@cloud-copilot/iam-data
Version:
1,076 lines • 29.2 kB
JSON
{
"addfacettoobject": {
"name": "AddFacetToObject",
"description": "Grants permission to add a new Facet to an object",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"applyschema": {
"name": "ApplySchema",
"description": "Grants permission to copy input published schema into Directory with same name and version as that of published schema",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "publishedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"attachobject": {
"name": "AttachObject",
"description": "Grants permission to attach an existing object to another existing object",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"attachpolicy": {
"name": "AttachPolicy",
"description": "Grants permission to attach a policy object to any other object",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"attachtoindex": {
"name": "AttachToIndex",
"description": "Grants permission to attach the specified object to the specified index",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"attachtypedlink": {
"name": "AttachTypedLink",
"description": "Grants permission to attach a typed link b/w a source & target object reference",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"batchread": {
"name": "BatchRead",
"description": "Grants permission to perform all the read operations in a batch. Each individual operation inside BatchRead needs to be granted permissions explicitly",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"batchwrite": {
"name": "BatchWrite",
"description": "Grants permission to perform all the write operations in a batch. Each individual operation inside BatchWrite needs to be granted permissions explicitly",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"createdirectory": {
"name": "CreateDirectory",
"description": "Grants permission to create a Directory by copying the published schema into the directory",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "publishedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"createfacet": {
"name": "CreateFacet",
"description": "Grants permission to create a new Facet in a schema",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "appliedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "developmentSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"createindex": {
"name": "CreateIndex",
"description": "Grants permission to create an index object",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"createobject": {
"name": "CreateObject",
"description": "Grants permission to create an object in a Directory",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"createschema": {
"name": "CreateSchema",
"description": "Grants permission to create a new schema in a development state",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"createtypedlinkfacet": {
"name": "CreateTypedLinkFacet",
"description": "Grants permission to create a new Typed Link facet in a schema",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "appliedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "developmentSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"deletedirectory": {
"name": "DeleteDirectory",
"description": "Grants permission to delete a directory. Only disabled directories can be deleted",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"deletefacet": {
"name": "DeleteFacet",
"description": "Grants permission to delete a given Facet. All attributes and Rules associated with the facet will be deleted",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "developmentSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"deleteobject": {
"name": "DeleteObject",
"description": "Grants permission to delete an object and its associated attributes",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"deleteschema": {
"name": "DeleteSchema",
"description": "Grants permission to delete a given schema",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "developmentSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "publishedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"deletetypedlinkfacet": {
"name": "DeleteTypedLinkFacet",
"description": "Grants permission to delete a given TypedLink Facet. All attributes and Rules associated with the facet will be deleted",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "developmentSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"detachfromindex": {
"name": "DetachFromIndex",
"description": "Grants permission to detach the specified object from the specified index",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"detachobject": {
"name": "DetachObject",
"description": "Grants permission to detach a given object from the parent object",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"detachpolicy": {
"name": "DetachPolicy",
"description": "Grants permission to detach a policy from an object",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"detachtypedlink": {
"name": "DetachTypedLink",
"description": "Grants permission to detach a given typed link b/w given source and target object reference",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"disabledirectory": {
"name": "DisableDirectory",
"description": "Grants permission to disable the specified directory",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"enabledirectory": {
"name": "EnableDirectory",
"description": "Grants permission to enable the specified directory",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"getappliedschemaversion": {
"name": "GetAppliedSchemaVersion",
"description": "Grants permission to return current applied schema version ARN, including the minor version in use",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "appliedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"getdirectory": {
"name": "GetDirectory",
"description": "Grants permission to retrieve metadata about a directory",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"getfacet": {
"name": "GetFacet",
"description": "Grants permission to get details of the Facet, such as Facet Name, Attributes, Rules, or ObjectType",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "appliedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "developmentSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "publishedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"getlinkattributes": {
"name": "GetLinkAttributes",
"description": "Grants permission to retrieve attributes that are associated with a typed link",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"getobjectattributes": {
"name": "GetObjectAttributes",
"description": "Grants permission to retrieve attributes within a facet that are associated with an object",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"getobjectinformation": {
"name": "GetObjectInformation",
"description": "Grants permission to retrieve metadata about an object",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"getschemaasjson": {
"name": "GetSchemaAsJson",
"description": "Grants permission to retrieve a JSON representation of the schema",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "appliedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "developmentSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "publishedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"gettypedlinkfacetinformation": {
"name": "GetTypedLinkFacetInformation",
"description": "Grants permission to return identity attributes order information associated with a given typed link facet",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "appliedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "developmentSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "publishedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"listappliedschemaarns": {
"name": "ListAppliedSchemaArns",
"description": "Grants permission to list schemas applied to a directory",
"accessLevel": "List",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"listattachedindices": {
"name": "ListAttachedIndices",
"description": "Grants permission to list indices attached to an object",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"listdevelopmentschemaarns": {
"name": "ListDevelopmentSchemaArns",
"description": "Grants permission to retrieve the ARNs of schemas in the development state",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listdirectories": {
"name": "ListDirectories",
"description": "Grants permission to list directories created within an account",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listfacetattributes": {
"name": "ListFacetAttributes",
"description": "Grants permission to retrieve attributes attached to the facet",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "appliedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "developmentSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "publishedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"listfacetnames": {
"name": "ListFacetNames",
"description": "Grants permission to retrieve the names of facets that exist in a schema",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "appliedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "developmentSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "publishedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"listincomingtypedlinks": {
"name": "ListIncomingTypedLinks",
"description": "Grants permission to return a paginated list of all incoming TypedLinks for a given object",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"listindex": {
"name": "ListIndex",
"description": "Grants permission to list objects attached to the specified index",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"listmanagedschemaarns": {
"name": "ListManagedSchemaArns",
"description": "Grants permission to list the major version families of each managed schema. If a major version ARN is provided as SchemaArn, the minor version revisions in that family are listed instead",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listobjectattributes": {
"name": "ListObjectAttributes",
"description": "Grants permission to list all attributes associated with an object",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"listobjectchildren": {
"name": "ListObjectChildren",
"description": "Grants permission to return a paginated list of child objects associated with a given object",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"listobjectparentpaths": {
"name": "ListObjectParentPaths",
"description": "Grants permission to retrieve all available parent paths for any object type such as node, leaf node, policy node, and index node objects",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"listobjectparents": {
"name": "ListObjectParents",
"description": "Grants permission to list parent objects associated with a given object in pagination fashion",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"listobjectpolicies": {
"name": "ListObjectPolicies",
"description": "Grants permission to return policies attached to an object in pagination fashion",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"listoutgoingtypedlinks": {
"name": "ListOutgoingTypedLinks",
"description": "Grants permission to return a paginated list of all outgoing TypedLinks for a given object",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"listpolicyattachments": {
"name": "ListPolicyAttachments",
"description": "Grants permission to return all of the ObjectIdentifiers to which a given policy is attached",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"listpublishedschemaarns": {
"name": "ListPublishedSchemaArns",
"description": "Grants permission to retrieve published schema ARNs",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listtagsforresource": {
"name": "ListTagsForResource",
"description": "Grants permission to return tags for a resource",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"listtypedlinkfacetattributes": {
"name": "ListTypedLinkFacetAttributes",
"description": "Grants permission to return a paginated list of attributes associated with typed link facet",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "appliedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "developmentSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "publishedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"listtypedlinkfacetnames": {
"name": "ListTypedLinkFacetNames",
"description": "Grants permission to return a paginated list of typed link facet names that exist in a schema",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "appliedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "developmentSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "publishedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"lookuppolicy": {
"name": "LookupPolicy",
"description": "Grants permission to list all policies from the root of the Directory to the object specified",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"publishschema": {
"name": "PublishSchema",
"description": "Grants permission to publish a development schema with a version",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "developmentSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"putschemafromjson": {
"name": "PutSchemaFromJson",
"description": "Grants permission to update a schema using JSON upload. Only available for development schemas",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"removefacetfromobject": {
"name": "RemoveFacetFromObject",
"description": "Grants permission to remove the specified facet from the specified object",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"tagresource": {
"name": "TagResource",
"description": "Grants permission to add tags to a resource",
"accessLevel": "Tagging",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"untagresource": {
"name": "UntagResource",
"description": "Grants permission to remove tags from a resource",
"accessLevel": "Tagging",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"updatefacet": {
"name": "UpdateFacet",
"description": "Grants permission to add/update/delete existing Attributes, Rules, or ObjectType of a Facet",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "appliedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "developmentSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"updatelinkattributes": {
"name": "UpdateLinkAttributes",
"description": "Grants permission to update a given typed link's attributes. Attributes to be updated must not contribute to the typed link's identity, as defined by its IdentityAttributeOrder",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"updateobjectattributes": {
"name": "UpdateObjectAttributes",
"description": "Grants permission to update a given object's attributes",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"updateschema": {
"name": "UpdateSchema",
"description": "Grants permission to update the schema name with a new name",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "developmentSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"updatetypedlinkfacet": {
"name": "UpdateTypedLinkFacet",
"description": "Grants permission to add/update/delete existing Attributes, Rules, identity attribute order of a TypedLink Facet",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "developmentSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"upgradeappliedschema": {
"name": "UpgradeAppliedSchema",
"description": "Grants permission to upgrade a single directory in-place using the PublishedSchemaArn with schema updates found in MinorVersion. Backwards-compatible minor version upgrades are instantaneously available for readers on all objects in the directory",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "directory",
"required": true,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "publishedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"upgradepublishedschema": {
"name": "UpgradePublishedSchema",
"description": "Grants permission to upgrade a published schema under a new minor version revision using the current contents of DevelopmentSchemaArn",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "developmentSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "publishedSchema",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
}
}