Skip to content

Instantly share code, notes, and snippets.

@lavie

lavie/iam.js

Last active June 9, 2018 03:13
Show Gist options
  • Save lavie/0b5082d102b4804707c4ca96ca9d0b5f to your computer and use it in GitHub Desktop.
Save lavie/0b5082d102b4804707c4ca96ca9d0b5f to your computer and use it in GitHub Desktop.
Download ZIP
Every IAM permission in one page
Raw
iam.js
{
"AWS Database Migration Service": {
StringPrefix: "dms",
Actions: ["AddTagsToResource", "CreateEndpoint", "CreateReplicationInstance", "CreateReplicationSubnetGroup", "CreateReplicationTask", "DeleteEndpoint", "DeleteReplicationInstance", "DeleteReplicationSubnetGroup", "DeleteReplicationTask", "DescribeAccountAttributes", "DescribeConnections", "DescribeEndpointTypes", "DescribeEndpoints", "DescribeOrderableReplicationInstances", "DescribeRefreshSchemasStatus", "DescribeReplicationInstances", "DescribeReplicationSubnetGroups", "DescribeReplicationTasks", "DescribeSchemas", "DescribeTableStatistics", "ListTagsForResource", "ModifyEndpoint", "ModifyReplicationInstance", "ModifyReplicationSubnetGroup", "RefreshSchemas", "RemoveTagsFromResource", "StartReplicationTask", "StopReplicationTask", "TestConnection"],
ARNFormat: "arn:aws:dms:<region>:<account>:<resource>",
ARNRegex: "arn:aws:dms:.+",
HasResource: !1
},
"Amazon Mobile Targeting": {
StringPrefix: "mobiletargeting",
Actions: ["CreateImportJob", "CreateCampaign", "CreateSegment", "DeleteAdmChannel", "DeleteApnsChannel", "DeleteApnsSandboxChannel", "DeleteCampaign", "DeleteGcmChannel", "DeleteSegment", "GetAdmChannel", "GetApnsChannel", "GetApnsSandboxChannel", "GetApplicationSettings", "GetCampaign", "GetCampaignActivities", "GetCampaigns", "GetCampaignVersion", "GetCampaignVersions", "GetEndpoint", "GetGcmChannel", "GetImportJob", "GetImportJobs", "GetReports", "GetSegment", "GetSegmentImportJobs", "GetSegments", "GetSegmentVersion", "GetSegmentVersions", "UpdateAdmChannel", "UpdateApnsChannel", "UpdateApnsSandboxChannel", "UpdateApplicationSettings", "UpdateCampaign", "UpdateEndpoint", "UpdateEndpointsBatch", "UpdateGcmChannel", "UpdateSegment"],
ARNFormat: "arn:aws:mobiletargeting:<region>:<account>:<resource>",
ARNRegex: "arn:aws:mobiletargeting:.+",
HasResource: !0
},
"AWS Certificate Manager": {
StringPrefix: "acm",
Actions: ["AddTagsToCertificate", "DeleteCertificate", "DescribeCertificate", "GetCertificate", "ImportCertificate", "ListCertificates", "ListTagsForCertificate", "RemoveTagsFromCertificate", "RequestCertificate", "ResendValidationEmail"],
ARNFormat: "arn:aws:acm:<region>:<account_ID>:<arn_type>/<resource_id>",
ARNRegex: "arn:aws:[w+=/,.@-]+:[w+=/,.@-]*:[0-9]+:[w+=,.@-]+(/[w+=/,.@-]+)*",
HasResource: !0
},
"Amazon EC2 Container Registry": {
StringPrefix: "ecr",
Actions: ["BatchCheckLayerAvailability", "BatchDeleteImage", "BatchGetImage", "CompleteLayerUpload", "CreateRepository", "DeleteRepository", "DeleteRepositoryPolicy", "DescribeRepositories", "GetAuthorizationToken", "GetDownloadUrlForLayer", "GetRepositoryPolicy", "InitiateLayerUpload", "ListImages", "PutImage", "SetRepositoryPolicy", "UploadLayerPart"],
ARNFormat: "arn:aws:ecr:<region>:<account_ID>:repository/<repository_name>",
ARNRegex: "arn:aws:ecr+:[^:]+:[0-9]{12}:repository/.*",
HasResource: !0
},
"Amazon API Gateway": {
StringPrefix: "execute-api",
Actions: ["Invoke", "InvalidateCache"],
ARNFormat: "arn:aws:execute-api:<region>:<account_id>:<api_id>/<stage>/<method>/<api_specific_resource_path>",
ARNRegex: "^arn:aws:execute-api:.+",
HasResource: !0
},
"Manage - Amazon API Gateway": {
StringPrefix: "apigateway",
Actions: ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"],
ARNFormat: "arn:aws:apigateway:<region>::<api_gateway_resource_path>",
ARNRegex: "^arn:aws:apigateway:.+",
HasResource: !0
},
"AWS Application Discovery Service": {
StringPrefix: "discovery",
Actions: ["CreateTags", "DeleteTags", "DescribeAgents", "DescribeConfigurations", "DescribeExportConfigurations", "DescribeTags", "ExportConfigurations", "ListConfigurations", "StartDataCollectionByAgentIds", "StopDataCollectionByAgentIds"]
},
"Amazon AppStream 2.0": {
StringPrefix: "appstream",
ARNRegex: "^arn:aws:appstream:.+",
ARNFormat: "arn:aws:appstream:<region>:<account_ID>:<resourceType>/<resourceid>",
HasResource: !0,
Actions: ["AssociateFleet", "CreateFleet", "CreateStack", "CreateStreamingURL", "DeleteFleet", "DeleteStack", "DescribeFleets", "DescribeImages", "DescribeSessions", "DescribeStacks", "DisassociateFleet", "ExpireSession", "ListAssociatedFleets", "ListAssociatedStacks", "StartFleet", "StopFleet", "UpdateFleet", "UpdateStack"]
},
"AWS Batch": {
StringPrefix: "batch",
Actions: ["CancelJob", "CreateComputeEnvironment", "CreateJobQueue", "DeleteComputeEnvironment", "DeleteJobQueue", "DeregisterJobDefinition", "DescribeComputeEnvironments", "DescribeJobDefinitions", "DescribeJobQueues", "DescribeJobs", "ListJobs", "RegisterJobDefinition", "SubmitJob", "TerminateJob", "UpdateComputeEnvironment", "UpdateJobQueue"]
},
"Amazon Lex": {
StringPrefix: "lex",
ARNRegex: "^arn:aws:lex:.+:[0-9]+:.+",
ARNFormat: "arn:aws:lex:<region>:<account_ID>:<type>:<name>",
HasResource: !0,
Actions: ["CreateBotVersion", "CreateIntentVersion", "CreateSlotTypeVersion", "DeleteBot", "DeleteBotAlias", "DeleteBotChannelAssociation", "DeleteBotVersion", "DeleteIntent", "DeleteIntentVersion", "DeleteSlotType", "DeleteSlotTypeVersion", "DeleteUtterances", "GetBot", "GetBotAlias", "GetBotAliases", "GetBotChannelAssociation", "GetBotChannelAssociations", "GetBuiltinIntent", "GetBuiltinIntents", "GetBuiltinSlotTypes", "GetBots", "GetBotVersions", "GetIntent", "GetIntents", "GetIntentVersions", "GetSlotType", "GetSlotTypes", "GetSlotTypeVersions", "GetUtterancesView", "PostContent", "PostText", "PutBot", "PutBotAlias", "PutIntent", "PutSlotType"],
conditionKeys: ["lex:AssociatedIntents", "lex:AssociatedSlotTypes"]
},
"Amazon Polly": {
StringPrefix: "polly",
ARNRegex: "^arn:aws:polly:.+",
ARNFormat: "arn:aws:polly:<region>:<account_ID>:lexicon/<lexicon name>",
HasResource: !0,
Actions: ["DeleteLexicon", "DescribeVoices", "GetLexicon", "ListLexicons", "PutLexicon", "SynthesizeSpeech"]
},
"Application Auto Scaling": {
StringPrefix: "application-autoscaling",
Actions: ["DeleteScalingPolicy", "DeregisterScalableTarget", "DescribeScalableTargets", "DescribeScalingActivities", "DescribeScalingPolicies", "PutScalingPolicy", "RegisterScalableTarget"]
},
"Auto Scaling": {
StringPrefix: "autoscaling",
Actions: ["AttachInstances", "AttachLoadBalancers", "CompleteLifecycleAction", "CreateAutoScalingGroup", "CreateLaunchConfiguration", "CreateOrUpdateTags", "DeleteAutoScalingGroup", "DeleteLaunchConfiguration", "DeleteLifecycleHook", "DeleteNotificationConfiguration", "DeletePolicy", "DeleteScheduledAction", "DeleteTags", "DescribeAccountLimits", "DescribeAdjustmentTypes", "DescribeAutoScalingGroups", "DescribeAutoScalingInstances", "DescribeAutoScalingNotificationTypes", "DescribeLaunchConfigurations", "DescribeLifecycleHookTypes", "DescribeLifecycleHooks", "DescribeLoadBalancers", "DescribeMetricCollectionTypes", "DescribeNotificationConfigurations", "DescribePolicies", "DescribeScalingActivities", "DescribeScalingProcessTypes", "DescribeScheduledActions", "DescribeTags", "DescribeTerminationPolicyTypes", "DetachInstances", "DetachLoadBalancers", "DisableMetricsCollection", "EnableMetricsCollection", "EnterStandby", "ExecutePolicy", "ExitStandby", "PutLifecycleHook", "PutNotificationConfiguration", "PutScalingPolicy", "PutScheduledUpdateGroupAction", "RecordLifecycleActionHeartbeat", "ResumeProcesses", "SetDesiredCapacity", "SetInstanceHealth", "SetInstanceProtection", "SuspendProcesses", "TerminateInstanceInAutoScalingGroup", "UpdateAutoScalingGroup"]
},
"AWS Budgets": {
StringPrefix: "budgets",
ARNRegex: "^arn:aws:budgets::.+:.+",
ARNFormat: "arn:aws:budgets::<account_ID>:budget/<budgetname>",
HasResource: !0,
Actions: ["ViewBudget", "ModifyBudget"]
},
"AWS Device Farm": {
HasResource: !0,
StringPrefix: "devicefarm",
Actions: ["CreateDevicePool", "CreateNetworkProfile", "CreateProject", "CreateRemoteAccessSession", "CreateUpload", "DeleteDevicePool", "DeleteNetworkProfile", "DeleteProject", "DeleteRemoteAccessSession", "DeleteRun", "DeleteUpload", "GetAccountSettings", "GetDevice", "GetDevicePool", "GetDevicePoolCompatibility", "GetJob", "GetNetworkProfile", "GetOfferingStatus", "GetProject", "GetRemoteAccessSession", "GetRun", "GetSuite", "GetTest", "GetUpload", "InstallToRemoteAccessSession", "ListArtifacts", "ListDevicePools", "ListDevices", "ListJobs", "ListNetworkProfiles", "ListOfferingTransactions", "ListOfferings", "ListProjects", "ListRemoteAccessSessions", "ListRuns", "ListSamples", "ListSuites", "ListTests", "ListUniqueProblems", "ListUploads", "PurchaseOffering", "RenewOffering", "ScheduleRun", "StopRemoteAccessSession", "StopRun", "UpdateDevicePool", "UpdateNetworkProfile", "UpdateProject"]
},
"Elastic Load Balancing": {
ARNRegex: "^arn:aws:elasticloadbalancing:.+",
ARNFormat: "arn:aws:elasticloadbalancing:<region>:<account>:<resourceType>/<resourceid>",
HasResource: !0,
StringPrefix: "elasticloadbalancing",
Actions: ["AddTags", "ApplySecurityGroupsToLoadBalancer", "AttachLoadBalancerToSubnets", "ConfigureHealthCheck", "CreateAppCookieStickinessPolicy", "CreateListener", "CreateLBCookieStickinessPolicy", "CreateLoadBalancer", "CreateLoadBalancerListeners", "CreateLoadBalancerPolicy", "CreateRule", "CreateTargetGroup", "DeleteListener", "DeleteLoadBalancer", "DeleteLoadBalancerListeners", "DeleteLoadBalancerPolicy", "DeleteRule", "DeleteTargetGroup", "DeregisterInstancesFromLoadBalancer", "DeregisterTargets", "DescribeInstanceHealth", "DescribeListeners", "DescribeLoadBalancerAttributes", "DescribeLoadBalancerPolicyTypes", "DescribeLoadBalancerPolicies", "DescribeLoadBalancers", "DescribeRules", "DescribeSSLPolicies", "DescribeTags", "DescribeTargetGroupAttributes", "DescribeTargetGroups", "DescribeTargetHealth", "DetachLoadBalancerFromSubnets", "DisableAvailabilityZonesForLoadBalancer", "EnableAvailabilityZonesForLoadBalancer", "ModifyListener", "ModifyLoadBalancerAttributes", "ModifyRule", "ModifyTargetGroup", "ModifyTargetGroupAttributes", "RegisterTargets", "RegisterInstancesWithLoadBalancer", "RemoveTags", "SetLoadBalancerListenerSSLCertificate", "SetLoadBalancerPoliciesForBackendServer", "SetLoadBalancerPoliciesOfListener", "SetRulePriorities", "SetSecurityGroups", "SetSubnets"]
},
"AWS CloudHSM": {
StringPrefix: "cloudhsm",
ARNFormat: "arn:aws:cloudhsm:<region>:<account>:resourceName",
ARNRegex: "^arn:aws:cloudhsm:.+:.+:.+",
Actions: ["AddTagsToResource", "CreateLunaClient", "CreateHapg", "CreateHsm", "DeleteLunaClient", "DeleteHapg", "DeleteHsm", "DescribeLunaClient", "DescribeHapg", "DescribeHsm", "GetConfig", "ListAvailableZones", "ListLunaClients", "ListHapgs", "ListHsms", "ListTagsForResource", "ModifyLunaClient", "ModifyHapg", "ModifyHsm", "RemoveTagsFromResource"]
},
"AWS Elastic Beanstalk": {
StringPrefix: "elasticbeanstalk",
Actions: ["ApplyEnvironmentManagedAction", "CheckDNSAvailability", "CreateApplication", "CreateApplicationVersion", "CreateConfigurationTemplate", "CreateEnvironment", "CreateStorageLocation", "DeleteApplication", "DeleteApplicationVersion", "DeleteConfigurationTemplate", "DeleteEnvironmentConfiguration", "DescribeApplicationVersions", "DescribeApplications", "DescribeConfigurationOptions", "DescribeConfigurationSettings", "DescribeEnvironmentHealth", "DescribeEnvironmentManagedActions", "DescribeEnvironmentManagedActionHistory", "DescribeEnvironmentResources", "DescribeEnvironments", "DescribeEvents", "DescribeInstancesHealth", "ListAvailableSolutionStacks", "RebuildEnvironment", "RequestEnvironmentInfo", "RestartAppServer", "RetrieveEnvironmentInfo", "SwapEnvironmentCNAMEs", "TerminateEnvironment", "UpdateApplication", "UpdateApplicationResourceLifecycle", "UpdateApplicationVersion", "UpdateConfigurationTemplate", "UpdateEnvironment", "ValidateConfigurationSettings"],
ARNFormat: "arn:aws:elasticbeanstalk:<region>:<account_ID>:<resource_type>/<path_to_resource>",
ARNRegex: "^arn:aws:elasticbeanstalk:.+:.*:.+/.+",
HasResource: !0,
conditionKeys: ["elasticbeanstalk:InApplication", "elasticbeanstalk:FromApplication", "elasticbeanstalk:FromSolutionStack", "elasticbeanstalk:FromApplicationVersion", "elasticbeanstalk:FromConfigurationTemplate", "elasticbeanstalk:FromEnvironment"]
},
"Amazon Route 53": {
ARNFormat: "arn:aws:route53:::<resource>/<id>",
ARNRegex: "^arn:aws:route53:::.+",
HasResource: !0,
StringPrefix: "route53",
Actions: ["AssociateVPCWithHostedZone", "ChangeResourceRecordSets", "ChangeTagsForResource", "CreateHealthCheck", "CreateHostedZone", "CreateReusableDelegationSet", "CreateTrafficPolicy", "CreateTrafficPolicyInstance", "CreateTrafficPolicyVersion", "CreateVPCAssociationAuthorization", "DeleteHealthCheck", "DeleteHostedZone", "DeleteReusableDelegationSet", "DeleteTrafficPolicy", "DeleteTrafficPolicyInstance", "DeleteVPCAssociationAuthorization", "DisableDomainAutoRenew", "DisassociateVPCFromHostedZone", "EnableDomainAutoRenew", "GetChange", "GetCheckerIpRanges", "GetGeoLocation", "GetHealthCheck", "GetHealthCheckCount", "GetHealthCheckLastFailureReason", "GetHealthCheckStatus", "GetHostedZone", "GetHostedZoneCount", "GetReusableDelegationSet", "GetTrafficPolicy", "GetTrafficPolicyInstance", "GetTrafficPolicyInstanceCount", "ListGeoLocations", "ListHealthChecks", "ListHostedZones", "ListHostedZonesByName", "ListResourceRecordSets", "ListReusableDelegationSets", "ListTagsForResource", "ListTagsForResources", "ListTrafficPolicies", "ListTrafficPolicyInstances", "ListTrafficPolicyInstancesByHostedZone", "ListTrafficPolicyInstancesByPolicy", "ListTrafficPolicyVersions", "ListVPCAssociationAuthorizations", "TestDNSAnswer", "UpdateHealthCheck", "UpdateHostedZoneComment", "UpdateTrafficPolicyComment", "UpdateTrafficPolicyInstance"]
},
"AWS CloudFormation": {
ARNRegex: "^arn:aws:cloudformation:.+:[0-9]+:.+",
ARNFormat: "arn:aws:cloudformation:<region>:<account>:<resourceType>/<name>/<id>",
HasResource: !0,
conditionKeys: ["cloudformation:TemplateUrl", "cloudformation:StackPolicyUrl", "cloudformation:ResourceTypes", "cloudformation:ChangeSetName", "cloudformation:RoleArn"],
StringPrefix: "cloudformation",
Actions: ["CancelUpdateStack", "ContinueUpdateRollback", "CreateChangeSet", "CreateStack", "CreateUploadBucket", "DeleteStack", "DescribeAccountLimits", "DescribeChangeSet", "DescribeStackEvents", "DescribeStackResource", "DescribeStackResources", "DescribeStacks", "EstimateTemplateCost", "ExecuteChangeSet", "GetStackPolicy", "GetTemplate", "GetTemplateSummary", "ListChangeSets", "ListStackResources", "ListStacks", "PreviewStackUpdate", "SetStackPolicy", "SignalResource", "UpdateStack", "ValidateTemplate"]
},
"AWS CodePipeline": {
ARNRegex: "arn:aws:codepipeline:.+",
ARNFormat: "arn:aws:codepipeline:<region>:<account_ID>:<path_to_pipeline_resource>",
StringPrefix: "codepipeline",
HasResource: !0,
Actions: ["AcknowledgeJob", "AcknowledgeThirdPartyJob", "CreateCustomActionType", "CreatePipeline", "DeleteCustomActionType", "DeletePipeline", "DisableStageTransition", "EnableStageTransition", "GetJobDetails", "GetPipeline", "GetPipelineState", "GetThirdPartyJobDetails", "ListActionTypes", "ListPipelines", "PollForJobs", "PollForThirdPartyJobs", "PutActionRevision", "PutApprovalResult", "PutJobFailureResult", "PutJobSuccessResult", "PutThirdPartyJobFailureResult", "PutThirdPartyJobSuccessResult", "RetryStageExecution", "StartPipelineExecution", "UpdatePipeline"]
},
"Amazon Cloud Directory": {
StringPrefix: "clouddirectory",
ARNFormat: "arn:aws:clouddirectory:<region>:<accountId>:<relative-id>",
ARNRegex: "^arn:aws:clouddirectory:.+:[0-9]+:(directory|schema)/.+",
Actions: ["AddFacetToObject", "ApplySchema", "AttachObject", "AttachPolicy", "AttachToIndex", "BatchRead", "BatchWrite", "CreateDirectory", "CreateFacet", "CreateIndex", "CreateObject", "CreateSchema", "DeleteDirectory", "DeleteFacet", "DeleteObject", "DeleteSchema", "DetachFromIndex", "DetachObject", "DetachPolicy", "DisableDirectory", "EnableDirectory", "GetDirectory", "GetFacet", "GetObjectInformation", "GetSchemaAsJson", "ListAppliedSchemaArns", "ListAttachedIndices", "ListDevelopmentSchemaArns", "ListDirectories", "ListFacetAttributes", "ListFacetNames", "ListIndex", "ListObjectAttributes", "ListObjectChildren", "ListObjectParents", "ListObjectPolicies", "ListPolicyAttachments", "ListPublishedSchemaArns", "ListTagsForResource", "LookupPolicy", "PublishSchema", "PutSchemaFromJson", "RemoveFacetFromObject", "TagResource", "UntagResource", "UpdateFacet", "UpdateObjectAttributes", "UpdateSchema"]
},
"Amazon CloudSearch": {
StringPrefix: "cloudsearch",
ARNFormat: "arn:aws:cloudsearch:<region>:<account>:<resourceType>/<resourceName>",
ARNRegex: "^arn:aws:cloudsearch:.+:.+:.+",
Actions: ["BuildSuggesters", "CreateDomain", "DefineAnalysisScheme", "DefineExpression", "DefineIndexField", "DefineIndexFields", "DefineSuggester", "DeleteAnalysisScheme", "DeleteDomain", "DeleteExpression", "DeleteIndexField", "DeleteSuggester", "DescribeAnalysisSchemes", "DescribeAvailabilityOptions", "DescribeDomains", "DescribeExpressions", "DescribeIndexFields", "DescribeScalingParameters", "DescribeServiceAccessPolicies", "DescribeSuggesters", "document", "IndexDocuments", "ListDomainNames", "search", "suggest", "UpdateAvailabilityOptions", "UpdateScalingParameters", "UpdateServiceAccessPolicies"]
},
"AWS CloudTrail": {
StringPrefix: "cloudtrail",
ARNFormat: "arn:aws:cloudtrail:<region>:<account>:<resource>",
ARNRegex: "^arn:aws:cloudtrail:.+:[0-9]+:.+",
Actions: ["AddTags", "CreateTrail", "DeleteTrail", "DescribeTrails", "GetEventSelectors", "GetTrailStatus", "ListPublicKeys", "ListTags", "LookupEvents", "PutEventSelectors", "RemoveTags", "StartLogging", "StopLogging", "UpdateTrail"]
},
"AWS Config": {
StringPrefix: "config",
Actions: ["DeleteConfigRule", "DeleteConfigurationRecorder", "DeleteDeliveryChannel", "DeleteEvaluationResults", "DeliverConfigSnapshot", "DescribeComplianceByConfigRule", "DescribeComplianceByResource", "DescribeConfigRuleEvaluationStatus", "DescribeConfigRules", "DescribeConfigurationRecorderStatus", "DescribeConfigurationRecorders", "DescribeDeliveryChannelStatus", "DescribeDeliveryChannels", "GetComplianceDetailsByConfigRule", "GetComplianceDetailsByResource", "GetComplianceSummaryByConfigRule", "GetComplianceSummaryByResourceType", "GetResourceConfigHistory", "GetResources", "GetTagKeys", "ListDiscoveredResources", "PutConfigRule", "PutConfigurationRecorder", "PutDeliveryChannel", "PutEvaluations", "StartConfigRulesEvaluation", "StartConfigurationRecorder", "StopConfigurationRecorder"]
},
"AWS CodeCommit": {
ARNFormat: "arn:aws:codecommit:<region>:<account_ID>:<repository_name>",
ARNRegex: "^arn:aws:codecommit:.+",
StringPrefix: "codecommit",
Actions: ["BatchGetRepositories", "CreateBranch", "DeleteBranch", "CreateRepository", "DeleteRepository", "GetBlob", "GetBranch", "GetCommit", "GetDifferences", "GetObjectIdentifier", "GetReferences", "GetRepository", "GetRepositoryTriggers", "GetTree", "GitPull", "GitPush", "ListBranches", "ListRepositories", "PutRepositoryTriggers", "TestRepositoryTriggers", "UpdateDefaultBranch", "UpdateRepositoryDescription", "UpdateRepositoryName"]
},
"Amazon EC2 Spot Fleet": {
StringPrefix: "ec2",
Actions: ["CancelSpotFleetRequests", "DescribeSpotFleetInstances", "DescribeSpotFleetRequests", "DescribeSpotFleetRequestHistory", "ModifySpotFleetRequest", "RequestSpotFleet"]
},
"AWS CodeDeploy": {
ARNFormat: "arn:aws:codedeploy:region:account:resource-type:resource-specifier",
ARNRegex: "^arn:aws:codedeploy:.+",
StringPrefix: "codedeploy",
Actions: ["AddTagsToOnPremisesInstances", "BatchGetApplicationRevisions", "BatchGetApplications", "BatchGetDeploymentGroups", "BatchGetDeploymentInstances", "BatchGetDeployments", "BatchGetOnPremisesInstances", "CreateApplication", "CreateDeployment", "CreateDeploymentConfig", "CreateDeploymentGroup", "DeleteApplication", "DeleteDeploymentConfig", "DeleteDeploymentGroup", "DeregisterOnPremisesInstance", "GetApplication", "GetApplicationRevision", "GetDeployment", "GetDeploymentConfig", "GetDeploymentGroup", "GetDeploymentInstance", "GetOnPremisesInstance", "ListApplicationRevisions", "ListApplications", "ListDeploymentConfigs", "ListDeploymentGroups", "ListDeploymentInstances", "ListDeployments", "ListOnPremisesInstances", "RegisterApplicationRevision", "RegisterOnPremisesInstance", "RemoveTagsFromOnPremisesInstances", "StopDeployment", "UpdateApplication", "UpdateDeploymentGroup"]
},
"Amazon Elastic File System": {
ARNFormat: "arn:aws:elasticfilesystem:<region>:<account-id>:file-system/<file-system-id>",
ARNRegex: "^arn:aws:elasticfilesystem:.+",
HasResource: !0,
StringPrefix: "elasticfilesystem",
Actions: ["CreateFileSystem", "CreateTags", "DescribeTags", "DeleteTags", "CreateMountTarget", "ModifyMountTargetSecurityGroups", "DescribeMountTargetSecurityGroups", "DescribeFileSystems", "DescribeMountTargets", "DeleteMountTarget", "DeleteFileSystem"]
},
"Amazon Elastic Transcoder": {
ARNFormat: "arn:aws:elastictranscoder:<region>:<account>:<resourceType>/<resourceId>",
ARNRegex: "^arn:aws:elastictranscoder:.+",
StringPrefix: "elastictranscoder",
Actions: ["CancelJob", "CreateJob", "CreatePipeline", "CreatePreset", "DeletePipeline", "DeletePreset", "ListJobsByPipeline", "ListJobsByStatus", "ListPipelines", "ListPresets", "ReadJob", "ReadPipeline", "ReadPreset", "TestRole", "UpdatePipeline", "UpdatePipelineNotifications", "UpdatePipelineStatus"]
},
"Amazon CloudWatch": {
StringPrefix: "cloudwatch",
Actions: ["DeleteAlarms", "DescribeAlarmHistory", "DescribeAlarms", "DescribeAlarmsForMetric", "DisableAlarmActions", "EnableAlarmActions", "GetMetricData", "GetMetricStatistics", "ListMetrics", "PutMetricAlarm", "PutMetricData", "SetAlarmState"]
},
"Amazon CloudWatch Events": {
ARNFormat: "arn:aws:<serviceName>:<region>:<account>:<resourceType>/<resourceName>",
ARNRegex: "^arn:aws:.+",
HasResource: !0,
StringPrefix: "events",
Actions: ["DeleteRule", "DescribeRule", "DisableRule", "EnableRule", "ListRuleNamesByTarget", "ListRules", "ListTargetsByRule", "PutEvents", "PutRule", "PutTargets", "RemoveTargets", "TestEventPattern"],
conditionKeys: ["events:source", "events:detail-type", "events:detail.userIdentity.principalId", "events:TargetArn"]
},
"AWS Health APIs and Notifications": {
StringPrefix: "health",
ARNRegex: "^arn:aws:health:.+",
ARNFormat: "arn:aws:health:.+:.+:.+",
HasResource: !0,
Actions: ["DescribeAffectedEntities", "DescribeEntityAggregates", "DescribeEventAggregates", "DescribeEvents", "DescribeEventDetails", "DescribeEventTypes"]
},
"AWS Identity and Access Management": {
ARNFormat: "arn:aws:iam::<namespace>:<relative-id>",
ARNRegex: "^arn:aws:iam::.+",
HasResource: !0,
StringPrefix: "iam",
Actions: ["AddRoleToInstanceProfile", "AddUserToGroup", "AddClientIDToOpenIDConnectProvider", "AttachGroupPolicy", "AttachRolePolicy", "AttachUserPolicy", "ChangePassword", "CreateAccessKey", "CreateAccountAlias", "CreateGroup", "CreateInstanceProfile", "CreateLoginProfile", "CreateOpenIDConnectProvider", "CreatePolicy", "CreatePolicyVersion", "CreateRole", "CreateSAMLProvider", "CreateUser", "CreateVirtualMFADevice", "DeactivateMFADevice", "DeleteAccessKey", "DeleteAccountAlias", "DeleteAccountPasswordPolicy", "DeleteGroup", "DeleteGroupPolicy", "DeleteInstanceProfile", "DeleteLoginProfile", "DeleteOpenIDConnectProvider", "DeletePolicy", "DeletePolicyVersion", "DeleteRole", "DeleteRolePolicy", "DeleteSAMLProvider", "DeleteSSHPublicKey", "DeleteServerCertificate", "DeleteSigningCertificate", "DeleteUser", "DeleteUserPolicy", "DeleteVirtualMFADevice", "DetachGroupPolicy", "DetachRolePolicy", "DetachUserPolicy", "EnableMFADevice", "GenerateCredentialReport", "GenerateServiceLastAccessedDetails", "GetAccessKeyLastUsed", "GetAccountAuthorizationDetails", "GetAccountPasswordPolicy", "GetAccountSummary", "GetContextKeysForCustomPolicy", "GetContextKeysForPrincipalPolicy", "GetCredentialReport", "GetGroup", "GetGroupPolicy", "GetInstanceProfile", "GetLoginProfile", "GetOpenIDConnectProvider", "GetPolicy", "GetPolicyVersion", "GetRole", "GetRolePolicy", "GetSAMLProvider", "GetSSHPublicKey", "GetServerCertificate", "GetServiceLastAccessedDetails", "GetServiceLastAccessedDetailsWithEntities", "GetUser", "GetUserPolicy", "ListAccessKeys", "ListAccountAliases", "ListAttachedGroupPolicies", "ListAttachedRolePolicies", "ListAttachedUserPolicies", "ListEntitiesForPolicy", "ListGroupPolicies", "ListGroups", "ListGroupsForUser", "ListInstanceProfiles", "ListInstanceProfilesForRole", "ListMFADevices", "ListOpenIDConnectProviders", "ListPolicies", "ListPoliciesGrantingServiceAccess", "ListPolicyVersions", "ListRolePolicies", "ListRoles", "ListSAMLProviders", "ListSSHPublicKeys", "ListServerCertificates", "ListSigningCertificates", "ListUserPolicies", "ListUsers", "ListVirtualMFADevices", "PassRole", "PutGroupPolicy", "PutRolePolicy", "PutUserPolicy", "RemoveClientIDFromOpenIDConnectProvider", "RemoveRoleFromInstanceProfile", "RemoveUserFromGroup", "ResyncMFADevice", "SetDefaultPolicyVersion", "SimulateCustomPolicy", "SimulatePrincipalPolicy", "UpdateAccessKey", "UpdateAccountPasswordPolicy", "UpdateAssumeRolePolicy", "UpdateGroup", "UpdateLoginProfile", "UpdateOpenIDConnectProviderThumbprint", "UpdateSAMLProvider", "UpdateSSHPublicKey", "UpdateServerCertificate", "UpdateSigningCertificate", "UpdateUser", "UploadSSHPublicKey", "UploadServerCertificate", "UploadSigningCertificate"],
conditionKeys: ["iam:PolicyArn"]
},
"AWS Import Export": {
StringPrefix: "importexport",
Actions: ["CreateJob", "UpdateJob", "CancelJob", "ListJobs", "GetStatus", "GetShippingLabel"]
},
"AWS Import Export Snowball": {
StringPrefix: "snowball",
Actions: ["CancelCluster", "CancelJob", "CreateAddress", "CreateCluster", "CreateJob", "DescribeAddress", "DescribeAddresses", "DescribeCluster", "DescribeJob", "GetJobManifest", "GetJobUnlockCode", "GetSnowballUsage", "ListClusterJobs", "ListClusters", "ListJobs", "UpdateCluster", "UpdateJob"]
},
"Amazon Kinesis": {
ARNFormat: "arn:aws:kinesis:<region>:<account>:<resourceType>/<resourceName>",
ARNRegex: "^arn:aws:kinesis:.+",
HasResource: !0,
StringPrefix: "kinesis",
Actions: ["AddTagsToStream", "CreateStream", "DecreaseStreamRetentionPeriod", "DeleteStream", "DescribeLimits", "DescribeStream", "DisableEnhancedMonitoring", "EnableEnhancedMonitoring", "GetShardIterator", "GetRecords", "IncreaseStreamRetentionPeriod", "ListStreams", "ListTagsForStream", "MergeShards", "PutRecord", "PutRecords", "RemoveTagsFromStream", "SplitShard", "UpdateShardCount"]
},
"Amazon SimpleDB": {
ARNFormat: "arn:aws:sdb:<region>:<account_ID>:domain/<domain_name>",
ARNRegex: "^arn:aws:sdb:.+",
HasResource: !0,
StringPrefix: "sdb",
Actions: ["BatchDeleteAttributes", "BatchPutAttributes", "CreateDomain", "DeleteAttributes", "DeleteDomain", "DomainMetadata", "GetAttributes", "ListDomains", "PutAttributes", "Select"]
},
"AWS Lambda": {
ARNFormat: "arn:aws:lambda:<region>:<account>:function:<functionName>",
ARNRegex: "^arn:aws:lambda:.+",
StringPrefix: "lambda",
HasResource: !0,
Actions: ["AddPermission", "CreateAlias", "CreateEventSourceMapping", "CreateFunction", "DeleteAlias", "DeleteEventSourceMapping", "DeleteFunction", "GetAccountSettings", "GetAlias", "GetEventSourceMapping", "GetFunction", "GetFunctionConfiguration", "GetPolicy", "InvokeAsync", "InvokeFunction", "ListAliases", "ListEventSourceMappings", "ListFunctions", "ListVersionsByFunction", "PublishVersion", "RemovePermission", "UpdateAlias", "UpdateEventSourceMapping", "UpdateFunctionCode", "UpdateFunctionConfiguration"]
},
"AWS Mobile Hub": {
ARNFormat: "arn:aws:mobilehub:<region>:<aws_account_ID>:project/<project_ID>",
ARNRegex: "^arn:aws:mobilehub:.+:[0-9]+:.+",
HasResource: !0,
StringPrefix: "mobilehub",
Actions: ["CreateProject", "CreateServiceRole", "DeleteProject", "GenerateProjectParameters", "GetProject", "ListAvailableFeatures", "ListAvailableRegions", "ListProjects", "UpdateProject", "ValidateProject", "VerifyServiceRole"]
},
"Amazon Simple Systems Manager": {
ARNFormat: "arn:aws:ssm:<region>:<account_ID>:<document_name>",
ARNRegex: "^arn:aws:(ssm|ec2):.+",
HasResource: !0,
StringPrefix: "ssm",
Actions: ["AddTagsToResource", "CancelCommand", "CreateActivation", "CreateAssociation", "CreateAssociationBatch", "CreateDocument", "CreateMaintenanceWindow", "CreatePatchBaseline", "DeleteActivation", "DeleteAssociation", "DeleteDocument", "DeleteMaintenanceWindow", "DeleteParameter", "DeletePatchBaseline", "DeregisterManagedInstance", "DeregisterPatchBaselineForPatchGroup", "DeregisterTargetFromMaintenanceWindow", "DeregisterTaskFromMaintenanceWindow", "DescribeActivations", "DescribeAssociation", "DescribeAutomationActions", "DescribeAutomationExecutions", "DescribeAvailablePatches", "DescribeDocument", "DescribeDocumentPermission", "DescribeEffectiveInstanceAssociations", "DescribeEffectivePatchesForPatchBaseline", "DescribeInstanceAssociationsStatus", "DescribeInstanceInformation", "DescribeInstancePatches", "DescribeInstancePatchStates", "DescribeInstancePatchStatesForPatchGroup", "DescribeMaintenanceWindowExecutions", "DescribeMaintenanceWindowExecutionTaskInvocations", "DescribeMaintenanceWindowExecutionTasks", "DescribeMaintenanceWindows", "DescribeMaintenanceWindowTargets", "DescribeMaintenanceWindowTasks", "DescribeParameters", "DescribePatchBaselines", "DescribePatchGroups", "DescribePatchGroupState", "GetCommandInvocation", "GetDefaultPatchBaseline", "GetDeployablePatchSnapshotForInstance", "GetInventory", "GetInventorySchema", "GetDocument", "GetMaintenanceWindow", "GetMaintenanceWindowExecution", "GetMaintenanceWindowExecutionTask", "GetParameterHistory", "GetParameters", "GetPatchBaseline", "GetPatchBaselineForPatchGroup", "ListAssociations", "ListCommandInvocations", "ListCommands", "ListDocuments", "ListDocumentVersions", "ListInstanceAssociations", "ListInventoryEntries", "ListTagsForResource", "ModifyDocumentPermission", "PutInventory", "PutParameter", "RegisterDefaultPatchBaseline", "RegisterPatchBaselineForPatchGroup", "RegisterTargetWithMaintenanceWindow", "RegisterTaskWithMaintenanceWindow", "RemoveTagsFromResource", "SendCommand", "StartAssociationsOnce", "UpdateAssociation", "UpdateAssociationStatus", "UpdateDocument", "UpdateDocumentDefaultVersion", "UpdateInstanceAssociationStatus", "UpdateMaintenanceWindow", "UpdateManagedInstanceRole", "UpdatePatchBaseline"]
},
"Amazon Simple Workflow Service": {
ARNFormat: "arn:aws:swf:<region>:<account>:/<domain>/<domainName>",
ARNRegex: "^arn:aws:swf:.+",
StringPrefix: "swf",
Actions: ["CancelTimer", "CancelWorkflowExecution", "CompleteWorkflowExecution", "ContinueAsNewWorkflowExecution", "CountClosedWorkflowExecutions", "CountOpenWorkflowExecutions", "CountPendingActivityTasks", "CountPendingDecisionTasks", "DeprecateActivityType", "DeprecateDomain", "DeprecateWorkflowType", "DescribeActivityType", "DescribeDomain", "DescribeWorkflowExecution", "DescribeWorkflowType", "FailWorkflowExecution", "GetWorkflowExecutionHistory", "ListActivityTypes", "ListClosedWorkflowExecutions", "ListDomains", "ListOpenWorkflowExecutions", "ListWorkflowTypes", "PollForActivityTask", "PollForDecisionTask", "RecordActivityTaskHeartbeat", "RecordMarker", "RegisterActivityType", "RegisterDomain", "RegisterWorkflowType", "RequestCancelActivityTask", "RequestCancelExternalWorkflowExecution", "RequestCancelWorkflowExecution", "RespondActivityTaskCanceled", "RespondActivityTaskCompleted", "RespondActivityTaskFailed", "RespondDecisionTaskCompleted", "ScheduleActivityTask", "SignalExternalWorkflowExecution", "SignalWorkflowExecution", "StartChildWorkflowExecution", "StartTimer", "StartWorkflowExecution", "TerminateWorkflowExecution"],
conditionKeys: ["swf:activityType.name", "swf:activityType.version", "swf:defaultTaskList.name", "swf:name", "swf:tagFilter.tag", "swf:taskList.name", "swf:typeFilter.name", "swf:typeFilter.version", "swf:version", "swf:workflowType.name", "swf:workflowType.version", "swf:workflowTypeVersion"]
},
"Amazon Storage Gateway": {
ARNFormat: "arn:aws:storagegateway:us-east-1:<account>:<resourceType>/<resourceName>",
ARNRegex: "^arn:aws:storagegateway:.+",
StringPrefix: "storagegateway",
Actions: ["ActivateGateway", "AddCache", "AddUploadBuffer", "AddWorkingStorage", "CancelArchival", "CancelRetrieval", "CreateCachediSCSIVolume", "CreateSnapshot", "CreateSnapshotFromVolumeRecoveryPoint", "CreateStorediSCSIVolume", "CreateTapes", "CreateTapeWithBarcode", "DeleteBandwidthRateLimit", "DeleteChapCredentials", "DeleteGateway", "DeleteSnapshotSchedule", "DeleteTape", "DeleteTapeArchive", "DeleteVolume", "DescribeBandwidthRateLimit", "DescribeCache", "DescribeCachediSCSIVolumes", "DescribeChapCredentials", "DescribeGatewayInformation", "DescribeMaintenanceStartTime", "DescribeSnapshotSchedule", "DescribeStorediSCSIVolumes", "DescribeTapeArchives", "DescribeTapeRecoveryPoints", "DescribeTapes", "DescribeUploadBuffer", "DescribeVTLDevices", "DescribeWorkingStorage", "DisableGateway", "ListGateways", "ListLocalDisks", "ListTagsForResource", "ListTapes", "ListVolumeRecoveryPoints", "ListVolumes", "RetrieveTapeArchive", "RetrieveTapeRecoveryPoint", "SetLocalConsolePassword", "ShutdownGateway", "StartGateway", "UpdateBandwidthRateLimit", "UpdateChapCredentials", "UpdateGatewayInformation", "UpdateGatewaySoftwareNow", "UpdateMaintenanceStartTime", "UpdateSnapshotSchedule"]
},
"Amazon SQS": {
ARNFormat: "arn:aws:sqs:<region>:<account_ID>:<queue_name>",
ARNRegex: "^arn:aws:sqs:.+",
HasResource: !0,
StringPrefix: "sqs",
Actions: ["AddPermission", "ChangeMessageVisibility", "ChangeMessageVisibilityBatch", "CreateQueue", "DeleteMessage", "DeleteMessageBatch", "DeleteQueue", "GetQueueAttributes", "GetQueueUrl", "ListDeadLetterSourceQueues", "ListQueues", "PurgeQueue", "ReceiveMessage", "RemovePermission", "SendMessage", "SendMessageBatch", "SetQueueAttributes"]
},
"Amazon SES": {
StringPrefix: "ses",
Actions: ["CloneReceiptRuleSet", "CreateReceiptFilter", "CreateReceiptRule", "CreateReceiptRuleSet", "DeleteIdentity", "DeleteIdentityPolicy", "DeleteReceiptFilter", "DeleteReceiptRule", "DeleteReceiptRuleSet", "DeleteVerifiedEmailAddress", "DescribeActiveReceiptRuleSet", "DescribeReceiptRule", "DescribeReceiptRuleSet", "GetIdentityDkimAttributes", "GetIdentityNotificationAttributes", "GetIdentityPolicies", "GetIdentityVerificationAttributes", "GetSendQuota", "GetSendStatistics", "ListIdentities", "ListIdentityPolicies", "ListReceiptFilters", "ListReceiptRuleSets", "ListVerifiedEmailAddresses", "PutIdentityPolicy", "ReorderReceiptRuleSet", "SendBounce", "SendEmail", "SendRawEmail", "SetActiveReceiptRuleSet", "SetIdentityDkimEnabled", "SetIdentityNotificationTopic", "SetIdentityFeedbackForwardingEnabled", "SetReceiptRulePosition", "UpdateReceiptRule", "VerifyDomainDkim", "VerifyDomainIdentity", "VerifyEmailAddress", "VerifyEmailIdentity"],
conditionKeys: ["ses:Recipients", "ses:FromAddress", "ses:FromDisplayName", "ses:FeedbackAddress"]
},
"Amazon Redshift": {
StringPrefix: "redshift",
ARNFormat: "arn:aws:redshift:<region>:<accountID>:<relative-id>",
ARNRegex: "^arn:aws:redshift:.+:.+:.+",
HasResource: !0,
Actions: ["AuthorizeClusterSecurityGroupIngress", "AuthorizeSnapshotAccess", "CancelQuerySession", "CopyClusterSnapshot", "CreateCluster", "CreateClusterUser", "CreateClusterParameterGroup", "CreateClusterSecurityGroup", "CreateClusterSnapshot", "CreateClusterSubnetGroup", "CreateEventSubscription", "CreateHsmClientCertificate", "CreateHsmConfiguration", "CreateTags", "DeleteCluster", "DeleteClusterParameterGroup", "DeleteClusterSecurityGroup", "DeleteClusterSnapshot", "DeleteClusterSubnetGroup", "DeleteEventSubscription", "DeleteHsmClientCertificate", "DeleteHsmConfiguration", "DeleteTags", "DescribeClusterParameterGroups", "DescribeClusterParameters", "DescribeClusterSecurityGroups", "DescribeClusterSnapshots", "DescribeClusterSubnetGroups", "DescribeClusterVersions", "DescribeClusters", "DescribeDefaultClusterParameters", "DescribeEventCategories", "DescribeEventSubscriptions", "DescribeEvents", "DescribeHsmClientCertificates", "DescribeHsmConfigurations", "DescribeLoggingStatus", "DescribeOrderableClusterOptions", "DescribeReservedNodeOfferings", "DescribeReservedNodes", "DescribeResize", "DescribeTags", "DisableLogging", "DisableSnapshotCopy", "EnableLogging", "EnableSnapshotCopy", "GetClusterCredentials", "JoinGroup", "ModifyCluster", "ModifyClusterParameterGroup", "ModifyClusterSubnetGroup", "ModifyEventSubscription", "ModifySnapshotCopyRetentionPeriod", "PurchaseReservedNodeOffering", "RebootCluster", "ResetClusterParameterGroup", "RestoreFromClusterSnapshot", "RevokeClusterSecurityGroupIngress", "RevokeSnapshotAccess", "RotateEncryptionKey", "ViewQueriesInConsole"],
conditionKeys: ["redshift:DbUser", "redshift:DbName", "redshift:DurationSeconds"]
},
"Amazon RDS": {
ARNRegex: "^arn:aws:rds:.+",
StringPrefix: "rds",
Actions: ["AddTagsToResource", "AddSourceIdentifierToSubscription", "ApplyPendingMaintenanceAction", "AuthorizeDBSecurityGroupIngress", "CopyDBClusterSnapshot", "CopyDBParameterGroup", "CopyDBSnapshot", "CopyOptionGroup", "CreateDBClusterParameterGroup", "CreateDBClusterSnapshot", "CreateDBCluster", "CreateDBInstance", "CreateDBInstanceReadReplica", "CreateDBParameterGroup", "CreateDBSecurityGroup", "CreateDBSnapshot", "CreateDBSubnetGroup", "CreateEventSubscription", "CreateOptionGroup", "DeleteDBClusterParameterGroup", "DeleteDBClusterSnapshot", "DeleteDBCluster", "DeleteDBInstance", "DeleteDBParameterGroup", "DeleteDBSecurityGroup", "DeleteDBSnapshot", "DeleteDBSubnetGroup", "DeleteEventSubscription", "DeleteOptionGroup", "DescribeAccountAttributes", "DescribeCertificates", "DescribeEngineDefaultClusterParameters", "DescribeEngineDefaultParameters", "DescribeDBClusterParameterGroups", "DescribeDBClusterParameters", "DescribeDBClusterSnapshots", "DescribeDBClusters", "DescribeDBInstances", "DescribeDBLogFiles", "DescribeDBParameterGroups", "DescribeDBParameters", "DescribeDBSecurityGroups", "DescribeDBSnapshotAttributes", "DescribeDBSnapshots", "DescribeDBEngineVersions", "DescribeDBSubnetGroups", "DescribeEventCategories", "DescribeEvents", "DescribeEventSubscriptions", "DescribeOptionGroups", "DescribeOptionGroupOptions", "DescribeOrderableDBInstanceOptions", "DescribePendingMaintenanceActions", "DescribeReservedDBInstances", "DescribeReservedDBInstancesOfferings", "DownloadCompleteDBLogFile", "DownloadDBLogFilePortion", "FailoverDBCluster", "ListTagsForResource", "ModifyDBClusterParameterGroup", "ModifyDBCluster", "ModifyDBInstance", "ModifyDBParameterGroup", "ModifyDBSnapshotAttribute", "ModifyDBSubnetGroup", "ModifyEventSubscription", "ModifyOptionGroup", "PromoteReadReplica", "PurchaseReservedDBInstancesOffering", "RebootDBInstance", "RemoveSourceIdentifierFromSubscription", "RemoveTagsFromResource", "RestoreDBClusterFromSnapshot", "RestoreDBClusterToPointInTime", "RestoreDBInstanceFromDBSnapshot", "RestoreDBInstanceToPointInTime", "ResetDBClusterParameterGroup", "ResetDBParameterGroup", "RevokeDBSecurityGroupIngress"],
conditionKeys: ["rds:DatabaseClass", "rds:DatabaseEngine", "rds:DatabaseName", "rds:MultiAz", "rds:Piops", "rds:StorageSize", "rds:Vpc", "rds:db-tag", "rds:es-tag", "rds:og-tag", "rds:pg-tag", "rds:req-tag", "rds:secgrp-tag", "rds:snapshot-tag", "rds:subgrp-tag"]
},
"Amazon Elastic MapReduce": {
StringPrefix: "elasticmapreduce",
Actions: ["AddInstanceGroups", "AddTags", "AddJobFlowSteps", "CreateSecurityConfiguration", "DeleteSecurityConfiguration", "DescribeCluster", "DescribeJobFlows", "DescribeSecurityConfiguration", "DescribeStep", "ListBootstrapActions", "ListClusters", "ListInstanceGroups", "ListInstances", "ListSecurityConfigurations", "ListSteps", "ModifyInstanceGroups", "RemoveTags", "RunJobFlow", "SetTerminationProtection", "SetVisibleToAllUsers", "TerminateJobFlows", "ViewEventsFromAllClustersInConsole"],
conditionKeys: ["elasticmapreduce:ResourceTag", "elasticmapreduce:RequestTag"]
},
"Amazon SNS": {
ARNFormat: "arn:aws:sns:<region>:<account_ID>:<topic_name>",
ARNRegex: "^arn:aws:sns:.+",
HasResource: !0,
conditionKeys: ["aws:SourceArn", "sns:Endpoint", "sns:Protocol"],
StringPrefix: "sns",
Actions: ["AddPermission", "CheckIfPhoneNumberIsOptedOut", "ConfirmSubscription", "CreatePlatformApplication", "CreatePlatformEndpoint", "CreateTopic", "DeleteEndpoint", "DeletePlatformApplication", "DeleteTopic", "GetEndpointAttributes", "GetPlatformApplicationAttributes", "GetSMSAttributes", "GetSubscriptionAttributes", "GetTopicAttributes", "ListEndpointsByPlatformApplication", "ListPhoneNumbersOptedOut", "ListPlatformApplications", "ListSubscriptions", "ListSubscriptionsByTopic", "ListTopics", "OptInPhoneNumber", "Publish", "RemovePermission", "SetEndpointAttributes", "SetPlatformApplicationAttributes", "SetSMSAttributes", "SetSubscriptionAttributes", "SetTopicAttributes", "Subscribe", "Unsubscribe"]
},
"Amazon S3": {
ARNFormat: "arn:aws:s3:::<bucket_name>/<key_name>",
ARNRegex: "^arn:aws:s3:::.+",
HasResource: !0,
conditionKeys: ["s3:x-amz-acl", "s3:x-amz-copy-source", "s3:x-amz-metadata-directive", "s3:x-amz-server-side-encryption", "s3:VersionId", "s3:LocationConstraint", "s3:delimiter", "s3:max-keys", "s3:prefix", "s3:x-amz-server-side-encryption-aws-kms-key-id"],
StringPrefix: "s3",
Actions: ["AbortMultipartUpload", "CreateBucket", "DeleteBucket", "DeleteBucketPolicy", "DeleteBucketWebsite", "DeleteObject", "DeleteObjectVersion", "GetAccelerateConfiguration", "GetBucketAcl", "GetBucketCORS", "GetBucketLocation", "GetBucketLogging", "GetBucketNotification", "GetBucketPolicy", "GetBucketRequestPayment", "GetBucketTagging", "GetBucketVersioning", "GetBucketWebsite", "GetLifecycleConfiguration", "GetObject", "GetObjectAcl", "GetObjectTagging", "GetObjectTorrent", "GetObjectVersion", "GetObjectVersionAcl", "GetObjectVersionTagging", "GetObjectVersionTorrent", "GetReplicationConfiguration", "ListAllMyBuckets", "ListBucket", "ListBucketMultipartUploads", "ListBucketVersions", "ListMultipartUploadParts", "PutAccelerateConfiguration", "PutBucketAcl", "PutBucketCORS", "PutBucketLogging", "PutBucketNotification", "PutBucketPolicy", "PutBucketRequestPayment", "PutBucketTagging", "PutBucketVersioning", "PutBucketWebsite", "PutLifecycleConfiguration", "PutReplicationConfiguration", "PutObject", "PutObjectAcl", "PutObjectTagging", "PutObjectVersionAcl", "PutObjectVersionTagging", "ReplicateDelete", "ReplicateObject", "RestoreObject"]
},
"Amazon EC2": {
ARNRegex: "^arn:aws:ec2:.+",
ARNFormat: "arn:aws:ec2:<region>:<account>:<resourceType>/<resourcePath>",
HasResource: !0,
StringPrefix: "ec2",
Actions: ["AcceptReservedInstancesExchangeQuote", "AcceptVpcPeeringConnection", "AllocateAddress", "AllocateHosts", "AssignPrivateIpAddresses", "AssociateAddress", "AssociateDhcpOptions", "AssociateFpgaImage", "AssociateIamInstanceProfile", "AssociateRouteTable", "AttachClassicLinkVpc", "AttachInternetGateway", "AttachNetworkInterface", "AttachVolume", "AttachVpnGateway", "AuthorizeSecurityGroupEgress", "AuthorizeSecurityGroupIngress", "BundleInstance", "CancelBundleTask", "CancelConversionTask", "CancelExportTask", "CancelImportTask", "CancelReservedInstancesListing", "CancelSpotFleetRequests", "CancelSpotInstanceRequests", "ConfirmProductInstance", "CopyImage", "CopySnapshot", "CreateCustomerGateway", "CreateDhcpOptions", "CreateFlowLogs", "CreateImage", "CreateInstanceExportTask", "CreateInternetGateway", "CreateKeyPair", "CreateNatGateway", "CreateNetworkAcl", "CreateNetworkAclEntry", "CreateNetworkInterface", "CreatePlacementGroup", "CreateReservedInstancesListing", "CreateRoute", "CreateRouteTable", "CreateSecurityGroup", "CreateSnapshot", "CreateSpotDatafeedSubscription", "CreateSubnet", "CreateTags", "CreateVolume", "CreateVpc", "CreateVpcEndpoint", "CreateVpcPeeringConnection", "CreateVpnConnection", "CreateVpnConnectionRoute", "CreateVpnGateway", "DeleteCustomerGateway", "DeleteDhcpOptions", "DeleteFlowLogs", "DeleteInternetGateway", "DeleteKeyPair", "DeleteNatGateway", "DeleteNetworkAcl", "DeleteNetworkAclEntry", "DeleteNetworkInterface", "DeletePlacementGroup", "DeleteRoute", "DeleteRouteTable", "DeleteSecurityGroup", "DeleteSnapshot", "DeleteSpotDatafeedSubscription", "DeleteSubnet", "DeleteTags", "DeleteVolume", "DeleteVpc", "DeleteVpcEndpoints", "DeleteVpcPeeringConnection", "DeleteVpnConnection", "DeleteVpnConnectionRoute", "DeleteVpnGateway", "DeregisterImage", "DescribeAccountAttributes", "DescribeAddresses", "DescribeAvailabilityZones", "DescribeBundleTasks", "DescribeClassicLinkInstances", "DescribeConversionTasks", "DescribeCustomerGateways", "DescribeDhcpOptions", "DescribeExportTasks", "DescribeFlowLogs", "DescribeHosts", "DescribeHostReservations", "DescribeHostReservationOfferings", "DescribeIamInstanceProfileAssociation", "DescribeIdentityIdFormat", "DescribeIdFormat", "DescribeImageAttribute", "DescribeImages", "DescribeImportImageTasks", "DescribeImportSnapshotTasks", "DescribeInstanceAttribute", "DescribeInstanceStatus", "DescribeInstances", "DescribeInternetGateways", "DescribeKeyPairs", "DescribeMovingAddresses", "DescribeNatGateways", "DescribeNetworkAcls", "DescribeNetworkInterfaceAttribute", "DescribeNetworkInterfaces", "DescribePlacementGroups", "DescribePrefixLists", "DescribeRegions", "DescribeReservedInstances", "DescribeReservedInstancesListings", "DescribeReservedInstancesModifications", "DescribeReservedInstancesOfferings", "DescribeRouteTables", "DescribeSecurityGroups", "DescribeSnapshotAttribute", "DescribeSnapshots", "DescribeSpotDatafeedSubscription", "DescribeSpotFleetInstances", "DescribeSpotFleetRequestHistory", "DescribeSpotFleetRequests", "DescribeSpotInstanceRequests", "DescribeSpotPriceHistory", "DescribeStaleSecurityGroups", "DescribeSubnets", "DescribeTags", "DescribeVolumeAttribute", "DescribeVolumesModifications", "DescribeVolumeStatus", "DescribeVolumes", "DescribeVpcAttribute", "DescribeVpcClassicLink", "DescribeVpcEndpointServices", "DescribeVpcEndpoints", "DescribeVpcPeeringConnections", "DescribeVpcs", "DescribeVpnConnections", "DescribeVpnGateways", "DetachClassicLinkVpc", "DetachInternetGateway", "DetachNetworkInterface", "DetachVolume", "DetachVpnGateway", "DisableVgwRoutePropagation", "DisableVpcClassicLink", "DisableVpcClassicLinkDnsSupport", "DescribeVpcClassicLinkDnsSupport", "DisassociateAddress", "DisassociateFpgaImage", "DisassociateIamInstanceProfile", "DisassociateRouteTable", "EnableVgwRoutePropagation", "EnableVolumeIO", "EnableVpcClassicLink", "EnableVpcClassicLinkDnsSupport", "GetConsoleOutput", "GetConsoleScreenshot", "GetHostReservationPurchasePreview", "GetPasswordData", "GetReservedInstancesExchangeQuote", "ImportImage", "ImportInstance", "ImportKeyPair", "ImportSnapshot", "ImportVolume", "ModifyHosts", "ModifyIdentityIdFormat", "ModifyIdFormat", "ModifyImageAttribute", "ModifyInstanceAttribute", "ModifyInstancePlacement", "ModifyNetworkInterfaceAttribute", "ModifyReservedInstances", "ModifySnapshotAttribute", "ModifySpotFleetRequest", "ModifySubnetAttribute", "ModifyVolume", "ModifyVolumeAttribute", "ModifyVpcAttribute", "ModifyVpcEndpoint", "ModifyVpcPeeringConnectionOptions", "MonitorInstances", "MoveAddressToVpc", "PurchaseHostReservation", "PurchaseReservedInstancesOffering", "PurchaseScheduledInstances", "RebootInstances", "RegisterImage", "RejectVpcPeeringConnection", "ReleaseAddress", "ReleaseHosts", "ReplaceIamInstanceProfileAssociation", "ReplaceNetworkAclAssociation", "ReplaceNetworkAclEntry", "ReplaceRoute", "ReplaceRouteTableAssociation", "ReportInstanceStatus", "RequestSpotFleet", "RequestSpotInstances", "ResetImageAttribute", "ResetInstanceAttribute", "ResetNetworkInterfaceAttribute", "ResetSnapshotAttribute", "RestoreAddressToClassic", "RevokeSecurityGroupEgress", "RevokeSecurityGroupIngress", "RunInstances", "RunScheduledInstances", "StartInstances", "StopInstances", "TerminateInstances", "UnassignPrivateIpAddresses", "UnmonitorInstances"],
conditionKeys: ["ec2:AccepterVpc", "ec2:AvailabilityZone", "ec2:EbsOptimized", "ec2:ImageType", "ec2:InstanceProfile", "ec2:InstanceType", "ec2:Owner", "ec2:ParentSnapshot", "ec2:PlacementGroup", "ec2:PlacementGroupStrategy", "ec2:Public", "ec2:Region", "ec2:RequesterVpc", "ec2:ResourceTag", "ec2:RootDeviceType", "ec2:Subnet", "ec2:Tenancy", "ec2:VolumeIops", "ec2:VolumeSize", "ec2:VolumeType", "ec2:Vpc"]
},
"Amazon DynamoDB": {
ARNFormat: "arn:aws:dynamodb:<region>:<accountID>:table/<tablename>",
ARNRegex: "^arn:aws:dynamodb:.+:.+:.+",
HasResource: !0,
StringPrefix: "dynamodb",
Actions: ["BatchGetItem", "BatchWriteItem", "CreateTable", "DeleteItem", "DeleteTable", "DescribeLimits", "DescribeReservedCapacity", "DescribeReservedCapacityOfferings", "DescribeStream", "DescribeTable", "GetItem", "GetRecords", "GetShardIterator", "ListStreams", "ListTables", "ListTagsOfResource", "PurchaseReservedCapacityOfferings", "PutItem", "Query", "Scan", "TagResource", "UpdateItem", "UpdateTable", "UntagResource"],
conditionKeys: ["dynamodb:Attributes", "dynamodb:ReturnValues", "dynamodb:ReturnConsumedCapacity", "dynamodb:Select", "dynamodb:LeadingKeys"]
},
"Amazon Glacier": {
HasResource: !0,
ARNFormat: "arn:aws:glacier:<region>:<accountID>:<relative-id>",
ARNRegex: "^arn:aws:glacier:.+:.+:.+",
StringPrefix: "glacier",
Actions: ["AbortVaultLock", "AddTagsToVault", "AbortMultipartUpload", "CompleteMultipartUpload", "CompleteVaultLock", "CreateVault", "DeleteArchive", "DeleteVault", "DeleteVaultAccessPolicy", "DeleteVaultNotifications", "DescribeJob", "DescribeVault", "GetDataRetrievalPolicy", "GetJobOutput", "GetVaultAccessPolicy", "GetVaultLock", "GetVaultNotifications", "InitiateJob", "InitiateMultipartUpload", "InitiateVaultLock", "ListJobs", "ListMultipartUploads", "ListParts", "ListTagsForVault", "ListVaults", "RemoveTagsFromVault", "SetDataRetrievalPolicy", "SetVaultAccessPolicy", "SetVaultNotifications", "UploadArchive", "UploadMultipartPart"],
conditionKeys: ["glacier:ArchiveAgeInDays"]
},
"Amazon CloudFront": {
StringPrefix: "cloudfront",
Actions: ["CreateCloudFrontOriginAccessIdentity", "CreateDistribution", "CreateInvalidation", "CreateStreamingDistribution", "DeleteCloudFrontOriginAccessIdentity", "DeleteDistribution", "DeleteStreamingDistribution", "GetCloudFrontOriginAccessIdentity", "GetCloudFrontOriginAccessIdentityConfig", "GetDistribution", "GetDistributionConfig", "GetInvalidation", "GetStreamingDistribution", "GetStreamingDistributionConfig", "ListCloudFrontOriginAccessIdentities", "ListDistributions", "ListDistributionsByWebACLId", "ListInvalidations", "ListStreamingDistributions", "UpdateCloudFrontOriginAccessIdentity", "UpdateDistribution", "UpdateStreamingDistribution"]
},
"AWS Security Token Service": {
ARNFormat: "arn:aws:<sts/iam>::<namespace>:<relative-id>",
ARNRegex: "^arn:aws:(sts|iam)::.+",
HasResource: !0,
StringPrefix: "sts",
Actions: ["AssumeRole", "AssumeRoleWithSAML", "AssumeRoleWithWebIdentity", "DecodeAuthorizationMessage", "GetFederationToken", "GetSessionToken"]
},
"Amazon WorkDocs": {
StringPrefix: "workdocs",
Actions: ["ActivateUser", "AddUserToGroup", "CheckAlias", "CreateInstance", "DeactivateUser", "DeleteInstance", "DeregisterDirectory", "DescribeAvailableDirectories", "DescribeInstances", "RegisterDirectory", "RemoveUserFromGroup", "UpdateInstanceAlias"]
},
"AWS Directory Service": {
ARNFormat: "arn:aws:ds:<region>:<account_ID>:<directory-id>",
ARNRegex: "^arn:aws:ds:.+:.+:.+",
HasResource: !0,
StringPrefix: "ds",
Actions: ["AddIpRoutes", "AddTagsToResource", "CancelSchemaExtension", "ConnectDirectory", "CreateAlias", "CreateComputer", "CreateConditionalForwarder", "CreateDirectory", "CreateMicrosoftAD", "CreateSnapshot", "CreateTrust", "DeleteConditionalForwarder", "DeleteDirectory", "DeleteSnapshot", "DeleteTrust", "DeregisterEventTopic", "DescribeConditionalForwarders", "DescribeDirectories", "DescribeEventTopics", "DescribeSnapshots", "DescribeTrusts", "DisableRadius", "DisableSso", "EnableRadius", "EnableSso", "GetDirectoryLimits", "GetSnapshotLimits", "ListIpRoutes", "ListTagsForResource", "ListSchemaExtensions", "RegisterEventTopic", "RemoveIpRoutes", "RemoveTagsFromResource", "RestoreFromSnapshot", "StartSchemaExtension", "UpdateConditionalForwarder", "UpdateRadius", "VerifyTrust"]
},
"Amazon ElastiCache": {
StringPrefix: "elasticache",
Actions: ["AddTagsToResource", "AuthorizeCacheSecurityGroupIngress", "CopySnapshot", "CreateCacheCluster", "CreateCacheParameterGroup", "CreateCacheSecurityGroup", "CreateCacheSubnetGroup", "CreateReplicationGroup", "CreateSnapshot", "DeleteCacheCluster", "DeleteCacheParameterGroup", "DeleteCacheSecurityGroup", "DeleteCacheSubnetGroup", "DeleteReplicationGroup", "DeleteSnapshot", "DescribeCacheClusters", "DescribeCacheEngineVersions", "DescribeCacheParameterGroups", "DescribeCacheParameters", "DescribeCacheSecurityGroups", "DescribeCacheSubnetGroups", "DescribeEngineDefaultParameters", "DescribeEvents", "DescribeReplicationGroups", "DescribeReservedCacheNodes", "DescribeReservedCacheNodesOfferings", "DescribeSnapshots", "ListAllowedNodeTypeModifications", "ListTagsForResource", "ModifyCacheCluster", "ModifyCacheParameterGroup", "ModifyCacheSubnetGroup", "ModifyReplicationGroup", "PurchaseReservedCacheNodesOffering", "RebootCacheCluster", "RemoveTagsFromResource", "ResetCacheParameterGroup", "RevokeCacheSecurityGroupIngress"]
},
"Amazon CloudWatch Logs": {
StringPrefix: "logs",
ARNRegex: "^arn:aws:logs:.+",
ARNFormat: "arn:aws:logs:.+:.+:.+",
HasResource: !0,
Actions: ["CancelExportTask", "CreateExportTask", "CreateLogGroup", "CreateLogStream", "DeleteDestination", "DeleteLogGroup", "DeleteLogStream", "DeleteMetricFilter", "DeleteRetentionPolicy", "DeleteSubscriptionFilter", "DescribeDestinations", "DescribeExportTasks", "DescribeLogGroups", "DescribeLogStreams", "DescribeMetricFilters", "DescribeSubscriptionFilters", "FilterLogEvents", "GetLogEvents", "PutDestination", "PutDestinationPolicy", "PutLogEvents", "PutMetricFilter", "PutRetentionPolicy", "PutSubscriptionFilter", "TestMetricFilter"]
},
"Amazon Cognito Identity": {
StringPrefix: "cognito-identity",
ARNRegex: "^arn:aws:cognito-identity:.+",
ARNFormat: "arn:aws:cognito-identy:<region>:<account>:<resourceType>/<resourcePath>",
Actions: ["CreateIdentityPool", "DeleteIdentityPool", "DeleteIdentities", "DescribeIdentity", "DescribeIdentityPool", "GetIdentityPoolRoles", "GetOpenIdTokenForDeveloperIdentity", "ListIdentities", "ListIdentityPools", "LookupDeveloperIdentity", "MergeDeveloperIdentities", "SetIdentityPoolRoles", "UnlinkDeveloperIdentity", "UpdateIdentityPool"]
},
"Amazon Cognito Sync": {
StringPrefix: "cognito-sync",
ARNRegex: "^arn:aws:cognito-sync:.+",
ARNFormat: "arn:aws:ec2:cognito-sync:<region>:<account>:<resourceType>/<resourcePath>:",
Actions: ["BulkPublish", "DeleteDataset", "DescribeDataset", "DescribeIdentityUsage", "DescribeIdentityPoolUsage", "GetBulkPublishDetails", "GetCognitoEvents", "GetIdentityPoolConfiguration", "ListDatasets", "ListIdentityPoolUsage", "ListRecords", "RegisterDevice", "SetCognitoEvents", "SetIdentityPoolConfiguration", "SubscribeToDataset", "UpdateRecords", "UnsubscribeFromDataset"]
},
"Amazon Cognito User Pools": {
StringPrefix: "cognito-idp",
ARNRegex: "^arn:aws:cognito-idp:.+",
ARNFormat: "arn:aws:cognito-idp:<region>:<account_ID>:userpool/<userPoolId>",
HasResource: !0,
Actions: ["AddCustomAttributes", "AdminAddUserToGroup", "AdminConfirmSignUp", "AdminCreateUser", "AdminDeleteUser", "AdminDeleteUserAttributes", "AdminDisableUser", "AdminEnableUser", "AdminForgetDevice", "AdminGetDevice", "AdminGetUser", "AdminInitiateAuth", "AdminListDevices", "AdminListGroupsForUser", "AdminRemoveUserFromGroup", "AdminResetUserPassword", "AdminRespondToAuthChallenge", "AdminSetUserSettings", "AdminUpdateDeviceStatus", "AdminUpdateUserAttributes", "AdminUserGlobalSignOut", "CreateGroup", "CreateUserImportJob", "CreateUserPool", "CreateUserPoolClient", "DeleteGroup", "DeleteUserPool", "DeleteUserPoolClient", "DescribeUserImportJob", "DescribeUserPool", "DescribeUserPoolClient", "GetCSVHeader", "GetGroup", "ListGroups", "ListUserImportJobs", "ListUserPoolClients", "ListUserPools", "ListUsers", "ListUsersInGroup", "StartUserImportJob", "StopUserImportJob", "UpdateGroup", "UpdateUserPool", "UpdateUserPoolClient"]
},
"Amazon Mobile Analytics": {
ARNFormat: "arn:aws:mobileanalytics:<region>:<account_id>:<app_title>",
ARNRegex: "^arn:aws:mobileanalytics:.+",
StringPrefix: "mobileanalytics",
Actions: ["PutEvents", "GetReports", "GetFinancialReports"]
},
"Amazon Route53 Domains": {
StringPrefix: "route53domains",
Actions: ["CheckDomainAvailability", "DeleteDomain", "DeleteTagsForDomain", "DisableDomainAutoRenew", "DisableDomainTransferLock", "EnableDomainAutoRenew", "EnableDomainTransferLock", "GetContactReachabilityStatus", "GetDomainDetail", "GetDomainSuggestions", "GetOperationDetail", "ListDomains", "ListOperations", "ListTagsForDomain", "RegisterDomain", "RenewDomain", "ResendContactReachabilityEmail", "RetrieveDomainAuthCode", "TransferDomain", "UpdateDomainContact", "UpdateDomainContactPrivacy", "UpdateDomainNameservers", "UpdateTagsForDomain", "ViewBilling"]
},
"AWS Key Management Service": {
StringPrefix: "kms",
ARNFormat: "arn:aws:kms:<region>:<account_id>:<resource_type>/<id>",
ARNRegex: "^arn:aws:kms:.+",
HasResource: !0,
Actions: ["CancelKeyDeletion", "CreateAlias", "CreateGrant", "CreateKey", "Decrypt", "DeleteAlias", "DeleteImportedKeyMaterial", "DescribeKey", "DisableKey", "DisableKeyRotation", "EnableKey", "EnableKeyRotation", "Encrypt", "GenerateDataKey", "GenerateDataKeyWithoutPlaintext", "GenerateRandom", "GetKeyPolicy", "GetKeyRotationStatus", "GetParametersForImport", "ImportKeyMaterial", "ListAliases", "ListGrants", "ListKeyPolicies", "ListKeys", "ListResourceTags", "ListRetirableGrants", "PutKeyPolicy", "ReEncryptFrom", "ReEncryptTo", "ReEncrypt*", "RevokeGrant", "ScheduleKeyDeletion", "TagResource", "UntagResource", "UpdateAlias", "UpdateKeyDescription"],
conditionKeys: ["kms:BypassPolicyLockoutSafetyCheck", "kms:EncryptionContextKeys", "kms:EncryptionContext", "kms:CallerAccount", "kms:GrantOperations", "kms:GrantConstraintType", "kms:GrantIsForAWSResource", "kms:ReEncryptOnSameKey", "kms:ViaService"]
},
"AWS Billing": {
StringPrefix: "aws-portal",
Actions: ["ModifyAccount", "ModifyBilling", "ModifyPaymentMethods", "ViewAccount", "ViewBilling", "ViewPaymentMethods", "ViewUsage"]
},
"AWS CodeStar": {
StringPrefix: "codestar",
ARNFormat: "arn:aws:codestar:<region>:<account_ID>:<resource_type>/<resource_id>",
ARNRegex: "^arn:aws:codestar:.+:[0-9]+:.+",
HasResource: !0,
Actions: ["AssociateTeamMember", "CreateProject", "CreateUserProfile", "DeleteExtendedAccess", "DeleteProject", "DeleteUserProfile", "DescribeProject", "DescribeUserProfile", "DisassociateTeamMember", "GetExtendedAccess", "ListProjects", "ListResources", "ListTeamMembers", "ListUserProfiles", "PutExtendedAccess", "UpdateProject", "UpdateTeamMember", "UpdateUserProfile", "VerifyServiceRole"]
},
"AWS Direct Connect": {
StringPrefix: "directconnect",
Actions: ["AllocateConnectionOnInterconnect", "AllocatePrivateVirtualInterface", "AllocatePublicVirtualInterface", "ConfirmConnection", "ConfirmPrivateVirtualInterface", "ConfirmPublicVirtualInterface", "CreateConnection", "CreateInterconnect", "CreatePrivateVirtualInterface", "CreatePublicVirtualInterface", "DeleteConnection", "DeleteInterconnect", "DeleteVirtualInterface", "DescribeConnections", "DescribeConnectionsOnInterconnect", "DescribeInterconnects", "DescribeLocations", "DescribeVirtualGateways", "DescribeVirtualInterfaces"]
},
"AWS Marketplace": {
StringPrefix: "aws-marketplace",
Actions: ["Subscribe", "Unsubscribe", "ViewSubscriptions"]
},
"AWS Marketplace Metering Service": {
StringPrefix: "aws-marketplace",
Actions: ["MeterUsage", "BatchMeterUsage", "ResolveCustomer"]
},
"AWS Marketplace Management Portal": {
StringPrefix: "aws-marketplace-management",
Actions: ["uploadFiles", "viewMarketing", "viewReports", "viewSupport"]
},
"AWS Service Catalog": {
StringPrefix: "servicecatalog",
Actions: ["AcceptPortfolioShare", "AssociatePrincipalWithPortfolio", "AssociateProductWithPortfolio", "CreateConstraint", "CreatePortfolio", "CreatePortfolioShare", "CreateProduct", "CreateProvisioningArtifact", "DeleteConstraint", "DeletePortfolio", "DeletePortfolioShare", "DeleteProduct", "DeleteProvisioningArtifact", "DescribeConstraint", "DescribePortfolio", "DescribeProduct", "DescribeProductAsAdmin", "DescribeProductView", "DescribeProvisioningArtifact", "DescribeProvisioningParameters", "DescribeRecord", "DisassociatePrincipalFromPortfolio", "DisassociateProductFromPortfolio", "ListAcceptedPortfolioShares", "ListConstraintsForPortfolio", "ListLaunchPaths", "ListPortfolioAccess", "ListPortfolios", "ListPortfoliosForProduct", "ListPrincipalsForPortfolio", "ListProvisioningArtifacts", "ListRecordHistory", "ProvisionProduct", "RejectPortfolioShare", "ScanProvisionedProducts", "SearchProducts", "SearchProductsAsAdmin", "TerminateProvisionedProduct", "UpdateConstraint", "UpdatePortfolio", "UpdateProduct", "UpdateProvisionedProduct", "UpdateProvisioningArtifact"],
conditionKeys: ["servicecatalog:userLevel", "servicecatalog:roleLevel", "servicecatalog:accountLevel"]
},
"AWS Shield": {
StringPrefix: "shield",
ARNRegex: "^arn:aws:shield::[0-9]+:.+/.+",
ARNFormat: "arn:aws:shield::<account_ID>:<resource>/<resource_id>",
HasResource: !0,
Actions: ["CreateProtection", "CreateSubscription", "DeleteProtection", "DeleteSubscription", "DescribeAttack", "DescribeProtection", "DescribeSubscription", "ListAttacks", "ListProtections"]
},
"AWS Step Functions": {
StringPrefix: "states",
ARNRegex: "^arn:aws:states:.+:[0-9]+:.+:.+",
ARNFormat: "arn:aws:states:.+:<account_ID>:<resource>:<resource_id>",
HasResource: !0,
Actions: ["CreateActivity", "CreateStateMachine", "DeleteActivity", "DeleteStateMachine", "DescribeActivity", "DescribeExecution", "DescribeStateMachine", "GetActivityTask", "GetExecutionHistory", "ListActivities", "ListExecutions", "ListStateMachines", "SendTaskFailure", "SendTaskHeartbeat", "SendTaskSuccess", "StartExecution", "StopExecution"]
},
"AWS Trusted Advisor": {
StringPrefix: "trustedadvisor",
ARNRegex: "arn:aws:trustedadvisor:*",
ARNFormat: "arn:aws:trustedadvisor:*:<account_ID>:checks/{category}/{checkId}",
Actions: ["DescribeCheckItems", "DescribeCheckRefreshStatuses", "DescribeCheckSummaries", "DescribeNotificationPreferences", "ExcludeCheckItems", "IncludeCheckItems", "RefreshCheck", "UpdateNotificationPreferences"]
},
"AWS OpsWorks": {
StringPrefix: "opsworks",
ARNRegex: "^arn:aws:opsworks:.+",
ARNFormat: "arn:aws:opsworks:<region>:<accountId>:<stack>/<stackId>/",
Actions: ["AssignInstance", "AssignVolume", "AssociateElasticIp", "AttachElasticLoadBalancer", "CloneStack", "CreateApp", "CreateDeployment", "CreateInstance", "CreateLayer", "CreateStack", "CreateUserProfile", "DeleteApp", "DeleteInstance", "DeleteLayer", "DeleteStack", "DeleteUserProfile", "DeregisterEcsCluster", "DeregisterElasticIp", "DeregisterInstance", "DeregisterVolume", "DescribeApps", "DescribeCommands", "DescribeDeployments", "DescribeEcsClusters", "DescribeElasticIps", "DescribeElasticLoadBalancers", "DescribeInstances", "DescribeLayers", "DescribeLoadBasedAutoScaling", "DescribePermissions", "DescribeRaidArrays", "DescribeRdsDbInstances", "DescribeServiceErrors", "DescribeStackProvisioningParameters", "DescribeStackSummary", "DescribeStacks", "DescribeTimeBasedAutoScaling", "DescribeUserProfiles", "DescribeVolumes", "DetachElasticLoadBalancer", "DisassociateElasticIp", "GetHostnameSuggestion", "GrantAccess", "RebootInstance", "RegisterEcsCluster", "RegisterElasticIp", "RegisterInstance", "RegisterRdsDbInstance", "RegisterVolume", "SetLoadBasedAutoScaling", "SetPermission", "SetTimeBasedAutoScaling", "StartInstance", "StartStack", "StopInstance", "StopStack", "UnassignInstance", "UnassignVolume", "UpdateApp", "UpdateElasticIp", "UpdateInstance", "UpdateLayer", "UpdateMyUserProfile", "UpdateRdsDbInstance", "UpdateStack", "UpdateUserProfile", "UpdateVolume"]
},
"AWS OpsWorks for Chef Automate": {
StringPrefix: "opsworks-cm",
ARNRegex: "^arn:aws:opsworks-cm:.+",
ARNFormat: "arn:aws:opsworks-cm:<region>:<accountId>:<server|backup>/<server name | backup id>/<UUID>",
HasResource: !0,
Actions: ["AssociateNode", "CreateBackup", "CreateServer", "DeleteBackup", "DeleteServer", "DescribeAccountAttributes", "DescribeBackups", "DescribeEvents", "DescribeNodeAssociationStatus", "DescribeServers", "DisassociateNode", "RestoreServer", "StartMaintenance", "UpdateServer", "UpdateServerEngineAttributes"]
},
"Amazon WorkMail": {
StringPrefix: "workmail",
Actions: ["AddMembersToGroup", "CreateGroup", "CreateMailDomain", "CreateMailUser", "CreateOrganization", "DeleteOrganization", "DeleteMailDomain", "DeleteMobileDevice", "DescribeDirectories", "DescribeKmsKeys", "DescribeOrganizations", "DescribeMailDomains", "DescribeMailGroups", "DescribeMailUsers", "DisableMailGroups", "DisableMailUsers", "EnableMailDomain", "EnableMailUsers", "EnableMailGroups", "GetMailDomainDetails", "GetMailGroupDetails", "GetMailUserDetails", "GetMobileDeviceDetails", "GetMobileDevicesForUser", "GetMobilePolicyDetails", "ListMembersInMailGroup", "RemoveMembersFromGroup", "ResetUserPassword", "SearchMembers", "SetAdmin", "SetDefaultMailDomain", "SetMailGroupDetails", "SetMailUserDetails", "SetMobilePolicyDetails", "WipeMobileDevice"]
},
"Amazon EC2 Container Service": {
StringPrefix: "ecs",
ARNRegex: "^arn:aws:ecs:.+",
ARNFormat: "arn:aws:ecs:<region>:<account_ID>:<resource_type>/<relative_ID>",
HasResource: !0,
Actions: ["CreateCluster", "CreateService", "DeleteCluster", "DeleteService", "DeregisterContainerInstance", "DeregisterTaskDefinition", "DescribeClusters", "DescribeContainerInstances", "DescribeServices", "DescribeTaskDefinition", "DescribeTasks", "DiscoverPollEndpoint", "ListClusters", "ListContainerInstances", "ListServices", "ListTaskDefinitionFamilies", "ListTaskDefinitions", "ListTasks", "Poll", "RegisterContainerInstance", "RegisterTaskDefinition", "RunTask", "StartTask", "StopTask", "StartTelemetrySession", "SubmitContainerStateChange", "SubmitTaskStateChange", "UpdateContainerAgent", "UpdateService"],
conditionKeys: ["ecs:cluster", "ecs:container-instances"]
},
"Amazon Lightsail": {
StringPrefix: "lightsail",
ARNRegex: "^arn:aws:lightsail:.+",
ARNFormat: "arn:aws:lightsail:<regionName>:<userAccountId>:<resourceType>/<Id>",
HasResource: !0,
Actions: ["AllocateStaticIp", "AttachStaticIp", "CloseInstancePublicPorts", "CreateDomain", "CreateDomainEntry", "CreateInstanceSnapshot", "CreateInstances", "CreateInstancesFromSnapshot", "CreateKeyPair", "DeleteDomain", "DeleteDomainEntry", "DeleteInstance", "DeleteInstanceSnapshot", "DeleteKeyPair", "DetachStaticIp", "DownloadDefaultKeyPair", "GetActiveNames", "GetBlueprints", "GetBundles", "GetDomain", "GetDomains", "GetInstance", "GetInstanceAccessDetails", "GetInstanceMetricData", "GetInstancePortStates", "GetInstanceSnapshot", "GetInstanceSnapshots", "GetInstanceState", "GetInstances", "GetKeyPair", "GetKeyPairs", "GetOperation", "GetOperations", "GetOperationsForResource", "GetRegions", "GetStaticIp", "GetStaticIps", "ImportKeyPair", "IsVpcPeered", "OpenInstancePublicPorts", "PeerVpc", "RebootInstance", "ReleaseStaticIp", "StartInstance", "StopInstance", "UnpeerVpc", "UpdateDomainEntry"]
},
"Amazon Machine Learning": {
StringPrefix: "machinelearning",
ARNRegex: "^arn:aws:machinelearning:.+",
ARNFormat: "arn:aws:machinelearning:<region>:<account_ID>:<resource_type>/<relative_ID>",
HasResource: !0,
Actions: ["AddTags", "CreateBatchPrediction", "CreateDataSourceFromRDS", "CreateDataSourceFromRedshift", "CreateDataSourceFromS3", "CreateEvaluation", "CreateMLModel", "CreateRealtimeEndpoint", "DeleteBatchPrediction", "DeleteDataSource", "DeleteEvaluation", "DeleteMLModel", "DeleteRealtimeEndpoint", "DeleteTags", "DescribeBatchPredictions", "DescribeDataSources", "DescribeEvaluations", "DescribeMLModels", "DescribeTags", "GetBatchPrediction", "GetDataSource", "GetEvaluation", "GetMLModel", "Predict", "UpdateBatchPrediction", "UpdateDataSource", "UpdateEvaluation", "UpdateMLModel"]
},
"Amazon Rekognition": {
StringPrefix: "rekognition",
ARNRegex: "^arn:aws:rekognition:.+",
ARNFormat: "arn:aws:rekognition:<region>:<account_ID>:<collection>/<collectionid>",
HasResource: !0,
Actions: ["CompareFaces", "CreateCollection", "DeleteCollection", "DeleteFaces", "DetectFaces", "DetectLabels", "DetectModerationLabels", "IndexFaces", "ListCollections", "ListFaces", "SearchFaces", "SearchFacesByImage"]
},
"Amazon WorkSpaces": {
StringPrefix: "workspaces",
Actions: ["CreateTags", "CreateWorkspaces", "DeleteTags", "DescribeTags", "DescribeWorkspaceBundles", "DescribeWorkspacesConnectionStatus", "DescribeWorkspaceDirectories", "DescribeWorkspaces", "ModifyWorkspaceProperties", "StartWorkspaces", "StopWorkspaces", "RebootWorkspaces", "RebuildWorkspaces", "TerminateWorkspaces"]
},
"Amazon WorkSpaces Application Manager": {
StringPrefix: "wam",
Actions: ["AuthenticatePackager"]
},
"Data Pipeline": {
StringPrefix: "datapipeline",
Actions: ["ActivatePipeline", "AddTags", "CreatePipeline", "DeactivatePipeline", "DeletePipeline", "DescribeObjects", "DescribePipelines", "EvaluateExpression", "GetAccountLimits", "GetPipelineDefinition", "ListPipelines", "PollForTask", "PutAccountLimits", "PutPipelineDefinition", "QueryObjects", "RemoveTags", "ReportTaskProgress", "ReportTaskRunnerHeartbeat", "SetStatus", "SetTaskStatus", "ValidatePipelineDefinition"]
},
"AWS CodeBuild ": {
StringPrefix: "codebuild",
ARNRegex: "^arn:aws:codebuild:[a-z0-9]+:[0-9]{12}:project/[A-Za-z0-9][A-Za-z0-9-_]{1,254}",
ARNFormat: "arn:aws:codebuild:<region>:<account ID>:project/<project name>",
HasResource: !0,
Actions: ["BatchGetBuilds", "BatchGetProjects", "CreateProject", "DeleteProject", "ListBuilds", "ListBuildsForProject", "ListConnectedOAuthAccounts", "ListProjects", "ListRepositories", "PersistOAuthToken", "StartBuild", "StopBuild", "UpdateProject"]
},
"AWS Cost and Usage Report": {
StringPrefix: "cur",
ARNRegex: "^arn:aws:cur:.+:.+:.+",
ARNFormat: "arn:aws:cur:<region>:<account_ID>:definition/<reportname>",
HasResource: !0,
Actions: ["DeleteReportDefinition", "DescribeReportDefinitions", "PutReportDefinition"]
},
"AWS Organizations": {
StringPrefix: "organizations",
ARNRegex: "^arn:aws:organizations::.+:.+",
ARNFormat: "arn:aws:organizations::<masterAccountId>:<resource>/o-<organizationId>(/<resourceType>/<resourceId>)?",
HasResource: !0,
Actions: ["AcceptHandshake", "AttachPolicy", "CancelHandshake", "CreateAccount", "CreateOrganization", "CreateOrganizationalUnit", "CreatePolicy", "DeclineHandshake", "DeleteOrganization", "DeleteOrganizationalUnit", "DeletePolicy", "DescribeAccount", "DescribeCreateAccountStatus", "DescribeHandshake", "DescribeOrganization", "DescribeOrganizationalUnit", "DescribePolicy", "DetachPolicy", "DisablePolicyType", "EnableAllFeatures", "EnablePolicyType", "InviteAccountToOrganization", "LeaveOrganization", "ListAccounts", "ListAccountsForParent", "ListChildren", "ListCreateAccountStatus", "ListHandshakesForAccount", "ListHandshakesForOrganization", "ListOrganizationalUnitsForParent", "ListParents", "ListPolicies", "ListPoliciesForTarget", "ListRoots", "ListTargetsForPolicy", "MoveAccount", "RemoveAccountFromOrganization", "UpdateOrganizationalUnit", "UpdatePolicy"]
},
"Amazon Elasticsearch Service": {
StringPrefix: "es",
ARNRegex: "^arn:aws:es:.+",
ARNFormat: "arn:aws:es:<region>:<account_ID>:<resource>",
HasResource: !0,
Actions: ["AddTags", "CreateElasticsearchDomain", "DeleteElasticsearchDomain", "DescribeElasticsearchDomain", "DescribeElasticsearchDomains", "DescribeElasticsearchDomainConfig", "ListDomainNames", "ListTags", "RemoveTags", "UpdateElasticsearchDomainConfig"]
},
"AWS WAF": {
StringPrefix: "waf",
ARNRegex: "^arn:aws:waf::[0-9]+:.+/.+",
ARNFormat: "arn:aws:waf::<account_ID>:<resource>/<resource_id>",
HasResource: !0,
Actions: ["CreateByteMatchSet", "CreateIPSet", "CreateRule", "CreateSizeConstraintSet", "CreateSqlInjectionMatchSet", "CreateWebACL", "CreateXssMatchSet", "DeleteByteMatchSet", "DeleteIPSet", "DeleteRule", "DeleteSizeConstraintSet", "DeleteSqlInjectionMatchSet", "DeleteWebACL", "DeleteXssMatchSet", "GetByteMatchSet", "GetChangeToken", "GetChangeTokenStatus", "GetIPSet", "GetRule", "GetSampledRequests", "GetSizeConstraintSet", "GetSqlInjectionMatchSet", "GetWebACL", "GetXssMatchSet", "ListByteMatchSets", "ListIPSets", "ListRules", "ListSizeConstraintSets", "ListSqlInjectionMatchSets", "ListWebACLs", "ListXssMatchSets", "UpdateByteMatchSet", "UpdateIPSet", "UpdateRule", "UpdateSizeConstraintSet", "UpdateSqlInjectionMatchSet", "UpdateWebACL", "UpdateXssMatchSet"]
},
"AWS WAF Regional": {
StringPrefix: "waf-regional",
ARNRegex: "^arn:aws:waf-regional:.+:[0-9]+:.+/.+",
ARNFormat: "arn:aws:waf-regional:<region>:<account_ID>:<resource>/<resource_id>",
HasResource: !0,
Actions: ["AssociateWebACL", "CreateByteMatchSet", "CreateIPSet", "CreateRule", "CreateSizeConstraintSet", "CreateSqlInjectionMatchSet", "CreateWebACL", "CreateXssMatchSet", "DeleteByteMatchSet", "DeleteIPSet", "DeleteRule", "DeleteSizeConstraintSet", "DeleteSqlInjectionMatchSet", "DeleteWebACL", "DeleteXssMatchSet", "DisassociateWebACL", "GetByteMatchSet", "GetChangeToken", "GetChangeTokenStatus", "GetIPSet", "GetRule", "GetSampledRequests", "GetSizeConstraintSet", "GetSqlInjectionMatchSet", "GetWebACL", "GetWebACLForResource", "GetXssMatchSet", "ListByteMatchSets", "ListIPSets", "ListResourcesForWebACL", "ListRules", "ListSizeConstraintSets", "ListSqlInjectionMatchSets", "ListWebACLs", "ListXssMatchSets", "UpdateByteMatchSet", "UpdateIPSet", "UpdateRule", "UpdateSizeConstraintSet", "UpdateSqlInjectionMatchSet", "UpdateWebACL", "UpdateXssMatchSet"]
},
"Amazon Inspector": {
StringPrefix: "inspector",
ARNRegex: "^arn:aws:inspector:.+",
ARNFormat: "arn:aws:inspector:<region>:<account_ID>:<resource_id>",
HasResource: !0,
Actions: ["AddAttributesToFindings", "CreateAssessmentTarget", "CreateAssessmentTemplate", "CreateResourceGroup", "DeleteAssessmentRun", "DeleteAssessmentTarget", "DeleteAssessmentTemplate", "DescribeAssessmentRuns", "DescribeAssessmentTargets", "DescribeAssessmentTemplates", "DescribeCrossAccountAccessRole", "DescribeFindings", "DescribeResourceGroups", "DescribeRulesPackages", "GetTelemetryMetadata", "ListAssessmentRunAgents", "ListAssessmentRuns", "ListAssessmentTargets", "ListAssessmentTemplates", "ListEventSubscriptions", "ListFindings", "ListRulesPackages", "ListTagsForResource", "PreviewAgents", "RegisterCrossAccountAccessRole", "RemoveAttributesFromFindings", "SetTagsForResource", "StartAssessmentRun", "StopAssessmentRun", "SubscribeToEvent", "UnsubscribeFromEvent", "UpdateAssessmentTarget"]
},
"Amazon Kinesis Analytics": {
StringPrefix: "kinesisanalytics",
ARNRegex: "arn:aws:[a-zA-Z0-9-]+:[a-zA-Z0-9-]*:d{12}:[a-zA-Z_0-9+=,.@-_/:]+",
ARNFormat: "arn:aws:kinesisanalytics:<region>:<account_ID>:application/<app-name>",
HasResource: !0,
Actions: ["AddApplicationInput", "AddApplicationOutput", "AddApplicationReferenceDataSource", "CreateApplication", "DeleteApplication", "DeleteApplicationOutput", "DeleteApplicationReferenceDataSource", "DescribeApplication", "DiscoverInputSchema", "GetApplicationState", "ListApplications", "StartApplication", "StopApplication", "UpdateApplication"]
},
"Amazon Kinesis Firehose": {
StringPrefix: "firehose",
ARNRegex: "^arn:aws:firehose:.+:[0-9]+:deliverystream/.+",
ARNFormat: "arn:aws:firehose:<region>:<account_ID>:deliverystream/<deliverystreamname>",
HasResource: !0,
Actions: ["CreateDeliveryStream", "DeleteDeliveryStream", "DescribeDeliveryStream", "ListDeliveryStreams", "PutRecord", "PutRecordBatch", "UpdateDestination"]
},
"AWS IoT": {
StringPrefix: "iot",
conditionKeys: ["iot:ClientId"],
ARNRegex: "^arn:aws:iot:.+:[0-9]+:.+",
ARNFormat: "arn:aws:iot:<region>:<account_ID>:<type>/<name>",
HasResource: !0,
Actions: ["AcceptCertificateTransfer", "AttachPrincipalPolicy", "AttachThingPrincipal", "CancelCertificateTransfer", "Connect", "CreateCertificateFromCsr", "CreateKeysAndCertificate", "CreatePolicy", "CreatePolicyVersion", "CreateThing", "CreateThingType", "CreateTopicRule", "DeleteCACertificate", "DeleteCertificate", "DeletePolicy", "DeletePolicyVersion", "DeleteRegistrationCode", "DeleteThing", "DeleteThingShadow", "DeleteThingType", "DeleteTopicRule", "DeprecateThingType", "DescribeCaCertificate", "DescribeCertificate", "DescribeEndpoint", "DescribeThing", "DescribeThingType", "DetachPrincipalPolicy", "DetachThingPrincipal", "DisableTopicRule", "EnableTopicRule", "GetLoggingOptions", "GetPolicy", "GetPolicyVersion", "GetRegistrationCode", "GetThingShadow", "GetTopicRule", "ListCaCertificates", "ListCertificates", "ListCertificatesByCa", "ListOutgoingCertificates", "ListPolicies", "ListPolicyPrincipals", "ListPolicyVersions", "ListPrincipalPolicies", "ListPrincipalThings", "ListThingPrincipals", "ListThings", "ListThingTypes", "ListTopicRules", "Publish", "Receive", "RegisterCACertificate", "RegisterCertificate", "RejectCertificateTransfer", "ReplaceTopicRule", "SetDefaultPolicyVersion", "SetLoggingOptions", "Subscribe", "TransferCertificate", "UpdateCACertificate", "UpdateCertificate", "UpdateThing", "UpdateThingShadow"]
},
"Amazon GameLift": {
StringPrefix: "gamelift",
HasResource: !1,
Actions: ["CreateAlias", "CreateBuild", "CreateFleet", "CreateGameSession", "CreatePlayerSession", "CreatePlayerSessions", "DeleteAlias", "DeleteBuild", "DeleteFleet", "DeleteScalingPolicy", "DescribeAlias", "DescribeBuild", "DescribeEC2InstanceLimits", "DescribeFleetAttributes", "DescribeFleetCapacity", "DescribeFleetEvents", "DescribeFleetPortSettings", "DescribeFleetUtilization", "DescribeGameSessions", "DescribeGameSessionDetails", "DescribeInstances", "DescribePlayerSessions", "DescribeRuntimeConfiguration", "DescribeScalingPolicies", "GetGameSessionLogUrl", "GetInstanceAccess", "ListAliases", "ListBuilds", "ListFleets", "PutScalingPolicy", "SearchGameSessions", "RequestUploadCredentials", "ResolveAlias", "UpdateAlias", "UpdateBuild", "UpdateFleetAttributes", "UpdateFleetCapacity", "UpdateFleetPortSettings", "UpdateGameSession", "UpdateRuntimeConfiguration"]
},
"Amazon Mechanical Turk": {
StringPrefix: "mechanicalturk",
HasResource: !1,
Actions: ["AcceptQualificationRequest", "ApproveAssignment", "ApproveRejectedAssignment", "AssignQualification", "AssociateQualificationWithWorker", "BlockWorker", "CreateHITType", "ChangeHITTypeOfHIT", "CreateHIT", "CreateHITWithHITType", "CreateQualificationType", "CreateWorkerBlock", "DeleteHIT", "DeleteQualificationType", "DeleteWorkerBlock", "DisableHIT", "DisassociateQualificationFromWorker", "DisposeHIT", "DisposeQualificationType", "ExtendHIT", "ForceExpireHIT", "GetAccountBalance", "GetAssignment", "GetAssignmentsForHIT", "GetBlockedWorkers", "GetBonusPayments", "GetFileUploadURL", "GetHIT", "GetHITsForQualificationType", "GetQualificationRequests", "GetQualificationScore", "GetQualificationType", "GetQualificationsForQualificationType", "GetRequesterStatistic", "GetRequesterWorkerStatistic", "GetReviewResultsForHIT", "GetReviewableHITs", "GrantBonus", "GrantQualification", "ListAssignmentsForHIT", "ListBonusPayments", "ListHITs", "ListHITsForQualificationType", "ListQualificationRequests", "ListQualificationTypes", "ListReviewableHITs", "ListReviewPolicyResultsForHIT", "ListWorkerBlocks", "ListWorkersWithQualificationType", "NotifyWorkers", "RegisterHITType", "RejectAssignment", "RejectQualificationRequest", "RevokeQualification", "SearchHITs", "SearchQualificationTypes", "SendBonus", "SendTestEventNotification", "SetHITAsReviewing", "SetHITTypeNotification", "UnblockWorker", "UpdateExpirationForHIT", "UpdateHITReviewStatus", "UpdateHITTypeOfHIT", "UpdateNotificationSettings", "UpdateQualificationScore", "UpdateQualificationType"]
},
"AWS XRay": {
StringPrefix: "xray",
Actions: ["BatchGetTraces", "GetServiceGraph", "GetTraceGraph", "GetTraceSummaries", "PutTelemetryRecords", "PutTraceSegments"]
},
"Amazon Athena": {
StringPrefix: "athena",
Actions: ["BatchGetNamedQuery", "BatchGetQueryExecution", "CreateNamedQuery", "DeleteNamedQuery", "GetNamedQuery", "GetQueryExecution", "GetQueryResults", "ListNamedQueries", "ListQueryExecutions", "StartQueryExecution", "StopQueryExecution"]
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment