diff --git a/src/data/iam-services/amazon-codewhisperer.json b/src/data/iam-services/amazon-codewhisperer.json index 5ac4e8d..e78c451 100644 --- a/src/data/iam-services/amazon-codewhisperer.json +++ b/src/data/iam-services/amazon-codewhisperer.json @@ -5,18 +5,34 @@ "actions": [ { "name": "CreateProfile", - "documentationUrl": "https://docs.aws.amazon.com/codewhisperer/latest/dg/API_CreateProfile.html", + "documentationUrl": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html", "description": "Grants permission to invoke CreateProfile on CodeWhisperer", "accessLevel": "Write", "resourceTypes": [ "profile*" ], - "conditionKeys": [], + "conditionKeys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependentActions": [] + }, + { + "name": "DeleteProfile", + "documentationUrl": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html", + "description": "Grants permission to invoke DeleteProfile on CodeWhisperer", + "accessLevel": "Write", + "resourceTypes": [ + "profile*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}" + ], "dependentActions": [] }, { "name": "GenerateRecommendations", - "documentationUrl": "https://docs.aws.amazon.com/codewhisperer/latest/dg/API_GenerateRecommendations.html", + "documentationUrl": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html", "description": "Grants permission to invoke GenerateRecommendations on CodeWhisperer", "accessLevel": "Read", "resourceTypes": [], @@ -25,22 +41,67 @@ }, { "name": "ListProfiles", - "documentationUrl": "https://docs.aws.amazon.com/codewhisperer/latest/dg/API_ListProfiles.html", + "documentationUrl": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html", "description": "Grants permission to invoke ListProfiles on CodeWhisperer", "accessLevel": "List", "resourceTypes": [], "conditionKeys": [], "dependentActions": [] }, + { + "name": "ListTagsForResource", + "documentationUrl": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html", + "description": "Grants permission to invoke ListTagsForResource on CodeWhisperer", + "accessLevel": "List", + "resourceTypes": [ + "profile*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}" + ], + "dependentActions": [] + }, + { + "name": "TagResource", + "documentationUrl": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html", + "description": "Grants permission to invoke TagResource on CodeWhisperer", + "accessLevel": "Tagging", + "resourceTypes": [ + "profile*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependentActions": [] + }, + { + "name": "UntagResource", + "documentationUrl": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html", + "description": "Grants permission to invoke UntagResource on CodeWhisperer", + "accessLevel": "Tagging", + "resourceTypes": [ + "profile*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependentActions": [] + }, { "name": "UpdateProfile", - "documentationUrl": "https://docs.aws.amazon.com/codewhisperer/latest/dg/API_UpdateProfile.html", + "documentationUrl": "https://docs.aws.amazon.com/codewhisperer/latest/userguide/security_iam_service-with-iam.html", "description": "Grants permission to invoke UpdateProfile on CodeWhisperer", "accessLevel": "Write", "resourceTypes": [ "profile*" ], - "conditionKeys": [], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}" + ], "dependentActions": [] } ] diff --git a/src/data/iam-services/amazon-connect.json b/src/data/iam-services/amazon-connect.json index 59466cf..71ce350 100644 --- a/src/data/iam-services/amazon-connect.json +++ b/src/data/iam-services/amazon-connect.json @@ -2481,7 +2481,7 @@ "description": "Grants permission to update a rule for an existing Amazon Connect instance", "accessLevel": "Write", "resourceTypes": [ - "instance*" + "rule*" ], "conditionKeys": [ "connect:InstanceId" diff --git a/src/data/iam-services/amazon-ec2-instance-connect.json b/src/data/iam-services/amazon-ec2-instance-connect.json index 078be04..e9a03da 100644 --- a/src/data/iam-services/amazon-ec2-instance-connect.json +++ b/src/data/iam-services/amazon-ec2-instance-connect.json @@ -6,7 +6,7 @@ { "name": "SendSSHPublicKey", "documentationUrl": "https://docs.aws.amazon.com/ec2-instance-connect/latest/APIReference/API_SendSSHPublicKey.html", - "description": "Grants access to push an SSH public key to the specified EC2 instance to be used for standard SSH", + "description": "Grants permission to push an SSH public key to the specified EC2 instance to be used for standard SSH", "accessLevel": "Write", "resourceTypes": [ "instance*" @@ -19,7 +19,7 @@ { "name": "SendSerialConsoleSSHPublicKey", "documentationUrl": "https://docs.aws.amazon.com/ec2-instance-connect/latest/APIReference/API_SendSerialConsoleSSHPublicKey.html", - "description": "Grants access to push an SSH public key to the specified EC2 instance to be used for serial console SSH", + "description": "Grants permission to push an SSH public key to the specified EC2 instance to be used for serial console SSH", "accessLevel": "Write", "resourceTypes": [ "instance*" diff --git a/src/data/iam-services/aws-elastic-disaster-recovery.json b/src/data/iam-services/aws-elastic-disaster-recovery.json index 162ee81..12b146d 100644 --- a/src/data/iam-services/aws-elastic-disaster-recovery.json +++ b/src/data/iam-services/aws-elastic-disaster-recovery.json @@ -64,6 +64,18 @@ "drs:GetReplicationConfiguration" ] }, + { + "name": "CreateLaunchConfigurationTemplate", + "documentationUrl": "https://docs.aws.amazon.com/drs/latest/APIReference/API_CreateLaunchConfigurationTemplate.html", + "description": "Grants permission to create launch configuration template", + "accessLevel": "Write", + "resourceTypes": [], + "conditionKeys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependentActions": [] + }, { "name": "CreateRecoveryInstanceForDrs", "documentationUrl": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html", @@ -121,6 +133,17 @@ "conditionKeys": [], "dependentActions": [] }, + { + "name": "DeleteLaunchConfigurationTemplate", + "documentationUrl": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DeleteLaunchConfigurationTemplate.html", + "description": "Grants permission to delete launch configuration template", + "accessLevel": "Write", + "resourceTypes": [ + "LaunchConfigurationTemplateResource*" + ], + "conditionKeys": [], + "dependentActions": [] + }, { "name": "DeleteRecoveryInstance", "documentationUrl": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DeleteRecoveryInstance.html", @@ -174,6 +197,15 @@ "conditionKeys": [], "dependentActions": [] }, + { + "name": "DescribeLaunchConfigurationTemplates", + "documentationUrl": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DescribeLaunchConfigurationTemplates.html", + "description": "Grants permission to describe launch configuration template", + "accessLevel": "Read", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, { "name": "DescribeRecoveryInstances", "documentationUrl": "https://docs.aws.amazon.com/drs/latest/APIReference/API_DescribeRecoveryInstances.html", @@ -730,6 +762,7 @@ "accessLevel": "Tagging", "resourceTypes": [ "JobResource", + "LaunchConfigurationTemplateResource", "RecoveryInstanceResource", "ReplicationConfigurationTemplateResource", "SourceServerResource" @@ -768,6 +801,7 @@ "accessLevel": "Tagging", "resourceTypes": [ "JobResource", + "LaunchConfigurationTemplateResource", "RecoveryInstanceResource", "ReplicationConfigurationTemplateResource", "SourceServerResource" @@ -881,6 +915,17 @@ "conditionKeys": [], "dependentActions": [] }, + { + "name": "UpdateLaunchConfigurationTemplate", + "documentationUrl": "https://docs.aws.amazon.com/drs/latest/APIReference/API_UpdateLaunchConfigurationTemplate.html", + "description": "Grants permission to update launch configuration", + "accessLevel": "Write", + "resourceTypes": [ + "LaunchConfigurationTemplateResource*" + ], + "conditionKeys": [], + "dependentActions": [] + }, { "name": "UpdateReplicationCertificateForDrs", "documentationUrl": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html", diff --git a/src/data/iam-services/aws-iot-roborunner.json b/src/data/iam-services/aws-iot-roborunner.json index 7e9675a..0af709a 100644 --- a/src/data/iam-services/aws-iot-roborunner.json +++ b/src/data/iam-services/aws-iot-roborunner.json @@ -140,7 +140,9 @@ "documentationUrl": "https://docs.aws.amazon.com/iotroborunner/latest/api/API_ListDestinations.html", "description": "Grants permission to list destinations", "accessLevel": "Read", - "resourceTypes": [], + "resourceTypes": [ + "SiteResource*" + ], "conditionKeys": [], "dependentActions": [] }, diff --git a/src/data/iam-services/aws-management-console-mobile-app.json b/src/data/iam-services/aws-management-console-mobile-app.json new file mode 100644 index 0000000..35a3ebb --- /dev/null +++ b/src/data/iam-services/aws-management-console-mobile-app.json @@ -0,0 +1,27 @@ +{ + "serviceName": "AWS Management Console Mobile App", + "servicePrefix": "consoleapp", + "url": "https://docs.aws.amazon.com/service-authorization/latest/reference/./list_awsconsolemobileapp.html", + "actions": [ + { + "name": "GetDeviceIdentity", + "documentationUrl": "https://docs.aws.amazon.com/consolemobileapp/latest/userguide/permissions-policies.html", + "description": "Grants permission to retrieve the device identity for a Console Mobile App device", + "accessLevel": "Read", + "resourceTypes": [ + "DeviceIdentity*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "ListDeviceIdentities", + "documentationUrl": "https://docs.aws.amazon.com/consolemobileapp/latest/userguide/permissions-policies.html", + "description": "Grants permission to retrieve a list of device identities", + "accessLevel": "List", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + } + ] +} \ No newline at end of file diff --git a/src/data/iam-services/aws-resource-access-manager-(ram).json b/src/data/iam-services/aws-resource-access-manager-(ram).json new file mode 100644 index 0000000..d91423d --- /dev/null +++ b/src/data/iam-services/aws-resource-access-manager-(ram).json @@ -0,0 +1,448 @@ +{ + "serviceName": "AWS Resource Access Manager (RAM)", + "servicePrefix": "ram", + "url": "https://docs.aws.amazon.com/service-authorization/latest/reference/./list_awsresourceaccessmanagerram.html", + "actions": [ + { + "name": "AcceptResourceShareInvitation", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_AcceptResourceShareInvitation.html", + "description": "Grants permission to accept the specified resource share invitation", + "accessLevel": "Write", + "resourceTypes": [ + "resource-share-invitation*" + ], + "conditionKeys": [ + "ram:ShareOwnerAccountId" + ], + "dependentActions": [] + }, + { + "name": "AssociateResourceShare", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_AssociateResourceShare.html", + "description": "Grants permission to associate resource(s) and/or principal(s) to a resource share", + "accessLevel": "Write", + "resourceTypes": [ + "resource-share*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ram:ResourceTag/${TagKey}", + "ram:ResourceShareName", + "ram:AllowsExternalPrincipals", + "ram:Principal", + "ram:RequestedResourceType", + "ram:ResourceArn" + ], + "dependentActions": [] + }, + { + "name": "AssociateResourceSharePermission", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_AssociateResourceSharePermission.html", + "description": "Grants permission to associate a Permission with a Resource Share", + "accessLevel": "Write", + "resourceTypes": [ + "permission*", + "resource-share*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "CreatePermission", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_CreatePermission.html", + "description": "Grants permission to create a Permission that can be associated to a Resource Share", + "accessLevel": "Write", + "resourceTypes": [], + "conditionKeys": [ + "ram:PermissionArn", + "ram:PermissionResourceType", + "aws:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependentActions": [ + "ram:TagResource" + ] + }, + { + "name": "CreatePermissionVersion", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_CreatePermissionVersion.html", + "description": "Grants permission to create a new version of a Permission that can be associated to a Resource Share", + "accessLevel": "Write", + "resourceTypes": [ + "permission*" + ], + "conditionKeys": [ + "ram:PermissionArn", + "ram:PermissionResourceType" + ], + "dependentActions": [] + }, + { + "name": "CreateResourceShare", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_CreateResourceShare.html", + "description": "Grants permission to create a resource share with provided resource(s) and/or principal(s)", + "accessLevel": "Write", + "resourceTypes": [], + "conditionKeys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ram:RequestedResourceType", + "ram:ResourceArn", + "ram:RequestedAllowsExternalPrincipals", + "ram:Principal" + ], + "dependentActions": [] + }, + { + "name": "DeletePermission", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_DeletePermission.html", + "description": "Grants permission to delete a specified Permission", + "accessLevel": "Write", + "resourceTypes": [ + "permission*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ram:PermissionArn", + "ram:PermissionResourceType" + ], + "dependentActions": [] + }, + { + "name": "DeletePermissionVersion", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_DeletePermissionVersion.html", + "description": "Grants permission to delete a specified version of a permission", + "accessLevel": "Write", + "resourceTypes": [ + "permission*" + ], + "conditionKeys": [ + "ram:PermissionArn", + "ram:PermissionResourceType" + ], + "dependentActions": [] + }, + { + "name": "DeleteResourceShare", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_DeleteResourceShare.html", + "description": "Grants permission to delete resource share", + "accessLevel": "Write", + "resourceTypes": [ + "resource-share*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ram:ResourceTag/${TagKey}", + "ram:ResourceShareName", + "ram:AllowsExternalPrincipals" + ], + "dependentActions": [] + }, + { + "name": "DisassociateResourceShare", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_DisassociateResourceShare.html", + "description": "Grants permission to disassociate resource(s) and/or principal(s) from a resource share", + "accessLevel": "Write", + "resourceTypes": [ + "resource-share*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ram:ResourceTag/${TagKey}", + "ram:ResourceShareName", + "ram:AllowsExternalPrincipals", + "ram:Principal", + "ram:RequestedResourceType", + "ram:ResourceArn" + ], + "dependentActions": [] + }, + { + "name": "DisassociateResourceSharePermission", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_DisassociateResourceSharePermission.html", + "description": "Grants permission to disassociate a Permission from a Resource Share", + "accessLevel": "Write", + "resourceTypes": [ + "permission*", + "resource-share*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "EnableSharingWithAwsOrganization", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_EnableSharingWithAwsOrganization.html", + "description": "Grants permission to access customer's organization and create a SLR in the customer's account", + "accessLevel": "Permissions management", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [ + "iam:CreateServiceLinkedRole", + "organizations:DescribeOrganization", + "organizations:EnableAWSServiceAccess" + ] + }, + { + "name": "GetPermission", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_GetPermission.html", + "description": "Grants permission to get the contents of an AWS RAM permission", + "accessLevel": "Read", + "resourceTypes": [ + "permission*" + ], + "conditionKeys": [ + "ram:PermissionArn" + ], + "dependentActions": [] + }, + { + "name": "GetResourcePolicies", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_GetResourcePolicies.html", + "description": "Grants permission to get the policies for the specified resources that you own and have shared", + "accessLevel": "Read", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "GetResourceShareAssociations", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_GetResourceShareAssociations.html", + "description": "Grants permission to get a set of resource share associations from a provided list or with a specified status of the specified type", + "accessLevel": "Read", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "GetResourceShareInvitations", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_GetResourceShareInvitations.html", + "description": "Grants permission to get resource share invitations by the specified invitation arn or those for the resource share", + "accessLevel": "Read", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "GetResourceShares", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_GetResourceShares.html", + "description": "Grants permission to get a set of resource shares from a provided list or with a specified status", + "accessLevel": "Read", + "resourceTypes": [], + "conditionKeys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependentActions": [] + }, + { + "name": "ListPendingInvitationResources", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListPendingInvitationResources.html", + "description": "Grants permission to list the resources in a resource share that is shared with you but that the invitation is still pending for", + "accessLevel": "Read", + "resourceTypes": [ + "resource-share-invitation*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "ListPermissionAssociations", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListPermissionAssociations.html", + "description": "Grants permission to list information about the managed permission and any associations", + "accessLevel": "List", + "resourceTypes": [ + "permission*" + ], + "conditionKeys": [ + "ram:PermissionArn", + "ram:PermissionResourceType" + ], + "dependentActions": [] + }, + { + "name": "ListPermissionVersions", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListPermissionVersions.html", + "description": "Grants permission to list the versions of an AWS RAM permission", + "accessLevel": "List", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "ListPermissions", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListPermissions.html", + "description": "Grants permission to list the AWS RAM permissions", + "accessLevel": "List", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "ListPrincipals", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListPrincipals.html", + "description": "Grants permission to list the principals that you have shared resources with or that have shared resources with you", + "accessLevel": "List", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "ListReplacePermissionAssociationsWork", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListReplacePermissionAssociationsWork.html", + "description": "Grants permission to retrieve the status of the asynchronous permission replacement", + "accessLevel": "List", + "resourceTypes": [ + "permission*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "ListResourceSharePermissions", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListResourceSharePermissions.html", + "description": "Grants permission to list the Permissions associated with a Resource Share", + "accessLevel": "List", + "resourceTypes": [ + "resource-share*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ram:ResourceShareName", + "ram:AllowsExternalPrincipals" + ], + "dependentActions": [] + }, + { + "name": "ListResourceTypes", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListResourceTypes.html", + "description": "Grants permission to list the shareable resource types supported by AWS RAM", + "accessLevel": "List", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "ListResources", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ListResources.html", + "description": "Grants permission to list the resources that you added to resource shares or the resources that are shared with you", + "accessLevel": "List", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "PromotePermissionCreatedFromPolicy", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_PromotePermissionCreatedFromPolicy.html", + "description": "Grants permission to create a separate, fully manageable customer managed permission", + "accessLevel": "Write", + "resourceTypes": [ + "permission*" + ], + "conditionKeys": [ + "ram:PermissionArn", + "ram:PermissionResourceType" + ], + "dependentActions": [] + }, + { + "name": "PromoteResourceShareCreatedFromPolicy", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_PromoteResourceShareCreatedFromPolicy.html", + "description": "Grants permission to promote the specified resource share", + "accessLevel": "Write", + "resourceTypes": [ + "resource-share*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "RejectResourceShareInvitation", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_RejectResourceShareInvitation.html", + "description": "Grants permission to reject the specified resource share invitation", + "accessLevel": "Write", + "resourceTypes": [ + "resource-share-invitation*" + ], + "conditionKeys": [ + "ram:ShareOwnerAccountId" + ], + "dependentActions": [] + }, + { + "name": "ReplacePermissionAssociations", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_ReplacePermissionAssociations.html", + "description": "Grants permission to update all resource shares to a new managed permission", + "accessLevel": "Write", + "resourceTypes": [ + "permission*" + ], + "conditionKeys": [ + "ram:PermissionArn", + "ram:PermissionResourceType" + ], + "dependentActions": [] + }, + { + "name": "SetDefaultPermissionVersion", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_SetDefaultPermissionVersion.html", + "description": "Grants permission to specify a version number as the default version for the respective customer managed permission", + "accessLevel": "Write", + "resourceTypes": [ + "permission*" + ], + "conditionKeys": [ + "ram:PermissionArn", + "ram:PermissionResourceType" + ], + "dependentActions": [] + }, + { + "name": "TagResource", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_TagResource.html", + "description": "Grants permission to tag the specified resource share or permission", + "accessLevel": "Tagging", + "resourceTypes": [ + "permission", + "resource-share" + ], + "conditionKeys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependentActions": [] + }, + { + "name": "UntagResource", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_UntagResource.html", + "description": "Grants permission to untag the specified resource share or permission", + "accessLevel": "Tagging", + "resourceTypes": [ + "permission", + "resource-share" + ], + "conditionKeys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependentActions": [] + }, + { + "name": "UpdateResourceShare", + "documentationUrl": "https://docs.aws.amazon.com/ram/latest/APIReference/API_UpdateResourceShare.html", + "description": "Grants permission to update attributes of the resource share", + "accessLevel": "Write", + "resourceTypes": [ + "resource-share*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ram:ResourceTag/${TagKey}", + "ram:ResourceShareName", + "ram:AllowsExternalPrincipals", + "ram:RequestedAllowsExternalPrincipals" + ], + "dependentActions": [] + } + ] +} \ No newline at end of file diff --git a/src/data/iam-services/aws-user-notifications-contacts.json b/src/data/iam-services/aws-user-notifications-contacts.json new file mode 100644 index 0000000..6150783 --- /dev/null +++ b/src/data/iam-services/aws-user-notifications-contacts.json @@ -0,0 +1,108 @@ +{ + "serviceName": "AWS User Notifications Contacts", + "servicePrefix": "notifications-contacts", + "url": "https://docs.aws.amazon.com/service-authorization/latest/reference/./list_awsusernotificationscontacts.html", + "actions": [ + { + "name": "ActivateEmailContact", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to activate the email contact associated with the given ARN if the provided code is valid", + "accessLevel": "Write", + "resourceTypes": [ + "EmailContactResource*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "CreateEmailContact", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to create an email contact", + "accessLevel": "Write", + "resourceTypes": [], + "conditionKeys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependentActions": [] + }, + { + "name": "DeleteEmailContact", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to delete an email contact associated with the given ARN", + "accessLevel": "Write", + "resourceTypes": [ + "EmailContactResource*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "GetEmailContact", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to get an email contact associated with the given ARN", + "accessLevel": "Read", + "resourceTypes": [ + "EmailContactResource*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "ListEmailContacts", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to list email contacts", + "accessLevel": "List", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "ListTagsForResource", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to get tags for a resource", + "accessLevel": "Read", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "SendActivationCode", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to send an activation link to the email associated with the given ARN", + "accessLevel": "Write", + "resourceTypes": [ + "EmailContactResource*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "TagResource", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to tag a resource", + "accessLevel": "Tagging", + "resourceTypes": [ + "EmailContactResource*" + ], + "conditionKeys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependentActions": [] + }, + { + "name": "UntagResource", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to remove tags from a resource", + "accessLevel": "Tagging", + "resourceTypes": [ + "EmailContactResource*" + ], + "conditionKeys": [ + "aws:TagKeys" + ], + "dependentActions": [] + } + ] +} \ No newline at end of file diff --git a/src/data/iam-services/aws-user-notifications.json b/src/data/iam-services/aws-user-notifications.json new file mode 100644 index 0000000..d1fe9ee --- /dev/null +++ b/src/data/iam-services/aws-user-notifications.json @@ -0,0 +1,226 @@ +{ + "serviceName": "AWS User Notifications", + "servicePrefix": "notifications", + "url": "https://docs.aws.amazon.com/service-authorization/latest/reference/./list_awsusernotifications.html", + "actions": [ + { + "name": "AssociateChannel", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to associate a new Channel with a particular NotificationConfiguration", + "accessLevel": "Write", + "resourceTypes": [ + "Channel*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "CreateEventRule", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to create a new EventRule, associating it with a NotificationConfiguration", + "accessLevel": "Write", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "CreateNotificationConfiguration", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to create a NotificationConfiguration", + "accessLevel": "Write", + "resourceTypes": [], + "conditionKeys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependentActions": [] + }, + { + "name": "DeleteEventRule", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to delete an EventRule", + "accessLevel": "Write", + "resourceTypes": [ + "EventRule*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "DeleteNotificationConfiguration", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to delete a NotificationConfiguration", + "accessLevel": "Write", + "resourceTypes": [ + "NotificationConfiguration*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "DeregisterNotificationHub", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to deregister a NotificationHub", + "accessLevel": "Write", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "DisassociateChannel", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to remove a Channel from a NotificationConfiguration", + "accessLevel": "Write", + "resourceTypes": [ + "Channel*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "GetEventRule", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to get an EventRule", + "accessLevel": "Read", + "resourceTypes": [ + "EventRule*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "GetNotificationConfiguration", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to get a NotificationConfiguration", + "accessLevel": "Read", + "resourceTypes": [ + "NotificationConfiguration*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "GetNotificationEvent", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to get a NotificationEvent", + "accessLevel": "Read", + "resourceTypes": [ + "NotificationEvent*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "ListChannels", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to list Channels by NotificationConfiguration", + "accessLevel": "List", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "ListEventRules", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to list EventRules", + "accessLevel": "List", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "ListNotificationConfigurations", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to list NotificationConfigurations", + "accessLevel": "List", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "ListNotificationEvents", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to list NotificationEvents", + "accessLevel": "List", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "ListNotificationHubs", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to list NotificationHubs", + "accessLevel": "List", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "ListTagsForResource", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to get tags for a resource", + "accessLevel": "Read", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "RegisterNotificationHub", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to register a NotificationHub", + "accessLevel": "Write", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "TagResource", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to tag a resource", + "accessLevel": "Tagging", + "resourceTypes": [ + "NotificationConfiguration*" + ], + "conditionKeys": [ + "aws:TagKeys", + "aws:RequestTag/${TagKey}" + ], + "dependentActions": [] + }, + { + "name": "UntagResource", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to remove tags from a resource", + "accessLevel": "Tagging", + "resourceTypes": [ + "NotificationConfiguration*" + ], + "conditionKeys": [ + "aws:TagKeys" + ], + "dependentActions": [] + }, + { + "name": "UpdateEventRule", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to update an EventRule", + "accessLevel": "Write", + "resourceTypes": [ + "EventRule*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "UpdateNotificationConfiguration", + "documentationUrl": "https://docs.aws.amazon.com/notifications/latest/userguide/resource-level-permissions.html", + "description": "Grants permission to update a NotificationConfiguration", + "accessLevel": "Write", + "resourceTypes": [ + "NotificationConfiguration*" + ], + "conditionKeys": [], + "dependentActions": [] + } + ] +} \ No newline at end of file