@cloud-copilot/iam-data
Version:
279 lines • 7.45 kB
JSON
{
"addprofilepermission": {
"name": "AddProfilePermission",
"description": "Grants permission to add cross-account permissions to a Signing Profile",
"accessLevel": "Permissions management",
"resourceTypes": [
{
"name": "signing-profile",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"cancelsigningprofile": {
"name": "CancelSigningProfile",
"description": "Grants permission to change the state of a Signing Profile to CANCELED",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "signing-profile",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"signer:ProfileVersion"
],
"dependentActions": []
},
"describesigningjob": {
"name": "DescribeSigningJob",
"description": "Grants permission to return information about a specific Signing Job",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "signing-job",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"getrevocationstatus": {
"name": "GetRevocationStatus",
"description": "Grants permission to query revocation info of signing resources",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "signing-job",
"required": true,
"conditionKeys": [],
"dependentActions": []
},
{
"name": "signing-profile",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"getsigningplatform": {
"name": "GetSigningPlatform",
"description": "Grants permission to return information about a specific Signing Platform",
"accessLevel": "Read",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"getsigningprofile": {
"name": "GetSigningProfile",
"description": "Grants permission to return information about a specific Signing Profile",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "signing-profile",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"signer:ProfileVersion"
],
"dependentActions": []
},
"listprofilepermissions": {
"name": "ListProfilePermissions",
"description": "Grants permission to list the cross-account permissions associated with a Signing Profile",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "signing-profile",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"listsigningjobs": {
"name": "ListSigningJobs",
"description": "Grants permission to list all Signing Jobs in your account",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listsigningplatforms": {
"name": "ListSigningPlatforms",
"description": "Grants permission to list all available Signing Platforms",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listsigningprofiles": {
"name": "ListSigningProfiles",
"description": "Grants permission to list all Signing Profiles in your account",
"accessLevel": "List",
"resourceTypes": [],
"conditionKeys": [],
"dependentActions": []
},
"listtagsforresource": {
"name": "ListTagsForResource",
"description": "Grants permission to list the tags associated with a Signing Profile",
"accessLevel": "Read",
"resourceTypes": [
{
"name": "signing-profile",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"putsigningprofile": {
"name": "PutSigningProfile",
"description": "Grants permission to create a new Signing Profile",
"accessLevel": "Write",
"resourceTypes": [],
"conditionKeys": [
"aws:RequestTag/${TagKey}",
"aws:TagKeys"
],
"dependentActions": []
},
"removeprofilepermission": {
"name": "RemoveProfilePermission",
"description": "Grants permission to remove cross-account permissions from a Signing Profile",
"accessLevel": "Permissions management",
"resourceTypes": [
{
"name": "signing-profile",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [],
"dependentActions": []
},
"revokesignature": {
"name": "RevokeSignature",
"description": "Grants permission to change the state of a Signing Job to REVOKED",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "signing-job",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"signer:ProfileVersion"
],
"dependentActions": []
},
"revokesigningprofile": {
"name": "RevokeSigningProfile",
"description": "Grants permission to change the state of a Signing Profile to REVOKED",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "signing-profile",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"signer:ProfileVersion"
],
"dependentActions": []
},
"signpayload": {
"name": "SignPayload",
"description": "Grants permission to initiate a Signing Job on the provided payload",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "signing-profile",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"signer:ProfileVersion"
],
"dependentActions": []
},
"startsigningjob": {
"name": "StartSigningJob",
"description": "Grants permission to initiate a Signing Job on the provided code",
"accessLevel": "Write",
"resourceTypes": [
{
"name": "signing-profile",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"signer:ProfileVersion"
],
"dependentActions": []
},
"tagresource": {
"name": "TagResource",
"description": "Grants permission to add one or more tags to a Signing Profile",
"accessLevel": "Tagging",
"resourceTypes": [
{
"name": "signing-profile",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:TagKeys",
"aws:RequestTag/${TagKey}"
],
"dependentActions": []
},
"untagresource": {
"name": "UntagResource",
"description": "Grants permission to remove one or more tags from a Signing Profile",
"accessLevel": "Tagging",
"resourceTypes": [
{
"name": "signing-profile",
"required": true,
"conditionKeys": [],
"dependentActions": []
}
],
"conditionKeys": [
"aws:TagKeys",
"aws:RequestTag/${TagKey}"
],
"dependentActions": []
}
}