@cloud-copilot/iam-data
Version:
560 lines • 15.7 kB
JSON
{
"createconnection": {
"name": "CreateConnection",
"description": "Grants permission to create a Connection resource",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [
"aws:RequestTag/${TagKey}",
"aws:TagKeys",
"codestar-connections:ProviderType"
],
"dependentActions": []
},
"createhost": {
"name": "CreateHost",
"description": "Grants permission to create a host resource",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [
"aws:RequestTag/${TagKey}",
"aws:TagKeys",
"codestar-connections:ProviderType",
"codestar-connections:VpcId"
],
"dependentActions": []
},
"createrepositorylink": {
"name": "CreateRepositoryLink",
"description": "Grants permission to create a repository link",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "Connection",
"required": true,
"conditionKeys": [],
"dependentActions": [
"codestar-connections:PassConnection",
"codestar-connections:UseConnection"
]
}
],
"conditionKeys": [
"aws:RequestTag/${TagKey}",
"aws:TagKeys"
],
"dependentActions": []
},
"createsyncconfiguration": {
"name": "CreateSyncConfiguration",
"description": "Grants permission to create a template sync config",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "RepositoryLink",
"required": true,
"conditionKeys": [],
"dependentActions": [
"codestar-connections:PassRepository",
"iam:PassRole"
]
}
],
"conditionKeys": [
"codestar-connections:Branch"
],
"dependentActions": []
},
"deleteconnection": {
"name": "DeleteConnection",
"description": "Grants permission to delete a Connection resource",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "Connection",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"deletehost": {
"name": "DeleteHost",
"description": "Grants permission to delete a host resource",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "Host",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"deleterepositorylink": {
"name": "DeleteRepositoryLink",
"description": "Grants permission to delete a repository link",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "RepositoryLink",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"deletesyncconfiguration": {
"name": "DeleteSyncConfiguration",
"description": "Grants permission to delete a sync configuration",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"getconnection": {
"name": "GetConnection",
"description": "Grants permission to get details about a Connection resource",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "Connection",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"getconnectiontoken": {
"name": "GetConnectionToken",
"isPermissionOnly": true,
"description": "Grants permission to get a Connection token to call provider actions",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "Connection",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"gethost": {
"name": "GetHost",
"description": "Grants permission to get details about a host resource",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "Host",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"getindividualaccesstoken": {
"name": "GetIndividualAccessToken",
"isPermissionOnly": true,
"description": "Grants permission to associate a third party, such as a Bitbucket App installation, with a Connection",
"accessLevel": "Read",
"resourceTypes": [],
"conditionKeys": [
"codestar-connections:ProviderType"
],
"dependentActions": [
"codestar-connections:StartOAuthHandshake"
]
},
"getinstallationurl": {
"name": "GetInstallationUrl",
"isPermissionOnly": true,
"description": "Grants permission to associate a third party, such as a Bitbucket App installation, with a Connection",
"accessLevel": "Read",
"resourceTypes": [],
"conditionKeys": [
"codestar-connections:ProviderType"
],
"dependentActions": []
},
"getrepositorylink": {
"name": "GetRepositoryLink",
"description": "Grants permission to describe a repository link",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "RepositoryLink",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"getrepositorysyncstatus": {
"name": "GetRepositorySyncStatus",
"description": "Grants permission to get the latest sync status for a repository",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "RepositoryLink",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"codestar-connections:Branch"
],
"dependentActions": []
},
"getresourcesyncstatus": {
"name": "GetResourceSyncStatus",
"description": "Grants permission to get the latest sync status for a resource (cfn stack or other resources)",
"accessLevel": "Read",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"getsyncblockersummary": {
"name": "GetSyncBlockerSummary",
"description": "Grants permission to describe service sync blockers on a resource (cfn stack or other resources)",
"accessLevel": "Read",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"getsyncconfiguration": {
"name": "GetSyncConfiguration",
"description": "Grants permission to describe a sync configuration",
"accessLevel": "Read",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listconnections": {
"name": "ListConnections",
"description": "Grants permission to list Connection resources",
"accessLevel": "List",
"resourceTypes": [
{
"name": "Connection",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"codestar-connections:ProviderTypeFilter"
],
"dependentActions": []
},
"listhosts": {
"name": "ListHosts",
"description": "Grants permission to list host resources",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [
"codestar-connections:ProviderTypeFilter"
],
"dependentActions": []
},
"listinstallationtargets": {
"name": "ListInstallationTargets",
"isPermissionOnly": true,
"description": "Grants permission to associate a third party, such as a Bitbucket App installation, with a Connection",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": [
"codestar-connections:GetIndividualAccessToken",
"codestar-connections:StartOAuthHandshake"
]
},
"listrepositorylinks": {
"name": "ListRepositoryLinks",
"description": "Grants permission to list repository links",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listrepositorysyncdefinitions": {
"name": "ListRepositorySyncDefinitions",
"description": "Grants permission to list repository sync definitions",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listsyncconfigurations": {
"name": "ListSyncConfigurations",
"description": "Grants permission to list sync configurations for a repository link",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listtagsforresource": {
"name": "ListTagsForResource",
"description": "Grants permission to the set of key-value pairs that are used to manage the resource",
"accessLevel": "List",
"resourceTypes": [
{
"name": "Connection",
"required": false,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "Host",
"required": false,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "RepositoryLink",
"required": false,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"passconnection": {
"name": "PassConnection",
"isPermissionOnly": true,
"description": "Grants permission to pass a Connection resource to an AWS service that accepts a Connection ARN as input, such as codepipeline:CreatePipeline",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "Connection",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"codestar-connections:PassedToService"
],
"dependentActions": []
},
"passrepository": {
"name": "PassRepository",
"isPermissionOnly": true,
"description": "Grants permission to pass a repository link resource to an AWS service that accepts a RepositoryLinkId as input, such as codestar-connections:CreateSyncConfiguration",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "RepositoryLink",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"codestar-connections:PassedToService"
],
"dependentActions": []
},
"registerappcode": {
"name": "RegisterAppCode",
"isPermissionOnly": true,
"description": "Grants permission to associate a third party server, such as a GitHub Enterprise Server instance, with a Host",
"accessLevel": "Read",
"resourceTypes": [],
"conditionKeys": [
"codestar-connections:HostArn"
],
"dependentActions": []
},
"startappregistrationhandshake": {
"name": "StartAppRegistrationHandshake",
"isPermissionOnly": true,
"description": "Grants permission to associate a third party server, such as a GitHub Enterprise Server instance, with a Host",
"accessLevel": "Read",
"resourceTypes": [],
"conditionKeys": [
"codestar-connections:HostArn"
],
"dependentActions": []
},
"startoauthhandshake": {
"name": "StartOAuthHandshake",
"isPermissionOnly": true,
"description": "Grants permission to associate a third party, such as a Bitbucket App installation, with a Connection",
"accessLevel": "Read",
"resourceTypes": [],
"conditionKeys": [
"codestar-connections:ProviderType"
],
"dependentActions": []
},
"tagresource": {
"name": "TagResource",
"description": "Grants permission to add or modify the tags of the given resource",
"accessLevel": "Tagging",
"resourceTypes": [
{
"name": "Connection",
"required": false,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "Host",
"required": false,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "RepositoryLink",
"required": false,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:TagKeys",
"aws:RequestTag/${TagKey}"
],
"dependentActions": []
},
"untagresource": {
"name": "UntagResource",
"description": "Grants permission to remove tags from an AWS resource",
"accessLevel": "Tagging",
"resourceTypes": [
{
"name": "Connection",
"required": false,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "Host",
"required": false,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "RepositoryLink",
"required": false,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:TagKeys"
],
"dependentActions": []
},
"updateconnectioninstallation": {
"name": "UpdateConnectionInstallation",
"description": "Grants permission to update a Connection resource with an installation of the CodeStar Connections App",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "Connection",
"required": true,
"conditionKeys": [],
"dependentActions": [
"codestar-connections:GetIndividualAccessToken",
"codestar-connections:GetInstallationUrl",
"codestar-connections:ListInstallationTargets",
"codestar-connections:StartOAuthHandshake"
]
}
],
"conditionKeys": [
"codestar-connections:InstallationId"
],
"dependentActions": []
},
"updatehost": {
"name": "UpdateHost",
"description": "Grants permission to update a host resource",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "Host",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"codestar-connections:VpcId"
],
"dependentActions": []
},
"updaterepositorylink": {
"name": "UpdateRepositoryLink",
"description": "Grants permission to update a repository link",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "RepositoryLink",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"updatesyncblocker": {
"name": "UpdateSyncBlocker",
"description": "Grants permission to update a sync blocker for a resource (cfn stack or other resources)",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"updatesyncconfiguration": {
"name": "UpdateSyncConfiguration",
"description": "Grants permission to update a sync configuration",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [
"codestar-connections:Branch"
],
"dependentActions": []
},
"useconnection": {
"name": "UseConnection",
"isPermissionOnly": true,
"description": "Grants permission to use a Connection resource to call provider actions",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "Connection",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"codestar-connections:BranchName",
"codestar-connections:FullRepositoryId",
"codestar-connections:OwnerId",
"codestar-connections:ProviderAction",
"codestar-connections:ProviderPermissionsRequired",
"codestar-connections:RepositoryName"
],
"dependentActions": []
}
}