@cloud-copilot/iam-data
Version:
1,041 lines • 25.8 kB
JSON
{
"archiveagent": {
"name": "ArchiveAgent",
"description": "Grants permission to archive a managed agent",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"archiveenvironment": {
"name": "ArchiveEnvironment",
"description": "Grants permission to archive a managed agent environment",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"archivememorystore": {
"name": "ArchiveMemoryStore",
"description": "Grants permission to archive a memory store",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"archivesession": {
"name": "ArchiveSession",
"description": "Grants permission to archive a managed agent session",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"archivevault": {
"name": "ArchiveVault",
"description": "Grants permission to archive a credential vault",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"archiveworkspace": {
"name": "ArchiveWorkspace",
"description": "Grants permission to archive a workspace",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"assumeconsole": {
"name": "AssumeConsole",
"description": "Grants permission to assume console access on Claude Platform",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [
"aws-external-anthropic:Capability"
],
"dependentActions": []
},
"callwithbearertoken": {
"name": "CallWithBearerToken",
"isPermissionOnly": true,
"description": "Grants permission to make API calls using bearer token authentication",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [
"aws-external-anthropic:BearerTokenType"
],
"dependentActions": []
},
"cancelbatchinference": {
"name": "CancelBatchInference",
"description": "Grants permission to cancel an in-progress batch inference request",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"counttokens": {
"name": "CountTokens",
"description": "Grants permission to count tokens for a message request",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"createagent": {
"name": "CreateAgent",
"description": "Grants permission to create a managed agent in a workspace",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"createbatchinference": {
"name": "CreateBatchInference",
"description": "Grants permission to create a batch inference request",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"createenvironment": {
"name": "CreateEnvironment",
"description": "Grants permission to create a managed agent environment in a workspace",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"createfile": {
"name": "CreateFile",
"description": "Grants permission to upload a file to a workspace",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"createinference": {
"name": "CreateInference",
"description": "Grants permission to create a chat completion inference request",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"creatememorystore": {
"name": "CreateMemoryStore",
"description": "Grants permission to create a managed agent memory store in a workspace",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"createsession": {
"name": "CreateSession",
"description": "Grants permission to create a managed agent session in a workspace",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"createskill": {
"name": "CreateSkill",
"description": "Grants permission to create a skill in a workspace",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"createuserprofile": {
"name": "CreateUserProfile",
"description": "Grants permission to create a user profile in a workspace",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"createuserprofileenrollmenturl": {
"name": "CreateUserProfileEnrollmentUrl",
"description": "Grants permission to create an enrollment URL for a user profile",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"createvault": {
"name": "CreateVault",
"description": "Grants permission to create a managed agent credential vault in a workspace",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"createworkspace": {
"name": "CreateWorkspace",
"description": "Grants permission to create a workspace in an organization",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [
"aws:RequestTag/${TagKey}",
"aws:TagKeys"
],
"dependentActions": []
},
"deletebatchinference": {
"name": "DeleteBatchInference",
"description": "Grants permission to delete a batch inference request",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"deleteenvironment": {
"name": "DeleteEnvironment",
"description": "Grants permission to delete a managed agent environment",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"deletefile": {
"name": "DeleteFile",
"description": "Grants permission to delete a file from a workspace",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"deletememorystore": {
"name": "DeleteMemoryStore",
"description": "Grants permission to delete a memory store",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"deletesession": {
"name": "DeleteSession",
"description": "Grants permission to delete a managed agent session",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"deleteskill": {
"name": "DeleteSkill",
"description": "Grants permission to delete a skill from a workspace",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"deletevault": {
"name": "DeleteVault",
"description": "Grants permission to delete a credential vault",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"getaccountstatus": {
"name": "GetAccountStatus",
"description": "Grants permission to retrieve the status of account setup and AWS Marketplace registration",
"accessLevel": "Read",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"getagent": {
"name": "GetAgent",
"description": "Grants permission to retrieve details or versions of a managed agent",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"getbatchinference": {
"name": "GetBatchInference",
"description": "Grants permission to retrieve details of a batch inference request",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"getenvironment": {
"name": "GetEnvironment",
"description": "Grants permission to retrieve details of a managed agent environment",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"getfile": {
"name": "GetFile",
"description": "Grants permission to retrieve a file or its content from a workspace",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"getmemorystore": {
"name": "GetMemoryStore",
"description": "Grants permission to retrieve details of a memory store, its memories, or its memory versions",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"getmodel": {
"name": "GetModel",
"description": "Grants permission to retrieve information about a specific model",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"getsession": {
"name": "GetSession",
"description": "Grants permission to retrieve details, events, or resources of a managed agent session",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"getskill": {
"name": "GetSkill",
"description": "Grants permission to retrieve details of a skill or its versions",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"getuserprofile": {
"name": "GetUserProfile",
"description": "Grants permission to retrieve details of a user profile",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"getvault": {
"name": "GetVault",
"description": "Grants permission to retrieve details of a credential vault or its credentials",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"getworkspace": {
"name": "GetWorkspace",
"description": "Grants permission to retrieve details of a workspace",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"listagents": {
"name": "ListAgents",
"description": "Grants permission to list managed agents in a workspace",
"accessLevel": "List",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"listbatchinferences": {
"name": "ListBatchInferences",
"description": "Grants permission to list batch inference requests in a workspace",
"accessLevel": "List",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"listenvironments": {
"name": "ListEnvironments",
"description": "Grants permission to list managed agent environments in a workspace",
"accessLevel": "List",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"listfiles": {
"name": "ListFiles",
"description": "Grants permission to list files in a workspace",
"accessLevel": "List",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"listmemorystores": {
"name": "ListMemoryStores",
"description": "Grants permission to list managed agent memory stores in a workspace",
"accessLevel": "List",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"listmodels": {
"name": "ListModels",
"description": "Grants permission to list available models in a workspace",
"accessLevel": "List",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"listsessions": {
"name": "ListSessions",
"description": "Grants permission to list managed agent sessions in a workspace",
"accessLevel": "List",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"listskills": {
"name": "ListSkills",
"description": "Grants permission to list skills in a workspace",
"accessLevel": "List",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"listtagsforresource": {
"name": "ListTagsForResource",
"description": "Grants permission to list tags for a resource",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "workspace",
"required": false,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"listuserprofiles": {
"name": "ListUserProfiles",
"description": "Grants permission to list user profiles in a workspace",
"accessLevel": "List",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"listvaults": {
"name": "ListVaults",
"description": "Grants permission to list managed agent credential vaults in a workspace",
"accessLevel": "List",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"listworkspaces": {
"name": "ListWorkspaces",
"description": "Grants permission to list workspaces in an organization",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"tagresource": {
"name": "TagResource",
"description": "Grants permission to tag a resource",
"accessLevel": "Tagging",
"resourceTypes": [
{
"name": "workspace",
"required": false,
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
}
],
"conditionKeys": [
"aws:TagKeys",
"aws:RequestTag/${TagKey}"
],
"dependentActions": []
},
"untagresource": {
"name": "UntagResource",
"description": "Grants permission to untag a resource",
"accessLevel": "Tagging",
"resourceTypes": [
{
"name": "workspace",
"required": false,
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
}
],
"conditionKeys": [
"aws:TagKeys"
],
"dependentActions": []
},
"updateagent": {
"name": "UpdateAgent",
"description": "Grants permission to update a managed agent",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"updateenvironment": {
"name": "UpdateEnvironment",
"description": "Grants permission to update a managed agent environment",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"updatememorystore": {
"name": "UpdateMemoryStore",
"description": "Grants permission to update a memory store, mutate its memories, or redact a memory version",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"updatesession": {
"name": "UpdateSession",
"description": "Grants permission to update a managed agent session, append session events, or manage its resources",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"updateskill": {
"name": "UpdateSkill",
"description": "Grants permission to create or delete a skill version",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"updateuserprofile": {
"name": "UpdateUserProfile",
"description": "Grants permission to update a user profile in a workspace",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"updatevault": {
"name": "UpdateVault",
"description": "Grants permission to update a credential vault or manage its stored credentials",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"updateworkspace": {
"name": "UpdateWorkspace",
"description": "Grants permission to update a workspace",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "workspace",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
}
}