@cloud-copilot/iam-data
Version:
313 lines • 8.32 kB
JSON
{
"cancelsession": {
"name": "CancelSession",
"description": "Grants permission to cancel an approval session",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "session",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}",
"mpa:RequestedOperation",
"mpa:ProtectedResourceAccount"
],
"dependentActions": []
},
"createapprovalteam": {
"name": "CreateApprovalTeam",
"description": "Grants permission to create an approval team",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "approval-team",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:RequestTag/${TagKey}",
"aws:ResourceTag/${TagKey}",
"aws:TagKeys"
],
"dependentActions": []
},
"createidentitysource": {
"name": "CreateIdentitySource",
"description": "Grants permission to create an identity source",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "identity-source",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:RequestTag/${TagKey}",
"aws:ResourceTag/${TagKey}",
"aws:TagKeys"
],
"dependentActions": []
},
"deleteidentitysource": {
"name": "DeleteIdentitySource",
"description": "Grants permission to delete an identity source",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "identity-source",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"deleteinactiveapprovalteamversion": {
"name": "DeleteInactiveApprovalTeamVersion",
"description": "Grants permission to delete an inactive approval team",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "approval-team",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"deleteresourcepolicy": {
"name": "DeleteResourcePolicy",
"isPermissionOnly": true,
"description": "Grants permission to delete a resource policy",
"accessLevel": "Permissions management",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"getapprovalteam": {
"name": "GetApprovalTeam",
"description": "Grants permission to retrieve details for an approval team",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "approval-team",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"getidentitysource": {
"name": "GetIdentitySource",
"description": "Grants permission to retrieve details for an identity source",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "identity-source",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"getpolicyversion": {
"name": "GetPolicyVersion",
"description": "Grants permission to retrieve details for a policy",
"accessLevel": "Read",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"getresourcepolicy": {
"name": "GetResourcePolicy",
"description": "Grants permission to retrieve details for a specific resource",
"accessLevel": "Read",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"getsession": {
"name": "GetSession",
"description": "Grants permission to retrieve details for an approval session",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "session",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}",
"mpa:RequestedOperation",
"mpa:ProtectedResourceAccount"
],
"dependentActions": []
},
"listapprovalteams": {
"name": "ListApprovalTeams",
"description": "Grants permission to list approval teams",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listidentitysources": {
"name": "ListIdentitySources",
"description": "Grants permission to list identity sources",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listpolicies": {
"name": "ListPolicies",
"description": "Grants permission to list policies",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listpolicyversions": {
"name": "ListPolicyVersions",
"description": "Grants permission to list the versions for policies",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listresourcepolicies": {
"name": "ListResourcePolicies",
"description": "Grants permission to list policies for a resource",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listsessions": {
"name": "ListSessions",
"description": "Grants permission to list approval sessions",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listtagsforresource": {
"name": "ListTagsForResource",
"description": "Grants permission to list tags for a resource",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"putresourcepolicy": {
"name": "PutResourcePolicy",
"isPermissionOnly": true,
"description": "Grants permission to create or update policies for a resource",
"accessLevel": "Permissions management",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"startactiveapprovalteamdeletion": {
"name": "StartActiveApprovalTeamDeletion",
"description": "Grants permission to start the deletion process for an active approval team",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "approval-team",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
},
"startsession": {
"name": "StartSession",
"isPermissionOnly": true,
"description": "Grants permission to start an approval session",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "session",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}",
"mpa:RequestedOperation",
"mpa:ProtectedResourceAccount"
],
"dependentActions": []
},
"tagresource": {
"name": "TagResource",
"description": "Grants permission to tag a resource",
"accessLevel": "Tagging",
"resourceTypes": [],
"conditionKeys": [
"aws:RequestTag/${TagKey}",
"aws:ResourceTag/${TagKey}",
"aws:TagKeys"
],
"dependentActions": []
},
"untagresource": {
"name": "UntagResource",
"description": "Grants permission to untag a resource",
"accessLevel": "Tagging",
"resourceTypes": [],
"conditionKeys": [
"aws:ResourceTag/${TagKey}",
"aws:TagKeys"
],
"dependentActions": []
},
"updateapprovalteam": {
"name": "UpdateApprovalTeam",
"description": "Grants permission to update approval team",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "approval-team",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:ResourceTag/${TagKey}"
],
"dependentActions": []
}
}