diff --git a/src/data/iam-services/amazon-codewhisperer.json b/src/data/iam-services/amazon-codewhisperer.json new file mode 100644 index 0000000..5ac4e8d --- /dev/null +++ b/src/data/iam-services/amazon-codewhisperer.json @@ -0,0 +1,47 @@ +{ + "serviceName": "Amazon CodeWhisperer", + "servicePrefix": "codewhisperer", + "url": "https://docs.aws.amazon.com/service-authorization/latest/reference/./list_amazoncodewhisperer.html", + "actions": [ + { + "name": "CreateProfile", + "documentationUrl": "https://docs.aws.amazon.com/codewhisperer/latest/dg/API_CreateProfile.html", + "description": "Grants permission to invoke CreateProfile on CodeWhisperer", + "accessLevel": "Write", + "resourceTypes": [ + "profile*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "GenerateRecommendations", + "documentationUrl": "https://docs.aws.amazon.com/codewhisperer/latest/dg/API_GenerateRecommendations.html", + "description": "Grants permission to invoke GenerateRecommendations on CodeWhisperer", + "accessLevel": "Read", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "ListProfiles", + "documentationUrl": "https://docs.aws.amazon.com/codewhisperer/latest/dg/API_ListProfiles.html", + "description": "Grants permission to invoke ListProfiles on CodeWhisperer", + "accessLevel": "List", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "UpdateProfile", + "documentationUrl": "https://docs.aws.amazon.com/codewhisperer/latest/dg/API_UpdateProfile.html", + "description": "Grants permission to invoke UpdateProfile on CodeWhisperer", + "accessLevel": "Write", + "resourceTypes": [ + "profile*" + ], + "conditionKeys": [], + "dependentActions": [] + } + ] +} \ No newline at end of file diff --git a/src/data/iam-services/amazon-ec2.json b/src/data/iam-services/amazon-ec2.json index ced05f8..9a9e72a 100644 --- a/src/data/iam-services/amazon-ec2.json +++ b/src/data/iam-services/amazon-ec2.json @@ -645,6 +645,24 @@ ], "dependentActions": [] }, + { + "name": "AttachVerifiedAccessTrustProvider", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AttachVerifiedAccessTrustProvider.html", + "description": "Grants permission to attach a trust provider to a Verified Access instance", + "accessLevel": "Write", + "resourceTypes": [ + "verified-access-instance*", + "verified-access-trust-provider*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Region" + ], + "dependentActions": [] + }, { "name": "AttachVolume", "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AttachVolume.html", @@ -1597,13 +1615,20 @@ "accessLevel": "Write", "resourceTypes": [ "local-gateway-route-table*", - "local-gateway-virtual-interface-group*" + "local-gateway-virtual-interface-group*", + "network-interface" ], "conditionKeys": [ "aws:ResourceTag/${TagKey}", "ec2:ResourceTag/${TagKey}", "aws:ResourceTag/${TagKey}", "ec2:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc", "ec2:Region" ], "dependentActions": [] @@ -1926,7 +1951,7 @@ "description": "Grants permission to create a public IPv4 address pool for public IPv4 CIDRs that you own and bring to Amazon to manage with Amazon VPC IP Address Manager (IPAM)", "accessLevel": "Write", "resourceTypes": [ - "network-insights-access-scope*" + "ipv4pool-ec2*" ], "conditionKeys": [ "aws:RequestTag/${TagKey}", @@ -2291,6 +2316,11 @@ "transit-gateway-policy-table", "transit-gateway-route-table", "transit-gateway-route-table-announcement", + "verified-access-endpoint", + "verified-access-group", + "verified-access-instance", + "verified-access-policy", + "verified-access-trust-provider", "volume", "vpc", "vpc-endpoint", @@ -2505,6 +2535,18 @@ "aws:ResourceTag/${TagKey}", "ec2:ResourceTag/${TagKey}", "aws:ResourceTag/${TagKey}", + "ec2:DomainCertificateArn", + "ec2:LoadBalancerArn", + "ec2:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}", "ec2:AvailabilityZone", "ec2:Encrypted", "ec2:ParentSnapshot", @@ -2874,6 +2916,104 @@ "ec2:CreateTags" ] }, + { + "name": "CreateVerifiedAccessEndpoint", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVerifiedAccessEndpoint.html", + "description": "Grants permission to create a Verified Access endpoint", + "accessLevel": "Write", + "resourceTypes": [ + "verified-access-endpoint*", + "verified-access-group*", + "network-interface", + "security-group", + "subnet" + ], + "conditionKeys": [ + "ec2:DomainCertificateArn", + "ec2:LoadBalancerArn", + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "ec2:AssociatePublicIpAddress", + "ec2:AuthorizedService", + "ec2:AuthorizedUser", + "ec2:AvailabilityZone", + "ec2:NetworkInterfaceID", + "ec2:Permission", + "ec2:ResourceTag/${TagKey}", + "ec2:Subnet", + "ec2:Vpc", + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:SecurityGroupID", + "ec2:Vpc", + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc", + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependentActions": [ + "ec2:CreateTags" + ] + }, + { + "name": "CreateVerifiedAccessGroup", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVerifiedAccessGroup.html", + "description": "Grants permission to create a Verified Access group", + "accessLevel": "Write", + "resourceTypes": [ + "verified-access-group*", + "verified-access-instance*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependentActions": [ + "ec2:CreateTags" + ] + }, + { + "name": "CreateVerifiedAccessInstance", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVerifiedAccessInstance.html", + "description": "Grants permission to create a Verified Access instance", + "accessLevel": "Write", + "resourceTypes": [ + "verified-access-instance*" + ], + "conditionKeys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependentActions": [ + "ec2:CreateTags" + ] + }, + { + "name": "CreateVerifiedAccessTrustProvider", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVerifiedAccessTrustProvider.html", + "description": "Grants permission to create a verified trust provider", + "accessLevel": "Write", + "resourceTypes": [ + "verified-access-trust-provider*" + ], + "conditionKeys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys", + "ec2:Region" + ], + "dependentActions": [ + "ec2:CreateTags" + ] + }, { "name": "CreateVolume", "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html", @@ -3713,7 +3853,8 @@ "accessLevel": "Write", "resourceTypes": [ "ipam-pool", - "placement-group" + "placement-group", + "verified-access-group" ], "conditionKeys": [ "aws:ResourceTag/${TagKey}", @@ -3722,6 +3863,8 @@ "ec2:PlacementGroupName", "ec2:PlacementGroupStrategy", "ec2:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", "ec2:Region" ], "dependentActions": [] @@ -3909,6 +4052,11 @@ "transit-gateway-policy-table", "transit-gateway-route-table", "transit-gateway-route-table-announcement", + "verified-access-endpoint", + "verified-access-group", + "verified-access-instance", + "verified-access-policy", + "verified-access-trust-provider", "volume", "vpc", "vpc-endpoint", @@ -4069,6 +4217,16 @@ "ec2:ResourceTag/${TagKey}", "aws:ResourceTag/${TagKey}", "ec2:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", "aws:TagKeys", "ec2:Region" ], @@ -4303,6 +4461,68 @@ ], "dependentActions": [] }, + { + "name": "DeleteVerifiedAccessEndpoint", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVerifiedAccessEndpoint.html", + "description": "Grants permission to delete a Verified Access endpoint", + "accessLevel": "Write", + "resourceTypes": [ + "verified-access-endpoint*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ec2:DomainCertificateArn", + "ec2:LoadBalancerArn", + "ec2:ResourceTag/${TagKey}", + "ec2:Region" + ], + "dependentActions": [] + }, + { + "name": "DeleteVerifiedAccessGroup", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVerifiedAccessGroup.html", + "description": "Grants permission to delete a Verified Access group", + "accessLevel": "Write", + "resourceTypes": [ + "verified-access-group*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Region" + ], + "dependentActions": [] + }, + { + "name": "DeleteVerifiedAccessInstance", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVerifiedAccessInstance.html", + "description": "Grants permission to delete a Verified Access instance", + "accessLevel": "Write", + "resourceTypes": [ + "verified-access-instance*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Region" + ], + "dependentActions": [] + }, + { + "name": "DeleteVerifiedAccessTrustProvider", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVerifiedAccessTrustProvider.html", + "description": "Grants permission to delete a verified trust provider", + "accessLevel": "Write", + "resourceTypes": [ + "verified-access-trust-provider*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Region" + ], + "dependentActions": [] + }, { "name": "DeleteVolume", "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DeleteVolume.html", @@ -4644,6 +4864,17 @@ ], "dependentActions": [] }, + { + "name": "DescribeAwsNetworkPerformanceMetricSubscriptions", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAwsNetworkPerformanceMetricSubscriptions.html", + "description": "Grants permission to describe the current infrastructure performance metric subscriptions", + "accessLevel": "List", + "resourceTypes": [], + "conditionKeys": [ + "ec2:Region" + ], + "dependentActions": [] + }, { "name": "DescribeBundleTasks", "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeBundleTasks.html", @@ -6022,6 +6253,61 @@ ], "dependentActions": [] }, + { + "name": "DescribeVerifiedAccessEndpoints", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVerifiedAccessEndpoints.html", + "description": "Grants permission to describe the specified Verified Access endpoints or all Verified Access endpoints", + "accessLevel": "List", + "resourceTypes": [], + "conditionKeys": [ + "ec2:Region" + ], + "dependentActions": [] + }, + { + "name": "DescribeVerifiedAccessGroups", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVerifiedAccessGroups.html", + "description": "Grants permission to describe the specified Verified Access groups or all Verified Access groups", + "accessLevel": "List", + "resourceTypes": [], + "conditionKeys": [ + "ec2:Region" + ], + "dependentActions": [] + }, + { + "name": "DescribeVerifiedAccessInstanceLoggingConfigurations", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVerifiedAccessInstanceLoggingConfigurations.html", + "description": "Grants permission to describe the current logging configuration for the Verified Access instances", + "accessLevel": "List", + "resourceTypes": [], + "conditionKeys": [ + "ec2:Region" + ], + "dependentActions": [] + }, + { + "name": "DescribeVerifiedAccessInstances", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVerifiedAccessInstances.html", + "description": "Grants permission to describe the specified Verified Access instances or all Verified Access instances", + "accessLevel": "List", + "resourceTypes": [], + "conditionKeys": [ + "ec2:Region" + ], + "dependentActions": [] + }, + { + "name": "DescribeVerifiedAccessTrustProviders", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVerifiedAccessTrustProviders.html", + "description": "Grants permission to describe details of existing Verified Access trust providers", + "accessLevel": "List", + "resourceTypes": [], + "conditionKeys": [ + "ec2:Region" + ], + "dependentActions": [] + }, { "name": "DescribeVolumeAttribute", "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVolumeAttribute.html", @@ -6317,6 +6603,24 @@ ], "dependentActions": [] }, + { + "name": "DetachVerifiedAccessTrustProvider", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DetachVerifiedAccessTrustProvider.html", + "description": "Grants permission to detach a trust provider from a Verified Access instance", + "accessLevel": "Write", + "resourceTypes": [ + "verified-access-instance*", + "verified-access-trust-provider*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Region" + ], + "dependentActions": [] + }, { "name": "DetachVolume", "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DetachVolume.html", @@ -6394,6 +6698,17 @@ ], "dependentActions": [] }, + { + "name": "DisableAwsNetworkPerformanceMetricSubscription", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableAwsNetworkPerformanceMetricSubscription.html", + "description": "Grants permission to disable infrastructure performance metric subscriptions", + "accessLevel": "Write", + "resourceTypes": [], + "conditionKeys": [ + "ec2:Region" + ], + "dependentActions": [] + }, { "name": "DisableEbsEncryptionByDefault", "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisableEbsEncryptionByDefault.html", @@ -6831,6 +7146,17 @@ ], "dependentActions": [] }, + { + "name": "EnableAwsNetworkPerformanceMetricSubscription", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableAwsNetworkPerformanceMetricSubscription.html", + "description": "Grants permission to enable infrastructure performance subscriptions", + "accessLevel": "Write", + "resourceTypes": [], + "conditionKeys": [ + "ec2:Region" + ], + "dependentActions": [] + }, { "name": "EnableEbsEncryptionByDefault", "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableEbsEncryptionByDefault.html", @@ -6922,6 +7248,17 @@ "organizations:RegisterDelegatedAdministrator" ] }, + { + "name": "EnableReachabilityAnalyzerOrganizationSharing", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableReachabilityAnalyzerOrganizationSharing.html", + "description": "Grants permission to enable organization sharing of reachability analyzer", + "accessLevel": "Write", + "resourceTypes": [], + "conditionKeys": [ + "ec2:Region" + ], + "dependentActions": [] + }, { "name": "EnableSerialConsoleAccess", "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EnableSerialConsoleAccess.html", @@ -7133,6 +7470,17 @@ ], "dependentActions": [] }, + { + "name": "GetAwsNetworkPerformanceData", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetAwsNetworkPerformanceData.html", + "description": "Grants permission to get network performance data", + "accessLevel": "Read", + "resourceTypes": [], + "conditionKeys": [ + "ec2:Region" + ], + "dependentActions": [] + }, { "name": "GetCapacityReservationUsage", "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetCapacityReservationUsage.html", @@ -7535,7 +7883,8 @@ "accessLevel": "Read", "resourceTypes": [ "ipam-pool", - "placement-group" + "placement-group", + "verified-access-group" ], "conditionKeys": [ "aws:ResourceTag/${TagKey}", @@ -7544,6 +7893,8 @@ "ec2:PlacementGroupName", "ec2:PlacementGroupStrategy", "ec2:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", "ec2:Region" ], "dependentActions": [] @@ -7597,8 +7948,12 @@ "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetTransitGatewayMulticastDomainAssociations.html", "description": "Grants permission to get information about the associations for a transit gateway multicast domain", "accessLevel": "List", - "resourceTypes": [], + "resourceTypes": [ + "transit-gateway-multicast-domain*" + ], "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", "ec2:Region" ], "dependentActions": [] @@ -7666,6 +8021,38 @@ ], "dependentActions": [] }, + { + "name": "GetVerifiedAccessEndpointPolicy", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetVerifiedAccessEndpointPolicy.html", + "description": "Grants permission to show the Verified Access policy associated with the endpoint", + "accessLevel": "List", + "resourceTypes": [ + "verified-access-endpoint*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ec2:DomainCertificateArn", + "ec2:LoadBalancerArn", + "ec2:ResourceTag/${TagKey}", + "ec2:Region" + ], + "dependentActions": [] + }, + { + "name": "GetVerifiedAccessGroupPolicy", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetVerifiedAccessGroupPolicy.html", + "description": "Grants permission to show the contents of the Verified Access policy associated with the group", + "accessLevel": "List", + "resourceTypes": [ + "verified-access-group*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Region" + ], + "dependentActions": [] + }, { "name": "GetVpnConnectionDeviceSampleConfiguration", "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetVpnConnectionDeviceSampleConfiguration.html", @@ -8875,6 +9262,127 @@ ], "dependentActions": [] }, + { + "name": "ModifyVerifiedAccessEndpoint", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVerifiedAccessEndpoint.html", + "description": "Grants permission to modify the configuration of a Verified Access endpoint", + "accessLevel": "Write", + "resourceTypes": [ + "verified-access-endpoint*", + "subnet", + "verified-access-group" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ec2:DomainCertificateArn", + "ec2:LoadBalancerArn", + "ec2:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "ec2:AvailabilityZone", + "ec2:ResourceTag/${TagKey}", + "ec2:SubnetID", + "ec2:Vpc", + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Region" + ], + "dependentActions": [] + }, + { + "name": "ModifyVerifiedAccessEndpointPolicy", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVerifiedAccessEndpointPolicy.html", + "description": "Grants permission to modify the specified Verified Access endpoint policy", + "accessLevel": "Write", + "resourceTypes": [ + "verified-access-endpoint*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ec2:DomainCertificateArn", + "ec2:LoadBalancerArn", + "ec2:ResourceTag/${TagKey}", + "ec2:Region" + ], + "dependentActions": [] + }, + { + "name": "ModifyVerifiedAccessGroup", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVerifiedAccessGroup.html", + "description": "Grants permission to modify the specified Verified Access Group configuration", + "accessLevel": "Write", + "resourceTypes": [ + "verified-access-group*", + "verified-access-instance" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Region" + ], + "dependentActions": [] + }, + { + "name": "ModifyVerifiedAccessGroupPolicy", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVerifiedAccessGroupPolicy.html", + "description": "Grants permission to modify the specified Verified Access group policy", + "accessLevel": "Write", + "resourceTypes": [ + "verified-access-group*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Region" + ], + "dependentActions": [] + }, + { + "name": "ModifyVerifiedAccessInstance", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVerifiedAccessInstance.html", + "description": "Grants permission to modify the configuration of the specified Verified Access instance", + "accessLevel": "Write", + "resourceTypes": [ + "verified-access-instance*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Region" + ], + "dependentActions": [] + }, + { + "name": "ModifyVerifiedAccessInstanceLoggingConfiguration", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVerifiedAccessInstanceLoggingConfiguration.html", + "description": "Grants permission to modify the logging configuration for the specified Verified Access instance", + "accessLevel": "Write", + "resourceTypes": [ + "verified-access-instance*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Region" + ], + "dependentActions": [] + }, + { + "name": "ModifyVerifiedAccessTrustProvider", + "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVerifiedAccessTrustProvider.html", + "description": "Grants permission to modify the configuration of the specified Verified Access trust provider", + "accessLevel": "Write", + "resourceTypes": [ + "verified-access-trust-provider*" + ], + "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", + "ec2:Region" + ], + "dependentActions": [] + }, { "name": "ModifyVolume", "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVolume.html", @@ -9338,7 +9846,8 @@ "accessLevel": "Write", "resourceTypes": [ "ipam-pool", - "placement-group" + "placement-group", + "verified-access-group" ], "conditionKeys": [ "aws:ResourceTag/${TagKey}", @@ -9347,6 +9856,8 @@ "ec2:PlacementGroupName", "ec2:PlacementGroupStrategy", "ec2:ResourceTag/${TagKey}", + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", "ec2:Region" ], "dependentActions": [] @@ -10406,8 +10917,12 @@ "documentationUrl": "https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SearchTransitGatewayMulticastGroups.html", "description": "Grants permission to search for groups, sources, and members in a transit gateway multicast domain", "accessLevel": "List", - "resourceTypes": [], + "resourceTypes": [ + "transit-gateway-multicast-domain*" + ], "conditionKeys": [ + "aws:ResourceTag/${TagKey}", + "ec2:ResourceTag/${TagKey}", "ec2:Region" ], "dependentActions": [] diff --git a/src/data/iam-services/amazon-elastic-container-service.json b/src/data/iam-services/amazon-elastic-container-service.json index 5d1f135..856f9fc 100644 --- a/src/data/iam-services/amazon-elastic-container-service.json +++ b/src/data/iam-services/amazon-elastic-container-service.json @@ -41,6 +41,8 @@ "ecs:capacity-provider", "ecs:task-definition", "ecs:enable-execute-command", + "ecs:enable-service-connect", + "ecs:namespace", "aws:RequestTag/${TagKey}", "aws:TagKeys" ], @@ -313,6 +315,17 @@ ], "dependentActions": [] }, + { + "name": "ListServicesByNamespace", + "documentationUrl": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ListServicesByNamespace.html", + "description": "Grants permission to get a list of services that are running in a specified AWS Cloud Map Namespace", + "accessLevel": "List", + "resourceTypes": [], + "conditionKeys": [ + "ecs:namespace" + ], + "dependentActions": [] + }, { "name": "ListTagsForResource", "documentationUrl": "https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ListTagsForResource.html", @@ -645,6 +658,8 @@ "ecs:cluster", "ecs:capacity-provider", "ecs:enable-execute-command", + "ecs:enable-service-connect", + "ecs:namespace", "ecs:task-definition" ], "dependentActions": [] diff --git a/src/data/iam-services/amazon-fsx.json b/src/data/iam-services/amazon-fsx.json index 3f57c1d..c4d9bbe 100644 --- a/src/data/iam-services/amazon-fsx.json +++ b/src/data/iam-services/amazon-fsx.json @@ -330,7 +330,9 @@ "fsx:StorageVirtualMachineId", "fsx:ParentVolumeId" ], - "dependentActions": [] + "dependentActions": [ + "fsx:TagResource" + ] }, { "name": "DescribeAssociatedFileGateways", diff --git a/src/data/iam-services/amazon-lex-v2.json b/src/data/iam-services/amazon-lex-v2.json index b47649d..3fcc04b 100644 --- a/src/data/iam-services/amazon-lex-v2.json +++ b/src/data/iam-services/amazon-lex-v2.json @@ -3,6 +3,39 @@ "servicePrefix": "lex", "url": "https://docs.aws.amazon.com/service-authorization/latest/reference/./list_amazonlexv2.html", "actions": [ + { + "name": "BatchCreateCustomVocabularyItem", + "documentationUrl": "https://docs.aws.amazon.com/lexv2/latest/dg/API_BatchCreateCustomVocabularyItem.html", + "description": "Grants permission to create new items in an existing custom vocabulary", + "accessLevel": "Write", + "resourceTypes": [ + "bot*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "BatchDeleteCustomVocabularyItem", + "documentationUrl": "https://docs.aws.amazon.com/lexv2/latest/dg/API_BatchDeleteCustomVocabularyItem.html", + "description": "Grants permission to delete existing items in an existing custom vocabulary", + "accessLevel": "Write", + "resourceTypes": [ + "bot*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "BatchUpdateCustomVocabularyItem", + "documentationUrl": "https://docs.aws.amazon.com/lexv2/latest/dg/API_BatchUpdateCustomVocabularyItem.html", + "description": "Grants permission to update existing items in an existing custom vocabulary", + "accessLevel": "Write", + "resourceTypes": [ + "bot*" + ], + "conditionKeys": [], + "dependentActions": [] + }, { "name": "BuildBotLocale", "documentationUrl": "https://docs.aws.amazon.com/lexv2/latest/dg/API_BuildBotLocale.html", @@ -589,6 +622,17 @@ "conditionKeys": [], "dependentActions": [] }, + { + "name": "ListCustomVocabularyItems", + "documentationUrl": "https://docs.aws.amazon.com/lexv2/latest/dg/API_ListCustomVocabularyItems.html", + "description": "Grants permission to list items of an existing custom vocabulary", + "accessLevel": "List", + "resourceTypes": [ + "bot*" + ], + "conditionKeys": [], + "dependentActions": [] + }, { "name": "ListExports", "documentationUrl": "https://docs.aws.amazon.com/lexv2/latest/dg/API_ListExports.html", diff --git a/src/data/iam-services/amazon-omics.json b/src/data/iam-services/amazon-omics.json index 2e7643d..b01e07f 100644 --- a/src/data/iam-services/amazon-omics.json +++ b/src/data/iam-services/amazon-omics.json @@ -5,7 +5,7 @@ "actions": [ { "name": "BatchDeleteReadSet", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_BatchDeleteReadSet.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_BatchDeleteReadSet.html", "description": "Grants permission to batch delete Read Sets in the given Sequence Store", "accessLevel": "Write", "resourceTypes": [ @@ -16,7 +16,7 @@ }, { "name": "CancelAnnotationImportJob", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_CancelAnnotationImportJob.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_CancelAnnotationImportJob.html", "description": "Grants permission to cancel an Annotation Import Job", "accessLevel": "Write", "resourceTypes": [ @@ -27,7 +27,7 @@ }, { "name": "CancelRun", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_CancelRun.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_CancelRun.html", "description": "Grants permission to cancel a workflow run and stop all workflow tasks", "accessLevel": "Write", "resourceTypes": [ @@ -38,7 +38,7 @@ }, { "name": "CancelVariantImportJob", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_CancelVariantImportJob.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_CancelVariantImportJob.html", "description": "Grants permission to cancel a Variant Import Job", "accessLevel": "Write", "resourceTypes": [ @@ -49,7 +49,7 @@ }, { "name": "CreateAnnotationStore", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_CreateAnnotationStore.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_CreateAnnotationStore.html", "description": "Grants permission to create an Annotation Store", "accessLevel": "Write", "resourceTypes": [], @@ -58,7 +58,7 @@ }, { "name": "CreateReferenceStore", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_CreateReferenceStore.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_CreateReferenceStore.html", "description": "Grants permission to create a Reference Store", "accessLevel": "Write", "resourceTypes": [], @@ -70,7 +70,7 @@ }, { "name": "CreateRunGroup", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_CreateRunGroup.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_CreateRunGroup.html", "description": "Grants permission to create a new workflow run group", "accessLevel": "Write", "resourceTypes": [], @@ -82,7 +82,7 @@ }, { "name": "CreateSequenceStore", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_CreateSequenceStore.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_CreateSequenceStore.html", "description": "Grants permission to create a Sequence Store", "accessLevel": "Write", "resourceTypes": [], @@ -94,7 +94,7 @@ }, { "name": "CreateVariantStore", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_CreateVariantStore.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_CreateVariantStore.html", "description": "Grants permission to create a Variant Store", "accessLevel": "Write", "resourceTypes": [], @@ -103,7 +103,7 @@ }, { "name": "CreateWorkflow", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_CreateWorkflow.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_CreateWorkflow.html", "description": "Grants permission to create a new workflow with a workflow definition and template of workflow parameters", "accessLevel": "Write", "resourceTypes": [], @@ -115,7 +115,7 @@ }, { "name": "DeleteAnnotationStore", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_DeleteAnnotationStore.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteAnnotationStore.html", "description": "Grants permission to delete an Annotation Store", "accessLevel": "Write", "resourceTypes": [ @@ -126,7 +126,7 @@ }, { "name": "DeleteReference", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_DeleteReference.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteReference.html", "description": "Grants permission to delete a Reference in the given Reference Store", "accessLevel": "Write", "resourceTypes": [ @@ -138,7 +138,7 @@ }, { "name": "DeleteReferenceStore", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_DeleteReferenceStore.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteReferenceStore.html", "description": "Grants permission to delete a Reference Store", "accessLevel": "Write", "resourceTypes": [ @@ -149,7 +149,7 @@ }, { "name": "DeleteRun", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_DeleteRun.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteRun.html", "description": "Grants permission to delete a workflow run", "accessLevel": "Write", "resourceTypes": [ @@ -160,7 +160,7 @@ }, { "name": "DeleteRunGroup", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_DeleteRunGroup.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteRunGroup.html", "description": "Grants permission to delete a workflow run group", "accessLevel": "Write", "resourceTypes": [ @@ -171,7 +171,7 @@ }, { "name": "DeleteSequenceStore", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_DeleteSequenceStore.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteSequenceStore.html", "description": "Grants permission to delete a Sequence Store", "accessLevel": "Write", "resourceTypes": [ @@ -182,7 +182,7 @@ }, { "name": "DeleteVariantStore", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_DeleteVariantStore.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteVariantStore.html", "description": "Grants permission to delete a Variant Store", "accessLevel": "Write", "resourceTypes": [ @@ -193,7 +193,7 @@ }, { "name": "DeleteWorkflow", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_DeleteWorkflow.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_DeleteWorkflow.html", "description": "Grants permission to delete a workflow", "accessLevel": "Write", "resourceTypes": [ @@ -204,7 +204,7 @@ }, { "name": "GetAnnotationImportJob", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_GetAnnotationImportJob.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_GetAnnotationImportJob.html", "description": "Grants permission to get the status of an Annotation Import Job", "accessLevel": "Read", "resourceTypes": [ @@ -215,7 +215,7 @@ }, { "name": "GetAnnotationStore", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_GetAnnotationStore.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_GetAnnotationStore.html", "description": "Grants permission to get detailed information about an Annotation Store", "accessLevel": "Read", "resourceTypes": [ @@ -226,7 +226,7 @@ }, { "name": "GetReadSet", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_GetReadSet.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_GetReadSet.html", "description": "Grants permission to get a Read Set in the given Sequence Store", "accessLevel": "Read", "resourceTypes": [ @@ -238,7 +238,7 @@ }, { "name": "GetReadSetActivationJob", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_GetReadSetActivationJob.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_GetReadSetActivationJob.html", "description": "Grants permission to get details about a Read Set activation job for the given Sequence Store", "accessLevel": "Read", "resourceTypes": [ @@ -249,7 +249,7 @@ }, { "name": "GetReadSetExportJob", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_GetReadSetExportJob.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_GetReadSetExportJob.html", "description": "Grants permission to get details about a Read Set export job for the given Sequence Store", "accessLevel": "Read", "resourceTypes": [ @@ -260,7 +260,7 @@ }, { "name": "GetReadSetImportJob", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_GetReadSetImportJob.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_GetReadSetImportJob.html", "description": "Grants permission to get details about a Read Set import job for the given Sequence Store", "accessLevel": "Read", "resourceTypes": [ @@ -271,7 +271,7 @@ }, { "name": "GetReadSetMetadata", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_GetReadSetMetadata.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_GetReadSetMetadata.html", "description": "Grants permission to get details about a Read Set in the given Sequence Store", "accessLevel": "Read", "resourceTypes": [ @@ -283,7 +283,7 @@ }, { "name": "GetReference", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_GetReference.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_GetReference.html", "description": "Grants permission to get a Reference in the given Reference Store", "accessLevel": "Read", "resourceTypes": [ @@ -295,7 +295,7 @@ }, { "name": "GetReferenceImportJob", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_GetReferenceImportJob.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_GetReferenceImportJob.html", "description": "Grants permission to get details about a Reference import job for the given Reference Store", "accessLevel": "Read", "resourceTypes": [ @@ -306,7 +306,7 @@ }, { "name": "GetReferenceMetadata", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_GetReferenceMetadata.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_GetReferenceMetadata.html", "description": "Grants permission to get details about a Reference in the given Reference Store", "accessLevel": "Read", "resourceTypes": [ @@ -318,7 +318,7 @@ }, { "name": "GetReferenceStore", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_GetReferenceStore.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_GetReferenceStore.html", "description": "Grants permission to get details about a Reference Store", "accessLevel": "Read", "resourceTypes": [ @@ -329,7 +329,7 @@ }, { "name": "GetRun", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_GetRun.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_GetRun.html", "description": "Grants permission to retrieve workflow run details", "accessLevel": "Read", "resourceTypes": [ @@ -340,7 +340,7 @@ }, { "name": "GetRunGroup", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_GetRunGroup.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_GetRunGroup.html", "description": "Grants permission to retrieve workflow run group details", "accessLevel": "Read", "resourceTypes": [ @@ -351,7 +351,7 @@ }, { "name": "GetRunTask", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_GetRunTask.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_GetRunTask.html", "description": "Grants permission to retrieve workflow task details", "accessLevel": "Read", "resourceTypes": [ @@ -363,7 +363,7 @@ }, { "name": "GetSequenceStore", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_GetSequenceStore.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_GetSequenceStore.html", "description": "Grants permission to get details about a Sequence Store", "accessLevel": "Read", "resourceTypes": [ @@ -374,7 +374,7 @@ }, { "name": "GetVariantImportJob", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_GetVariantImportJob.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_GetVariantImportJob.html", "description": "Grants permission to get the status of a Variant Import Job", "accessLevel": "Read", "resourceTypes": [ @@ -385,7 +385,7 @@ }, { "name": "GetVariantStore", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_GetVariantStore.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_GetVariantStore.html", "description": "Grants permission to get detailed information about a Variant Store", "accessLevel": "Read", "resourceTypes": [ @@ -396,7 +396,7 @@ }, { "name": "GetWorkflow", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_GetWorkflow.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_GetWorkflow.html", "description": "Grants permission to retrieve workflow details", "accessLevel": "Read", "resourceTypes": [ @@ -407,7 +407,7 @@ }, { "name": "ListAnnotationImportJobs", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_ListAnnotationImportJobs.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_ListAnnotationImportJobs.html", "description": "Grants permission to get a list of Annotation Import Jobs", "accessLevel": "List", "resourceTypes": [], @@ -416,7 +416,7 @@ }, { "name": "ListAnnotationStores", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_ListAnnotationStores.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_ListAnnotationStores.html", "description": "Grants permission to retrieve a list of information about Annotation Stores", "accessLevel": "List", "resourceTypes": [], @@ -425,9 +425,9 @@ }, { "name": "ListReadSetActivationJobs", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_ListReadSetActivationJobs.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_ListReadSetActivationJobs.html", "description": "Grants permission to list Read Set activation jobs for the given Sequence Store", - "accessLevel": "Read", + "accessLevel": "List", "resourceTypes": [ "sequenceStore*" ], @@ -436,9 +436,9 @@ }, { "name": "ListReadSetExportJobs", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_ListReadSetExportJobs.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_ListReadSetExportJobs.html", "description": "Grants permission to list Read Set export jobs for the given Sequence Store", - "accessLevel": "Read", + "accessLevel": "List", "resourceTypes": [ "sequenceStore*" ], @@ -447,9 +447,9 @@ }, { "name": "ListReadSetImportJobs", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_ListReadSetImportJobs.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_ListReadSetImportJobs.html", "description": "Grants permission to list Read Set import jobs for the given Sequence Store", - "accessLevel": "Read", + "accessLevel": "List", "resourceTypes": [ "sequenceStore*" ], @@ -458,7 +458,7 @@ }, { "name": "ListReadSets", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_ListReadSets.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_ListReadSets.html", "description": "Grants permission to list Read Sets in the given Sequence Store", "accessLevel": "List", "resourceTypes": [ @@ -469,9 +469,9 @@ }, { "name": "ListReferenceImportJobs", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_ListReferenceImportJobs.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_ListReferenceImportJobs.html", "description": "Grants permission to list Reference import jobs for the given Reference Store", - "accessLevel": "Read", + "accessLevel": "List", "resourceTypes": [ "referenceStore*" ], @@ -480,7 +480,7 @@ }, { "name": "ListReferenceStores", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_ListReferenceStores.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_ListReferenceStores.html", "description": "Grants permission to list Reference Stores", "accessLevel": "List", "resourceTypes": [], @@ -489,7 +489,7 @@ }, { "name": "ListReferences", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_ListReferences.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_ListReferences.html", "description": "Grants permission to list References in the given Reference Store", "accessLevel": "List", "resourceTypes": [ @@ -500,7 +500,7 @@ }, { "name": "ListRunGroups", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_ListRunGroups.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_ListRunGroups.html", "description": "Grants permission to retrieve a list of workflow run groups", "accessLevel": "List", "resourceTypes": [], @@ -509,7 +509,7 @@ }, { "name": "ListRunTasks", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_ListRunTasks.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_ListRunTasks.html", "description": "Grants permission to retrieve a list of tasks for a workflow run", "accessLevel": "List", "resourceTypes": [ @@ -520,7 +520,7 @@ }, { "name": "ListRuns", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_ListRuns.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_ListRuns.html", "description": "Grants permission to retrieve a list of workflow runs", "accessLevel": "List", "resourceTypes": [], @@ -529,7 +529,7 @@ }, { "name": "ListSequenceStores", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_ListSequenceStores.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_ListSequenceStores.html", "description": "Grants permission to list Sequence Stores", "accessLevel": "List", "resourceTypes": [], @@ -538,7 +538,7 @@ }, { "name": "ListTagsForResource", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_ListTagsForResource.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_ListTagsForResource.html", "description": "Grants permission to retrieve a list of resource AWS tags", "accessLevel": "List", "resourceTypes": [], @@ -547,7 +547,7 @@ }, { "name": "ListVariantImportJobs", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_ListVariantImportJobs.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_ListVariantImportJobs.html", "description": "Grants permission to get a list of Variant Import Jobs", "accessLevel": "List", "resourceTypes": [], @@ -556,7 +556,7 @@ }, { "name": "ListVariantStores", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_ListVariantStores.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_ListVariantStores.html", "description": "Grants permission to retrieve a list of metadata for Variant Stores", "accessLevel": "List", "resourceTypes": [], @@ -565,7 +565,7 @@ }, { "name": "ListWorkflows", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_ListWorkflows.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_ListWorkflows.html", "description": "Grants permission to retrieve a list of available workflows", "accessLevel": "List", "resourceTypes": [], @@ -574,7 +574,7 @@ }, { "name": "StartAnnotationImportJob", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_StartAnnotationImportJob.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_StartAnnotationImportJob.html", "description": "Grants permission to import a list of Annotation files to an Annotation Store", "accessLevel": "Write", "resourceTypes": [], @@ -583,7 +583,7 @@ }, { "name": "StartReadSetActivationJob", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_StartReadSetActivationJob.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_StartReadSetActivationJob.html", "description": "Grants permission to start a Read Set activation job from the given Sequence Store", "accessLevel": "Write", "resourceTypes": [ @@ -594,7 +594,7 @@ }, { "name": "StartReadSetExportJob", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_StartReadSetExportJob.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_StartReadSetExportJob.html", "description": "Grants permission to start a Read Set export job from the given Sequence Store", "accessLevel": "Write", "resourceTypes": [ @@ -605,7 +605,7 @@ }, { "name": "StartReadSetImportJob", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_StartReadSetImportJob.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_StartReadSetImportJob.html", "description": "Grants permission to start a Read Set import job into the given Sequence Store", "accessLevel": "Write", "resourceTypes": [ @@ -616,7 +616,7 @@ }, { "name": "StartReferenceImportJob", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_StartReferenceImportJob.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_StartReferenceImportJob.html", "description": "Grants permission to start a Reference import job into the given Reference Store", "accessLevel": "Write", "resourceTypes": [ @@ -627,7 +627,7 @@ }, { "name": "StartRun", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_StartRun.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_StartRun.html", "description": "Grants permission to start a workflow run", "accessLevel": "Write", "resourceTypes": [], @@ -639,7 +639,7 @@ }, { "name": "StartVariantImportJob", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_StartVariantImportJob.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_StartVariantImportJob.html", "description": "Grants permission to import a list of variant files to an Variant Store", "accessLevel": "Write", "resourceTypes": [], @@ -648,7 +648,7 @@ }, { "name": "TagResource", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_TagResource.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_TagResource.html", "description": "Grants permission to add AWS tags to a resource", "accessLevel": "Tagging", "resourceTypes": [ @@ -668,7 +668,7 @@ }, { "name": "UntagResource", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_UntagResource.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_UntagResource.html", "description": "Grants permission to remove resource AWS tags", "accessLevel": "Tagging", "resourceTypes": [ @@ -687,7 +687,7 @@ }, { "name": "UpdateAnnotationStore", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_UpdateAnnotationStore.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_UpdateAnnotationStore.html", "description": "Grants permission to update information about the Annotation Store", "accessLevel": "Write", "resourceTypes": [ @@ -698,7 +698,7 @@ }, { "name": "UpdateRunGroup", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_UpdateRunGroup.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_UpdateRunGroup.html", "description": "Grants permission to update a workflow run group", "accessLevel": "Write", "resourceTypes": [ @@ -709,7 +709,7 @@ }, { "name": "UpdateVariantStore", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_UpdateVariantStore.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_UpdateVariantStore.html", "description": "Grants permission to update metadata about the Variant Store", "accessLevel": "Write", "resourceTypes": [ @@ -720,7 +720,7 @@ }, { "name": "UpdateWorkflow", - "documentationUrl": "https://docs.aws.amazon.com/Omics/latest/api/API_UpdateWorkflow.html", + "documentationUrl": "https://docs.aws.amazon.com/omics/latest/api/API_UpdateWorkflow.html", "description": "Grants permission to update workflow details", "accessLevel": "Write", "resourceTypes": [ diff --git a/src/data/iam-services/amazon-personalize.json b/src/data/iam-services/amazon-personalize.json index eb50e4f..f99f3d7 100644 --- a/src/data/iam-services/amazon-personalize.json +++ b/src/data/iam-services/amazon-personalize.json @@ -583,9 +583,7 @@ "documentationUrl": "https://docs.aws.amazon.com/personalize/latest/dg/API_UBS_PutEvents.html", "description": "Grants permission to put real time event data", "accessLevel": "Write", - "resourceTypes": [ - "eventTracker*" - ], + "resourceTypes": [], "conditionKeys": [], "dependentActions": [] }, diff --git a/src/data/iam-services/amazon-sagemaker.json b/src/data/iam-services/amazon-sagemaker.json index c5a494b..356b953 100644 --- a/src/data/iam-services/amazon-sagemaker.json +++ b/src/data/iam-services/amazon-sagemaker.json @@ -155,9 +155,10 @@ { "name": "BatchGetMetrics", "documentationUrl": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/", - "description": "Grants permission to retrieve metrics associated with SageMaker Resources such as Training Jobs. This API is not publicly exposed at this point, however admins can control this action", + "description": "Grants permission to retrieve metrics associated with SageMaker Resources such as Training Jobs or Trial Components. This API is not publicly exposed at this point, however admins can control this action", "accessLevel": "Read", "resourceTypes": [ + "experiment-trial-component*", "training-job*" ], "conditionKeys": [], @@ -177,9 +178,10 @@ { "name": "BatchPutMetrics", "documentationUrl": "https://docs.aws.amazon.com/sagemaker/latest/APIReference/", - "description": "Grants permission to publish metrics associated with a SageMaker Resource such as a Training Job. This API is not publicly exposed at this point, however admins can control this action", + "description": "Grants permission to publish metrics associated with a SageMaker Resource such as a Training Job or Trial Component", "accessLevel": "Write", "resourceTypes": [ + "experiment-trial-component*", "training-job*" ], "conditionKeys": [], diff --git a/src/data/iam-services/amazon-security-lake.json b/src/data/iam-services/amazon-security-lake.json index 6f76c20..f078af6 100644 --- a/src/data/iam-services/amazon-security-lake.json +++ b/src/data/iam-services/amazon-security-lake.json @@ -30,6 +30,7 @@ "glue:StartCrawlerSchedule", "iam:DeleteRolePolicy", "iam:GetRole", + "iam:PassRole", "iam:PutRolePolicy", "kms:CreateGrant", "kms:DescribeKey", @@ -53,6 +54,7 @@ "iam:CreateServiceLinkedRole", "iam:DeleteRolePolicy", "iam:GetRole", + "iam:PassRole", "iam:PutRolePolicy", "kms:CreateGrant", "kms:DescribeKey", @@ -145,6 +147,7 @@ "events:PutTargets", "iam:DeleteRolePolicy", "iam:GetRole", + "iam:PassRole", "s3:GetBucketNotification", "s3:PutBucketNotification", "sqs:CreateQueue", @@ -447,6 +450,7 @@ "iam:CreateServiceLinkedRole", "iam:DeleteRolePolicy", "iam:GetRole", + "iam:PassRole", "iam:PutRolePolicy", "s3:CreateBucket", "s3:GetBucketNotification", @@ -455,6 +459,7 @@ "s3:PutBucketPolicy", "s3:PutBucketPublicAccessBlock", "s3:PutBucketVersioning", + "s3:PutLifecycleConfiguration", "sqs:CreateQueue", "sqs:DeleteQueue", "sqs:GetQueueAttributes", diff --git a/src/data/iam-services/amazon-textract.json b/src/data/iam-services/amazon-textract.json index f89db69..a9d608c 100644 --- a/src/data/iam-services/amazon-textract.json +++ b/src/data/iam-services/amazon-textract.json @@ -74,6 +74,24 @@ "conditionKeys": [], "dependentActions": [] }, + { + "name": "GetLendingAnalysis", + "documentationUrl": "https://docs.aws.amazon.com/textract/latest/dg/API_GetLendingAnalysis.html", + "description": "Grants permission to retrieve page-level information regarding a lending analysis job", + "accessLevel": "Read", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "GetLendingAnalysisSummary", + "documentationUrl": "https://docs.aws.amazon.com/textract/latest/dg/API_GetLendingAnalysisSummary.html", + "description": "Grants permission to retrieve summarized information regarding a lending analysis job", + "accessLevel": "Read", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, { "name": "StartDocumentAnalysis", "documentationUrl": "https://docs.aws.amazon.com/textract/latest/dg/API_StartDocumentAnalysis.html", @@ -106,6 +124,17 @@ "dependentActions": [ "s3:GetObject" ] + }, + { + "name": "StartLendingAnalysis", + "documentationUrl": "https://docs.aws.amazon.com/textract/latest/dg/API_StartLendingAnalysis.html", + "description": "Grants permission to start an asynchronous job for detection of entities in a lending document, takes a provided image or PDF as input", + "accessLevel": "Write", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [ + "s3:GetObject" + ] } ] } \ No newline at end of file diff --git a/src/data/iam-services/amazon-workspaces.json b/src/data/iam-services/amazon-workspaces.json index 98ae00e..5e69f31 100644 --- a/src/data/iam-services/amazon-workspaces.json +++ b/src/data/iam-services/amazon-workspaces.json @@ -89,6 +89,21 @@ ], "dependentActions": [] }, + { + "name": "CreateStandbyWorkspaces", + "documentationUrl": "https://docs.aws.amazon.com/workspaces/latest/api/API_CreateStandbyWorkspaces.html", + "description": "Grants permission to create one or more Standby WorkSpaces", + "accessLevel": "Write", + "resourceTypes": [ + "directoryid*", + "workspaceid*" + ], + "conditionKeys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependentActions": [] + }, { "name": "CreateTags", "documentationUrl": "https://docs.aws.amazon.com/workspaces/latest/api/API_CreateTags.html", @@ -485,6 +500,17 @@ "conditionKeys": [], "dependentActions": [] }, + { + "name": "ModifyCertificateBasedAuthProperties", + "documentationUrl": "https://docs.aws.amazon.com/workspaces/latest/api/API_ModifyCertificateBasedAuthProperties.html", + "description": "Grants permission to modify the certificate-based authorization properties of a directory", + "accessLevel": "Write", + "resourceTypes": [ + "directoryid*" + ], + "conditionKeys": [], + "dependentActions": [] + }, { "name": "ModifyClientProperties", "documentationUrl": "https://docs.aws.amazon.com/workspaces/latest/api/API_ModifyClientProperties.html", diff --git a/src/data/iam-services/aws-amplify-ui-builder.json b/src/data/iam-services/aws-amplify-ui-builder.json index caa4f3d..7c929ff 100644 --- a/src/data/iam-services/aws-amplify-ui-builder.json +++ b/src/data/iam-services/aws-amplify-ui-builder.json @@ -13,7 +13,23 @@ "aws:RequestTag/${TagKey}", "aws:TagKeys" ], - "dependentActions": [] + "dependentActions": [ + "amplify:GetApp" + ] + }, + { + "name": "CreateForm", + "documentationUrl": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_CreateForm.html", + "description": "Grants permission to create a form", + "accessLevel": "Write", + "resourceTypes": [], + "conditionKeys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependentActions": [ + "amplify:GetApp" + ] }, { "name": "CreateTheme", @@ -25,7 +41,9 @@ "aws:RequestTag/${TagKey}", "aws:TagKeys" ], - "dependentActions": [] + "dependentActions": [ + "amplify:GetApp" + ] }, { "name": "DeleteComponent", @@ -36,7 +54,22 @@ "ComponentResource*" ], "conditionKeys": [], - "dependentActions": [] + "dependentActions": [ + "amplify:GetApp" + ] + }, + { + "name": "DeleteForm", + "documentationUrl": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_DeleteForm.html", + "description": "Grants permission to delete a form", + "accessLevel": "Write", + "resourceTypes": [ + "FormResource*" + ], + "conditionKeys": [], + "dependentActions": [ + "amplify:GetApp" + ] }, { "name": "DeleteTheme", @@ -47,21 +80,23 @@ "ThemeResource*" ], "conditionKeys": [], - "dependentActions": [] + "dependentActions": [ + "amplify:GetApp" + ] }, { - "name": "ExchangeCodeForToken", - "documentationUrl": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_ExchangeCodeForToken.html", - "description": "Grants permission to exchange a code for a token", - "accessLevel": "Write", + "name": "ExportComponents", + "documentationUrl": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_ExportComponents.html", + "description": "Grants permission to export components", + "accessLevel": "Read", "resourceTypes": [], "conditionKeys": [], "dependentActions": [] }, { - "name": "ExportComponents", - "documentationUrl": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_ExportComponents.html", - "description": "Grants permission to export components", + "name": "ExportForms", + "documentationUrl": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_ExportForms.html", + "description": "Grants permission to export forms", "accessLevel": "Read", "resourceTypes": [], "conditionKeys": [], @@ -85,6 +120,30 @@ "ComponentResource*" ], "conditionKeys": [], + "dependentActions": [ + "amplify:GetApp" + ] + }, + { + "name": "GetForm", + "documentationUrl": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_GetForm.html", + "description": "Grants permission to get an existing form", + "accessLevel": "Read", + "resourceTypes": [ + "FormResource*" + ], + "conditionKeys": [], + "dependentActions": [ + "amplify:GetApp" + ] + }, + { + "name": "GetMetadata", + "documentationUrl": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_GetMetadata.html", + "description": "Grants permission to get an existing metadata", + "accessLevel": "Read", + "resourceTypes": [], + "conditionKeys": [], "dependentActions": [] }, { @@ -96,74 +155,59 @@ "ThemeResource*" ], "conditionKeys": [], - "dependentActions": [] + "dependentActions": [ + "amplify:GetApp" + ] }, { "name": "ListComponents", "documentationUrl": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_ListComponents.html", - "description": "Grants permission to list the components for an app", + "description": "Grants permission to list components", "accessLevel": "List", "resourceTypes": [], "conditionKeys": [], - "dependentActions": [] + "dependentActions": [ + "amplify:GetApp" + ] }, { - "name": "ListTagsForResource", - "documentationUrl": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/welcome.html", - "description": "Grants permission to list the tags for a resource", - "accessLevel": "Read", - "resourceTypes": [ - "ComponentResource", - "ThemeResource" - ], + "name": "ListForms", + "documentationUrl": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_ListForms.html", + "description": "Grants permission to list forms", + "accessLevel": "List", + "resourceTypes": [], "conditionKeys": [], - "dependentActions": [] + "dependentActions": [ + "amplify:GetApp" + ] }, { "name": "ListThemes", "documentationUrl": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_ListThemes.html", - "description": "Grants permission to list the themes for an app", + "description": "Grants permission to list themes", "accessLevel": "List", "resourceTypes": [], "conditionKeys": [], - "dependentActions": [] + "dependentActions": [ + "amplify:GetApp" + ] }, { - "name": "RefreshToken", - "documentationUrl": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_RefreshToken.html", - "description": "Grants permission to refresh an access token", + "name": "PutMetadataFlag", + "documentationUrl": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_PutMetadataFlag.html", + "description": "Grants permission to put an existing metadata", "accessLevel": "Write", "resourceTypes": [], "conditionKeys": [], "dependentActions": [] }, { - "name": "TagResource", - "documentationUrl": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/welcome.html", - "description": "Grants permission to tag a resource", - "accessLevel": "Tagging", - "resourceTypes": [ - "ComponentResource", - "ThemeResource" - ], - "conditionKeys": [ - "aws:TagKeys", - "aws:RequestTag/${TagKey}" - ], - "dependentActions": [] - }, - { - "name": "UntagResource", - "documentationUrl": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/welcome.html", - "description": "Grants permission to untag a resource", - "accessLevel": "Tagging", - "resourceTypes": [ - "ComponentResource", - "ThemeResource" - ], - "conditionKeys": [ - "aws:TagKeys" - ], + "name": "ResetMetadataFlag", + "documentationUrl": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_ResetMetadataFlag.html", + "description": "Grants permission to reset an existing metadata", + "accessLevel": "Write", + "resourceTypes": [], + "conditionKeys": [], "dependentActions": [] }, { @@ -175,7 +219,22 @@ "ComponentResource*" ], "conditionKeys": [], - "dependentActions": [] + "dependentActions": [ + "amplify:GetApp" + ] + }, + { + "name": "UpdateForm", + "documentationUrl": "https://docs.aws.amazon.com/amplifyuibuilder/latest/APIReference/API_UpdateForm.html", + "description": "Grants permission to update a form", + "accessLevel": "Write", + "resourceTypes": [ + "FormResource*" + ], + "conditionKeys": [], + "dependentActions": [ + "amplify:GetApp" + ] }, { "name": "UpdateTheme", @@ -186,7 +245,9 @@ "ThemeResource*" ], "conditionKeys": [], - "dependentActions": [] + "dependentActions": [ + "amplify:GetApp" + ] } ] } \ No newline at end of file diff --git a/src/data/iam-services/aws-budget-service.json b/src/data/iam-services/aws-budget-service.json index 5b3a7c4..c8ce699 100644 --- a/src/data/iam-services/aws-budget-service.json +++ b/src/data/iam-services/aws-budget-service.json @@ -6,7 +6,7 @@ { "name": "CreateBudgetAction", "documentationUrl": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions", - "description": "Grants permissions to create and define a response that you can configure to execute once your budget has exceeded a specific budget threshold.", + "description": "Grants permission to create and define a response that you can configure to execute once your budget has exceeded a specific budget threshold", "accessLevel": "Write", "resourceTypes": [ "budgetAction*" @@ -19,7 +19,7 @@ { "name": "DeleteBudgetAction", "documentationUrl": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions", - "description": "Grants permissions to delete an action that is associated with a specific budget.", + "description": "Grants permission to delete an action that is associated with a specific budget", "accessLevel": "Write", "resourceTypes": [ "budgetAction*" @@ -30,7 +30,7 @@ { "name": "DescribeBudgetAction", "documentationUrl": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions", - "description": "Grants permissions to retrieve the details of specific budget action associated with a budget.", + "description": "Grants permission to retrieve the details of a specific budget action associated with a budget", "accessLevel": "Read", "resourceTypes": [ "budgetAction*" @@ -41,7 +41,7 @@ { "name": "DescribeBudgetActionHistories", "documentationUrl": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions", - "description": "Grants permissions to retrieve a historical view of the budget actions statuses associated with a particular budget action. These status include statues such as 'Standby', 'Pending' and 'Executed'.", + "description": "Grants permission to retrieve a historical view of the budget actions statuses associated with a particular budget action. These status include statues such as 'Standby', 'Pending' and 'Executed'", "accessLevel": "Read", "resourceTypes": [ "budgetAction*" @@ -52,7 +52,7 @@ { "name": "DescribeBudgetActionsForAccount", "documentationUrl": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions", - "description": "Grants permissions to retrieve the details of all of the budget actions associated with your account.", + "description": "Grants permission to retrieve the details of all of the budget actions associated with your account", "accessLevel": "Read", "resourceTypes": [], "conditionKeys": [], @@ -61,7 +61,7 @@ { "name": "DescribeBudgetActionsForBudget", "documentationUrl": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions", - "description": "Grants permissions to retrieve the details of all of the budget actions associated with a budget.", + "description": "Grants permission to retrieve the details of all of the budget actions associated with a budget", "accessLevel": "Read", "resourceTypes": [ "budget*" @@ -72,7 +72,7 @@ { "name": "ExecuteBudgetAction", "documentationUrl": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions", - "description": "Grants permissions to initiate a pending budget action as well as reverse a previously executed budget action.", + "description": "Grants permission to initiate a pending budget action as well as reverse a previously executed budget action", "accessLevel": "Write", "resourceTypes": [ "budgetAction*" @@ -83,7 +83,7 @@ { "name": "ModifyBudget", "documentationUrl": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions", - "description": "Grants permissions to modify budgets and budget details", + "description": "Grants permission to modify budgets and budget details", "accessLevel": "Write", "resourceTypes": [ "budget*" @@ -94,7 +94,7 @@ { "name": "UpdateBudgetAction", "documentationUrl": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions", - "description": "Grants permissions to update the details of a specific budget action associated with a budget.", + "description": "Grants permission to update the details of a specific budget action associated with a budget", "accessLevel": "Write", "resourceTypes": [ "budgetAction*" @@ -107,7 +107,7 @@ { "name": "ViewBudget", "documentationUrl": "https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#user-permissions", - "description": "Grants permissions to view budgets and budget details", + "description": "Grants permission to view budgets and budget details", "accessLevel": "Read", "resourceTypes": [ "budget*" diff --git a/src/data/iam-services/aws-cost-explorer-service.json b/src/data/iam-services/aws-cost-explorer-service.json index d47d27b..e48b74e 100644 --- a/src/data/iam-services/aws-cost-explorer-service.json +++ b/src/data/iam-services/aws-cost-explorer-service.json @@ -346,6 +346,15 @@ "conditionKeys": [], "dependentActions": [] }, + { + "name": "ListSavingsPlansPurchaseRecommendationGeneration", + "documentationUrl": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_ListSavingsPlansPurchaseRecommendationGeneration.html", + "description": "Grants permission to retrieve a list of your historical recommendation generations", + "accessLevel": "List", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, { "name": "ListTagsForResource", "documentationUrl": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_ListTagsForResource.html", @@ -370,6 +379,15 @@ "conditionKeys": [], "dependentActions": [] }, + { + "name": "StartSavingsPlansPurchaseRecommendationGeneration", + "documentationUrl": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_StartSavingsPlansPurchaseRecommendationGeneration.html", + "description": "Grants permission to request a Savings Plans recommendation generation", + "accessLevel": "Write", + "resourceTypes": [], + "conditionKeys": [], + "dependentActions": [] + }, { "name": "TagResource", "documentationUrl": "https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_TagResource.html", diff --git a/src/data/iam-services/aws-elastic-disaster-recovery.json b/src/data/iam-services/aws-elastic-disaster-recovery.json index 315bff4..162ee81 100644 --- a/src/data/iam-services/aws-elastic-disaster-recovery.json +++ b/src/data/iam-services/aws-elastic-disaster-recovery.json @@ -59,7 +59,10 @@ "aws:RequestTag/${TagKey}", "aws:TagKeys" ], - "dependentActions": [] + "dependentActions": [ + "drs:DescribeSourceServers", + "drs:GetReplicationConfiguration" + ] }, { "name": "CreateRecoveryInstanceForDrs", @@ -85,16 +88,15 @@ "aws:RequestTag/${TagKey}", "aws:TagKeys" ], - "dependentActions": [] - }, - { - "name": "CreateSessionForDrs", - "documentationUrl": "https://docs.aws.amazon.com/drs/latest/userguide/drs-apis.html", - "description": "Grants permission to create a session", - "accessLevel": "Write", - "resourceTypes": [], - "conditionKeys": [], - "dependentActions": [] + "dependentActions": [ + "ec2:CreateSecurityGroup", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:GetEbsDefaultKmsKeyId", + "ec2:GetEbsEncryptionByDefault", + "kms:CreateGrant", + "kms:DescribeKey" + ] }, { "name": "CreateSourceServerForDrs", @@ -430,7 +432,9 @@ "accessLevel": "Read", "resourceTypes": [], "conditionKeys": [], - "dependentActions": [] + "dependentActions": [ + "drs:DescribeSourceServers" + ] }, { "name": "ListStagingAccounts", @@ -897,7 +901,15 @@ "SourceServerResource*" ], "conditionKeys": [], - "dependentActions": [] + "dependentActions": [ + "ec2:CreateSecurityGroup", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:GetEbsDefaultKmsKeyId", + "ec2:GetEbsEncryptionByDefault", + "kms:CreateGrant", + "kms:DescribeKey" + ] }, { "name": "UpdateReplicationConfigurationTemplate", @@ -908,7 +920,15 @@ "ReplicationConfigurationTemplateResource*" ], "conditionKeys": [], - "dependentActions": [] + "dependentActions": [ + "ec2:CreateSecurityGroup", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:GetEbsDefaultKmsKeyId", + "ec2:GetEbsEncryptionByDefault", + "kms:CreateGrant", + "kms:DescribeKey" + ] } ] } \ No newline at end of file diff --git a/src/data/iam-services/aws-iot-twinmaker.json b/src/data/iam-services/aws-iot-twinmaker.json index 58e1c9e..1d698c5 100644 --- a/src/data/iam-services/aws-iot-twinmaker.json +++ b/src/data/iam-services/aws-iot-twinmaker.json @@ -61,6 +61,20 @@ ], "dependentActions": [] }, + { + "name": "CreateSyncJob", + "documentationUrl": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_CreateSyncJob.html", + "description": "Grants permission to create a sync job", + "accessLevel": "Write", + "resourceTypes": [ + "workspace*" + ], + "conditionKeys": [ + "aws:RequestTag/${TagKey}", + "aws:TagKeys" + ], + "dependentActions": [] + }, { "name": "CreateWorkspace", "documentationUrl": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_CreateWorkspace.html", @@ -109,6 +123,18 @@ "conditionKeys": [], "dependentActions": [] }, + { + "name": "DeleteSyncJob", + "documentationUrl": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_DeleteSyncJob.html", + "description": "Grants permission to delete a sync job", + "accessLevel": "Write", + "resourceTypes": [ + "syncJob*", + "workspace*" + ], + "conditionKeys": [], + "dependentActions": [] + }, { "name": "DeleteWorkspace", "documentationUrl": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_DeleteWorkspace.html", @@ -210,6 +236,18 @@ "conditionKeys": [], "dependentActions": [] }, + { + "name": "GetSyncJob", + "documentationUrl": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_GetSyncJob.html", + "description": "Grants permission to get a sync job", + "accessLevel": "Read", + "resourceTypes": [ + "syncJob*", + "workspace*" + ], + "conditionKeys": [], + "dependentActions": [] + }, { "name": "GetWorkspace", "documentationUrl": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_GetWorkspace.html", @@ -254,6 +292,29 @@ "conditionKeys": [], "dependentActions": [] }, + { + "name": "ListSyncJobs", + "documentationUrl": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_ListSyncJobs.html", + "description": "Grants permission to list all sync jobs in a workspace", + "accessLevel": "List", + "resourceTypes": [ + "workspace*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "ListSyncResources", + "documentationUrl": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_ListSyncResources.html", + "description": "Grants permission to list all sync resources for a sync job", + "accessLevel": "List", + "resourceTypes": [ + "syncJob*", + "workspace*" + ], + "conditionKeys": [], + "dependentActions": [] + }, { "name": "ListTagsForResource", "documentationUrl": "https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/API_ListTagsForResource.html", @@ -263,6 +324,7 @@ "componentType", "entity", "scene", + "syncJob", "workspace" ], "conditionKeys": [ @@ -288,6 +350,7 @@ "componentType", "entity", "scene", + "syncJob", "workspace" ], "conditionKeys": [ @@ -305,6 +368,7 @@ "componentType", "entity", "scene", + "syncJob", "workspace" ], "conditionKeys": [ diff --git a/src/data/iam-services/aws-service-catalog.json b/src/data/iam-services/aws-service-catalog.json index da0a5ef..c1f8c6c 100644 --- a/src/data/iam-services/aws-service-catalog.json +++ b/src/data/iam-services/aws-service-catalog.json @@ -68,7 +68,10 @@ "servicecatalog:Resource" ], "dependentActions": [ - "cloudformation:DescribeStacks" + "cloudformation:DescribeStacks", + "resource-groups:CreateGroup", + "resource-groups:GetGroup", + "resource-groups:Tag" ] }, { @@ -583,7 +586,9 @@ "servicecatalog:ResourceType", "servicecatalog:Resource" ], - "dependentActions": [] + "dependentActions": [ + "resource-groups:DeleteGroup" + ] }, { "name": "DisassociateServiceActionFromProvisioningArtifact", diff --git a/src/data/iam-services/aws-step-functions.json b/src/data/iam-services/aws-step-functions.json index 6c79fa6..8589603 100644 --- a/src/data/iam-services/aws-step-functions.json +++ b/src/data/iam-services/aws-step-functions.json @@ -70,7 +70,19 @@ "description": "Grants permission to describe an execution", "accessLevel": "Read", "resourceTypes": [ - "execution*" + "execution*", + "express*" + ], + "conditionKeys": [], + "dependentActions": [] + }, + { + "name": "DescribeMapRun", + "documentationUrl": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_DescribeMapRun.html", + "description": "Grants permission to describe a map run", + "accessLevel": "Read", + "resourceTypes": [ + "maprun*" ], "conditionKeys": [], "dependentActions": [] @@ -134,11 +146,23 @@ "description": "Grants permission to list the executions of a state machine", "accessLevel": "Read", "resourceTypes": [ + "maprun*", "statemachine*" ], "conditionKeys": [], "dependentActions": [] }, + { + "name": "ListMapRuns", + "documentationUrl": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_ListMapRuns.html", + "description": "Grants permission to list the map runs of an execution", + "accessLevel": "List", + "resourceTypes": [ + "execution*" + ], + "conditionKeys": [], + "dependentActions": [] + }, { "name": "ListStateMachines", "documentationUrl": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_ListStateMachines.html", @@ -249,6 +273,17 @@ ], "dependentActions": [] }, + { + "name": "UpdateMapRun", + "documentationUrl": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_UpdateMapRun.html", + "description": "Grants permission to update a map run", + "accessLevel": "Write", + "resourceTypes": [ + "maprun*" + ], + "conditionKeys": [], + "dependentActions": [] + }, { "name": "UpdateStateMachine", "documentationUrl": "https://docs.aws.amazon.com/step-functions/latest/apireference/API_UpdateStateMachine.html",