2473
2600
  "s3:authType",
2474
2601
  "s3:delimiter",
2475
2602
  "s3:max-keys",
@@ -2539,18 +2666,21 @@
2539
2666
  "description": "Grants permission to list the parts that have been uploaded for a specific multipart upload",
2540
2667
  "accessLevel": "List",
2541
2668
  "resourceTypes": [
2669
+ {
2670
+ "name": "accesspointobject",
2671
+ "required": false,
2672
+ "conditionKeys": [],
2673
+ "dependentActions": []
2674
+ },
2542
2675
  {
2543
2676
  "name": "object",
2544
- "required": true,
2677
+ "required": false,
2545
2678
  "conditionKeys": [],
2546
2679
  "dependentActions": []
2547
2680
  }
2548
2681
  ],
2549
2682
  "conditionKeys": [
2550
2683
  "s3:AccessGrantsInstanceArn",
2551
- "s3:DataAccessPointAccount",
2552
- "s3:DataAccessPointArn",
2553
- "s3:AccessPointNetworkOrigin",
2554
2684
  "s3:authType",
2555
2685
  "s3:ResourceAccount",
2556
2686
  "s3:signatureAge",
@@ -2613,6 +2743,18 @@
2613
2743
  "conditionKeys": [],
2614
2744
  "dependentActions": []
2615
2745
  },
2746
+ {
2747
+ "name": "accesspoint",
2748
+ "required": false,
2749
+ "conditionKeys": [],
2750
+ "dependentActions": []
2751
+ },
2752
+ {
2753
+ "name": "bucket",
2754
+ "required": false,
2755
+ "conditionKeys": [],
2756
+ "dependentActions": []
2757
+ },
2616
2758
  {
2617
2759
  "name": "storagelensgroup",
2618
2760
  "required": false,
@@ -2704,7 +2846,7 @@
2704
2846
  "putaccessgrantsinstanceresourcepolicy": {
2705
2847
  "name": "PutAccessGrantsInstanceResourcePolicy",
2706
2848
  "description": "Grants permission to put Access grants instance resource policy",
2707
- "accessLevel": "Write",
2849
+ "accessLevel": "Permissions management",
2708
2850
  "resourceTypes": [
2709
2851
  {
2710
2852
  "name": "accessgrantsinstance",
@@ -2762,9 +2904,6 @@
2762
2904
  }
2763
2905
  ],
2764
2906
  "conditionKeys": [
2765
- "s3:DataAccessPointAccount",
2766
- "s3:DataAccessPointArn",
2767
- "s3:AccessPointNetworkOrigin",
2768
2907
  "s3:authType",
2769
2908
  "s3:ResourceAccount",
2770
2909
  "s3:signatureAge",
@@ -2844,6 +2983,28 @@
2844
2983
  ],
2845
2984
  "dependentActions": []
2846
2985
  },
2986
+ "putbucketabac": {
2987
+ "name": "PutBucketAbac",
2988
+ "description": "Grants permission to set ABAC configuration for a general purpose bucket",
2989
+ "accessLevel": "Write",
2990
+ "resourceTypes": [
2991
+ {
2992
+ "name": "bucket",
2993
+ "required": true,
2994
+ "conditionKeys": [],
2995
+ "dependentActions": []
2996
+ }
2997
+ ],
2998
+ "conditionKeys": [
2999
+ "s3:authType",
3000
+ "s3:ResourceAccount",
3001
+ "s3:signatureAge",
3002
+ "s3:signatureversion",
3003
+ "s3:TlsVersion",
3004
+ "s3:x-amz-content-sha256"
3005
+ ],
3006
+ "dependentActions": []
3007
+ },
2847
3008
  "putbucketacl": {
2848
3009
  "name": "PutBucketAcl",
2849
3010
  "description": "Grants permission to set the permissions on an existing bucket using access control lists (ACLs)",
@@ -3279,18 +3440,21 @@
3279
3440
  "description": "Grants permission to add an object to a bucket",
3280
3441
  "accessLevel": "Write",
3281
3442
  "resourceTypes": [
3443
+ {
3444
+ "name": "accesspointobject",
3445
+ "required": false,
3446
+ "conditionKeys": [],
3447
+ "dependentActions": []
3448
+ },
3282
3449
  {
3283
3450
  "name": "object",
3284
- "required": true,
3451
+ "required": false,
3285
3452
  "conditionKeys": [],
3286
3453
  "dependentActions": []
3287
3454
  }
3288
3455
  ],
3289
3456
  "conditionKeys": [
3290
3457
  "s3:AccessGrantsInstanceArn",
3291
- "s3:DataAccessPointAccount",
3292
- "s3:DataAccessPointArn",
3293
- "s3:AccessPointNetworkOrigin",
3294
3458
  "s3:RequestObjectTag/<key>",
3295
3459
  "s3:RequestObjectTagKeys",
3296
3460
  "s3:authType",
@@ -3327,18 +3491,21 @@
3327
3491
  "description": "Grants permission to set the access control list (ACL) permissions for new or existing objects in an S3 bucket",
3328
3492
  "accessLevel": "Permissions management",
3329
3493
  "resourceTypes": [
3494
+ {
3495
+ "name": "accesspointobject",
3496
+ "required": false,
3497
+ "conditionKeys": [],
3498
+ "dependentActions": []
3499
+ },
3330
3500
  {
3331
3501
  "name": "object",
3332
- "required": true,
3502
+ "required": false,
3333
3503
  "conditionKeys": [],
3334
3504
  "dependentActions": []
3335
3505
  }
3336
3506
  ],
3337
3507
  "conditionKeys": [
3338
3508
  "s3:AccessGrantsInstanceArn",
3339
- "s3:DataAccessPointAccount",
3340
- "s3:DataAccessPointArn",
3341
- "s3:AccessPointNetworkOrigin",
3342
3509
  "s3:ExistingObjectTag/<key>",
3343
3510
  "s3:authType",
3344
3511
  "s3:ResourceAccount",
@@ -3361,17 +3528,20 @@
3361
3528
  "description": "Grants permission to apply a Legal Hold configuration to the specified object",
3362
3529
  "accessLevel": "Write",
3363
3530
  "resourceTypes": [
3531
+ {
3532
+ "name": "accesspointobject",
3533
+ "required": false,
3534
+ "conditionKeys": [],
3535
+ "dependentActions": []
3536
+ },
3364
3537
  {
3365
3538
  "name": "object",
3366
- "required": true,
3539
+ "required": false,
3367
3540
  "conditionKeys": [],
3368
3541
  "dependentActions": []
3369
3542
  }
3370
3543
  ],
3371
3544
  "conditionKeys": [
3372
- "s3:DataAccessPointAccount",
3373
- "s3:DataAccessPointArn",
3374
- "s3:AccessPointNetworkOrigin",
3375
3545
  "s3:authType",
3376
3546
  "s3:ResourceAccount",
3377
3547
  "s3:signatureAge",
@@ -3387,17 +3557,20 @@
3387
3557
  "description": "Grants permission to place an Object Retention configuration on an object",
3388
3558
  "accessLevel": "Write",
3389
3559
  "resourceTypes": [
3560
+ {
3561
+ "name": "accesspointobject",
3562
+ "required": false,
3563
+ "conditionKeys": [],
3564
+ "dependentActions": []
3565
+ },
3390
3566
  {
3391
3567
  "name": "object",
3392
- "required": true,
3568
+ "required": false,
3393
3569
  "conditionKeys": [],
3394
3570
  "dependentActions": []
3395
3571
  }
3396
3572
  ],
3397
3573
  "conditionKeys": [
3398
- "s3:DataAccessPointAccount",
3399
- "s3:DataAccessPointArn",
3400
- "s3:AccessPointNetworkOrigin",
3401
3574
  "s3:authType",
3402
3575
  "s3:ResourceAccount",
3403
3576
  "s3:signatureAge",
@@ -3415,17 +3588,20 @@
3415
3588
  "description": "Grants permission to set the supplied tag-set to an object that already exists in a bucket",
3416
3589
  "accessLevel": "Tagging",
3417
3590
  "resourceTypes": [
3591
+ {
3592
+ "name": "accesspointobject",
3593
+ "required": false,
3594
+ "conditionKeys": [],
3595
+ "dependentActions": []
3596
+ },
3418
3597
  {
3419
3598
  "name": "object",
3420
- "required": true,
3599
+ "required": false,
3421
3600
  "conditionKeys": [],
3422
3601
  "dependentActions": []
3423
3602
  }
3424
3603
  ],
3425
3604
  "conditionKeys": [
3426
- "s3:DataAccessPointAccount",
3427
- "s3:DataAccessPointArn",
3428
- "s3:AccessPointNetworkOrigin",
3429
3605
  "s3:ExistingObjectTag/<key>",
3430
3606
  "s3:RequestObjectTag/<key>",
3431
3607
  "s3:RequestObjectTagKeys",
@@ -3443,18 +3619,21 @@
3443
3619
  "description": "Grants permission to use the acl subresource to set the access control list (ACL) permissions for an object that already exists in a bucket",
3444
3620
  "accessLevel": "Permissions management",
3445
3621
  "resourceTypes": [
3622
+ {
3623
+ "name": "accesspointobject",
3624
+ "required": false,
3625
+ "conditionKeys": [],
3626
+ "dependentActions": []
3627
+ },
3446
3628
  {
3447
3629
  "name": "object",
3448
- "required": true,
3630
+ "required": false,
3449
3631
  "conditionKeys": [],
3450
3632
  "dependentActions": []
3451
3633
  }
3452
3634
  ],
3453
3635
  "conditionKeys": [
3454
3636
  "s3:AccessGrantsInstanceArn",
3455
- "s3:DataAccessPointAccount",
3456
- "s3:DataAccessPointArn",
3457
- "s3:AccessPointNetworkOrigin",
3458
3637
  "s3:ExistingObjectTag/<key>",
3459
3638
  "s3:authType",
3460
3639
  "s3:ResourceAccount",
@@ -3478,17 +3657,20 @@
3478
3657
  "description": "Grants permission to set the supplied tag-set for a specific version of an object",
3479
3658
  "accessLevel": "Tagging",
3480
3659
  "resourceTypes": [
3660
+ {
3661
+ "name": "accesspointobject",
3662
+ "required": false,
3663
+ "conditionKeys": [],
3664
+ "dependentActions": []
3665
+ },
3481
3666
  {
3482
3667
  "name": "object",
3483
- "required": true,
3668
+ "required": false,
3484
3669
  "conditionKeys": [],
3485
3670
  "dependentActions": []
3486
3671
  }
3487
3672
  ],
3488
3673
  "conditionKeys": [
3489
- "s3:DataAccessPointAccount",
3490
- "s3:DataAccessPointArn",
3491
- "s3:AccessPointNetworkOrigin",
3492
3674
  "s3:ExistingObjectTag/<key>",
3493
3675
  "s3:RequestObjectTag/<key>",
3494
3676
  "s3:RequestObjectTagKeys",
@@ -3642,17 +3824,20 @@
3642
3824
  "description": "Grants permission to restore an archived copy of an object back into Amazon S3",
3643
3825
  "accessLevel": "Write",
3644
3826
  "resourceTypes": [
3827
+ {
3828
+ "name": "accesspointobject",
3829
+ "required": false,
3830
+ "conditionKeys": [],
3831
+ "dependentActions": []
3832
+ },
3645
3833
  {
3646
3834
  "name": "object",
3647
- "required": true,
3835
+ "required": false,
3648
3836
  "conditionKeys": [],
3649
3837
  "dependentActions": []
3650
3838
  }
3651
3839
  ],
3652
3840
  "conditionKeys": [
3653
- "s3:DataAccessPointAccount",
3654
- "s3:DataAccessPointArn",
3655
- "s3:AccessPointNetworkOrigin",
3656
3841
  "s3:authType",
3657
3842
  "s3:ResourceAccount",
3658
3843
  "s3:signatureAge",
@@ -3709,6 +3894,18 @@
3709
3894
  "conditionKeys": [],
3710
3895
  "dependentActions": []
3711
3896
  },
3897
+ {
3898
+ "name": "accesspoint",
3899
+ "required": false,
3900
+ "conditionKeys": [],
3901
+ "dependentActions": []
3902
+ },
3903
+ {
3904
+ "name": "bucket",
3905
+ "required": false,
3906
+ "conditionKeys": [],
3907
+ "dependentActions": []
3908
+ },
3712
3909
  {
3713
3910
  "name": "storagelensgroup",
3714
3911
  "required": false,
@@ -3751,6 +3948,18 @@
3751
3948
  "conditionKeys": [],
3752
3949
  "dependentActions": []
3753
3950
  },
3951
+ {
3952
+ "name": "accesspoint",
3953
+ "required": false,
3954
+ "conditionKeys": [],
3955
+ "dependentActions": []
3956
+ },
3957
+ {
3958
+ "name": "bucket",
3959
+ "required": false,
3960
+ "conditionKeys": [],
3961
+ "dependentActions": []
3962
+ },
3754
3963
  {
3755
3964
  "name": "storagelensgroup",
3756
3965
  "required": false,
@@ -3772,7 +3981,7 @@
3772
3981
  "updateaccessgrantslocation": {
3773
3982
  "name": "UpdateAccessGrantsLocation",
3774
3983
  "description": "Grants permission to update Access Grants location",
3775
- "accessLevel": "Write",
3984
+ "accessLevel": "Permissions management",
3776
3985
  "resourceTypes": [
3777
3986
  {
3778
3987
  "name": "accessgrantslocation",
@@ -3782,6 +3991,7 @@
3782
3991
  }
3783
3992
  ],
3784
3993
  "conditionKeys": [
3994
+ "s3:AccessGrantsLocationScope",
3785
3995
  "s3:authType",
3786
3996
  "s3:ResourceAccount",
3787
3997
  "s3:signatureAge",
@@ -3792,6 +4002,58 @@
3792
4002
  ],
3793
4003
  "dependentActions": []
3794
4004
  },
4005
+ "updatebucketmetadatainventorytableconfiguration": {
4006
+ "name": "UpdateBucketMetadataInventoryTableConfiguration",
4007
+ "description": "Grants permission to update the inventory table configuration on an existing S3 Metadata configuration for a specified general purpose bucket",
4008
+ "accessLevel": "Write",
4009
+ "resourceTypes": [
4010
+ {
4011
+ "name": "bucket",
4012
+ "required": true,
4013
+ "conditionKeys": [],
4014
+ "dependentActions": [
4015
+ "kms:DescribeKey",
4016
+ "s3tables:CreateNamespace",
4017
+ "s3tables:CreateTable",
4018
+ "s3tables:CreateTableBucket",
4019
+ "s3tables:GetTable",
4020
+ "s3tables:PutTableEncryption",
4021
+ "s3tables:PutTablePolicy"
4022
+ ]
4023
+ }
4024
+ ],
4025
+ "conditionKeys": [
4026
+ "s3:authType",
4027
+ "s3:ResourceAccount",
4028
+ "s3:signatureAge",
4029
+ "s3:signatureversion",
4030
+ "s3:TlsVersion",
4031
+ "s3:x-amz-content-sha256"
4032
+ ],
4033
+ "dependentActions": []
4034
+ },
4035
+ "updatebucketmetadatajournaltableconfiguration": {
4036
+ "name": "UpdateBucketMetadataJournalTableConfiguration",
4037
+ "description": "Grants permission to update the journal table configuration on an existing S3 Metadata configuration for a specified general purpose bucket",
4038
+ "accessLevel": "Write",
4039
+ "resourceTypes": [
4040
+ {
4041
+ "name": "bucket",
4042
+ "required": true,
4043
+ "conditionKeys": [],
4044
+ "dependentActions": []
4045
+ }
4046
+ ],
4047
+ "conditionKeys": [
4048
+ "s3:authType",
4049
+ "s3:ResourceAccount",
4050
+ "s3:signatureAge",
4051
+ "s3:signatureversion",
4052
+ "s3:TlsVersion",
4053
+ "s3:x-amz-content-sha256"
4054
+ ],
4055
+ "dependentActions": []
4056
+ },
3795
4057
  "updatejobpriority": {
3796
4058
  "name": "UpdateJobPriority",
3797
4059
  "description": "Grants permission to update the priority of an existing job",