iamdata 0.1.202509101__py3-none-any.whl → 0.1.202511241__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of iamdata might be problematic. Click here for more details.

Files changed (179) hide show
  1. iamdata/data/actions/access-analyzer.json +4 -1
  2. iamdata/data/actions/action-recommendations.json +10 -0
  3. iamdata/data/actions/aiops.json +159 -0
  4. iamdata/data/actions/airflow-serverless.json +225 -0
  5. iamdata/data/actions/amplify.json +1 -8
  6. iamdata/data/actions/application-signals.json +48 -0
  7. iamdata/data/actions/appstream.json +120 -36
  8. iamdata/data/actions/aps.json +190 -0
  9. iamdata/data/actions/athena.json +88 -1
  10. iamdata/data/actions/autoscaling.json +42 -3
  11. iamdata/data/actions/backup.json +170 -2
  12. iamdata/data/actions/batch.json +28 -18
  13. iamdata/data/actions/bedrock-agentcore.json +453 -12
  14. iamdata/data/actions/bedrock.json +61 -2
  15. iamdata/data/actions/billing.json +72 -5
  16. iamdata/data/actions/braket.json +62 -0
  17. iamdata/data/actions/cloudformation.json +43 -0
  18. iamdata/data/actions/cloudfront.json +71 -88
  19. iamdata/data/actions/cloudtrail.json +35 -8
  20. iamdata/data/actions/cognito-idp.json +75 -0
  21. iamdata/data/actions/connect.json +129 -1
  22. iamdata/data/actions/cost-optimization-hub.json +8 -0
  23. iamdata/data/actions/datazone.json +224 -3
  24. iamdata/data/actions/dms.json +132 -0
  25. iamdata/data/actions/dsql.json +46 -8
  26. iamdata/data/actions/ec2.json +219 -33
  27. iamdata/data/actions/ecs.json +137 -2
  28. iamdata/data/actions/eks-mcp.json +26 -0
  29. iamdata/data/actions/eks.json +22 -2
  30. iamdata/data/actions/elasticloadbalancing.json +9 -0
  31. iamdata/data/actions/emr-containers.json +15 -0
  32. iamdata/data/actions/es.json +60 -0
  33. iamdata/data/actions/evs.json +30 -0
  34. iamdata/data/actions/fsx.json +15 -6
  35. iamdata/data/actions/glacier.json +1 -4
  36. iamdata/data/actions/glue.json +92 -16
  37. iamdata/data/actions/groundstation.json +15 -0
  38. iamdata/data/actions/guardduty.json +47 -1
  39. iamdata/data/actions/healthlake.json +225 -0
  40. iamdata/data/actions/iam.json +158 -5
  41. iamdata/data/actions/identitystore.json +158 -37
  42. iamdata/data/actions/imagebuilder.json +50 -6
  43. iamdata/data/actions/invoicing.json +84 -2
  44. iamdata/data/actions/iotmanagedintegrations.json +15 -0
  45. iamdata/data/actions/kafka.json +71 -0
  46. iamdata/data/actions/kinesis.json +63 -0
  47. iamdata/data/actions/kinesisvideo.json +30 -0
  48. iamdata/data/actions/kms.json +124 -1
  49. iamdata/data/actions/lakeformation.json +16 -0
  50. iamdata/data/actions/lambda.json +4 -2
  51. iamdata/data/actions/license-manager.json +217 -3
  52. iamdata/data/actions/logs.json +98 -0
  53. iamdata/data/actions/mediaconnect.json +83 -10
  54. iamdata/data/actions/medialive.json +24 -0
  55. iamdata/data/actions/mgn.json +54 -1
  56. iamdata/data/actions/notifications-contacts.json +2 -1
  57. iamdata/data/actions/observabilityadmin.json +136 -2
  58. iamdata/data/actions/odb.json +37 -0
  59. iamdata/data/actions/one.json +8 -0
  60. iamdata/data/actions/organizations.json +124 -3
  61. iamdata/data/actions/osis.json +111 -0
  62. iamdata/data/actions/partnercentral.json +307 -3
  63. iamdata/data/actions/pcs.json +26 -0
  64. iamdata/data/actions/pi.json +6 -0
  65. iamdata/data/actions/pricingplanmanager.json +66 -0
  66. iamdata/data/actions/profile.json +405 -1
  67. iamdata/data/actions/quicksight.json +491 -1
  68. iamdata/data/actions/rds.json +19 -8
  69. iamdata/data/actions/redshift-serverless.json +2 -2
  70. iamdata/data/actions/resource-explorer-2.json +82 -0
  71. iamdata/data/actions/rtbfabric.json +481 -0
  72. iamdata/data/actions/s3.json +68 -5
  73. iamdata/data/actions/s3tables.json +85 -2
  74. iamdata/data/actions/sagemaker-unified-studio-mcp.json +26 -0
  75. iamdata/data/actions/sagemaker.json +40 -8
  76. iamdata/data/actions/scn.json +17 -5
  77. iamdata/data/actions/secretsmanager.json +42 -20
  78. iamdata/data/actions/securityhub.json +30 -0
  79. iamdata/data/actions/servicequotas.json +32 -0
  80. iamdata/data/actions/signin.json +16 -0
  81. iamdata/data/actions/social-messaging.json +64 -8
  82. iamdata/data/actions/sso-directory.json +108 -36
  83. iamdata/data/actions/sso-oauth.json +40 -2
  84. iamdata/data/actions/sso.json +338 -110
  85. iamdata/data/actions/sts.json +34 -0
  86. iamdata/data/actions/support-console.json +18 -0
  87. iamdata/data/actions/support.json +35 -1
  88. iamdata/data/actions/tag.json +8 -0
  89. iamdata/data/actions/tax.json +48 -0
  90. iamdata/data/actions/transfer.json +30 -14
  91. iamdata/data/actions/transform.json +101 -2
  92. iamdata/data/actions/user-subscriptions.json +8 -0
  93. iamdata/data/actions/vpc-lattice-svcs.json +2 -0
  94. iamdata/data/actions/vpc-lattice.json +81 -0
  95. iamdata/data/actions/wisdom.json +15 -0
  96. iamdata/data/actions/workspaces-web.json +25 -9
  97. iamdata/data/actions/workspaces.json +0 -16
  98. iamdata/data/actions/xray.json +6 -2
  99. iamdata/data/conditionKeys/airflow-serverless.json +17 -0
  100. iamdata/data/conditionKeys/autoscaling.json +5 -0
  101. iamdata/data/conditionKeys/bedrock-agentcore.json +55 -0
  102. iamdata/data/conditionKeys/bedrock.json +5 -0
  103. iamdata/data/conditionKeys/cloudformation.json +5 -0
  104. iamdata/data/conditionKeys/connect.json +5 -0
  105. iamdata/data/conditionKeys/dynamodb.json +21 -1
  106. iamdata/data/conditionKeys/ec2.json +15 -15
  107. iamdata/data/conditionKeys/eks.json +5 -0
  108. iamdata/data/conditionKeys/events.json +1 -1
  109. iamdata/data/conditionKeys/glacier.json +0 -10
  110. iamdata/data/conditionKeys/glue.json +5 -0
  111. iamdata/data/conditionKeys/iam.json +20 -0
  112. iamdata/data/conditionKeys/identitystore.json +26 -1
  113. iamdata/data/conditionKeys/kinesis.json +15 -0
  114. iamdata/data/conditionKeys/kms.json +127 -7
  115. iamdata/data/conditionKeys/lambda.json +5 -0
  116. iamdata/data/conditionKeys/mediaconnect.json +17 -1
  117. iamdata/data/conditionKeys/observabilityadmin.json +15 -0
  118. iamdata/data/conditionKeys/organizations.json +10 -0
  119. iamdata/data/conditionKeys/partnercentral.json +7 -2
  120. iamdata/data/conditionKeys/pricingplanmanager.json +1 -0
  121. iamdata/data/conditionKeys/rtbfabric.json +47 -0
  122. iamdata/data/conditionKeys/s3.json +5 -0
  123. iamdata/data/conditionKeys/s3tables.json +20 -0
  124. iamdata/data/conditionKeys/sagemaker-unified-studio-mcp.json +1 -0
  125. iamdata/data/conditionKeys/sagemaker.json +15 -0
  126. iamdata/data/conditionKeys/secretsmanager.json +15 -0
  127. iamdata/data/conditionKeys/sso.json +10 -0
  128. iamdata/data/conditionKeys/sts.json +10 -0
  129. iamdata/data/conditionKeys/transfer.json +20 -0
  130. iamdata/data/conditionKeys/transform.json +12 -1
  131. iamdata/data/conditionKeys/vpc-lattice-svcs.json +5 -0
  132. iamdata/data/conditionKeys/vpc-lattice.json +15 -0
  133. iamdata/data/conditionKeys/xray.json +5 -0
  134. iamdata/data/conditionPatterns.json +8 -0
  135. iamdata/data/metadata.json +2 -2
  136. iamdata/data/resourceTypes/action-recommendations.json +1 -0
  137. iamdata/data/resourceTypes/airflow-serverless.json +9 -0
  138. iamdata/data/resourceTypes/aps.json +9 -0
  139. iamdata/data/resourceTypes/athena.json +7 -0
  140. iamdata/data/resourceTypes/backup.json +7 -0
  141. iamdata/data/resourceTypes/bedrock-agentcore.json +44 -11
  142. iamdata/data/resourceTypes/bedrock.json +4 -0
  143. iamdata/data/resourceTypes/braket.json +7 -0
  144. iamdata/data/resourceTypes/cloudformation.json +4 -0
  145. iamdata/data/resourceTypes/ec2.json +19 -5
  146. iamdata/data/resourceTypes/eks-mcp.json +1 -0
  147. iamdata/data/resourceTypes/guardduty.json +4 -1
  148. iamdata/data/resourceTypes/iam.json +7 -0
  149. iamdata/data/resourceTypes/invoicing.json +7 -0
  150. iamdata/data/resourceTypes/license-manager.json +14 -0
  151. iamdata/data/resourceTypes/logs.json +7 -0
  152. iamdata/data/resourceTypes/mediaconnect.json +16 -4
  153. iamdata/data/resourceTypes/observabilityadmin.json +9 -2
  154. iamdata/data/resourceTypes/organizations.json +7 -0
  155. iamdata/data/resourceTypes/osis.json +7 -0
  156. iamdata/data/resourceTypes/partnercentral.json +21 -0
  157. iamdata/data/resourceTypes/pi.json +4 -1
  158. iamdata/data/resourceTypes/pricingplanmanager.json +6 -0
  159. iamdata/data/resourceTypes/profile.json +14 -0
  160. iamdata/data/resourceTypes/quicksight.json +26 -1
  161. iamdata/data/resourceTypes/rtbfabric.json +46 -0
  162. iamdata/data/resourceTypes/s3.json +11 -2
  163. iamdata/data/resourceTypes/s3tables.json +7 -1
  164. iamdata/data/resourceTypes/sagemaker-unified-studio-mcp.json +1 -0
  165. iamdata/data/resourceTypes/sagemaker.json +8 -1
  166. iamdata/data/resourceTypes/scn.json +16 -4
  167. iamdata/data/resourceTypes/secretsmanager.json +2 -1
  168. iamdata/data/resourceTypes/transform.json +4 -0
  169. iamdata/data/resourceTypes/vpc-lattice.json +12 -0
  170. iamdata/data/serviceNames.json +7 -2
  171. iamdata/data/services.json +6 -1
  172. iamdata/data/unassociatedConditions.json +3 -0
  173. {iamdata-0.1.202509101.dist-info → iamdata-0.1.202511241.dist-info}/METADATA +1 -1
  174. {iamdata-0.1.202509101.dist-info → iamdata-0.1.202511241.dist-info}/RECORD +178 -163
  175. iamdata/data/actions/application-cost-profiler.json +0 -50
  176. /iamdata/data/conditionKeys/{application-cost-profiler.json → action-recommendations.json} +0 -0
  177. /iamdata/data/{resourceTypes/application-cost-profiler.json → conditionKeys/eks-mcp.json} +0 -0
  178. {iamdata-0.1.202509101.dist-info → iamdata-0.1.202511241.dist-info}/WHEEL +0 -0
  179. {iamdata-0.1.202509101.dist-info → iamdata-0.1.202511241.dist-info}/licenses/LICENSE.txt +0 -0
iamdata/data/actions/iam.json CHANGED
@@ -1,4 +1,19 @@
1
1
  {
2
+ "acceptdelegationrequest": {
3
+ "name": "AcceptDelegationRequest",
4
+ "description": "Accepts a delegation request resource, granting the requested temporary access",
5
+ "accessLevel": "Write",
6
+ "resourceTypes": [
7
+ {
8
+ "name": "delegation-request",
9
+ "required": true,
10
+ "conditionKeys": [],
11
+ "dependentActions": []
12
+ }
13
+ ],
14
+ "conditionKeys": [],
15
+ "dependentActions": []
16
+ },
2
17
  "addclientidtoopenidconnectprovider": {
3
18
  "name": "AddClientIDToOpenIDConnectProvider",
4
19
  "description": "Grants permission to add a new client ID (audience) to the list of registered IDs for the specified IAM OpenID Connect (OIDC) provider resource",
@@ -46,6 +61,21 @@
46
61
  "conditionKeys": [],
47
62
  "dependentActions": []
48
63
  },
64
+ "associatedelegationrequest": {
65
+ "name": "AssociateDelegationRequest",
66
+ "description": "Associates a delegation request resource with the calling identity",
67
+ "accessLevel": "Write",
68
+ "resourceTypes": [
69
+ {
70
+ "name": "delegation-request",
71
+ "required": true,
72
+ "conditionKeys": [],
73
+ "dependentActions": []
74
+ }
75
+ ],
76
+ "conditionKeys": [],
77
+ "dependentActions": []
78
+ },
49
79
  "attachgrouppolicy": {
50
80
  "name": "AttachGroupPolicy",
51
81
  "description": "Grants permission to attach a managed policy to the specified IAM group",
@@ -137,6 +167,25 @@
137
167
  "conditionKeys": [],
138
168
  "dependentActions": []
139
169
  },
170
+ "createdelegationrequest": {
171
+ "name": "CreateDelegationRequest",
172
+ "description": "Creates an IAM delegation request resource for temporary access delegation",
173
+ "accessLevel": "Write",
174
+ "resourceTypes": [
175
+ {
176
+ "name": "delegation-request",
177
+ "required": true,
178
+ "conditionKeys": [],
179
+ "dependentActions": []
180
+ }
181
+ ],
182
+ "conditionKeys": [
183
+ "iam:DelegationDuration",
184
+ "iam:NotificationChannel",
185
+ "iam:TemplateArn"
186
+ ],
187
+ "dependentActions": []
188
+ },
140
189
  "creategroup": {
141
190
  "name": "CreateGroup",
142
191
  "description": "Grants permission to create a new group",
@@ -516,7 +565,9 @@
516
565
  "dependentActions": []
517
566
  }
518
567
  ],
519
- "conditionKeys": [],
568
+ "conditionKeys": [
569
+ "iam:PermissionsBoundary"
570
+ ],
520
571
  "dependentActions": []
521
572
  },
522
573
  "deleterolepermissionsboundary": {
@@ -784,6 +835,14 @@
784
835
  "conditionKeys": [],
785
836
  "dependentActions": []
786
837
  },
838
+ "disableoutboundwebidentityfederation": {
839
+ "name": "DisableOutboundWebIdentityFederation",
840
+ "description": "Disables the outbound identity federation feature for the callers account",
841
+ "accessLevel": "Write",
842
+ "resourceTypes": [],
843
+ "conditionKeys": [],
844
+ "dependentActions": []
845
+ },
787
846
  "enablemfadevice": {
788
847
  "name": "EnableMFADevice",
789
848
  "description": "Grants permission to enable an MFA device and associate it with the specified IAM user",
@@ -820,6 +879,14 @@
820
879
  "conditionKeys": [],
821
880
  "dependentActions": []
822
881
  },
882
+ "enableoutboundwebidentityfederation": {
883
+ "name": "EnableOutboundWebIdentityFederation",
884
+ "description": "Enables the outbound identity federation feature for the callers account",
885
+ "accessLevel": "Write",
886
+ "resourceTypes": [],
887
+ "conditionKeys": [],
888
+ "dependentActions": []
889
+ },
823
890
  "generatecredentialreport": {
824
891
  "name": "GenerateCredentialReport",
825
892
  "description": "Grants permission to generate a credential report for the AWS account",
@@ -991,6 +1058,21 @@
991
1058
  "conditionKeys": [],
992
1059
  "dependentActions": []
993
1060
  },
1061
+ "getdelegationrequest": {
1062
+ "name": "GetDelegationRequest",
1063
+ "description": "Retrieves information about a specific delegation request",
1064
+ "accessLevel": "Read",
1065
+ "resourceTypes": [
1066
+ {
1067
+ "name": "delegation-request",
1068
+ "required": true,
1069
+ "conditionKeys": [],
1070
+ "dependentActions": []
1071
+ }
1072
+ ],
1073
+ "conditionKeys": [],
1074
+ "dependentActions": []
1075
+ },
994
1076
  "getgroup": {
995
1077
  "name": "GetGroup",
996
1078
  "description": "Grants permission to retrieve a list of IAM users in the specified IAM group",
@@ -1021,6 +1103,21 @@
1021
1103
  "conditionKeys": [],
1022
1104
  "dependentActions": []
1023
1105
  },
1106
+ "gethumanreadablesummary": {
1107
+ "name": "GetHumanReadableSummary",
1108
+ "description": "Retrieves a human readable summary for a given entity. At this time, only delegation request are supported",
1109
+ "accessLevel": "Read",
1110
+ "resourceTypes": [
1111
+ {
1112
+ "name": "delegation-request",
1113
+ "required": true,
1114
+ "conditionKeys": [],
1115
+ "dependentActions": []
1116
+ }
1117
+ ],
1118
+ "conditionKeys": [],
1119
+ "dependentActions": []
1120
+ },
1024
1121
  "getinstanceprofile": {
1025
1122
  "name": "GetInstanceProfile",
1026
1123
  "description": "Grants permission to retrieve information about the specified instance profile, including the instance profile's path, GUID, ARN, and role",
@@ -1089,6 +1186,14 @@
1089
1186
  "conditionKeys": [],
1090
1187
  "dependentActions": []
1091
1188
  },
1189
+ "getoutboundwebidentityfederationinfo": {
1190
+ "name": "GetOutboundWebIdentityFederationInfo",
1191
+ "description": "Retrieves the configuration information for the outbound identity federation feature for the callers account",
1192
+ "accessLevel": "Read",
1193
+ "resourceTypes": [],
1194
+ "conditionKeys": [],
1195
+ "dependentActions": []
1196
+ },
1092
1197
  "getpolicy": {
1093
1198
  "name": "GetPolicy",
1094
1199
  "description": "Grants permission to retrieve information about the specified managed policy, including the policy's default version and the total number of identities to which the policy is attached",
@@ -1131,7 +1236,9 @@
1131
1236
  "dependentActions": []
1132
1237
  }
1133
1238
  ],
1134
- "conditionKeys": [],
1239
+ "conditionKeys": [
1240
+ "iam:PermissionsBoundary"
1241
+ ],
1135
1242
  "dependentActions": []
1136
1243
  },
1137
1244
  "getrolepolicy": {
@@ -1331,6 +1438,16 @@
1331
1438
  "conditionKeys": [],
1332
1439
  "dependentActions": []
1333
1440
  },
1441
+ "listdelegationrequests": {
1442
+ "name": "ListDelegationRequests",
1443
+ "description": "Lists delegation requests based on the specified criteria",
1444
+ "accessLevel": "List",
1445
+ "resourceTypes": [],
1446
+ "conditionKeys": [
1447
+ "iam:DelegationRequestOwner"
1448
+ ],
1449
+ "dependentActions": []
1450
+ },
1334
1451
  "listentitiesforpolicy": {
1335
1452
  "name": "ListEntitiesForPolicy",
1336
1453
  "description": "Grants permission to list all IAM identities to which the specified managed policy is attached",
@@ -1833,6 +1950,21 @@
1833
1950
  ],
1834
1951
  "dependentActions": []
1835
1952
  },
1953
+ "rejectdelegationrequest": {
1954
+ "name": "RejectDelegationRequest",
1955
+ "description": "Rejects a delegation request, denying the requested temporary access",
1956
+ "accessLevel": "Write",
1957
+ "resourceTypes": [
1958
+ {
1959
+ "name": "delegation-request",
1960
+ "required": true,
1961
+ "conditionKeys": [],
1962
+ "dependentActions": []
1963
+ }
1964
+ ],
1965
+ "conditionKeys": [],
1966
+ "dependentActions": []
1967
+ },
1836
1968
  "removeclientidfromopenidconnectprovider": {
1837
1969
  "name": "RemoveClientIDFromOpenIDConnectProvider",
1838
1970
  "description": "Grants permission to remove the client ID (audience) from the list of client IDs in the specified IAM OpenID Connect (OIDC) provider resource",
@@ -1910,6 +2042,21 @@
1910
2042
  "conditionKeys": [],
1911
2043
  "dependentActions": []
1912
2044
  },
2045
+ "senddelegationtoken": {
2046
+ "name": "SendDelegationToken",
2047
+ "description": "Sends the exchange token for an accepted delegation request",
2048
+ "accessLevel": "Write",
2049
+ "resourceTypes": [
2050
+ {
2051
+ "name": "delegation-request",
2052
+ "required": true,
2053
+ "conditionKeys": [],
2054
+ "dependentActions": []
2055
+ }
2056
+ ],
2057
+ "conditionKeys": [],
2058
+ "dependentActions": []
2059
+ },
1913
2060
  "setdefaultpolicyversion": {
1914
2061
  "name": "SetDefaultPolicyVersion",
1915
2062
  "description": "Grants permission to set the version of the specified policy as the policy's default version",
@@ -2307,7 +2454,9 @@
2307
2454
  "dependentActions": []
2308
2455
  }
2309
2456
  ],
2310
- "conditionKeys": [],
2457
+ "conditionKeys": [
2458
+ "iam:PermissionsBoundary"
2459
+ ],
2311
2460
  "dependentActions": []
2312
2461
  },
2313
2462
  "updatecloudfrontpublickey": {
@@ -2375,7 +2524,9 @@
2375
2524
  "dependentActions": []
2376
2525
  }
2377
2526
  ],
2378
- "conditionKeys": [],
2527
+ "conditionKeys": [
2528
+ "iam:PermissionsBoundary"
2529
+ ],
2379
2530
  "dependentActions": []
2380
2531
  },
2381
2532
  "updateroledescription": {
@@ -2390,7 +2541,9 @@
2390
2541
  "dependentActions": []
2391
2542
  }
2392
2543
  ],
2393
- "conditionKeys": [],
2544
+ "conditionKeys": [
2545
+ "iam:PermissionsBoundary"
2546
+ ],
2394
2547
  "dependentActions": []
2395
2548
  },
2396
2549
  "updatesamlprovider": {
iamdata/data/actions/identitystore.json CHANGED
@@ -8,10 +8,15 @@
8
8
  "name": "Identitystore",
9
9
  "required": true,
10
10
  "conditionKeys": [],
11
- "dependentActions": []
11
+ "dependentActions": [
12
+ "kms:Decrypt"
13
+ ]
12
14
  }
13
15
  ],
14
- "conditionKeys": [],
16
+ "conditionKeys": [
17
+ "identitystore:PrimaryRegion",
18
+ "identitystore:GroupExternalIdIssuers"
19
+ ],
15
20
  "dependentActions": []
16
21
  },
17
22
  "creategroupmembership": {
@@ -23,7 +28,9 @@
23
28
  "name": "Group",
24
29
  "required": true,
25
30
  "conditionKeys": [],
26
- "dependentActions": []
31
+ "dependentActions": [
32
+ "kms:Decrypt"
33
+ ]
27
34
  },
28
35
  {
29
36
  "name": "Identitystore",
@@ -38,9 +45,24 @@
38
45
  "dependentActions": []
39
46
  }
40
47
  ],
41
- "conditionKeys": [],
48
+ "conditionKeys": [
49
+ "identitystore:PrimaryRegion"
50
+ ],
42
51
  "dependentActions": []
43
52
  },
53
+ "createidentitystore": {
54
+ "name": "CreateIdentityStore",
55
+ "description": "Grants permission to create a new IdentityStore in an AWS account",
56
+ "accessLevel": "Write",
57
+ "resourceTypes": [],
58
+ "conditionKeys": [],
59
+ "dependentActions": [
60
+ "kms:Decrypt",
61
+ "kms:DescribeKey",
62
+ "kms:Encrypt",
63
+ "kms:GenerateDataKeyWithoutPlaintext"
64
+ ]
65
+ },
44
66
  "createuser": {
45
67
  "name": "CreateUser",
46
68
  "description": "Grants permission to create a user in the specified IdentityStore",
@@ -50,10 +72,16 @@
50
72
  "name": "Identitystore",
51
73
  "required": true,
52
74
  "conditionKeys": [],
53
- "dependentActions": []
75
+ "dependentActions": [
76
+ "kms:Decrypt"
77
+ ]
54
78
  }
55
79
  ],
56
- "conditionKeys": [],
80
+ "conditionKeys": [
81
+ "identitystore:PrimaryRegion",
82
+ "identitystore:UserExternalIdIssuers",
83
+ "identitystore:ReservedUserId"
84
+ ],
57
85
  "dependentActions": []
58
86
  },
59
87
  "deletegroup": {
@@ -65,7 +93,9 @@
65
93
  "name": "Group",
66
94
  "required": true,
67
95
  "conditionKeys": [],
68
- "dependentActions": []
96
+ "dependentActions": [
97
+ "kms:Decrypt"
98
+ ]
69
99
  },
70
100
  {
71
101
  "name": "Identitystore",
@@ -74,7 +104,10 @@
74
104
  "dependentActions": []
75
105
  }
76
106
  ],
77
- "conditionKeys": [],
107
+ "conditionKeys": [
108
+ "identitystore:PrimaryRegion",
109
+ "identitystore:GroupExternalIdIssuers"
110
+ ],
78
111
  "dependentActions": []
79
112
  },
80
113
  "deletegroupmembership": {
@@ -86,7 +119,9 @@
86
119
  "name": "Group",
87
120
  "required": true,
88
121
  "conditionKeys": [],
89
- "dependentActions": []
122
+ "dependentActions": [
123
+ "kms:Decrypt"
124
+ ]
90
125
  },
91
126
  {
92
127
  "name": "GroupMembership",
@@ -107,6 +142,16 @@
107
142
  "dependentActions": []
108
143
  }
109
144
  ],
145
+ "conditionKeys": [
146
+ "identitystore:PrimaryRegion"
147
+ ],
148
+ "dependentActions": []
149
+ },
150
+ "deleteidentitystore": {
151
+ "name": "DeleteIdentityStore",
152
+ "description": "Grants permission to delete an IdentityStore",
153
+ "accessLevel": "Write",
154
+ "resourceTypes": [],
110
155
  "conditionKeys": [],
111
156
  "dependentActions": []
112
157
  },
@@ -119,7 +164,9 @@
119
164
  "name": "Identitystore",
120
165
  "required": true,
121
166
  "conditionKeys": [],
122
- "dependentActions": []
167
+ "dependentActions": [
168
+ "kms:Decrypt"
169
+ ]
123
170
  },
124
171
  {
125
172
  "name": "User",
@@ -128,7 +175,10 @@
128
175
  "dependentActions": []
129
176
  }
130
177
  ],
131
- "conditionKeys": [],
178
+ "conditionKeys": [
179
+ "identitystore:PrimaryRegion",
180
+ "identitystore:UserExternalIdIssuers"
181
+ ],
132
182
  "dependentActions": []
133
183
  },
134
184
  "describegroup": {
@@ -140,7 +190,9 @@
140
190
  "name": "Group",
141
191
  "required": true,
142
192
  "conditionKeys": [],
143
- "dependentActions": []
193
+ "dependentActions": [
194
+ "kms:Decrypt"
195
+ ]
144
196
  },
145
197
  {
146
198
  "name": "Identitystore",
@@ -149,7 +201,10 @@
149
201
  "dependentActions": []
150
202
  }
151
203
  ],
152
- "conditionKeys": [],
204
+ "conditionKeys": [
205
+ "identitystore:PrimaryRegion",
206
+ "identitystore:GroupExternalIdIssuers"
207
+ ],
153
208
  "dependentActions": []
154
209
  },
155
210
  "describegroupmembership": {
@@ -161,7 +216,9 @@
161
216
  "name": "Group",
162
217
  "required": true,
163
218
  "conditionKeys": [],
164
- "dependentActions": []
219
+ "dependentActions": [
220
+ "kms:Decrypt"
221
+ ]
165
222
  },
166
223
  {
167
224
  "name": "GroupMembership",
@@ -182,7 +239,9 @@
182
239
  "dependentActions": []
183
240
  }
184
241
  ],
185
- "conditionKeys": [],
242
+ "conditionKeys": [
243
+ "identitystore:PrimaryRegion"
244
+ ],
186
245
  "dependentActions": []
187
246
  },
188
247
  "describeuser": {
@@ -194,7 +253,9 @@
194
253
  "name": "Identitystore",
195
254
  "required": true,
196
255
  "conditionKeys": [],
197
- "dependentActions": []
256
+ "dependentActions": [
257
+ "kms:Decrypt"
258
+ ]
198
259
  },
199
260
  {
200
261
  "name": "User",
@@ -203,7 +264,10 @@
203
264
  "dependentActions": []
204
265
  }
205
266
  ],
206
- "conditionKeys": [],
267
+ "conditionKeys": [
268
+ "identitystore:PrimaryRegion",
269
+ "identitystore:UserExternalIdIssuers"
270
+ ],
207
271
  "dependentActions": []
208
272
  },
209
273
  "getgroupid": {
@@ -215,7 +279,9 @@
215
279
  "name": "Group",
216
280
  "required": true,
217
281
  "conditionKeys": [],
218
- "dependentActions": []
282
+ "dependentActions": [
283
+ "kms:Decrypt"
284
+ ]
219
285
  },
220
286
  {
221
287
  "name": "Identitystore",
@@ -224,7 +290,9 @@
224
290
  "dependentActions": []
225
291
  }
226
292
  ],
227
- "conditionKeys": [],
293
+ "conditionKeys": [
294
+ "identitystore:PrimaryRegion"
295
+ ],
228
296
  "dependentActions": []
229
297
  },
230
298
  "getgroupmembershipid": {
@@ -236,7 +304,9 @@
236
304
  "name": "Group",
237
305
  "required": true,
238
306
  "conditionKeys": [],
239
- "dependentActions": []
307
+ "dependentActions": [
308
+ "kms:Decrypt"
309
+ ]
240
310
  },
241
311
  {
242
312
  "name": "GroupMembership",
@@ -257,7 +327,9 @@
257
327
  "dependentActions": []
258
328
  }
259
329
  ],
260
- "conditionKeys": [],
330
+ "conditionKeys": [
331
+ "identitystore:PrimaryRegion"
332
+ ],
261
333
  "dependentActions": []
262
334
  },
263
335
  "getuserid": {
@@ -269,7 +341,9 @@
269
341
  "name": "Identitystore",
270
342
  "required": true,
271
343
  "conditionKeys": [],
272
- "dependentActions": []
344
+ "dependentActions": [
345
+ "kms:Decrypt"
346
+ ]
273
347
  },
274
348
  {
275
349
  "name": "User",
@@ -278,7 +352,9 @@
278
352
  "dependentActions": []
279
353
  }
280
354
  ],
281
- "conditionKeys": [],
355
+ "conditionKeys": [
356
+ "identitystore:PrimaryRegion"
357
+ ],
282
358
  "dependentActions": []
283
359
  },
284
360
  "ismemberingroups": {
@@ -290,7 +366,9 @@
290
366
  "name": "AllGroupMemberships",
291
367
  "required": true,
292
368
  "conditionKeys": [],
293
- "dependentActions": []
369
+ "dependentActions": [
370
+ "kms:Decrypt"
371
+ ]
294
372
  },
295
373
  {
296
374
  "name": "Group",
@@ -311,7 +389,9 @@
311
389
  "dependentActions": []
312
390
  }
313
391
  ],
314
- "conditionKeys": [],
392
+ "conditionKeys": [
393
+ "identitystore:PrimaryRegion"
394
+ ],
315
395
  "dependentActions": []
316
396
  },
317
397
  "listgroupmemberships": {
@@ -323,7 +403,9 @@
323
403
  "name": "AllGroupMemberships",
324
404
  "required": true,
325
405
  "conditionKeys": [],
326
- "dependentActions": []
406
+ "dependentActions": [
407
+ "kms:Decrypt"
408
+ ]
327
409
  },
328
410
  {
329
411
  "name": "Group",
@@ -338,7 +420,9 @@
338
420
  "dependentActions": []
339
421
  }
340
422
  ],
341
- "conditionKeys": [],
423
+ "conditionKeys": [
424
+ "identitystore:PrimaryRegion"
425
+ ],
342
426
  "dependentActions": []
343
427
  },
344
428
  "listgroupmembershipsformember": {
@@ -350,7 +434,9 @@
350
434
  "name": "AllGroupMemberships",
351
435
  "required": true,
352
436
  "conditionKeys": [],
353
- "dependentActions": []
437
+ "dependentActions": [
438
+ "kms:Decrypt"
439
+ ]
354
440
  },
355
441
  {
356
442
  "name": "Identitystore",
@@ -365,7 +451,9 @@
365
451
  "dependentActions": []
366
452
  }
367
453
  ],
368
- "conditionKeys": [],
454
+ "conditionKeys": [
455
+ "identitystore:PrimaryRegion"
456
+ ],
369
457
  "dependentActions": []
370
458
  },
371
459
  "listgroups": {
@@ -377,7 +465,9 @@
377
465
  "name": "AllGroups",
378
466
  "required": true,
379
467
  "conditionKeys": [],
380
- "dependentActions": []
468
+ "dependentActions": [
469
+ "kms:Decrypt"
470
+ ]
381
471
  },
382
472
  {
383
473
  "name": "Identitystore",
@@ -386,7 +476,10 @@
386
476
  "dependentActions": []
387
477
  }
388
478
  ],
389
- "conditionKeys": [],
479
+ "conditionKeys": [
480
+ "identitystore:PrimaryRegion",
481
+ "identitystore:GroupExternalIdIssuers"
482
+ ],
390
483
  "dependentActions": []
391
484
  },
392
485
  "listusers": {
@@ -398,7 +491,9 @@
398
491
  "name": "AllUsers",
399
492
  "required": true,
400
493
  "conditionKeys": [],
401
- "dependentActions": []
494
+ "dependentActions": [
495
+ "kms:Decrypt"
496
+ ]
402
497
  },
403
498
  {
404
499
  "name": "Identitystore",
@@ -407,7 +502,10 @@
407
502
  "dependentActions": []
408
503
  }
409
504
  ],
410
- "conditionKeys": [],
505
+ "conditionKeys": [
506
+ "identitystore:PrimaryRegion",
507
+ "identitystore:UserExternalIdIssuers"
508
+ ],
411
509
  "dependentActions": []
412
510
  },
413
511
  "updategroup": {
@@ -419,7 +517,9 @@
419
517
  "name": "Group",
420
518
  "required": true,
421
519
  "conditionKeys": [],
422
- "dependentActions": []
520
+ "dependentActions": [
521
+ "kms:Decrypt"
522
+ ]
423
523
  },
424
524
  {
425
525
  "name": "Identitystore",
@@ -428,9 +528,25 @@
428
528
  "dependentActions": []
429
529
  }
430
530
  ],
431
- "conditionKeys": [],
531
+ "conditionKeys": [
532
+ "identitystore:PrimaryRegion",
533
+ "identitystore:GroupExternalIdIssuers"
534
+ ],
432
535
  "dependentActions": []
433
536
  },
537
+ "updateidentitystore": {
538
+ "name": "UpdateIdentityStore",
539
+ "description": "Grants permission to update the configuration of an IdentityStore",
540
+ "accessLevel": "Write",
541
+ "resourceTypes": [],
542
+ "conditionKeys": [],
543
+ "dependentActions": [
544
+ "kms:Decrypt",
545
+ "kms:DescribeKey",
546
+ "kms:Encrypt",
547
+ "kms:GenerateDataKeyWithoutPlaintext"
548
+ ]
549
+ },
434
550
  "updateuser": {
435
551
  "name": "UpdateUser",
436
552
  "description": "Grants permission to update user information in the specified IdentityStore",
@@ -440,7 +556,9 @@
440
556
  "name": "Identitystore",
441
557
  "required": true,
442
558
  "conditionKeys": [],
443
- "dependentActions": []
559
+ "dependentActions": [
560
+ "kms:Decrypt"
561
+ ]
444
562
  },
445
563
  {
446
564
  "name": "User",
@@ -449,7 +567,10 @@
449
567
  "dependentActions": []
450
568
  }
451
569
  ],
452
- "conditionKeys": [],
570
+ "conditionKeys": [
571
+ "identitystore:PrimaryRegion",
572
+ "identitystore:UserExternalIdIssuers"
573
+ ],
453
574
  "dependentActions": []
454
575
  }
455
576
  }