aws-iam-policy-types
Version:
Autogenerated Typescript types for AWS IAM Policy and enums for all policy actions
1,144 lines • 50.9 kB
JavaScript
// AUTOGENERATED FILE - DO NOT EDIT
/**
* All IAM policy actions for AWS Identity and Access Management (IAM) (IAM)
*
* Extracted by `aws-iam-policy` from
* https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsidentityandaccessmanagementiam.html
*
* 2025-02-24T21:48:15.516Z
*/
export var AwsIamActions;
(function (AwsIamActions) {
/**
* Grants permission to add a new client ID (audience) to the list of registered I
* Ds for the specified IAM OpenID Connect (OIDC) provider resource
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_AddClientIDToOpenIDConnectProvider.html
*/
AwsIamActions["AddClientIDToOpenIDConnectProvider"] = "iam:AddClientIDToOpenIDConnectProvider";
/**
* Grants permission to add an IAM role to the specified instance profile
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_AddRoleToInstanceProfile.html
*/
AwsIamActions["AddRoleToInstanceProfile"] = "iam:AddRoleToInstanceProfile";
/**
* Grants permission to add an IAM user to the specified IAM group
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_AddUserToGroup.html
*/
AwsIamActions["AddUserToGroup"] = "iam:AddUserToGroup";
/**
* Grants permission to attach a managed policy to the specified IAM group
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_AttachGroupPolicy.html
*/
AwsIamActions["AttachGroupPolicy"] = "iam:AttachGroupPolicy";
/**
* Grants permission to attach a managed policy to the specified IAM role
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_AttachRolePolicy.html
*/
AwsIamActions["AttachRolePolicy"] = "iam:AttachRolePolicy";
/**
* Grants permission to attach a managed policy to the specified IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_AttachUserPolicy.html
*/
AwsIamActions["AttachUserPolicy"] = "iam:AttachUserPolicy";
/**
* Grants permission to an IAM user to change their own password
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ChangePassword.html
*/
AwsIamActions["ChangePassword"] = "iam:ChangePassword";
/**
* Grants permission to create access key and secret access key for the specified
* IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateAccessKey.html
*/
AwsIamActions["CreateAccessKey"] = "iam:CreateAccessKey";
/**
* Grants permission to create an alias for your AWS account
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateAccountAlias.html
*/
AwsIamActions["CreateAccountAlias"] = "iam:CreateAccountAlias";
/**
* Grants permission to create a new group
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateGroup.html
*/
AwsIamActions["CreateGroup"] = "iam:CreateGroup";
/**
* Grants permission to create a new instance profile
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateInstanceProfile.html
*/
AwsIamActions["CreateInstanceProfile"] = "iam:CreateInstanceProfile";
/**
* Grants permission to create a password for the specified IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateLoginProfile.html
*/
AwsIamActions["CreateLoginProfile"] = "iam:CreateLoginProfile";
/**
* Grants permission to create an IAM resource that describes an identity provider
* (IdP) that supports OpenID Connect (OIDC)
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html
*/
AwsIamActions["CreateOpenIDConnectProvider"] = "iam:CreateOpenIDConnectProvider";
/**
* Grants permission to create a new managed policy
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreatePolicy.html
*/
AwsIamActions["CreatePolicy"] = "iam:CreatePolicy";
/**
* Grants permission to create a new version of the specified managed policy
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreatePolicyVersion.html
*/
AwsIamActions["CreatePolicyVersion"] = "iam:CreatePolicyVersion";
/**
* Grants permission to create a new role
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html
*/
AwsIamActions["CreateRole"] = "iam:CreateRole";
/**
* Grants permission to create an IAM resource that describes an identity provider
* (IdP) that supports SAML 2.0
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateSAMLProvider.html
*/
AwsIamActions["CreateSAMLProvider"] = "iam:CreateSAMLProvider";
/**
* Grants permission to create an IAM role that allows an AWS service to perform a
* ctions on your behalf
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateServiceLinkedRole.html
*/
AwsIamActions["CreateServiceLinkedRole"] = "iam:CreateServiceLinkedRole";
/**
* Grants permission to create a new service-specific credential for an IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateServiceSpecificCredential.html
*/
AwsIamActions["CreateServiceSpecificCredential"] = "iam:CreateServiceSpecificCredential";
/**
* Grants permission to create a new IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateUser.html
*/
AwsIamActions["CreateUser"] = "iam:CreateUser";
/**
* Grants permission to create a new virtual MFA device
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateVirtualMFADevice.html
*/
AwsIamActions["CreateVirtualMFADevice"] = "iam:CreateVirtualMFADevice";
/**
* Grants permission to deactivate the specified MFA device and remove its associa
* tion with the IAM user for which it was originally enabled
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeactivateMFADevice.html
*/
AwsIamActions["DeactivateMFADevice"] = "iam:DeactivateMFADevice";
/**
* Grants permission to delete the access key pair that is associated with the spe
* cified IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteAccessKey.html
*/
AwsIamActions["DeleteAccessKey"] = "iam:DeleteAccessKey";
/**
* Grants permission to delete the specified AWS account alias
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteAccountAlias.html
*/
AwsIamActions["DeleteAccountAlias"] = "iam:DeleteAccountAlias";
/**
* Grants permission to delete the password policy for the AWS account
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteAccountPasswordPolicy.html
*/
AwsIamActions["DeleteAccountPasswordPolicy"] = "iam:DeleteAccountPasswordPolicy";
/**
* Grants permission to delete an existing CloudFront public key
*
* See https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html
*/
AwsIamActions["DeleteCloudFrontPublicKey"] = "iam:DeleteCloudFrontPublicKey";
/**
* Grants permission to delete the specified IAM group
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteGroup.html
*/
AwsIamActions["DeleteGroup"] = "iam:DeleteGroup";
/**
* Grants permission to delete the specified inline policy from its group
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteGroupPolicy.html
*/
AwsIamActions["DeleteGroupPolicy"] = "iam:DeleteGroupPolicy";
/**
* Grants permission to delete the specified instance profile
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteInstanceProfile.html
*/
AwsIamActions["DeleteInstanceProfile"] = "iam:DeleteInstanceProfile";
/**
* Grants permission to delete the password for the specified IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteLoginProfile.html
*/
AwsIamActions["DeleteLoginProfile"] = "iam:DeleteLoginProfile";
/**
* Grants permission to delete an OpenID Connect identity provider (IdP) resource
* object in IAM
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteOpenIDConnectProvider.html
*/
AwsIamActions["DeleteOpenIDConnectProvider"] = "iam:DeleteOpenIDConnectProvider";
/**
* Grants permission to delete the specified managed policy and remove it from any
* IAM entities (users, groups, or roles) to which it is attached
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeletePolicy.html
*/
AwsIamActions["DeletePolicy"] = "iam:DeletePolicy";
/**
* Grants permission to delete a version from the specified managed policy
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeletePolicyVersion.html
*/
AwsIamActions["DeletePolicyVersion"] = "iam:DeletePolicyVersion";
/**
* Grants permission to delete the specified role
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteRole.html
*/
AwsIamActions["DeleteRole"] = "iam:DeleteRole";
/**
* Grants permission to remove the permissions boundary from a role
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteRolePermissionsBoundary.html
*/
AwsIamActions["DeleteRolePermissionsBoundary"] = "iam:DeleteRolePermissionsBoundary";
/**
* Grants permission to delete the specified inline policy from the specified role
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteRolePolicy.html
*/
AwsIamActions["DeleteRolePolicy"] = "iam:DeleteRolePolicy";
/**
* Grants permission to delete a SAML provider resource in IAM
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteSAMLProvider.html
*/
AwsIamActions["DeleteSAMLProvider"] = "iam:DeleteSAMLProvider";
/**
* Grants permission to delete the specified SSH public key
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteSSHPublicKey.html
*/
AwsIamActions["DeleteSSHPublicKey"] = "iam:DeleteSSHPublicKey";
/**
* Grants permission to delete the specified server certificate
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteServerCertificate.html
*/
AwsIamActions["DeleteServerCertificate"] = "iam:DeleteServerCertificate";
/**
* Grants permission to delete an IAM role that is linked to a specific AWS servic
* e, if the service is no longer using it
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteServiceLinkedRole.html
*/
AwsIamActions["DeleteServiceLinkedRole"] = "iam:DeleteServiceLinkedRole";
/**
* Grants permission to delete the specified service-specific credential for an IA
* M user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteServiceSpecificCredential.html
*/
AwsIamActions["DeleteServiceSpecificCredential"] = "iam:DeleteServiceSpecificCredential";
/**
* Grants permission to delete a signing certificate that is associated with the s
* pecified IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteSigningCertificate.html
*/
AwsIamActions["DeleteSigningCertificate"] = "iam:DeleteSigningCertificate";
/**
* Grants permission to delete the specified IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteUser.html
*/
AwsIamActions["DeleteUser"] = "iam:DeleteUser";
/**
* Grants permission to remove the permissions boundary from the specified IAM use
* r
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteUserPermissionsBoundary.html
*/
AwsIamActions["DeleteUserPermissionsBoundary"] = "iam:DeleteUserPermissionsBoundary";
/**
* Grants permission to delete the specified inline policy from an IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteUserPolicy.html
*/
AwsIamActions["DeleteUserPolicy"] = "iam:DeleteUserPolicy";
/**
* Grants permission to delete a virtual MFA device
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteVirtualMFADevice.html
*/
AwsIamActions["DeleteVirtualMFADevice"] = "iam:DeleteVirtualMFADevice";
/**
* Grants permission to detach a managed policy from the specified IAM group
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DetachGroupPolicy.html
*/
AwsIamActions["DetachGroupPolicy"] = "iam:DetachGroupPolicy";
/**
* Grants permission to detach a managed policy from the specified role
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DetachRolePolicy.html
*/
AwsIamActions["DetachRolePolicy"] = "iam:DetachRolePolicy";
/**
* Grants permission to detach a managed policy from the specified IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DetachUserPolicy.html
*/
AwsIamActions["DetachUserPolicy"] = "iam:DetachUserPolicy";
/**
* Grants permission to disable the management of member account root user credent
* ials for an organization managed under the current account
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DisableOrganizationsRootCredentialsManagement.html
*/
AwsIamActions["DisableOrganizationsRootCredentialsManagement"] = "iam:DisableOrganizationsRootCredentialsManagement";
/**
* Grants permission to disable privileged root actions in member accounts for an
* organization managed under the current account
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_DisableOrganizationsRootSessions.html
*/
AwsIamActions["DisableOrganizationsRootSessions"] = "iam:DisableOrganizationsRootSessions";
/**
* Grants permission to enable an MFA device and associate it with the specified I
* AM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_EnableMFADevice.html
*/
AwsIamActions["EnableMFADevice"] = "iam:EnableMFADevice";
/**
* Grants permission to enable the management of member account root user credenti
* als for an organization managed under the current account
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_EnableOrganizationsRootCredentialsManagement.html
*/
AwsIamActions["EnableOrganizationsRootCredentialsManagement"] = "iam:EnableOrganizationsRootCredentialsManagement";
/**
* Grants permission to enable privileged root actions in member accounts for an o
* rganization managed under the current account
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_EnableOrganizationsRootSessions.html
*/
AwsIamActions["EnableOrganizationsRootSessions"] = "iam:EnableOrganizationsRootSessions";
/**
* Grants permission to generate a credential report for the AWS account
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GenerateCredentialReport.html
*/
AwsIamActions["GenerateCredentialReport"] = "iam:GenerateCredentialReport";
/**
* Grants permission to generate an access report for an AWS Organizations entity
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GenerateOrganizationsAccessReport.html
*/
AwsIamActions["GenerateOrganizationsAccessReport"] = "iam:GenerateOrganizationsAccessReport";
/**
* Grants permission to generate a service last accessed data report for an IAM re
* source
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GenerateServiceLastAccessedDetails.html
*/
AwsIamActions["GenerateServiceLastAccessedDetails"] = "iam:GenerateServiceLastAccessedDetails";
/**
* Grants permission to retrieve information about when the specified access key w
* as last used
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetAccessKeyLastUsed.html
*/
AwsIamActions["GetAccessKeyLastUsed"] = "iam:GetAccessKeyLastUsed";
/**
* Grants permission to retrieve information about all IAM users, groups, roles, a
* nd policies in your AWS account, including their relationships to one another
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetAccountAuthorizationDetails.html
*/
AwsIamActions["GetAccountAuthorizationDetails"] = "iam:GetAccountAuthorizationDetails";
/**
* Grants permission to retrieve the email address that is associated with the acc
* ount
*
* See https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-update-root-user.html
*/
AwsIamActions["GetAccountEmailAddress"] = "iam:GetAccountEmailAddress";
/**
* Grants permission to retrieve the account name that is associated with the acco
* unt
*
* See https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-update-root-user.html
*/
AwsIamActions["GetAccountName"] = "iam:GetAccountName";
/**
* Grants permission to retrieve the password policy for the AWS account
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetAccountPasswordPolicy.html
*/
AwsIamActions["GetAccountPasswordPolicy"] = "iam:GetAccountPasswordPolicy";
/**
* Grants permission to retrieve information about IAM entity usage and IAM quotas
* in the AWS account
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetAccountSummary.html
*/
AwsIamActions["GetAccountSummary"] = "iam:GetAccountSummary";
/**
* Grants permission to retrieve information about the specified CloudFront public
* key
*
* See https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html
*/
AwsIamActions["GetCloudFrontPublicKey"] = "iam:GetCloudFrontPublicKey";
/**
* Grants permission to retrieve a list of all of the context keys that are refere
* nced in the specified policy
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetContextKeysForCustomPolicy.html
*/
AwsIamActions["GetContextKeysForCustomPolicy"] = "iam:GetContextKeysForCustomPolicy";
/**
* Grants permission to retrieve a list of all context keys that are referenced in
* all IAM policies that are attached to the specified IAM identity (user, group,
* or role)
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetContextKeysForPrincipalPolicy.html
*/
AwsIamActions["GetContextKeysForPrincipalPolicy"] = "iam:GetContextKeysForPrincipalPolicy";
/**
* Grants permission to retrieve a credential report for the AWS account
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetCredentialReport.html
*/
AwsIamActions["GetCredentialReport"] = "iam:GetCredentialReport";
/**
* Grants permission to retrieve a list of IAM users in the specified IAM group
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetGroup.html
*/
AwsIamActions["GetGroup"] = "iam:GetGroup";
/**
* Grants permission to retrieve an inline policy document that is embedded in the
* specified IAM group
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetGroupPolicy.html
*/
AwsIamActions["GetGroupPolicy"] = "iam:GetGroupPolicy";
/**
* Grants permission to retrieve information about the specified instance profile,
* including the instance profile's path, GUID, ARN, and role
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetInstanceProfile.html
*/
AwsIamActions["GetInstanceProfile"] = "iam:GetInstanceProfile";
/**
* Grants permission to retrieve the user name and password creation date for the
* specified IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetLoginProfile.html
*/
AwsIamActions["GetLoginProfile"] = "iam:GetLoginProfile";
/**
* Grants permission to retrieve information about an MFA device for the specified
* user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetMFADevice.html
*/
AwsIamActions["GetMFADevice"] = "iam:GetMFADevice";
/**
* Grants permission to retrieve information about the specified OpenID Connect (O
* IDC) provider resource in IAM
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetOpenIDConnectProvider.html
*/
AwsIamActions["GetOpenIDConnectProvider"] = "iam:GetOpenIDConnectProvider";
/**
* Grants permission to retrieve an AWS Organizations access report
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetOrganizationsAccessReport.html
*/
AwsIamActions["GetOrganizationsAccessReport"] = "iam:GetOrganizationsAccessReport";
/**
* Grants permission to retrieve information about the specified managed policy, i
* ncluding the policy's default version and the total number of identities to whi
* ch the policy is attached
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetPolicy.html
*/
AwsIamActions["GetPolicy"] = "iam:GetPolicy";
/**
* Grants permission to retrieve information about a version of the specified mana
* ged policy, including the policy document
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetPolicyVersion.html
*/
AwsIamActions["GetPolicyVersion"] = "iam:GetPolicyVersion";
/**
* Grants permission to retrieve information about the specified role, including t
* he role's path, GUID, ARN, and the role's trust policy
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetRole.html
*/
AwsIamActions["GetRole"] = "iam:GetRole";
/**
* Grants permission to retrieve an inline policy document that is embedded with t
* he specified IAM role
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetRolePolicy.html
*/
AwsIamActions["GetRolePolicy"] = "iam:GetRolePolicy";
/**
* Grants permission to retrieve the SAML provider metadocument that was uploaded
* when the IAM SAML provider resource was created or updated
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetSAMLProvider.html
*/
AwsIamActions["GetSAMLProvider"] = "iam:GetSAMLProvider";
/**
* Grants permission to retrieve the specified SSH public key, including metadata
* about the key
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetSSHPublicKey.html
*/
AwsIamActions["GetSSHPublicKey"] = "iam:GetSSHPublicKey";
/**
* Grants permission to retrieve information about the specified server certificat
* e stored in IAM
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetServerCertificate.html
*/
AwsIamActions["GetServerCertificate"] = "iam:GetServerCertificate";
/**
* Grants permission to retrieve information about the service last accessed data
* report
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetServiceLastAccessedDetails.html
*/
AwsIamActions["GetServiceLastAccessedDetails"] = "iam:GetServiceLastAccessedDetails";
/**
* Grants permission to retrieve information about the entities from the service l
* ast accessed data report
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetServiceLastAccessedDetailsWithEntities.html
*/
AwsIamActions["GetServiceLastAccessedDetailsWithEntities"] = "iam:GetServiceLastAccessedDetailsWithEntities";
/**
* Grants permission to retrieve an IAM service-linked role deletion status
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetServiceLinkedRoleDeletionStatus.html
*/
AwsIamActions["GetServiceLinkedRoleDeletionStatus"] = "iam:GetServiceLinkedRoleDeletionStatus";
/**
* Grants permission to retrieve information about the specified IAM user, includi
* ng the user's creation date, path, unique ID, and ARN
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetUser.html
*/
AwsIamActions["GetUser"] = "iam:GetUser";
/**
* Grants permission to retrieve an inline policy document that is embedded in the
* specified IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetUserPolicy.html
*/
AwsIamActions["GetUserPolicy"] = "iam:GetUserPolicy";
/**
* Grants permission to list information about the access key IDs that are associa
* ted with the specified IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListAccessKeys.html
*/
AwsIamActions["ListAccessKeys"] = "iam:ListAccessKeys";
/**
* Grants permission to list the account alias that is associated with the AWS acc
* ount
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListAccountAliases.html
*/
AwsIamActions["ListAccountAliases"] = "iam:ListAccountAliases";
/**
* Grants permission to list all managed policies that are attached to the specifi
* ed IAM group
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListAttachedGroupPolicies.html
*/
AwsIamActions["ListAttachedGroupPolicies"] = "iam:ListAttachedGroupPolicies";
/**
* Grants permission to list all managed policies that are attached to the specifi
* ed IAM role
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListAttachedRolePolicies.html
*/
AwsIamActions["ListAttachedRolePolicies"] = "iam:ListAttachedRolePolicies";
/**
* Grants permission to list all managed policies that are attached to the specifi
* ed IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListAttachedUserPolicies.html
*/
AwsIamActions["ListAttachedUserPolicies"] = "iam:ListAttachedUserPolicies";
/**
* Grants permission to list all current CloudFront public keys for the account
*
* See https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html
*/
AwsIamActions["ListCloudFrontPublicKeys"] = "iam:ListCloudFrontPublicKeys";
/**
* Grants permission to list all IAM identities to which the specified managed pol
* icy is attached
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListEntitiesForPolicy.html
*/
AwsIamActions["ListEntitiesForPolicy"] = "iam:ListEntitiesForPolicy";
/**
* Grants permission to list the names of the inline policies that are embedded in
* the specified IAM group
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListGroupPolicies.html
*/
AwsIamActions["ListGroupPolicies"] = "iam:ListGroupPolicies";
/**
* Grants permission to list the IAM groups that have the specified path prefix
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListGroups.html
*/
AwsIamActions["ListGroups"] = "iam:ListGroups";
/**
* Grants permission to list the IAM groups that the specified IAM user belongs to
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListGroupsForUser.html
*/
AwsIamActions["ListGroupsForUser"] = "iam:ListGroupsForUser";
/**
* Grants permission to list the tags that are attached to the specified instance
* profile
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListInstanceProfileTags.html
*/
AwsIamActions["ListInstanceProfileTags"] = "iam:ListInstanceProfileTags";
/**
* Grants permission to list the instance profiles that have the specified path pr
* efix
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListInstanceProfiles.html
*/
AwsIamActions["ListInstanceProfiles"] = "iam:ListInstanceProfiles";
/**
* Grants permission to list the instance profiles that have the specified associa
* ted IAM role
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListInstanceProfilesForRole.html
*/
AwsIamActions["ListInstanceProfilesForRole"] = "iam:ListInstanceProfilesForRole";
/**
* Grants permission to list the tags that are attached to the specified virtual m
* fa device
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListMFADeviceTags.html
*/
AwsIamActions["ListMFADeviceTags"] = "iam:ListMFADeviceTags";
/**
* Grants permission to list the MFA devices for an IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListMFADevices.html
*/
AwsIamActions["ListMFADevices"] = "iam:ListMFADevices";
/**
* Grants permission to list the tags that are attached to the specified OpenID Co
* nnect provider
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListOpenIDConnectProviderTags.html
*/
AwsIamActions["ListOpenIDConnectProviderTags"] = "iam:ListOpenIDConnectProviderTags";
/**
* Grants permission to list information about the IAM OpenID Connect (OIDC) provi
* der resource objects that are defined in the AWS account
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListOpenIDConnectProviders.html
*/
AwsIamActions["ListOpenIDConnectProviders"] = "iam:ListOpenIDConnectProviders";
/**
* Grants permission to list the centralized root access features enabled for your
* organization
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListOrganizationsFeatures.html
*/
AwsIamActions["ListOrganizationsFeatures"] = "iam:ListOrganizationsFeatures";
/**
* Grants permission to list all managed policies
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListPolicies.html
*/
AwsIamActions["ListPolicies"] = "iam:ListPolicies";
/**
* Grants permission to list information about the policies that grant an entity a
* ccess to a specific service
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListPoliciesGrantingServiceAccess.html
*/
AwsIamActions["ListPoliciesGrantingServiceAccess"] = "iam:ListPoliciesGrantingServiceAccess";
/**
* Grants permission to list the tags that are attached to the specified managed p
* olicy
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListPolicyTags.html
*/
AwsIamActions["ListPolicyTags"] = "iam:ListPolicyTags";
/**
* Grants permission to list information about the versions of the specified manag
* ed policy, including the version that is currently set as the policy's default
* version
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListPolicyVersions.html
*/
AwsIamActions["ListPolicyVersions"] = "iam:ListPolicyVersions";
/**
* Grants permission to list the names of the inline policies that are embedded in
* the specified IAM role
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListRolePolicies.html
*/
AwsIamActions["ListRolePolicies"] = "iam:ListRolePolicies";
/**
* Grants permission to list the tags that are attached to the specified IAM role
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListRoleTags.html
*/
AwsIamActions["ListRoleTags"] = "iam:ListRoleTags";
/**
* Grants permission to list the IAM roles that have the specified path prefix
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListRoles.html
*/
AwsIamActions["ListRoles"] = "iam:ListRoles";
/**
* Grants permission to list the tags that are attached to the specified SAML prov
* ider
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListSAMLProviderTags.html
*/
AwsIamActions["ListSAMLProviderTags"] = "iam:ListSAMLProviderTags";
/**
* Grants permission to list the SAML provider resources in IAM
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListSAMLProviders.html
*/
AwsIamActions["ListSAMLProviders"] = "iam:ListSAMLProviders";
/**
* Grants permission to list information about the SSH public keys that are associ
* ated with the specified IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListSSHPublicKeys.html
*/
AwsIamActions["ListSSHPublicKeys"] = "iam:ListSSHPublicKeys";
/**
* Grants permission to list the status of all active STS regional endpoints
*
* See https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html
*/
AwsIamActions["ListSTSRegionalEndpointsStatus"] = "iam:ListSTSRegionalEndpointsStatus";
/**
* Grants permission to list the tags that are attached to the specified server ce
* rtificate
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListServerCertificateTags.html
*/
AwsIamActions["ListServerCertificateTags"] = "iam:ListServerCertificateTags";
/**
* Grants permission to list the server certificates that have the specified path
* prefix
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListServerCertificates.html
*/
AwsIamActions["ListServerCertificates"] = "iam:ListServerCertificates";
/**
* Grants permission to list the service-specific credentials that are associated
* with the specified IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListServiceSpecificCredentials.html
*/
AwsIamActions["ListServiceSpecificCredentials"] = "iam:ListServiceSpecificCredentials";
/**
* Grants permission to list information about the signing certificates that are a
* ssociated with the specified IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListSigningCertificates.html
*/
AwsIamActions["ListSigningCertificates"] = "iam:ListSigningCertificates";
/**
* Grants permission to list the names of the inline policies that are embedded in
* the specified IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListUserPolicies.html
*/
AwsIamActions["ListUserPolicies"] = "iam:ListUserPolicies";
/**
* Grants permission to list the tags that are attached to the specified IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListUserTags.html
*/
AwsIamActions["ListUserTags"] = "iam:ListUserTags";
/**
* Grants permission to list the IAM users that have the specified path prefix
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListUsers.html
*/
AwsIamActions["ListUsers"] = "iam:ListUsers";
/**
* Grants permission to list virtual MFA devices by assignment status
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListVirtualMFADevices.html
*/
AwsIamActions["ListVirtualMFADevices"] = "iam:ListVirtualMFADevices";
/**
* Grants permission to pass a role to a service
*
* See https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_passrole.html
*/
AwsIamActions["PassRole"] = "iam:PassRole";
/**
* Grants permission to create or update an inline policy document that is embedde
* d in the specified IAM group
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutGroupPolicy.html
*/
AwsIamActions["PutGroupPolicy"] = "iam:PutGroupPolicy";
/**
* Grants permission to set a managed policy as a permissions boundary for a role
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutRolePermissionsBoundary.html
*/
AwsIamActions["PutRolePermissionsBoundary"] = "iam:PutRolePermissionsBoundary";
/**
* Grants permission to create or update an inline policy document that is embedde
* d in the specified IAM role
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutRolePolicy.html
*/
AwsIamActions["PutRolePolicy"] = "iam:PutRolePolicy";
/**
* Grants permission to set a managed policy as a permissions boundary for an IAM
* user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutUserPermissionsBoundary.html
*/
AwsIamActions["PutUserPermissionsBoundary"] = "iam:PutUserPermissionsBoundary";
/**
* Grants permission to create or update an inline policy document that is embedde
* d in the specified IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutUserPolicy.html
*/
AwsIamActions["PutUserPolicy"] = "iam:PutUserPolicy";
/**
* Grants permission to remove the client ID (audience) from the list of client ID
* s in the specified IAM OpenID Connect (OIDC) provider resource
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_RemoveClientIDFromOpenIDConnectProvider.html
*/
AwsIamActions["RemoveClientIDFromOpenIDConnectProvider"] = "iam:RemoveClientIDFromOpenIDConnectProvider";
/**
* Grants permission to remove an IAM role from the specified EC2 instance profile
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_RemoveRoleFromInstanceProfile.html
*/
AwsIamActions["RemoveRoleFromInstanceProfile"] = "iam:RemoveRoleFromInstanceProfile";
/**
* Grants permission to remove an IAM user from the specified group
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_RemoveUserFromGroup.html
*/
AwsIamActions["RemoveUserFromGroup"] = "iam:RemoveUserFromGroup";
/**
* Grants permission to reset the password for an existing service-specific creden
* tial for an IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ResetServiceSpecificCredential.html
*/
AwsIamActions["ResetServiceSpecificCredential"] = "iam:ResetServiceSpecificCredential";
/**
* Grants permission to synchronize the specified MFA device with its IAM entity (
* user or role)
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_ResyncMFADevice.html
*/
AwsIamActions["ResyncMFADevice"] = "iam:ResyncMFADevice";
/**
* Grants permission to set the version of the specified policy as the policy's de
* fault version
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_SetDefaultPolicyVersion.html
*/
AwsIamActions["SetDefaultPolicyVersion"] = "iam:SetDefaultPolicyVersion";
/**
* Grants permission to activate or deactivate an STS regional endpoint
*
* See https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html
*/
AwsIamActions["SetSTSRegionalEndpointStatus"] = "iam:SetSTSRegionalEndpointStatus";
/**
* Grants permission to set the STS global endpoint token version
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_SetSecurityTokenServicePreferences.html
*/
AwsIamActions["SetSecurityTokenServicePreferences"] = "iam:SetSecurityTokenServicePreferences";
/**
* Grants permission to simulate whether an identity-based policy or resource-base
* d policy provides permissions for specific API operations and resources
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_SimulateCustomPolicy.html
*/
AwsIamActions["SimulateCustomPolicy"] = "iam:SimulateCustomPolicy";
/**
* Grants permission to simulate whether an identity-based policy that is attached
* to a specified IAM entity (user or role) provides permissions for specific API
* operations and resources
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_SimulatePrincipalPolicy.html
*/
AwsIamActions["SimulatePrincipalPolicy"] = "iam:SimulatePrincipalPolicy";
/**
* Grants permission to add tags to an instance profile
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagInstanceProfile.html
*/
AwsIamActions["TagInstanceProfile"] = "iam:TagInstanceProfile";
/**
* Grants permission to add tags to a virtual mfa device
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagMFADevice.html
*/
AwsIamActions["TagMFADevice"] = "iam:TagMFADevice";
/**
* Grants permission to add tags to an OpenID Connect provider
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagOpenIDConnectProvider.html
*/
AwsIamActions["TagOpenIDConnectProvider"] = "iam:TagOpenIDConnectProvider";
/**
* Grants permission to add tags to a managed policy
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagPolicy.html
*/
AwsIamActions["TagPolicy"] = "iam:TagPolicy";
/**
* Grants permission to add tags to an IAM role
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagRole.html
*/
AwsIamActions["TagRole"] = "iam:TagRole";
/**
* Grants permission to add tags to a SAML Provider
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagSAMLProvider.html
*/
AwsIamActions["TagSAMLProvider"] = "iam:TagSAMLProvider";
/**
* Grants permission to add tags to a server certificate
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagServerCertificate.html
*/
AwsIamActions["TagServerCertificate"] = "iam:TagServerCertificate";
/**
* Grants permission to add tags to an IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagUser.html
*/
AwsIamActions["TagUser"] = "iam:TagUser";
/**
* Grants permission to remove the specified tags from the instance profile
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagInstanceProfile.html
*/
AwsIamActions["UntagInstanceProfile"] = "iam:UntagInstanceProfile";
/**
* Grants permission to remove the specified tags from the virtual mfa device
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagMFADevice.html
*/
AwsIamActions["UntagMFADevice"] = "iam:UntagMFADevice";
/**
* Grants permission to remove the specified tags from the OpenID Connect provider
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagOpenIDConnectProvider.html
*/
AwsIamActions["UntagOpenIDConnectProvider"] = "iam:UntagOpenIDConnectProvider";
/**
* Grants permission to remove the specified tags from the managed policy
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagPolicy.html
*/
AwsIamActions["UntagPolicy"] = "iam:UntagPolicy";
/**
* Grants permission to remove the specified tags from the role
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagRole.html
*/
AwsIamActions["UntagRole"] = "iam:UntagRole";
/**
* Grants permission to remove the specified tags from the SAML Provider
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagSAMLProvider.html
*/
AwsIamActions["UntagSAMLProvider"] = "iam:UntagSAMLProvider";
/**
* Grants permission to remove the specified tags from the server certificate
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagServerCertificate.html
*/
AwsIamActions["UntagServerCertificate"] = "iam:UntagServerCertificate";
/**
* Grants permission to remove the specified tags from the user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_UntagUser.html
*/
AwsIamActions["UntagUser"] = "iam:UntagUser";
/**
* Grants permission to update the status of the specified access key as Active or
* Inactive
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateAccessKey.html
*/
AwsIamActions["UpdateAccessKey"] = "iam:UpdateAccessKey";
/**
* Grants permission to update the email address that is associated with the accou
* nt
*
* See https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-update-root-user.html
*/
AwsIamActions["UpdateAccountEmailAddress"] = "iam:UpdateAccountEmailAddress";
/**
* Grants permission to update the account name that is associated with the accoun
* t
*
* See https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-update-root-user.html
*/
AwsIamActions["UpdateAccountName"] = "iam:UpdateAccountName";
/**
* Grants permission to update the password policy settings for the AWS account
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateAccountPasswordPolicy.html
*/
AwsIamActions["UpdateAccountPasswordPolicy"] = "iam:UpdateAccountPasswordPolicy";
/**
* Grants permission to update the policy that grants an IAM entity permission to
* assume a role
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateAssumeRolePolicy.html
*/
AwsIamActions["UpdateAssumeRolePolicy"] = "iam:UpdateAssumeRolePolicy";
/**
* Grants permission to update an existing CloudFront public key
*
* See https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html
*/
AwsIamActions["UpdateCloudFrontPublicKey"] = "iam:UpdateCloudFrontPublicKey";
/**
* Grants permission to update the name or path of the specified IAM group
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateGroup.html
*/
AwsIamActions["UpdateGroup"] = "iam:UpdateGroup";
/**
* Grants permission to change the password for the specified IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateLoginProfile.html
*/
AwsIamActions["UpdateLoginProfile"] = "iam:UpdateLoginProfile";
/**
* Grants permission to update the entire list of server certificate thumbprints t
* hat are associated with an OpenID Connect (OIDC) provider resource
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateOpenIDConnectProviderThumbprint.html
*/
AwsIamActions["UpdateOpenIDConnectProviderThumbprint"] = "iam:UpdateOpenIDConnectProviderThumbprint";
/**
* Grants permission to update the description or maximum session duration setting
* of a role
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateRole.html
*/
AwsIamActions["UpdateRole"] = "iam:UpdateRole";
/**
* Grants permission to update only the description of a role
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateRoleDescription.html
*/
AwsIamActions["UpdateRoleDescription"] = "iam:UpdateRoleDescription";
/**
* Grants permission to update the metadata document for an existing SAML provider
* resource
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateSAMLProvider.html
*/
AwsIamActions["UpdateSAMLProvider"] = "iam:UpdateSAMLProvider";
/**
* Grants permission to update the status of an IAM user's SSH public key to activ
* e or inactive
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateSSHPublicKey.html
*/
AwsIamActions["UpdateSSHPublicKey"] = "iam:UpdateSSHPublicKey";
/**
* Grants permission to update the name or the path of the specified server certif
* icate stored in IAM
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateServerCertificate.html
*/
AwsIamActions["UpdateServerCertificate"] = "iam:UpdateServerCertificate";
/**
* Grants permission to update the status of a service-specific credential to acti
* ve or inactive for an IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateServiceSpecificCredential.html
*/
AwsIamActions["UpdateServiceSpecificCredential"] = "iam:UpdateServiceSpecificCredential";
/**
* Grants permission to update the status of the specified user signing certificat
* e to active or disabled
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateSigningCertificate.html
*/
AwsIamActions["UpdateSigningCertificate"] = "iam:UpdateSigningCertificate";
/**
* Grants permission to update the name or the path of the specified IAM user
*
* See https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateUser.html
*/
AwsIamActions["UpdateUser"] = "iam:UpdateUser";
/**
* Grants permission to upload a CloudFront public key
*
* See https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html
*/
AwsIamActions["UploadCloudFrontPublicKey"] = "iam:UploadCloudFrontPublicKey";
/**
* Grants permission to upload an SSH public key