@cloud-copilot/iam-data
Version:
503 lines • 14.2 kB
JSON
{
"abortmultipartupload": {
"name": "AbortMultipartUpload",
"description": "Grants permission to abort a multipart upload",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion"
],
"dependentActions": []
},
"deleteobject": {
"name": "DeleteObject",
"description": "Grants permission to remove the null version of an object and insert a delete marker, which becomes the current version of the object",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion"
],
"dependentActions": []
},
"deleteobjecttagging": {
"name": "DeleteObjectTagging",
"description": "Grants permission to use the tagging subresource to remove the entire tag set from the specified object",
"accessLevel": "Tagging",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion"
],
"dependentActions": []
},
"deleteobjectversion": {
"name": "DeleteObjectVersion",
"description": "Grants permission to remove a specific version of an object",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion",
"s3-object-lambda:versionid"
],
"dependentActions": []
},
"deleteobjectversiontagging": {
"name": "DeleteObjectVersionTagging",
"description": "Grants permission to remove the entire tag set for a specific version of the object",
"accessLevel": "Tagging",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion",
"s3-object-lambda:versionid"
],
"dependentActions": []
},
"getobject": {
"name": "GetObject",
"description": "Grants permission to retrieve objects from Amazon S3",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion"
],
"dependentActions": []
},
"getobjectacl": {
"name": "GetObjectAcl",
"description": "Grants permission to return the access control list (ACL) of an object",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion"
],
"dependentActions": []
},
"getobjectlegalhold": {
"name": "GetObjectLegalHold",
"description": "Grants permission to get an object's current Legal Hold status",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion"
],
"dependentActions": []
},
"getobjectretention": {
"name": "GetObjectRetention",
"description": "Grants permission to retrieve the retention settings for an object",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion"
],
"dependentActions": []
},
"getobjecttagging": {
"name": "GetObjectTagging",
"description": "Grants permission to return the tag set of an object",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion"
],
"dependentActions": []
},
"getobjectversion": {
"name": "GetObjectVersion",
"description": "Grants permission to retrieve a specific version of an object",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion",
"s3-object-lambda:versionid"
],
"dependentActions": []
},
"getobjectversionacl": {
"name": "GetObjectVersionAcl",
"description": "Grants permission to return the access control list (ACL) of a specific object version",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion",
"s3-object-lambda:versionid"
],
"dependentActions": []
},
"getobjectversiontagging": {
"name": "GetObjectVersionTagging",
"description": "Grants permission to return the tag set for a specific version of the object",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion",
"s3-object-lambda:versionid"
],
"dependentActions": []
},
"listbucket": {
"name": "ListBucket",
"description": "Grants permission to list some or all of the objects in an Amazon S3 bucket (up to 1000)",
"accessLevel": "List",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion"
],
"dependentActions": []
},
"listbucketmultipartuploads": {
"name": "ListBucketMultipartUploads",
"description": "Grants permission to list in-progress multipart uploads",
"accessLevel": "List",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion"
],
"dependentActions": []
},
"listbucketversions": {
"name": "ListBucketVersions",
"description": "Grants permission to list metadata about all the versions of objects in an Amazon S3 bucket",
"accessLevel": "List",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion"
],
"dependentActions": []
},
"listmultipartuploadparts": {
"name": "ListMultipartUploadParts",
"description": "Grants permission to list the parts that have been uploaded for a specific multipart upload",
"accessLevel": "List",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion"
],
"dependentActions": []
},
"putobject": {
"name": "PutObject",
"description": "Grants permission to add an object to a bucket",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion"
],
"dependentActions": []
},
"putobjectacl": {
"name": "PutObjectAcl",
"description": "Grants permission to set the access control list (ACL) permissions for new or existing objects in an S3 bucket",
"accessLevel": "Permissions management",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion"
],
"dependentActions": []
},
"putobjectlegalhold": {
"name": "PutObjectLegalHold",
"description": "Grants permission to apply a Legal Hold configuration to the specified object",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion"
],
"dependentActions": []
},
"putobjectretention": {
"name": "PutObjectRetention",
"description": "Grants permission to place an Object Retention configuration on an object",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion"
],
"dependentActions": []
},
"putobjecttagging": {
"name": "PutObjectTagging",
"description": "Grants permission to set the supplied tag-set to an object that already exists in a bucket",
"accessLevel": "Tagging",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion"
],
"dependentActions": []
},
"putobjectversionacl": {
"name": "PutObjectVersionAcl",
"description": "Grants permission to use the acl subresource to set the access control list (ACL) permissions for an object that already exists in a bucket",
"accessLevel": "Permissions management",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion",
"s3-object-lambda:versionid"
],
"dependentActions": []
},
"putobjectversiontagging": {
"name": "PutObjectVersionTagging",
"description": "Grants permission to set the supplied tag-set for a specific version of an object",
"accessLevel": "Tagging",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion",
"s3-object-lambda:versionid"
],
"dependentActions": []
},
"restoreobject": {
"name": "RestoreObject",
"description": "Grants permission to restore an archived copy of an object back into Amazon S3",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion"
],
"dependentActions": []
},
"writegetobjectresponse": {
"name": "WriteGetObjectResponse",
"description": "Grants permission to provide data for GetObject requests send to S3 Object Lambda",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "objectlambdaaccesspoint",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"s3-object-lambda:authType",
"s3-object-lambda:signatureAge",
"s3-object-lambda:TlsVersion"
],
"dependentActions": []
}
}