@cloud-copilot/iam-data
Version:
389 lines • 11.1 kB
JSON
{
"apiaccessall": {
"name": "APIAccessAll",
"description": "Grant permission to all the supported Opensearch APIs",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "Collection",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aoss:collection",
"aoss:CollectionId"
],
"dependentActions": []
},
"batchgetcollection": {
"name": "BatchGetCollection",
"description": "Grants permission to get attributes for one or more collections",
"accessLevel": "Read",
"resourceTypes": [],
"conditionKeys": [
"aoss:collection"
],
"dependentActions": []
},
"batchgeteffectivelifecyclepolicy": {
"name": "BatchGetEffectiveLifecyclePolicy",
"description": "Grants permission to get the information about a lifecycle policy applied to one or more AOSS resources",
"accessLevel": "Read",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"batchgetlifecyclepolicy": {
"name": "BatchGetLifecyclePolicy",
"description": "Grants permission to get information about one or more lifecycle policies",
"accessLevel": "Read",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"batchgetvpcendpoint": {
"name": "BatchGetVpcEndpoint",
"description": "Grants permission to get attributes for one or more VPC endpoints",
"accessLevel": "Read",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"createaccesspolicy": {
"name": "CreateAccessPolicy",
"description": "Grants permission to create a data access policy",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [
"aoss:collection",
"aoss:index"
],
"dependentActions": []
},
"createcollection": {
"name": "CreateCollection",
"description": "Grants permission to create a serverless collection",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [
"aws:RequestTag/${TagKey}",
"aws:ResourceTag/${TagKey}",
"aws:TagKeys"
],
"dependentActions": []
},
"createlifecyclepolicy": {
"name": "CreateLifecyclePolicy",
"description": "Grants permission to create a lifecycle policy",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [
"aoss:collection",
"aoss:index"
],
"dependentActions": []
},
"createsecurityconfig": {
"name": "CreateSecurityConfig",
"description": "Grants permission to create a serverless security configuration",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"createsecuritypolicy": {
"name": "CreateSecurityPolicy",
"description": "Grants permission to create a network or encryption policy",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [
"aoss:collection"
],
"dependentActions": []
},
"createvpcendpoint": {
"name": "CreateVpcEndpoint",
"description": "Grants permission to create an OpenSearch-Serverless-managed interface VPC endpoint",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"dashboardsaccessall": {
"name": "DashboardsAccessAll",
"description": "Grants permission to Opensearch Serverless Dashboards",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "Dashboards",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aoss:collection",
"aoss:CollectionId"
],
"dependentActions": []
},
"deleteaccesspolicy": {
"name": "DeleteAccessPolicy",
"description": "Grants permission to delete a data access policy",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [
"aoss:collection",
"aoss:index"
],
"dependentActions": []
},
"deletecollection": {
"name": "DeleteCollection",
"description": "Grants permission to delete a serverless collection",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "Collection",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"deletelifecyclepolicy": {
"name": "DeleteLifecyclePolicy",
"description": "Grants permission to delete a lifecycle policy",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [
"aoss:collection",
"aoss:index"
],
"dependentActions": []
},
"deletesecurityconfig": {
"name": "DeleteSecurityConfig",
"description": "Grants permission to delete a security configuration",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"deletesecuritypolicy": {
"name": "DeleteSecurityPolicy",
"description": "Grants permission to delete a security policy",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [
"aoss:collection"
],
"dependentActions": []
},
"deletevpcendpoint": {
"name": "DeleteVpcEndpoint",
"description": "Grants permission to delete an OpenSearch Serverless-managed interface VPC endpoint",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"getaccesspolicy": {
"name": "GetAccessPolicy",
"description": "Grants permission to get information about a data access policy",
"accessLevel": "Read",
"resourceTypes": [],
"conditionKeys": [
"aoss:collection",
"aoss:index"
],
"dependentActions": []
},
"getaccountsettings": {
"name": "GetAccountSettings",
"description": "Grants permission to get account settings, including capacity settings",
"accessLevel": "Read",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"getpoliciesstats": {
"name": "GetPoliciesStats",
"description": "Grants permission to get statistis about the security policies in your account",
"accessLevel": "Read",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"getsecurityconfig": {
"name": "GetSecurityConfig",
"description": "Grants permission to get information about a serverless security configuration",
"accessLevel": "Read",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"getsecuritypolicy": {
"name": "GetSecurityPolicy",
"description": "Grants permission to get information about a security policy",
"accessLevel": "Read",
"resourceTypes": [],
"conditionKeys": [
"aoss:collection"
],
"dependentActions": []
},
"listaccesspolicies": {
"name": "ListAccessPolicies",
"description": "Grants permission to list data access policies",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listcollections": {
"name": "ListCollections",
"description": "Grants permission to list collections",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listlifecyclepolicies": {
"name": "ListLifecyclePolicies",
"description": "Grants permission to list lifecycle policies",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listsecurityconfigs": {
"name": "ListSecurityConfigs",
"description": "Grants permission to list security configurations",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listsecuritypolicies": {
"name": "ListSecurityPolicies",
"description": "Grants permission to list security policies",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listtagsforresource": {
"name": "ListTagsForResource",
"description": "Grants permission to list tags for a collection",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listvpcendpoints": {
"name": "ListVpcEndpoints",
"description": "Grants permission to list OpenSearch Serverless-managed VPC endpoints",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"tagresource": {
"name": "TagResource",
"description": "Grants permission to tag a serverless collection",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [
"aws:ResourceTag/${TagKey}",
"aws:RequestTag/${TagKey}",
"aws:TagKeys"
],
"dependentActions": []
},
"untagresource": {
"name": "UntagResource",
"description": "Grants permission to remove tags from a collection",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [
"aws:TagKeys"
],
"dependentActions": []
},
"updateaccesspolicy": {
"name": "UpdateAccessPolicy",
"description": "Grants permission to update a data access policy",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [
"aoss:collection",
"aoss:index"
],
"dependentActions": []
},
"updateaccountsettings": {
"name": "UpdateAccountSettings",
"description": "Grants permission to update account settings, including capacity settings",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"updatecollection": {
"name": "UpdateCollection",
"description": "Grants permission to update a collection",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "Collection",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"updatelifecyclepolicy": {
"name": "UpdateLifecyclePolicy",
"description": "Grants permission to update a lifecycle policy",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [
"aoss:collection",
"aoss:index"
],
"dependentActions": []
},
"updatesecurityconfig": {
"name": "UpdateSecurityConfig",
"description": "Grants permission to update a security configuration",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"updatesecuritypolicy": {
"name": "UpdateSecurityPolicy",
"description": "Grants permission to update a security policy",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [
"aoss:collection"
],
"dependentActions": []
},
"updatevpcendpoint": {
"name": "UpdateVpcEndpoint",
"description": "Grants permission to update an OpenSearch Serverless-managed VPC endpoint",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
}
}