iamdata 0.1.202507291__py3-none-any.whl → 0.1.202508251__py3-none-any.whl

iamdata/data/actions/workspaces-web.json

@@ -90,6 +90,27 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "associatesessionlogger": {
+    "name": "AssociateSessionLogger",
+    "description": "Grants permission to associate session logger with web portals",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "portal",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
+      {
+        "name": "sessionLogger",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "associatetruststore": {
     "name": "AssociateTrustStore",
     "description": "Grants permission to associate trust stores with web portals",
@@ -248,6 +269,17 @@
       "kms:GenerateDataKey"
     ]
   },
+  "createsessionlogger": {
+    "name": "CreateSessionLogger",
+    "description": "Grants permission to create session logger",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [
+      "aws:TagKeys",
+      "aws:RequestTag/${TagKey}"
+    ],
+    "dependentActions": []
+  },
   "createtruststore": {
     "name": "CreateTrustStore",
     "description": "Grants permission to create trust stores",
@@ -377,6 +409,21 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "deletesessionlogger": {
+    "name": "DeleteSessionLogger",
+    "description": "Grants permission to delete session logger",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "sessionLogger",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "deletetruststore": {
     "name": "DeleteTrustStore",
     "description": "Grants permission to delete trust stores",
@@ -482,6 +529,21 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "disassociatesessionlogger": {
+    "name": "DisassociateSessionLogger",
+    "description": "Grants permission to disassociate session logger from web portals",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "portal",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "disassociatetruststore": {
     "name": "DisassociateTrustStore",
     "description": "Grants permission to disassociate trust stores from web portals",
@@ -662,6 +724,21 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "getsessionlogger": {
+    "name": "GetSessionLogger",
+    "description": "Grants permission to get details on session logger",
+    "accessLevel": "Read",
+    "resourceTypes": [
+      {
+        "name": "sessionLogger",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "gettruststore": {
     "name": "GetTrustStore",
     "description": "Grants permission to get details on trust stores",
@@ -777,6 +854,14 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "listsessionloggers": {
+    "name": "ListSessionLoggers",
+    "description": "Grants permission to list session loggers",
+    "accessLevel": "Read",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "listsessions": {
     "name": "ListSessions",
     "description": "Grants permission to list sessions for a Portal using optional filters",
@@ -873,6 +958,12 @@
         "conditionKeys": [],
         "dependentActions": []
       },
+      {
+        "name": "sessionLogger",
+        "required": false,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
       {
         "name": "trustStore",
         "required": false,
@@ -939,6 +1030,12 @@
         "conditionKeys": [],
         "dependentActions": []
       },
+      {
+        "name": "sessionLogger",
+        "required": false,
+        "conditionKeys": [],
+        "dependentActions": []
+      },
       {
         "name": "trustStore",
         "required": false,
@@ -1066,6 +1163,21 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "updatesessionlogger": {
+    "name": "UpdateSessionLogger",
+    "description": "Grants permission to update session logger",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "sessionLogger",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "updatetruststore": {
     "name": "UpdateTrustStore",
     "description": "Grants permission to update trust stores",

iamdata/data/actions/workspaces.json

@@ -154,6 +154,22 @@
     ],
     "dependentActions": []
   },
+  "createrootclientcertificate": {
+    "name": "CreateRootClientCertificate",
+    "isPermissionOnly": true,
+    "description": "Grants permission to create a root client certificate",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "certificateid",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "createstandbyworkspaces": {
     "name": "CreateStandbyWorkspaces",
     "description": "Grants permission to create one or more Standby WorkSpaces",
@@ -379,6 +395,22 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "deleterootclientcertificate": {
+    "name": "DeleteRootClientCertificate",
+    "isPermissionOnly": true,
+    "description": "Grants permission to delete root client certificate",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "certificateid",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "deletetags": {
     "name": "DeleteTags",
     "description": "Grants permission to delete tags from WorkSpaces resources",
@@ -578,6 +610,23 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "describeconsent": {
+    "name": "DescribeConsent",
+    "isPermissionOnly": true,
+    "description": "Grants permission to retrieve information about consent agreement to BYOL minimum requirements",
+    "accessLevel": "Read",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "describecustomworkspaceimageimport": {
+    "name": "DescribeCustomWorkspaceImageImport",
+    "description": "Grants permission to retrieve information about WorkSpace BYOL image import task",
+    "accessLevel": "Read",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "describeimageassociations": {
     "name": "DescribeImageAssociations",
     "description": "Grants permission to retrieve information about resources associated with a WorkSpace image",
@@ -610,6 +659,22 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "describerootclientcertificates": {
+    "name": "DescribeRootClientCertificates",
+    "isPermissionOnly": true,
+    "description": "Grants permission to retrieve information for root client certificates",
+    "accessLevel": "List",
+    "resourceTypes": [
+      {
+        "name": "certificateid",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "describetags": {
     "name": "DescribeTags",
     "description": "Grants permission to describe the tags for WorkSpaces resources",
@@ -728,6 +793,22 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "directoryaccessmanagement": {
+    "name": "DirectoryAccessManagement",
+    "isPermissionOnly": true,
+    "description": "Grants permission to directory management actions while managing and provisioning workspaces",
+    "accessLevel": "List",
+    "resourceTypes": [
+      {
+        "name": "directoryid",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "disassociateconnectionalias": {
     "name": "DisassociateConnectionAlias",
     "description": "Grants permission to disassociate connection aliases from directories",
@@ -810,6 +891,14 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "importcustomworkspaceimage": {
+    "name": "ImportCustomWorkspaceImage",
+    "description": "Grants permission to import Bring Your Own License (BYOL) images into Amazon WorkSpaces",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "importworkspaceimage": {
     "name": "ImportWorkspaceImage",
     "description": "Grants permission to import Bring Your Own License (BYOL) images into Amazon WorkSpaces",
@@ -1249,6 +1338,31 @@
     "conditionKeys": [],
     "dependentActions": []
   },
+  "updateconsent": {
+    "name": "UpdateConsent",
+    "isPermissionOnly": true,
+    "description": "Grants permission to update the consent agreement to BYOL minimum requirements",
+    "accessLevel": "Write",
+    "resourceTypes": [],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
+  "updaterootclientcertificate": {
+    "name": "UpdateRootClientCertificate",
+    "isPermissionOnly": true,
+    "description": "Grants permission to update a root client certificate",
+    "accessLevel": "Write",
+    "resourceTypes": [
+      {
+        "name": "certificateid",
+        "required": true,
+        "conditionKeys": [],
+        "dependentActions": []
+      }
+    ],
+    "conditionKeys": [],
+    "dependentActions": []
+  },
   "updaterulesofipgroup": {
     "name": "UpdateRulesOfIpGroup",
     "description": "Grants permission to replace rules for IP access control groups",

iamdata/data/actions/xray.json

@@ -82,7 +82,9 @@
     "description": "Grants permission to delete resource policies",
     "accessLevel": "Write",
     "resourceTypes": [],
-    "conditionKeys": [],
+    "conditionKeys": [
+      "xray:ResourcePolicyName"
+    ],
     "dependentActions": []
   },
   "deletesamplingrule": {
@@ -315,7 +317,9 @@
     "description": "Grants permission to create or update resource policies",
     "accessLevel": "Write",
     "resourceTypes": [],
-    "conditionKeys": [],
+    "conditionKeys": [
+      "xray:ResourcePolicyName"
+    ],
     "dependentActions": []
   },
   "putspans": {
@@ -453,7 +457,9 @@
     "description": "Grants permission to modify the destination of data sent to PutTraceSegments and OpenTelemetry API",
     "accessLevel": "Write",
     "resourceTypes": [],
-    "conditionKeys": [],
+    "conditionKeys": [
+      "xray:TraceSegmentDestination"
+    ],
     "dependentActions": []
   }
 }

iamdata/data/conditionKeys/arc-region-switch.json

@@ -0,0 +1,17 @@
+{
+  "aws:requesttag/${tagkey}": {
+    "key": "aws:RequestTag/${TagKey}",
+    "description": "Filters access by tag key-value pairs attached to the resource",
+    "type": "String"
+  },
+  "aws:resourcetag/${tagkey}": {
+    "key": "aws:ResourceTag/${TagKey}",
+    "description": "Filters access by a tag's key and value in a request",
+    "type": "String"
+  },
+  "aws:tagkeys": {
+    "key": "aws:TagKeys",
+    "description": "Filters access by the presence of tag keys in the request",
+    "type": "ArrayOfString"
+  }
+}

iamdata/data/conditionKeys/bcm-dashboards.json

@@ -0,0 +1 @@
+{}

iamdata/data/conditionKeys/bcm-recommended-actions.json

@@ -0,0 +1 @@
+{}

iamdata/data/conditionKeys/chatbot.json

@@ -1 +1,17 @@
-{}
+{
+  "aws:requesttag/${tagkey}": {
+    "key": "aws:RequestTag/${TagKey}",
+    "description": "Filters access by the tags that are passed in the request",
+    "type": "String"
+  },
+  "aws:resourcetag/${tagkey}": {
+    "key": "aws:ResourceTag/${TagKey}",
+    "description": "Filters access by the tags associated with the resource",
+    "type": "String"
+  },
+  "aws:tagkeys": {
+    "key": "aws:TagKeys",
+    "description": "Filters access by the tag keys that are passed in the request",
+    "type": "ArrayOfString"
+  }
+}

iamdata/data/conditionKeys/ebs.json

@@ -21,8 +21,8 @@
   },
   "ebs:parentsnapshot": {
     "key": "ebs:ParentSnapshot",
-    "description": "Filters access by the ID of the parent snapshot",
-    "type": "String"
+    "description": "Filters access by the ARN of the parent snapshot",
+    "type": "ARN"
   },
   "ebs:volumesize": {
     "key": "ebs:VolumeSize",

iamdata/data/conditionKeys/imagebuilder.json

@@ -14,8 +14,8 @@
     "description": "Filters access by the presence of tag keys in the request",
     "type": "ArrayOfString"
   },
-  "imagebuilder:createdresourcetag/<key>": {
-    "key": "imagebuilder:CreatedResourceTag/<key>",
+  "imagebuilder:createdresourcetag/${tagkey}": {
+    "key": "imagebuilder:CreatedResourceTag/${TagKey}",
     "description": "Filters access by the tag key-value pairs attached to the resource created by Image Builder",
     "type": "String"
   },

iamdata/data/conditionKeys/iotmanagedintegrations.json

@@ -13,5 +13,15 @@
     "key": "aws:TagKeys",
     "description": "Filters access by tag keys that are passed in the request",
     "type": "ArrayOfString"
+  },
+  "iotmanagedintegrations:cloudconnectorid": {
+    "key": "iotmanagedintegrations:cloudConnectorId",
+    "description": "Filters access by the CloudConnectorId",
+    "type": "String"
+  },
+  "iotmanagedintegrations:connectordestinationid": {
+    "key": "iotmanagedintegrations:connectorDestinationId",
+    "description": "Filters access by the ConnectorDestinationId",
+    "type": "String"
   }
 }

iamdata/data/conditionKeys/observabilityadmin.json

@@ -1 +1,17 @@
-{}
+{
+  "aws:requesttag/${tagkey}": {
+    "key": "aws:RequestTag/${TagKey}",
+    "description": "Filters access by the tags that are passed in the request",
+    "type": "String"
+  },
+  "aws:resourcetag/${tagkey}": {
+    "key": "aws:ResourceTag/${TagKey}",
+    "description": "Filters access by the tags associated with the resource",
+    "type": "String"
+  },
+  "aws:tagkeys": {
+    "key": "aws:TagKeys",
+    "description": "Filters access by the tag keys that are passed in the request",
+    "type": "ArrayOfString"
+  }
+}

iamdata/data/conditionKeys/quicksight.json

@@ -14,11 +14,6 @@
     "description": "Filters access by tag keys",
     "type": "ArrayOfString"
   },
-  "identitystore:groupid": {
-    "key": "identitystore:GroupId",
-    "description": "Filters access by IdentityStore group ARN",
-    "type": "ARN"
-  },
   "quicksight:allowedembeddingdomains": {
     "key": "quicksight:AllowedEmbeddingDomains",
     "description": "Filters access by the allowed embedding domains",

iamdata/data/conditionKeys/rds.json

@@ -59,6 +59,11 @@
     "description": "Filters access by the value that contains the number of Provisioned IOPS (PIOPS) that the instance supports. To indicate a DB instance that does not have PIOPS enabled, specify 0",
     "type": "Numeric"
   },
+  "rds:publiclyaccessible": {
+    "key": "rds:PubliclyAccessible",
+    "description": "Filters access by the value that specifies whether the DB Instance or DB ShardGroup is publicly accessible",
+    "type": "Bool"
+  },
   "rds:storageencrypted": {
     "key": "rds:StorageEncrypted",
     "description": "Filters access by the value that specifies whether the DB instance storage should be encrypted. To enforce storage encryption, specify true",

iamdata/data/conditionKeys/s3.json

@@ -34,6 +34,11 @@
     "description": "Filters access by the network origin (Internet or VPC)",
     "type": "String"
   },
+  "s3:accesspointtag/${tagkey}": {
+    "key": "s3:AccessPointTag/${TagKey}",
+    "description": "Filters access by existing access point tag key and value",
+    "type": "String"
+  },
   "s3:dataaccesspointaccount": {
     "key": "s3:DataAccessPointAccount",
     "description": "Filters access by the AWS Account ID that owns the access point",

iamdata/data/conditionKeys/s3express.json

@@ -19,6 +19,11 @@
     "description": "Filters access by the network origin (Internet or VPC)",
     "type": "String"
   },
+  "s3express:accesspointtag/${tagkey}": {
+    "key": "s3express:AccessPointTag/${TagKey}",
+    "description": "Filters access by tag key-value pairs attached to the access point",
+    "type": "String"
+  },
   "s3express:allaccessrestrictedtolocalzonegroup": {
     "key": "s3express:AllAccessRestrictedToLocalZoneGroup",
     "description": "Filters access by AWS Local Zone network border group(s) provided in this condition key",

iamdata/data/conditionKeys/savingsplans.json

@@ -6,7 +6,7 @@
   },
   "aws:resourcetag/${tagkey}": {
     "key": "aws:ResourceTag/${TagKey}",
-    "description": "Filters access by tag-value assoicated with the resource",
+    "description": "Filters access by tag-value associated with the resource",
     "type": "String"
   },
   "aws:tagkeys": {

iamdata/data/conditionKeys/secretsmanager.json

@@ -86,7 +86,7 @@
   },
   "secretsmanager:secretprimaryregion": {
     "key": "secretsmanager:SecretPrimaryRegion",
-    "description": "Filters access by primary region in which the secret is created",
+    "description": "Filters access by primary region in which the secret is created if the secret is a multi-Region secret",
     "type": "String"
   },
   "secretsmanager:versionid": {

iamdata/data/conditionKeys/servicediscovery.json

@@ -29,6 +29,11 @@
     "description": "Filters access by specifying the Amazon Resource Name (ARN) for the related service",
     "type": "ARN"
   },
+  "servicediscovery:servicecreatedbyaccount": {
+    "key": "servicediscovery:ServiceCreatedByAccount",
+    "description": "Filters access by specifying the account id of the related service creator",
+    "type": "String"
+  },
   "servicediscovery:servicename": {
     "key": "servicediscovery:ServiceName",
     "description": "Filters access by specifying the name of the related service",

iamdata/data/conditionKeys/ses.json

@@ -73,5 +73,10 @@
     "key": "ses:ReplicaRegion",
     "description": "Filters access by the replica regions for Replicating domain DKIM signing key",
     "type": "ArrayOfString"
+  },
+  "ses:tenantname": {
+    "key": "ses:TenantName",
+    "description": "Filters access by the tenant name that is used to send email",
+    "type": "String"
   }
 }

iamdata/data/conditionKeys/uxc.json

@@ -0,0 +1 @@
+{}

iamdata/data/conditionKeys/xray.json

@@ -13,5 +13,15 @@
     "key": "aws:TagKeys",
     "description": "Filters access by the tag keys that are passed in the request",
     "type": "ArrayOfString"
+  },
+  "xray:resourcepolicyname": {
+    "key": "xray:ResourcePolicyName",
+    "description": "Filters access by PolicyName in the request",
+    "type": "String"
+  },
+  "xray:tracesegmentdestination": {
+    "key": "xray:TraceSegmentDestination",
+    "description": "Filters access by TraceSegmentDestination type in the request",
+    "type": "String"
   }
 }