@cloud-copilot/iam-data
Version:
349 lines • 9 kB
JSON
{
"approveplanexecutionstep": {
"name": "ApprovePlanExecutionStep",
"description": "Grants permission to approve a plan execution step",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "plan",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"cancelplanexecution": {
"name": "CancelPlanExecution",
"description": "Grants permission to cancel a plan execution",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "plan",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"createplan": {
"name": "CreatePlan",
"description": "Grants permission to create a plan",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "plan",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:RequestTag/${TagKey}",
"aws:TagKeys"
],
"dependentActions": []
},
"deleteplan": {
"name": "DeletePlan",
"description": "Grants permission to delete a plan",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "plan",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"deleteresourcepolicy": {
"name": "DeleteResourcePolicy",
"isPermissionOnly": true,
"description": "Grants permission to delete the RAM access control policy for a plan",
"accessLevel": "Permissions management",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"getplan": {
"name": "GetPlan",
"description": "Grants permission to get information about plans in all AWS Regions using a control plane",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "plan",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"getplanevaluationstatus": {
"name": "GetPlanEvaluationStatus",
"description": "Grants permission to get a plan's evaluation status",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "plan",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"getplanexecution": {
"name": "GetPlanExecution",
"description": "Grants permission to get plan execution details and setup information",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "plan",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"getplaninregion": {
"name": "GetPlanInRegion",
"description": "Grants permission to get information about a plan in a specific AWS Region using the Region switch Regional data plane",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "plan",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"getresourcepolicy": {
"name": "GetResourcePolicy",
"isPermissionOnly": true,
"description": "Grants permission to get the resource policy of a plan",
"accessLevel": "Permissions management",
"resourceTypes": [
{
"name": "plan",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"listplanexecutionevents": {
"name": "ListPlanExecutionEvents",
"description": "Grants permission to list plan execution events",
"accessLevel": "List",
"resourceTypes": [
{
"name": "plan",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"listplanexecutions": {
"name": "ListPlanExecutions",
"description": "Grants permission to list plan executions",
"accessLevel": "List",
"resourceTypes": [
{
"name": "plan",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"listplans": {
"name": "ListPlans",
"description": "Grants permission to list plans in all AWS Regions using a control plane",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listplansinregion": {
"name": "ListPlansInRegion",
"description": "Grants permission to list plans in a specific AWS Region using the Region switch Regional data plane",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listroute53healthchecks": {
"name": "ListRoute53HealthChecks",
"description": "Grants permission to list Route 53 health checks",
"accessLevel": "List",
"resourceTypes": [
{
"name": "plan",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"listroute53healthchecksinregion": {
"name": "ListRoute53HealthChecksInRegion",
"description": "Grants permission to list Route 53 health checks in a specific AWS Region using the Region switch Regional data plane",
"accessLevel": "List",
"resourceTypes": [
{
"name": "plan",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"listtagsforresource": {
"name": "ListTagsForResource",
"description": "Grants permission to list tags for a resource",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "plan",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"putresourcepolicy": {
"name": "PutResourcePolicy",
"isPermissionOnly": true,
"description": "Grants permission to define the RAM access control policy for a plan",
"accessLevel": "Permissions management",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"startplanexecution": {
"name": "StartPlanExecution",
"description": "Grants permission to start a plan execution",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "plan",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"tagresource": {
"name": "TagResource",
"description": "Grants permission to tag a resource",
"accessLevel": "Tagging",
"resourceTypes": [
{
"name": "plan",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:RequestTag/${TagKey}",
"aws:ResourceTag/${TagKey}",
"aws:TagKeys"
],
"dependentActions": []
},
"untagresource": {
"name": "UntagResource",
"description": "Grants permission to remove tags from a resource",
"accessLevel": "Tagging",
"resourceTypes": [
{
"name": "plan",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}",
"aws:TagKeys"
],
"dependentActions": []
},
"updateplan": {
"name": "UpdatePlan",
"description": "Grants permission to update a plan",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "plan",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"updateplanexecution": {
"name": "UpdatePlanExecution",
"description": "Grants permission to update a plan execution",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "plan",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"updateplanexecutionstep": {
"name": "UpdatePlanExecutionStep",
"description": "Grants permission to update a plan execution step",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "plan",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
}
}