@cloud-copilot/iam-data/data/actions/iot.json

AWS IAM Data

{
  "acceptcertificatetransfer": {
    "name": "AcceptCertificateTransfer",
    "description": "Grants permission to accept a pending certificate transfer",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "cert",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "addthingtobillinggroup": {
    "name": "AddThingToBillingGroup",
    "description": "Grants permission to add a thing to the specified billing group",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "billinggroup",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "thing",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "addthingtothinggroup": {
    "name": "AddThingToThingGroup",
    "description": "Grants permission to add a thing to the specified thing group",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "thing",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "thinggroup",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "associatesbomwithpackageversion": {
    "name": "AssociateSbomWithPackageVersion",
    "description": "Grants permission to associate SBOM files to a package version",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "packageversion",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": [
      "iot:GetIndexingConfiguration"
    ]
  },
  "associatetargetswithjob": {
    "name": "AssociateTargetsWithJob",
    "description": "Grants permission to associate a group with a continuous job",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "job",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "thing",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "thinggroup",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "attachpolicy": {
    "name": "AttachPolicy",
    "description": "Grants permission to attach a policy to the specified target",
    "accessLevel": "Permissions management",
    "resourceTypes": [
      {
        "name": "cert",
        "required": false,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "thinggroup",
        "required": false,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "attachprincipalpolicy": {
    "name": "AttachPrincipalPolicy",
    "description": "Grants permission to attach the specified policy to the specified principal (certificate or other credential)",
    "accessLevel": "Permissions management",
    "resourceTypes": [
      {
        "name": "cert",
        "required": false,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "attachsecurityprofile": {
    "name": "AttachSecurityProfile",
    "description": "Grants permission to associate a Device Defender security profile with a thing group or with this account",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "securityprofile",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "custommetric",
        "required": false,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "dimension",
        "required": false,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "thinggroup",
        "required": false,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "attachthingprincipal": {
    "name": "AttachThingPrincipal",
    "description": "Grants permission to attach the specified principal to the specified thing",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "cert",
        "required": false,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "iot:thingArn"
    ],
    "dependentActions": []
  },
  "cancelauditmitigationactionstask": {
    "name": "CancelAuditMitigationActionsTask",
    "description": "Grants permission to cancel a mitigation action task that is in progress",
    "accessLevel": "Write",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "cancelaudittask": {
    "name": "CancelAuditTask",
    "description": "Grants permission to cancel an audit that is in progress. The audit can be either scheduled or on-demand",
    "accessLevel": "Write",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "cancelcertificatetransfer": {
    "name": "CancelCertificateTransfer",
    "description": "Grants permission to cancel a pending transfer for the specified certificate",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "cert",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "canceldetectmitigationactionstask": {
    "name": "CancelDetectMitigationActionsTask",
    "description": "Grants permission to cancel a Device Defender ML Detect mitigation action",
    "accessLevel": "Write",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "canceljob": {
    "name": "CancelJob",
    "description": "Grants permission to cancel a job",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "job",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "canceljobexecution": {
    "name": "CancelJobExecution",
    "description": "Grants permission to cancel a job execution on a particular device",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "job",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "thing",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "cleardefaultauthorizer": {
    "name": "ClearDefaultAuthorizer",
    "description": "Grants permission to clear the default authorizer",
    "accessLevel": "Write",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "closetunnel": {
    "name": "CloseTunnel",
    "description": "Grants permission to close a tunnel",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "tunnel",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "iot:Delete"
    ],
    "dependentActions": []
  },
  "confirmtopicruledestination": {
    "name": "ConfirmTopicRuleDestination",
    "description": "Grants permission to confirm a http url TopicRuleDestinationDestination",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "destination",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "connect": {
    "name": "Connect",
    "description": "Grants permission to connect as the specified client",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "client",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "createauditsuppression": {
    "name": "CreateAuditSuppression",
    "description": "Grants permission to create a Device Defender audit suppression",
    "accessLevel": "Write",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "createauthorizer": {
    "name": "CreateAuthorizer",
    "description": "Grants permission to create an authorizer",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "authorizer",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "createbillinggroup": {
    "name": "CreateBillingGroup",
    "description": "Grants permission to create a billing group",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "billinggroup",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "createcertificatefromcsr": {
    "name": "CreateCertificateFromCsr",
    "description": "Grants permission to create an X.509 certificate using the specified certificate signing request",
    "accessLevel": "Write",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "createcertificateprovider": {
    "name": "CreateCertificateProvider",
    "description": "Grants permission to create a certificate provider",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "certificateprovider",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "createcommand": {
    "name": "CreateCommand",
    "description": "Grants permission to create a command that can be used to start new executions against a device",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "command",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "createcustommetric": {
    "name": "CreateCustomMetric",
    "description": "Grants permission to create a custom metric for device side metric reporting and monitoring",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "custommetric",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "createdimension": {
    "name": "CreateDimension",
    "description": "Grants permission to define a dimension that can be used to to limit the scope of a metric used in a security profile",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "dimension",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "createdomainconfiguration": {
    "name": "CreateDomainConfiguration",
    "description": "Grants permission to create a domain configuration",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "domainconfiguration",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys",
      "iot:DomainName"
    ],
    "dependentActions": []
  },
  "createdynamicthinggroup": {
    "name": "CreateDynamicThingGroup",
    "description": "Grants permission to create a Dynamic Thing Group",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "dynamicthinggroup",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "createfleetmetric": {
    "name": "CreateFleetMetric",
    "description": "Grants permission to create a fleet metric",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "fleetmetric",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "index",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "createjob": {
    "name": "CreateJob",
    "description": "Grants permission to create a job",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "job",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "thing",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "thinggroup",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "jobtemplate",
        "required": false,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "package",
        "required": false,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "packageversion",
        "required": false,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "createjobtemplate": {
    "name": "CreateJobTemplate",
    "description": "Grants permission to create a job template",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "jobtemplate",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "job",
        "required": false,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "package",
        "required": false,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "packageversion",
        "required": false,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "createkeysandcertificate": {
    "name": "CreateKeysAndCertificate",
    "description": "Grants permission to create a 2048 bit RSA key pair and issues an X.509 certificate using the issued public key",
    "accessLevel": "Write",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "createmitigationaction": {
    "name": "CreateMitigationAction",
    "description": "Grants permission to define an action that can be applied to audit findings by using StartAuditMitigationActionsTask",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "mitigationaction",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "createotaupdate": {
    "name": "CreateOTAUpdate",
    "description": "Grants permission to create an OTA update job",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "otaupdate",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "createpackage": {
    "name": "CreatePackage",
    "description": "Grants permission to create a software package that you can deploy to your devices",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "package",
        "required": true,
        "conditionKeys": [],
        "dependentActions": [
          "iot:GetIndexingConfiguration"
        ]
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "createpackageversion": {
    "name": "CreatePackageVersion",
    "description": "Grants permission to create a version under the specified package",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "package",
        "required": true,
        "conditionKeys": [],
        "dependentActions": [
          "iot:GetIndexingConfiguration",
          "s3:GetObjectVersion"
        ]
      },
      {
        "name": "packageversion",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "createpolicy": {
    "name": "CreatePolicy",
    "description": "Grants permission to create an AWS IoT policy",
    "accessLevel": "Permissions management",
    "resourceTypes": [
      {
        "name": "policy",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "createpolicyversion": {
    "name": "CreatePolicyVersion",
    "description": "Grants permission to create a new version of the specified AWS IoT policy",
    "accessLevel": "Permissions management",
    "resourceTypes": [
      {
        "name": "policy",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "createprovisioningclaim": {
    "name": "CreateProvisioningClaim",
    "description": "Grants permission to create a provisioning claim",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "provisioningtemplate",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "createprovisioningtemplate": {
    "name": "CreateProvisioningTemplate",
    "description": "Grants permission to create a fleet provisioning template",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "provisioningtemplate",
        "required": true,
        "conditionKeys": [],
        "dependentActions": [
          "iam:PassRole"
        ]
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "createprovisioningtemplateversion": {
    "name": "CreateProvisioningTemplateVersion",
    "description": "Grants permission to create a new version of a fleet provisioning template",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "provisioningtemplate",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "createrolealias": {
    "name": "CreateRoleAlias",
    "description": "Grants permission to create a role alias",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "rolealias",
        "required": true,
        "conditionKeys": [],
        "dependentActions": [
          "iam:PassRole"
        ]
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "createscheduledaudit": {
    "name": "CreateScheduledAudit",
    "description": "Grants permission to create a scheduled audit that is run at a specified time interval",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "scheduledaudit",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "createsecurityprofile": {
    "name": "CreateSecurityProfile",
    "description": "Grants permission to create a Device Defender security profile",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "securityprofile",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "custommetric",
        "required": false,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "dimension",
        "required": false,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "createstream": {
    "name": "CreateStream",
    "description": "Grants permission to create a new AWS IoT stream",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "stream",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "creatething": {
    "name": "CreateThing",
    "description": "Grants permission to create a thing in the thing registry",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "thing",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "billinggroup",
        "required": false,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "createthinggroup": {
    "name": "CreateThingGroup",
    "description": "Grants permission to create a thing group",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "thinggroup",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "createthingtype": {
    "name": "CreateThingType",
    "description": "Grants permission to create a new thing type",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "thingtype",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "createtopicrule": {
    "name": "CreateTopicRule",
    "description": "Grants permission to create a rule",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "rule",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [
      "aws:RequestTag/${TagKey}",
      "aws:TagKeys"
    ],
    "dependentActions": []
  },
  "createtopicruledestination": {
    "name": "CreateTopicRuleDestination",
    "description": "Grants permission to create a TopicRuleDestination",
    "accessLevel": "Write",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deleteaccountauditconfiguration": {
    "name": "DeleteAccountAuditConfiguration",
    "description": "Grants permission to delete the audit configuration associated with the account",
    "accessLevel": "Write",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deleteauditsuppression": {
    "name": "DeleteAuditSuppression",
    "description": "Grants permission to delete a Device Defender audit suppression",
    "accessLevel": "Write",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deleteauthorizer": {
    "name": "DeleteAuthorizer",
    "description": "Grants permission to delete the specified authorizer",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "authorizer",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletebillinggroup": {
    "name": "DeleteBillingGroup",
    "description": "Grants permission to delete the specified billing group",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "billinggroup",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletecacertificate": {
    "name": "DeleteCACertificate",
    "description": "Grants permission to delete a registered CA certificate",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "cacert",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletecertificate": {
    "name": "DeleteCertificate",
    "description": "Grants permission to delete the specified certificate",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "cert",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletecertificateprovider": {
    "name": "DeleteCertificateProvider",
    "description": "Grants permission to delete a certificate provider",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "certificateprovider",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletecommand": {
    "name": "DeleteCommand",
    "description": "Grants permission to delete a command",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "command",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletecommandexecution": {
    "name": "DeleteCommandExecution",
    "description": "Grants permission to delete a command execution",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "client",
        "required": false,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "thing",
        "required": false,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deleteconnection": {
    "name": "DeleteConnection",
    "description": "Grants permission to disconnect the specified connection",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "client",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletecustommetric": {
    "name": "DeleteCustomMetric",
    "description": "Grants permission to deletes the specified custom metric from your AWS account",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "custommetric",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletedimension": {
    "name": "DeleteDimension",
    "description": "Grants permission to remove the specified dimension from your AWS account",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "dimension",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletedomainconfiguration": {
    "name": "DeleteDomainConfiguration",
    "description": "Grants permission to delete a domain configuration",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "domainconfiguration",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletedynamicthinggroup": {
    "name": "DeleteDynamicThingGroup",
    "description": "Grants permission to delete the specified Dynamic Thing Group",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "dynamicthinggroup",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletefleetmetric": {
    "name": "DeleteFleetMetric",
    "description": "Grants permission to delete the specified fleet metric",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "fleetmetric",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletejob": {
    "name": "DeleteJob",
    "description": "Grants permission to delete a job and its related job executions",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "job",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletejobexecution": {
    "name": "DeleteJobExecution",
    "description": "Grants permission to delete a job execution",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "job",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "thing",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletejobtemplate": {
    "name": "DeleteJobTemplate",
    "description": "Grants permission to delete a job template",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "jobtemplate",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletemitigationaction": {
    "name": "DeleteMitigationAction",
    "description": "Grants permission to delete a defined mitigation action from your AWS account",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "mitigationaction",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deleteotaupdate": {
    "name": "DeleteOTAUpdate",
    "description": "Grants permission to delete an OTA update job",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "otaupdate",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletepackage": {
    "name": "DeletePackage",
    "description": "Grants permission to delete a package",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "package",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletepackageversion": {
    "name": "DeletePackageVersion",
    "description": "Grants permission to delete a version of the specified package",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "package",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "packageversion",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletepolicy": {
    "name": "DeletePolicy",
    "description": "Grants permission to delete the specified policy",
    "accessLevel": "Permissions management",
    "resourceTypes": [
      {
        "name": "policy",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletepolicyversion": {
    "name": "DeletePolicyVersion",
    "description": "Grants permission to Delete the specified version of the specified policy",
    "accessLevel": "Permissions management",
    "resourceTypes": [
      {
        "name": "policy",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deleteprovisioningtemplate": {
    "name": "DeleteProvisioningTemplate",
    "description": "Grants permission to delete a fleet provisioning template",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "provisioningtemplate",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deleteprovisioningtemplateversion": {
    "name": "DeleteProvisioningTemplateVersion",
    "description": "Grants permission to delete a fleet provisioning template version",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "provisioningtemplate",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deleteregistrationcode": {
    "name": "DeleteRegistrationCode",
    "description": "Grants permission to delete a CA certificate registration code",
    "accessLevel": "Write",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deleterolealias": {
    "name": "DeleteRoleAlias",
    "description": "Grants permission to delete the specified role alias",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "rolealias",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletescheduledaudit": {
    "name": "DeleteScheduledAudit",
    "description": "Grants permission to delete a scheduled audit",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "scheduledaudit",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletesecurityprofile": {
    "name": "DeleteSecurityProfile",
    "description": "Grants permission to delete a Device Defender security profile",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "securityprofile",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "custommetric",
        "required": false,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "dimension",
        "required": false,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletestream": {
    "name": "DeleteStream",
    "description": "Grants permission to delete a specified stream",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "stream",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletething": {
    "name": "DeleteThing",
    "description": "Grants permission to delete the specified thing",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "thing",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletethinggroup": {
    "name": "DeleteThingGroup",
    "description": "Grants permission to delete the specified thing group",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "thinggroup",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletethingshadow": {
    "name": "DeleteThingShadow",
    "description": "Grants permission to delete the specified thing shadow",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "thing",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletethingtype": {
    "name": "DeleteThingType",
    "description": "Grants permission to delete the specified thing type",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "thingtype",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletetopicrule": {
    "name": "DeleteTopicRule",
    "description": "Grants permission to delete the specified rule",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "rule",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletetopicruledestination": {
    "name": "DeleteTopicRuleDestination",
    "description": "Grants permission to delete a TopicRuleDestination",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "destination",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deletev2logginglevel": {
    "name": "DeleteV2LoggingLevel",
    "description": "Grants permission to delete the specified v2 logging level",
    "accessLevel": "Write",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "deprecatethingtype": {
    "name": "DeprecateThingType",
    "description": "Grants permission to deprecate the specified thing type",
    "accessLevel": "Write",
    "resourceTypes": [
      {
        "name": "thingtype",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describeaccountauditconfiguration": {
    "name": "DescribeAccountAuditConfiguration",
    "description": "Grants permission to get information about audit configurations for the account",
    "accessLevel": "Read",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describeauditfinding": {
    "name": "DescribeAuditFinding",
    "description": "Grants permission to get information about a single audit finding. Properties include the reason for noncompliance, the severity of the issue, and when the audit that returned the finding was started",
    "accessLevel": "Read",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describeauditmitigationactionstask": {
    "name": "DescribeAuditMitigationActionsTask",
    "description": "Grants permission to get information about an audit mitigation task that is used to apply mitigation actions to a set of audit findings",
    "accessLevel": "Read",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describeauditsuppression": {
    "name": "DescribeAuditSuppression",
    "description": "Grants permission to get information about a Device Defender audit suppression",
    "accessLevel": "Read",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describeaudittask": {
    "name": "DescribeAuditTask",
    "description": "Grants permission to get information about a Device Defender audit",
    "accessLevel": "Read",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describeauthorizer": {
    "name": "DescribeAuthorizer",
    "description": "Grants permission to describe an authorizer",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "authorizer",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describebillinggroup": {
    "name": "DescribeBillingGroup",
    "description": "Grants permission to get information about the specified billing group",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "billinggroup",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describecacertificate": {
    "name": "DescribeCACertificate",
    "description": "Grants permission to describe a registered CA certificate",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "cacert",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describecertificate": {
    "name": "DescribeCertificate",
    "description": "Grants permission to get information about the specified certificate",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "cert",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describecertificateprovider": {
    "name": "DescribeCertificateProvider",
    "description": "Grants permission to describe a certificate provider",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "certificateprovider",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describecustommetric": {
    "name": "DescribeCustomMetric",
    "description": "Grants permission to describe a custom metric that is defined in your AWS account",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "custommetric",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describedefaultauthorizer": {
    "name": "DescribeDefaultAuthorizer",
    "description": "Grants permission to describe the default authorizer",
    "accessLevel": "Read",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describedetectmitigationactionstask": {
    "name": "DescribeDetectMitigationActionsTask",
    "description": "Grants permission to describe a Device Defender ML Detect mitigation action",
    "accessLevel": "Read",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describedimension": {
    "name": "DescribeDimension",
    "description": "Grants permission to get details about a dimension that is defined in your AWS account",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "dimension",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describedomainconfiguration": {
    "name": "DescribeDomainConfiguration",
    "description": "Grants permission to get information about the domain configuration",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "domainconfiguration",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describeencryptionconfiguration": {
    "name": "DescribeEncryptionConfiguration",
    "description": "Grants permission to describe the encryption configuration for the account",
    "accessLevel": "Read",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describeendpoint": {
    "name": "DescribeEndpoint",
    "description": "Grants permission to get a unique endpoint specific to the AWS account making the call",
    "accessLevel": "Read",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describeeventconfigurations": {
    "name": "DescribeEventConfigurations",
    "description": "Grants permission to get account event configurations",
    "accessLevel": "Read",
    "resourceTypes": [],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describefleetmetric": {
    "name": "DescribeFleetMetric",
    "description": "Grants permission to get information about the specified fleet metric",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "fleetmetric",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describeindex": {
    "name": "DescribeIndex",
    "description": "Grants permission to get information about the specified index",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "index",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describejob": {
    "name": "DescribeJob",
    "description": "Grants permission to describe a job",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "job",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describejobexecution": {
    "name": "DescribeJobExecution",
    "description": "Grants permission to describe a job execution",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "job",
        "required": false,
        "conditionKeys": [],
        "dependentActions": []
      },
      {
        "name": "thing",
        "required": false,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describejobtemplate": {
    "name": "DescribeJobTemplate",
    "description": "Grants permission to describe a job template",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "jobtemplate",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describemanagedjobtemplate": {
    "name": "DescribeManagedJobTemplate",
    "description": "Grants permission to describe a managed job template",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "jobtemplate",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describemitigationaction": {
    "name": "DescribeMitigationAction",
    "description": "Grants permission to get information about a mitigation action",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "mitigationaction",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describeprovisioningtemplate": {
    "name": "DescribeProvisioningTemplate",
    "description": "Grants permission to get information about a fleet provisioning template",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "provisioningtemplate",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describeprovisioningtemplateversion": {
    "name": "DescribeProvisioningTemplateVersion",
    "description": "Grants permission to get information about a fleet provisioning template version",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "provisioningtemplate",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describerolealias": {
    "name": "DescribeRoleAlias",
    "description": "Grants permission to describe a role alias",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "rolealias",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describescheduledaudit": {
    "name": "DescribeScheduledAudit",
    "description": "Grants permission to get information about a scheduled audit",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "scheduledaudit",
        "required": true,
        "conditionKeys": [],
        "dependentActions": []
      }
    ],
    "conditionKeys": [],
    "dependentActions": []
  },
  "describesecurityprofile": {
    "name": "DescribeSecurityProfile",
    "description": "Grants permission to get information about a Device Defender security profile",
    "accessLevel": "Read",
    "resourceTypes": [
      {
        "name": "securitypro