{ "policies": [ { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonRDSCustomServiceRolePolicy", "createdate": "2024-04-19T15:15:23Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ec2:DescribeInstances", "ec2:DescribeInstanceAttribute", "ec2:DescribeRegions", "ec2:DescribeSnapshots", "ec2:DescribeNetworkInterfaces", "ec2:DescribeVolumes", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTypes", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeImages", "ec2:DescribeVpcs", "ec2:RegisterImage", "ec2:DeregisterImage", "ec2:DescribeTags", "ec2:DescribeSecurityGroups", "ec2:DescribeVolumesModifications", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "ec2:SearchTransitGatewayMulticastGroups", "ec2:GetTransitGatewayMulticastDomainAssociations", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGateways", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribePlacementGroups", "ec2:DescribeRouteTables", "ec2:DisassociateIamInstanceProfile", "ec2:AssociateIamInstanceProfile", "ec2:ReplaceIamInstanceProfileAssociation", "ec2:TerminateInstances", "ec2:StartInstances", "ec2:StopInstances", "ec2:RebootInstances", "ec2:AllocateAddress", "ec2:AssociateAddress", "ec2:DisassociateAddress", "ec2:ReleaseAddress", "ec2:AssignPrivateIpAddresses", "ec2:RunInstances", "ec2:RunInstances", "ec2:RunInstances", "ec2:ModifyInstanceAttribute", "ec2:RunInstances", "ec2:DeleteKeyPair", "ec2:CreateKeyPair", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:CreateTags", "ec2:CreateTags", "ec2:DetachVolume", "ec2:AttachVolume", "ec2:CreateVolume", "ec2:ModifyVolumeAttribute", "ec2:DeleteVolume", "ec2:ModifyVolume", "ec2:CreateVolume", "ec2:DeleteSnapshot", "ec2:CopySnapshot", "ec2:CreateSnapshot", "ec2:CreateSnapshots", "ec2:CreateSnapshots", "ec2:CreateSnapshot", "iam:ListInstanceProfiles", "iam:GetInstanceProfile", "iam:GetRole", "iam:ListRolePolicies", "iam:GetRolePolicy", "iam:ListAttachedRolePolicies", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:PassRole", "cloudtrail:GetTrailStatus", "cloudwatch:EnableAlarmActions", "cloudwatch:DeleteAlarms", "cloudwatch:PutMetricAlarm", "cloudwatch:TagResource", "cloudwatch:DescribeAlarms", "ssm:SendCommand", "ssm:SendCommand", "ssm:GetCommandInvocation", "ssm:GetConnectionStatus", "ssm:DescribeInstanceInformation", "ssm:PutParameter", "ssm:AddTagsToResource", "ssm:DeleteParameter", "events:PutRule", "events:TagResource", "events:PutTargets", "events:DescribeRule", "events:EnableRule", "events:ListTargetsByRule", "events:DeleteRule", "events:RemoveTargets", "events:DisableRule", "events:PutRule", "events:PutTargets", "events:EnableRule", "events:DeleteRule", "events:RemoveTargets", "events:DisableRule", "events:DescribeRule", "events:ListTargetsByRule", "secretsmanager:TagResource", "secretsmanager:CreateSecret", "secretsmanager:TagResource", "secretsmanager:DescribeSecret", "secretsmanager:DeleteSecret", "secretsmanager:PutSecretValue", "sqs:CreateQueue", "sqs:TagQueue", "sqs:GetQueueAttributes", "sqs:SendMessage", "sqs:ReceiveMessage", "sqs:DeleteMessage", "sqs:DeleteQueue", "servicequotas:GetServiceQuota" ], "malformed": false, "name": "AmazonRDSCustomServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-19T15:15:23+00:00", "version": "v9" }, { "access_levels": [ "List", "Read", "Write" ], "arn": null, "createdate": "2018-08-24T19:22:44Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [ "organizations:ListAccounts", "organizations:ListAccountsForParent", "organizations:ListChildren", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListRoots", "organizations:ListParents", "organizations:EnableAWSServiceAccess", "organizations:DisableAWSServiceAccess" ], "malformed": false, "name": "TagGovernancePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSAuditManagerServiceRolePolicy", "createdate": "2023-12-06T20:39:40Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "acm:GetAccountConfiguration", "acm:ListCertificates", "backup:ListRecoveryPointsByResource", "bedrock:GetCustomModel", "bedrock:GetFoundationModel", "bedrock:GetModelCustomizationJob", "bedrock:GetModelInvocationLoggingConfiguration", "bedrock:ListCustomModels", "bedrock:ListFoundationModels", "bedrock:ListModelCustomizationJobs", "cloudtrail:DescribeTrails", "cloudtrail:LookupEvents", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "cognito-idp:DescribeUserPool", "config:DescribeConfigRules", "config:DescribeDeliveryChannels", "config:ListDiscoveredResources", "directconnect:DescribeDirectConnectGateways", "directconnect:DescribeVirtualGateways", "dynamodb:DescribeTable", "dynamodb:ListBackups", "dynamodb:ListGlobalTables", "dynamodb:ListTables", "ec2:DescribeAddresses", "ec2:DescribeCustomerGateways", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeFlowLogs", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGateways", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshots", "ec2:DescribeTransitGateways", "ec2:DescribeVolumes", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:GetEbsDefaultKmsKeyId", "ec2:GetEbsEncryptionByDefault", "ecs:DescribeClusters", "eks:DescribeAddonVersions", "elasticache:DescribeCacheClusters", "elasticache:DescribeServiceUpdates", "elasticfilesystem:DescribeAccessPoints", "elasticfilesystem:DescribeFileSystems", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroups", "elasticmapreduce:ListClusters", "elasticmapreduce:ListSecurityConfigurations", "events:DescribeRule", "events:ListConnections", "events:ListEventBuses", "events:ListEventSources", "events:ListRules", "firehose:ListDeliveryStreams", "fsx:DescribeFileSystems", "guardduty:ListDetectors", "iam:GenerateCredentialReport", "iam:GetAccountAuthorizationDetails", "iam:GetAccountPasswordPolicy", "iam:GetAccountSummary", "iam:GetCredentialReport", "iam:ListEntitiesForPolicy", "iam:ListGroupPolicies", "iam:ListGroups", "iam:ListOpenIDConnectProviders", "iam:ListPolicies", "iam:ListRolePolicies", "iam:ListRoles", "iam:ListSAMLProviders", "iam:ListUserPolicies", "iam:ListUsers", "iam:ListVirtualMFADevices", "kafka:ListClusters", "kafka:ListKafkaVersions", "kinesis:ListStreams", "kms:DescribeKey", "kms:GetKeyPolicy", "kms:GetKeyRotationStatus", "kms:ListGrants", "kms:ListKeyPolicies", "kms:ListKeys", "lambda:ListFunctions", "license-manager:ListAssociationsForLicenseConfiguration", "license-manager:ListLicenseConfigurations", "license-manager:ListUsageForLicenseConfiguration", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeMetricFilters", "logs:DescribeResourcePolicies", "logs:FilterLogEvents", "organizations:DescribeOrganization", "organizations:DescribePolicy", "rds:DescribeCertificates", "rds:DescribeDBClusterEndpoints", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusters", "rds:DescribeDBInstances", "rds:DescribeDBSecurityGroups", "redshift:DescribeClusters", "route53:GetQueryLoggingConfig", "s3:GetBucketPublicAccessBlock", "s3:GetBucketVersioning", "s3:GetEncryptionConfiguration", "s3:GetLifecycleConfiguration", "s3:ListAllMyBuckets", "securityhub:DescribeStandards", "sns:ListTopics", "sqs:ListQueues", "waf-regional:GetLoggingConfiguration", "waf-regional:ListRuleGroups", "waf-regional:ListSubscribedRuleGroups", "waf-regional:ListWebACLs", "waf:ListActivatedRulesInRuleGroup", "s3:GetBucketPolicy", "events:PutRule", "events:DeleteRule", "events:DescribeRule", "events:EnableRule", "events:DisableRule", "events:ListTargetsByRule", "events:PutTargets", "events:RemoveTargets" ], "malformed": false, "name": "AWSAuditManagerServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-06T20:39:40+00:00", "version": "v6" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSIoTSiteWiseMonitorServiceRolePolicy", "createdate": "2019-12-13T22:19:25Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iotsitewise:CreateProject", "iotsitewise:DescribeProject", "iotsitewise:UpdateProject", "iotsitewise:DeleteProject", "iotsitewise:ListProjects", "iotsitewise:BatchAssociateProjectAssets", "iotsitewise:BatchDisassociateProjectAssets", "iotsitewise:ListProjectAssets", "iotsitewise:CreateDashboard", "iotsitewise:DescribeDashboard", "iotsitewise:UpdateDashboard", "iotsitewise:DeleteDashboard", "iotsitewise:ListDashboards", "iotsitewise:CreateAccessPolicy", "iotsitewise:DescribeAccessPolicy", "iotsitewise:UpdateAccessPolicy", "iotsitewise:DeleteAccessPolicy", "iotsitewise:ListAccessPolicies", "iotsitewise:DescribeAsset", "iotsitewise:ListAssets", "iotsitewise:ListAssociatedAssets", "iotsitewise:DescribeAssetProperty", "iotsitewise:GetAssetPropertyValue", "iotsitewise:GetAssetPropertyValueHistory", "iotsitewise:GetAssetPropertyAggregates", "sso-directory:DescribeUsers" ], "malformed": false, "name": "AWSIoTSiteWiseMonitorServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-12-13T22:19:25+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonESFullAccess", "createdate": "2015-10-01T19:14:00Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "es:AcceptInboundConnection", "es:AcceptInboundCrossClusterSearchConnection", "es:AddDataSource", "es:AddTags", "es:AssociatePackage", "es:AuthorizeVpcEndpointAccess", "es:CancelDomainConfigChange", "es:CancelElasticsearchServiceSoftwareUpdate", "es:CancelServiceSoftwareUpdate", "es:CreateDomain", "es:CreateElasticsearchDomain", "es:CreateElasticsearchServiceRole", "es:CreateOutboundConnection", "es:CreateOutboundCrossClusterSearchConnection", "es:CreatePackage", "es:CreateServiceRole", "es:CreateVpcEndpoint", "es:DeleteDataSource", "es:DeleteDomain", "es:DeleteElasticsearchDomain", "es:DeleteElasticsearchServiceRole", "es:DeleteInboundConnection", "es:DeleteInboundCrossClusterSearchConnection", "es:DeleteOutboundConnection", "es:DeleteOutboundCrossClusterSearchConnection", "es:DeletePackage", "es:DeleteVpcEndpoint", "es:DescribeDomain", "es:DescribeDomainAutoTunes", "es:DescribeDomainChangeProgress", "es:DescribeDomainConfig", "es:DescribeDomainHealth", "es:DescribeDomainNodes", "es:DescribeDomains", "es:DescribeDryRunProgress", "es:DescribeElasticsearchDomain", "es:DescribeElasticsearchDomainConfig", "es:DescribeElasticsearchDomains", "es:DescribeElasticsearchInstanceTypeLimits", "es:DescribeInboundConnections", "es:DescribeInboundCrossClusterSearchConnections", "es:DescribeInstanceTypeLimits", "es:DescribeOutboundConnections", "es:DescribeOutboundCrossClusterSearchConnections", "es:DescribePackages", "es:DescribeReservedElasticsearchInstanceOfferings", "es:DescribeReservedElasticsearchInstances", "es:DescribeReservedInstanceOfferings", "es:DescribeReservedInstances", "es:DescribeVpcEndpoints", "es:DissociatePackage", "es:ESCrossClusterGet", "es:ESHttpDelete", "es:ESHttpGet", "es:ESHttpHead", "es:ESHttpPatch", "es:ESHttpPost", "es:ESHttpPut", "es:GetCompatibleElasticsearchVersions", "es:GetCompatibleVersions", "es:GetDataSource", "es:GetDomainMaintenanceStatus", "es:GetPackageVersionHistory", "es:GetUpgradeHistory", "es:GetUpgradeStatus", "es:ListDataSources", "es:ListDomainMaintenances", "es:ListDomainNames", "es:ListDomainsForPackage", "es:ListElasticsearchInstanceTypeDetails", "es:ListElasticsearchInstanceTypes", "es:ListElasticsearchVersions", "es:ListInstanceTypeDetails", "es:ListPackagesForDomain", "es:ListScheduledActions", "es:ListTags", "es:ListVersions", "es:ListVpcEndpointAccess", "es:ListVpcEndpoints", "es:ListVpcEndpointsForDomain", "es:PurchaseReservedElasticsearchInstanceOffering", "es:PurchaseReservedInstanceOffering", "es:RejectInboundConnection", "es:RejectInboundCrossClusterSearchConnection", "es:RemoveTags", "es:RevokeVpcEndpointAccess", "es:StartDomainMaintenance", "es:StartElasticsearchServiceSoftwareUpdate", "es:StartServiceSoftwareUpdate", "es:UpdateDataSource", "es:UpdateDomainConfig", "es:UpdateElasticsearchDomainConfig", "es:UpdatePackage", "es:UpdateScheduledAction", "es:UpdateVpcEndpoint", "es:UpgradeDomain", "es:UpgradeElasticsearchDomain" ], "malformed": false, "name": "AmazonESFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-10-01T19:14:00+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSDataSyncReadOnlyAccess", "createdate": "2020-06-30T17:59:22Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "datasync:DescribeAgent", "datasync:DescribeDiscoveryJob", "datasync:DescribeLocationAzureBlob", "datasync:DescribeLocationEfs", "datasync:DescribeLocationFsxLustre", "datasync:DescribeLocationFsxOntap", "datasync:DescribeLocationFsxOpenZfs", "datasync:DescribeLocationFsxWindows", "datasync:DescribeLocationHdfs", "datasync:DescribeLocationNfs", "datasync:DescribeLocationObjectStorage", "datasync:DescribeLocationS3", "datasync:DescribeLocationSmb", "datasync:DescribeStorageSystem", "datasync:DescribeStorageSystemResourceMetrics", "datasync:DescribeStorageSystemResources", "datasync:DescribeTask", "datasync:DescribeTaskExecution", "datasync:ListAgents", "datasync:ListDiscoveryJobs", "datasync:ListLocations", "datasync:ListStorageSystems", "datasync:ListTagsForResource", "datasync:ListTaskExecutions", "datasync:ListTasks", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeMountTargets", "fsx:DescribeFileSystems", "iam:GetRole", "iam:ListRoles", "logs:DescribeLogGroups", "logs:DescribeResourcePolicies", "s3:ListAllMyBuckets", "s3:ListBucket" ], "malformed": false, "name": "AWSDataSyncReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-06-30T17:59:22+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSReachabilityAnalyzerServiceRolePolicy", "createdate": "2023-06-23T21:04:06Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudformation:DescribeStacks", "cloudformation:ListStackResources", "directconnect:DescribeConnections", "directconnect:DescribeDirectConnectGatewayAssociations", "directconnect:DescribeDirectConnectGatewayAttachments", "directconnect:DescribeDirectConnectGateways", "directconnect:DescribeVirtualGateways", "directconnect:DescribeVirtualInterfaces", "ec2:DescribeAvailabilityZones", "ec2:DescribeCustomerGateways", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeManagedPrefixLists", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInterfaces", "ec2:DescribePrefixLists", "ec2:DescribeRegions", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:GetManagedPrefixListEntries", "ec2:GetTransitGatewayRouteTablePropagations", "ec2:SearchTransitGatewayRoutes", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "globalaccelerator:ListAccelerators", "globalaccelerator:ListCustomRoutingAccelerators", "globalaccelerator:ListCustomRoutingEndpointGroups", "globalaccelerator:ListCustomRoutingListeners", "globalaccelerator:ListCustomRoutingPortMappings", "globalaccelerator:ListEndpointGroups", "globalaccelerator:ListListeners", "network-firewall:DescribeFirewall", "network-firewall:DescribeFirewallPolicy", "network-firewall:DescribeResourcePolicy", "network-firewall:DescribeRuleGroup", "network-firewall:ListFirewallPolicies", "network-firewall:ListFirewalls", "network-firewall:ListRuleGroups", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListAccounts", "organizations:ListDelegatedAdministrators", "resource-groups:ListGroups", "resource-groups:ListGroupResources", "tag:GetResources", "tiros:CreateQuery", "tiros:ExtendQuery", "tiros:GetQueryAnswer", "tiros:GetQueryExplanation", "tiros:GetQueryExtensionAccounts", "apigateway:GET" ], "malformed": false, "name": "AWSReachabilityAnalyzerServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-06-23T21:04:06+00:00", "version": "v2" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonAppStreamPCAAccess", "createdate": "2022-10-24T17:05:03Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "acm-pca:IssueCertificate", "acm-pca:GetCertificate", "acm-pca:DescribeCertificateAuthority" ], "malformed": false, "name": "AmazonAppStreamPCAAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-10-24T17:05:03+00:00", "version": "v1" }, { "access_levels": [ "List", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonEKSServiceRolePolicy", "createdate": "2020-05-27T19:30:19Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:DetachNetworkInterface", "ec2:ModifyNetworkInterfaceAttribute", "ec2:DescribeInstances", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:CreateNetworkInterfacePermission", "iam:ListAttachedRolePolicies", "ec2:CreateSecurityGroup", "ec2:DeleteSecurityGroup", "ec2:RevokeSecurityGroupIngress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateTags", "ec2:DeleteTags", "ec2:CreateTags", "ec2:DeleteTags", "route53:AssociateVPCWithHostedZone", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DescribeLogStreams", "logs:PutLogEvents" ], "malformed": false, "name": "AmazonEKSServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-05-27T19:30:19+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonPersonalizeFullAccess", "createdate": "2019-05-30T23:46:59Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "personalize:CreateBatchInferenceJob", "personalize:CreateBatchSegmentJob", "personalize:CreateCampaign", "personalize:CreateDataInsightsJob", "personalize:CreateDataset", "personalize:CreateDatasetExportJob", "personalize:CreateDatasetGroup", "personalize:CreateDatasetImportJob", "personalize:CreateEventTracker", "personalize:CreateFilter", "personalize:CreateMetricAttribution", "personalize:CreateRecommender", "personalize:CreateSchema", "personalize:CreateSolution", "personalize:CreateSolutionVersion", "personalize:DeleteCampaign", "personalize:DeleteDataset", "personalize:DeleteDatasetGroup", "personalize:DeleteEventTracker", "personalize:DeleteFilter", "personalize:DeleteMetricAttribution", "personalize:DeleteRecommender", "personalize:DeleteSchema", "personalize:DeleteSolution", "personalize:DescribeAlgorithm", "personalize:DescribeBatchInferenceJob", "personalize:DescribeBatchSegmentJob", "personalize:DescribeCampaign", "personalize:DescribeDataInsightsJob", "personalize:DescribeDataset", "personalize:DescribeDatasetExportJob", "personalize:DescribeDatasetGroup", "personalize:DescribeDatasetImportJob", "personalize:DescribeEventTracker", "personalize:DescribeFeatureTransformation", "personalize:DescribeFilter", "personalize:DescribeMetricAttribution", "personalize:DescribeRecipe", "personalize:DescribeRecommender", "personalize:DescribeSchema", "personalize:DescribeSolution", "personalize:DescribeSolutionVersion", "personalize:GetActionRecommendations", "personalize:GetDataInsights", "personalize:GetPersonalizedRanking", "personalize:GetRecommendations", "personalize:GetSolutionMetrics", "personalize:ListBatchInferenceJobs", "personalize:ListBatchSegmentJobs", "personalize:ListCampaigns", "personalize:ListDataInsightsJobs", "personalize:ListDatasetExportJobs", "personalize:ListDatasetGroups", "personalize:ListDatasetImportJobs", "personalize:ListDatasets", "personalize:ListEventTrackers", "personalize:ListFilters", "personalize:ListMetricAttributionMetrics", "personalize:ListMetricAttributions", "personalize:ListRecipes", "personalize:ListRecommenders", "personalize:ListSchemas", "personalize:ListSolutionVersions", "personalize:ListSolutions", "personalize:ListTagsForResource", "personalize:PutActionInteractions", "personalize:PutActions", "personalize:PutEvents", "personalize:PutItems", "personalize:PutUsers", "personalize:StartRecommender", "personalize:StopRecommender", "personalize:StopSolutionVersionCreation", "personalize:TagResource", "personalize:UntagResource", "personalize:UpdateCampaign", "personalize:UpdateDataset", "personalize:UpdateMetricAttribution", "personalize:UpdateRecommender", "cloudwatch:PutMetricData", "cloudwatch:ListMetrics", "s3:GetObject", "s3:PutObject", "s3:DeleteObject", "s3:ListBucket", "iam:PassRole" ], "malformed": false, "name": "AmazonPersonalizeFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-05-30T23:46:59+00:00", "version": "v2" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonDRSVPCManagement", "createdate": "2015-09-02T00:09:20Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateNetworkInterface", "ec2:CreateSecurityGroup", "ec2:DescribeAvailabilityZones", "ec2:DescribeInternetGateways", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcs", "ec2:DeleteNetworkInterface", "ec2:DeleteSecurityGroup", "ec2:ModifyNetworkInterfaceAttribute", "ec2:RevokeSecurityGroupIngress" ], "malformed": false, "name": "AmazonDRSVPCManagement", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-09-02T00:09:20+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonSageMakerModelGovernanceUseAccess", "createdate": "2023-07-17T22:31:07Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "sagemaker:ListMonitoringAlerts", "sagemaker:ListMonitoringExecutions", "sagemaker:UpdateMonitoringAlert", "sagemaker:StartMonitoringSchedule", "sagemaker:StopMonitoringSchedule", "sagemaker:ListMonitoringAlertHistory", "sagemaker:DescribeModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:CreateModelCard", "sagemaker:DescribeModelCard", "sagemaker:UpdateModelCard", "sagemaker:DeleteModelCard", "sagemaker:ListModelCards", "sagemaker:ListModelCardVersions", "sagemaker:CreateModelCardExportJob", "sagemaker:DescribeModelCardExportJob", "sagemaker:ListModelCardExportJobs", "sagemaker:ListTrainingJobs", "sagemaker:DescribeTrainingJob", "sagemaker:ListModels", "sagemaker:DescribeModel", "sagemaker:Search", "sagemaker:AddTags", "sagemaker:DeleteTags", "sagemaker:ListTags", "kms:ListAliases", "s3:GetObject", "s3:PutObject", "s3:CreateBucket", "s3:GetBucketLocation", "s3:ListBucket", "s3:ListAllMyBuckets" ], "malformed": false, "name": "AmazonSageMakerModelGovernanceUseAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-07-17T22:31:07+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonEventBridgeSchemasFullAccess", "createdate": "2019-11-28T23:12:53Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "schemas:CreateDiscoverer", "schemas:CreateRegistry", "schemas:CreateSchema", "schemas:DeleteDiscoverer", "schemas:DeleteRegistry", "schemas:DeleteResourcePolicy", "schemas:DeleteSchema", "schemas:DeleteSchemaVersion", "schemas:DescribeCodeBinding", "schemas:DescribeDiscoverer", "schemas:DescribeRegistry", "schemas:DescribeSchema", "schemas:ExportSchema", "schemas:GetCodeBindingSource", "schemas:GetDiscoveredSchema", "schemas:GetResourcePolicy", "schemas:ListDiscoverers", "schemas:ListRegistries", "schemas:ListSchemaVersions", "schemas:ListSchemas", "schemas:ListTagsForResource", "schemas:PutCodeBinding", "schemas:PutResourcePolicy", "schemas:SearchSchemas", "schemas:StartDiscoverer", "schemas:StopDiscoverer", "schemas:TagResource", "schemas:UntagResource", "schemas:UpdateDiscoverer", "schemas:UpdateRegistry", "schemas:UpdateSchema", "events:PutRule", "events:PutTargets", "events:EnableRule", "events:DisableRule", "events:DeleteRule", "events:RemoveTargets", "events:ListTargetsByRule", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonEventBridgeSchemasFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-11-28T23:12:53+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonInspector2ReadOnlyAccess", "createdate": "2023-09-22T20:56:53Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:ListDelegatedAdministrators", "organizations:ListAWSServiceAccessForOrganization", "organizations:DescribeOrganizationalUnit", "organizations:DescribeAccount", "organizations:DescribeOrganization", "inspector2:BatchGetAccountStatus", "inspector2:BatchGetCodeSnippet", "inspector2:BatchGetFindingDetails", "inspector2:BatchGetFreeTrialInfo", "inspector2:BatchGetMemberEc2DeepInspectionStatus", "inspector2:ListAccountPermissions", "inspector2:ListCisScanConfigurations", "inspector2:ListCisScanResultsAggregatedByChecks", "inspector2:ListCisScanResultsAggregatedByTargetResource", "inspector2:ListCisScans", "inspector2:ListCoverage", "inspector2:ListCoverageStatistics", "inspector2:ListDelegatedAdminAccounts", "inspector2:ListFilters", "inspector2:ListFindingAggregations", "inspector2:ListFindings", "inspector2:ListMembers", "inspector2:ListTagsForResource", "inspector2:ListUsageTotals", "inspector2:DescribeOrganizationConfiguration", "inspector2:GetCisScanReport", "inspector2:GetCisScanResultDetails", "inspector2:GetConfiguration", "inspector2:GetDelegatedAdminAccount", "inspector2:GetEc2DeepInspectionConfiguration", "inspector2:GetEncryptionKey", "inspector2:GetFindingsReportStatus", "inspector2:GetMember", "inspector2:GetSbomExport", "inspector2:SearchVulnerabilities", "codeguru-security:BatchGetFindings", "codeguru-security:GetAccountConfiguration" ], "malformed": false, "name": "AmazonInspector2ReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-09-22T20:56:53+00:00", "version": "v5" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonRekognitionReadOnlyAccess", "createdate": "2023-11-08T18:30:22Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "rekognition:CompareFaces", "rekognition:DetectFaces", "rekognition:DetectLabels", "rekognition:ListCollections", "rekognition:ListFaces", "rekognition:SearchFaces", "rekognition:SearchFacesByImage", "rekognition:DetectText", "rekognition:GetCelebrityInfo", "rekognition:RecognizeCelebrities", "rekognition:DetectModerationLabels", "rekognition:GetLabelDetection", "rekognition:GetFaceDetection", "rekognition:GetContentModeration", "rekognition:GetPersonTracking", "rekognition:GetCelebrityRecognition", "rekognition:GetFaceSearch", "rekognition:GetTextDetection", "rekognition:GetSegmentDetection", "rekognition:DescribeStreamProcessor", "rekognition:ListStreamProcessors", "rekognition:DescribeProjects", "rekognition:DescribeProjectVersions", "rekognition:DetectCustomLabels", "rekognition:DetectProtectiveEquipment", "rekognition:ListTagsForResource", "rekognition:ListDatasetEntries", "rekognition:ListDatasetLabels", "rekognition:DescribeDataset", "rekognition:ListProjectPolicies", "rekognition:ListUsers", "rekognition:SearchUsers", "rekognition:SearchUsersByImage", "rekognition:GetMediaAnalysisJob", "rekognition:ListMediaAnalysisJobs" ], "malformed": false, "name": "AmazonRekognitionReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-08T18:30:22+00:00", "version": "v10" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management", "Unknown" ], "arn": "arn:aws:iam::aws:policy/AdministratorAccess", "createdate": "2015-02-06T18:39:46Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "a2c:GetContainerizationJobDetails", "a2c:GetDeploymentJobDetails", "a2c:StartContainerizationJob", "a2c:StartDeploymentJob", "a4b:ApproveSkill", "a4b:AssociateContactWithAddressBook", "a4b:AssociateDeviceWithNetworkProfile", "a4b:AssociateDeviceWithRoom", "a4b:AssociateSkillGroupWithRoom", "a4b:AssociateSkillWithSkillGroup", "a4b:AssociateSkillWithUsers", "a4b:CompleteRegistration", "a4b:CreateAddressBook", "a4b:CreateBusinessReportSchedule", "a4b:CreateConferenceProvider", "a4b:CreateContact", "a4b:CreateGatewayGroup", "a4b:CreateNetworkProfile", "a4b:CreateProfile", "a4b:CreateRoom", "a4b:CreateSkillGroup", "a4b:CreateUser", "a4b:DeleteAddressBook", "a4b:DeleteBusinessReportSchedule", "a4b:DeleteConferenceProvider", "a4b:DeleteContact", "a4b:DeleteDevice", "a4b:DeleteDeviceUsageData", "a4b:DeleteGatewayGroup", "a4b:DeleteNetworkProfile", "a4b:DeleteProfile", "a4b:DeleteRoom", "a4b:DeleteRoomSkillParameter", "a4b:DeleteSkillAuthorization", "a4b:DeleteSkillGroup", "a4b:DeleteUser", "a4b:DisassociateContactFromAddressBook", "a4b:DisassociateDeviceFromRoom", "a4b:DisassociateSkillFromSkillGroup", "a4b:DisassociateSkillFromUsers", "a4b:DisassociateSkillGroupFromRoom", "a4b:ForgetSmartHomeAppliances", "a4b:GetAddressBook", "a4b:GetConferencePreference", "a4b:GetConferenceProvider", "a4b:GetContact", "a4b:GetDevice", "a4b:GetGateway", "a4b:GetGatewayGroup", "a4b:GetInvitationConfiguration", "a4b:GetNetworkProfile", "a4b:GetProfile", "a4b:GetRoom", "a4b:GetRoomSkillParameter", "a4b:GetSkillGroup", "a4b:ListBusinessReportSchedules", "a4b:ListConferenceProviders", "a4b:ListDeviceEvents", "a4b:ListGatewayGroups", "a4b:ListGateways", "a4b:ListSkills", "a4b:ListSkillsStoreCategories", "a4b:ListSkillsStoreSkillsByCategory", "a4b:ListSmartHomeAppliances", "a4b:ListTags", "a4b:PutConferencePreference", "a4b:PutDeviceSetupEvents", "a4b:PutInvitationConfiguration", "a4b:PutRoomSkillParameter", "a4b:PutSkillAuthorization", "a4b:RegisterAVSDevice", "a4b:RegisterDevice", "a4b:RejectSkill", "a4b:ResolveRoom", "a4b:RevokeInvitation", "a4b:SearchAddressBooks", "a4b:SearchContacts", "a4b:SearchDevices", "a4b:SearchNetworkProfiles", "a4b:SearchProfiles", "a4b:SearchRooms", "a4b:SearchSkillGroups", "a4b:SearchUsers", "a4b:SendAnnouncement", "a4b:SendInvitation", "a4b:StartDeviceSync", "a4b:StartSmartHomeApplianceDiscovery", "a4b:TagResource", "a4b:UntagResource", "a4b:UpdateAddressBook", "a4b:UpdateBusinessReportSchedule", "a4b:UpdateConferenceProvider", "a4b:UpdateContact", "a4b:UpdateDevice", "a4b:UpdateGateway", "a4b:UpdateGatewayGroup", "a4b:UpdateNetworkProfile", "a4b:UpdateProfile", "a4b:UpdateRoom", "a4b:UpdateSkillGroup", "access-analyzer:ApplyArchiveRule", "access-analyzer:CancelPolicyGeneration", "access-analyzer:CheckAccessNotGranted", "access-analyzer:CheckNoNewAccess", "access-analyzer:CreateAccessPreview", "access-analyzer:CreateAnalyzer", "access-analyzer:CreateArchiveRule", "access-analyzer:DeleteAnalyzer", "access-analyzer:DeleteArchiveRule", "access-analyzer:GetAccessPreview", "access-analyzer:GetAnalyzedResource", "access-analyzer:GetAnalyzer", "access-analyzer:GetArchiveRule", "access-analyzer:GetFinding", "access-analyzer:GetFindingsStatistics", "access-analyzer:GetGeneratedPolicy", "access-analyzer:ListAccessPreviewFindings", "access-analyzer:ListAccessPreviews", "access-analyzer:ListAnalyzedResources", "access-analyzer:ListAnalyzers", "access-analyzer:ListArchiveRules", "access-analyzer:ListFindings", "access-analyzer:ListPolicyGenerations", "access-analyzer:ListTagsForResource", "access-analyzer:StartPolicyGeneration", "access-analyzer:StartResourceScan", "access-analyzer:TagResource", "access-analyzer:UntagResource", "access-analyzer:UpdateArchiveRule", "access-analyzer:UpdateFindings", "access-analyzer:ValidatePolicy", "account:CloseAccount", "account:DeleteAlternateContact", "account:DisableRegion", "account:EnableRegion", "account:GetAccountInformation", "account:GetAlternateContact", "account:GetChallengeQuestions", "account:GetContactInformation", "account:GetRegionOptStatus", "account:ListRegions", "account:PutAlternateContact", "account:PutChallengeQuestions", "account:PutContactInformation", "acm:AddTagsToCertificate", "acm:DeleteCertificate", "acm:DescribeCertificate", "acm:ExportCertificate", "acm:GetAccountConfiguration", "acm:GetCertificate", "acm:ImportCertificate", "acm:ListCertificates", "acm:ListTagsForCertificate", "acm:PutAccountConfiguration", "acm:RemoveTagsFromCertificate", "acm:RenewCertificate", "acm:RequestCertificate", "acm:ResendValidationEmail", "acm:UpdateCertificateOptions", "acm-pca:CreateCertificateAuthority", "acm-pca:CreateCertificateAuthorityAuditReport", "acm-pca:CreatePermission", "acm-pca:DeleteCertificateAuthority", "acm-pca:DeletePermission", "acm-pca:DeletePolicy", "acm-pca:DescribeCertificateAuthority", "acm-pca:DescribeCertificateAuthorityAuditReport", "acm-pca:GetCertificate", "acm-pca:GetCertificateAuthorityCertificate", "acm-pca:GetCertificateAuthorityCsr", "acm-pca:GetPolicy", "acm-pca:ImportCertificateAuthorityCertificate", "acm-pca:IssueCertificate", "acm-pca:ListCertificateAuthorities", "acm-pca:ListPermissions", "acm-pca:ListTags", "acm-pca:PutPolicy", "acm-pca:RestoreCertificateAuthority", "acm-pca:RevokeCertificate", "acm-pca:TagCertificateAuthority", "acm-pca:UntagCertificateAuthority", "acm-pca:UpdateCertificateAuthority", "activate:CreateForm", "activate:GetAccountContact", "activate:GetContentInfo", "activate:GetCosts", "activate:GetCredits", "activate:GetMemberInfo", "activate:GetProgram", "activate:PutMemberInfo", "airflow:CreateCliToken", "airflow:CreateEnvironment", "airflow:CreateWebLoginToken", "airflow:DeleteEnvironment", "airflow:GetEnvironment", "airflow:ListEnvironments", "airflow:ListTagsForResource", "airflow:PublishMetrics", "airflow:TagResource", "airflow:UntagResource", "airflow:UpdateEnvironment", "amplify:CreateApp", "amplify:CreateBackendEnvironment", "amplify:CreateBranch", "amplify:CreateDeployment", "amplify:CreateDomainAssociation", "amplify:CreateWebHook", "amplify:DeleteApp", "amplify:DeleteBackendEnvironment", "amplify:DeleteBranch", "amplify:DeleteDomainAssociation", "amplify:DeleteJob", "amplify:DeleteWebHook", "amplify:GenerateAccessLogs", "amplify:GetApp", "amplify:GetArtifactUrl", "amplify:GetBackendEnvironment", "amplify:GetBranch", "amplify:GetDomainAssociation", "amplify:GetJob", "amplify:GetWebHook", "amplify:ListApps", "amplify:ListArtifacts", "amplify:ListBackendEnvironments", "amplify:ListBranches", "amplify:ListDomainAssociations", "amplify:ListJobs", "amplify:ListTagsForResource", "amplify:ListWebHooks", "amplify:StartDeployment", "amplify:StartJob", "amplify:StopJob", "amplify:TagResource", "amplify:UntagResource", "amplify:UpdateApp", "amplify:UpdateBranch", "amplify:UpdateDomainAssociation", "amplify:UpdateWebHook", "amplifybackend:CloneBackend", "amplifybackend:CreateBackend", "amplifybackend:CreateBackendAPI", "amplifybackend:CreateBackendAuth", "amplifybackend:CreateBackendConfig", "amplifybackend:CreateBackendStorage", "amplifybackend:CreateToken", "amplifybackend:DeleteBackend", "amplifybackend:DeleteBackendAPI", "amplifybackend:DeleteBackendAuth", "amplifybackend:DeleteBackendStorage", "amplifybackend:DeleteToken", "amplifybackend:GenerateBackendAPIModels", "amplifybackend:GetBackend", "amplifybackend:GetBackendAPI", "amplifybackend:GetBackendAPIModels", "amplifybackend:GetBackendAuth", "amplifybackend:GetBackendJob", "amplifybackend:GetBackendStorage", "amplifybackend:GetToken", "amplifybackend:ImportBackendAuth", "amplifybackend:ImportBackendStorage", "amplifybackend:ListBackendJobs", "amplifybackend:ListS3Buckets", "amplifybackend:RemoveAllBackends", "amplifybackend:RemoveBackendConfig", "amplifybackend:UpdateBackendAPI", "amplifybackend:UpdateBackendAuth", "amplifybackend:UpdateBackendConfig", "amplifybackend:UpdateBackendJob", "amplifybackend:UpdateBackendStorage", "amplifyuibuilder:CreateComponent", "amplifyuibuilder:CreateForm", "amplifyuibuilder:CreateTheme", "amplifyuibuilder:DeleteComponent", "amplifyuibuilder:DeleteForm", "amplifyuibuilder:DeleteTheme", "amplifyuibuilder:ExchangeCodeForToken", "amplifyuibuilder:ExportComponents", "amplifyuibuilder:ExportForms", "amplifyuibuilder:ExportThemes", "amplifyuibuilder:GetCodegenJob", "amplifyuibuilder:GetComponent", "amplifyuibuilder:GetForm", "amplifyuibuilder:GetMetadata", "amplifyuibuilder:GetTheme", "amplifyuibuilder:ListCodegenJobs", "amplifyuibuilder:ListComponents", "amplifyuibuilder:ListForms", "amplifyuibuilder:ListTagsForResource", "amplifyuibuilder:ListThemes", "amplifyuibuilder:PutMetadataFlag", "amplifyuibuilder:RefreshToken", "amplifyuibuilder:ResetMetadataFlag", "amplifyuibuilder:StartCodegenJob", "amplifyuibuilder:TagResource", "amplifyuibuilder:UntagResource", "amplifyuibuilder:UpdateComponent", "amplifyuibuilder:UpdateForm", "amplifyuibuilder:UpdateTheme", "aoss:APIAccessAll", "aoss:BatchGetCollection", "aoss:BatchGetEffectiveLifecyclePolicy", "aoss:BatchGetLifecyclePolicy", "aoss:BatchGetVpcEndpoint", "aoss:CreateAccessPolicy", "aoss:CreateCollection", "aoss:CreateLifecyclePolicy", "aoss:CreateSecurityConfig", "aoss:CreateSecurityPolicy", "aoss:CreateVpcEndpoint", "aoss:DashboardsAccessAll", "aoss:DeleteAccessPolicy", "aoss:DeleteCollection", "aoss:DeleteLifecyclePolicy", "aoss:DeleteSecurityConfig", "aoss:DeleteSecurityPolicy", "aoss:DeleteVpcEndpoint", "aoss:GetAccessPolicy", "aoss:GetAccountSettings", "aoss:GetPoliciesStats", "aoss:GetSecurityConfig", "aoss:GetSecurityPolicy", "aoss:ListAccessPolicies", "aoss:ListCollections", "aoss:ListLifecyclePolicies", "aoss:ListSecurityConfigs", "aoss:ListSecurityPolicies", "aoss:ListTagsForResource", "aoss:ListVpcEndpoints", "aoss:TagResource", "aoss:UntagResource", "aoss:UpdateAccessPolicy", "aoss:UpdateAccountSettings", "aoss:UpdateCollection", "aoss:UpdateLifecyclePolicy", "aoss:UpdateSecurityConfig", "aoss:UpdateSecurityPolicy", "aoss:UpdateVpcEndpoint", "apigateway:DELETE", "apigateway:GET", "apigateway:PATCH", "apigateway:POST", "apigateway:PUT", "apigateway:AddCertificateToDomain", "apigateway:RemoveCertificateFromDomain", "apigateway:SetWebACL", "apigateway:UpdateRestApiPolicy", "app-integrations:CreateApplication", "app-integrations:CreateApplicationAssociation", "app-integrations:CreateDataIntegration", "app-integrations:CreateDataIntegrationAssociation", "app-integrations:CreateEventIntegration", "app-integrations:CreateEventIntegrationAssociation", "app-integrations:DeleteApplication", "app-integrations:DeleteApplicationAssociation", "app-integrations:DeleteDataIntegration", "app-integrations:DeleteDataIntegrationAssociation", "app-integrations:DeleteEventIntegration", "app-integrations:DeleteEventIntegrationAssociation", "app-integrations:GetApplication", "app-integrations:GetDataIntegration", "app-integrations:GetEventIntegration", "app-integrations:ListApplicationAssociations", "app-integrations:ListApplications", "app-integrations:ListDataIntegrationAssociations", "app-integrations:ListDataIntegrations", "app-integrations:ListEventIntegrationAssociations", "app-integrations:ListEventIntegrations", "app-integrations:ListTagsForResource", "app-integrations:TagResource", "app-integrations:UntagResource", "app-integrations:UpdateApplication", "app-integrations:UpdateDataIntegration", "app-integrations:UpdateEventIntegration", "appconfig:CreateApplication", "appconfig:CreateConfigurationProfile", "appconfig:CreateDeploymentStrategy", "appconfig:CreateEnvironment", "appconfig:CreateExtension", "appconfig:CreateExtensionAssociation", "appconfig:CreateHostedConfigurationVersion", "appconfig:DeleteApplication", "appconfig:DeleteConfigurationProfile", "appconfig:DeleteDeploymentStrategy", "appconfig:DeleteEnvironment", "appconfig:DeleteExtension", "appconfig:DeleteExtensionAssociation", "appconfig:DeleteHostedConfigurationVersion", "appconfig:GetApplication", "appconfig:GetConfiguration", "appconfig:GetConfigurationProfile", "appconfig:GetDeployment", "appconfig:GetDeploymentStrategy", "appconfig:GetEnvironment", "appconfig:GetExtension", "appconfig:GetExtensionAssociation", "appconfig:GetHostedConfigurationVersion", "appconfig:GetLatestConfiguration", "appconfig:ListApplications", "appconfig:ListConfigurationProfiles", "appconfig:ListDeploymentStrategies", "appconfig:ListDeployments", "appconfig:ListEnvironments", "appconfig:ListExtensionAssociations", "appconfig:ListExtensions", "appconfig:ListHostedConfigurationVersions", "appconfig:ListTagsForResource", "appconfig:StartConfigurationSession", "appconfig:StartDeployment", "appconfig:StopDeployment", "appconfig:TagResource", "appconfig:UntagResource", "appconfig:UpdateApplication", "appconfig:UpdateConfigurationProfile", "appconfig:UpdateDeploymentStrategy", "appconfig:UpdateEnvironment", "appconfig:UpdateExtension", "appconfig:UpdateExtensionAssociation", "appconfig:ValidateConfiguration", "appfabric:BatchGetUserAccessTasks", "appfabric:ConnectAppAuthorization", "appfabric:CreateAppAuthorization", "appfabric:CreateAppBundle", "appfabric:CreateIngestion", "appfabric:CreateIngestionDestination", "appfabric:DeleteAppAuthorization", "appfabric:DeleteAppBundle", "appfabric:DeleteIngestion", "appfabric:DeleteIngestionDestination", "appfabric:GetAppAuthorization", "appfabric:GetAppBundle", "appfabric:GetIngestion", "appfabric:GetIngestionDestination", "appfabric:ListAppAuthorizations", "appfabric:ListAppBundles", "appfabric:ListIngestionDestinations", "appfabric:ListIngestions", "appfabric:ListTagsForResource", "appfabric:StartIngestion", "appfabric:StartUserAccessTasks", "appfabric:StopIngestion", "appfabric:TagResource", "appfabric:UntagResource", "appfabric:UpdateAppAuthorization", "appfabric:UpdateIngestionDestination", "appflow:CancelFlowExecutions", "appflow:CreateConnectorProfile", "appflow:CreateFlow", "appflow:DeleteConnectorProfile", "appflow:DeleteFlow", "appflow:DescribeConnector", "appflow:DescribeConnectorEntity", "appflow:DescribeConnectorFields", "appflow:DescribeConnectorProfiles", "appflow:DescribeConnectors", "appflow:DescribeFlow", "appflow:DescribeFlowExecution", "appflow:DescribeFlowExecutionRecords", "appflow:DescribeFlows", "appflow:ListConnectorEntities", "appflow:ListConnectorFields", "appflow:ListConnectors", "appflow:ListFlows", "appflow:ListTagsForResource", "appflow:RegisterConnector", "appflow:ResetConnectorMetadataCache", "appflow:RunFlow", "appflow:StartFlow", "appflow:StopFlow", "appflow:TagResource", "appflow:UnRegisterConnector", "appflow:UntagResource", "appflow:UpdateConnectorProfile", "appflow:UpdateConnectorRegistration", "appflow:UpdateFlow", "appflow:UseConnectorProfile", "application-autoscaling:DeleteScalingPolicy", "application-autoscaling:DeleteScheduledAction", "application-autoscaling:DeregisterScalableTarget", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingActivities", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:DescribeScheduledActions", "application-autoscaling:ListTagsForResource", "application-autoscaling:PutScalingPolicy", "application-autoscaling:PutScheduledAction", "application-autoscaling:RegisterScalableTarget", "application-autoscaling:TagResource", "application-autoscaling:UntagResource", "application-cost-profiler:DeleteReportDefinition", "application-cost-profiler:GetReportDefinition", "application-cost-profiler:ImportApplicationUsage", "application-cost-profiler:ListReportDefinitions", "application-cost-profiler:PutReportDefinition", "application-cost-profiler:UpdateReportDefinition", "application-transformation:GetContainerization", "application-transformation:GetDeployment", "application-transformation:GetGroupingAssessment", "application-transformation:GetPortingCompatibilityAssessment", "application-transformation:GetPortingRecommendationAssessment", "application-transformation:GetRuntimeAssessment", "application-transformation:PutLogData", "application-transformation:PutMetricData", "application-transformation:StartContainerization", "application-transformation:StartDeployment", "application-transformation:StartGroupingAssessment", "application-transformation:StartPortingCompatibilityAssessment", "application-transformation:StartPortingRecommendationAssessment", "application-transformation:StartRuntimeAssessment", "applicationinsights:AddWorkload", "applicationinsights:CreateApplication", "applicationinsights:CreateComponent", "applicationinsights:CreateLogPattern", "applicationinsights:DeleteApplication", "applicationinsights:DeleteComponent", "applicationinsights:DeleteLogPattern", "applicationinsights:DescribeApplication", "applicationinsights:DescribeComponent", "applicationinsights:DescribeComponentConfiguration", "applicationinsights:DescribeComponentConfigurationRecommendation", "applicationinsights:DescribeLogPattern", "applicationinsights:DescribeObservation", "applicationinsights:DescribeProblem", "applicationinsights:DescribeProblemObservations", "applicationinsights:DescribeWorkload", "applicationinsights:Link", "applicationinsights:ListApplications", "applicationinsights:ListComponents", "applicationinsights:ListConfigurationHistory", "applicationinsights:ListLogPatternSets", "applicationinsights:ListLogPatterns", "applicationinsights:ListProblems", "applicationinsights:ListTagsForResource", "applicationinsights:ListWorkloads", "applicationinsights:RemoveWorkload", "applicationinsights:TagResource", "applicationinsights:UntagResource", "applicationinsights:UpdateApplication", "applicationinsights:UpdateComponent", "applicationinsights:UpdateComponentConfiguration", "applicationinsights:UpdateLogPattern", "applicationinsights:UpdateProblem", "applicationinsights:UpdateWorkload", "appmesh:CreateGatewayRoute", "appmesh:CreateMesh", "appmesh:CreateRoute", "appmesh:CreateVirtualGateway", "appmesh:CreateVirtualNode", "appmesh:CreateVirtualRouter", "appmesh:CreateVirtualService", "appmesh:DeleteGatewayRoute", "appmesh:DeleteMesh", "appmesh:DeleteMeshPolicy", "appmesh:DeleteRoute", "appmesh:DeleteVirtualGateway", "appmesh:DeleteVirtualNode", "appmesh:DeleteVirtualRouter", "appmesh:DeleteVirtualService", "appmesh:DescribeGatewayRoute", "appmesh:DescribeMesh", "appmesh:DescribeRoute", "appmesh:DescribeVirtualGateway", "appmesh:DescribeVirtualNode", "appmesh:DescribeVirtualRouter", "appmesh:DescribeVirtualService", "appmesh:GetMeshPolicy", "appmesh:ListGatewayRoutes", "appmesh:ListMeshes", "appmesh:ListRoutes", "appmesh:ListTagsForResource", "appmesh:ListVirtualGateways", "appmesh:ListVirtualNodes", "appmesh:ListVirtualRouters", "appmesh:ListVirtualServices", "appmesh:PutMeshPolicy", "appmesh:StreamAggregatedResources", "appmesh:TagResource", "appmesh:UntagResource", "appmesh:UpdateGatewayRoute", "appmesh:UpdateMesh", "appmesh:UpdateRoute", "appmesh:UpdateVirtualGateway", "appmesh:UpdateVirtualNode", "appmesh:UpdateVirtualRouter", "appmesh:UpdateVirtualService", "appmesh-preview:CreateGatewayRoute", "appmesh-preview:CreateMesh", "appmesh-preview:CreateRoute", "appmesh-preview:CreateVirtualGateway", "appmesh-preview:CreateVirtualNode", "appmesh-preview:CreateVirtualRouter", "appmesh-preview:CreateVirtualService", "appmesh-preview:DeleteGatewayRoute", "appmesh-preview:DeleteMesh", "appmesh-preview:DeleteMeshPolicy", "appmesh-preview:DeleteRoute", "appmesh-preview:DeleteVirtualGateway", "appmesh-preview:DeleteVirtualNode", "appmesh-preview:DeleteVirtualRouter", "appmesh-preview:DeleteVirtualService", "appmesh-preview:DescribeGatewayRoute", "appmesh-preview:DescribeMesh", "appmesh-preview:DescribeRoute", "appmesh-preview:DescribeVirtualGateway", "appmesh-preview:DescribeVirtualNode", "appmesh-preview:DescribeVirtualRouter", "appmesh-preview:DescribeVirtualService", "appmesh-preview:GetMeshPolicy", "appmesh-preview:ListGatewayRoutes", "appmesh-preview:ListMeshes", "appmesh-preview:ListRoutes", "appmesh-preview:ListVirtualGateways", "appmesh-preview:ListVirtualNodes", "appmesh-preview:ListVirtualRouters", "appmesh-preview:ListVirtualServices", "appmesh-preview:PutMeshPolicy", "appmesh-preview:StreamAggregatedResources", "appmesh-preview:UpdateGatewayRoute", "appmesh-preview:UpdateMesh", "appmesh-preview:UpdateRoute", "appmesh-preview:UpdateVirtualGateway", "appmesh-preview:UpdateVirtualNode", "appmesh-preview:UpdateVirtualRouter", "appmesh-preview:UpdateVirtualService", "apprunner:AssociateCustomDomain", "apprunner:AssociateWebAcl", "apprunner:CreateAutoScalingConfiguration", "apprunner:CreateConnection", "apprunner:CreateObservabilityConfiguration", "apprunner:CreateService", "apprunner:CreateVpcConnector", "apprunner:CreateVpcIngressConnection", "apprunner:DeleteAutoScalingConfiguration", "apprunner:DeleteConnection", "apprunner:DeleteObservabilityConfiguration", "apprunner:DeleteService", "apprunner:DeleteVpcConnector", "apprunner:DeleteVpcIngressConnection", "apprunner:DescribeAutoScalingConfiguration", "apprunner:DescribeCustomDomains", "apprunner:DescribeObservabilityConfiguration", "apprunner:DescribeOperation", "apprunner:DescribeService", "apprunner:DescribeVpcConnector", "apprunner:DescribeVpcIngressConnection", "apprunner:DescribeWebAclForService", "apprunner:DisassociateCustomDomain", "apprunner:DisassociateWebAcl", "apprunner:ListAssociatedServicesForWebAcl", "apprunner:ListAutoScalingConfigurations", "apprunner:ListConnections", "apprunner:ListObservabilityConfigurations", "apprunner:ListOperations", "apprunner:ListServices", "apprunner:ListServicesForAutoScalingConfiguration", "apprunner:ListTagsForResource", "apprunner:ListVpcConnectors", "apprunner:ListVpcIngressConnections", "apprunner:PauseService", "apprunner:ResumeService", "apprunner:StartDeployment", "apprunner:TagResource", "apprunner:UntagResource", "apprunner:UpdateDefaultAutoScalingConfiguration", "apprunner:UpdateService", "apprunner:UpdateVpcIngressConnection", "appstream:AssociateAppBlockBuilderAppBlock", "appstream:AssociateApplicationFleet", "appstream:AssociateApplicationToEntitlement", "appstream:AssociateFleet", "appstream:BatchAssociateUserStack", "appstream:BatchDisassociateUserStack", "appstream:CopyImage", "appstream:CreateAppBlock", "appstream:CreateAppBlockBuilder", "appstream:CreateAppBlockBuilderStreamingURL", "appstream:CreateApplication", "appstream:CreateDirectoryConfig", "appstream:CreateEntitlement", "appstream:CreateFleet", "appstream:CreateImageBuilder", "appstream:CreateImageBuilderStreamingURL", "appstream:CreateStack", "appstream:CreateStreamingURL", "appstream:CreateUpdatedImage", "appstream:CreateUsageReportSubscription", "appstream:CreateUser", "appstream:DeleteAppBlock", "appstream:DeleteAppBlockBuilder", "appstream:DeleteApplication", "appstream:DeleteDirectoryConfig", "appstream:DeleteEntitlement", "appstream:DeleteFleet", "appstream:DeleteImage", "appstream:DeleteImageBuilder", "appstream:DeleteImagePermissions", "appstream:DeleteStack", "appstream:DeleteUsageReportSubscription", "appstream:DeleteUser", "appstream:DescribeAppBlockBuilderAppBlockAssociations", "appstream:DescribeAppBlockBuilders", "appstream:DescribeAppBlocks", "appstream:DescribeApplicationFleetAssociations", "appstream:DescribeApplications", "appstream:DescribeDirectoryConfigs", "appstream:DescribeEntitlements", "appstream:DescribeFleets", "appstream:DescribeImageBuilders", "appstream:DescribeImagePermissions", "appstream:DescribeImages", "appstream:DescribeSessions", "appstream:DescribeStacks", "appstream:DescribeUsageReportSubscriptions", "appstream:DescribeUserStackAssociations", "appstream:DescribeUsers", "appstream:DisableUser", "appstream:DisassociateAppBlockBuilderAppBlock", "appstream:DisassociateApplicationFleet", "appstream:DisassociateApplicationFromEntitlement", "appstream:DisassociateFleet", "appstream:EnableUser", "appstream:ExpireSession", "appstream:ListAssociatedFleets", "appstream:ListAssociatedStacks", "appstream:ListEntitledApplications", "appstream:ListTagsForResource", "appstream:StartAppBlockBuilder", "appstream:StartFleet", "appstream:StartImageBuilder", "appstream:StopAppBlockBuilder", "appstream:StopFleet", "appstream:StopImageBuilder", "appstream:Stream", "appstream:TagResource", "appstream:UntagResource", "appstream:UpdateAppBlockBuilder", "appstream:UpdateApplication", "appstream:UpdateDirectoryConfig", "appstream:UpdateEntitlement", "appstream:UpdateFleet", "appstream:UpdateImagePermissions", "appstream:UpdateStack", "appsync:AssociateApi", "appsync:AssociateMergedGraphqlApi", "appsync:AssociateSourceGraphqlApi", "appsync:CreateApiCache", "appsync:CreateApiKey", "appsync:CreateDataSource", "appsync:CreateDomainName", "appsync:CreateFunction", "appsync:CreateGraphqlApi", "appsync:CreateResolver", "appsync:CreateType", "appsync:DeleteApiCache", "appsync:DeleteApiKey", "appsync:DeleteDataSource", "appsync:DeleteDomainName", "appsync:DeleteFunction", "appsync:DeleteGraphqlApi", "appsync:DeleteResolver", "appsync:DeleteResourcePolicy", "appsync:DeleteType", "appsync:DisassociateApi", "appsync:DisassociateMergedGraphqlApi", "appsync:DisassociateSourceGraphqlApi", "appsync:EvaluateCode", "appsync:EvaluateMappingTemplate", "appsync:FlushApiCache", "appsync:GetApiAssociation", "appsync:GetApiCache", "appsync:GetDataSource", "appsync:GetDataSourceIntrospection", "appsync:GetDomainName", "appsync:GetFunction", "appsync:GetGraphqlApi", "appsync:GetGraphqlApiEnvironmentVariables", "appsync:GetIntrospectionSchema", "appsync:GetResolver", "appsync:GetResourcePolicy", "appsync:GetSchemaCreationStatus", "appsync:GetSourceApiAssociation", "appsync:GetType", "appsync:GraphQL", "appsync:ListApiKeys", "appsync:ListDataSources", "appsync:ListDomainNames", "appsync:ListFunctions", "appsync:ListGraphqlApis", "appsync:ListResolvers", "appsync:ListResolversByFunction", "appsync:ListSourceApiAssociations", "appsync:ListTagsForResource", "appsync:ListTypes", "appsync:ListTypesByAssociation", "appsync:PutGraphqlApiEnvironmentVariables", "appsync:PutResourcePolicy", "appsync:SetWebACL", "appsync:SourceGraphQL", "appsync:StartDataSourceIntrospection", "appsync:StartSchemaCreation", "appsync:StartSchemaMerge", "appsync:TagResource", "appsync:UntagResource", "appsync:UpdateApiCache", "appsync:UpdateApiKey", "appsync:UpdateDataSource", "appsync:UpdateDomainName", "appsync:UpdateFunction", "appsync:UpdateGraphqlApi", "appsync:UpdateResolver", "appsync:UpdateSourceApiAssociation", "appsync:UpdateType", "aps:CreateAlertManagerAlerts", "aps:CreateAlertManagerDefinition", "aps:CreateLoggingConfiguration", "aps:CreateRuleGroupsNamespace", "aps:CreateScraper", "aps:CreateWorkspace", "aps:DeleteAlertManagerDefinition", "aps:DeleteAlertManagerSilence", "aps:DeleteLoggingConfiguration", "aps:DeleteRuleGroupsNamespace", "aps:DeleteScraper", "aps:DeleteWorkspace", "aps:DescribeAlertManagerDefinition", "aps:DescribeLoggingConfiguration", "aps:DescribeRuleGroupsNamespace", "aps:DescribeScraper", "aps:DescribeWorkspace", "aps:GetAlertManagerSilence", "aps:GetAlertManagerStatus", "aps:GetDefaultScraperConfiguration", "aps:GetLabels", "aps:GetMetricMetadata", "aps:GetSeries", "aps:ListAlertManagerAlertGroups", "aps:ListAlertManagerAlerts", "aps:ListAlertManagerReceivers", "aps:ListAlertManagerSilences", "aps:ListAlerts", "aps:ListRuleGroupsNamespaces", "aps:ListRules", "aps:ListScrapers", "aps:ListTagsForResource", "aps:ListWorkspaces", "aps:PutAlertManagerDefinition", "aps:PutAlertManagerSilences", "aps:PutRuleGroupsNamespace", "aps:QueryMetrics", "aps:RemoteWrite", "aps:TagResource", "aps:UntagResource", "aps:UpdateLoggingConfiguration", "aps:UpdateWorkspaceAlias", "arc-zonal-shift:CancelZonalShift", "arc-zonal-shift:CreatePracticeRunConfiguration", "arc-zonal-shift:DeletePracticeRunConfiguration", "arc-zonal-shift:GetManagedResource", "arc-zonal-shift:ListAutoshifts", "arc-zonal-shift:ListManagedResources", "arc-zonal-shift:ListZonalShifts", "arc-zonal-shift:StartZonalShift", "arc-zonal-shift:UpdatePracticeRunConfiguration", "arc-zonal-shift:UpdateZonalAutoshiftConfiguration", "arc-zonal-shift:UpdateZonalShift", "arsenal:RegisterOnPremisesAgent", "artifact:AcceptAgreement", "artifact:DownloadAgreement", "artifact:Get", "artifact:GetAccountSettings", "artifact:GetReport", "artifact:GetReportMetadata", "artifact:GetTermForReport", "artifact:ListReports", "artifact:PutAccountSettings", "artifact:TerminateAgreement", "athena:BatchGetNamedQuery", "athena:BatchGetPreparedStatement", "athena:BatchGetQueryExecution", "athena:CancelCapacityReservation", "athena:CancelQueryExecution", "athena:CreateCapacityReservation", "athena:CreateDataCatalog", "athena:CreateNamedQuery", "athena:CreateNotebook", "athena:CreatePreparedStatement", "athena:CreatePresignedNotebookUrl", "athena:CreateWorkGroup", "athena:DeleteCapacityReservation", "athena:DeleteDataCatalog", "athena:DeleteNamedQuery", "athena:DeleteNotebook", "athena:DeletePreparedStatement", "athena:DeleteWorkGroup", "athena:ExportNotebook", "athena:GetCalculationExecution", "athena:GetCalculationExecutionCode", "athena:GetCalculationExecutionStatus", "athena:GetCapacityAssignmentConfiguration", "athena:GetCapacityReservation", "athena:GetCatalogs", "athena:GetDataCatalog", "athena:GetDatabase", "athena:GetExecutionEngine", "athena:GetExecutionEngines", "athena:GetNamedQuery", "athena:GetNamespace", "athena:GetNamespaces", "athena:GetNotebookMetadata", "athena:GetPreparedStatement", "athena:GetQueryExecution", "athena:GetQueryExecutions", "athena:GetQueryResults", "athena:GetQueryResultsStream", "athena:GetQueryRuntimeStatistics", "athena:GetSession", "athena:GetSessionStatus", "athena:GetTable", "athena:GetTableMetadata", "athena:GetTables", "athena:GetWorkGroup", "athena:ImportNotebook", "athena:ListApplicationDPUSizes", "athena:ListCalculationExecutions", "athena:ListCapacityReservations", "athena:ListDataCatalogs", "athena:ListDatabases", "athena:ListEngineVersions", "athena:ListExecutors", "athena:ListNamedQueries", "athena:ListNotebookMetadata", "athena:ListNotebookSessions", "athena:ListPreparedStatements", "athena:ListQueryExecutions", "athena:ListSessions", "athena:ListTableMetadata", "athena:ListTagsForResource", "athena:ListWorkGroups", "athena:PutCapacityAssignmentConfiguration", "athena:RunQuery", "athena:StartCalculationExecution", "athena:StartQueryExecution", "athena:StartSession", "athena:StopCalculationExecution", "athena:StopQueryExecution", "athena:TagResource", "athena:TerminateSession", "athena:UntagResource", "athena:UpdateCapacityReservation", "athena:UpdateDataCatalog", "athena:UpdateNamedQuery", "athena:UpdateNotebook", "athena:UpdateNotebookMetadata", "athena:UpdatePreparedStatement", "athena:UpdateWorkGroup", "auditmanager:AssociateAssessmentReportEvidenceFolder", "auditmanager:BatchAssociateAssessmentReportEvidence", "auditmanager:BatchCreateDelegationByAssessment", "auditmanager:BatchDeleteDelegationByAssessment", "auditmanager:BatchDisassociateAssessmentReportEvidence", "auditmanager:BatchImportEvidenceToAssessmentControl", "auditmanager:CreateAssessment", "auditmanager:CreateAssessmentFramework", "auditmanager:CreateAssessmentReport", "auditmanager:CreateControl", "auditmanager:DeleteAssessment", "auditmanager:DeleteAssessmentFramework", "auditmanager:DeleteAssessmentFrameworkShare", "auditmanager:DeleteAssessmentReport", "auditmanager:DeleteControl", "auditmanager:DeregisterAccount", "auditmanager:DeregisterOrganizationAdminAccount", "auditmanager:DisassociateAssessmentReportEvidenceFolder", "auditmanager:GetAccountStatus", "auditmanager:GetAssessment", "auditmanager:GetAssessmentFramework", "auditmanager:GetAssessmentReportUrl", "auditmanager:GetChangeLogs", "auditmanager:GetControl", "auditmanager:GetDelegations", "auditmanager:GetEvidence", "auditmanager:GetEvidenceByEvidenceFolder", "auditmanager:GetEvidenceFileUploadUrl", "auditmanager:GetEvidenceFolder", "auditmanager:GetEvidenceFoldersByAssessment", "auditmanager:GetEvidenceFoldersByAssessmentControl", "auditmanager:GetInsights", "auditmanager:GetInsightsByAssessment", "auditmanager:GetOrganizationAdminAccount", "auditmanager:GetServicesInScope", "auditmanager:GetSettings", "auditmanager:ListAssessmentControlInsightsByControlDomain", "auditmanager:ListAssessmentFrameworkShareRequests", "auditmanager:ListAssessmentFrameworks", "auditmanager:ListAssessmentReports", "auditmanager:ListAssessments", "auditmanager:ListControlDomainInsights", "auditmanager:ListControlDomainInsightsByAssessment", "auditmanager:ListControlInsightsByControlDomain", "auditmanager:ListControls", "auditmanager:ListKeywordsForDataSource", "auditmanager:ListNotifications", "auditmanager:ListTagsForResource", "auditmanager:RegisterAccount", "auditmanager:RegisterOrganizationAdminAccount", "auditmanager:StartAssessmentFrameworkShare", "auditmanager:TagResource", "auditmanager:UntagResource", "auditmanager:UpdateAssessment", "auditmanager:UpdateAssessmentControl", "auditmanager:UpdateAssessmentControlSetStatus", "auditmanager:UpdateAssessmentFramework", "auditmanager:UpdateAssessmentFrameworkShare", "auditmanager:UpdateAssessmentStatus", "auditmanager:UpdateControl", "auditmanager:UpdateSettings", "auditmanager:ValidateAssessmentReportIntegrity", "autoscaling:AttachInstances", "autoscaling:AttachLoadBalancerTargetGroups", "autoscaling:AttachLoadBalancers", "autoscaling:AttachTrafficSources", "autoscaling:BatchDeleteScheduledAction", "autoscaling:BatchPutScheduledUpdateGroupAction", "autoscaling:CancelInstanceRefresh", "autoscaling:CompleteLifecycleAction", "autoscaling:CreateAutoScalingGroup", "autoscaling:CreateLaunchConfiguration", "autoscaling:CreateOrUpdateTags", "autoscaling:DeleteAutoScalingGroup", "autoscaling:DeleteLaunchConfiguration", "autoscaling:DeleteLifecycleHook", "autoscaling:DeleteNotificationConfiguration", "autoscaling:DeletePolicy", "autoscaling:DeleteScheduledAction", "autoscaling:DeleteTags", "autoscaling:DeleteWarmPool", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "autoscaling:DetachInstances", "autoscaling:DetachLoadBalancerTargetGroups", "autoscaling:DetachLoadBalancers", "autoscaling:DetachTrafficSources", "autoscaling:DisableMetricsCollection", "autoscaling:EnableMetricsCollection", "autoscaling:EnterStandby", "autoscaling:ExecutePolicy", "autoscaling:ExitStandby", "autoscaling:GetPredictiveScalingForecast", "autoscaling:PutLifecycleHook", "autoscaling:PutNotificationConfiguration", "autoscaling:PutScalingPolicy", "autoscaling:PutScheduledUpdateGroupAction", "autoscaling:PutWarmPool", "autoscaling:RecordLifecycleActionHeartbeat", "autoscaling:ResumeProcesses", "autoscaling:RollbackInstanceRefresh", "autoscaling:SetDesiredCapacity", "autoscaling:SetInstanceHealth", "autoscaling:SetInstanceProtection", "autoscaling:StartInstanceRefresh", "autoscaling:SuspendProcesses", "autoscaling:TerminateInstanceInAutoScalingGroup", "autoscaling:UpdateAutoScalingGroup", "autoscaling-plans:CreateScalingPlan", "autoscaling-plans:DeleteScalingPlan", "autoscaling-plans:DescribeScalingPlanResources", "autoscaling-plans:DescribeScalingPlans", "autoscaling-plans:GetScalingPlanResourceForecastData", "autoscaling-plans:UpdateScalingPlan", "aws-marketplace:AssociateProductsWithPrivateMarketplace", "aws-marketplace:CreatePrivateMarketplaceRequests", "aws-marketplace:DescribePrivateMarketplaceRequests", "aws-marketplace:DisassociateProductsFromPrivateMarketplace", "aws-marketplace:ListPrivateMarketplaceRequests", "aws-marketplace:GetSellerDashboard", "aws-marketplace:AcceptAgreementApprovalRequest", "aws-marketplace:AcceptAgreementRequest", "aws-marketplace:CancelAgreement", "aws-marketplace:CancelAgreementRequest", "aws-marketplace:CreateAgreementRequest", "aws-marketplace:DescribeAgreement", "aws-marketplace:GetAgreementApprovalRequest", "aws-marketplace:GetAgreementRequest", "aws-marketplace:GetAgreementTerms", "aws-marketplace:ListAgreementApprovalRequests", "aws-marketplace:ListAgreementRequests", "aws-marketplace:ListEntitlementDetails", "aws-marketplace:RejectAgreementApprovalRequest", "aws-marketplace:SearchAgreements", "aws-marketplace:Subscribe", "aws-marketplace:Unsubscribe", "aws-marketplace:UpdateAgreementApprovalRequest", "aws-marketplace:ViewSubscriptions", "aws-marketplace:ListTagsForResource", "aws-marketplace:PutDeploymentParameter", "aws-marketplace:TagResource", "aws-marketplace:UntagResource", "aws-marketplace:CancelChangeSet", "aws-marketplace:CompleteTask", "aws-marketplace:DeleteResourcePolicy", "aws-marketplace:DescribeAssessment", "aws-marketplace:DescribeChangeSet", "aws-marketplace:DescribeEntity", "aws-marketplace:DescribeTask", "aws-marketplace:GetResourcePolicy", "aws-marketplace:ListAssessments", "aws-marketplace:ListChangeSets", "aws-marketplace:ListEntities", "aws-marketplace:ListTasks", "aws-marketplace:PutResourcePolicy", "aws-marketplace:StartChangeSet", "aws-marketplace:UpdateTask", "aws-marketplace:BatchMeterUsage", "aws-marketplace:MeterUsage", "aws-marketplace:RegisterUsage", "aws-marketplace:ResolveCustomer", "aws-marketplace:DescribeProcurementSystemConfiguration", "aws-marketplace:PutProcurementSystemConfiguration", "aws-marketplace:DescribeBuilds", "aws-marketplace:ListBuilds", "aws-marketplace:StartBuild", "aws-marketplace:ListPrivateListings", "aws-marketplace:GetEntitlements", "aws-marketplace-management:GetAdditionalSellerNotificationRecipients", "aws-marketplace-management:GetBankAccountVerificationDetails", "aws-marketplace-management:GetSecondaryUserVerificationDetails", "aws-marketplace-management:GetSellerVerificationDetails", "aws-marketplace-management:PutAdditionalSellerNotificationRecipients", "aws-marketplace-management:PutBankAccountVerificationDetails", "aws-marketplace-management:PutSecondaryUserVerificationDetails", "aws-marketplace-management:PutSellerVerificationDetails", "aws-marketplace-management:uploadFiles", "aws-marketplace-management:viewMarketing", "aws-marketplace-management:viewReports", "aws-marketplace-management:viewSettings", "aws-marketplace-management:viewSupport", "aws-portal:GetConsoleActionSetEnforced", "aws-portal:ModifyAccount", "aws-portal:ModifyBilling", "aws-portal:ModifyPaymentMethods", "aws-portal:UpdateConsoleActionSetEnforced", "aws-portal:ViewAccount", "aws-portal:ViewBilling", "aws-portal:ViewPaymentMethods", "aws-portal:ViewUsage", "awsconnector:GetConnectorHealth", "awsconnector:RegisterConnector", "awsconnector:ValidateConnectorId", "b2bi:CreateCapability", "b2bi:CreatePartnership", "b2bi:CreateProfile", "b2bi:CreateTransformer", "b2bi:DeleteCapability", "b2bi:DeletePartnership", "b2bi:DeleteProfile", "b2bi:DeleteTransformer", "b2bi:GetCapability", "b2bi:GetPartnership", "b2bi:GetProfile", "b2bi:GetTransformer", "b2bi:GetTransformerJob", "b2bi:ListCapabilities", "b2bi:ListPartnerships", "b2bi:ListProfiles", "b2bi:ListTagsForResource", "b2bi:ListTransformers", "b2bi:StartTransformerJob", "b2bi:TagResource", "b2bi:TestMapping", "b2bi:TestParsing", "b2bi:UntagResource", "b2bi:UpdateCapability", "b2bi:UpdatePartnership", "b2bi:UpdateProfile", "b2bi:UpdateTransformer", "backup:CancelLegalHold", "backup:CopyFromBackupVault", "backup:CopyIntoBackupVault", "backup:CreateBackupPlan", "backup:CreateBackupSelection", "backup:CreateBackupVault", "backup:CreateFramework", "backup:CreateLegalHold", "backup:CreateLogicallyAirGappedBackupVault", "backup:CreateReportPlan", "backup:CreateRestoreTestingPlan", "backup:CreateRestoreTestingSelection", "backup:DeleteBackupPlan", "backup:DeleteBackupSelection", "backup:DeleteBackupVault", "backup:DeleteBackupVaultAccessPolicy", "backup:DeleteBackupVaultLockConfiguration", "backup:DeleteBackupVaultNotifications", "backup:DeleteBackupVaultSharingPolicy", "backup:DeleteFramework", "backup:DeleteRecoveryPoint", "backup:DeleteReportPlan", "backup:DeleteRestoreTestingPlan", "backup:DeleteRestoreTestingSelection", "backup:DescribeBackupJob", "backup:DescribeBackupVault", "backup:DescribeCopyJob", "backup:DescribeFramework", "backup:DescribeGlobalSettings", "backup:DescribeProtectedResource", "backup:DescribeRecoveryPoint", "backup:DescribeRegionSettings", "backup:DescribeReportJob", "backup:DescribeReportPlan", "backup:DescribeRestoreJob", "backup:DisassociateRecoveryPoint", "backup:DisassociateRecoveryPointFromParent", "backup:ExportBackupPlanTemplate", "backup:GetBackupPlan", "backup:GetBackupPlanFromJSON", "backup:GetBackupPlanFromTemplate", "backup:GetBackupSelection", "backup:GetBackupVaultAccessPolicy", "backup:GetBackupVaultNotifications", "backup:GetBackupVaultSharingPolicy", "backup:GetLegalHold", "backup:GetRecoveryPointRestoreMetadata", "backup:GetRestoreJobMetadata", "backup:GetRestoreTestingInferredMetadata", "backup:GetRestoreTestingPlan", "backup:GetRestoreTestingSelection", "backup:GetSupportedResourceTypes", "backup:ListBackupJobSummaries", "backup:ListBackupJobs", "backup:ListBackupPlanTemplates", "backup:ListBackupPlanVersions", "backup:ListBackupPlans", "backup:ListBackupSelections", "backup:ListBackupVaults", "backup:ListCopyJobSummaries", "backup:ListCopyJobs", "backup:ListFrameworks", "backup:ListLegalHolds", "backup:ListProtectedResources", "backup:ListProtectedResourcesByBackupVault", "backup:ListRecoveryPointsByBackupVault", "backup:ListRecoveryPointsByLegalHold", "backup:ListRecoveryPointsByResource", "backup:ListReportJobs", "backup:ListReportPlans", "backup:ListRestoreJobSummaries", "backup:ListRestoreJobs", "backup:ListRestoreJobsByProtectedResource", "backup:ListRestoreTestingPlans", "backup:ListRestoreTestingSelections", "backup:ListTags", "backup:PutBackupVaultAccessPolicy", "backup:PutBackupVaultLockConfiguration", "backup:PutBackupVaultNotifications", "backup:PutBackupVaultSharingPolicy", "backup:PutRestoreValidationResult", "backup:StartBackupJob", "backup:StartCopyJob", "backup:StartReportJob", "backup:StartRestoreJob", "backup:StopBackupJob", "backup:TagResource", "backup:UntagResource", "backup:UpdateBackupPlan", "backup:UpdateFramework", "backup:UpdateGlobalSettings", "backup:UpdateRecoveryPointLifecycle", "backup:UpdateRegionSettings", "backup:UpdateReportPlan", "backup:UpdateRestoreTestingPlan", "backup:UpdateRestoreTestingSelection", "backup-gateway:AssociateGatewayToServer", "backup-gateway:Backup", "backup-gateway:CreateGateway", "backup-gateway:DeleteGateway", "backup-gateway:DeleteHypervisor", "backup-gateway:DisassociateGatewayFromServer", "backup-gateway:GetBandwidthRateLimitSchedule", "backup-gateway:GetGateway", "backup-gateway:GetHypervisor", "backup-gateway:GetHypervisorPropertyMappings", "backup-gateway:GetVirtualMachine", "backup-gateway:ImportHypervisorConfiguration", "backup-gateway:ListGateways", "backup-gateway:ListHypervisors", "backup-gateway:ListTagsForResource", "backup-gateway:ListVirtualMachines", "backup-gateway:PutBandwidthRateLimitSchedule", "backup-gateway:PutHypervisorPropertyMappings", "backup-gateway:PutMaintenanceStartTime", "backup-gateway:Restore", "backup-gateway:StartVirtualMachinesMetadataSync", "backup-gateway:TagResource", "backup-gateway:TestHypervisorConfiguration", "backup-gateway:UntagResource", "backup-gateway:UpdateGatewayInformation", "backup-gateway:UpdateGatewaySoftwareNow", "backup-gateway:UpdateHypervisor", "backup-storage:CommitBackupJob", "backup-storage:DeleteObjects", "backup-storage:DescribeBackupJob", "backup-storage:GetBaseBackup", "backup-storage:GetChunk", "backup-storage:GetIncrementalBaseBackup", "backup-storage:GetObjectMetadata", "backup-storage:ListChunks", "backup-storage:ListObjects", "backup-storage:MountCapsule", "backup-storage:NotifyObjectComplete", "backup-storage:PutChunk", "backup-storage:PutObject", "backup-storage:StartObject", "backup-storage:UpdateObjectComplete", "batch:CancelJob", "batch:CreateComputeEnvironment", "batch:CreateJobQueue", "batch:CreateSchedulingPolicy", "batch:DeleteComputeEnvironment", "batch:DeleteJobQueue", "batch:DeleteSchedulingPolicy", "batch:DeregisterJobDefinition", "batch:DescribeComputeEnvironments", "batch:DescribeJobDefinitions", "batch:DescribeJobQueues", "batch:DescribeJobs", "batch:DescribeSchedulingPolicies", "batch:ListJobs", "batch:ListSchedulingPolicies", "batch:ListTagsForResource", "batch:RegisterJobDefinition", "batch:SubmitJob", "batch:TagResource", "batch:TerminateJob", "batch:UntagResource", "batch:UpdateComputeEnvironment", "batch:UpdateJobQueue", "batch:UpdateSchedulingPolicy", "bcm-data-exports:CreateExport", "bcm-data-exports:DeleteExport", "bcm-data-exports:GetExecution", "bcm-data-exports:GetExport", "bcm-data-exports:GetTable", "bcm-data-exports:ListExecutions", "bcm-data-exports:ListExports", "bcm-data-exports:ListTables", "bcm-data-exports:ListTagsForResource", "bcm-data-exports:TagResource", "bcm-data-exports:UntagResource", "bcm-data-exports:UpdateExport", "bedrock:ApplyGuardrail", "bedrock:AssociateAgentKnowledgeBase", "bedrock:AssociateThirdPartyKnowledgeBase", "bedrock:CreateAgent", "bedrock:CreateAgentActionGroup", "bedrock:CreateAgentAlias", "bedrock:CreateDataSource", "bedrock:CreateEvaluationJob", "bedrock:CreateFoundationModelAgreement", "bedrock:CreateGuardrail", "bedrock:CreateGuardrailVersion", "bedrock:CreateKnowledgeBase", "bedrock:CreateModelCustomizationJob", "bedrock:CreateModelEvaluationJob", "bedrock:CreateModelInvocationJob", "bedrock:CreateProvisionedModelThroughput", "bedrock:DeleteAgent", "bedrock:DeleteAgentActionGroup", "bedrock:DeleteAgentAlias", "bedrock:DeleteAgentVersion", "bedrock:DeleteCustomModel", "bedrock:DeleteDataSource", "bedrock:DeleteFoundationModelAgreement", "bedrock:DeleteGuardrail", "bedrock:DeleteKnowledgeBase", "bedrock:DeleteModelInvocationLoggingConfiguration", "bedrock:DeleteProvisionedModelThroughput", "bedrock:DetectGeneratedContent", "bedrock:DisassociateAgentKnowledgeBase", "bedrock:GetAgent", "bedrock:GetAgentActionGroup", "bedrock:GetAgentAlias", "bedrock:GetAgentKnowledgeBase", "bedrock:GetAgentVersion", "bedrock:GetCustomModel", "bedrock:GetDataSource", "bedrock:GetEvaluationJob", "bedrock:GetFoundationModel", "bedrock:GetFoundationModelAvailability", "bedrock:GetGuardrail", "bedrock:GetIngestionJob", "bedrock:GetKnowledgeBase", "bedrock:GetModelCustomizationJob", "bedrock:GetModelEvaluationJob", "bedrock:GetModelInvocationJob", "bedrock:GetModelInvocationLoggingConfiguration", "bedrock:GetProvisionedModelThroughput", "bedrock:GetUseCaseForModelAccess", "bedrock:InvokeAgent", "bedrock:InvokeModel", "bedrock:InvokeModelWithResponseStream", "bedrock:ListAgentActionGroups", "bedrock:ListAgentAliases", "bedrock:ListAgentKnowledgeBases", "bedrock:ListAgentVersions", "bedrock:ListAgents", "bedrock:ListCustomModels", "bedrock:ListDataSources", "bedrock:ListEvaluationJobs", "bedrock:ListFoundationModelAgreementOffers", "bedrock:ListFoundationModels", "bedrock:ListGuardrails", "bedrock:ListIngestionJobs", "bedrock:ListKnowledgeBases", "bedrock:ListModelCustomizationJobs", "bedrock:ListModelEvaluationJobs", "bedrock:ListModelInvocationJobs", "bedrock:ListProvisionedModelThroughputs", "bedrock:ListTagsForResource", "bedrock:PrepareAgent", "bedrock:PutFoundationModelEntitlement", "bedrock:PutModelInvocationLoggingConfiguration", "bedrock:PutUseCaseForModelAccess", "bedrock:Retrieve", "bedrock:RetrieveAndGenerate", "bedrock:StartIngestionJob", "bedrock:StopEvaluationJob", "bedrock:StopModelCustomizationJob", "bedrock:StopModelInvocationJob", "bedrock:TagResource", "bedrock:UntagResource", "bedrock:UpdateAgent", "bedrock:UpdateAgentActionGroup", "bedrock:UpdateAgentAlias", "bedrock:UpdateAgentKnowledgeBase", "bedrock:UpdateDataSource", "bedrock:UpdateGuardrail", "bedrock:UpdateKnowledgeBase", "bedrock:UpdateProvisionedModelThroughput", "billing:GetBillingData", "billing:GetBillingDetails", "billing:GetBillingNotifications", "billing:GetBillingPreferences", "billing:GetContractInformation", "billing:GetCredits", "billing:GetIAMAccessPreference", "billing:GetSellerOfRecord", "billing:ListBillingViews", "billing:PutContractInformation", "billing:RedeemCredits", "billing:UpdateBillingPreferences", "billing:UpdateIAMAccessPreference", "billingconductor:AssociateAccounts", "billingconductor:AssociatePricingRules", "billingconductor:BatchAssociateResourcesToCustomLineItem", "billingconductor:BatchDisassociateResourcesFromCustomLineItem", "billingconductor:CreateBillingGroup", "billingconductor:CreateCustomLineItem", "billingconductor:CreatePricingPlan", "billingconductor:CreatePricingRule", "billingconductor:DeleteBillingGroup", "billingconductor:DeleteCustomLineItem", "billingconductor:DeletePricingPlan", "billingconductor:DeletePricingRule", "billingconductor:DisassociateAccounts", "billingconductor:DisassociatePricingRules", "billingconductor:GetBillingGroupCostReport", "billingconductor:ListAccountAssociations", "billingconductor:ListBillingGroupCostReports", "billingconductor:ListBillingGroups", "billingconductor:ListCustomLineItemVersions", "billingconductor:ListCustomLineItems", "billingconductor:ListPricingPlans", "billingconductor:ListPricingPlansAssociatedWithPricingRule", "billingconductor:ListPricingRules", "billingconductor:ListPricingRulesAssociatedToPricingPlan", "billingconductor:ListResourcesAssociatedToCustomLineItem", "billingconductor:ListTagsForResource", "billingconductor:TagResource", "billingconductor:UntagResource", "billingconductor:UpdateBillingGroup", "billingconductor:UpdateCustomLineItem", "billingconductor:UpdatePricingPlan", "billingconductor:UpdatePricingRule", "braket:AcceptUserAgreement", "braket:AccessBraketFeature", "braket:CancelJob", "braket:CancelQuantumTask", "braket:CreateJob", "braket:CreateQuantumTask", "braket:GetDevice", "braket:GetJob", "braket:GetQuantumTask", "braket:GetServiceLinkedRoleStatus", "braket:GetUserAgreementStatus", "braket:ListTagsForResource", "braket:SearchDevices", "braket:SearchJobs", "braket:SearchQuantumTasks", "braket:TagResource", "braket:UntagResource", "budgets:CreateBudgetAction", "budgets:DeleteBudgetAction", "budgets:DescribeBudgetAction", "budgets:DescribeBudgetActionHistories", "budgets:DescribeBudgetActionsForAccount", "budgets:DescribeBudgetActionsForBudget", "budgets:ExecuteBudgetAction", "budgets:ModifyBudget", "budgets:UpdateBudgetAction", "budgets:ViewBudget", "bugbust:CreateEvent", "bugbust:EvaluateProfilingGroups", "bugbust:GetEvent", "bugbust:GetJoinEventStatus", "bugbust:JoinEvent", "bugbust:ListBugs", "bugbust:ListEventParticipants", "bugbust:ListEventScores", "bugbust:ListEvents", "bugbust:ListProfilingGroups", "bugbust:ListPullRequests", "bugbust:ListTagsForResource", "bugbust:TagResource", "bugbust:UntagResource", "bugbust:UpdateEvent", "bugbust:UpdateWorkItem", "bugbust:UpdateWorkItemAdmin", "cases:BatchGetField", "cases:BatchPutFieldOptions", "cases:CreateCase", "cases:CreateDomain", "cases:CreateField", "cases:CreateLayout", "cases:CreateRelatedItem", "cases:CreateTemplate", "cases:DeleteDomain", "cases:DeleteField", "cases:DeleteLayout", "cases:DeleteTemplate", "cases:GetCase", "cases:GetCaseAuditEvents", "cases:GetCaseEventConfiguration", "cases:GetDomain", "cases:GetLayout", "cases:GetTemplate", "cases:ListCasesForContact", "cases:ListDomains", "cases:ListFieldOptions", "cases:ListFields", "cases:ListLayouts", "cases:ListTagsForResource", "cases:ListTemplates", "cases:PutCaseEventConfiguration", "cases:SearchCases", "cases:SearchRelatedItems", "cases:TagResource", "cases:UntagResource", "cases:UpdateCase", "cases:UpdateField", "cases:UpdateLayout", "cases:UpdateTemplate", "cassandra:Alter", "cassandra:AlterMultiRegionResource", "cassandra:Create", "cassandra:CreateMultiRegionResource", "cassandra:Drop", "cassandra:DropMultiRegionResource", "cassandra:Modify", "cassandra:ModifyMultiRegionResource", "cassandra:Restore", "cassandra:RestoreMultiRegionTable", "cassandra:Select", "cassandra:SelectMultiRegionResource", "cassandra:TagMultiRegionResource", "cassandra:TagResource", "cassandra:UnTagMultiRegionResource", "cassandra:UntagResource", "cassandra:UpdatePartitioner", "ce:CreateAnomalyMonitor", "ce:CreateAnomalySubscription", "ce:CreateCostCategoryDefinition", "ce:CreateNotificationSubscription", "ce:CreateReport", "ce:DeleteAnomalyMonitor", "ce:DeleteAnomalySubscription", "ce:DeleteCostCategoryDefinition", "ce:DeleteNotificationSubscription", "ce:DeleteReport", "ce:DescribeCostCategoryDefinition", "ce:DescribeNotificationSubscription", "ce:DescribeReport", "ce:GetAnomalies", "ce:GetAnomalyMonitors", "ce:GetAnomalySubscriptions", "ce:GetApproximateUsageRecords", "ce:GetConsoleActionSetEnforced", "ce:GetCostAndUsage", "ce:GetCostAndUsageWithResources", "ce:GetCostCategories", "ce:GetCostForecast", "ce:GetDimensionValues", "ce:GetPreferences", "ce:GetReservationCoverage", "ce:GetReservationPurchaseRecommendation", "ce:GetReservationUtilization", "ce:GetRightsizingRecommendation", "ce:GetSavingsPlanPurchaseRecommendationDetails", "ce:GetSavingsPlansCoverage", "ce:GetSavingsPlansPurchaseRecommendation", "ce:GetSavingsPlansUtilization", "ce:GetSavingsPlansUtilizationDetails", "ce:GetTags", "ce:GetUsageForecast", "ce:ListCostAllocationTagBackfillHistory", "ce:ListCostAllocationTags", "ce:ListCostCategoryDefinitions", "ce:ListSavingsPlansPurchaseRecommendationGeneration", "ce:ListTagsForResource", "ce:ProvideAnomalyFeedback", "ce:StartCostAllocationTagBackfill", "ce:StartSavingsPlansPurchaseRecommendationGeneration", "ce:TagResource", "ce:UntagResource", "ce:UpdateAnomalyMonitor", "ce:UpdateAnomalySubscription", "ce:UpdateConsoleActionSetEnforced", "ce:UpdateCostAllocationTagsStatus", "ce:UpdateCostCategoryDefinition", "ce:UpdateNotificationSubscription", "ce:UpdatePreferences", "ce:UpdateReport", "chatbot:CreateChimeWebhookConfiguration", "chatbot:CreateMicrosoftTeamsChannelConfiguration", "chatbot:CreateSlackChannelConfiguration", "chatbot:DeleteChimeWebhookConfiguration", "chatbot:DeleteMicrosoftTeamsChannelConfiguration", "chatbot:DeleteMicrosoftTeamsConfiguredTeam", "chatbot:DeleteMicrosoftTeamsUserIdentity", "chatbot:DeleteSlackChannelConfiguration", "chatbot:DeleteSlackUserIdentity", "chatbot:DeleteSlackWorkspaceAuthorization", "chatbot:DescribeChimeWebhookConfigurations", "chatbot:DescribeSlackChannelConfigurations", "chatbot:DescribeSlackChannels", "chatbot:DescribeSlackUserIdentities", "chatbot:DescribeSlackWorkspaces", "chatbot:GetAccountPreferences", "chatbot:GetMicrosoftTeamsChannelConfiguration", "chatbot:GetMicrosoftTeamsOauthParameters", "chatbot:GetSlackOauthParameters", "chatbot:ListMicrosoftTeamsChannelConfigurations", "chatbot:ListMicrosoftTeamsConfiguredTeams", "chatbot:ListMicrosoftTeamsUserIdentities", "chatbot:RedeemMicrosoftTeamsOauthCode", "chatbot:RedeemSlackOauthCode", "chatbot:UpdateAccountPreferences", "chatbot:UpdateChimeWebhookConfiguration", "chatbot:UpdateMicrosoftTeamsChannelConfiguration", "chatbot:UpdateSlackChannelConfiguration", "chime:AcceptDelegate", "chime:ActivateUsers", "chime:AddDomain", "chime:AddOrUpdateGroups", "chime:AssociateChannelFlow", "chime:AssociatePhoneNumberWithUser", "chime:AssociatePhoneNumbersWithVoiceConnector", "chime:AssociatePhoneNumbersWithVoiceConnectorGroup", "chime:AssociateSigninDelegateGroupsWithAccount", "chime:AuthorizeDirectory", "chime:BatchCreateAttendee", "chime:BatchCreateChannelMembership", "chime:BatchCreateRoomMembership", "chime:BatchDeletePhoneNumber", "chime:BatchSuspendUser", "chime:BatchUnsuspendUser", "chime:BatchUpdateAttendeeCapabilitiesExcept", "chime:BatchUpdatePhoneNumber", "chime:BatchUpdateUser", "chime:ChannelFlowCallback", "chime:Connect", "chime:ConnectDirectory", "chime:CreateAccount", "chime:CreateApiKey", "chime:CreateAppInstance", "chime:CreateAppInstanceAdmin", "chime:CreateAppInstanceBot", "chime:CreateAppInstanceUser", "chime:CreateAttendee", "chime:CreateBot", "chime:CreateCDRBucket", "chime:CreateChannel", "chime:CreateChannelBan", "chime:CreateChannelFlow", "chime:CreateChannelMembership", "chime:CreateChannelModerator", "chime:CreateMediaCapturePipeline", "chime:CreateMediaConcatenationPipeline", "chime:CreateMediaInsightsPipeline", "chime:CreateMediaInsightsPipelineConfiguration", "chime:CreateMediaLiveConnectorPipeline", "chime:CreateMediaPipelineKinesisVideoStreamPool", "chime:CreateMediaStreamPipeline", "chime:CreateMeeting", "chime:CreateMeetingDialOut", "chime:CreateMeetingWithAttendees", "chime:CreatePhoneNumberOrder", "chime:CreateProxySession", "chime:CreateRoom", "chime:CreateRoomMembership", "chime:CreateSipMediaApplication", "chime:CreateSipMediaApplicationCall", "chime:CreateSipRule", "chime:CreateUser", "chime:CreateVoiceConnector", "chime:CreateVoiceConnectorGroup", "chime:CreateVoiceProfile", "chime:CreateVoiceProfileDomain", "chime:DeleteAccount", "chime:DeleteAccountOpenIdConfig", "chime:DeleteApiKey", "chime:DeleteAppInstance", "chime:DeleteAppInstanceAdmin", "chime:DeleteAppInstanceBot", "chime:DeleteAppInstanceStreamingConfigurations", "chime:DeleteAppInstanceUser", "chime:DeleteAttendee", "chime:DeleteCDRBucket", "chime:DeleteChannel", "chime:DeleteChannelBan", "chime:DeleteChannelFlow", "chime:DeleteChannelMembership", "chime:DeleteChannelMessage", "chime:DeleteChannelModerator", "chime:DeleteDelegate", "chime:DeleteDomain", "chime:DeleteEventsConfiguration", "chime:DeleteGroups", "chime:DeleteMediaCapturePipeline", "chime:DeleteMediaInsightsPipelineConfiguration", "chime:DeleteMediaPipeline", "chime:DeleteMediaPipelineKinesisVideoStreamPool", "chime:DeleteMeeting", "chime:DeleteMessagingStreamingConfigurations", "chime:DeletePhoneNumber", "chime:DeleteProxySession", "chime:DeleteRoom", "chime:DeleteRoomMembership", "chime:DeleteSipMediaApplication", "chime:DeleteSipRule", "chime:DeleteVoiceConnector", "chime:DeleteVoiceConnectorEmergencyCallingConfiguration", "chime:DeleteVoiceConnectorGroup", "chime:DeleteVoiceConnectorOrigination", "chime:DeleteVoiceConnectorProxy", "chime:DeleteVoiceConnectorStreamingConfiguration", "chime:DeleteVoiceConnectorTermination", "chime:DeleteVoiceConnectorTerminationCredentials", "chime:DeleteVoiceProfile", "chime:DeleteVoiceProfileDomain", "chime:DeregisterAppInstanceUserEndpoint", "chime:DescribeAppInstance", "chime:DescribeAppInstanceAdmin", "chime:DescribeAppInstanceBot", "chime:DescribeAppInstanceUser", "chime:DescribeAppInstanceUserEndpoint", "chime:DescribeChannel", "chime:DescribeChannelBan", "chime:DescribeChannelFlow", "chime:DescribeChannelMembership", "chime:DescribeChannelMembershipForAppInstanceUser", "chime:DescribeChannelModeratedByAppInstanceUser", "chime:DescribeChannelModerator", "chime:DisassociateChannelFlow", "chime:DisassociatePhoneNumberFromUser", "chime:DisassociatePhoneNumbersFromVoiceConnector", "chime:DisassociatePhoneNumbersFromVoiceConnectorGroup", "chime:DisassociateSigninDelegateGroupsFromAccount", "chime:DisconnectDirectory", "chime:GetAccount", "chime:GetAccountResource", "chime:GetAccountSettings", "chime:GetAccountWithOpenIdConfig", "chime:GetAppInstanceRetentionSettings", "chime:GetAppInstanceStreamingConfigurations", "chime:GetAttendee", "chime:GetBot", "chime:GetCDRBucket", "chime:GetChannelMembershipPreferences", "chime:GetChannelMessage", "chime:GetChannelMessageStatus", "chime:GetDomain", "chime:GetEventsConfiguration", "chime:GetGlobalSettings", "chime:GetMediaCapturePipeline", "chime:GetMediaInsightsPipelineConfiguration", "chime:GetMediaPipeline", "chime:GetMediaPipelineKinesisVideoStreamPool", "chime:GetMeeting", "chime:GetMeetingDetail", "chime:GetMessagingSessionEndpoint", "chime:GetMessagingStreamingConfigurations", "chime:GetPhoneNumber", "chime:GetPhoneNumberOrder", "chime:GetPhoneNumberSettings", "chime:GetProxySession", "chime:GetRetentionSettings", "chime:GetRoom", "chime:GetSipMediaApplication", "chime:GetSipMediaApplicationAlexaSkillConfiguration", "chime:GetSipMediaApplicationLoggingConfiguration", "chime:GetSipRule", "chime:GetSpeakerSearchTask", "chime:GetTelephonyLimits", "chime:GetUser", "chime:GetUserActivityReportData", "chime:GetUserByEmail", "chime:GetUserSettings", "chime:GetVoiceConnector", "chime:GetVoiceConnectorEmergencyCallingConfiguration", "chime:GetVoiceConnectorGroup", "chime:GetVoiceConnectorLoggingConfiguration", "chime:GetVoiceConnectorOrigination", "chime:GetVoiceConnectorProxy", "chime:GetVoiceConnectorStreamingConfiguration", "chime:GetVoiceConnectorTermination", "chime:GetVoiceConnectorTerminationHealth", "chime:GetVoiceProfile", "chime:GetVoiceProfileDomain", "chime:GetVoiceToneAnalysisTask", "chime:InviteDelegate", "chime:InviteUsers", "chime:InviteUsersFromProvider", "chime:ListAccountUsageReportData", "chime:ListAccounts", "chime:ListApiKeys", "chime:ListAppInstanceAdmins", "chime:ListAppInstanceBots", "chime:ListAppInstanceUserEndpoints", "chime:ListAppInstanceUsers", "chime:ListAppInstances", "chime:ListAttendeeTags", "chime:ListAttendees", "chime:ListAvailableVoiceConnectorRegions", "chime:ListBots", "chime:ListCDRBucket", "chime:ListCallingRegions", "chime:ListChannelBans", "chime:ListChannelFlows", "chime:ListChannelMemberships", "chime:ListChannelMembershipsForAppInstanceUser", "chime:ListChannelMessages", "chime:ListChannelModerators", "chime:ListChannels", "chime:ListChannelsAssociatedWithChannelFlow", "chime:ListChannelsModeratedByAppInstanceUser", "chime:ListDelegates", "chime:ListDirectories", "chime:ListDomains", "chime:ListGroups", "chime:ListMediaCapturePipelines", "chime:ListMediaInsightsPipelineConfigurations", "chime:ListMediaPipelineKinesisVideoStreamPools", "chime:ListMediaPipelines", "chime:ListMeetingEvents", "chime:ListMeetingTags", "chime:ListMeetings", "chime:ListMeetingsReportData", "chime:ListPhoneNumberOrders", "chime:ListPhoneNumbers", "chime:ListProxySessions", "chime:ListRoomMemberships", "chime:ListRooms", "chime:ListSipMediaApplications", "chime:ListSipRules", "chime:ListSubChannels", "chime:ListSupportedPhoneNumberCountries", "chime:ListTagsForResource", "chime:ListUsers", "chime:ListVoiceConnectorGroups", "chime:ListVoiceConnectorTerminationCredentials", "chime:ListVoiceConnectors", "chime:ListVoiceProfileDomains", "chime:ListVoiceProfiles", "chime:LogoutUser", "chime:PutAppInstanceRetentionSettings", "chime:PutAppInstanceStreamingConfigurations", "chime:PutAppInstanceUserExpirationSettings", "chime:PutChannelExpirationSettings", "chime:PutChannelMembershipPreferences", "chime:PutEventsConfiguration", "chime:PutMessagingStreamingConfigurations", "chime:PutRetentionSettings", "chime:PutSipMediaApplicationAlexaSkillConfiguration", "chime:PutSipMediaApplicationLoggingConfiguration", "chime:PutVoiceConnectorEmergencyCallingConfiguration", "chime:PutVoiceConnectorLoggingConfiguration", "chime:PutVoiceConnectorOrigination", "chime:PutVoiceConnectorProxy", "chime:PutVoiceConnectorStreamingConfiguration", "chime:PutVoiceConnectorTermination", "chime:PutVoiceConnectorTerminationCredentials", "chime:RedactChannelMessage", "chime:RedactConversationMessage", "chime:RedactRoomMessage", "chime:RegenerateSecurityToken", "chime:RegisterAppInstanceUserEndpoint", "chime:RenameAccount", "chime:RenewDelegate", "chime:ResetAccountResource", "chime:ResetPersonalPIN", "chime:RestorePhoneNumber", "chime:RetrieveDataExports", "chime:SearchAvailablePhoneNumbers", "chime:SearchChannels", "chime:SendChannelMessage", "chime:StartDataExport", "chime:StartMeetingTranscription", "chime:StartSpeakerSearchTask", "chime:StartVoiceToneAnalysisTask", "chime:StopMeetingTranscription", "chime:StopSpeakerSearchTask", "chime:StopVoiceToneAnalysisTask", "chime:SubmitSupportRequest", "chime:SuspendUsers", "chime:TagAttendee", "chime:TagMeeting", "chime:TagResource", "chime:UnauthorizeDirectory", "chime:UntagAttendee", "chime:UntagMeeting", "chime:UntagResource", "chime:UpdateAccount", "chime:UpdateAccountOpenIdConfig", "chime:UpdateAccountResource", "chime:UpdateAccountSettings", "chime:UpdateAppInstance", "chime:UpdateAppInstanceBot", "chime:UpdateAppInstanceUser", "chime:UpdateAppInstanceUserEndpoint", "chime:UpdateAttendeeCapabilities", "chime:UpdateBot", "chime:UpdateCDRSettings", "chime:UpdateChannel", "chime:UpdateChannelFlow", "chime:UpdateChannelMessage", "chime:UpdateChannelReadMarker", "chime:UpdateGlobalSettings", "chime:UpdateMediaInsightsPipelineConfiguration", "chime:UpdateMediaInsightsPipelineStatus", "chime:UpdateMediaPipelineKinesisVideoStreamPool", "chime:UpdatePhoneNumber", "chime:UpdatePhoneNumberSettings", "chime:UpdateProxySession", "chime:UpdateRoom", "chime:UpdateRoomMembership", "chime:UpdateSipMediaApplication", "chime:UpdateSipMediaApplicationCall", "chime:UpdateSipRule", "chime:UpdateSupportedLicenses", "chime:UpdateUser", "chime:UpdateUserLicenses", "chime:UpdateUserSettings", "chime:UpdateVoiceConnector", "chime:UpdateVoiceConnectorGroup", "chime:UpdateVoiceProfile", "chime:UpdateVoiceProfileDomain", "chime:ValidateAccountResource", "chime:ValidateE911Address", "cleanrooms:BatchGetCollaborationAnalysisTemplate", "cleanrooms:BatchGetSchema", "cleanrooms:BatchGetSchemaAnalysisRule", "cleanrooms:CreateAnalysisTemplate", "cleanrooms:CreateCollaboration", "cleanrooms:CreateConfiguredAudienceModelAssociation", "cleanrooms:CreateConfiguredTable", "cleanrooms:CreateConfiguredTableAnalysisRule", "cleanrooms:CreateConfiguredTableAssociation", "cleanrooms:CreateMembership", "cleanrooms:CreatePrivacyBudgetTemplate", "cleanrooms:DeleteAnalysisTemplate", "cleanrooms:DeleteCollaboration", "cleanrooms:DeleteConfiguredAudienceModelAssociation", "cleanrooms:DeleteConfiguredTable", "cleanrooms:DeleteConfiguredTableAnalysisRule", "cleanrooms:DeleteConfiguredTableAssociation", "cleanrooms:DeleteMember", "cleanrooms:DeleteMembership", "cleanrooms:DeletePrivacyBudgetTemplate", "cleanrooms:GetAnalysisTemplate", "cleanrooms:GetCollaboration", "cleanrooms:GetCollaborationAnalysisTemplate", "cleanrooms:GetCollaborationConfiguredAudienceModelAssociation", "cleanrooms:GetCollaborationPrivacyBudgetTemplate", "cleanrooms:GetConfiguredAudienceModelAssociation", "cleanrooms:GetConfiguredTable", "cleanrooms:GetConfiguredTableAnalysisRule", "cleanrooms:GetConfiguredTableAssociation", "cleanrooms:GetMembership", "cleanrooms:GetPrivacyBudgetTemplate", "cleanrooms:GetProtectedQuery", "cleanrooms:GetSchema", "cleanrooms:GetSchemaAnalysisRule", "cleanrooms:ListAnalysisTemplates", "cleanrooms:ListCollaborationAnalysisTemplates", "cleanrooms:ListCollaborationConfiguredAudienceModelAssociations", "cleanrooms:ListCollaborationPrivacyBudgetTemplates", "cleanrooms:ListCollaborationPrivacyBudgets", "cleanrooms:ListCollaborations", "cleanrooms:ListConfiguredAudienceModelAssociations", "cleanrooms:ListConfiguredTableAssociations", "cleanrooms:ListConfiguredTables", "cleanrooms:ListMembers", "cleanrooms:ListMemberships", "cleanrooms:ListPrivacyBudgetTemplates", "cleanrooms:ListPrivacyBudgets", "cleanrooms:ListProtectedQueries", "cleanrooms:ListSchemas", "cleanrooms:ListTagsForResource", "cleanrooms:PreviewPrivacyImpact", "cleanrooms:StartProtectedQuery", "cleanrooms:TagResource", "cleanrooms:UntagResource", "cleanrooms:UpdateAnalysisTemplate", "cleanrooms:UpdateCollaboration", "cleanrooms:UpdateConfiguredAudienceModelAssociation", "cleanrooms:UpdateConfiguredTable", "cleanrooms:UpdateConfiguredTableAnalysisRule", "cleanrooms:UpdateConfiguredTableAssociation", "cleanrooms:UpdateMembership", "cleanrooms:UpdatePrivacyBudgetTemplate", "cleanrooms:UpdateProtectedQuery", "cleanrooms-ml:CreateAudienceModel", "cleanrooms-ml:CreateConfiguredAudienceModel", "cleanrooms-ml:CreateTrainingDataset", "cleanrooms-ml:DeleteAudienceGenerationJob", "cleanrooms-ml:DeleteAudienceModel", "cleanrooms-ml:DeleteConfiguredAudienceModel", "cleanrooms-ml:DeleteConfiguredAudienceModelPolicy", "cleanrooms-ml:DeleteTrainingDataset", "cleanrooms-ml:GetAudienceGenerationJob", "cleanrooms-ml:GetAudienceModel", "cleanrooms-ml:GetConfiguredAudienceModel", "cleanrooms-ml:GetConfiguredAudienceModelPolicy", "cleanrooms-ml:GetTrainingDataset", "cleanrooms-ml:ListAudienceExportJobs", "cleanrooms-ml:ListAudienceGenerationJobs", "cleanrooms-ml:ListAudienceModels", "cleanrooms-ml:ListConfiguredAudienceModels", "cleanrooms-ml:ListTagsForResource", "cleanrooms-ml:ListTrainingDatasets", "cleanrooms-ml:PutConfiguredAudienceModelPolicy", "cleanrooms-ml:StartAudienceExportJob", "cleanrooms-ml:StartAudienceGenerationJob", "cleanrooms-ml:TagResource", "cleanrooms-ml:UnTagResource", "cleanrooms-ml:UpdateConfiguredAudienceModel", "cloud9:ActivateEC2Remote", "cloud9:CreateEnvironmentEC2", "cloud9:CreateEnvironmentMembership", "cloud9:CreateEnvironmentSSH", "cloud9:CreateEnvironmentToken", "cloud9:DeleteEnvironment", "cloud9:DeleteEnvironmentMembership", "cloud9:DescribeEC2Remote", "cloud9:DescribeEnvironmentMemberships", "cloud9:DescribeEnvironmentStatus", "cloud9:DescribeEnvironments", "cloud9:DescribeSSHRemote", "cloud9:GetEnvironmentConfig", "cloud9:GetEnvironmentSettings", "cloud9:GetMembershipSettings", "cloud9:GetMigrationExperiences", "cloud9:GetUserPublicKey", "cloud9:GetUserSettings", "cloud9:ListEnvironments", "cloud9:ListTagsForResource", "cloud9:ModifyTemporaryCredentialsOnEnvironmentEC2", "cloud9:TagResource", "cloud9:UntagResource", "cloud9:UpdateEnvironment", "cloud9:UpdateEnvironmentMembership", "cloud9:UpdateEnvironmentSettings", "cloud9:UpdateMembershipSettings", "cloud9:UpdateSSHRemote", "cloud9:UpdateUserSettings", "cloud9:ValidateEnvironmentName", "clouddirectory:AddFacetToObject", "clouddirectory:ApplySchema", "clouddirectory:AttachObject", "clouddirectory:AttachPolicy", "clouddirectory:AttachToIndex", "clouddirectory:AttachTypedLink", "clouddirectory:BatchRead", "clouddirectory:BatchWrite", "clouddirectory:CreateDirectory", "clouddirectory:CreateFacet", "clouddirectory:CreateIndex", "clouddirectory:CreateObject", "clouddirectory:CreateSchema", "clouddirectory:CreateTypedLinkFacet", "clouddirectory:DeleteDirectory", "clouddirectory:DeleteFacet", "clouddirectory:DeleteObject", "clouddirectory:DeleteSchema", "clouddirectory:DeleteTypedLinkFacet", "clouddirectory:DetachFromIndex", "clouddirectory:DetachObject", "clouddirectory:DetachPolicy", "clouddirectory:DetachTypedLink", "clouddirectory:DisableDirectory", "clouddirectory:EnableDirectory", "clouddirectory:GetAppliedSchemaVersion", "clouddirectory:GetDirectory", "clouddirectory:GetFacet", "clouddirectory:GetLinkAttributes", "clouddirectory:GetObjectAttributes", "clouddirectory:GetObjectInformation", "clouddirectory:GetSchemaAsJson", "clouddirectory:GetTypedLinkFacetInformation", "clouddirectory:ListAppliedSchemaArns", "clouddirectory:ListAttachedIndices", "clouddirectory:ListDevelopmentSchemaArns", "clouddirectory:ListDirectories", "clouddirectory:ListFacetAttributes", "clouddirectory:ListFacetNames", "clouddirectory:ListIncomingTypedLinks", "clouddirectory:ListIndex", "clouddirectory:ListManagedSchemaArns", "clouddirectory:ListObjectAttributes", "clouddirectory:ListObjectChildren", "clouddirectory:ListObjectParentPaths", "clouddirectory:ListObjectParents", "clouddirectory:ListObjectPolicies", "clouddirectory:ListOutgoingTypedLinks", "clouddirectory:ListPolicyAttachments", "clouddirectory:ListPublishedSchemaArns", "clouddirectory:ListTagsForResource", "clouddirectory:ListTypedLinkFacetAttributes", "clouddirectory:ListTypedLinkFacetNames", "clouddirectory:LookupPolicy", "clouddirectory:PublishSchema", "clouddirectory:PutSchemaFromJson", "clouddirectory:RemoveFacetFromObject", "clouddirectory:TagResource", "clouddirectory:UntagResource", "clouddirectory:UpdateFacet", "clouddirectory:UpdateLinkAttributes", "clouddirectory:UpdateObjectAttributes", "clouddirectory:UpdateSchema", "clouddirectory:UpdateTypedLinkFacet", "clouddirectory:UpgradeAppliedSchema", "clouddirectory:UpgradePublishedSchema", "cloudformation:CancelResourceRequest", "cloudformation:CreateResource", "cloudformation:DeleteResource", "cloudformation:GetResource", "cloudformation:GetResourceRequestStatus", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:UpdateResource", "cloudformation:ActivateOrganizationsAccess", "cloudformation:ActivateType", "cloudformation:BatchDescribeTypeConfigurations", "cloudformation:CancelUpdateStack", "cloudformation:ContinueUpdateRollback", "cloudformation:CreateChangeSet", "cloudformation:CreateGeneratedTemplate", "cloudformation:CreateStack", "cloudformation:CreateStackInstances", "cloudformation:CreateStackSet", "cloudformation:CreateUploadBucket", "cloudformation:DeactivateOrganizationsAccess", "cloudformation:DeactivateType", "cloudformation:DeleteChangeSet", "cloudformation:DeleteGeneratedTemplate", "cloudformation:DeleteStack", "cloudformation:DeleteStackInstances", "cloudformation:DeleteStackSet", "cloudformation:DeregisterType", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeChangeSet", "cloudformation:DescribeChangeSetHooks", "cloudformation:DescribeGeneratedTemplate", "cloudformation:DescribeOrganizationsAccess", "cloudformation:DescribePublisher", "cloudformation:DescribeResourceScan", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:DescribeType", "cloudformation:DescribeTypeRegistration", "cloudformation:DetectStackDrift", "cloudformation:DetectStackResourceDrift", "cloudformation:DetectStackSetDrift", "cloudformation:EstimateTemplateCost", "cloudformation:ExecuteChangeSet", "cloudformation:GetGeneratedTemplate", "cloudformation:GetStackPolicy", "cloudformation:GetTemplate", "cloudformation:GetTemplateSummary", "cloudformation:ImportStacksToStackSet", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "cloudformation:PublishType", "cloudformation:RecordHandlerProgress", "cloudformation:RegisterPublisher", "cloudformation:RegisterType", "cloudformation:RollbackStack", "cloudformation:SetStackPolicy", "cloudformation:SetTypeConfiguration", "cloudformation:SetTypeDefaultVersion", "cloudformation:SignalResource", "cloudformation:StartResourceScan", "cloudformation:StopStackSetOperation", "cloudformation:TagResource", "cloudformation:TestType", "cloudformation:UntagResource", "cloudformation:UpdateGeneratedTemplate", "cloudformation:UpdateStack", "cloudformation:UpdateStackInstances", "cloudformation:UpdateStackSet", "cloudformation:UpdateTerminationProtection", "cloudformation:ValidateTemplate", "cloudfront:AssociateAlias", "cloudfront:CopyDistribution", "cloudfront:CreateCachePolicy", "cloudfront:CreateCloudFrontOriginAccessIdentity", "cloudfront:CreateContinuousDeploymentPolicy", "cloudfront:CreateDistribution", "cloudfront:CreateFieldLevelEncryptionConfig", "cloudfront:CreateFieldLevelEncryptionProfile", "cloudfront:CreateFunction", "cloudfront:CreateInvalidation", "cloudfront:CreateKeyGroup", "cloudfront:CreateKeyValueStore", "cloudfront:CreateMonitoringSubscription", "cloudfront:CreateOriginAccessControl", "cloudfront:CreateOriginRequestPolicy", "cloudfront:CreatePublicKey", "cloudfront:CreateRealtimeLogConfig", "cloudfront:CreateResponseHeadersPolicy", "cloudfront:CreateSavingsPlan", "cloudfront:CreateStreamingDistribution", "cloudfront:CreateStreamingDistributionWithTags", "cloudfront:DeleteCachePolicy", "cloudfront:DeleteCloudFrontOriginAccessIdentity", "cloudfront:DeleteContinuousDeploymentPolicy", "cloudfront:DeleteDistribution", "cloudfront:DeleteFieldLevelEncryptionConfig", "cloudfront:DeleteFieldLevelEncryptionProfile", "cloudfront:DeleteFunction", "cloudfront:DeleteKeyGroup", "cloudfront:DeleteKeyValueStore", "cloudfront:DeleteMonitoringSubscription", "cloudfront:DeleteOriginAccessControl", "cloudfront:DeleteOriginRequestPolicy", "cloudfront:DeletePublicKey", "cloudfront:DeleteRealtimeLogConfig", "cloudfront:DeleteResponseHeadersPolicy", "cloudfront:DeleteStreamingDistribution", "cloudfront:DescribeFunction", "cloudfront:DescribeKeyValueStore", "cloudfront:GetCachePolicy", "cloudfront:GetCachePolicyConfig", "cloudfront:GetCloudFrontOriginAccessIdentity", "cloudfront:GetCloudFrontOriginAccessIdentityConfig", "cloudfront:GetContinuousDeploymentPolicy", "cloudfront:GetContinuousDeploymentPolicyConfig", "cloudfront:GetDistribution", "cloudfront:GetDistributionConfig", "cloudfront:GetFieldLevelEncryption", "cloudfront:GetFieldLevelEncryptionConfig", "cloudfront:GetFieldLevelEncryptionProfile", "cloudfront:GetFieldLevelEncryptionProfileConfig", "cloudfront:GetFunction", "cloudfront:GetInvalidation", "cloudfront:GetKeyGroup", "cloudfront:GetKeyGroupConfig", "cloudfront:GetMonitoringSubscription", "cloudfront:GetOriginAccessControl", "cloudfront:GetOriginAccessControlConfig", "cloudfront:GetOriginRequestPolicy", "cloudfront:GetOriginRequestPolicyConfig", "cloudfront:GetPublicKey", "cloudfront:GetPublicKeyConfig", "cloudfront:GetRealtimeLogConfig", "cloudfront:GetResponseHeadersPolicy", "cloudfront:GetResponseHeadersPolicyConfig", "cloudfront:GetSavingsPlan", "cloudfront:GetStreamingDistribution", "cloudfront:GetStreamingDistributionConfig", "cloudfront:ListCachePolicies", "cloudfront:ListCloudFrontOriginAccessIdentities", "cloudfront:ListConflictingAliases", "cloudfront:ListContinuousDeploymentPolicies", "cloudfront:ListDistributions", "cloudfront:ListDistributionsByCachePolicyId", "cloudfront:ListDistributionsByKeyGroup", "cloudfront:ListDistributionsByLambdaFunction", "cloudfront:ListDistributionsByOriginRequestPolicyId", "cloudfront:ListDistributionsByRealtimeLogConfig", "cloudfront:ListDistributionsByResponseHeadersPolicyId", "cloudfront:ListDistributionsByWebACLId", "cloudfront:ListFieldLevelEncryptionConfigs", "cloudfront:ListFieldLevelEncryptionProfiles", "cloudfront:ListFunctions", "cloudfront:ListInvalidations", "cloudfront:ListKeyGroups", "cloudfront:ListKeyValueStores", "cloudfront:ListOriginAccessControls", "cloudfront:ListOriginRequestPolicies", "cloudfront:ListPublicKeys", "cloudfront:ListRateCards", "cloudfront:ListRealtimeLogConfigs", "cloudfront:ListResponseHeadersPolicies", "cloudfront:ListSavingsPlans", "cloudfront:ListStreamingDistributions", "cloudfront:ListTagsForResource", "cloudfront:ListUsages", "cloudfront:PublishFunction", "cloudfront:TagResource", "cloudfront:TestFunction", "cloudfront:UntagResource", "cloudfront:UpdateCachePolicy", "cloudfront:UpdateCloudFrontOriginAccessIdentity", "cloudfront:UpdateContinuousDeploymentPolicy", "cloudfront:UpdateDistribution", "cloudfront:UpdateFieldLevelEncryptionConfig", "cloudfront:UpdateFieldLevelEncryptionProfile", "cloudfront:UpdateFunction", "cloudfront:UpdateKeyGroup", "cloudfront:UpdateKeyValueStore", "cloudfront:UpdateOriginAccessControl", "cloudfront:UpdateOriginRequestPolicy", "cloudfront:UpdatePublicKey", "cloudfront:UpdateRealtimeLogConfig", "cloudfront:UpdateResponseHeadersPolicy", "cloudfront:UpdateSavingsPlan", "cloudfront:UpdateStreamingDistribution", "cloudfront-keyvaluestore:DeleteKey", "cloudfront-keyvaluestore:DescribeKeyValueStore", "cloudfront-keyvaluestore:GetKey", "cloudfront-keyvaluestore:ListKeys", "cloudfront-keyvaluestore:PutKey", "cloudfront-keyvaluestore:UpdateKeys", "cloudhsm:AddTagsToResource", "cloudhsm:CopyBackupToRegion", "cloudhsm:CreateCluster", "cloudhsm:CreateHapg", "cloudhsm:CreateHsm", "cloudhsm:CreateLunaClient", "cloudhsm:DeleteBackup", "cloudhsm:DeleteCluster", "cloudhsm:DeleteHapg", "cloudhsm:DeleteHsm", "cloudhsm:DeleteLunaClient", "cloudhsm:DescribeBackups", "cloudhsm:DescribeClusters", "cloudhsm:DescribeHapg", "cloudhsm:DescribeHsm", "cloudhsm:DescribeLunaClient", "cloudhsm:GetConfig", "cloudhsm:InitializeCluster", "cloudhsm:ListAvailableZones", "cloudhsm:ListHapgs", "cloudhsm:ListHsms", "cloudhsm:ListLunaClients", "cloudhsm:ListTags", "cloudhsm:ListTagsForResource", "cloudhsm:ModifyBackupAttributes", "cloudhsm:ModifyCluster", "cloudhsm:ModifyHapg", "cloudhsm:ModifyHsm", "cloudhsm:ModifyLunaClient", "cloudhsm:RemoveTagsFromResource", "cloudhsm:RestoreBackup", "cloudhsm:TagResource", "cloudhsm:UntagResource", "cloudsearch:AddTags", "cloudsearch:BuildSuggesters", "cloudsearch:CreateDomain", "cloudsearch:DefineAnalysisScheme", "cloudsearch:DefineExpression", "cloudsearch:DefineIndexField", "cloudsearch:DefineSuggester", "cloudsearch:DeleteAnalysisScheme", "cloudsearch:DeleteDomain", "cloudsearch:DeleteExpression", "cloudsearch:DeleteIndexField", "cloudsearch:DeleteSuggester", "cloudsearch:DescribeAnalysisSchemes", "cloudsearch:DescribeAvailabilityOptions", "cloudsearch:DescribeDomainEndpointOptions", "cloudsearch:DescribeDomains", "cloudsearch:DescribeExpressions", "cloudsearch:DescribeIndexFields", "cloudsearch:DescribeScalingParameters", "cloudsearch:DescribeServiceAccessPolicies", "cloudsearch:DescribeSuggesters", "cloudsearch:IndexDocuments", "cloudsearch:ListDomainNames", "cloudsearch:ListTags", "cloudsearch:RemoveTags", "cloudsearch:UpdateAvailabilityOptions", "cloudsearch:UpdateDomainEndpointOptions", "cloudsearch:UpdateScalingParameters", "cloudsearch:UpdateServiceAccessPolicies", "cloudsearch:document", "cloudsearch:search", "cloudsearch:suggest", "cloudshell:CreateEnvironment", "cloudshell:CreateSession", "cloudshell:DeleteEnvironment", "cloudshell:GetEnvironmentStatus", "cloudshell:GetFileDownloadUrls", "cloudshell:GetFileUploadUrls", "cloudshell:PutCredentials", "cloudshell:StartEnvironment", "cloudshell:StopEnvironment", "cloudtrail:AddTags", "cloudtrail:CancelQuery", "cloudtrail:CreateChannel", "cloudtrail:CreateEventDataStore", "cloudtrail:CreateServiceLinkedChannel", "cloudtrail:CreateTrail", "cloudtrail:DeleteChannel", "cloudtrail:DeleteEventDataStore", "cloudtrail:DeleteResourcePolicy", "cloudtrail:DeleteServiceLinkedChannel", "cloudtrail:DeleteTrail", "cloudtrail:DeregisterOrganizationDelegatedAdmin", "cloudtrail:DescribeQuery", "cloudtrail:DescribeTrails", "cloudtrail:DisableFederation", "cloudtrail:EnableFederation", "cloudtrail:GetChannel", "cloudtrail:GetEventDataStore", "cloudtrail:GetEventDataStoreData", "cloudtrail:GetEventSelectors", "cloudtrail:GetImport", "cloudtrail:GetInsightSelectors", "cloudtrail:GetQueryResults", "cloudtrail:GetResourcePolicy", "cloudtrail:GetServiceLinkedChannel", "cloudtrail:GetTrail", "cloudtrail:GetTrailStatus", "cloudtrail:ListChannels", "cloudtrail:ListEventDataStores", "cloudtrail:ListImportFailures", "cloudtrail:ListImports", "cloudtrail:ListPublicKeys", "cloudtrail:ListQueries", "cloudtrail:ListServiceLinkedChannels", "cloudtrail:ListTags", "cloudtrail:ListTrails", "cloudtrail:LookupEvents", "cloudtrail:PutEventSelectors", "cloudtrail:PutInsightSelectors", "cloudtrail:PutResourcePolicy", "cloudtrail:RegisterOrganizationDelegatedAdmin", "cloudtrail:RemoveTags", "cloudtrail:RestoreEventDataStore", "cloudtrail:StartEventDataStoreIngestion", "cloudtrail:StartImport", "cloudtrail:StartLogging", "cloudtrail:StartQuery", "cloudtrail:StopEventDataStoreIngestion", "cloudtrail:StopImport", "cloudtrail:StopLogging", "cloudtrail:UpdateChannel", "cloudtrail:UpdateEventDataStore", "cloudtrail:UpdateServiceLinkedChannel", "cloudtrail:UpdateTrail", "cloudtrail-data:PutAuditEvents", "cloudwatch:BatchGetServiceLevelIndicatorReport", "cloudwatch:BatchGetServiceLevelObjectiveBudgetReport", "cloudwatch:CreateServiceLevelObjective", "cloudwatch:DeleteAlarms", "cloudwatch:DeleteAnomalyDetector", "cloudwatch:DeleteDashboards", "cloudwatch:DeleteInsightRules", "cloudwatch:DeleteMetricStream", "cloudwatch:DeleteServiceLevelObjective", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:DisableAlarmActions", "cloudwatch:DisableInsightRules", "cloudwatch:EnableAlarmActions", "cloudwatch:EnableInsightRules", "cloudwatch:EnableTopologyDiscovery", "cloudwatch:GenerateQuery", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:Link", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "cloudwatch:PutAnomalyDetector", "cloudwatch:PutCompositeAlarm", "cloudwatch:PutDashboard", "cloudwatch:PutInsightRule", "cloudwatch:PutManagedInsightRules", "cloudwatch:PutMetricAlarm", "cloudwatch:PutMetricData", "cloudwatch:PutMetricStream", "cloudwatch:SetAlarmState", "cloudwatch:StartMetricStreams", "cloudwatch:StopMetricStreams", "cloudwatch:TagResource", "cloudwatch:UntagResource", "cloudwatch:UpdateServiceLevelObjective", "codeartifact:AssociateExternalConnection", "codeartifact:AssociateWithDownstreamRepository", "codeartifact:CopyPackageVersions", "codeartifact:CreateDomain", "codeartifact:CreatePackageGroup", "codeartifact:CreateRepository", "codeartifact:DeleteDomain", "codeartifact:DeleteDomainPermissionsPolicy", "codeartifact:DeletePackage", "codeartifact:DeletePackageGroup", "codeartifact:DeletePackageVersions", "codeartifact:DeleteRepository", "codeartifact:DeleteRepositoryPermissionsPolicy", "codeartifact:DescribeDomain", "codeartifact:DescribePackage", "codeartifact:DescribePackageGroup", "codeartifact:DescribePackageVersion", "codeartifact:DescribeRepository", "codeartifact:DisassociateExternalConnection", "codeartifact:DisposePackageVersions", "codeartifact:GetAssociatedPackageGroup", "codeartifact:GetAuthorizationToken", "codeartifact:GetDomainPermissionsPolicy", "codeartifact:GetPackageVersionAsset", "codeartifact:GetPackageVersionReadme", "codeartifact:GetRepositoryEndpoint", "codeartifact:GetRepositoryPermissionsPolicy", "codeartifact:ListAllowedRepositoriesForGroup", "codeartifact:ListAssociatedPackages", "codeartifact:ListDomains", "codeartifact:ListPackageGroups", "codeartifact:ListPackageVersionAssets", "codeartifact:ListPackageVersionDependencies", "codeartifact:ListPackageVersions", "codeartifact:ListPackages", "codeartifact:ListRepositories", "codeartifact:ListRepositoriesInDomain", "codeartifact:ListSubPackageGroups", "codeartifact:ListTagsForResource", "codeartifact:PublishPackageVersion", "codeartifact:PutDomainPermissionsPolicy", "codeartifact:PutPackageMetadata", "codeartifact:PutPackageOriginConfiguration", "codeartifact:PutRepositoryPermissionsPolicy", "codeartifact:ReadFromRepository", "codeartifact:TagResource", "codeartifact:UntagResource", "codeartifact:UpdatePackageGroup", "codeartifact:UpdatePackageGroupOriginConfiguration", "codeartifact:UpdatePackageVersionsStatus", "codeartifact:UpdateRepository", "codebuild:BatchDeleteBuilds", "codebuild:BatchGetBuildBatches", "codebuild:BatchGetBuilds", "codebuild:BatchGetFleets", "codebuild:BatchGetProjects", "codebuild:BatchGetReportGroups", "codebuild:BatchGetReports", "codebuild:BatchPutCodeCoverages", "codebuild:BatchPutTestCases", "codebuild:CreateFleet", "codebuild:CreateProject", "codebuild:CreateReport", "codebuild:CreateReportGroup", "codebuild:CreateWebhook", "codebuild:DeleteBuildBatch", "codebuild:DeleteFleet", "codebuild:DeleteOAuthToken", "codebuild:DeleteProject", "codebuild:DeleteReport", "codebuild:DeleteReportGroup", "codebuild:DeleteResourcePolicy", "codebuild:DeleteSourceCredentials", "codebuild:DeleteWebhook", "codebuild:DescribeCodeCoverages", "codebuild:DescribeTestCases", "codebuild:GetReportGroupTrend", "codebuild:GetResourcePolicy", "codebuild:ImportSourceCredentials", "codebuild:InvalidateProjectCache", "codebuild:ListBuildBatches", "codebuild:ListBuildBatchesForProject", "codebuild:ListBuilds", "codebuild:ListBuildsForProject", "codebuild:ListConnectedOAuthAccounts", "codebuild:ListCuratedEnvironmentImages", "codebuild:ListFleets", "codebuild:ListProjects", "codebuild:ListReportGroups", "codebuild:ListReports", "codebuild:ListReportsForReportGroup", "codebuild:ListRepositories", "codebuild:ListSharedProjects", "codebuild:ListSharedReportGroups", "codebuild:ListSourceCredentials", "codebuild:PersistOAuthToken", "codebuild:PutResourcePolicy", "codebuild:RetryBuild", "codebuild:RetryBuildBatch", "codebuild:StartBuild", "codebuild:StartBuildBatch", "codebuild:StopBuild", "codebuild:StopBuildBatch", "codebuild:UpdateFleet", "codebuild:UpdateProject", "codebuild:UpdateProjectVisibility", "codebuild:UpdateReport", "codebuild:UpdateReportGroup", "codebuild:UpdateWebhook", "codecatalyst:AcceptConnection", "codecatalyst:AssociateIamRoleToConnection", "codecatalyst:AssociateIdentityCenterApplicationToSpace", "codecatalyst:AssociateIdentityToIdentityCenterApplication", "codecatalyst:BatchAssociateIdentitiesToIdentityCenterApplication", "codecatalyst:BatchDisassociateIdentitiesFromIdentityCenterApplication", "codecatalyst:CreateIdentityCenterApplication", "codecatalyst:CreateSpace", "codecatalyst:CreateSpaceAdminRoleAssignment", "codecatalyst:DeleteConnection", "codecatalyst:DeleteIdentityCenterApplication", "codecatalyst:DisassociateIamRoleFromConnection", "codecatalyst:DisassociateIdentityCenterApplicationFromSpace", "codecatalyst:DisassociateIdentityFromIdentityCenterApplication", "codecatalyst:GetBillingAuthorization", "codecatalyst:GetConnection", "codecatalyst:GetIdentityCenterApplication", "codecatalyst:GetPendingConnection", "codecatalyst:ListConnections", "codecatalyst:ListIamRolesForConnection", "codecatalyst:ListIdentityCenterApplications", "codecatalyst:ListIdentityCenterApplicationsForSpace", "codecatalyst:ListSpacesForIdentityCenterApplication", "codecatalyst:ListTagsForResource", "codecatalyst:PutBillingAuthorization", "codecatalyst:RejectConnection", "codecatalyst:SynchronizeIdentityCenterApplication", "codecatalyst:TagResource", "codecatalyst:UntagResource", "codecatalyst:UpdateIdentityCenterApplication", "codecommit:AssociateApprovalRuleTemplateWithRepository", "codecommit:BatchAssociateApprovalRuleTemplateWithRepositories", "codecommit:BatchDescribeMergeConflicts", "codecommit:BatchDisassociateApprovalRuleTemplateFromRepositories", "codecommit:BatchGetCommits", "codecommit:BatchGetPullRequests", "codecommit:BatchGetRepositories", "codecommit:CancelUploadArchive", "codecommit:CreateApprovalRuleTemplate", "codecommit:CreateBranch", "codecommit:CreateCommit", "codecommit:CreatePullRequest", "codecommit:CreatePullRequestApprovalRule", "codecommit:CreateRepository", "codecommit:CreateUnreferencedMergeCommit", "codecommit:DeleteApprovalRuleTemplate", "codecommit:DeleteBranch", "codecommit:DeleteCommentContent", "codecommit:DeleteFile", "codecommit:DeletePullRequestApprovalRule", "codecommit:DeleteRepository", "codecommit:DescribeMergeConflicts", "codecommit:DescribePullRequestEvents", "codecommit:DisassociateApprovalRuleTemplateFromRepository", "codecommit:EvaluatePullRequestApprovalRules", "codecommit:GetApprovalRuleTemplate", "codecommit:GetBlob", "codecommit:GetBranch", "codecommit:GetComment", "codecommit:GetCommentReactions", "codecommit:GetCommentsForComparedCommit", "codecommit:GetCommentsForPullRequest", "codecommit:GetCommit", "codecommit:GetCommitHistory", "codecommit:GetCommitsFromMergeBase", "codecommit:GetDifferences", "codecommit:GetFile", "codecommit:GetFolder", "codecommit:GetMergeCommit", "codecommit:GetMergeConflicts", "codecommit:GetMergeOptions", "codecommit:GetObjectIdentifier", "codecommit:GetPullRequest", "codecommit:GetPullRequestApprovalStates", "codecommit:GetPullRequestOverrideState", "codecommit:GetReferences", "codecommit:GetRepository", "codecommit:GetRepositoryTriggers", "codecommit:GetTree", "codecommit:GetUploadArchiveStatus", "codecommit:GitPull", "codecommit:GitPush", "codecommit:ListApprovalRuleTemplates", "codecommit:ListAssociatedApprovalRuleTemplatesForRepository", "codecommit:ListBranches", "codecommit:ListFileCommitHistory", "codecommit:ListPullRequests", "codecommit:ListRepositories", "codecommit:ListRepositoriesForApprovalRuleTemplate", "codecommit:ListTagsForResource", "codecommit:MergeBranchesByFastForward", "codecommit:MergeBranchesBySquash", "codecommit:MergeBranchesByThreeWay", "codecommit:MergePullRequestByFastForward", "codecommit:MergePullRequestBySquash", "codecommit:MergePullRequestByThreeWay", "codecommit:OverridePullRequestApprovalRules", "codecommit:PostCommentForComparedCommit", "codecommit:PostCommentForPullRequest", "codecommit:PostCommentReply", "codecommit:PutCommentReaction", "codecommit:PutFile", "codecommit:PutRepositoryTriggers", "codecommit:TagResource", "codecommit:TestRepositoryTriggers", "codecommit:UntagResource", "codecommit:UpdateApprovalRuleTemplateContent", "codecommit:UpdateApprovalRuleTemplateDescription", "codecommit:UpdateApprovalRuleTemplateName", "codecommit:UpdateComment", "codecommit:UpdateDefaultBranch", "codecommit:UpdatePullRequestApprovalRuleContent", "codecommit:UpdatePullRequestApprovalState", "codecommit:UpdatePullRequestDescription", "codecommit:UpdatePullRequestStatus", "codecommit:UpdatePullRequestTitle", "codecommit:UpdateRepositoryDescription", "codecommit:UpdateRepositoryEncryptionKey", "codecommit:UpdateRepositoryName", "codecommit:UploadArchive", "codeconnections:CreateConnection", "codeconnections:CreateHost", "codeconnections:CreateRepositoryLink", "codeconnections:CreateSyncConfiguration", "codeconnections:DeleteConnection", "codeconnections:DeleteHost", "codeconnections:DeleteRepositoryLink", "codeconnections:DeleteSyncConfiguration", "codeconnections:GetConnection", "codeconnections:GetHost", "codeconnections:GetIndividualAccessToken", "codeconnections:GetInstallationUrl", "codeconnections:GetRepositoryLink", "codeconnections:GetRepositorySyncStatus", "codeconnections:GetResourceSyncStatus", "codeconnections:GetSyncBlockerSummary", "codeconnections:GetSyncConfiguration", "codeconnections:ListConnections", "codeconnections:ListHosts", "codeconnections:ListInstallationTargets", "codeconnections:ListRepositoryLinks", "codeconnections:ListRepositorySyncDefinitions", "codeconnections:ListSyncConfigurations", "codeconnections:ListTagsForResource", "codeconnections:PassConnection", "codeconnections:PassRepository", "codeconnections:RegisterAppCode", "codeconnections:StartAppRegistrationHandshake", "codeconnections:StartOAuthHandshake", "codeconnections:TagResource", "codeconnections:UntagResource", "codeconnections:UpdateConnectionInstallation", "codeconnections:UpdateHost", "codeconnections:UpdateRepositoryLink", "codeconnections:UpdateSyncBlocker", "codeconnections:UpdateSyncConfiguration", "codeconnections:UseConnection", "codedeploy:AddTagsToOnPremisesInstances", "codedeploy:BatchGetApplicationRevisions", "codedeploy:BatchGetApplications", "codedeploy:BatchGetDeploymentGroups", "codedeploy:BatchGetDeploymentInstances", "codedeploy:BatchGetDeploymentTargets", "codedeploy:BatchGetDeployments", "codedeploy:BatchGetOnPremisesInstances", "codedeploy:ContinueDeployment", "codedeploy:CreateApplication", "codedeploy:CreateCloudFormationDeployment", "codedeploy:CreateDeployment", "codedeploy:CreateDeploymentConfig", "codedeploy:CreateDeploymentGroup", "codedeploy:DeleteApplication", "codedeploy:DeleteDeploymentConfig", "codedeploy:DeleteDeploymentGroup", "codedeploy:DeleteGitHubAccountToken", "codedeploy:DeleteResourcesByExternalId", "codedeploy:DeregisterOnPremisesInstance", "codedeploy:GetApplication", "codedeploy:GetApplicationRevision", "codedeploy:GetDeployment", "codedeploy:GetDeploymentConfig", "codedeploy:GetDeploymentGroup", "codedeploy:GetDeploymentInstance", "codedeploy:GetDeploymentTarget", "codedeploy:GetOnPremisesInstance", "codedeploy:ListApplicationRevisions", "codedeploy:ListApplications", "codedeploy:ListDeploymentConfigs", "codedeploy:ListDeploymentGroups", "codedeploy:ListDeploymentInstances", "codedeploy:ListDeploymentTargets", "codedeploy:ListDeployments", "codedeploy:ListGitHubAccountTokenNames", "codedeploy:ListOnPremisesInstances", "codedeploy:ListTagsForResource", "codedeploy:PutLifecycleEventHookExecutionStatus", "codedeploy:RegisterApplicationRevision", "codedeploy:RegisterOnPremisesInstance", "codedeploy:RemoveTagsFromOnPremisesInstances", "codedeploy:SkipWaitTimeForInstanceTermination", "codedeploy:StopDeployment", "codedeploy:TagResource", "codedeploy:UntagResource", "codedeploy:UpdateApplication", "codedeploy:UpdateDeploymentGroup", "codedeploy-commands-secure:GetDeploymentSpecification", "codedeploy-commands-secure:PollHostCommand", "codedeploy-commands-secure:PutHostCommandAcknowledgement", "codedeploy-commands-secure:PutHostCommandComplete", "codeguru:GetCodeGuruFreeTrialSummary", "codeguru-profiler:AddNotificationChannels", "codeguru-profiler:BatchGetFrameMetricData", "codeguru-profiler:ConfigureAgent", "codeguru-profiler:CreateProfilingGroup", "codeguru-profiler:DeleteProfilingGroup", "codeguru-profiler:DescribeProfilingGroup", "codeguru-profiler:GetFindingsReportAccountSummary", "codeguru-profiler:GetNotificationConfiguration", "codeguru-profiler:GetPolicy", "codeguru-profiler:GetProfile", "codeguru-profiler:GetRecommendations", "codeguru-profiler:ListFindingsReports", "codeguru-profiler:ListProfileTimes", "codeguru-profiler:ListProfilingGroups", "codeguru-profiler:ListTagsForResource", "codeguru-profiler:PostAgentProfile", "codeguru-profiler:PutPermission", "codeguru-profiler:RemoveNotificationChannel", "codeguru-profiler:RemovePermission", "codeguru-profiler:SubmitFeedback", "codeguru-profiler:TagResource", "codeguru-profiler:UntagResource", "codeguru-profiler:UpdateProfilingGroup", "codeguru-reviewer:AssociateRepository", "codeguru-reviewer:CreateCodeReview", "codeguru-reviewer:CreateConnectionToken", "codeguru-reviewer:DescribeCodeReview", "codeguru-reviewer:DescribeRecommendationFeedback", "codeguru-reviewer:DescribeRepositoryAssociation", "codeguru-reviewer:DisassociateRepository", "codeguru-reviewer:GetMetricsData", "codeguru-reviewer:ListCodeReviews", "codeguru-reviewer:ListRecommendationFeedback", "codeguru-reviewer:ListRecommendations", "codeguru-reviewer:ListRepositoryAssociations", "codeguru-reviewer:ListTagsForResource", "codeguru-reviewer:ListThirdPartyRepositories", "codeguru-reviewer:PutRecommendationFeedback", "codeguru-reviewer:TagResource", "codeguru-reviewer:UnTagResource", "codeguru-security:BatchGetFindings", "codeguru-security:CreateScan", "codeguru-security:CreateUploadUrl", "codeguru-security:DeleteScansByCategory", "codeguru-security:GetAccountConfiguration", "codeguru-security:GetFindings", "codeguru-security:GetMetricsSummary", "codeguru-security:GetScan", "codeguru-security:ListFindings", "codeguru-security:ListFindingsMetrics", "codeguru-security:ListScans", "codeguru-security:ListTagsForResource", "codeguru-security:TagResource", "codeguru-security:UntagResource", "codeguru-security:UpdateAccountConfiguration", "codepipeline:AcknowledgeJob", "codepipeline:AcknowledgeThirdPartyJob", "codepipeline:CreateCustomActionType", "codepipeline:CreatePipeline", "codepipeline:DeleteCustomActionType", "codepipeline:DeletePipeline", "codepipeline:DeleteWebhook", "codepipeline:DeregisterWebhookWithThirdParty", "codepipeline:DisableStageTransition", "codepipeline:EnableStageTransition", "codepipeline:GetActionType", "codepipeline:GetJobDetails", "codepipeline:GetPipeline", "codepipeline:GetPipelineExecution", "codepipeline:GetPipelineState", "codepipeline:GetThirdPartyJobDetails", "codepipeline:ListActionExecutions", "codepipeline:ListActionTypes", "codepipeline:ListPipelineExecutions", "codepipeline:ListPipelines", "codepipeline:ListTagsForResource", "codepipeline:ListWebhooks", "codepipeline:PollForJobs", "codepipeline:PollForThirdPartyJobs", "codepipeline:PutActionRevision", "codepipeline:PutApprovalResult", "codepipeline:PutJobFailureResult", "codepipeline:PutJobSuccessResult", "codepipeline:PutThirdPartyJobFailureResult", "codepipeline:PutThirdPartyJobSuccessResult", "codepipeline:PutWebhook", "codepipeline:RegisterWebhookWithThirdParty", "codepipeline:RetryStageExecution", "codepipeline:StartPipelineExecution", "codepipeline:StopPipelineExecution", "codepipeline:TagResource", "codepipeline:UntagResource", "codepipeline:UpdateActionType", "codepipeline:UpdatePipeline", "codestar:AssociateTeamMember", "codestar:CreateProject", "codestar:CreateUserProfile", "codestar:DeleteExtendedAccess", "codestar:DeleteProject", "codestar:DeleteUserProfile", "codestar:DescribeProject", "codestar:DescribeUserProfile", "codestar:DisassociateTeamMember", "codestar:GetExtendedAccess", "codestar:ListProjects", "codestar:ListResources", "codestar:ListTagsForProject", "codestar:ListTeamMembers", "codestar:ListUserProfiles", "codestar:PutExtendedAccess", "codestar:TagProject", "codestar:UntagProject", "codestar:UpdateProject", "codestar:UpdateTeamMember", "codestar:UpdateUserProfile", "codestar:VerifyServiceRole", "codestar-connections:CreateConnection", "codestar-connections:CreateHost", "codestar-connections:CreateRepositoryLink", "codestar-connections:CreateSyncConfiguration", "codestar-connections:DeleteConnection", "codestar-connections:DeleteHost", "codestar-connections:DeleteRepositoryLink", "codestar-connections:DeleteSyncConfiguration", "codestar-connections:GetConnection", "codestar-connections:GetHost", "codestar-connections:GetIndividualAccessToken", "codestar-connections:GetInstallationUrl", "codestar-connections:GetRepositoryLink", "codestar-connections:GetRepositorySyncStatus", "codestar-connections:GetResourceSyncStatus", "codestar-connections:GetSyncBlockerSummary", "codestar-connections:GetSyncConfiguration", "codestar-connections:ListConnections", "codestar-connections:ListHosts", "codestar-connections:ListInstallationTargets", "codestar-connections:ListRepositoryLinks", "codestar-connections:ListRepositorySyncDefinitions", "codestar-connections:ListSyncConfigurations", "codestar-connections:ListTagsForResource", "codestar-connections:PassConnection", "codestar-connections:PassRepository", "codestar-connections:RegisterAppCode", "codestar-connections:StartAppRegistrationHandshake", "codestar-connections:StartOAuthHandshake", "codestar-connections:TagResource", "codestar-connections:UntagResource", "codestar-connections:UpdateConnectionInstallation", "codestar-connections:UpdateHost", "codestar-connections:UpdateRepositoryLink", "codestar-connections:UpdateSyncBlocker", "codestar-connections:UpdateSyncConfiguration", "codestar-connections:UseConnection", "codestar-notifications:CreateNotificationRule", "codestar-notifications:DeleteNotificationRule", "codestar-notifications:DeleteTarget", "codestar-notifications:DescribeNotificationRule", "codestar-notifications:ListEventTypes", "codestar-notifications:ListNotificationRules", "codestar-notifications:ListTagsForResource", "codestar-notifications:ListTargets", "codestar-notifications:Subscribe", "codestar-notifications:TagResource", "codestar-notifications:Unsubscribe", "codestar-notifications:UntagResource", "codestar-notifications:UpdateNotificationRule", "codewhisperer:AllowVendedLogDeliveryForResource", "codewhisperer:AssociateCustomizationPermission", "codewhisperer:CreateCustomization", "codewhisperer:CreateProfile", "codewhisperer:DeleteCustomization", "codewhisperer:DeleteProfile", "codewhisperer:DisassociateCustomizationPermission", "codewhisperer:GenerateRecommendations", "codewhisperer:GetCustomization", "codewhisperer:ListCustomizationPermissions", "codewhisperer:ListCustomizationVersions", "codewhisperer:ListCustomizations", "codewhisperer:ListProfiles", "codewhisperer:ListTagsForResource", "codewhisperer:TagResource", "codewhisperer:UntagResource", "codewhisperer:UpdateCustomization", "codewhisperer:UpdateProfile", "cognito-identity:CreateIdentityPool", "cognito-identity:DeleteIdentities", "cognito-identity:DeleteIdentityPool", "cognito-identity:DescribeIdentity", "cognito-identity:DescribeIdentityPool", "cognito-identity:GetCredentialsForIdentity", "cognito-identity:GetId", "cognito-identity:GetIdentityPoolAnalytics", "cognito-identity:GetIdentityPoolDailyAnalytics", "cognito-identity:GetIdentityPoolRoles", "cognito-identity:GetIdentityProviderDailyAnalytics", "cognito-identity:GetOpenIdToken", "cognito-identity:GetOpenIdTokenForDeveloperIdentity", "cognito-identity:GetPrincipalTagAttributeMap", "cognito-identity:ListIdentities", "cognito-identity:ListIdentityPools", "cognito-identity:ListTagsForResource", "cognito-identity:LookupDeveloperIdentity", "cognito-identity:MergeDeveloperIdentities", "cognito-identity:SetIdentityPoolRoles", "cognito-identity:SetPrincipalTagAttributeMap", "cognito-identity:TagResource", "cognito-identity:UnlinkDeveloperIdentity", "cognito-identity:UnlinkIdentity", "cognito-identity:UntagResource", "cognito-identity:UpdateIdentityPool", "cognito-idp:AddCustomAttributes", "cognito-idp:AdminAddUserToGroup", "cognito-idp:AdminConfirmSignUp", "cognito-idp:AdminCreateUser", "cognito-idp:AdminDeleteUser", "cognito-idp:AdminDeleteUserAttributes", "cognito-idp:AdminDisableProviderForUser", "cognito-idp:AdminDisableUser", "cognito-idp:AdminEnableUser", "cognito-idp:AdminForgetDevice", "cognito-idp:AdminGetDevice", "cognito-idp:AdminGetUser", "cognito-idp:AdminInitiateAuth", "cognito-idp:AdminLinkProviderForUser", "cognito-idp:AdminListDevices", "cognito-idp:AdminListGroupsForUser", "cognito-idp:AdminListUserAuthEvents", "cognito-idp:AdminRemoveUserFromGroup", "cognito-idp:AdminResetUserPassword", "cognito-idp:AdminRespondToAuthChallenge", "cognito-idp:AdminSetUserMFAPreference", "cognito-idp:AdminSetUserPassword", "cognito-idp:AdminSetUserSettings", "cognito-idp:AdminUpdateAuthEventFeedback", "cognito-idp:AdminUpdateDeviceStatus", "cognito-idp:AdminUpdateUserAttributes", "cognito-idp:AdminUserGlobalSignOut", "cognito-idp:AssociateSoftwareToken", "cognito-idp:AssociateWebACL", "cognito-idp:ChangePassword", "cognito-idp:ConfirmDevice", "cognito-idp:ConfirmForgotPassword", "cognito-idp:ConfirmSignUp", "cognito-idp:CreateGroup", "cognito-idp:CreateIdentityProvider", "cognito-idp:CreateResourceServer", "cognito-idp:CreateUserImportJob", "cognito-idp:CreateUserPool", "cognito-idp:CreateUserPoolClient", "cognito-idp:CreateUserPoolDomain", "cognito-idp:DeleteGroup", "cognito-idp:DeleteIdentityProvider", "cognito-idp:DeleteResourceServer", "cognito-idp:DeleteUser", "cognito-idp:DeleteUserAttributes", "cognito-idp:DeleteUserPool", "cognito-idp:DeleteUserPoolClient", "cognito-idp:DeleteUserPoolDomain", "cognito-idp:DescribeIdentityProvider", "cognito-idp:DescribeResourceServer", "cognito-idp:DescribeRiskConfiguration", "cognito-idp:DescribeUserImportJob", "cognito-idp:DescribeUserPool", "cognito-idp:DescribeUserPoolClient", "cognito-idp:DescribeUserPoolDomain", "cognito-idp:DisassociateWebACL", "cognito-idp:ForgetDevice", "cognito-idp:ForgotPassword", "cognito-idp:GetCSVHeader", "cognito-idp:GetDevice", "cognito-idp:GetGroup", "cognito-idp:GetIdentityProviderByIdentifier", "cognito-idp:GetLogDeliveryConfiguration", "cognito-idp:GetSigningCertificate", "cognito-idp:GetUICustomization", "cognito-idp:GetUser", "cognito-idp:GetUserAttributeVerificationCode", "cognito-idp:GetUserPoolMfaConfig", "cognito-idp:GetWebACLForResource", "cognito-idp:GlobalSignOut", "cognito-idp:InitiateAuth", "cognito-idp:ListDevices", "cognito-idp:ListGroups", "cognito-idp:ListIdentityProviders", "cognito-idp:ListResourceServers", "cognito-idp:ListResourcesForWebACL", "cognito-idp:ListTagsForResource", "cognito-idp:ListUserImportJobs", "cognito-idp:ListUserPoolClients", "cognito-idp:ListUserPools", "cognito-idp:ListUsers", "cognito-idp:ListUsersInGroup", "cognito-idp:ResendConfirmationCode", "cognito-idp:RespondToAuthChallenge", "cognito-idp:RevokeToken", "cognito-idp:SetLogDeliveryConfiguration", "cognito-idp:SetRiskConfiguration", "cognito-idp:SetUICustomization", "cognito-idp:SetUserMFAPreference", "cognito-idp:SetUserPoolMfaConfig", "cognito-idp:SetUserSettings", "cognito-idp:SignUp", "cognito-idp:StartUserImportJob", "cognito-idp:StopUserImportJob", "cognito-idp:TagResource", "cognito-idp:UntagResource", "cognito-idp:UpdateAuthEventFeedback", "cognito-idp:UpdateDeviceStatus", "cognito-idp:UpdateGroup", "cognito-idp:UpdateIdentityProvider", "cognito-idp:UpdateResourceServer", "cognito-idp:UpdateUserAttributes", "cognito-idp:UpdateUserPool", "cognito-idp:UpdateUserPoolClient", "cognito-idp:UpdateUserPoolDomain", "cognito-idp:VerifySoftwareToken", "cognito-idp:VerifyUserAttribute", "cognito-sync:BulkPublish", "cognito-sync:DeleteDataset", "cognito-sync:DescribeDataset", "cognito-sync:DescribeIdentityPoolUsage", "cognito-sync:DescribeIdentityUsage", "cognito-sync:GetBulkPublishDetails", "cognito-sync:GetCognitoEvents", "cognito-sync:GetIdentityPoolConfiguration", "cognito-sync:ListDatasets", "cognito-sync:ListIdentityPoolUsage", "cognito-sync:ListRecords", "cognito-sync:QueryRecords", "cognito-sync:RegisterDevice", "cognito-sync:SetCognitoEvents", "cognito-sync:SetDatasetConfiguration", "cognito-sync:SetIdentityPoolConfiguration", "cognito-sync:SubscribeToDataset", "cognito-sync:UnsubscribeFromDataset", "cognito-sync:UpdateRecords", "comprehend:BatchDetectDominantLanguage", "comprehend:BatchDetectEntities", "comprehend:BatchDetectKeyPhrases", "comprehend:BatchDetectSentiment", "comprehend:BatchDetectSyntax", "comprehend:BatchDetectTargetedSentiment", "comprehend:ClassifyDocument", "comprehend:ContainsPiiEntities", "comprehend:CreateDataset", "comprehend:CreateDocumentClassifier", "comprehend:CreateEndpoint", "comprehend:CreateEntityRecognizer", "comprehend:CreateFlywheel", "comprehend:DeleteDocumentClassifier", "comprehend:DeleteEndpoint", "comprehend:DeleteEntityRecognizer", "comprehend:DeleteFlywheel", "comprehend:DeleteResourcePolicy", "comprehend:DescribeDataset", "comprehend:DescribeDocumentClassificationJob", "comprehend:DescribeDocumentClassifier", "comprehend:DescribeDominantLanguageDetectionJob", "comprehend:DescribeEndpoint", "comprehend:DescribeEntitiesDetectionJob", "comprehend:DescribeEntityRecognizer", "comprehend:DescribeEventsDetectionJob", "comprehend:DescribeFlywheel", "comprehend:DescribeFlywheelIteration", "comprehend:DescribeKeyPhrasesDetectionJob", "comprehend:DescribePiiEntitiesDetectionJob", "comprehend:DescribeResourcePolicy", "comprehend:DescribeSentimentDetectionJob", "comprehend:DescribeTargetedSentimentDetectionJob", "comprehend:DescribeTopicsDetectionJob", "comprehend:DetectDominantLanguage", "comprehend:DetectEntities", "comprehend:DetectKeyPhrases", "comprehend:DetectPiiEntities", "comprehend:DetectSentiment", "comprehend:DetectSyntax", "comprehend:DetectTargetedSentiment", "comprehend:DetectToxicContent", "comprehend:ImportModel", "comprehend:ListDatasets", "comprehend:ListDocumentClassificationJobs", "comprehend:ListDocumentClassifierSummaries", "comprehend:ListDocumentClassifiers", "comprehend:ListDominantLanguageDetectionJobs", "comprehend:ListEndpoints", "comprehend:ListEntitiesDetectionJobs", "comprehend:ListEntityRecognizerSummaries", "comprehend:ListEntityRecognizers", "comprehend:ListEventsDetectionJobs", "comprehend:ListFlywheelIterationHistory", "comprehend:ListFlywheels", "comprehend:ListKeyPhrasesDetectionJobs", "comprehend:ListPiiEntitiesDetectionJobs", "comprehend:ListSentimentDetectionJobs", "comprehend:ListTagsForResource", "comprehend:ListTargetedSentimentDetectionJobs", "comprehend:ListTopicsDetectionJobs", "comprehend:PutResourcePolicy", "comprehend:StartDocumentClassificationJob", "comprehend:StartDominantLanguageDetectionJob", "comprehend:StartEntitiesDetectionJob", "comprehend:StartEventsDetectionJob", "comprehend:StartFlywheelIteration", "comprehend:StartKeyPhrasesDetectionJob", "comprehend:StartPiiEntitiesDetectionJob", "comprehend:StartSentimentDetectionJob", "comprehend:StartTargetedSentimentDetectionJob", "comprehend:StartTopicsDetectionJob", "comprehend:StopDominantLanguageDetectionJob", "comprehend:StopEntitiesDetectionJob", "comprehend:StopEventsDetectionJob", "comprehend:StopKeyPhrasesDetectionJob", "comprehend:StopPiiEntitiesDetectionJob", "comprehend:StopSentimentDetectionJob", "comprehend:StopTargetedSentimentDetectionJob", "comprehend:StopTrainingDocumentClassifier", "comprehend:StopTrainingEntityRecognizer", "comprehend:TagResource", "comprehend:UntagResource", "comprehend:UpdateEndpoint", "comprehend:UpdateFlywheel", "comprehendmedical:DescribeEntitiesDetectionV2Job", "comprehendmedical:DescribeICD10CMInferenceJob", "comprehendmedical:DescribePHIDetectionJob", "comprehendmedical:DescribeRxNormInferenceJob", "comprehendmedical:DescribeSNOMEDCTInferenceJob", "comprehendmedical:DetectEntitiesV2", "comprehendmedical:DetectPHI", "comprehendmedical:InferICD10CM", "comprehendmedical:InferRxNorm", "comprehendmedical:InferSNOMEDCT", "comprehendmedical:ListEntitiesDetectionV2Jobs", "comprehendmedical:ListICD10CMInferenceJobs", "comprehendmedical:ListPHIDetectionJobs", "comprehendmedical:ListRxNormInferenceJobs", "comprehendmedical:ListSNOMEDCTInferenceJobs", "comprehendmedical:StartEntitiesDetectionV2Job", "comprehendmedical:StartICD10CMInferenceJob", "comprehendmedical:StartPHIDetectionJob", "comprehendmedical:StartRxNormInferenceJob", "comprehendmedical:StartSNOMEDCTInferenceJob", "comprehendmedical:StopEntitiesDetectionV2Job", "comprehendmedical:StopICD10CMInferenceJob", "comprehendmedical:StopPHIDetectionJob", "comprehendmedical:StopRxNormInferenceJob", "comprehendmedical:StopSNOMEDCTInferenceJob", "compute-optimizer:DeleteRecommendationPreferences", "compute-optimizer:DescribeRecommendationExportJobs", "compute-optimizer:ExportAutoScalingGroupRecommendations", "compute-optimizer:ExportEBSVolumeRecommendations", "compute-optimizer:ExportEC2InstanceRecommendations", "compute-optimizer:ExportECSServiceRecommendations", "compute-optimizer:ExportLambdaFunctionRecommendations", "compute-optimizer:ExportLicenseRecommendations", "compute-optimizer:GetAutoScalingGroupRecommendations", "compute-optimizer:GetEBSVolumeRecommendations", "compute-optimizer:GetEC2InstanceRecommendations", "compute-optimizer:GetEC2RecommendationProjectedMetrics", "compute-optimizer:GetECSServiceRecommendationProjectedMetrics", "compute-optimizer:GetECSServiceRecommendations", "compute-optimizer:GetEffectiveRecommendationPreferences", "compute-optimizer:GetEnrollmentStatus", "compute-optimizer:GetEnrollmentStatusesForOrganization", "compute-optimizer:GetLambdaFunctionRecommendations", "compute-optimizer:GetLicenseRecommendations", "compute-optimizer:GetRecommendationPreferences", "compute-optimizer:GetRecommendationSummaries", "compute-optimizer:PutRecommendationPreferences", "compute-optimizer:UpdateEnrollmentStatus", "config:BatchGetAggregateResourceConfig", "config:BatchGetResourceConfig", "config:DeleteAggregationAuthorization", "config:DeleteConfigRule", "config:DeleteConfigurationAggregator", "config:DeleteConfigurationRecorder", "config:DeleteConformancePack", "config:DeleteDeliveryChannel", "config:DeleteEvaluationResults", "config:DeleteOrganizationConfigRule", "config:DeleteOrganizationConformancePack", "config:DeletePendingAggregationRequest", "config:DeleteRemediationConfiguration", "config:DeleteRemediationExceptions", "config:DeleteResourceConfig", "config:DeleteRetentionConfiguration", "config:DeleteStoredQuery", "config:DeliverConfigSnapshot", "config:DescribeAggregateComplianceByConfigRules", "config:DescribeAggregateComplianceByConformancePacks", "config:DescribeAggregationAuthorizations", "config:DescribeComplianceByConfigRule", "config:DescribeComplianceByResource", "config:DescribeConfigRuleEvaluationStatus", "config:DescribeConfigRules", "config:DescribeConfigurationAggregatorSourcesStatus", "config:DescribeConfigurationAggregators", "config:DescribeConfigurationRecorderStatus", "config:DescribeConfigurationRecorders", "config:DescribeConformancePackCompliance", "config:DescribeConformancePackStatus", "config:DescribeConformancePacks", "config:DescribeDeliveryChannelStatus", "config:DescribeDeliveryChannels", "config:DescribeOrganizationConfigRuleStatuses", "config:DescribeOrganizationConfigRules", "config:DescribeOrganizationConformancePackStatuses", "config:DescribeOrganizationConformancePacks", "config:DescribePendingAggregationRequests", "config:DescribeRemediationConfigurations", "config:DescribeRemediationExceptions", "config:DescribeRemediationExecutionStatus", "config:DescribeRetentionConfigurations", "config:GetAggregateComplianceDetailsByConfigRule", "config:GetAggregateConfigRuleComplianceSummary", "config:GetAggregateConformancePackComplianceSummary", "config:GetAggregateDiscoveredResourceCounts", "config:GetAggregateResourceConfig", "config:GetComplianceDetailsByConfigRule", "config:GetComplianceDetailsByResource", "config:GetComplianceSummaryByConfigRule", "config:GetComplianceSummaryByResourceType", "config:GetConformancePackComplianceDetails", "config:GetConformancePackComplianceSummary", "config:GetCustomRulePolicy", "config:GetDiscoveredResourceCounts", "config:GetOrganizationConfigRuleDetailedStatus", "config:GetOrganizationConformancePackDetailedStatus", "config:GetOrganizationCustomRulePolicy", "config:GetResourceConfigHistory", "config:GetResourceEvaluationSummary", "config:GetStoredQuery", "config:ListAggregateDiscoveredResources", "config:ListConformancePackComplianceScores", "config:ListDiscoveredResources", "config:ListResourceEvaluations", "config:ListStoredQueries", "config:ListTagsForResource", "config:PutAggregationAuthorization", "config:PutConfigRule", "config:PutConfigurationAggregator", "config:PutConfigurationRecorder", "config:PutConformancePack", "config:PutDeliveryChannel", "config:PutEvaluations", "config:PutExternalEvaluation", "config:PutOrganizationConfigRule", "config:PutOrganizationConformancePack", "config:PutRemediationConfigurations", "config:PutRemediationExceptions", "config:PutResourceConfig", "config:PutRetentionConfiguration", "config:PutStoredQuery", "config:SelectAggregateResourceConfig", "config:SelectResourceConfig", "config:StartConfigRulesEvaluation", "config:StartConfigurationRecorder", "config:StartRemediationExecution", "config:StartResourceEvaluation", "config:StopConfigurationRecorder", "config:TagResource", "config:UntagResource", "connect:ActivateEvaluationForm", "connect:AssociateAnalyticsDataSet", "connect:AssociateApprovedOrigin", "connect:AssociateBot", "connect:AssociateCustomerProfilesDomain", "connect:AssociateDefaultVocabulary", "connect:AssociateFlow", "connect:AssociateInstanceStorageConfig", "connect:AssociateLambdaFunction", "connect:AssociateLexBot", "connect:AssociatePhoneNumberContactFlow", "connect:AssociateQueueQuickConnects", "connect:AssociateRoutingProfileQueues", "connect:AssociateSecurityKey", "connect:AssociateTrafficDistributionGroupUser", "connect:AssociateUserProficiencies", "connect:BatchAssociateAnalyticsDataSet", "connect:BatchDisassociateAnalyticsDataSet", "connect:BatchGetFlowAssociation", "connect:BatchPutContact", "connect:ClaimPhoneNumber", "connect:CreateAgentStatus", "connect:CreateContactFlow", "connect:CreateContactFlowModule", "connect:CreateEvaluationForm", "connect:CreateHoursOfOperation", "connect:CreateInstance", "connect:CreateIntegrationAssociation", "connect:CreateParticipant", "connect:CreatePersistentContactAssociation", "connect:CreatePredefinedAttribute", "connect:CreatePrompt", "connect:CreateQueue", "connect:CreateQuickConnect", "connect:CreateRoutingProfile", "connect:CreateRule", "connect:CreateSecurityProfile", "connect:CreateTaskTemplate", "connect:CreateTrafficDistributionGroup", "connect:CreateUseCase", "connect:CreateUser", "connect:CreateUserHierarchyGroup", "connect:CreateView", "connect:CreateViewVersion", "connect:CreateVocabulary", "connect:DeactivateEvaluationForm", "connect:DeleteContactEvaluation", "connect:DeleteContactFlow", "connect:DeleteContactFlowModule", "connect:DeleteEvaluationForm", "connect:DeleteHoursOfOperation", "connect:DeleteInstance", "connect:DeleteIntegrationAssociation", "connect:DeletePredefinedAttribute", "connect:DeletePrompt", "connect:DeleteQueue", "connect:DeleteQuickConnect", "connect:DeleteRoutingProfile", "connect:DeleteRule", "connect:DeleteSecurityProfile", "connect:DeleteTaskTemplate", "connect:DeleteTrafficDistributionGroup", "connect:DeleteUseCase", "connect:DeleteUser", "connect:DeleteUserHierarchyGroup", "connect:DeleteView", "connect:DeleteViewVersion", "connect:DeleteVocabulary", "connect:DescribeAgentStatus", "connect:DescribeContact", "connect:DescribeContactEvaluation", "connect:DescribeContactFlow", "connect:DescribeContactFlowModule", "connect:DescribeEvaluationForm", "connect:DescribeForecastingPlanningSchedulingIntegration", "connect:DescribeHoursOfOperation", "connect:DescribeInstance", "connect:DescribeInstanceAttribute", "connect:DescribeInstanceStorageConfig", "connect:DescribePhoneNumber", "connect:DescribePredefinedAttribute", "connect:DescribePrompt", "connect:DescribeQueue", "connect:DescribeQuickConnect", "connect:DescribeRoutingProfile", "connect:DescribeRule", "connect:DescribeSecurityProfile", "connect:DescribeTrafficDistributionGroup", "connect:DescribeUser", "connect:DescribeUserHierarchyGroup", "connect:DescribeUserHierarchyStructure", "connect:DescribeView", "connect:DescribeVocabulary", "connect:DisassociateAnalyticsDataSet", "connect:DisassociateApprovedOrigin", "connect:DisassociateBot", "connect:DisassociateCustomerProfilesDomain", "connect:DisassociateFlow", "connect:DisassociateInstanceStorageConfig", "connect:DisassociateLambdaFunction", "connect:DisassociateLexBot", "connect:DisassociatePhoneNumberContactFlow", "connect:DisassociateQueueQuickConnects", "connect:DisassociateRoutingProfileQueues", "connect:DisassociateSecurityKey", "connect:DisassociateTrafficDistributionGroupUser", "connect:DisassociateUserProficiencies", "connect:DismissUserContact", "connect:GetContactAttributes", "connect:GetCurrentMetricData", "connect:GetCurrentUserData", "connect:GetFederationToken", "connect:GetFederationTokens", "connect:GetFlowAssociation", "connect:GetMetricData", "connect:GetMetricDataV2", "connect:GetPromptFile", "connect:GetTaskTemplate", "connect:GetTrafficDistribution", "connect:ImportPhoneNumber", "connect:ListAgentStatuses", "connect:ListAnalyticsDataAssociations", "connect:ListApprovedOrigins", "connect:ListBots", "connect:ListContactEvaluations", "connect:ListContactFlowModules", "connect:ListContactFlows", "connect:ListContactReferences", "connect:ListDefaultVocabularies", "connect:ListEvaluationFormVersions", "connect:ListEvaluationForms", "connect:ListFlowAssociations", "connect:ListHoursOfOperations", "connect:ListInstanceAttributes", "connect:ListInstanceStorageConfigs", "connect:ListInstances", "connect:ListIntegrationAssociations", "connect:ListLambdaFunctions", "connect:ListLexBots", "connect:ListPhoneNumbers", "connect:ListPhoneNumbersV2", "connect:ListPredefinedAttributes", "connect:ListPrompts", "connect:ListQueueQuickConnects", "connect:ListQueues", "connect:ListQuickConnects", "connect:ListRealtimeContactAnalysisSegments", "connect:ListRealtimeContactAnalysisSegmentsV2", "connect:ListRoutingProfileQueues", "connect:ListRoutingProfiles", "connect:ListRules", "connect:ListSecurityKeys", "connect:ListSecurityProfileApplications", "connect:ListSecurityProfilePermissions", "connect:ListSecurityProfiles", "connect:ListTagsForResource", "connect:ListTaskTemplates", "connect:ListTrafficDistributionGroupUsers", "connect:ListTrafficDistributionGroups", "connect:ListUseCases", "connect:ListUserHierarchyGroups", "connect:ListUserProficiencies", "connect:ListUsers", "connect:ListViewVersions", "connect:ListViews", "connect:MonitorContact", "connect:PauseContact", "connect:PutUserStatus", "connect:ReleasePhoneNumber", "connect:ReplicateInstance", "connect:ResumeContact", "connect:ResumeContactRecording", "connect:SearchAvailablePhoneNumbers", "connect:SearchContacts", "connect:SearchHoursOfOperations", "connect:SearchPredefinedAttributes", "connect:SearchPrompts", "connect:SearchQueues", "connect:SearchQuickConnects", "connect:SearchResourceTags", "connect:SearchRoutingProfiles", "connect:SearchSecurityProfiles", "connect:SearchUsers", "connect:SearchVocabularies", "connect:SendChatIntegrationEvent", "connect:StartChatContact", "connect:StartContactEvaluation", "connect:StartContactRecording", "connect:StartContactStreaming", "connect:StartForecastingPlanningSchedulingIntegration", "connect:StartOutboundVoiceContact", "connect:StartTaskContact", "connect:StartWebRTCContact", "connect:StopContact", "connect:StopContactRecording", "connect:StopContactStreaming", "connect:StopForecastingPlanningSchedulingIntegration", "connect:SubmitContactEvaluation", "connect:SuspendContactRecording", "connect:TagContact", "connect:TagResource", "connect:TransferContact", "connect:UntagContact", "connect:UntagResource", "connect:UpdateAgentStatus", "connect:UpdateContact", "connect:UpdateContactAttributes", "connect:UpdateContactEvaluation", "connect:UpdateContactFlowContent", "connect:UpdateContactFlowMetadata", "connect:UpdateContactFlowModuleContent", "connect:UpdateContactFlowModuleMetadata", "connect:UpdateContactFlowName", "connect:UpdateContactRoutingData", "connect:UpdateContactSchedule", "connect:UpdateEvaluationForm", "connect:UpdateHoursOfOperation", "connect:UpdateInstanceAttribute", "connect:UpdateInstanceStorageConfig", "connect:UpdateParticipantRoleConfig", "connect:UpdatePhoneNumber", "connect:UpdatePhoneNumberMetadata", "connect:UpdatePredefinedAttribute", "connect:UpdatePrompt", "connect:UpdateQueueHoursOfOperation", "connect:UpdateQueueMaxContacts", "connect:UpdateQueueName", "connect:UpdateQueueOutboundCallerConfig", "connect:UpdateQueueStatus", "connect:UpdateQuickConnectConfig", "connect:UpdateQuickConnectName", "connect:UpdateRoutingProfileAgentAvailabilityTimer", "connect:UpdateRoutingProfileConcurrency", "connect:UpdateRoutingProfileDefaultOutboundQueue", "connect:UpdateRoutingProfileName", "connect:UpdateRoutingProfileQueues", "connect:UpdateRule", "connect:UpdateSecurityProfile", "connect:UpdateTaskTemplate", "connect:UpdateTrafficDistribution", "connect:UpdateUserHierarchy", "connect:UpdateUserHierarchyGroupName", "connect:UpdateUserHierarchyStructure", "connect:UpdateUserIdentityInfo", "connect:UpdateUserPhoneConfig", "connect:UpdateUserProficiencies", "connect:UpdateUserRoutingProfile", "connect:UpdateUserSecurityProfiles", "connect:UpdateViewContent", "connect:UpdateViewMetadata", "connect-campaigns:CreateCampaign", "connect-campaigns:DeleteCampaign", "connect-campaigns:DeleteConnectInstanceConfig", "connect-campaigns:DeleteInstanceOnboardingJob", "connect-campaigns:DescribeCampaign", "connect-campaigns:GetCampaignState", "connect-campaigns:GetCampaignStateBatch", "connect-campaigns:GetConnectInstanceConfig", "connect-campaigns:GetInstanceOnboardingJobStatus", "connect-campaigns:ListCampaigns", "connect-campaigns:ListTagsForResource", "connect-campaigns:PauseCampaign", "connect-campaigns:PutDialRequestBatch", "connect-campaigns:ResumeCampaign", "connect-campaigns:StartCampaign", "connect-campaigns:StartInstanceOnboardingJob", "connect-campaigns:StopCampaign", "connect-campaigns:TagResource", "connect-campaigns:UntagResource", "connect-campaigns:UpdateCampaignDialerConfig", "connect-campaigns:UpdateCampaignName", "connect-campaigns:UpdateCampaignOutboundCallConfig", "consoleapp:GetDeviceIdentity", "consoleapp:ListDeviceIdentities", "consolidatedbilling:GetAccountBillingRole", "consolidatedbilling:ListLinkedAccounts", "controlcatalog:ListCommonControls", "controlcatalog:ListDomains", "controlcatalog:ListObjectives", "controltower:CreateLandingZone", "controltower:CreateManagedAccount", "controltower:DeleteLandingZone", "controltower:DeregisterManagedAccount", "controltower:DeregisterOrganizationalUnit", "controltower:DescribeAccountFactoryConfig", "controltower:DescribeCoreService", "controltower:DescribeGuardrail", "controltower:DescribeGuardrailForTarget", "controltower:DescribeLandingZoneConfiguration", "controltower:DescribeManagedAccount", "controltower:DescribeManagedOrganizationalUnit", "controltower:DescribeRegisterOrganizationalUnitOperation", "controltower:DescribeSingleSignOn", "controltower:DisableBaseline", "controltower:DisableControl", "controltower:DisableGuardrail", "controltower:EnableBaseline", "controltower:EnableControl", "controltower:EnableGuardrail", "controltower:GetAccountInfo", "controltower:GetAvailableUpdates", "controltower:GetBaseline", "controltower:GetBaselineOperation", "controltower:GetControlOperation", "controltower:GetEnabledBaseline", "controltower:GetEnabledControl", "controltower:GetGuardrailComplianceStatus", "controltower:GetHomeRegion", "controltower:GetLandingZone", "controltower:GetLandingZoneDriftStatus", "controltower:GetLandingZoneOperation", "controltower:GetLandingZoneStatus", "controltower:ListBaselines", "controltower:ListDirectoryGroups", "controltower:ListDriftDetails", "controltower:ListEnabledBaselines", "controltower:ListEnabledControls", "controltower:ListEnabledGuardrails", "controltower:ListExtendGovernancePrecheckDetails", "controltower:ListExternalConfigRuleCompliance", "controltower:ListGuardrailViolations", "controltower:ListGuardrails", "controltower:ListGuardrailsForTarget", "controltower:ListLandingZones", "controltower:ListManagedAccounts", "controltower:ListManagedAccountsForGuardrail", "controltower:ListManagedAccountsForParent", "controltower:ListManagedOrganizationalUnits", "controltower:ListManagedOrganizationalUnitsForGuardrail", "controltower:ListTagsForResource", "controltower:ManageOrganizationalUnit", "controltower:PerformPreLaunchChecks", "controltower:ResetEnabledBaseline", "controltower:ResetLandingZone", "controltower:SetupLandingZone", "controltower:TagResource", "controltower:UntagResource", "controltower:UpdateAccountFactoryConfig", "controltower:UpdateEnabledBaseline", "controltower:UpdateEnabledControl", "controltower:UpdateLandingZone", "cost-optimization-hub:GetPreferences", "cost-optimization-hub:GetRecommendation", "cost-optimization-hub:ListEnrollmentStatuses", "cost-optimization-hub:ListRecommendationSummaries", "cost-optimization-hub:ListRecommendations", "cost-optimization-hub:UpdateEnrollmentStatus", "cost-optimization-hub:UpdatePreferences", "cur:DeleteReportDefinition", "cur:DescribeReportDefinitions", "cur:GetClassicReport", "cur:GetClassicReportPreferences", "cur:GetUsageReport", "cur:ListTagsForResource", "cur:ModifyReportDefinition", "cur:PutClassicReportPreferences", "cur:PutReportDefinition", "cur:TagResource", "cur:UntagResource", "cur:ValidateReportDestination", "customer-verification:CreateCustomerVerificationDetails", "customer-verification:GetCustomerVerificationDetails", "customer-verification:GetCustomerVerificationEligibility", "customer-verification:UpdateCustomerVerificationDetails", "databrew:BatchDeleteRecipeVersion", "databrew:CreateDataset", "databrew:CreateProfileJob", "databrew:CreateProject", "databrew:CreateRecipe", "databrew:CreateRecipeJob", "databrew:CreateRuleset", "databrew:CreateSchedule", "databrew:DeleteDataset", "databrew:DeleteJob", "databrew:DeleteProject", "databrew:DeleteRecipeVersion", "databrew:DeleteRuleset", "databrew:DeleteSchedule", "databrew:DescribeDataset", "databrew:DescribeJob", "databrew:DescribeJobRun", "databrew:DescribeProject", "databrew:DescribeRecipe", "databrew:DescribeRuleset", "databrew:DescribeSchedule", "databrew:ListDatasets", "databrew:ListJobRuns", "databrew:ListJobs", "databrew:ListProjects", "databrew:ListRecipeVersions", "databrew:ListRecipes", "databrew:ListRulesets", "databrew:ListSchedules", "databrew:ListTagsForResource", "databrew:PublishRecipe", "databrew:SendProjectSessionAction", "databrew:StartJobRun", "databrew:StartProjectSession", "databrew:StopJobRun", "databrew:TagResource", "databrew:UntagResource", "databrew:UpdateDataset", "databrew:UpdateProfileJob", "databrew:UpdateProject", "databrew:UpdateRecipe", "databrew:UpdateRecipeJob", "databrew:UpdateRuleset", "databrew:UpdateSchedule", "dataexchange:CancelJob", "dataexchange:CreateAsset", "dataexchange:CreateDataSet", "dataexchange:CreateEventAction", "dataexchange:CreateJob", "dataexchange:CreateRevision", "dataexchange:DeleteAsset", "dataexchange:DeleteDataSet", "dataexchange:DeleteEventAction", "dataexchange:DeleteRevision", "dataexchange:GetAsset", "dataexchange:GetDataSet", "dataexchange:GetEventAction", "dataexchange:GetJob", "dataexchange:GetRevision", "dataexchange:ListDataSetRevisions", "dataexchange:ListDataSets", "dataexchange:ListEventActions", "dataexchange:ListJobs", "dataexchange:ListRevisionAssets", "dataexchange:ListTagsForResource", "dataexchange:PublishDataSet", "dataexchange:RevokeRevision", "dataexchange:SendApiAsset", "dataexchange:SendDataSetNotification", "dataexchange:StartJob", "dataexchange:TagResource", "dataexchange:UntagResource", "dataexchange:UpdateAsset", "dataexchange:UpdateDataSet", "dataexchange:UpdateEventAction", "dataexchange:UpdateRevision", "datapipeline:ActivatePipeline", "datapipeline:AddTags", "datapipeline:CreatePipeline", "datapipeline:DeactivatePipeline", "datapipeline:DeletePipeline", "datapipeline:DescribeObjects", "datapipeline:DescribePipelines", "datapipeline:EvaluateExpression", "datapipeline:GetAccountLimits", "datapipeline:GetPipelineDefinition", "datapipeline:ListPipelines", "datapipeline:PollForTask", "datapipeline:PutAccountLimits", "datapipeline:PutPipelineDefinition", "datapipeline:QueryObjects", "datapipeline:RemoveTags", "datapipeline:ReportTaskProgress", "datapipeline:ReportTaskRunnerHeartbeat", "datapipeline:SetStatus", "datapipeline:SetTaskStatus", "datapipeline:ValidatePipelineDefinition", "datasync:AddStorageSystem", "datasync:CancelTaskExecution", "datasync:CreateAgent", "datasync:CreateLocationAzureBlob", "datasync:CreateLocationEfs", "datasync:CreateLocationFsxLustre", "datasync:CreateLocationFsxOntap", "datasync:CreateLocationFsxOpenZfs", "datasync:CreateLocationFsxWindows", "datasync:CreateLocationHdfs", "datasync:CreateLocationNfs", "datasync:CreateLocationObjectStorage", "datasync:CreateLocationS3", "datasync:CreateLocationSmb", "datasync:CreateTask", "datasync:DeleteAgent", "datasync:DeleteLocation", "datasync:DeleteTask", "datasync:DescribeAgent", "datasync:DescribeDiscoveryJob", "datasync:DescribeLocationAzureBlob", "datasync:DescribeLocationEfs", "datasync:DescribeLocationFsxLustre", "datasync:DescribeLocationFsxOntap", "datasync:DescribeLocationFsxOpenZfs", "datasync:DescribeLocationFsxWindows", "datasync:DescribeLocationHdfs", "datasync:DescribeLocationNfs", "datasync:DescribeLocationObjectStorage", "datasync:DescribeLocationS3", "datasync:DescribeLocationSmb", "datasync:DescribeStorageSystem", "datasync:DescribeStorageSystemResourceMetrics", "datasync:DescribeStorageSystemResources", "datasync:DescribeTask", "datasync:DescribeTaskExecution", "datasync:GenerateRecommendations", "datasync:ListAgents", "datasync:ListDiscoveryJobs", "datasync:ListLocations", "datasync:ListStorageSystems", "datasync:ListTagsForResource", "datasync:ListTaskExecutions", "datasync:ListTasks", "datasync:RemoveStorageSystem", "datasync:StartDiscoveryJob", "datasync:StartTaskExecution", "datasync:StopDiscoveryJob", "datasync:TagResource", "datasync:UntagResource", "datasync:UpdateAgent", "datasync:UpdateDiscoveryJob", "datasync:UpdateLocationAzureBlob", "datasync:UpdateLocationHdfs", "datasync:UpdateLocationNfs", "datasync:UpdateLocationObjectStorage", "datasync:UpdateLocationSmb", "datasync:UpdateStorageSystem", "datasync:UpdateTask", "datasync:UpdateTaskExecution", "datazone:AcceptPredictions", "datazone:AcceptSubscriptionRequest", "datazone:AddPolicyGrant", "datazone:CancelMetadataGenerationRun", "datazone:CancelSubscription", "datazone:CreateAsset", "datazone:CreateAssetRevision", "datazone:CreateAssetType", "datazone:CreateDataSource", "datazone:CreateDomain", "datazone:CreateEnvironment", "datazone:CreateEnvironmentBlueprint", "datazone:CreateEnvironmentProfile", "datazone:CreateFormType", "datazone:CreateGlossary", "datazone:CreateGlossaryTerm", "datazone:CreateGroupProfile", "datazone:CreateListingChangeSet", "datazone:CreateProject", "datazone:CreateProjectMembership", "datazone:CreateSubscriptionGrant", "datazone:CreateSubscriptionRequest", "datazone:CreateSubscriptionTarget", "datazone:CreateUserProfile", "datazone:DeleteAsset", "datazone:DeleteAssetType", "datazone:DeleteDataSource", "datazone:DeleteDomain", "datazone:DeleteDomainSharingPolicy", "datazone:DeleteEnvironment", "datazone:DeleteEnvironmentBlueprint", "datazone:DeleteEnvironmentBlueprintConfiguration", "datazone:DeleteEnvironmentProfile", "datazone:DeleteFormType", "datazone:DeleteGlossary", "datazone:DeleteGlossaryTerm", "datazone:DeleteListing", "datazone:DeleteProject", "datazone:DeleteProjectMembership", "datazone:DeleteSubscriptionGrant", "datazone:DeleteSubscriptionRequest", "datazone:DeleteSubscriptionTarget", "datazone:DeleteTimeSeriesDataPoints", "datazone:GetAsset", "datazone:GetAssetType", "datazone:GetDataSource", "datazone:GetDataSourceRun", "datazone:GetDomain", "datazone:GetDomainSharingPolicy", "datazone:GetEnvironment", "datazone:GetEnvironmentActionLink", "datazone:GetEnvironmentBlueprint", "datazone:GetEnvironmentBlueprintConfiguration", "datazone:GetEnvironmentCredentials", "datazone:GetEnvironmentProfile", "datazone:GetFormType", "datazone:GetGlossary", "datazone:GetGlossaryTerm", "datazone:GetGroupProfile", "datazone:GetIamPortalLoginUrl", "datazone:GetListing", "datazone:GetMetadataGenerationRun", "datazone:GetProject", "datazone:GetSubscription", "datazone:GetSubscriptionEligibility", "datazone:GetSubscriptionGrant", "datazone:GetSubscriptionRequestDetails", "datazone:GetSubscriptionTarget", "datazone:GetTimeSeriesDataPoint", "datazone:GetUserProfile", "datazone:ListAccountEnvironments", "datazone:ListAssetRevisions", "datazone:ListDataSourceRunActivities", "datazone:ListDataSourceRuns", "datazone:ListDataSources", "datazone:ListDomains", "datazone:ListEnvironmentBlueprintConfigurationSummaries", "datazone:ListEnvironmentBlueprintConfigurations", "datazone:ListEnvironmentBlueprints", "datazone:ListEnvironmentProfiles", "datazone:ListEnvironments", "datazone:ListGroupsForUser", "datazone:ListMetadataGenerationRuns", "datazone:ListNotifications", "datazone:ListPolicyGrants", "datazone:ListProjectMemberships", "datazone:ListProjects", "datazone:ListSubscriptionGrants", "datazone:ListSubscriptionRequests", "datazone:ListSubscriptionTargets", "datazone:ListSubscriptions", "datazone:ListTagsForResource", "datazone:ListTimeSeriesDataPoints", "datazone:ListWarehouseMetadata", "datazone:PostTimeSeriesDataPoints", "datazone:ProvisionDomain", "datazone:PutDomainSharingPolicy", "datazone:PutEnvironmentBlueprintConfiguration", "datazone:RefreshToken", "datazone:RejectPredictions", "datazone:RejectSubscriptionRequest", "datazone:RemovePolicyGrant", "datazone:RevokeSubscription", "datazone:Search", "datazone:SearchGroupProfiles", "datazone:SearchListings", "datazone:SearchTypes", "datazone:SearchUserProfiles", "datazone:SsoLogin", "datazone:SsoLogout", "datazone:StartDataSourceRun", "datazone:StartMetadataGenerationRun", "datazone:StopMetadataGenerationRun", "datazone:TagResource", "datazone:UntagResource", "datazone:UpdateDataSource", "datazone:UpdateDataSourceRunActivities", "datazone:UpdateDomain", "datazone:UpdateEnvironment", "datazone:UpdateEnvironmentBlueprint", "datazone:UpdateEnvironmentConfiguration", "datazone:UpdateEnvironmentDeploymentStatus", "datazone:UpdateEnvironmentProfile", "datazone:UpdateGlossary", "datazone:UpdateGlossaryTerm", "datazone:UpdateGroupProfile", "datazone:UpdateProject", "datazone:UpdateSubscriptionGrantStatus", "datazone:UpdateSubscriptionRequest", "datazone:UpdateSubscriptionTarget", "datazone:UpdateUserProfile", "datazone:ValidatePassRole", "dax:BatchGetItem", "dax:BatchWriteItem", "dax:ConditionCheckItem", "dax:CreateCluster", "dax:CreateParameterGroup", "dax:CreateSubnetGroup", "dax:DecreaseReplicationFactor", "dax:DeleteCluster", "dax:DeleteItem", "dax:DeleteParameterGroup", "dax:DeleteSubnetGroup", "dax:DescribeClusters", "dax:DescribeDefaultParameters", "dax:DescribeEvents", "dax:DescribeParameterGroups", "dax:DescribeParameters", "dax:DescribeSubnetGroups", "dax:GetItem", "dax:IncreaseReplicationFactor", "dax:ListTags", "dax:PutItem", "dax:Query", "dax:RebootNode", "dax:Scan", "dax:TagResource", "dax:UntagResource", "dax:UpdateCluster", "dax:UpdateItem", "dax:UpdateParameterGroup", "dax:UpdateSubnetGroup", "dbqms:CreateFavoriteQuery", "dbqms:CreateQueryHistory", "dbqms:CreateTab", "dbqms:DeleteFavoriteQueries", "dbqms:DeleteQueryHistory", "dbqms:DeleteTab", "dbqms:DescribeFavoriteQueries", "dbqms:DescribeQueryHistory", "dbqms:DescribeTabs", "dbqms:GetQueryString", "dbqms:UpdateFavoriteQuery", "dbqms:UpdateQueryHistory", "dbqms:UpdateTab", "deadline:AssociateMemberToFarm", "deadline:AssociateMemberToFleet", "deadline:AssociateMemberToJob", "deadline:AssociateMemberToQueue", "deadline:AssumeFleetRoleForRead", "deadline:AssumeFleetRoleForWorker", "deadline:AssumeQueueRoleForRead", "deadline:AssumeQueueRoleForUser", "deadline:AssumeQueueRoleForWorker", "deadline:BatchGetJobEntity", "deadline:CopyJobTemplate", "deadline:CreateBudget", "deadline:CreateFarm", "deadline:CreateFleet", "deadline:CreateJob", "deadline:CreateLicenseEndpoint", "deadline:CreateMonitor", "deadline:CreateQueue", "deadline:CreateQueueEnvironment", "deadline:CreateQueueFleetAssociation", "deadline:CreateStorageProfile", "deadline:CreateWorker", "deadline:DeleteBudget", "deadline:DeleteFarm", "deadline:DeleteFleet", "deadline:DeleteLicenseEndpoint", "deadline:DeleteMeteredProduct", "deadline:DeleteMonitor", "deadline:DeleteQueue", "deadline:DeleteQueueEnvironment", "deadline:DeleteQueueFleetAssociation", "deadline:DeleteStorageProfile", "deadline:DeleteWorker", "deadline:DisassociateMemberFromFarm", "deadline:DisassociateMemberFromFleet", "deadline:DisassociateMemberFromJob", "deadline:DisassociateMemberFromQueue", "deadline:GetApplicationVersion", "deadline:GetBudget", "deadline:GetFarm", "deadline:GetFleet", "deadline:GetJob", "deadline:GetLicenseEndpoint", "deadline:GetMonitor", "deadline:GetQueue", "deadline:GetQueueEnvironment", "deadline:GetQueueFleetAssociation", "deadline:GetSession", "deadline:GetSessionAction", "deadline:GetSessionsStatisticsAggregation", "deadline:GetStep", "deadline:GetStorageProfile", "deadline:GetStorageProfileForQueue", "deadline:GetTask", "deadline:GetWorker", "deadline:ListAvailableMeteredProducts", "deadline:ListBudgets", "deadline:ListFarmMembers", "deadline:ListFarms", "deadline:ListFleetMembers", "deadline:ListFleets", "deadline:ListJobMembers", "deadline:ListJobs", "deadline:ListLicenseEndpoints", "deadline:ListMeteredProducts", "deadline:ListMonitors", "deadline:ListQueueEnvironments", "deadline:ListQueueFleetAssociations", "deadline:ListQueueMembers", "deadline:ListQueues", "deadline:ListSessionActions", "deadline:ListSessions", "deadline:ListSessionsForWorker", "deadline:ListStepConsumers", "deadline:ListStepDependencies", "deadline:ListSteps", "deadline:ListStorageProfiles", "deadline:ListStorageProfilesForQueue", "deadline:ListTagsForResource", "deadline:ListTasks", "deadline:ListWorkers", "deadline:PutMeteredProduct", "deadline:SearchJobs", "deadline:SearchSteps", "deadline:SearchTasks", "deadline:SearchWorkers", "deadline:StartSessionsStatisticsAggregation", "deadline:TagResource", "deadline:UntagResource", "deadline:UpdateBudget", "deadline:UpdateFarm", "deadline:UpdateFleet", "deadline:UpdateJob", "deadline:UpdateMonitor", "deadline:UpdateQueue", "deadline:UpdateQueueEnvironment", "deadline:UpdateQueueFleetAssociation", "deadline:UpdateSession", "deadline:UpdateStep", "deadline:UpdateStorageProfile", "deadline:UpdateTask", "deadline:UpdateWorker", "deadline:UpdateWorkerSchedule", "deepcomposer:AssociateCoupon", "deepcomposer:CreateAudio", "deepcomposer:CreateComposition", "deepcomposer:CreateModel", "deepcomposer:DeleteComposition", "deepcomposer:DeleteModel", "deepcomposer:GetComposition", "deepcomposer:GetModel", "deepcomposer:GetSampleModel", "deepcomposer:ListCompositions", "deepcomposer:ListModels", "deepcomposer:ListSampleModels", "deepcomposer:ListTagsForResource", "deepcomposer:ListTrainingTopics", "deepcomposer:TagResource", "deepcomposer:UntagResource", "deepcomposer:UpdateComposition", "deepcomposer:UpdateModel", "deeplens:AssociateServiceRoleToAccount", "deeplens:BatchGetDevice", "deeplens:BatchGetModel", "deeplens:BatchGetProject", "deeplens:CreateDeviceCertificates", "deeplens:CreateModel", "deeplens:CreateProject", "deeplens:DeleteModel", "deeplens:DeleteProject", "deeplens:DeployProject", "deeplens:DeregisterDevice", "deeplens:GetAssociatedResources", "deeplens:GetDeploymentStatus", "deeplens:GetDevice", "deeplens:GetModel", "deeplens:GetProject", "deeplens:ImportProjectFromTemplate", "deeplens:ListDeployments", "deeplens:ListDevices", "deeplens:ListModels", "deeplens:ListProjects", "deeplens:RegisterDevice", "deeplens:RemoveProject", "deeplens:UpdateProject", "deepracer:AddLeaderboardAccessPermission", "deepracer:AdminGetAccountConfig", "deepracer:AdminListAssociatedResources", "deepracer:AdminListAssociatedUsers", "deepracer:AdminManageUser", "deepracer:AdminSetAccountConfig", "deepracer:CloneReinforcementLearningModel", "deepracer:CreateCar", "deepracer:CreateLeaderboard", "deepracer:CreateLeaderboardAccessToken", "deepracer:CreateLeaderboardSubmission", "deepracer:CreateReinforcementLearningModel", "deepracer:DeleteLeaderboard", "deepracer:DeleteModel", "deepracer:EditLeaderboard", "deepracer:GetAccountConfig", "deepracer:GetAlias", "deepracer:GetAssetUrl", "deepracer:GetCar", "deepracer:GetCars", "deepracer:GetEvaluation", "deepracer:GetLatestUserSubmission", "deepracer:GetLeaderboard", "deepracer:GetModel", "deepracer:GetPrivateLeaderboard", "deepracer:GetRankedUserSubmission", "deepracer:GetTrack", "deepracer:GetTrainingJob", "deepracer:ImportModel", "deepracer:ListEvaluations", "deepracer:ListLeaderboardEvaluations", "deepracer:ListLeaderboardSubmissions", "deepracer:ListLeaderboards", "deepracer:ListModels", "deepracer:ListPrivateLeaderboardParticipants", "deepracer:ListPrivateLeaderboards", "deepracer:ListSubscribedPrivateLeaderboards", "deepracer:ListTagsForResource", "deepracer:ListTracks", "deepracer:ListTrainingJobs", "deepracer:MigrateModels", "deepracer:PerformLeaderboardOperation", "deepracer:RemoveLeaderboardAccessPermission", "deepracer:SetAlias", "deepracer:StartEvaluation", "deepracer:StopEvaluation", "deepracer:StopTrainingReinforcementLearningModel", "deepracer:TagResource", "deepracer:TestRewardFunction", "deepracer:UntagResource", "deepracer:UpdateCar", "detective:AcceptInvitation", "detective:BatchGetGraphMemberDatasources", "detective:BatchGetMembershipDatasources", "detective:CreateGraph", "detective:CreateMembers", "detective:DeleteGraph", "detective:DeleteMembers", "detective:DescribeOrganizationConfiguration", "detective:DisableOrganizationAdminAccount", "detective:DisassociateMembership", "detective:EnableOrganizationAdminAccount", "detective:GetFreeTrialEligibility", "detective:GetGraphIngestState", "detective:GetInvestigation", "detective:GetMembers", "detective:GetPricingInformation", "detective:GetUsageInformation", "detective:InvokeAssistant", "detective:ListDatasourcePackages", "detective:ListGraphs", "detective:ListHighDegreeEntities", "detective:ListIndicators", "detective:ListInvestigations", "detective:ListInvitations", "detective:ListMembers", "detective:ListOrganizationAdminAccount", "detective:ListTagsForResource", "detective:RejectInvitation", "detective:SearchGraph", "detective:StartInvestigation", "detective:StartMonitoringMember", "detective:TagResource", "detective:UntagResource", "detective:UpdateDatasourcePackages", "detective:UpdateInvestigationState", "detective:UpdateOrganizationConfiguration", "devicefarm:CreateDevicePool", "devicefarm:CreateInstanceProfile", "devicefarm:CreateNetworkProfile", "devicefarm:CreateProject", "devicefarm:CreateRemoteAccessSession", "devicefarm:CreateTestGridProject", "devicefarm:CreateTestGridUrl", "devicefarm:CreateUpload", "devicefarm:CreateVPCEConfiguration", "devicefarm:DeleteDevicePool", "devicefarm:DeleteInstanceProfile", "devicefarm:DeleteNetworkProfile", "devicefarm:DeleteProject", "devicefarm:DeleteRemoteAccessSession", "devicefarm:DeleteRun", "devicefarm:DeleteTestGridProject", "devicefarm:DeleteUpload", "devicefarm:DeleteVPCEConfiguration", "devicefarm:GetAccountSettings", "devicefarm:GetDevice", "devicefarm:GetDeviceInstance", "devicefarm:GetDevicePool", "devicefarm:GetDevicePoolCompatibility", "devicefarm:GetInstanceProfile", "devicefarm:GetJob", "devicefarm:GetNetworkProfile", "devicefarm:GetOfferingStatus", "devicefarm:GetProject", "devicefarm:GetRemoteAccessSession", "devicefarm:GetRun", "devicefarm:GetSuite", "devicefarm:GetTest", "devicefarm:GetTestGridProject", "devicefarm:GetTestGridSession", "devicefarm:GetUpload", "devicefarm:GetVPCEConfiguration", "devicefarm:InstallToRemoteAccessSession", "devicefarm:ListArtifacts", "devicefarm:ListDeviceInstances", "devicefarm:ListDevicePools", "devicefarm:ListDevices", "devicefarm:ListInstanceProfiles", "devicefarm:ListJobs", "devicefarm:ListNetworkProfiles", "devicefarm:ListOfferingPromotions", "devicefarm:ListOfferingTransactions", "devicefarm:ListOfferings", "devicefarm:ListProjects", "devicefarm:ListRemoteAccessSessions", "devicefarm:ListRuns", "devicefarm:ListSamples", "devicefarm:ListSuites", "devicefarm:ListTagsForResource", "devicefarm:ListTestGridProjects", "devicefarm:ListTestGridSessionActions", "devicefarm:ListTestGridSessionArtifacts", "devicefarm:ListTestGridSessions", "devicefarm:ListTests", "devicefarm:ListUniqueProblems", "devicefarm:ListUploads", "devicefarm:ListVPCEConfigurations", "devicefarm:PurchaseOffering", "devicefarm:RenewOffering", "devicefarm:ScheduleRun", "devicefarm:StopJob", "devicefarm:StopRemoteAccessSession", "devicefarm:StopRun", "devicefarm:TagResource", "devicefarm:UntagResource", "devicefarm:UpdateDeviceInstance", "devicefarm:UpdateDevicePool", "devicefarm:UpdateInstanceProfile", "devicefarm:UpdateNetworkProfile", "devicefarm:UpdateProject", "devicefarm:UpdateTestGridProject", "devicefarm:UpdateUpload", "devicefarm:UpdateVPCEConfiguration", "devops-guru:AddNotificationChannel", "devops-guru:DeleteInsight", "devops-guru:DescribeAccountHealth", "devops-guru:DescribeAccountOverview", "devops-guru:DescribeAnomaly", "devops-guru:DescribeEventSourcesConfig", "devops-guru:DescribeFeedback", "devops-guru:DescribeInsight", "devops-guru:DescribeOrganizationHealth", "devops-guru:DescribeOrganizationOverview", "devops-guru:DescribeOrganizationResourceCollectionHealth", "devops-guru:DescribeResourceCollectionHealth", "devops-guru:DescribeServiceIntegration", "devops-guru:GetCostEstimation", "devops-guru:GetResourceCollection", "devops-guru:ListAnomaliesForInsight", "devops-guru:ListAnomalousLogGroups", "devops-guru:ListEvents", "devops-guru:ListInsights", "devops-guru:ListMonitoredResources", "devops-guru:ListNotificationChannels", "devops-guru:ListOrganizationInsights", "devops-guru:ListRecommendations", "devops-guru:PutFeedback", "devops-guru:RemoveNotificationChannel", "devops-guru:SearchInsights", "devops-guru:SearchOrganizationInsights", "devops-guru:StartCostEstimation", "devops-guru:UpdateEventSourcesConfig", "devops-guru:UpdateResourceCollection", "devops-guru:UpdateServiceIntegration", "directconnect:AcceptDirectConnectGatewayAssociationProposal", "directconnect:AllocateConnectionOnInterconnect", "directconnect:AllocateHostedConnection", "directconnect:AllocatePrivateVirtualInterface", "directconnect:AllocatePublicVirtualInterface", "directconnect:AllocateTransitVirtualInterface", "directconnect:AssociateConnectionWithLag", "directconnect:AssociateHostedConnection", "directconnect:AssociateMacSecKey", "directconnect:AssociateVirtualInterface", "directconnect:ConfirmConnection", "directconnect:ConfirmCustomerAgreement", "directconnect:ConfirmPrivateVirtualInterface", "directconnect:ConfirmPublicVirtualInterface", "directconnect:ConfirmTransitVirtualInterface", "directconnect:CreateBGPPeer", "directconnect:CreateConnection", "directconnect:CreateDirectConnectGateway", "directconnect:CreateDirectConnectGatewayAssociation", "directconnect:CreateDirectConnectGatewayAssociationProposal", "directconnect:CreateInterconnect", "directconnect:CreateLag", "directconnect:CreatePrivateVirtualInterface", "directconnect:CreatePublicVirtualInterface", "directconnect:CreateTransitVirtualInterface", "directconnect:DeleteBGPPeer", "directconnect:DeleteConnection", "directconnect:DeleteDirectConnectGateway", "directconnect:DeleteDirectConnectGatewayAssociation", "directconnect:DeleteDirectConnectGatewayAssociationProposal", "directconnect:DeleteInterconnect", "directconnect:DeleteLag", "directconnect:DeleteVirtualInterface", "directconnect:DescribeConnectionLoa", "directconnect:DescribeConnections", "directconnect:DescribeConnectionsOnInterconnect", "directconnect:DescribeCustomerMetadata", "directconnect:DescribeDirectConnectGatewayAssociationProposals", "directconnect:DescribeDirectConnectGatewayAssociations", "directconnect:DescribeDirectConnectGatewayAttachments", "directconnect:DescribeDirectConnectGateways", "directconnect:DescribeHostedConnections", "directconnect:DescribeInterconnectLoa", "directconnect:DescribeInterconnects", "directconnect:DescribeLags", "directconnect:DescribeLoa", "directconnect:DescribeLocations", "directconnect:DescribeRouterConfiguration", "directconnect:DescribeTags", "directconnect:DescribeVirtualGateways", "directconnect:DescribeVirtualInterfaces", "directconnect:DisassociateConnectionFromLag", "directconnect:DisassociateMacSecKey", "directconnect:ListVirtualInterfaceTestHistory", "directconnect:StartBgpFailoverTest", "directconnect:StopBgpFailoverTest", "directconnect:TagResource", "directconnect:UntagResource", "directconnect:UpdateConnection", "directconnect:UpdateDirectConnectGateway", "directconnect:UpdateDirectConnectGatewayAssociation", "directconnect:UpdateLag", "directconnect:UpdateVirtualInterfaceAttributes", "discovery:AssociateConfigurationItemsToApplication", "discovery:BatchDeleteAgents", "discovery:BatchDeleteImportData", "discovery:CreateApplication", "discovery:CreateTags", "discovery:DeleteApplications", "discovery:DeleteTags", "discovery:DescribeAgents", "discovery:DescribeBatchDeleteConfigurationTask", "discovery:DescribeConfigurations", "discovery:DescribeContinuousExports", "discovery:DescribeExportConfigurations", "discovery:DescribeExportTasks", "discovery:DescribeImportTasks", "discovery:DescribeTags", "discovery:DisassociateConfigurationItemsFromApplication", "discovery:ExportConfigurations", "discovery:GetDiscoverySummary", "discovery:GetNetworkConnectionGraph", "discovery:ListConfigurations", "discovery:ListServerNeighbors", "discovery:StartBatchDeleteConfigurationTask", "discovery:StartContinuousExport", "discovery:StartDataCollectionByAgentIds", "discovery:StartExportTask", "discovery:StartImportTask", "discovery:StopContinuousExport", "discovery:StopDataCollectionByAgentIds", "discovery:UpdateApplication", "dlm:CreateLifecyclePolicy", "dlm:DeleteLifecyclePolicy", "dlm:GetLifecyclePolicies", "dlm:GetLifecyclePolicy", "dlm:ListTagsForResource", "dlm:TagResource", "dlm:UntagResource", "dlm:UpdateLifecyclePolicy", "dms:AddTagsToResource", "dms:ApplyPendingMaintenanceAction", "dms:AssociateExtensionPack", "dms:BatchStartRecommendations", "dms:CancelMetadataModelAssessment", "dms:CancelMetadataModelConversion", "dms:CancelMetadataModelExport", "dms:CancelReplicationTaskAssessmentRun", "dms:CreateDataMigration", "dms:CreateDataProvider", "dms:CreateEndpoint", "dms:CreateEventSubscription", "dms:CreateFleetAdvisorCollector", "dms:CreateInstanceProfile", "dms:CreateMigrationProject", "dms:CreateReplicationConfig", "dms:CreateReplicationInstance", "dms:CreateReplicationSubnetGroup", "dms:CreateReplicationTask", "dms:DeleteCertificate", "dms:DeleteConnection", "dms:DeleteDataMigration", "dms:DeleteDataProvider", "dms:DeleteEndpoint", "dms:DeleteEventSubscription", "dms:DeleteFleetAdvisorCollector", "dms:DeleteFleetAdvisorDatabases", "dms:DeleteInstanceProfile", "dms:DeleteMigrationProject", "dms:DeleteReplicationConfig", "dms:DeleteReplicationInstance", "dms:DeleteReplicationSubnetGroup", "dms:DeleteReplicationTask", "dms:DeleteReplicationTaskAssessmentRun", "dms:DescribeAccountAttributes", "dms:DescribeApplicableIndividualAssessments", "dms:DescribeCertificates", "dms:DescribeConnections", "dms:DescribeConversionConfiguration", "dms:DescribeDataMigrations", "dms:DescribeDataProviders", "dms:DescribeEndpointSettings", "dms:DescribeEndpointTypes", "dms:DescribeEndpoints", "dms:DescribeEngineVersions", "dms:DescribeEventCategories", "dms:DescribeEventSubscriptions", "dms:DescribeEvents", "dms:DescribeExtensionPackAssociations", "dms:DescribeFleetAdvisorCollectors", "dms:DescribeFleetAdvisorDatabases", "dms:DescribeFleetAdvisorLsaAnalysis", "dms:DescribeFleetAdvisorSchemaObjectSummary", "dms:DescribeFleetAdvisorSchemas", "dms:DescribeInstanceProfiles", "dms:DescribeMetadataModelAssessments", "dms:DescribeMetadataModelConversions", "dms:DescribeMetadataModelExportsAsScript", "dms:DescribeMetadataModelExportsToTarget", "dms:DescribeMetadataModelImports", "dms:DescribeMigrationProjects", "dms:DescribeOrderableReplicationInstances", "dms:DescribePendingMaintenanceActions", "dms:DescribeRecommendationLimitations", "dms:DescribeRecommendations", "dms:DescribeRefreshSchemasStatus", "dms:DescribeReplicationConfigs", "dms:DescribeReplicationInstanceTaskLogs", "dms:DescribeReplicationInstances", "dms:DescribeReplicationSubnetGroups", "dms:DescribeReplicationTableStatistics", "dms:DescribeReplicationTaskAssessmentResults", "dms:DescribeReplicationTaskAssessmentRuns", "dms:DescribeReplicationTaskIndividualAssessments", "dms:DescribeReplicationTasks", "dms:DescribeReplications", "dms:DescribeSchemas", "dms:DescribeTableStatistics", "dms:DisassociateExtensionPack", "dms:ExportMetadataModelAssessment", "dms:GetMetadataModel", "dms:ImportCertificate", "dms:ListDataProviders", "dms:ListExtensionPacks", "dms:ListInstanceProfiles", "dms:ListMetadataModelAssessmentActionItems", "dms:ListMetadataModelAssessments", "dms:ListMetadataModelConversions", "dms:ListMetadataModelExports", "dms:ListMigrationProjects", "dms:ListTagsForResource", "dms:ModifyConversionConfiguration", "dms:ModifyDataMigration", "dms:ModifyDataProvider", "dms:ModifyEndpoint", "dms:ModifyEventSubscription", "dms:ModifyFleetAdvisorCollector", "dms:ModifyFleetAdvisorCollectorStatuses", "dms:ModifyInstanceProfile", "dms:ModifyMigrationProject", "dms:ModifyReplicationConfig", "dms:ModifyReplicationInstance", "dms:ModifyReplicationSubnetGroup", "dms:ModifyReplicationTask", "dms:MoveReplicationTask", "dms:RebootReplicationInstance", "dms:RefreshSchemas", "dms:ReloadReplicationTables", "dms:ReloadTables", "dms:RemoveTagsFromResource", "dms:RunFleetAdvisorLsaAnalysis", "dms:StartDataMigration", "dms:StartExtensionPackAssociation", "dms:StartMetadataModelAssessment", "dms:StartMetadataModelConversion", "dms:StartMetadataModelExportAsScript", "dms:StartMetadataModelExportAsScripts", "dms:StartMetadataModelExportToTarget", "dms:StartMetadataModelImport", "dms:StartRecommendations", "dms:StartReplication", "dms:StartReplicationTask", "dms:StartReplicationTaskAssessment", "dms:StartReplicationTaskAssessmentRun", "dms:StopDataMigration", "dms:StopReplication", "dms:StopReplicationTask", "dms:TestConnection", "dms:UpdateConversionConfiguration", "dms:UpdateDataProvider", "dms:UpdateInstanceProfile", "dms:UpdateMigrationProject", "dms:UpdateSubscriptionsToEventBridge", "dms:UploadFileMetadataList", "docdb-elastic:CopyClusterSnapshot", "docdb-elastic:CreateCluster", "docdb-elastic:CreateClusterSnapshot", "docdb-elastic:DeleteCluster", "docdb-elastic:DeleteClusterSnapshot", "docdb-elastic:GetCluster", "docdb-elastic:GetClusterSnapshot", "docdb-elastic:ListClusterSnapshots", "docdb-elastic:ListClusters", "docdb-elastic:ListTagsForResource", "docdb-elastic:RestoreClusterFromSnapshot", "docdb-elastic:StartCluster", "docdb-elastic:StopCluster", "docdb-elastic:TagResource", "docdb-elastic:UntagResource", "docdb-elastic:UpdateCluster", "drs:AssociateFailbackClientToRecoveryInstanceForDrs", "drs:AssociateSourceNetworkStack", "drs:BatchCreateVolumeSnapshotGroupForDrs", "drs:BatchDeleteSnapshotRequestForDrs", "drs:CreateConvertedSnapshotForDrs", "drs:CreateExtendedSourceServer", "drs:CreateLaunchConfigurationTemplate", "drs:CreateRecoveryInstanceForDrs", "drs:CreateReplicationConfigurationTemplate", "drs:CreateSourceNetwork", "drs:CreateSourceServerForDrs", "drs:DeleteJob", "drs:DeleteLaunchAction", "drs:DeleteLaunchConfigurationTemplate", "drs:DeleteRecoveryInstance", "drs:DeleteReplicationConfigurationTemplate", "drs:DeleteSourceNetwork", "drs:DeleteSourceServer", "drs:DescribeJobLogItems", "drs:DescribeJobs", "drs:DescribeLaunchConfigurationTemplates", "drs:DescribeRecoveryInstances", "drs:DescribeRecoverySnapshots", "drs:DescribeReplicationConfigurationTemplates", "drs:DescribeReplicationServerAssociationsForDrs", "drs:DescribeSnapshotRequestsForDrs", "drs:DescribeSourceNetworks", "drs:DescribeSourceServers", "drs:DisconnectRecoveryInstance", "drs:DisconnectSourceServer", "drs:ExportSourceNetworkCfnTemplate", "drs:GetAgentCommandForDrs", "drs:GetAgentConfirmedResumeInfoForDrs", "drs:GetAgentInstallationAssetsForDrs", "drs:GetAgentReplicationInfoForDrs", "drs:GetAgentRuntimeConfigurationForDrs", "drs:GetAgentSnapshotCreditsForDrs", "drs:GetChannelCommandsForDrs", "drs:GetFailbackCommandForDrs", "drs:GetFailbackLaunchRequestedForDrs", "drs:GetFailbackReplicationConfiguration", "drs:GetLaunchConfiguration", "drs:GetReplicationConfiguration", "drs:GetSuggestedFailbackClientDeviceMappingForDrs", "drs:InitializeService", "drs:IssueAgentCertificateForDrs", "drs:ListExtensibleSourceServers", "drs:ListLaunchActions", "drs:ListStagingAccounts", "drs:ListTagsForResource", "drs:NotifyAgentAuthenticationForDrs", "drs:NotifyAgentConnectedForDrs", "drs:NotifyAgentDisconnectedForDrs", "drs:NotifyAgentReplicationProgressForDrs", "drs:NotifyConsistencyAttainedForDrs", "drs:NotifyReplicationServerAuthenticationForDrs", "drs:NotifyVolumeEventForDrs", "drs:PutLaunchAction", "drs:RetryDataReplication", "drs:ReverseReplication", "drs:SendAgentLogsForDrs", "drs:SendAgentMetricsForDrs", "drs:SendChannelCommandResultForDrs", "drs:SendClientLogsForDrs", "drs:SendClientMetricsForDrs", "drs:SendVolumeStatsForDrs", "drs:StartFailbackLaunch", "drs:StartRecovery", "drs:StartReplication", "drs:StartSourceNetworkRecovery", "drs:StartSourceNetworkReplication", "drs:StopFailback", "drs:StopReplication", "drs:StopSourceNetworkReplication", "drs:TagResource", "drs:TerminateRecoveryInstances", "drs:UntagResource", "drs:UpdateAgentBacklogForDrs", "drs:UpdateAgentConversionInfoForDrs", "drs:UpdateAgentReplicationInfoForDrs", "drs:UpdateAgentReplicationProcessStateForDrs", "drs:UpdateAgentSourcePropertiesForDrs", "drs:UpdateFailbackClientDeviceMappingForDrs", "drs:UpdateFailbackClientLastSeenForDrs", "drs:UpdateFailbackReplicationConfiguration", "drs:UpdateLaunchConfiguration", "drs:UpdateLaunchConfigurationTemplate", "drs:UpdateReplicationCertificateForDrs", "drs:UpdateReplicationConfiguration", "drs:UpdateReplicationConfigurationTemplate", "ds:AcceptSharedDirectory", "ds:AddIpRoutes", "ds:AddRegion", "ds:AddTagsToResource", "ds:AuthorizeApplication", "ds:CancelSchemaExtension", "ds:CheckAlias", "ds:ConnectDirectory", "ds:CreateAlias", "ds:CreateComputer", "ds:CreateConditionalForwarder", "ds:CreateDirectory", "ds:CreateIdentityPoolDirectory", "ds:CreateLogSubscription", "ds:CreateMicrosoftAD", "ds:CreateSnapshot", "ds:CreateTrust", "ds:DeleteConditionalForwarder", "ds:DeleteDirectory", "ds:DeleteLogSubscription", "ds:DeleteSnapshot", "ds:DeleteTrust", "ds:DeregisterCertificate", "ds:DeregisterEventTopic", "ds:DescribeCertificate", "ds:DescribeClientAuthenticationSettings", "ds:DescribeConditionalForwarders", "ds:DescribeDirectories", "ds:DescribeDomainControllers", "ds:DescribeEventTopics", "ds:DescribeLDAPSSettings", "ds:DescribeRegions", "ds:DescribeSettings", "ds:DescribeSharedDirectories", "ds:DescribeSnapshots", "ds:DescribeTrusts", "ds:DescribeUpdateDirectory", "ds:DisableClientAuthentication", "ds:DisableLDAPS", "ds:DisableRadius", "ds:DisableRoleAccess", "ds:DisableSso", "ds:EnableClientAuthentication", "ds:EnableLDAPS", "ds:EnableRadius", "ds:EnableRoleAccess", "ds:EnableSso", "ds:GetAuthorizedApplicationDetails", "ds:GetDirectoryLimits", "ds:GetSnapshotLimits", "ds:ListAuthorizedApplications", "ds:ListCertificates", "ds:ListIpRoutes", "ds:ListLogSubscriptions", "ds:ListSchemaExtensions", "ds:ListTagsForResource", "ds:RegisterCertificate", "ds:RegisterEventTopic", "ds:RejectSharedDirectory", "ds:RemoveIpRoutes", "ds:RemoveRegion", "ds:RemoveTagsFromResource", "ds:ResetUserPassword", "ds:RestoreFromSnapshot", "ds:ShareDirectory", "ds:StartSchemaExtension", "ds:UnauthorizeApplication", "ds:UnshareDirectory", "ds:UpdateAuthorizedApplication", "ds:UpdateConditionalForwarder", "ds:UpdateDirectory", "ds:UpdateDirectorySetup", "ds:UpdateNumberOfDomainControllers", "ds:UpdateRadius", "ds:UpdateSettings", "ds:UpdateTrust", "ds:VerifyTrust", "dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:ConditionCheckItem", "dynamodb:CreateBackup", "dynamodb:CreateGlobalTable", "dynamodb:CreateTable", "dynamodb:CreateTableReplica", "dynamodb:DeleteBackup", "dynamodb:DeleteItem", "dynamodb:DeleteResourcePolicy", "dynamodb:DeleteTable", "dynamodb:DeleteTableReplica", "dynamodb:DescribeBackup", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeContributorInsights", "dynamodb:DescribeEndpoints", "dynamodb:DescribeExport", "dynamodb:DescribeGlobalTable", "dynamodb:DescribeGlobalTableSettings", "dynamodb:DescribeImport", "dynamodb:DescribeKinesisStreamingDestination", "dynamodb:DescribeLimits", "dynamodb:DescribeReservedCapacity", "dynamodb:DescribeReservedCapacityOfferings", "dynamodb:DescribeStream", "dynamodb:DescribeTable", "dynamodb:DescribeTableReplicaAutoScaling", "dynamodb:DescribeTimeToLive", "dynamodb:DisableKinesisStreamingDestination", "dynamodb:EnableKinesisStreamingDestination", "dynamodb:ExportTableToPointInTime", "dynamodb:GetItem", "dynamodb:GetRecords", "dynamodb:GetResourcePolicy", "dynamodb:GetShardIterator", "dynamodb:ImportTable", "dynamodb:ListBackups", "dynamodb:ListContributorInsights", "dynamodb:ListExports", "dynamodb:ListGlobalTables", "dynamodb:ListImports", "dynamodb:ListStreams", "dynamodb:ListTables", "dynamodb:ListTagsOfResource", "dynamodb:PartiQLDelete", "dynamodb:PartiQLInsert", "dynamodb:PartiQLSelect", "dynamodb:PartiQLUpdate", "dynamodb:PurchaseReservedCapacityOfferings", "dynamodb:PutItem", "dynamodb:PutResourcePolicy", "dynamodb:Query", "dynamodb:RestoreTableFromAwsBackup", "dynamodb:RestoreTableFromBackup", "dynamodb:RestoreTableToPointInTime", "dynamodb:Scan", "dynamodb:StartAwsBackupJob", "dynamodb:TagResource", "dynamodb:UntagResource", "dynamodb:UpdateContinuousBackups", "dynamodb:UpdateContributorInsights", "dynamodb:UpdateGlobalTable", "dynamodb:UpdateGlobalTableSettings", "dynamodb:UpdateGlobalTableVersion", "dynamodb:UpdateItem", "dynamodb:UpdateKinesisStreamingDestination", "dynamodb:UpdateTable", "dynamodb:UpdateTableReplicaAutoScaling", "dynamodb:UpdateTimeToLive", "ebs:CompleteSnapshot", "ebs:GetSnapshotBlock", "ebs:ListChangedBlocks", "ebs:ListSnapshotBlocks", "ebs:PutSnapshotBlock", "ebs:StartSnapshot", "ec2:AcceptAddressTransfer", "ec2:AcceptReservedInstancesExchangeQuote", "ec2:AcceptTransitGatewayMulticastDomainAssociations", "ec2:AcceptTransitGatewayPeeringAttachment", "ec2:AcceptTransitGatewayVpcAttachment", "ec2:AcceptVpcEndpointConnections", "ec2:AcceptVpcPeeringConnection", "ec2:AdvertiseByoipCidr", "ec2:AllocateAddress", "ec2:AllocateHosts", "ec2:AllocateIpamPoolCidr", "ec2:ApplySecurityGroupsToClientVpnTargetNetwork", "ec2:AssignIpv6Addresses", "ec2:AssignPrivateIpAddresses", "ec2:AssignPrivateNatGatewayAddress", "ec2:AssociateAddress", "ec2:AssociateClientVpnTargetNetwork", "ec2:AssociateDhcpOptions", "ec2:AssociateEnclaveCertificateIamRole", "ec2:AssociateIamInstanceProfile", "ec2:AssociateInstanceEventWindow", "ec2:AssociateIpamByoasn", "ec2:AssociateIpamResourceDiscovery", "ec2:AssociateNatGatewayAddress", "ec2:AssociateRouteTable", "ec2:AssociateSubnetCidrBlock", "ec2:AssociateTransitGatewayMulticastDomain", "ec2:AssociateTransitGatewayPolicyTable", "ec2:AssociateTransitGatewayRouteTable", "ec2:AssociateTrunkInterface", "ec2:AssociateVerifiedAccessInstanceWebAcl", "ec2:AssociateVpcCidrBlock", "ec2:AttachClassicLinkVpc", "ec2:AttachInternetGateway", "ec2:AttachNetworkInterface", "ec2:AttachVerifiedAccessTrustProvider", "ec2:AttachVolume", "ec2:AttachVpnGateway", "ec2:AuthorizeClientVpnIngress", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:BundleInstance", "ec2:CancelBundleTask", "ec2:CancelCapacityReservation", "ec2:CancelCapacityReservationFleets", "ec2:CancelConversionTask", "ec2:CancelExportTask", "ec2:CancelImageLaunchPermission", "ec2:CancelImportTask", "ec2:CancelReservedInstancesListing", "ec2:CancelSpotFleetRequests", "ec2:CancelSpotInstanceRequests", "ec2:ConfirmProductInstance", "ec2:CopyFpgaImage", "ec2:CopyImage", "ec2:CopySnapshot", "ec2:CreateCapacityReservation", "ec2:CreateCapacityReservationFleet", "ec2:CreateCarrierGateway", "ec2:CreateClientVpnEndpoint", "ec2:CreateClientVpnRoute", "ec2:CreateCoipCidr", "ec2:CreateCoipPool", "ec2:CreateCoipPoolPermission", "ec2:CreateCustomerGateway", "ec2:CreateDefaultSubnet", "ec2:CreateDefaultVpc", "ec2:CreateDhcpOptions", "ec2:CreateEgressOnlyInternetGateway", "ec2:CreateFleet", "ec2:CreateFlowLogs", "ec2:CreateFpgaImage", "ec2:CreateImage", "ec2:CreateInstanceConnectEndpoint", "ec2:CreateInstanceEventWindow", "ec2:CreateInstanceExportTask", "ec2:CreateInternetGateway", "ec2:CreateIpam", "ec2:CreateIpamPool", "ec2:CreateIpamResourceDiscovery", "ec2:CreateIpamScope", "ec2:CreateKeyPair", "ec2:CreateLaunchTemplate", "ec2:CreateLaunchTemplateVersion", "ec2:CreateLocalGatewayRoute", "ec2:CreateLocalGatewayRouteTable", "ec2:CreateLocalGatewayRouteTablePermission", "ec2:CreateLocalGatewayRouteTableVirtualInterfaceGroupAssociation", "ec2:CreateLocalGatewayRouteTableVpcAssociation", "ec2:CreateManagedPrefixList", "ec2:CreateNatGateway", "ec2:CreateNetworkAcl", "ec2:CreateNetworkAclEntry", "ec2:CreateNetworkInsightsAccessScope", "ec2:CreateNetworkInsightsPath", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:CreatePlacementGroup", "ec2:CreatePublicIpv4Pool", "ec2:CreateReplaceRootVolumeTask", "ec2:CreateReservedInstancesListing", "ec2:CreateRestoreImageTask", "ec2:CreateRoute", "ec2:CreateRouteTable", "ec2:CreateSecurityGroup", "ec2:CreateSnapshot", "ec2:CreateSnapshots", "ec2:CreateSpotDatafeedSubscription", "ec2:CreateStoreImageTask", "ec2:CreateSubnet", "ec2:CreateSubnetCidrReservation", "ec2:CreateTags", "ec2:CreateTrafficMirrorFilter", "ec2:CreateTrafficMirrorFilterRule", "ec2:CreateTrafficMirrorSession", "ec2:CreateTrafficMirrorTarget", "ec2:CreateTransitGateway", "ec2:CreateTransitGatewayConnect", "ec2:CreateTransitGatewayConnectPeer", "ec2:CreateTransitGatewayMulticastDomain", "ec2:CreateTransitGatewayPeeringAttachment", "ec2:CreateTransitGatewayPolicyTable", "ec2:CreateTransitGatewayPrefixListReference", "ec2:CreateTransitGatewayRoute", "ec2:CreateTransitGatewayRouteTable", "ec2:CreateTransitGatewayRouteTableAnnouncement", "ec2:CreateTransitGatewayVpcAttachment", "ec2:CreateVerifiedAccessEndpoint", "ec2:CreateVerifiedAccessGroup", "ec2:CreateVerifiedAccessInstance", "ec2:CreateVerifiedAccessTrustProvider", "ec2:CreateVolume", "ec2:CreateVpc", "ec2:CreateVpcEndpoint", "ec2:CreateVpcEndpointConnectionNotification", "ec2:CreateVpcEndpointServiceConfiguration", "ec2:CreateVpcPeeringConnection", "ec2:CreateVpnConnection", "ec2:CreateVpnConnectionRoute", "ec2:CreateVpnGateway", "ec2:DeleteCarrierGateway", "ec2:DeleteClientVpnEndpoint", "ec2:DeleteClientVpnRoute", "ec2:DeleteCoipCidr", "ec2:DeleteCoipPool", "ec2:DeleteCoipPoolPermission", "ec2:DeleteCustomerGateway", "ec2:DeleteDhcpOptions", "ec2:DeleteEgressOnlyInternetGateway", "ec2:DeleteFleets", "ec2:DeleteFlowLogs", "ec2:DeleteFpgaImage", "ec2:DeleteInstanceConnectEndpoint", "ec2:DeleteInstanceEventWindow", "ec2:DeleteInternetGateway", "ec2:DeleteIpam", "ec2:DeleteIpamPool", "ec2:DeleteIpamResourceDiscovery", "ec2:DeleteIpamScope", "ec2:DeleteKeyPair", "ec2:DeleteLaunchTemplate", "ec2:DeleteLaunchTemplateVersions", "ec2:DeleteLocalGatewayRoute", "ec2:DeleteLocalGatewayRouteTable", "ec2:DeleteLocalGatewayRouteTablePermission", "ec2:DeleteLocalGatewayRouteTableVirtualInterfaceGroupAssociation", "ec2:DeleteLocalGatewayRouteTableVpcAssociation", "ec2:DeleteManagedPrefixList", "ec2:DeleteNatGateway", "ec2:DeleteNetworkAcl", "ec2:DeleteNetworkAclEntry", "ec2:DeleteNetworkInsightsAccessScope", "ec2:DeleteNetworkInsightsAccessScopeAnalysis", "ec2:DeleteNetworkInsightsAnalysis", "ec2:DeleteNetworkInsightsPath", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DeletePlacementGroup", "ec2:DeletePublicIpv4Pool", "ec2:DeleteQueuedReservedInstances", "ec2:DeleteResourcePolicy", "ec2:DeleteRoute", "ec2:DeleteRouteTable", "ec2:DeleteSecurityGroup", "ec2:DeleteSnapshot", "ec2:DeleteSpotDatafeedSubscription", "ec2:DeleteSubnet", "ec2:DeleteSubnetCidrReservation", "ec2:DeleteTags", "ec2:DeleteTrafficMirrorFilter", "ec2:DeleteTrafficMirrorFilterRule", "ec2:DeleteTrafficMirrorSession", "ec2:DeleteTrafficMirrorTarget", "ec2:DeleteTransitGateway", "ec2:DeleteTransitGatewayConnect", "ec2:DeleteTransitGatewayConnectPeer", "ec2:DeleteTransitGatewayMulticastDomain", "ec2:DeleteTransitGatewayPeeringAttachment", "ec2:DeleteTransitGatewayPolicyTable", "ec2:DeleteTransitGatewayPrefixListReference", "ec2:DeleteTransitGatewayRoute", "ec2:DeleteTransitGatewayRouteTable", "ec2:DeleteTransitGatewayRouteTableAnnouncement", "ec2:DeleteTransitGatewayVpcAttachment", "ec2:DeleteVerifiedAccessEndpoint", "ec2:DeleteVerifiedAccessGroup", "ec2:DeleteVerifiedAccessInstance", "ec2:DeleteVerifiedAccessTrustProvider", "ec2:DeleteVolume", "ec2:DeleteVpc", "ec2:DeleteVpcEndpointConnectionNotifications", "ec2:DeleteVpcEndpointServiceConfigurations", "ec2:DeleteVpcEndpoints", "ec2:DeleteVpcPeeringConnection", "ec2:DeleteVpnConnection", "ec2:DeleteVpnConnectionRoute", "ec2:DeleteVpnGateway", "ec2:DeprovisionByoipCidr", "ec2:DeprovisionIpamByoasn", "ec2:DeprovisionIpamPoolCidr", "ec2:DeprovisionPublicIpv4PoolCidr", "ec2:DeregisterImage", "ec2:DeregisterInstanceEventNotificationAttributes", "ec2:DeregisterTransitGatewayMulticastGroupMembers", "ec2:DeregisterTransitGatewayMulticastGroupSources", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:DetachClassicLinkVpc", "ec2:DetachInternetGateway", "ec2:DetachNetworkInterface", "ec2:DetachVerifiedAccessTrustProvider", "ec2:DetachVolume", "ec2:DetachVpnGateway", "ec2:DisableAddressTransfer", "ec2:DisableAwsNetworkPerformanceMetricSubscription", "ec2:DisableEbsEncryptionByDefault", "ec2:DisableFastLaunch", "ec2:DisableFastSnapshotRestores", "ec2:DisableImage", "ec2:DisableImageBlockPublicAccess", "ec2:DisableImageDeprecation", "ec2:DisableIpamOrganizationAdminAccount", "ec2:DisableSerialConsoleAccess", "ec2:DisableSnapshotBlockPublicAccess", "ec2:DisableTransitGatewayRouteTablePropagation", "ec2:DisableVgwRoutePropagation", "ec2:DisableVpcClassicLink", "ec2:DisableVpcClassicLinkDnsSupport", "ec2:DisassociateAddress", "ec2:DisassociateClientVpnTargetNetwork", "ec2:DisassociateEnclaveCertificateIamRole", "ec2:DisassociateIamInstanceProfile", "ec2:DisassociateInstanceEventWindow", "ec2:DisassociateIpamByoasn", "ec2:DisassociateIpamResourceDiscovery", "ec2:DisassociateNatGatewayAddress", "ec2:DisassociateRouteTable", "ec2:DisassociateSubnetCidrBlock", "ec2:DisassociateTransitGatewayMulticastDomain", "ec2:DisassociateTransitGatewayPolicyTable", "ec2:DisassociateTransitGatewayRouteTable", "ec2:DisassociateTrunkInterface", "ec2:DisassociateVerifiedAccessInstanceWebAcl", "ec2:DisassociateVpcCidrBlock", "ec2:EnableAddressTransfer", "ec2:EnableAwsNetworkPerformanceMetricSubscription", "ec2:EnableEbsEncryptionByDefault", "ec2:EnableFastLaunch", "ec2:EnableFastSnapshotRestores", "ec2:EnableImage", "ec2:EnableImageBlockPublicAccess", "ec2:EnableImageDeprecation", "ec2:EnableIpamOrganizationAdminAccount", "ec2:EnableReachabilityAnalyzerOrganizationSharing", "ec2:EnableSerialConsoleAccess", "ec2:EnableSnapshotBlockPublicAccess", "ec2:EnableTransitGatewayRouteTablePropagation", "ec2:EnableVgwRoutePropagation", "ec2:EnableVolumeIO", "ec2:EnableVpcClassicLink", "ec2:EnableVpcClassicLinkDnsSupport", "ec2:ExportClientVpnClientCertificateRevocationList", "ec2:ExportClientVpnClientConfiguration", "ec2:ExportImage", "ec2:ExportTransitGatewayRoutes", "ec2:GetAssociatedEnclaveCertificateIamRoles", "ec2:GetAssociatedIpv6PoolCidrs", "ec2:GetAwsNetworkPerformanceData", "ec2:GetCapacityReservationUsage", "ec2:GetCoipPoolUsage", "ec2:GetConsoleOutput", "ec2:GetConsoleScreenshot", "ec2:GetDefaultCreditSpecification", "ec2:GetEbsDefaultKmsKeyId", "ec2:GetEbsEncryptionByDefault", "ec2:GetFlowLogsIntegrationTemplate", "ec2:GetGroupsForCapacityReservation", "ec2:GetHostReservationPurchasePreview", "ec2:GetImageBlockPublicAccessState", "ec2:GetInstanceMetadataDefaults", "ec2:GetInstanceTypesFromInstanceRequirements", "ec2:GetInstanceUefiData", "ec2:GetIpamAddressHistory", "ec2:GetIpamDiscoveredAccounts", "ec2:GetIpamDiscoveredPublicAddresses", "ec2:GetIpamDiscoveredResourceCidrs", "ec2:GetIpamPoolAllocations", "ec2:GetIpamPoolCidrs", "ec2:GetIpamResourceCidrs", "ec2:GetLaunchTemplateData", "ec2:GetManagedPrefixListAssociations", "ec2:GetManagedPrefixListEntries", "ec2:GetNetworkInsightsAccessScopeAnalysisFindings", "ec2:GetNetworkInsightsAccessScopeContent", "ec2:GetPasswordData", "ec2:GetReservedInstancesExchangeQuote", "ec2:GetResourcePolicy", "ec2:GetSecurityGroupsForVpc", "ec2:GetSerialConsoleAccessStatus", "ec2:GetSnapshotBlockPublicAccessState", "ec2:GetSpotPlacementScores", "ec2:GetSubnetCidrReservations", "ec2:GetTransitGatewayAttachmentPropagations", "ec2:GetTransitGatewayMulticastDomainAssociations", "ec2:GetTransitGatewayPolicyTableAssociations", "ec2:GetTransitGatewayPolicyTableEntries", "ec2:GetTransitGatewayPrefixListReferences", "ec2:GetTransitGatewayRouteTableAssociations", "ec2:GetTransitGatewayRouteTablePropagations", "ec2:GetVerifiedAccessEndpointPolicy", "ec2:GetVerifiedAccessGroupPolicy", "ec2:GetVerifiedAccessInstanceWebAcl", "ec2:GetVpnConnectionDeviceSampleConfiguration", "ec2:GetVpnConnectionDeviceTypes", "ec2:GetVpnTunnelReplacementStatus", "ec2:ImportByoipCidrToIpam", "ec2:ImportClientVpnClientCertificateRevocationList", "ec2:ImportImage", "ec2:ImportInstance", "ec2:ImportKeyPair", "ec2:ImportSnapshot", "ec2:ImportVolume", "ec2:InjectApiError", "ec2:ListImagesInRecycleBin", "ec2:ListSnapshotsInRecycleBin", "ec2:LockSnapshot", "ec2:ModifyAddressAttribute", "ec2:ModifyAvailabilityZoneGroup", "ec2:ModifyCapacityReservation", "ec2:ModifyCapacityReservationFleet", "ec2:ModifyClientVpnEndpoint", "ec2:ModifyDefaultCreditSpecification", "ec2:ModifyEbsDefaultKmsKeyId", "ec2:ModifyFleet", "ec2:ModifyFpgaImageAttribute", "ec2:ModifyHosts", "ec2:ModifyIdFormat", "ec2:ModifyIdentityIdFormat", "ec2:ModifyImageAttribute", "ec2:ModifyInstanceAttribute", "ec2:ModifyInstanceCapacityReservationAttributes", "ec2:ModifyInstanceCreditSpecification", "ec2:ModifyInstanceEventStartTime", "ec2:ModifyInstanceEventWindow", "ec2:ModifyInstanceMaintenanceOptions", "ec2:ModifyInstanceMetadataDefaults", "ec2:ModifyInstanceMetadataOptions", "ec2:ModifyInstancePlacement", "ec2:ModifyIpam", "ec2:ModifyIpamPool", "ec2:ModifyIpamResourceCidr", "ec2:ModifyIpamResourceDiscovery", "ec2:ModifyIpamScope", "ec2:ModifyLaunchTemplate", "ec2:ModifyLocalGatewayRoute", "ec2:ModifyManagedPrefixList", "ec2:ModifyNetworkInterfaceAttribute", "ec2:ModifyPrivateDnsNameOptions", "ec2:ModifyReservedInstances", "ec2:ModifySecurityGroupRules", "ec2:ModifySnapshotAttribute", "ec2:ModifySnapshotTier", "ec2:ModifySpotFleetRequest", "ec2:ModifySubnetAttribute", "ec2:ModifyTrafficMirrorFilterNetworkServices", "ec2:ModifyTrafficMirrorFilterRule", "ec2:ModifyTrafficMirrorSession", "ec2:ModifyTransitGateway", "ec2:ModifyTransitGatewayPrefixListReference", "ec2:ModifyTransitGatewayVpcAttachment", "ec2:ModifyVerifiedAccessEndpoint", "ec2:ModifyVerifiedAccessEndpointPolicy", "ec2:ModifyVerifiedAccessGroup", "ec2:ModifyVerifiedAccessGroupPolicy", "ec2:ModifyVerifiedAccessInstance", "ec2:ModifyVerifiedAccessInstanceLoggingConfiguration", "ec2:ModifyVerifiedAccessTrustProvider", "ec2:ModifyVolume", "ec2:ModifyVolumeAttribute", "ec2:ModifyVpcAttribute", "ec2:ModifyVpcEndpoint", "ec2:ModifyVpcEndpointConnectionNotification", "ec2:ModifyVpcEndpointServiceConfiguration", "ec2:ModifyVpcEndpointServicePayerResponsibility", "ec2:ModifyVpcEndpointServicePermissions", "ec2:ModifyVpcPeeringConnectionOptions", "ec2:ModifyVpcTenancy", "ec2:ModifyVpnConnection", "ec2:ModifyVpnConnectionOptions", "ec2:ModifyVpnTunnelCertificate", "ec2:ModifyVpnTunnelOptions", "ec2:MonitorInstances", "ec2:MoveAddressToVpc", "ec2:MoveByoipCidrToIpam", "ec2:PauseVolumeIO", "ec2:ProvisionByoipCidr", "ec2:ProvisionIpamByoasn", "ec2:ProvisionIpamPoolCidr", "ec2:ProvisionPublicIpv4PoolCidr", "ec2:PurchaseCapacityBlock", "ec2:PurchaseHostReservation", "ec2:PurchaseReservedInstancesOffering", "ec2:PurchaseScheduledInstances", "ec2:PutResourcePolicy", "ec2:RebootInstances", "ec2:RegisterImage", "ec2:RegisterInstanceEventNotificationAttributes", "ec2:RegisterTransitGatewayMulticastGroupMembers", "ec2:RegisterTransitGatewayMulticastGroupSources", "ec2:RejectTransitGatewayMulticastDomainAssociations", "ec2:RejectTransitGatewayPeeringAttachment", "ec2:RejectTransitGatewayVpcAttachment", "ec2:RejectVpcEndpointConnections", "ec2:RejectVpcPeeringConnection", "ec2:ReleaseAddress", "ec2:ReleaseHosts", "ec2:ReleaseIpamPoolAllocation", "ec2:ReplaceIamInstanceProfileAssociation", "ec2:ReplaceNetworkAclAssociation", "ec2:ReplaceNetworkAclEntry", "ec2:ReplaceRoute", "ec2:ReplaceRouteTableAssociation", "ec2:ReplaceTransitGatewayRoute", "ec2:ReplaceVpnTunnel", "ec2:ReportInstanceStatus", "ec2:RequestSpotFleet", "ec2:RequestSpotInstances", "ec2:ResetAddressAttribute", "ec2:ResetEbsDefaultKmsKeyId", "ec2:ResetFpgaImageAttribute", "ec2:ResetImageAttribute", "ec2:ResetInstanceAttribute", "ec2:ResetNetworkInterfaceAttribute", "ec2:ResetSnapshotAttribute", "ec2:RestoreAddressToClassic", "ec2:RestoreImageFromRecycleBin", "ec2:RestoreManagedPrefixListVersion", "ec2:RestoreSnapshotFromRecycleBin", "ec2:RestoreSnapshotTier", "ec2:RevokeClientVpnIngress", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:RunInstances", "ec2:RunScheduledInstances", "ec2:SearchLocalGatewayRoutes", "ec2:SearchTransitGatewayMulticastGroups", "ec2:SearchTransitGatewayRoutes", "ec2:SendDiagnosticInterrupt", "ec2:SendSpotInstanceInterruptions", "ec2:StartInstances", "ec2:StartNetworkInsightsAccessScopeAnalysis", "ec2:StartNetworkInsightsAnalysis", "ec2:StartVpcEndpointServicePrivateDnsVerification", "ec2:StopInstances", "ec2:TerminateClientVpnConnections", "ec2:TerminateInstances", "ec2:UnassignIpv6Addresses", "ec2:UnassignPrivateIpAddresses", "ec2:UnassignPrivateNatGatewayAddress", "ec2:UnlockSnapshot", "ec2:UnmonitorInstances", "ec2:UpdateSecurityGroupRuleDescriptionsEgress", "ec2:UpdateSecurityGroupRuleDescriptionsIngress", "ec2:WithdrawByoipCidr", "ec2-instance-connect:OpenTunnel", "ec2-instance-connect:SendSSHPublicKey", "ec2-instance-connect:SendSerialConsoleSSHPublicKey", "ec2messages:AcknowledgeMessage", "ec2messages:DeleteMessage", "ec2messages:FailMessage", "ec2messages:GetEndpoint", "ec2messages:GetMessages", "ec2messages:SendReply", "ecr:BatchCheckLayerAvailability", "ecr:BatchDeleteImage", "ecr:BatchGetImage", "ecr:BatchGetRepositoryScanningConfiguration", "ecr:BatchImportUpstreamImage", "ecr:CompleteLayerUpload", "ecr:CreatePullThroughCacheRule", "ecr:CreateRepository", "ecr:CreateRepositoryCreationTemplate", "ecr:DeleteLifecyclePolicy", "ecr:DeletePullThroughCacheRule", "ecr:DeleteRegistryPolicy", "ecr:DeleteRepository", "ecr:DeleteRepositoryCreationTemplate", "ecr:DeleteRepositoryPolicy", "ecr:DescribeImageReplicationStatus", "ecr:DescribeImageScanFindings", "ecr:DescribeImages", "ecr:DescribePullThroughCacheRules", "ecr:DescribeRegistry", "ecr:DescribeRepositories", "ecr:DescribeRepositoryCreationTemplate", "ecr:GetAuthorizationToken", "ecr:GetDownloadUrlForLayer", "ecr:GetLifecyclePolicy", "ecr:GetLifecyclePolicyPreview", "ecr:GetRegistryPolicy", "ecr:GetRegistryScanningConfiguration", "ecr:GetRepositoryPolicy", "ecr:InitiateLayerUpload", "ecr:ListImages", "ecr:ListTagsForResource", "ecr:PutImage", "ecr:PutImageScanningConfiguration", "ecr:PutImageTagMutability", "ecr:PutLifecyclePolicy", "ecr:PutRegistryPolicy", "ecr:PutRegistryScanningConfiguration", "ecr:PutReplicationConfiguration", "ecr:ReplicateImage", "ecr:SetRepositoryPolicy", "ecr:StartImageScan", "ecr:StartLifecyclePolicyPreview", "ecr:TagResource", "ecr:UntagResource", "ecr:UpdatePullThroughCacheRule", "ecr:UploadLayerPart", "ecr:ValidatePullThroughCacheRule", "ecr-public:BatchCheckLayerAvailability", "ecr-public:BatchDeleteImage", "ecr-public:CompleteLayerUpload", "ecr-public:CreateRepository", "ecr-public:DeleteRepository", "ecr-public:DeleteRepositoryPolicy", "ecr-public:DescribeImageTags", "ecr-public:DescribeImages", "ecr-public:DescribeRegistries", "ecr-public:DescribeRepositories", "ecr-public:GetAuthorizationToken", "ecr-public:GetRegistryCatalogData", "ecr-public:GetRepositoryCatalogData", "ecr-public:GetRepositoryPolicy", "ecr-public:InitiateLayerUpload", "ecr-public:ListTagsForResource", "ecr-public:PutImage", "ecr-public:PutRegistryCatalogData", "ecr-public:PutRepositoryCatalogData", "ecr-public:SetRepositoryPolicy", "ecr-public:TagResource", "ecr-public:UntagResource", "ecr-public:UploadLayerPart", "ecs:CreateCapacityProvider", "ecs:CreateCluster", "ecs:CreateService", "ecs:CreateTaskSet", "ecs:DeleteAccountSetting", "ecs:DeleteAttributes", "ecs:DeleteCapacityProvider", "ecs:DeleteCluster", "ecs:DeleteService", "ecs:DeleteTaskDefinitions", "ecs:DeleteTaskSet", "ecs:DeregisterContainerInstance", "ecs:DeregisterTaskDefinition", "ecs:DescribeCapacityProviders", "ecs:DescribeClusters", "ecs:DescribeContainerInstances", "ecs:DescribeServices", "ecs:DescribeTaskDefinition", "ecs:DescribeTaskSets", "ecs:DescribeTasks", "ecs:DiscoverPollEndpoint", "ecs:ExecuteCommand", "ecs:GetTaskProtection", "ecs:ListAccountSettings", "ecs:ListAttributes", "ecs:ListClusters", "ecs:ListContainerInstances", "ecs:ListServices", "ecs:ListServicesByNamespace", "ecs:ListTagsForResource", "ecs:ListTaskDefinitionFamilies", "ecs:ListTaskDefinitions", "ecs:ListTasks", "ecs:Poll", "ecs:PutAccountSetting", "ecs:PutAccountSettingDefault", "ecs:PutAttributes", "ecs:PutClusterCapacityProviders", "ecs:RegisterContainerInstance", "ecs:RegisterTaskDefinition", "ecs:RunTask", "ecs:StartTask", "ecs:StartTelemetrySession", "ecs:StopTask", "ecs:SubmitAttachmentStateChanges", "ecs:SubmitContainerStateChange", "ecs:SubmitTaskStateChange", "ecs:TagResource", "ecs:UntagResource", "ecs:UpdateCapacityProvider", "ecs:UpdateCluster", "ecs:UpdateClusterSettings", "ecs:UpdateContainerAgent", "ecs:UpdateContainerInstancesState", "ecs:UpdateService", "ecs:UpdateServicePrimaryTaskSet", "ecs:UpdateTaskProtection", "ecs:UpdateTaskSet", "eks:AccessKubernetesApi", "eks:AssociateAccessPolicy", "eks:AssociateEncryptionConfig", "eks:AssociateIdentityProviderConfig", "eks:CreateAccessEntry", "eks:CreateAddon", "eks:CreateCluster", "eks:CreateEksAnywhereSubscription", "eks:CreateFargateProfile", "eks:CreateNodegroup", "eks:CreatePodIdentityAssociation", "eks:DeleteAccessEntry", "eks:DeleteAddon", "eks:DeleteCluster", "eks:DeleteEksAnywhereSubscription", "eks:DeleteFargateProfile", "eks:DeleteNodegroup", "eks:DeletePodIdentityAssociation", "eks:DeregisterCluster", "eks:DescribeAccessEntry", "eks:DescribeAddon", "eks:DescribeAddonConfiguration", "eks:DescribeAddonVersions", "eks:DescribeCluster", "eks:DescribeEksAnywhereSubscription", "eks:DescribeFargateProfile", "eks:DescribeIdentityProviderConfig", "eks:DescribeInsight", "eks:DescribeNodegroup", "eks:DescribePodIdentityAssociation", "eks:DescribeUpdate", "eks:DisassociateAccessPolicy", "eks:DisassociateIdentityProviderConfig", "eks:ListAccessEntries", "eks:ListAccessPolicies", "eks:ListAddons", "eks:ListAssociatedAccessPolicies", "eks:ListClusters", "eks:ListEksAnywhereSubscriptions", "eks:ListFargateProfiles", "eks:ListIdentityProviderConfigs", "eks:ListInsights", "eks:ListNodegroups", "eks:ListPodIdentityAssociations", "eks:ListTagsForResource", "eks:ListUpdates", "eks:RegisterCluster", "eks:TagResource", "eks:UntagResource", "eks:UpdateAccessEntry", "eks:UpdateAddon", "eks:UpdateClusterConfig", "eks:UpdateClusterVersion", "eks:UpdateEksAnywhereSubscription", "eks:UpdateNodegroupConfig", "eks:UpdateNodegroupVersion", "eks:UpdatePodIdentityAssociation", "eks-auth:AssumeRoleForPodIdentity", "elastic-inference:Connect", "elastic-inference:DescribeAcceleratorOfferings", "elastic-inference:DescribeAcceleratorTypes", "elastic-inference:DescribeAccelerators", "elastic-inference:ListTagsForResource", "elastic-inference:TagResource", "elastic-inference:UntagResource", "elasticache:AddTagsToResource", "elasticache:AuthorizeCacheSecurityGroupIngress", "elasticache:BatchApplyUpdateAction", "elasticache:BatchStopUpdateAction", "elasticache:CompleteMigration", "elasticache:Connect", "elasticache:CopyServerlessCacheSnapshot", "elasticache:CopySnapshot", "elasticache:CreateCacheCluster", "elasticache:CreateCacheParameterGroup", "elasticache:CreateCacheSecurityGroup", "elasticache:CreateCacheSubnetGroup", "elasticache:CreateGlobalReplicationGroup", "elasticache:CreateReplicationGroup", "elasticache:CreateServerlessCache", "elasticache:CreateServerlessCacheSnapshot", "elasticache:CreateSnapshot", "elasticache:CreateUser", "elasticache:CreateUserGroup", "elasticache:DecreaseNodeGroupsInGlobalReplicationGroup", "elasticache:DecreaseReplicaCount", "elasticache:DeleteCacheCluster", "elasticache:DeleteCacheParameterGroup", "elasticache:DeleteCacheSecurityGroup", "elasticache:DeleteCacheSubnetGroup", "elasticache:DeleteGlobalReplicationGroup", "elasticache:DeleteReplicationGroup", "elasticache:DeleteServerlessCache", "elasticache:DeleteServerlessCacheSnapshot", "elasticache:DeleteSnapshot", "elasticache:DeleteUser", "elasticache:DeleteUserGroup", "elasticache:DescribeCacheClusters", "elasticache:DescribeCacheEngineVersions", "elasticache:DescribeCacheParameterGroups", "elasticache:DescribeCacheParameters", "elasticache:DescribeCacheSecurityGroups", "elasticache:DescribeCacheSubnetGroups", "elasticache:DescribeEngineDefaultParameters", "elasticache:DescribeEvents", "elasticache:DescribeGlobalReplicationGroups", "elasticache:DescribeReplicationGroups", "elasticache:DescribeReservedCacheNodes", "elasticache:DescribeReservedCacheNodesOfferings", "elasticache:DescribeServerlessCacheSnapshots", "elasticache:DescribeServerlessCaches", "elasticache:DescribeServiceUpdates", "elasticache:DescribeSnapshots", "elasticache:DescribeUpdateActions", "elasticache:DescribeUserGroups", "elasticache:DescribeUsers", "elasticache:DisassociateGlobalReplicationGroup", "elasticache:ExportServerlessCacheSnapshot", "elasticache:FailoverGlobalReplicationGroup", "elasticache:IncreaseNodeGroupsInGlobalReplicationGroup", "elasticache:IncreaseReplicaCount", "elasticache:InterruptClusterAzPower", "elasticache:ListAllowedNodeTypeModifications", "elasticache:ListTagsForResource", "elasticache:ModifyCacheCluster", "elasticache:ModifyCacheParameterGroup", "elasticache:ModifyCacheSubnetGroup", "elasticache:ModifyGlobalReplicationGroup", "elasticache:ModifyReplicationGroup", "elasticache:ModifyReplicationGroupShardConfiguration", "elasticache:ModifyServerlessCache", "elasticache:ModifyUser", "elasticache:ModifyUserGroup", "elasticache:PurchaseReservedCacheNodesOffering", "elasticache:RebalanceSlotsInGlobalReplicationGroup", "elasticache:RebootCacheCluster", "elasticache:RemoveTagsFromResource", "elasticache:ResetCacheParameterGroup", "elasticache:RevokeCacheSecurityGroupIngress", "elasticache:StartMigration", "elasticache:TestFailover", "elasticache:TestMigration", "elasticbeanstalk:AbortEnvironmentUpdate", "elasticbeanstalk:AddTags", "elasticbeanstalk:ApplyEnvironmentManagedAction", "elasticbeanstalk:AssociateEnvironmentOperationsRole", "elasticbeanstalk:CheckDNSAvailability", "elasticbeanstalk:ComposeEnvironments", "elasticbeanstalk:CreateApplication", "elasticbeanstalk:CreateApplicationVersion", "elasticbeanstalk:CreateConfigurationTemplate", "elasticbeanstalk:CreateEnvironment", "elasticbeanstalk:CreatePlatformVersion", "elasticbeanstalk:CreateStorageLocation", "elasticbeanstalk:DeleteApplication", "elasticbeanstalk:DeleteApplicationVersion", "elasticbeanstalk:DeleteConfigurationTemplate", "elasticbeanstalk:DeleteEnvironmentConfiguration", "elasticbeanstalk:DeletePlatformVersion", "elasticbeanstalk:DescribeAccountAttributes", "elasticbeanstalk:DescribeApplicationVersions", "elasticbeanstalk:DescribeApplications", "elasticbeanstalk:DescribeConfigurationOptions", "elasticbeanstalk:DescribeConfigurationSettings", "elasticbeanstalk:DescribeEnvironmentHealth", "elasticbeanstalk:DescribeEnvironmentManagedActionHistory", "elasticbeanstalk:DescribeEnvironmentManagedActions", "elasticbeanstalk:DescribeEnvironmentResources", "elasticbeanstalk:DescribeEnvironments", "elasticbeanstalk:DescribeEvents", "elasticbeanstalk:DescribeInstancesHealth", "elasticbeanstalk:DescribePlatformVersion", "elasticbeanstalk:DisassociateEnvironmentOperationsRole", "elasticbeanstalk:ListAvailableSolutionStacks", "elasticbeanstalk:ListPlatformBranches", "elasticbeanstalk:ListPlatformVersions", "elasticbeanstalk:ListTagsForResource", "elasticbeanstalk:PutInstanceStatistics", "elasticbeanstalk:RebuildEnvironment", "elasticbeanstalk:RemoveTags", "elasticbeanstalk:RequestEnvironmentInfo", "elasticbeanstalk:RestartAppServer", "elasticbeanstalk:RetrieveEnvironmentInfo", "elasticbeanstalk:SwapEnvironmentCNAMEs", "elasticbeanstalk:TerminateEnvironment", "elasticbeanstalk:UpdateApplication", "elasticbeanstalk:UpdateApplicationResourceLifecycle", "elasticbeanstalk:UpdateApplicationVersion", "elasticbeanstalk:UpdateConfigurationTemplate", "elasticbeanstalk:UpdateEnvironment", "elasticbeanstalk:UpdateTagsForResource", "elasticbeanstalk:ValidateConfigurationSettings", "elasticfilesystem:Backup", "elasticfilesystem:ClientMount", "elasticfilesystem:ClientRootAccess", "elasticfilesystem:ClientWrite", "elasticfilesystem:CreateAccessPoint", "elasticfilesystem:CreateFileSystem", "elasticfilesystem:CreateMountTarget", "elasticfilesystem:CreateReplicationConfiguration", "elasticfilesystem:CreateTags", "elasticfilesystem:DeleteAccessPoint", "elasticfilesystem:DeleteFileSystem", "elasticfilesystem:DeleteFileSystemPolicy", "elasticfilesystem:DeleteMountTarget", "elasticfilesystem:DeleteReplicationConfiguration", "elasticfilesystem:DeleteTags", "elasticfilesystem:DescribeAccessPoints", "elasticfilesystem:DescribeAccountPreferences", "elasticfilesystem:DescribeBackupPolicy", "elasticfilesystem:DescribeFileSystemPolicy", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeLifecycleConfiguration", "elasticfilesystem:DescribeMountTargetSecurityGroups", "elasticfilesystem:DescribeMountTargets", "elasticfilesystem:DescribeReplicationConfigurations", "elasticfilesystem:DescribeTags", "elasticfilesystem:ListTagsForResource", "elasticfilesystem:ModifyMountTargetSecurityGroups", "elasticfilesystem:PutAccountPreferences", "elasticfilesystem:PutBackupPolicy", "elasticfilesystem:PutFileSystemPolicy", "elasticfilesystem:PutLifecycleConfiguration", "elasticfilesystem:Restore", "elasticfilesystem:TagResource", "elasticfilesystem:UntagResource", "elasticfilesystem:UpdateFileSystem", "elasticfilesystem:UpdateFileSystemProtection", "elasticloadbalancing:AddTags", "elasticloadbalancing:ApplySecurityGroupsToLoadBalancer", "elasticloadbalancing:AttachLoadBalancerToSubnets", "elasticloadbalancing:ConfigureHealthCheck", "elasticloadbalancing:CreateAppCookieStickinessPolicy", "elasticloadbalancing:CreateLBCookieStickinessPolicy", "elasticloadbalancing:CreateLoadBalancer", "elasticloadbalancing:CreateLoadBalancerListeners", "elasticloadbalancing:CreateLoadBalancerPolicy", "elasticloadbalancing:DeleteLoadBalancer", "elasticloadbalancing:DeleteLoadBalancerListeners", "elasticloadbalancing:DeleteLoadBalancerPolicy", "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DetachLoadBalancerFromSubnets", "elasticloadbalancing:DisableAvailabilityZonesForLoadBalancer", "elasticloadbalancing:EnableAvailabilityZonesForLoadBalancer", "elasticloadbalancing:ModifyLoadBalancerAttributes", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:RemoveTags", "elasticloadbalancing:SetLoadBalancerListenerSSLCertificate", "elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer", "elasticloadbalancing:SetLoadBalancerPoliciesOfListener", "elasticloadbalancing:AddListenerCertificates", "elasticloadbalancing:AddTrustStoreRevocations", "elasticloadbalancing:CreateListener", "elasticloadbalancing:CreateRule", "elasticloadbalancing:CreateTargetGroup", "elasticloadbalancing:CreateTrustStore", "elasticloadbalancing:DeleteListener", "elasticloadbalancing:DeleteRule", "elasticloadbalancing:DeleteTargetGroup", "elasticloadbalancing:DeleteTrustStore", "elasticloadbalancing:DeregisterTargets", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "elasticloadbalancing:GetTrustStoreCaCertificatesBundle", "elasticloadbalancing:GetTrustStoreRevocationContent", "elasticloadbalancing:ModifyListener", "elasticloadbalancing:ModifyRule", "elasticloadbalancing:ModifyTargetGroup", "elasticloadbalancing:ModifyTargetGroupAttributes", "elasticloadbalancing:ModifyTrustStore", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:RemoveListenerCertificates", "elasticloadbalancing:RemoveTrustStoreRevocations", "elasticloadbalancing:SetIpAddressType", "elasticloadbalancing:SetRulePriorities", "elasticloadbalancing:SetSecurityGroups", "elasticloadbalancing:SetSubnets", "elasticloadbalancing:SetWebAcl", "elasticmapreduce:AddInstanceFleet", "elasticmapreduce:AddInstanceGroups", "elasticmapreduce:AddJobFlowSteps", "elasticmapreduce:AddTags", "elasticmapreduce:AttachEditor", "elasticmapreduce:CancelSteps", "elasticmapreduce:CreateEditor", "elasticmapreduce:CreatePersistentAppUI", "elasticmapreduce:CreateRepository", "elasticmapreduce:CreateSecurityConfiguration", "elasticmapreduce:CreateStudio", "elasticmapreduce:CreateStudioPresignedUrl", "elasticmapreduce:CreateStudioSessionMapping", "elasticmapreduce:DeleteEditor", "elasticmapreduce:DeleteRepository", "elasticmapreduce:DeleteSecurityConfiguration", "elasticmapreduce:DeleteStudio", "elasticmapreduce:DeleteStudioSessionMapping", "elasticmapreduce:DeleteWorkspaceAccess", "elasticmapreduce:DescribeCluster", "elasticmapreduce:DescribeEditor", "elasticmapreduce:DescribeJobFlows", "elasticmapreduce:DescribeNotebookExecution", "elasticmapreduce:DescribePersistentAppUI", "elasticmapreduce:DescribeReleaseLabel", "elasticmapreduce:DescribeRepository", "elasticmapreduce:DescribeSecurityConfiguration", "elasticmapreduce:DescribeStep", "elasticmapreduce:DescribeStudio", "elasticmapreduce:DetachEditor", "elasticmapreduce:GetAutoTerminationPolicy", "elasticmapreduce:GetBlockPublicAccessConfiguration", "elasticmapreduce:GetClusterSessionCredentials", "elasticmapreduce:GetManagedScalingPolicy", "elasticmapreduce:GetOnClusterAppUIPresignedURL", "elasticmapreduce:GetPersistentAppUIPresignedURL", "elasticmapreduce:GetStudioSessionMapping", "elasticmapreduce:LinkRepository", "elasticmapreduce:ListBootstrapActions", "elasticmapreduce:ListClusters", "elasticmapreduce:ListEditors", "elasticmapreduce:ListInstanceFleets", "elasticmapreduce:ListInstanceGroups", "elasticmapreduce:ListInstances", "elasticmapreduce:ListNotebookExecutions", "elasticmapreduce:ListReleaseLabels", "elasticmapreduce:ListRepositories", "elasticmapreduce:ListSecurityConfigurations", "elasticmapreduce:ListSteps", "elasticmapreduce:ListStudioSessionMappings", "elasticmapreduce:ListStudios", "elasticmapreduce:ListSupportedInstanceTypes", "elasticmapreduce:ListWorkspaceAccessIdentities", "elasticmapreduce:ModifyCluster", "elasticmapreduce:ModifyInstanceFleet", "elasticmapreduce:ModifyInstanceGroups", "elasticmapreduce:OpenEditorInConsole", "elasticmapreduce:PutAutoScalingPolicy", "elasticmapreduce:PutAutoTerminationPolicy", "elasticmapreduce:PutBlockPublicAccessConfiguration", "elasticmapreduce:PutManagedScalingPolicy", "elasticmapreduce:PutWorkspaceAccess", "elasticmapreduce:RemoveAutoScalingPolicy", "elasticmapreduce:RemoveAutoTerminationPolicy", "elasticmapreduce:RemoveManagedScalingPolicy", "elasticmapreduce:RemoveTags", "elasticmapreduce:RunJobFlow", "elasticmapreduce:SetKeepJobFlowAliveWhenNoSteps", "elasticmapreduce:SetTerminationProtection", "elasticmapreduce:SetUnhealthyNodeReplacement", "elasticmapreduce:SetVisibleToAllUsers", "elasticmapreduce:StartEditor", "elasticmapreduce:StartNotebookExecution", "elasticmapreduce:StopEditor", "elasticmapreduce:StopNotebookExecution", "elasticmapreduce:TerminateJobFlows", "elasticmapreduce:UnlinkRepository", "elasticmapreduce:UpdateEditor", "elasticmapreduce:UpdateRepository", "elasticmapreduce:UpdateStudio", "elasticmapreduce:UpdateStudioSessionMapping", "elasticmapreduce:ViewEventsFromAllClustersInConsole", "elastictranscoder:CancelJob", "elastictranscoder:CreateJob", "elastictranscoder:CreatePipeline", "elastictranscoder:CreatePreset", "elastictranscoder:DeletePipeline", "elastictranscoder:DeletePreset", "elastictranscoder:ListJobsByPipeline", "elastictranscoder:ListJobsByStatus", "elastictranscoder:ListPipelines", "elastictranscoder:ListPresets", "elastictranscoder:ReadJob", "elastictranscoder:ReadPipeline", "elastictranscoder:ReadPreset", "elastictranscoder:TestRole", "elastictranscoder:UpdatePipeline", "elastictranscoder:UpdatePipelineNotifications", "elastictranscoder:UpdatePipelineStatus", "elemental-activations:CompleteAccountRegistration", "elemental-activations:CompleteFileUpload", "elemental-activations:DownloadSoftware", "elemental-activations:GenerateLicenses", "elemental-activations:GetActivation", "elemental-activations:ListTagsForResource", "elemental-activations:StartAccountRegistration", "elemental-activations:StartFileUpload", "elemental-activations:TagResource", "elemental-activations:UntagResource", "elemental-appliances-software:CompleteUpload", "elemental-appliances-software:CreateOrderV1", "elemental-appliances-software:CreateQuote", "elemental-appliances-software:GetAvsCorrectAddress", "elemental-appliances-software:GetBillingAddresses", "elemental-appliances-software:GetDeliveryAddressesV2", "elemental-appliances-software:GetOrder", "elemental-appliances-software:GetOrdersV2", "elemental-appliances-software:GetQuote", "elemental-appliances-software:GetTaxes", "elemental-appliances-software:ListQuotes", "elemental-appliances-software:ListTagsForResource", "elemental-appliances-software:StartUpload", "elemental-appliances-software:SubmitOrderV1", "elemental-appliances-software:TagResource", "elemental-appliances-software:UntagResource", "elemental-appliances-software:UpdateQuote", "elemental-support-cases:CheckCasePermission", "elemental-support-cases:CreateCase", "elemental-support-cases:GetCase", "elemental-support-cases:GetCases", "elemental-support-cases:UpdateCase", "elemental-support-content:Query", "emr-containers:CancelJobRun", "emr-containers:CreateJobTemplate", "emr-containers:CreateManagedEndpoint", "emr-containers:CreateSecurityConfiguration", "emr-containers:CreateVirtualCluster", "emr-containers:DeleteJobTemplate", "emr-containers:DeleteManagedEndpoint", "emr-containers:DeleteVirtualCluster", "emr-containers:DescribeJobRun", "emr-containers:DescribeJobTemplate", "emr-containers:DescribeManagedEndpoint", "emr-containers:DescribeSecurityConfiguration", "emr-containers:DescribeVirtualCluster", "emr-containers:GetManagedEndpointSessionCredentials", "emr-containers:ListJobRuns", "emr-containers:ListJobTemplates", "emr-containers:ListManagedEndpoints", "emr-containers:ListSecurityConfigurations", "emr-containers:ListTagsForResource", "emr-containers:ListVirtualClusters", "emr-containers:StartJobRun", "emr-containers:TagResource", "emr-containers:UntagResource", "emr-serverless:AccessInteractiveEndpoints", "emr-serverless:CancelJobRun", "emr-serverless:CreateApplication", "emr-serverless:DeleteApplication", "emr-serverless:GetApplication", "emr-serverless:GetDashboardForJobRun", "emr-serverless:GetJobRun", "emr-serverless:ListApplications", "emr-serverless:ListJobRuns", "emr-serverless:ListTagsForResource", "emr-serverless:StartApplication", "emr-serverless:StartJobRun", "emr-serverless:StopApplication", "emr-serverless:TagResource", "emr-serverless:UntagResource", "emr-serverless:UpdateApplication", "entityresolution:AddPolicyStatement", "entityresolution:CreateIdMappingWorkflow", "entityresolution:CreateIdNamespace", "entityresolution:CreateMatchingWorkflow", "entityresolution:CreateSchemaMapping", "entityresolution:DeleteIdMappingWorkflow", "entityresolution:DeleteIdNamespace", "entityresolution:DeleteMatchingWorkflow", "entityresolution:DeletePolicyStatement", "entityresolution:DeleteSchemaMapping", "entityresolution:GetIdMappingJob", "entityresolution:GetIdMappingWorkflow", "entityresolution:GetIdNamespace", "entityresolution:GetMatchId", "entityresolution:GetMatchingJob", "entityresolution:GetMatchingWorkflow", "entityresolution:GetPolicy", "entityresolution:GetProviderService", "entityresolution:GetSchemaMapping", "entityresolution:ListIdMappingJobs", "entityresolution:ListIdMappingWorkflows", "entityresolution:ListIdNamespaces", "entityresolution:ListMatchingJobs", "entityresolution:ListMatchingWorkflows", "entityresolution:ListProviderServices", "entityresolution:ListSchemaMappings", "entityresolution:ListTagsForResource", "entityresolution:PutPolicy", "entityresolution:StartIdMappingJob", "entityresolution:StartMatchingJob", "entityresolution:TagResource", "entityresolution:UntagResource", "entityresolution:UpdateIdMappingWorkflow", "entityresolution:UpdateIdNamespace", "entityresolution:UpdateMatchingWorkflow", "entityresolution:UpdateSchemaMapping", "entityresolution:UseIdNamespace", "es:AcceptInboundConnection", "es:AcceptInboundCrossClusterSearchConnection", "es:AddDataSource", "es:AddTags", "es:AssociatePackage", "es:AuthorizeVpcEndpointAccess", "es:CancelDomainConfigChange", "es:CancelElasticsearchServiceSoftwareUpdate", "es:CancelServiceSoftwareUpdate", "es:CreateDomain", "es:CreateElasticsearchDomain", "es:CreateElasticsearchServiceRole", "es:CreateOutboundConnection", "es:CreateOutboundCrossClusterSearchConnection", "es:CreatePackage", "es:CreateServiceRole", "es:CreateVpcEndpoint", "es:DeleteDataSource", "es:DeleteDomain", "es:DeleteElasticsearchDomain", "es:DeleteElasticsearchServiceRole", "es:DeleteInboundConnection", "es:DeleteInboundCrossClusterSearchConnection", "es:DeleteOutboundConnection", "es:DeleteOutboundCrossClusterSearchConnection", "es:DeletePackage", "es:DeleteVpcEndpoint", "es:DescribeDomain", "es:DescribeDomainAutoTunes", "es:DescribeDomainChangeProgress", "es:DescribeDomainConfig", "es:DescribeDomainHealth", "es:DescribeDomainNodes", "es:DescribeDomains", "es:DescribeDryRunProgress", "es:DescribeElasticsearchDomain", "es:DescribeElasticsearchDomainConfig", "es:DescribeElasticsearchDomains", "es:DescribeElasticsearchInstanceTypeLimits", "es:DescribeInboundConnections", "es:DescribeInboundCrossClusterSearchConnections", "es:DescribeInstanceTypeLimits", "es:DescribeOutboundConnections", "es:DescribeOutboundCrossClusterSearchConnections", "es:DescribePackages", "es:DescribeReservedElasticsearchInstanceOfferings", "es:DescribeReservedElasticsearchInstances", "es:DescribeReservedInstanceOfferings", "es:DescribeReservedInstances", "es:DescribeVpcEndpoints", "es:DissociatePackage", "es:ESCrossClusterGet", "es:ESHttpDelete", "es:ESHttpGet", "es:ESHttpHead", "es:ESHttpPatch", "es:ESHttpPost", "es:ESHttpPut", "es:GetCompatibleElasticsearchVersions", "es:GetCompatibleVersions", "es:GetDataSource", "es:GetDomainMaintenanceStatus", "es:GetPackageVersionHistory", "es:GetUpgradeHistory", "es:GetUpgradeStatus", "es:ListDataSources", "es:ListDomainMaintenances", "es:ListDomainNames", "es:ListDomainsForPackage", "es:ListElasticsearchInstanceTypeDetails", "es:ListElasticsearchInstanceTypes", "es:ListElasticsearchVersions", "es:ListInstanceTypeDetails", "es:ListPackagesForDomain", "es:ListScheduledActions", "es:ListTags", "es:ListVersions", "es:ListVpcEndpointAccess", "es:ListVpcEndpoints", "es:ListVpcEndpointsForDomain", "es:PurchaseReservedElasticsearchInstanceOffering", "es:PurchaseReservedInstanceOffering", "es:RejectInboundConnection", "es:RejectInboundCrossClusterSearchConnection", "es:RemoveTags", "es:RevokeVpcEndpointAccess", "es:StartDomainMaintenance", "es:StartElasticsearchServiceSoftwareUpdate", "es:StartServiceSoftwareUpdate", "es:UpdateDataSource", "es:UpdateDomainConfig", "es:UpdateElasticsearchDomainConfig", "es:UpdatePackage", "es:UpdateScheduledAction", "es:UpdateVpcEndpoint", "es:UpgradeDomain", "es:UpgradeElasticsearchDomain", "events:ActivateEventSource", "events:CancelReplay", "events:CreateApiDestination", "events:CreateArchive", "events:CreateConnection", "events:CreateEndpoint", "events:CreateEventBus", "events:CreatePartnerEventSource", "events:DeactivateEventSource", "events:DeauthorizeConnection", "events:DeleteApiDestination", "events:DeleteArchive", "events:DeleteConnection", "events:DeleteEndpoint", "events:DeleteEventBus", "events:DeletePartnerEventSource", "events:DeleteRule", "events:DescribeApiDestination", "events:DescribeArchive", "events:DescribeConnection", "events:DescribeEndpoint", "events:DescribeEventBus", "events:DescribeEventSource", "events:DescribePartnerEventSource", "events:DescribeReplay", "events:DescribeRule", "events:DisableRule", "events:EnableRule", "events:InvokeApiDestination", "events:ListApiDestinations", "events:ListArchives", "events:ListConnections", "events:ListEndpoints", "events:ListEventBuses", "events:ListEventSources", "events:ListPartnerEventSourceAccounts", "events:ListPartnerEventSources", "events:ListReplays", "events:ListRuleNamesByTarget", "events:ListRules", "events:ListTagsForResource", "events:ListTargetsByRule", "events:PutEvents", "events:PutPartnerEvents", "events:PutPermission", "events:PutRule", "events:PutTargets", "events:RemovePermission", "events:RemoveTargets", "events:RetrieveConnectionCredentials", "events:StartReplay", "events:TagResource", "events:TestEventPattern", "events:UntagResource", "events:UpdateApiDestination", "events:UpdateArchive", "events:UpdateConnection", "events:UpdateEndpoint", "evidently:BatchEvaluateFeature", "evidently:CreateExperiment", "evidently:CreateFeature", "evidently:CreateLaunch", "evidently:CreateProject", "evidently:CreateSegment", "evidently:DeleteExperiment", "evidently:DeleteFeature", "evidently:DeleteLaunch", "evidently:DeleteProject", "evidently:DeleteSegment", "evidently:EvaluateFeature", "evidently:GetExperiment", "evidently:GetExperimentResults", "evidently:GetFeature", "evidently:GetLaunch", "evidently:GetProject", "evidently:GetSegment", "evidently:ListExperiments", "evidently:ListFeatures", "evidently:ListLaunches", "evidently:ListProjects", "evidently:ListSegmentReferences", "evidently:ListSegments", "evidently:ListTagsForResource", "evidently:PutProjectEvents", "evidently:StartExperiment", "evidently:StartLaunch", "evidently:StopExperiment", "evidently:StopLaunch", "evidently:TagResource", "evidently:TestSegmentPattern", "evidently:UntagResource", "evidently:UpdateExperiment", "evidently:UpdateFeature", "evidently:UpdateLaunch", "evidently:UpdateProject", "evidently:UpdateProjectDataDelivery", "execute-api:InvalidateCache", "execute-api:Invoke", "execute-api:ManageConnections", "finspace:ConnectKxCluster", "finspace:CreateEnvironment", "finspace:CreateKxChangeset", "finspace:CreateKxCluster", "finspace:CreateKxDatabase", "finspace:CreateKxDataview", "finspace:CreateKxEnvironment", "finspace:CreateKxScalingGroup", "finspace:CreateKxUser", "finspace:CreateKxVolume", "finspace:CreateUser", "finspace:DeleteEnvironment", "finspace:DeleteKxCluster", "finspace:DeleteKxClusterNode", "finspace:DeleteKxDatabase", "finspace:DeleteKxDataview", "finspace:DeleteKxEnvironment", "finspace:DeleteKxScalingGroup", "finspace:DeleteKxUser", "finspace:DeleteKxVolume", "finspace:GetEnvironment", "finspace:GetKxChangeset", "finspace:GetKxCluster", "finspace:GetKxConnectionString", "finspace:GetKxDatabase", "finspace:GetKxDataview", "finspace:GetKxEnvironment", "finspace:GetKxScalingGroup", "finspace:GetKxUser", "finspace:GetKxVolume", "finspace:GetLoadSampleDataSetGroupIntoEnvironmentStatus", "finspace:GetUser", "finspace:ListEnvironments", "finspace:ListKxChangesets", "finspace:ListKxClusterNodes", "finspace:ListKxClusters", "finspace:ListKxDatabases", "finspace:ListKxDataviews", "finspace:ListKxEnvironments", "finspace:ListKxScalingGroups", "finspace:ListKxUsers", "finspace:ListKxVolumes", "finspace:ListTagsForResource", "finspace:ListUsers", "finspace:LoadSampleDataSetGroupIntoEnvironment", "finspace:MountKxDatabase", "finspace:ResetUserPassword", "finspace:TagResource", "finspace:UntagResource", "finspace:UpdateEnvironment", "finspace:UpdateKxClusterCodeConfiguration", "finspace:UpdateKxClusterDatabases", "finspace:UpdateKxDatabase", "finspace:UpdateKxDataview", "finspace:UpdateKxEnvironment", "finspace:UpdateKxEnvironmentNetwork", "finspace:UpdateKxUser", "finspace:UpdateKxVolume", "finspace:UpdateUser", "finspace-api:AssociateUserToPermissionGroupV2", "finspace-api:CreateChangeset", "finspace-api:CreateDatasetV2", "finspace-api:CreatePermissionGroupV2", "finspace-api:CreateUserV2", "finspace-api:DeleteDatasetV2", "finspace-api:DeletePermissionGroupV2", "finspace-api:DisableUser", "finspace-api:DisassociateUserFromPermissionGroupV2", "finspace-api:EnableUser", "finspace-api:GetChangesetV2", "finspace-api:GetDataViewV2", "finspace-api:GetDatasetV2", "finspace-api:GetExternalDataViewAccessDetails", "finspace-api:GetPermissionGroup", "finspace-api:GetProgrammaticAccessCredentials", "finspace-api:GetUser", "finspace-api:GetWorkingLocation", "finspace-api:ListChangesetsV2", "finspace-api:ListDataViewsV2", "finspace-api:ListDatasetsV2", "finspace-api:ListPermissionGroupsByUserV2", "finspace-api:ListPermissionGroupsV2", "finspace-api:ListUsersByPermissionGroupV2", "finspace-api:ListUsersV2", "finspace-api:ResetUserPasswordV2", "finspace-api:UpdateDatasetV2", "finspace-api:UpdatePermissionGroupV2", "finspace-api:UpdateUserV2", "firehose:CreateDeliveryStream", "firehose:DeleteDeliveryStream", "firehose:DescribeDeliveryStream", "firehose:ListDeliveryStreams", "firehose:ListTagsForDeliveryStream", "firehose:PutRecord", "firehose:PutRecordBatch", "firehose:StartDeliveryStreamEncryption", "firehose:StopDeliveryStreamEncryption", "firehose:TagDeliveryStream", "firehose:UntagDeliveryStream", "firehose:UpdateDestination", "fis:CreateExperimentTemplate", "fis:CreateTargetAccountConfiguration", "fis:DeleteExperimentTemplate", "fis:DeleteTargetAccountConfiguration", "fis:GetAction", "fis:GetExperiment", "fis:GetExperimentTargetAccountConfiguration", "fis:GetExperimentTemplate", "fis:GetTargetAccountConfiguration", "fis:GetTargetResourceType", "fis:InjectApiInternalError", "fis:InjectApiThrottleError", "fis:InjectApiUnavailableError", "fis:ListActions", "fis:ListExperimentResolvedTargets", "fis:ListExperimentTargetAccountConfigurations", "fis:ListExperimentTemplates", "fis:ListExperiments", "fis:ListTagsForResource", "fis:ListTargetAccountConfigurations", "fis:ListTargetResourceTypes", "fis:StartExperiment", "fis:StopExperiment", "fis:TagResource", "fis:UntagResource", "fis:UpdateExperimentTemplate", "fis:UpdateTargetAccountConfiguration", "fms:AssociateAdminAccount", "fms:AssociateThirdPartyFirewall", "fms:BatchAssociateResource", "fms:BatchDisassociateResource", "fms:DeleteAppsList", "fms:DeleteNotificationChannel", "fms:DeletePolicy", "fms:DeleteProtocolsList", "fms:DeleteResourceSet", "fms:DisassociateAdminAccount", "fms:DisassociateThirdPartyFirewall", "fms:GetAdminAccount", "fms:GetAdminScope", "fms:GetAppsList", "fms:GetComplianceDetail", "fms:GetNotificationChannel", "fms:GetPolicy", "fms:GetProtectionStatus", "fms:GetProtocolsList", "fms:GetResourceSet", "fms:GetThirdPartyFirewallAssociationStatus", "fms:GetViolationDetails", "fms:ListAdminAccountsForOrganization", "fms:ListAdminsManagingAccount", "fms:ListAppsLists", "fms:ListComplianceStatus", "fms:ListDiscoveredResources", "fms:ListMemberAccounts", "fms:ListPolicies", "fms:ListProtocolsLists", "fms:ListResourceSetResources", "fms:ListResourceSets", "fms:ListTagsForResource", "fms:ListThirdPartyFirewallFirewallPolicies", "fms:PutAdminAccount", "fms:PutAppsList", "fms:PutNotificationChannel", "fms:PutPolicy", "fms:PutProtocolsList", "fms:PutResourceSet", "fms:TagResource", "fms:UntagResource", "forecast:CreateAutoPredictor", "forecast:CreateDataset", "forecast:CreateDatasetGroup", "forecast:CreateDatasetImportJob", "forecast:CreateExplainability", "forecast:CreateExplainabilityExport", "forecast:CreateForecast", "forecast:CreateForecastEndpoint", "forecast:CreateForecastExportJob", "forecast:CreateMonitor", "forecast:CreatePredictor", "forecast:CreatePredictorBacktestExportJob", "forecast:CreateWhatIfAnalysis", "forecast:CreateWhatIfForecast", "forecast:CreateWhatIfForecastExport", "forecast:DeleteDataset", "forecast:DeleteDatasetGroup", "forecast:DeleteDatasetImportJob", "forecast:DeleteExplainability", "forecast:DeleteExplainabilityExport", "forecast:DeleteForecast", "forecast:DeleteForecastEndpoint", "forecast:DeleteForecastExportJob", "forecast:DeleteMonitor", "forecast:DeletePredictor", "forecast:DeletePredictorBacktestExportJob", "forecast:DeleteResourceTree", "forecast:DeleteWhatIfAnalysis", "forecast:DeleteWhatIfForecast", "forecast:DeleteWhatIfForecastExport", "forecast:DescribeAutoPredictor", "forecast:DescribeDataset", "forecast:DescribeDatasetGroup", "forecast:DescribeDatasetImportJob", "forecast:DescribeExplainability", "forecast:DescribeExplainabilityExport", "forecast:DescribeForecast", "forecast:DescribeForecastEndpoint", "forecast:DescribeForecastExportJob", "forecast:DescribeMonitor", "forecast:DescribePredictor", "forecast:DescribePredictorBacktestExportJob", "forecast:DescribeWhatIfAnalysis", "forecast:DescribeWhatIfForecast", "forecast:DescribeWhatIfForecastExport", "forecast:GetAccuracyMetrics", "forecast:GetRecentForecastContext", "forecast:InvokeForecastEndpoint", "forecast:ListDatasetGroups", "forecast:ListDatasetImportJobs", "forecast:ListDatasets", "forecast:ListExplainabilities", "forecast:ListExplainabilityExports", "forecast:ListForecastExportJobs", "forecast:ListForecasts", "forecast:ListMonitorEvaluations", "forecast:ListMonitors", "forecast:ListPredictorBacktestExportJobs", "forecast:ListPredictors", "forecast:ListTagsForResource", "forecast:ListWhatIfAnalyses", "forecast:ListWhatIfForecastExports", "forecast:ListWhatIfForecasts", "forecast:QueryForecast", "forecast:QueryWhatIfForecast", "forecast:ResumeResource", "forecast:StopResource", "forecast:TagResource", "forecast:UntagResource", "forecast:UpdateDatasetGroup", "frauddetector:BatchCreateVariable", "frauddetector:BatchGetVariable", "frauddetector:CancelBatchImportJob", "frauddetector:CancelBatchPredictionJob", "frauddetector:CreateBatchImportJob", "frauddetector:CreateBatchPredictionJob", "frauddetector:CreateDetectorVersion", "frauddetector:CreateList", "frauddetector:CreateModel", "frauddetector:CreateModelVersion", "frauddetector:CreateRule", "frauddetector:CreateVariable", "frauddetector:DeleteBatchImportJob", "frauddetector:DeleteBatchPredictionJob", "frauddetector:DeleteDetector", "frauddetector:DeleteDetectorVersion", "frauddetector:DeleteEntityType", "frauddetector:DeleteEvent", "frauddetector:DeleteEventType", "frauddetector:DeleteEventsByEventType", "frauddetector:DeleteExternalModel", "frauddetector:DeleteLabel", "frauddetector:DeleteList", "frauddetector:DeleteModel", "frauddetector:DeleteModelVersion", "frauddetector:DeleteOutcome", "frauddetector:DeleteRule", "frauddetector:DeleteVariable", "frauddetector:DescribeDetector", "frauddetector:DescribeModelVersions", "frauddetector:GetBatchImportJobValidationReport", "frauddetector:GetBatchImportJobs", "frauddetector:GetBatchPredictionJobs", "frauddetector:GetDeleteEventsByEventTypeStatus", "frauddetector:GetDetectorVersion", "frauddetector:GetDetectors", "frauddetector:GetEntityTypes", "frauddetector:GetEvent", "frauddetector:GetEventPrediction", "frauddetector:GetEventPredictionMetadata", "frauddetector:GetEventTypes", "frauddetector:GetExternalModels", "frauddetector:GetKMSEncryptionKey", "frauddetector:GetLabels", "frauddetector:GetListElements", "frauddetector:GetListsMetadata", "frauddetector:GetModelVersion", "frauddetector:GetModels", "frauddetector:GetOutcomes", "frauddetector:GetRules", "frauddetector:GetVariables", "frauddetector:ListEventPredictions", "frauddetector:ListTagsForResource", "frauddetector:PutDetector", "frauddetector:PutEntityType", "frauddetector:PutEventType", "frauddetector:PutExternalModel", "frauddetector:PutKMSEncryptionKey", "frauddetector:PutLabel", "frauddetector:PutOutcome", "frauddetector:SendEvent", "frauddetector:TagResource", "frauddetector:UntagResource", "frauddetector:UpdateDetectorVersion", "frauddetector:UpdateDetectorVersionMetadata", "frauddetector:UpdateDetectorVersionStatus", "frauddetector:UpdateEventLabel", "frauddetector:UpdateList", "frauddetector:UpdateModel", "frauddetector:UpdateModelVersion", "frauddetector:UpdateModelVersionStatus", "frauddetector:UpdateRuleMetadata", "frauddetector:UpdateRuleVersion", "frauddetector:UpdateVariable", "freertos:CreateSoftwareConfiguration", "freertos:CreateSubscription", "freertos:DeleteSoftwareConfiguration", "freertos:DescribeHardwarePlatform", "freertos:DescribeSoftwareConfiguration", "freertos:DescribeSubscription", "freertos:GetEmpPatchUrl", "freertos:GetSoftwareURL", "freertos:GetSoftwareURLForConfiguration", "freertos:GetSubscriptionBillingAmount", "freertos:ListFreeRTOSVersions", "freertos:ListHardwarePlatforms", "freertos:ListHardwareVendors", "freertos:ListSoftwareConfigurations", "freertos:ListSoftwarePatches", "freertos:ListSubscriptionEmails", "freertos:ListSubscriptions", "freertos:UpdateEmailRecipients", "freertos:UpdateSoftwareConfiguration", "freertos:VerifyEmail", "freetier:GetFreeTierAlertPreference", "freetier:GetFreeTierUsage", "freetier:PutFreeTierAlertPreference", "fsx:AssociateFileGateway", "fsx:AssociateFileSystemAliases", "fsx:BypassSnaplockEnterpriseRetention", "fsx:CancelDataRepositoryTask", "fsx:CopyBackup", "fsx:CopySnapshotAndUpdateVolume", "fsx:CreateBackup", "fsx:CreateDataRepositoryAssociation", "fsx:CreateDataRepositoryTask", "fsx:CreateFileCache", "fsx:CreateFileSystem", "fsx:CreateFileSystemFromBackup", "fsx:CreateSnapshot", "fsx:CreateStorageVirtualMachine", "fsx:CreateVolume", "fsx:CreateVolumeFromBackup", "fsx:DeleteBackup", "fsx:DeleteDataRepositoryAssociation", "fsx:DeleteFileCache", "fsx:DeleteFileSystem", "fsx:DeleteResourcePolicy", "fsx:DeleteSnapshot", "fsx:DeleteStorageVirtualMachine", "fsx:DeleteVolume", "fsx:DescribeAssociatedFileGateways", "fsx:DescribeBackups", "fsx:DescribeDataRepositoryAssociations", "fsx:DescribeDataRepositoryTasks", "fsx:DescribeFileCaches", "fsx:DescribeFileSystemAliases", "fsx:DescribeFileSystems", "fsx:DescribeSharedVpcConfiguration", "fsx:DescribeSnapshots", "fsx:DescribeStorageVirtualMachines", "fsx:DescribeVolumes", "fsx:DisassociateFileGateway", "fsx:DisassociateFileSystemAliases", "fsx:GetResourcePolicy", "fsx:ListTagsForResource", "fsx:ManageBackupPrincipalAssociations", "fsx:PutResourcePolicy", "fsx:ReleaseFileSystemNfsV3Locks", "fsx:RestoreVolumeFromSnapshot", "fsx:StartMisconfiguredStateRecovery", "fsx:TagResource", "fsx:UntagResource", "fsx:UpdateDataRepositoryAssociation", "fsx:UpdateFileCache", "fsx:UpdateFileSystem", "fsx:UpdateSharedVpcConfiguration", "fsx:UpdateSnapshot", "fsx:UpdateStorageVirtualMachine", "fsx:UpdateVolume", "gamelift:AcceptMatch", "gamelift:ClaimGameServer", "gamelift:CreateAlias", "gamelift:CreateBuild", "gamelift:CreateContainerGroupDefinition", "gamelift:CreateFleet", "gamelift:CreateFleetLocations", "gamelift:CreateGameServerGroup", "gamelift:CreateGameSession", "gamelift:CreateGameSessionQueue", "gamelift:CreateLocation", "gamelift:CreateMatchmakingConfiguration", "gamelift:CreateMatchmakingRuleSet", "gamelift:CreatePlayerSession", "gamelift:CreatePlayerSessions", "gamelift:CreateScript", "gamelift:CreateVpcPeeringAuthorization", "gamelift:CreateVpcPeeringConnection", "gamelift:DeleteAlias", "gamelift:DeleteBuild", "gamelift:DeleteContainerGroupDefinition", "gamelift:DeleteFleet", "gamelift:DeleteFleetLocations", "gamelift:DeleteGameServerGroup", "gamelift:DeleteGameSessionQueue", "gamelift:DeleteLocation", "gamelift:DeleteMatchmakingConfiguration", "gamelift:DeleteMatchmakingRuleSet", "gamelift:DeleteScalingPolicy", "gamelift:DeleteScript", "gamelift:DeleteVpcPeeringAuthorization", "gamelift:DeleteVpcPeeringConnection", "gamelift:DeregisterCompute", "gamelift:DeregisterGameServer", "gamelift:DescribeAlias", "gamelift:DescribeBuild", "gamelift:DescribeCompute", "gamelift:DescribeContainerGroupDefinition", "gamelift:DescribeEC2InstanceLimits", "gamelift:DescribeFleetAttributes", "gamelift:DescribeFleetCapacity", "gamelift:DescribeFleetEvents", "gamelift:DescribeFleetLocationAttributes", "gamelift:DescribeFleetLocationCapacity", "gamelift:DescribeFleetLocationUtilization", "gamelift:DescribeFleetPortSettings", "gamelift:DescribeFleetUtilization", "gamelift:DescribeGameServer", "gamelift:DescribeGameServerGroup", "gamelift:DescribeGameServerInstances", "gamelift:DescribeGameSessionDetails", "gamelift:DescribeGameSessionPlacement", "gamelift:DescribeGameSessionQueues", "gamelift:DescribeGameSessions", "gamelift:DescribeInstances", "gamelift:DescribeMatchmaking", "gamelift:DescribeMatchmakingConfigurations", "gamelift:DescribeMatchmakingRuleSets", "gamelift:DescribePlayerSessions", "gamelift:DescribeRuntimeConfiguration", "gamelift:DescribeScalingPolicies", "gamelift:DescribeScript", "gamelift:DescribeVpcPeeringAuthorizations", "gamelift:DescribeVpcPeeringConnections", "gamelift:GetComputeAccess", "gamelift:GetComputeAuthToken", "gamelift:GetGameSessionLogUrl", "gamelift:GetInstanceAccess", "gamelift:ListAliases", "gamelift:ListBuilds", "gamelift:ListCompute", "gamelift:ListContainerGroupDefinitions", "gamelift:ListFleets", "gamelift:ListGameServerGroups", "gamelift:ListGameServers", "gamelift:ListLocations", "gamelift:ListScripts", "gamelift:ListTagsForResource", "gamelift:PutScalingPolicy", "gamelift:RegisterCompute", "gamelift:RegisterGameServer", "gamelift:RequestUploadCredentials", "gamelift:ResolveAlias", "gamelift:ResumeGameServerGroup", "gamelift:SearchGameSessions", "gamelift:StartFleetActions", "gamelift:StartGameSessionPlacement", "gamelift:StartMatchBackfill", "gamelift:StartMatchmaking", "gamelift:StopFleetActions", "gamelift:StopGameSessionPlacement", "gamelift:StopMatchmaking", "gamelift:SuspendGameServerGroup", "gamelift:TagResource", "gamelift:UntagResource", "gamelift:UpdateAlias", "gamelift:UpdateBuild", "gamelift:UpdateFleetAttributes", "gamelift:UpdateFleetCapacity", "gamelift:UpdateFleetPortSettings", "gamelift:UpdateGameServer", "gamelift:UpdateGameServerGroup", "gamelift:UpdateGameSession", "gamelift:UpdateGameSessionQueue", "gamelift:UpdateMatchmakingConfiguration", "gamelift:UpdateRuntimeConfiguration", "gamelift:UpdateScript", "gamelift:ValidateMatchmakingRuleSet", "geo:AssociateTrackerConsumer", "geo:BatchDeleteDevicePositionHistory", "geo:BatchDeleteGeofence", "geo:BatchEvaluateGeofences", "geo:BatchGetDevicePosition", "geo:BatchPutGeofence", "geo:BatchUpdateDevicePosition", "geo:CalculateRoute", "geo:CalculateRouteMatrix", "geo:CreateGeofenceCollection", "geo:CreateKey", "geo:CreateMap", "geo:CreatePlaceIndex", "geo:CreateRouteCalculator", "geo:CreateTracker", "geo:DeleteGeofenceCollection", "geo:DeleteKey", "geo:DeleteMap", "geo:DeletePlaceIndex", "geo:DeleteRouteCalculator", "geo:DeleteTracker", "geo:DescribeGeofenceCollection", "geo:DescribeKey", "geo:DescribeMap", "geo:DescribePlaceIndex", "geo:DescribeRouteCalculator", "geo:DescribeTracker", "geo:DisassociateTrackerConsumer", "geo:GetDevicePosition", "geo:GetDevicePositionHistory", "geo:GetGeofence", "geo:GetMapGlyphs", "geo:GetMapSprites", "geo:GetMapStyleDescriptor", "geo:GetMapTile", "geo:GetPlace", "geo:ListDevicePositions", "geo:ListGeofenceCollections", "geo:ListGeofences", "geo:ListKeys", "geo:ListMaps", "geo:ListPlaceIndexes", "geo:ListRouteCalculators", "geo:ListTagsForResource", "geo:ListTrackerConsumers", "geo:ListTrackers", "geo:PutGeofence", "geo:SearchPlaceIndexForPosition", "geo:SearchPlaceIndexForSuggestions", "geo:SearchPlaceIndexForText", "geo:TagResource", "geo:UntagResource", "geo:UpdateGeofenceCollection", "geo:UpdateKey", "geo:UpdateMap", "geo:UpdatePlaceIndex", "geo:UpdateRouteCalculator", "geo:UpdateTracker", "glacier:AbortMultipartUpload", "glacier:AbortVaultLock", "glacier:AddTagsToVault", "glacier:CompleteMultipartUpload", "glacier:CompleteVaultLock", "glacier:CreateVault", "glacier:DeleteArchive", "glacier:DeleteVault", "glacier:DeleteVaultAccessPolicy", "glacier:DeleteVaultNotifications", "glacier:DescribeJob", "glacier:DescribeVault", "glacier:GetDataRetrievalPolicy", "glacier:GetJobOutput", "glacier:GetVaultAccessPolicy", "glacier:GetVaultLock", "glacier:GetVaultNotifications", "glacier:InitiateJob", "glacier:InitiateMultipartUpload", "glacier:InitiateVaultLock", "glacier:ListJobs", "glacier:ListMultipartUploads", "glacier:ListParts", "glacier:ListProvisionedCapacity", "glacier:ListTagsForVault", "glacier:ListVaults", "glacier:PurchaseProvisionedCapacity", "glacier:RemoveTagsFromVault", "glacier:SetDataRetrievalPolicy", "glacier:SetVaultAccessPolicy", "glacier:SetVaultNotifications", "glacier:UploadArchive", "glacier:UploadMultipartPart", "globalaccelerator:AddCustomRoutingEndpoints", "globalaccelerator:AddEndpoints", "globalaccelerator:AdvertiseByoipCidr", "globalaccelerator:AllowCustomRoutingTraffic", "globalaccelerator:CreateAccelerator", "globalaccelerator:CreateCrossAccountAttachment", "globalaccelerator:CreateCustomRoutingAccelerator", "globalaccelerator:CreateCustomRoutingEndpointGroup", "globalaccelerator:CreateCustomRoutingListener", "globalaccelerator:CreateEndpointGroup", "globalaccelerator:CreateListener", "globalaccelerator:DeleteAccelerator", "globalaccelerator:DeleteCrossAccountAttachment", "globalaccelerator:DeleteCustomRoutingAccelerator", "globalaccelerator:DeleteCustomRoutingEndpointGroup", "globalaccelerator:DeleteCustomRoutingListener", "globalaccelerator:DeleteEndpointGroup", "globalaccelerator:DeleteListener", "globalaccelerator:DenyCustomRoutingTraffic", "globalaccelerator:DeprovisionByoipCidr", "globalaccelerator:DescribeAccelerator", "globalaccelerator:DescribeAcceleratorAttributes", "globalaccelerator:DescribeCrossAccountAttachment", "globalaccelerator:DescribeCustomRoutingAccelerator", "globalaccelerator:DescribeCustomRoutingAcceleratorAttributes", "globalaccelerator:DescribeCustomRoutingEndpointGroup", "globalaccelerator:DescribeCustomRoutingListener", "globalaccelerator:DescribeEndpointGroup", "globalaccelerator:DescribeListener", "globalaccelerator:ListAccelerators", "globalaccelerator:ListByoipCidrs", "globalaccelerator:ListCrossAccountAttachments", "globalaccelerator:ListCrossAccountResourceAccounts", "globalaccelerator:ListCrossAccountResources", "globalaccelerator:ListCustomRoutingAccelerators", "globalaccelerator:ListCustomRoutingEndpointGroups", "globalaccelerator:ListCustomRoutingListeners", "globalaccelerator:ListCustomRoutingPortMappings", "globalaccelerator:ListCustomRoutingPortMappingsByDestination", "globalaccelerator:ListEndpointGroups", "globalaccelerator:ListListeners", "globalaccelerator:ListTagsForResource", "globalaccelerator:ProvisionByoipCidr", "globalaccelerator:RemoveCustomRoutingEndpoints", "globalaccelerator:RemoveEndpoints", "globalaccelerator:TagResource", "globalaccelerator:UntagResource", "globalaccelerator:UpdateAccelerator", "globalaccelerator:UpdateAcceleratorAttributes", "globalaccelerator:UpdateCrossAccountAttachment", "globalaccelerator:UpdateCustomRoutingAccelerator", "globalaccelerator:UpdateCustomRoutingAcceleratorAttributes", "globalaccelerator:UpdateCustomRoutingListener", "globalaccelerator:UpdateEndpointGroup", "globalaccelerator:UpdateListener", "globalaccelerator:WithdrawByoipCidr", "glue:BatchCreatePartition", "glue:BatchDeleteConnection", "glue:BatchDeletePartition", "glue:BatchDeleteTable", "glue:BatchDeleteTableVersion", "glue:BatchGetBlueprints", "glue:BatchGetCrawlers", "glue:BatchGetCustomEntityTypes", "glue:BatchGetDevEndpoints", "glue:BatchGetJobs", "glue:BatchGetPartition", "glue:BatchGetStageFiles", "glue:BatchGetTableOptimizer", "glue:BatchGetTriggers", "glue:BatchGetWorkflows", "glue:BatchStopJobRun", "glue:BatchUpdatePartition", "glue:CancelDataQualityRuleRecommendationRun", "glue:CancelDataQualityRulesetEvaluationRun", "glue:CancelMLTaskRun", "glue:CancelStatement", "glue:CheckSchemaVersionValidity", "glue:CreateBlueprint", "glue:CreateClassifier", "glue:CreateConnection", "glue:CreateCrawler", "glue:CreateCustomEntityType", "glue:CreateDataQualityRuleset", "glue:CreateDatabase", "glue:CreateDevEndpoint", "glue:CreateJob", "glue:CreateMLTransform", "glue:CreatePartition", "glue:CreatePartitionIndex", "glue:CreateRegistry", "glue:CreateSchema", "glue:CreateScript", "glue:CreateSecurityConfiguration", "glue:CreateSession", "glue:CreateTable", "glue:CreateTableOptimizer", "glue:CreateTrigger", "glue:CreateUserDefinedFunction", "glue:CreateWorkflow", "glue:DeleteBlueprint", "glue:DeleteClassifier", "glue:DeleteColumnStatisticsForPartition", "glue:DeleteColumnStatisticsForTable", "glue:DeleteConnection", "glue:DeleteCrawler", "glue:DeleteCustomEntityType", "glue:DeleteDataQualityRuleset", "glue:DeleteDatabase", "glue:DeleteDevEndpoint", "glue:DeleteJob", "glue:DeleteMLTransform", "glue:DeletePartition", "glue:DeletePartitionIndex", "glue:DeleteRegistry", "glue:DeleteResourcePolicy", "glue:DeleteSchema", "glue:DeleteSchemaVersions", "glue:DeleteSecurityConfiguration", "glue:DeleteSession", "glue:DeleteTable", "glue:DeleteTableOptimizer", "glue:DeleteTableVersion", "glue:DeleteTrigger", "glue:DeleteUserDefinedFunction", "glue:DeleteWorkflow", "glue:DeregisterDataPreview", "glue:GetBlueprint", "glue:GetBlueprintRun", "glue:GetBlueprintRuns", "glue:GetCatalogImportStatus", "glue:GetClassifier", "glue:GetClassifiers", "glue:GetColumnStatisticsForPartition", "glue:GetColumnStatisticsForTable", "glue:GetColumnStatisticsTaskRun", "glue:GetColumnStatisticsTaskRuns", "glue:GetCompletion", "glue:GetConnection", "glue:GetConnections", "glue:GetCrawler", "glue:GetCrawlerMetrics", "glue:GetCrawlers", "glue:GetCustomEntityType", "glue:GetDataCatalogEncryptionSettings", "glue:GetDataPreviewStatement", "glue:GetDataQualityResult", "glue:GetDataQualityRuleRecommendationRun", "glue:GetDataQualityRuleset", "glue:GetDataQualityRulesetEvaluationRun", "glue:GetDatabase", "glue:GetDatabases", "glue:GetDataflowGraph", "glue:GetDevEndpoint", "glue:GetDevEndpoints", "glue:GetEnvironment", "glue:GetExecutors", "glue:GetExecutorsThreads", "glue:GetJob", "glue:GetJobBookmark", "glue:GetJobRun", "glue:GetJobRuns", "glue:GetJobs", "glue:GetLogParsingStatus", "glue:GetMLTaskRun", "glue:GetMLTaskRuns", "glue:GetMLTransform", "glue:GetMLTransforms", "glue:GetMapping", "glue:GetNotebookInstanceStatus", "glue:GetPartition", "glue:GetPartitionIndexes", "glue:GetPartitionMetadata", "glue:GetPartitions", "glue:GetPlan", "glue:GetQueries", "glue:GetQuery", "glue:GetRegistry", "glue:GetResourcePolicies", "glue:GetResourcePolicy", "glue:GetSchema", "glue:GetSchemaByDefinition", "glue:GetSchemaVersion", "glue:GetSchemaVersionsDiff", "glue:GetSecurityConfiguration", "glue:GetSecurityConfigurations", "glue:GetSession", "glue:GetStage", "glue:GetStageAttempt", "glue:GetStageAttemptTaskList", "glue:GetStageAttemptTaskSummary", "glue:GetStageFiles", "glue:GetStages", "glue:GetStatement", "glue:GetStorage", "glue:GetStorageUnit", "glue:GetTable", "glue:GetTableOptimizer", "glue:GetTableVersion", "glue:GetTableVersions", "glue:GetTables", "glue:GetTags", "glue:GetTrigger", "glue:GetTriggers", "glue:GetUserDefinedFunction", "glue:GetUserDefinedFunctions", "glue:GetWorkflow", "glue:GetWorkflowRun", "glue:GetWorkflowRunProperties", "glue:GetWorkflowRuns", "glue:GlueNotebookAuthorize", "glue:GlueNotebookRefreshCredentials", "glue:ImportCatalogToGlue", "glue:ListBlueprints", "glue:ListColumnStatisticsTaskRuns", "glue:ListCrawlers", "glue:ListCrawls", "glue:ListCustomEntityTypes", "glue:ListDataQualityResults", "glue:ListDataQualityRuleRecommendationRuns", "glue:ListDataQualityRulesetEvaluationRuns", "glue:ListDataQualityRulesets", "glue:ListDevEndpoints", "glue:ListJobs", "glue:ListMLTransforms", "glue:ListRegistries", "glue:ListSchemaVersions", "glue:ListSchemas", "glue:ListSessions", "glue:ListStatements", "glue:ListTableOptimizerRuns", "glue:ListTriggers", "glue:ListWorkflows", "glue:NotifyEvent", "glue:PassConnection", "glue:PublishDataQuality", "glue:PutDataCatalogEncryptionSettings", "glue:PutResourcePolicy", "glue:PutSchemaVersionMetadata", "glue:PutWorkflowRunProperties", "glue:QuerySchemaVersionMetadata", "glue:RegisterSchemaVersion", "glue:RemoveSchemaVersionMetadata", "glue:RequestLogParsing", "glue:ResetJobBookmark", "glue:ResumeWorkflowRun", "glue:RunDataPreviewStatement", "glue:RunStatement", "glue:SearchTables", "glue:SendFeedback", "glue:StartBlueprintRun", "glue:StartColumnStatisticsTaskRun", "glue:StartCompletion", "glue:StartCrawler", "glue:StartCrawlerSchedule", "glue:StartDataQualityRuleRecommendationRun", "glue:StartDataQualityRulesetEvaluationRun", "glue:StartExportLabelsTaskRun", "glue:StartImportLabelsTaskRun", "glue:StartJobRun", "glue:StartMLEvaluationTaskRun", "glue:StartMLLabelingSetGenerationTaskRun", "glue:StartNotebook", "glue:StartTrigger", "glue:StartWorkflowRun", "glue:StopColumnStatisticsTaskRun", "glue:StopCrawler", "glue:StopCrawlerSchedule", "glue:StopSession", "glue:StopTrigger", "glue:StopWorkflowRun", "glue:TagResource", "glue:TerminateNotebook", "glue:TestConnection", "glue:UntagResource", "glue:UpdateBlueprint", "glue:UpdateClassifier", "glue:UpdateColumnStatisticsForPartition", "glue:UpdateColumnStatisticsForTable", "glue:UpdateConnection", "glue:UpdateCrawler", "glue:UpdateCrawlerSchedule", "glue:UpdateDataQualityRuleset", "glue:UpdateDatabase", "glue:UpdateDevEndpoint", "glue:UpdateJob", "glue:UpdateJobFromSourceControl", "glue:UpdateMLTransform", "glue:UpdatePartition", "glue:UpdateRegistry", "glue:UpdateSchema", "glue:UpdateSourceControlFromJob", "glue:UpdateTable", "glue:UpdateTableOptimizer", "glue:UpdateTrigger", "glue:UpdateUserDefinedFunction", "glue:UpdateWorkflow", "glue:UseGlueStudio", "glue:UseMLTransforms", "grafana:AssociateLicense", "grafana:CreateWorkspace", "grafana:CreateWorkspaceApiKey", "grafana:DeleteWorkspace", "grafana:DeleteWorkspaceApiKey", "grafana:DescribeWorkspace", "grafana:DescribeWorkspaceAuthentication", "grafana:DescribeWorkspaceConfiguration", "grafana:DisassociateLicense", "grafana:ListPermissions", "grafana:ListTagsForResource", "grafana:ListVersions", "grafana:ListWorkspaces", "grafana:TagResource", "grafana:UntagResource", "grafana:UpdatePermissions", "grafana:UpdateWorkspace", "grafana:UpdateWorkspaceAuthentication", "grafana:UpdateWorkspaceConfiguration", "greengrass:AssociateServiceRoleToAccount", "greengrass:BatchAssociateClientDeviceWithCoreDevice", "greengrass:BatchDisassociateClientDeviceFromCoreDevice", "greengrass:CancelDeployment", "greengrass:CreateComponentVersion", "greengrass:CreateDeployment", "greengrass:DeleteComponent", "greengrass:DeleteCoreDevice", "greengrass:DeleteDeployment", "greengrass:DescribeComponent", "greengrass:DisassociateServiceRoleFromAccount", "greengrass:GetComponent", "greengrass:GetComponentVersionArtifact", "greengrass:GetConnectivityInfo", "greengrass:GetCoreDevice", "greengrass:GetDeployment", "greengrass:GetServiceRoleForAccount", "greengrass:ListClientDevicesAssociatedWithCoreDevice", "greengrass:ListComponentVersions", "greengrass:ListComponents", "greengrass:ListCoreDevices", "greengrass:ListDeployments", "greengrass:ListEffectiveDeployments", "greengrass:ListInstalledComponents", "greengrass:ListTagsForResource", "greengrass:ResolveComponentCandidates", "greengrass:TagResource", "greengrass:UntagResource", "greengrass:UpdateConnectivityInfo", "greengrass:AssociateRoleToGroup", "greengrass:CreateConnectorDefinition", "greengrass:CreateConnectorDefinitionVersion", "greengrass:CreateCoreDefinition", "greengrass:CreateCoreDefinitionVersion", "greengrass:CreateDeviceDefinition", "greengrass:CreateDeviceDefinitionVersion", "greengrass:CreateFunctionDefinition", "greengrass:CreateFunctionDefinitionVersion", "greengrass:CreateGroup", "greengrass:CreateGroupCertificateAuthority", "greengrass:CreateGroupVersion", "greengrass:CreateLoggerDefinition", "greengrass:CreateLoggerDefinitionVersion", "greengrass:CreateResourceDefinition", "greengrass:CreateResourceDefinitionVersion", "greengrass:CreateSoftwareUpdateJob", "greengrass:CreateSubscriptionDefinition", "greengrass:CreateSubscriptionDefinitionVersion", "greengrass:DeleteConnectorDefinition", "greengrass:DeleteCoreDefinition", "greengrass:DeleteDeviceDefinition", "greengrass:DeleteFunctionDefinition", "greengrass:DeleteGroup", "greengrass:DeleteLoggerDefinition", "greengrass:DeleteResourceDefinition", "greengrass:DeleteSubscriptionDefinition", "greengrass:DisassociateRoleFromGroup", "greengrass:Discover", "greengrass:GetAssociatedRole", "greengrass:GetBulkDeploymentStatus", "greengrass:GetConnectorDefinition", "greengrass:GetConnectorDefinitionVersion", "greengrass:GetCoreDefinition", "greengrass:GetCoreDefinitionVersion", "greengrass:GetDeploymentStatus", "greengrass:GetDeviceDefinition", "greengrass:GetDeviceDefinitionVersion", "greengrass:GetFunctionDefinition", "greengrass:GetFunctionDefinitionVersion", "greengrass:GetGroup", "greengrass:GetGroupCertificateAuthority", "greengrass:GetGroupCertificateConfiguration", "greengrass:GetGroupVersion", "greengrass:GetLoggerDefinition", "greengrass:GetLoggerDefinitionVersion", "greengrass:GetResourceDefinition", "greengrass:GetResourceDefinitionVersion", "greengrass:GetSubscriptionDefinition", "greengrass:GetSubscriptionDefinitionVersion", "greengrass:GetThingRuntimeConfiguration", "greengrass:ListBulkDeploymentDetailedReports", "greengrass:ListBulkDeployments", "greengrass:ListConnectorDefinitionVersions", "greengrass:ListConnectorDefinitions", "greengrass:ListCoreDefinitionVersions", "greengrass:ListCoreDefinitions", "greengrass:ListDeviceDefinitionVersions", "greengrass:ListDeviceDefinitions", "greengrass:ListFunctionDefinitionVersions", "greengrass:ListFunctionDefinitions", "greengrass:ListGroupCertificateAuthorities", "greengrass:ListGroupVersions", "greengrass:ListGroups", "greengrass:ListLoggerDefinitionVersions", "greengrass:ListLoggerDefinitions", "greengrass:ListResourceDefinitionVersions", "greengrass:ListResourceDefinitions", "greengrass:ListSubscriptionDefinitionVersions", "greengrass:ListSubscriptionDefinitions", "greengrass:ResetDeployments", "greengrass:StartBulkDeployment", "greengrass:StopBulkDeployment", "greengrass:UpdateConnectorDefinition", "greengrass:UpdateCoreDefinition", "greengrass:UpdateDeviceDefinition", "greengrass:UpdateFunctionDefinition", "greengrass:UpdateGroup", "greengrass:UpdateGroupCertificateConfiguration", "greengrass:UpdateLoggerDefinition", "greengrass:UpdateResourceDefinition", "greengrass:UpdateSubscriptionDefinition", "greengrass:UpdateThingRuntimeConfiguration", "groundstation:CancelContact", "groundstation:CreateConfig", "groundstation:CreateDataflowEndpointGroup", "groundstation:CreateEphemeris", "groundstation:CreateMissionProfile", "groundstation:DeleteConfig", "groundstation:DeleteDataflowEndpointGroup", "groundstation:DeleteEphemeris", "groundstation:DeleteMissionProfile", "groundstation:DescribeContact", "groundstation:DescribeEphemeris", "groundstation:GetAgentConfiguration", "groundstation:GetConfig", "groundstation:GetDataflowEndpointGroup", "groundstation:GetMinuteUsage", "groundstation:GetMissionProfile", "groundstation:GetSatellite", "groundstation:ListConfigs", "groundstation:ListContacts", "groundstation:ListDataflowEndpointGroups", "groundstation:ListEphemerides", "groundstation:ListGroundStations", "groundstation:ListMissionProfiles", "groundstation:ListSatellites", "groundstation:ListTagsForResource", "groundstation:RegisterAgent", "groundstation:ReserveContact", "groundstation:TagResource", "groundstation:UntagResource", "groundstation:UpdateAgentStatus", "groundstation:UpdateConfig", "groundstation:UpdateEphemeris", "groundstation:UpdateMissionProfile", "groundtruthlabeling:AssociatePatchToManifestJob", "groundtruthlabeling:CreateBatch", "groundtruthlabeling:CreateIntakeForm", "groundtruthlabeling:CreateProject", "groundtruthlabeling:CreateWorkflowDefinition", "groundtruthlabeling:DescribeConsoleJob", "groundtruthlabeling:GenerateLIDARPreviewTaskConfigJob", "groundtruthlabeling:GetBatch", "groundtruthlabeling:GetIntakeFormStatus", "groundtruthlabeling:ListBatches", "groundtruthlabeling:ListDatasetObjects", "groundtruthlabeling:ListProjects", "groundtruthlabeling:RunFilterOrSampleDatasetJob", "groundtruthlabeling:RunGenerateManifestByCrawlingJob", "groundtruthlabeling:RunGenerateManifestMetricsJob", "groundtruthlabeling:UpdateBatch", "guardduty:AcceptAdministratorInvitation", "guardduty:AcceptInvitation", "guardduty:ArchiveFindings", "guardduty:CreateDetector", "guardduty:CreateFilter", "guardduty:CreateIPSet", "guardduty:CreateMembers", "guardduty:CreatePublishingDestination", "guardduty:CreateSampleFindings", "guardduty:CreateThreatIntelSet", "guardduty:DeclineInvitations", "guardduty:DeleteDetector", "guardduty:DeleteFilter", "guardduty:DeleteIPSet", "guardduty:DeleteInvitations", "guardduty:DeleteMembers", "guardduty:DeletePublishingDestination", "guardduty:DeleteThreatIntelSet", "guardduty:DescribeMalwareScans", "guardduty:DescribeOrganizationConfiguration", "guardduty:DescribePublishingDestination", "guardduty:DisableOrganizationAdminAccount", "guardduty:DisassociateFromAdministratorAccount", "guardduty:DisassociateFromMasterAccount", "guardduty:DisassociateMembers", "guardduty:EnableOrganizationAdminAccount", "guardduty:GetAdministratorAccount", "guardduty:GetCoverageStatistics", "guardduty:GetDetector", "guardduty:GetFilter", "guardduty:GetFindings", "guardduty:GetFindingsStatistics", "guardduty:GetIPSet", "guardduty:GetInvitationsCount", "guardduty:GetMalwareScanSettings", "guardduty:GetMasterAccount", "guardduty:GetMemberDetectors", "guardduty:GetMembers", "guardduty:GetOrganizationStatistics", "guardduty:GetRemainingFreeTrialDays", "guardduty:GetThreatIntelSet", "guardduty:GetUsageStatistics", "guardduty:InviteMembers", "guardduty:ListCoverage", "guardduty:ListDetectors", "guardduty:ListFilters", "guardduty:ListFindings", "guardduty:ListIPSets", "guardduty:ListInvitations", "guardduty:ListMembers", "guardduty:ListOrganizationAdminAccounts", "guardduty:ListPublishingDestinations", "guardduty:ListTagsForResource", "guardduty:ListThreatIntelSets", "guardduty:SendSecurityTelemetry", "guardduty:StartMalwareScan", "guardduty:StartMonitoringMembers", "guardduty:StopMonitoringMembers", "guardduty:TagResource", "guardduty:UnarchiveFindings", "guardduty:UntagResource", "guardduty:UpdateDetector", "guardduty:UpdateFilter", "guardduty:UpdateFindingsFeedback", "guardduty:UpdateIPSet", "guardduty:UpdateMalwareScanSettings", "guardduty:UpdateMemberDetectors", "guardduty:UpdateOrganizationConfiguration", "guardduty:UpdatePublishingDestination", "guardduty:UpdateThreatIntelSet", "health:DescribeAffectedAccountsForOrganization", "health:DescribeAffectedEntities", "health:DescribeAffectedEntitiesForOrganization", "health:DescribeEntityAggregates", "health:DescribeEntityAggregatesForOrganization", "health:DescribeEventAggregates", "health:DescribeEventDetails", "health:DescribeEventDetailsForOrganization", "health:DescribeEventTypes", "health:DescribeEvents", "health:DescribeEventsForOrganization", "health:DescribeHealthServiceStatusForOrganization", "health:DisableHealthServiceAccessForOrganization", "health:EnableHealthServiceAccessForOrganization", "healthlake:CreateFHIRDatastore", "healthlake:CreateResource", "healthlake:DeleteFHIRDatastore", "healthlake:DeleteResource", "healthlake:DescribeFHIRDatastore", "healthlake:DescribeFHIRExportJob", "healthlake:DescribeFHIRImportJob", "healthlake:GetCapabilities", "healthlake:ListFHIRDatastores", "healthlake:ListFHIRExportJobs", "healthlake:ListFHIRImportJobs", "healthlake:ListTagsForResource", "healthlake:ReadResource", "healthlake:SearchWithGet", "healthlake:SearchWithPost", "healthlake:StartFHIRExportJob", "healthlake:StartFHIRImportJob", "healthlake:TagResource", "healthlake:UntagResource", "healthlake:UpdateResource", "honeycode:ApproveTeamAssociation", "honeycode:BatchCreateTableRows", "honeycode:BatchDeleteTableRows", "honeycode:BatchUpdateTableRows", "honeycode:BatchUpsertTableRows", "honeycode:CreateTeam", "honeycode:CreateTenant", "honeycode:DeleteDomains", "honeycode:DeregisterGroups", "honeycode:DescribeTableDataImportJob", "honeycode:DescribeTeam", "honeycode:GetScreenData", "honeycode:InvokeScreenAutomation", "honeycode:ListDomains", "honeycode:ListGroups", "honeycode:ListTableColumns", "honeycode:ListTableRows", "honeycode:ListTables", "honeycode:ListTagsForResource", "honeycode:ListTeamAssociations", "honeycode:ListTenants", "honeycode:QueryTableRows", "honeycode:RegisterDomainForVerification", "honeycode:RegisterGroups", "honeycode:RejectTeamAssociation", "honeycode:RestartDomainVerification", "honeycode:StartTableDataImportJob", "honeycode:TagResource", "honeycode:UntagResource", "honeycode:UpdateTeam", "iam:AddClientIDToOpenIDConnectProvider", "iam:AddRoleToInstanceProfile", "iam:AddUserToGroup", "iam:AttachGroupPolicy", "iam:AttachRolePolicy", "iam:AttachUserPolicy", "iam:ChangePassword", "iam:CreateAccessKey", "iam:CreateAccountAlias", "iam:CreateGroup", "iam:CreateInstanceProfile", "iam:CreateLoginProfile", "iam:CreateOpenIDConnectProvider", "iam:CreatePolicy", "iam:CreatePolicyVersion", "iam:CreateRole", "iam:CreateSAMLProvider", "iam:CreateServiceLinkedRole", "iam:CreateServiceSpecificCredential", "iam:CreateUser", "iam:CreateVirtualMFADevice", "iam:DeactivateMFADevice", "iam:DeleteAccessKey", "iam:DeleteAccountAlias", "iam:DeleteAccountPasswordPolicy", "iam:DeleteCloudFrontPublicKey", "iam:DeleteGroup", "iam:DeleteGroupPolicy", "iam:DeleteInstanceProfile", "iam:DeleteLoginProfile", "iam:DeleteOpenIDConnectProvider", "iam:DeletePolicy", "iam:DeletePolicyVersion", "iam:DeleteRole", "iam:DeleteRolePermissionsBoundary", "iam:DeleteRolePolicy", "iam:DeleteSAMLProvider", "iam:DeleteSSHPublicKey", "iam:DeleteServerCertificate", "iam:DeleteServiceLinkedRole", "iam:DeleteServiceSpecificCredential", "iam:DeleteSigningCertificate", "iam:DeleteUser", "iam:DeleteUserPermissionsBoundary", "iam:DeleteUserPolicy", "iam:DeleteVirtualMFADevice", "iam:DetachGroupPolicy", "iam:DetachRolePolicy", "iam:DetachUserPolicy", "iam:EnableMFADevice", "iam:GenerateCredentialReport", "iam:GenerateOrganizationsAccessReport", "iam:GenerateServiceLastAccessedDetails", "iam:GetAccessKeyLastUsed", "iam:GetAccountAuthorizationDetails", "iam:GetAccountEmailAddress", "iam:GetAccountName", "iam:GetAccountPasswordPolicy", "iam:GetAccountSummary", "iam:GetCloudFrontPublicKey", "iam:GetContextKeysForCustomPolicy", "iam:GetContextKeysForPrincipalPolicy", "iam:GetCredentialReport", "iam:GetGroup", "iam:GetGroupPolicy", "iam:GetInstanceProfile", "iam:GetLoginProfile", "iam:GetMFADevice", "iam:GetOpenIDConnectProvider", "iam:GetOrganizationsAccessReport", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:GetRole", "iam:GetRolePolicy", "iam:GetSAMLProvider", "iam:GetSSHPublicKey", "iam:GetServerCertificate", "iam:GetServiceLastAccessedDetails", "iam:GetServiceLastAccessedDetailsWithEntities", "iam:GetServiceLinkedRoleDeletionStatus", "iam:GetUser", "iam:GetUserPolicy", "iam:ListAccessKeys", "iam:ListAccountAliases", "iam:ListAttachedGroupPolicies", "iam:ListAttachedRolePolicies", "iam:ListAttachedUserPolicies", "iam:ListCloudFrontPublicKeys", "iam:ListEntitiesForPolicy", "iam:ListGroupPolicies", "iam:ListGroups", "iam:ListGroupsForUser", "iam:ListInstanceProfileTags", "iam:ListInstanceProfiles", "iam:ListInstanceProfilesForRole", "iam:ListMFADeviceTags", "iam:ListMFADevices", "iam:ListOpenIDConnectProviderTags", "iam:ListOpenIDConnectProviders", "iam:ListPolicies", "iam:ListPoliciesGrantingServiceAccess", "iam:ListPolicyTags", "iam:ListPolicyVersions", "iam:ListRolePolicies", "iam:ListRoleTags", "iam:ListRoles", "iam:ListSAMLProviderTags", "iam:ListSAMLProviders", "iam:ListSSHPublicKeys", "iam:ListSTSRegionalEndpointsStatus", "iam:ListServerCertificateTags", "iam:ListServerCertificates", "iam:ListServiceSpecificCredentials", "iam:ListSigningCertificates", "iam:ListUserPolicies", "iam:ListUserTags", "iam:ListUsers", "iam:ListVirtualMFADevices", "iam:PassRole", "iam:PutGroupPolicy", "iam:PutRolePermissionsBoundary", "iam:PutRolePolicy", "iam:PutUserPermissionsBoundary", "iam:PutUserPolicy", "iam:RemoveClientIDFromOpenIDConnectProvider", "iam:RemoveRoleFromInstanceProfile", "iam:RemoveUserFromGroup", "iam:ResetServiceSpecificCredential", "iam:ResyncMFADevice", "iam:SetDefaultPolicyVersion", "iam:SetSTSRegionalEndpointStatus", "iam:SetSecurityTokenServicePreferences", "iam:SimulateCustomPolicy", "iam:SimulatePrincipalPolicy", "iam:TagInstanceProfile", "iam:TagMFADevice", "iam:TagOpenIDConnectProvider", "iam:TagPolicy", "iam:TagRole", "iam:TagSAMLProvider", "iam:TagServerCertificate", "iam:TagUser", "iam:UntagInstanceProfile", "iam:UntagMFADevice", "iam:UntagOpenIDConnectProvider", "iam:UntagPolicy", "iam:UntagRole", "iam:UntagSAMLProvider", "iam:UntagServerCertificate", "iam:UntagUser", "iam:UpdateAccessKey", "iam:UpdateAccountEmailAddress", "iam:UpdateAccountName", "iam:UpdateAccountPasswordPolicy", "iam:UpdateAssumeRolePolicy", "iam:UpdateCloudFrontPublicKey", "iam:UpdateGroup", "iam:UpdateLoginProfile", "iam:UpdateOpenIDConnectProviderThumbprint", "iam:UpdateRole", "iam:UpdateRoleDescription", "iam:UpdateSAMLProvider", "iam:UpdateSSHPublicKey", "iam:UpdateServerCertificate", "iam:UpdateServiceSpecificCredential", "iam:UpdateSigningCertificate", "iam:UpdateUser", "iam:UploadCloudFrontPublicKey", "iam:UploadSSHPublicKey", "iam:UploadServerCertificate", "iam:UploadSigningCertificate", "identity-sync:AllowVendedLogDeliveryForResource", "identity-sync:CreateSyncFilter", "identity-sync:CreateSyncProfile", "identity-sync:CreateSyncTarget", "identity-sync:DeleteSyncFilter", "identity-sync:DeleteSyncProfile", "identity-sync:DeleteSyncTarget", "identity-sync:GetSyncProfile", "identity-sync:GetSyncTarget", "identity-sync:ListSyncFilters", "identity-sync:StartSync", "identity-sync:StopSync", "identity-sync:UpdateSyncTarget", "identitystore:CreateGroup", "identitystore:CreateGroupMembership", "identitystore:CreateUser", "identitystore:DeleteGroup", "identitystore:DeleteGroupMembership", "identitystore:DeleteUser", "identitystore:DescribeGroup", "identitystore:DescribeGroupMembership", "identitystore:DescribeUser", "identitystore:GetGroupId", "identitystore:GetGroupMembershipId", "identitystore:GetUserId", "identitystore:IsMemberInGroups", "identitystore:ListGroupMemberships", "identitystore:ListGroupMembershipsForMember", "identitystore:ListGroups", "identitystore:ListUsers", "identitystore:UpdateGroup", "identitystore:UpdateUser", "identitystore-auth:BatchDeleteSession", "identitystore-auth:BatchGetSession", "identitystore-auth:ListSessions", "imagebuilder:CancelImageCreation", "imagebuilder:CancelLifecycleExecution", "imagebuilder:CreateComponent", "imagebuilder:CreateContainerRecipe", "imagebuilder:CreateDistributionConfiguration", "imagebuilder:CreateImage", "imagebuilder:CreateImagePipeline", "imagebuilder:CreateImageRecipe", "imagebuilder:CreateInfrastructureConfiguration", "imagebuilder:CreateLifecyclePolicy", "imagebuilder:CreateWorkflow", "imagebuilder:DeleteComponent", "imagebuilder:DeleteContainerRecipe", "imagebuilder:DeleteDistributionConfiguration", "imagebuilder:DeleteImage", "imagebuilder:DeleteImagePipeline", "imagebuilder:DeleteImageRecipe", "imagebuilder:DeleteInfrastructureConfiguration", "imagebuilder:DeleteLifecyclePolicy", "imagebuilder:DeleteWorkflow", "imagebuilder:GetComponent", "imagebuilder:GetComponentPolicy", "imagebuilder:GetContainerRecipe", "imagebuilder:GetContainerRecipePolicy", "imagebuilder:GetDistributionConfiguration", "imagebuilder:GetImage", "imagebuilder:GetImagePipeline", "imagebuilder:GetImagePolicy", "imagebuilder:GetImageRecipe", "imagebuilder:GetImageRecipePolicy", "imagebuilder:GetInfrastructureConfiguration", "imagebuilder:GetLifecycleExecution", "imagebuilder:GetLifecyclePolicy", "imagebuilder:GetWorkflow", "imagebuilder:GetWorkflowExecution", "imagebuilder:GetWorkflowStepExecution", "imagebuilder:ImportComponent", "imagebuilder:ImportVmImage", "imagebuilder:ListComponentBuildVersions", "imagebuilder:ListComponents", "imagebuilder:ListContainerRecipes", "imagebuilder:ListDistributionConfigurations", "imagebuilder:ListImageBuildVersions", "imagebuilder:ListImagePackages", "imagebuilder:ListImagePipelineImages", "imagebuilder:ListImagePipelines", "imagebuilder:ListImageRecipes", "imagebuilder:ListImageScanFindingAggregations", "imagebuilder:ListImageScanFindings", "imagebuilder:ListImages", "imagebuilder:ListInfrastructureConfigurations", "imagebuilder:ListLifecycleExecutionResources", "imagebuilder:ListLifecycleExecutions", "imagebuilder:ListLifecyclePolicies", "imagebuilder:ListTagsForResource", "imagebuilder:ListWaitingWorkflowSteps", "imagebuilder:ListWorkflowBuildVersions", "imagebuilder:ListWorkflowExecutions", "imagebuilder:ListWorkflowStepExecutions", "imagebuilder:ListWorkflows", "imagebuilder:PutComponentPolicy", "imagebuilder:PutContainerRecipePolicy", "imagebuilder:PutImagePolicy", "imagebuilder:PutImageRecipePolicy", "imagebuilder:SendWorkflowStepAction", "imagebuilder:StartImagePipelineExecution", "imagebuilder:StartResourceStateUpdate", "imagebuilder:TagResource", "imagebuilder:UntagResource", "imagebuilder:UpdateDistributionConfiguration", "imagebuilder:UpdateImagePipeline", "imagebuilder:UpdateInfrastructureConfiguration", "imagebuilder:UpdateLifecyclePolicy", "importexport:CancelJob", "importexport:CreateJob", "importexport:GetShippingLabel", "importexport:GetStatus", "importexport:ListJobs", "importexport:UpdateJob", "inspector:AddAttributesToFindings", "inspector:CreateAssessmentTarget", "inspector:CreateAssessmentTemplate", "inspector:CreateExclusionsPreview", "inspector:CreateResourceGroup", "inspector:DeleteAssessmentRun", "inspector:DeleteAssessmentTarget", "inspector:DeleteAssessmentTemplate", "inspector:DescribeAssessmentRuns", "inspector:DescribeAssessmentTargets", "inspector:DescribeAssessmentTemplates", "inspector:DescribeCrossAccountAccessRole", "inspector:DescribeExclusions", "inspector:DescribeFindings", "inspector:DescribeResourceGroups", "inspector:DescribeRulesPackages", "inspector:GetAssessmentReport", "inspector:GetExclusionsPreview", "inspector:GetTelemetryMetadata", "inspector:ListAssessmentRunAgents", "inspector:ListAssessmentRuns", "inspector:ListAssessmentTargets", "inspector:ListAssessmentTemplates", "inspector:ListEventSubscriptions", "inspector:ListExclusions", "inspector:ListFindings", "inspector:ListRulesPackages", "inspector:ListTagsForResource", "inspector:PreviewAgents", "inspector:RegisterCrossAccountAccessRole", "inspector:RemoveAttributesFromFindings", "inspector:SetTagsForResource", "inspector:StartAssessmentRun", "inspector:StopAssessmentRun", "inspector:SubscribeToEvent", "inspector:UnsubscribeFromEvent", "inspector:UpdateAssessmentTarget", "inspector-scan:ScanSbom", "inspector2:AssociateMember", "inspector2:BatchGetAccountStatus", "inspector2:BatchGetCodeSnippet", "inspector2:BatchGetFindingDetails", "inspector2:BatchGetFreeTrialInfo", "inspector2:BatchGetMemberEc2DeepInspectionStatus", "inspector2:BatchUpdateMemberEc2DeepInspectionStatus", "inspector2:CancelFindingsReport", "inspector2:CancelSbomExport", "inspector2:CreateCisScanConfiguration", "inspector2:CreateFilter", "inspector2:CreateFindingsReport", "inspector2:CreateSbomExport", "inspector2:DeleteCisScanConfiguration", "inspector2:DeleteFilter", "inspector2:DescribeOrganizationConfiguration", "inspector2:Disable", "inspector2:DisableDelegatedAdminAccount", "inspector2:DisassociateMember", "inspector2:Enable", "inspector2:EnableDelegatedAdminAccount", "inspector2:GetCisScanReport", "inspector2:GetCisScanResultDetails", "inspector2:GetConfiguration", "inspector2:GetDelegatedAdminAccount", "inspector2:GetEc2DeepInspectionConfiguration", "inspector2:GetEncryptionKey", "inspector2:GetFindingsReportStatus", "inspector2:GetMember", "inspector2:GetSbomExport", "inspector2:ListAccountPermissions", "inspector2:ListCisScanConfigurations", "inspector2:ListCisScanResultsAggregatedByChecks", "inspector2:ListCisScanResultsAggregatedByTargetResource", "inspector2:ListCisScans", "inspector2:ListCoverage", "inspector2:ListCoverageStatistics", "inspector2:ListDelegatedAdminAccounts", "inspector2:ListFilters", "inspector2:ListFindingAggregations", "inspector2:ListFindings", "inspector2:ListMembers", "inspector2:ListTagsForResource", "inspector2:ListUsageTotals", "inspector2:ResetEncryptionKey", "inspector2:SearchVulnerabilities", "inspector2:SendCisSessionHealth", "inspector2:SendCisSessionTelemetry", "inspector2:StartCisSession", "inspector2:StopCisSession", "inspector2:TagResource", "inspector2:UntagResource", "inspector2:UpdateCisScanConfiguration", "inspector2:UpdateConfiguration", "inspector2:UpdateEc2DeepInspectionConfiguration", "inspector2:UpdateEncryptionKey", "inspector2:UpdateFilter", "inspector2:UpdateOrgEc2DeepInspectionConfiguration", "inspector2:UpdateOrganizationConfiguration", "internetmonitor:CreateMonitor", "internetmonitor:DeleteMonitor", "internetmonitor:GetHealthEvent", "internetmonitor:GetInternetEvent", "internetmonitor:GetMonitor", "internetmonitor:GetQueryResults", "internetmonitor:GetQueryStatus", "internetmonitor:Link", "internetmonitor:ListHealthEvents", "internetmonitor:ListInternetEvents", "internetmonitor:ListMonitors", "internetmonitor:ListTagsForResource", "internetmonitor:StartQuery", "internetmonitor:StopQuery", "internetmonitor:TagResource", "internetmonitor:UntagResource", "internetmonitor:UpdateMonitor", "invoicing:GetInvoiceEmailDeliveryPreferences", "invoicing:GetInvoicePDF", "invoicing:ListInvoiceSummaries", "invoicing:PutInvoiceEmailDeliveryPreferences", "iot:AcceptCertificateTransfer", "iot:AddThingToBillingGroup", "iot:AddThingToThingGroup", "iot:AssociateTargetsWithJob", "iot:AttachPolicy", "iot:AttachPrincipalPolicy", "iot:AttachSecurityProfile", "iot:AttachThingPrincipal", "iot:CancelAuditMitigationActionsTask", "iot:CancelAuditTask", "iot:CancelCertificateTransfer", "iot:CancelDetectMitigationActionsTask", "iot:CancelJob", "iot:CancelJobExecution", "iot:ClearDefaultAuthorizer", "iot:CloseTunnel", "iot:ConfirmTopicRuleDestination", "iot:Connect", "iot:CreateAuditSuppression", "iot:CreateAuthorizer", "iot:CreateBillingGroup", "iot:CreateCertificateFromCsr", "iot:CreateCertificateProvider", "iot:CreateCustomMetric", "iot:CreateDimension", "iot:CreateDomainConfiguration", "iot:CreateDynamicThingGroup", "iot:CreateFleetMetric", "iot:CreateJob", "iot:CreateJobTemplate", "iot:CreateKeysAndCertificate", "iot:CreateMitigationAction", "iot:CreateOTAUpdate", "iot:CreatePackage", "iot:CreatePackageVersion", "iot:CreatePolicy", "iot:CreatePolicyVersion", "iot:CreateProvisioningClaim", "iot:CreateProvisioningTemplate", "iot:CreateProvisioningTemplateVersion", "iot:CreateRoleAlias", "iot:CreateScheduledAudit", "iot:CreateSecurityProfile", "iot:CreateStream", "iot:CreateThing", "iot:CreateThingGroup", "iot:CreateThingType", "iot:CreateTopicRule", "iot:CreateTopicRuleDestination", "iot:DeleteAccountAuditConfiguration", "iot:DeleteAuditSuppression", "iot:DeleteAuthorizer", "iot:DeleteBillingGroup", "iot:DeleteCACertificate", "iot:DeleteCertificate", "iot:DeleteCertificateProvider", "iot:DeleteCustomMetric", "iot:DeleteDimension", "iot:DeleteDomainConfiguration", "iot:DeleteDynamicThingGroup", "iot:DeleteFleetMetric", "iot:DeleteJob", "iot:DeleteJobExecution", "iot:DeleteJobTemplate", "iot:DeleteMitigationAction", "iot:DeleteOTAUpdate", "iot:DeletePackage", "iot:DeletePackageVersion", "iot:DeletePolicy", "iot:DeletePolicyVersion", "iot:DeleteProvisioningTemplate", "iot:DeleteProvisioningTemplateVersion", "iot:DeleteRegistrationCode", "iot:DeleteRoleAlias", "iot:DeleteScheduledAudit", "iot:DeleteSecurityProfile", "iot:DeleteStream", "iot:DeleteThing", "iot:DeleteThingGroup", "iot:DeleteThingShadow", "iot:DeleteThingType", "iot:DeleteTopicRule", "iot:DeleteTopicRuleDestination", "iot:DeleteV2LoggingLevel", "iot:DeprecateThingType", "iot:DescribeAccountAuditConfiguration", "iot:DescribeAuditFinding", "iot:DescribeAuditMitigationActionsTask", "iot:DescribeAuditSuppression", "iot:DescribeAuditTask", "iot:DescribeAuthorizer", "iot:DescribeBillingGroup", "iot:DescribeCACertificate", "iot:DescribeCertificate", "iot:DescribeCertificateProvider", "iot:DescribeCustomMetric", "iot:DescribeDefaultAuthorizer", "iot:DescribeDetectMitigationActionsTask", "iot:DescribeDimension", "iot:DescribeDomainConfiguration", "iot:DescribeEndpoint", "iot:DescribeEventConfigurations", "iot:DescribeFleetMetric", "iot:DescribeIndex", "iot:DescribeJob", "iot:DescribeJobExecution", "iot:DescribeJobTemplate", "iot:DescribeManagedJobTemplate", "iot:DescribeMitigationAction", "iot:DescribeProvisioningTemplate", "iot:DescribeProvisioningTemplateVersion", "iot:DescribeRoleAlias", "iot:DescribeScheduledAudit", "iot:DescribeSecurityProfile", "iot:DescribeStream", "iot:DescribeThing", "iot:DescribeThingGroup", "iot:DescribeThingRegistrationTask", "iot:DescribeThingType", "iot:DescribeTunnel", "iot:DetachPolicy", "iot:DetachPrincipalPolicy", "iot:DetachSecurityProfile", "iot:DetachThingPrincipal", "iot:DisableTopicRule", "iot:EnableTopicRule", "iot:GetBehaviorModelTrainingSummaries", "iot:GetBucketsAggregation", "iot:GetCardinality", "iot:GetEffectivePolicies", "iot:GetIndexingConfiguration", "iot:GetJobDocument", "iot:GetLoggingOptions", "iot:GetOTAUpdate", "iot:GetPackage", "iot:GetPackageConfiguration", "iot:GetPackageVersion", "iot:GetPercentiles", "iot:GetPolicy", "iot:GetPolicyVersion", "iot:GetRegistrationCode", "iot:GetRetainedMessage", "iot:GetStatistics", "iot:GetThingShadow", "iot:GetTopicRule", "iot:GetTopicRuleDestination", "iot:GetV2LoggingOptions", "iot:ListActiveViolations", "iot:ListAttachedPolicies", "iot:ListAuditFindings", "iot:ListAuditMitigationActionsExecutions", "iot:ListAuditMitigationActionsTasks", "iot:ListAuditSuppressions", "iot:ListAuditTasks", "iot:ListAuthorizers", "iot:ListBillingGroups", "iot:ListCACertificates", "iot:ListCertificateProviders", "iot:ListCertificates", "iot:ListCertificatesByCA", "iot:ListCustomMetrics", "iot:ListDetectMitigationActionsExecutions", "iot:ListDetectMitigationActionsTasks", "iot:ListDimensions", "iot:ListDomainConfigurations", "iot:ListFleetMetrics", "iot:ListIndices", "iot:ListJobExecutionsForJob", "iot:ListJobExecutionsForThing", "iot:ListJobTemplates", "iot:ListJobs", "iot:ListManagedJobTemplates", "iot:ListMetricValues", "iot:ListMitigationActions", "iot:ListNamedShadowsForThing", "iot:ListOTAUpdates", "iot:ListOutgoingCertificates", "iot:ListPackageVersions", "iot:ListPackages", "iot:ListPolicies", "iot:ListPolicyPrincipals", "iot:ListPolicyVersions", "iot:ListPrincipalPolicies", "iot:ListPrincipalThings", "iot:ListProvisioningTemplateVersions", "iot:ListProvisioningTemplates", "iot:ListRelatedResourcesForAuditFinding", "iot:ListRetainedMessages", "iot:ListRoleAliases", "iot:ListScheduledAudits", "iot:ListSecurityProfiles", "iot:ListSecurityProfilesForTarget", "iot:ListStreams", "iot:ListTagsForResource", "iot:ListTargetsForPolicy", "iot:ListTargetsForSecurityProfile", "iot:ListThingGroups", "iot:ListThingGroupsForThing", "iot:ListThingPrincipals", "iot:ListThingRegistrationTaskReports", "iot:ListThingRegistrationTasks", "iot:ListThingTypes", "iot:ListThings", "iot:ListThingsInBillingGroup", "iot:ListThingsInThingGroup", "iot:ListTopicRuleDestinations", "iot:ListTopicRules", "iot:ListTunnels", "iot:ListV2LoggingLevels", "iot:ListViolationEvents", "iot:OpenTunnel", "iot:Publish", "iot:PutVerificationStateOnViolation", "iot:Receive", "iot:RegisterCACertificate", "iot:RegisterCertificate", "iot:RegisterCertificateWithoutCA", "iot:RegisterThing", "iot:RejectCertificateTransfer", "iot:RemoveThingFromBillingGroup", "iot:RemoveThingFromThingGroup", "iot:ReplaceTopicRule", "iot:RetainPublish", "iot:RotateTunnelAccessToken", "iot:SearchIndex", "iot:SetDefaultAuthorizer", "iot:SetDefaultPolicyVersion", "iot:SetLoggingOptions", "iot:SetV2LoggingLevel", "iot:SetV2LoggingOptions", "iot:StartAuditMitigationActionsTask", "iot:StartDetectMitigationActionsTask", "iot:StartOnDemandAuditTask", "iot:StartThingRegistrationTask", "iot:StopThingRegistrationTask", "iot:Subscribe", "iot:TagResource", "iot:TestAuthorization", "iot:TestInvokeAuthorizer", "iot:TransferCertificate", "iot:UntagResource", "iot:UpdateAccountAuditConfiguration", "iot:UpdateAuditSuppression", "iot:UpdateAuthorizer", "iot:UpdateBillingGroup", "iot:UpdateCACertificate", "iot:UpdateCertificate", "iot:UpdateCertificateProvider", "iot:UpdateCustomMetric", "iot:UpdateDimension", "iot:UpdateDomainConfiguration", "iot:UpdateDynamicThingGroup", "iot:UpdateEventConfigurations", "iot:UpdateFleetMetric", "iot:UpdateIndexingConfiguration", "iot:UpdateJob", "iot:UpdateMitigationAction", "iot:UpdatePackage", "iot:UpdatePackageConfiguration", "iot:UpdatePackageVersion", "iot:UpdateProvisioningTemplate", "iot:UpdateRoleAlias", "iot:UpdateScheduledAudit", "iot:UpdateSecurityProfile", "iot:UpdateStream", "iot:UpdateThing", "iot:UpdateThingGroup", "iot:UpdateThingGroupsForThing", "iot:UpdateThingShadow", "iot:UpdateTopicRuleDestination", "iot:ValidateSecurityProfileBehaviors", "iot-device-tester:CheckVersion", "iot-device-tester:DownloadTestSuite", "iot-device-tester:LatestIdt", "iot-device-tester:SendMetrics", "iot-device-tester:SupportedVersion", "iot1click:AssociateDeviceWithPlacement", "iot1click:ClaimDevicesByClaimCode", "iot1click:CreatePlacement", "iot1click:CreateProject", "iot1click:DeletePlacement", "iot1click:DeleteProject", "iot1click:DescribeDevice", "iot1click:DescribePlacement", "iot1click:DescribeProject", "iot1click:DisassociateDeviceFromPlacement", "iot1click:FinalizeDeviceClaim", "iot1click:GetDeviceMethods", "iot1click:GetDevicesInPlacement", "iot1click:InitiateDeviceClaim", "iot1click:InvokeDeviceMethod", "iot1click:ListDeviceEvents", "iot1click:ListDevices", "iot1click:ListPlacements", "iot1click:ListProjects", "iot1click:ListTagsForResource", "iot1click:TagResource", "iot1click:UnclaimDevice", "iot1click:UntagResource", "iot1click:UpdateDeviceState", "iot1click:UpdatePlacement", "iot1click:UpdateProject", "iotanalytics:BatchPutMessage", "iotanalytics:CancelPipelineReprocessing", "iotanalytics:CreateChannel", "iotanalytics:CreateDataset", "iotanalytics:CreateDatasetContent", "iotanalytics:CreateDatastore", "iotanalytics:CreatePipeline", "iotanalytics:DeleteChannel", "iotanalytics:DeleteDataset", "iotanalytics:DeleteDatasetContent", "iotanalytics:DeleteDatastore", "iotanalytics:DeletePipeline", "iotanalytics:DescribeChannel", "iotanalytics:DescribeDataset", "iotanalytics:DescribeDatastore", "iotanalytics:DescribeLoggingOptions", "iotanalytics:DescribePipeline", "iotanalytics:GetDatasetContent", "iotanalytics:ListChannels", "iotanalytics:ListDatasetContents", "iotanalytics:ListDatasets", "iotanalytics:ListDatastores", "iotanalytics:ListPipelines", "iotanalytics:ListTagsForResource", "iotanalytics:PutLoggingOptions", "iotanalytics:RunPipelineActivity", "iotanalytics:SampleChannelData", "iotanalytics:StartPipelineReprocessing", "iotanalytics:TagResource", "iotanalytics:UntagResource", "iotanalytics:UpdateChannel", "iotanalytics:UpdateDataset", "iotanalytics:UpdateDatastore", "iotanalytics:UpdatePipeline", "iotdeviceadvisor:CreateSuiteDefinition", "iotdeviceadvisor:DeleteSuiteDefinition", "iotdeviceadvisor:GetEndpoint", "iotdeviceadvisor:GetSuiteDefinition", "iotdeviceadvisor:GetSuiteRun", "iotdeviceadvisor:GetSuiteRunReport", "iotdeviceadvisor:ListSuiteDefinitions", "iotdeviceadvisor:ListSuiteRuns", "iotdeviceadvisor:ListTagsForResource", "iotdeviceadvisor:StartSuiteRun", "iotdeviceadvisor:StopSuiteRun", "iotdeviceadvisor:TagResource", "iotdeviceadvisor:UntagResource", "iotdeviceadvisor:UpdateSuiteDefinition", "iotevents:BatchAcknowledgeAlarm", "iotevents:BatchDeleteDetector", "iotevents:BatchDisableAlarm", "iotevents:BatchEnableAlarm", "iotevents:BatchPutMessage", "iotevents:BatchResetAlarm", "iotevents:BatchSnoozeAlarm", "iotevents:BatchUpdateDetector", "iotevents:CreateAlarmModel", "iotevents:CreateDetectorModel", "iotevents:CreateInput", "iotevents:DeleteAlarmModel", "iotevents:DeleteDetectorModel", "iotevents:DeleteInput", "iotevents:DescribeAlarm", "iotevents:DescribeAlarmModel", "iotevents:DescribeDetector", "iotevents:DescribeDetectorModel", "iotevents:DescribeDetectorModelAnalysis", "iotevents:DescribeInput", "iotevents:DescribeLoggingOptions", "iotevents:GetDetectorModelAnalysisResults", "iotevents:ListAlarmModelVersions", "iotevents:ListAlarmModels", "iotevents:ListAlarms", "iotevents:ListDetectorModelVersions", "iotevents:ListDetectorModels", "iotevents:ListDetectors", "iotevents:ListInputRoutings", "iotevents:ListInputs", "iotevents:ListTagsForResource", "iotevents:PutLoggingOptions", "iotevents:StartDetectorModelAnalysis", "iotevents:TagResource", "iotevents:UntagResource", "iotevents:UpdateAlarmModel", "iotevents:UpdateDetectorModel", "iotevents:UpdateInput", "iotevents:UpdateInputRouting", "iotfleethub:CreateApplication", "iotfleethub:DeleteApplication", "iotfleethub:DescribeApplication", "iotfleethub:ListApplications", "iotfleethub:ListTagsForResource", "iotfleethub:TagResource", "iotfleethub:UntagResource", "iotfleethub:UpdateApplication", "iotfleetwise:AssociateVehicleFleet", "iotfleetwise:BatchCreateVehicle", "iotfleetwise:BatchUpdateVehicle", "iotfleetwise:CreateCampaign", "iotfleetwise:CreateDecoderManifest", "iotfleetwise:CreateFleet", "iotfleetwise:CreateModelManifest", "iotfleetwise:CreateSignalCatalog", "iotfleetwise:CreateVehicle", "iotfleetwise:DeleteCampaign", "iotfleetwise:DeleteDecoderManifest", "iotfleetwise:DeleteFleet", "iotfleetwise:DeleteModelManifest", "iotfleetwise:DeleteSignalCatalog", "iotfleetwise:DeleteVehicle", "iotfleetwise:DisassociateVehicleFleet", "iotfleetwise:GetCampaign", "iotfleetwise:GetDecoderManifest", "iotfleetwise:GetEncryptionConfiguration", "iotfleetwise:GetFleet", "iotfleetwise:GetLoggingOptions", "iotfleetwise:GetModelManifest", "iotfleetwise:GetRegisterAccountStatus", "iotfleetwise:GetSignalCatalog", "iotfleetwise:GetVehicle", "iotfleetwise:GetVehicleStatus", "iotfleetwise:ImportDecoderManifest", "iotfleetwise:ImportSignalCatalog", "iotfleetwise:ListCampaigns", "iotfleetwise:ListDecoderManifestNetworkInterfaces", "iotfleetwise:ListDecoderManifestSignals", "iotfleetwise:ListDecoderManifests", "iotfleetwise:ListFleets", "iotfleetwise:ListFleetsForVehicle", "iotfleetwise:ListModelManifestNodes", "iotfleetwise:ListModelManifests", "iotfleetwise:ListSignalCatalogNodes", "iotfleetwise:ListSignalCatalogs", "iotfleetwise:ListTagsForResource", "iotfleetwise:ListVehicles", "iotfleetwise:ListVehiclesInFleet", "iotfleetwise:PutEncryptionConfiguration", "iotfleetwise:PutLoggingOptions", "iotfleetwise:RegisterAccount", "iotfleetwise:TagResource", "iotfleetwise:UntagResource", "iotfleetwise:UpdateCampaign", "iotfleetwise:UpdateDecoderManifest", "iotfleetwise:UpdateFleet", "iotfleetwise:UpdateModelManifest", "iotfleetwise:UpdateSignalCatalog", "iotfleetwise:UpdateVehicle", "iotjobsdata:DescribeJobExecution", "iotjobsdata:GetPendingJobExecutions", "iotjobsdata:StartNextPendingJobExecution", "iotjobsdata:UpdateJobExecution", "iotroborunner:CreateDestination", "iotroborunner:CreateSite", "iotroborunner:CreateWorker", "iotroborunner:CreateWorkerFleet", "iotroborunner:DeleteDestination", "iotroborunner:DeleteSite", "iotroborunner:DeleteWorker", "iotroborunner:DeleteWorkerFleet", "iotroborunner:GetDestination", "iotroborunner:GetSite", "iotroborunner:GetWorker", "iotroborunner:GetWorkerFleet", "iotroborunner:ListDestinations", "iotroborunner:ListSites", "iotroborunner:ListWorkerFleets", "iotroborunner:ListWorkers", "iotroborunner:UpdateDestination", "iotroborunner:UpdateSite", "iotroborunner:UpdateWorker", "iotroborunner:UpdateWorkerFleet", "iotsitewise:AssociateAssets", "iotsitewise:AssociateTimeSeriesToAssetProperty", "iotsitewise:BatchAssociateProjectAssets", "iotsitewise:BatchDisassociateProjectAssets", "iotsitewise:BatchGetAssetPropertyAggregates", "iotsitewise:BatchGetAssetPropertyValue", "iotsitewise:BatchGetAssetPropertyValueHistory", "iotsitewise:BatchPutAssetPropertyValue", "iotsitewise:CreateAccessPolicy", "iotsitewise:CreateAsset", "iotsitewise:CreateAssetModel", "iotsitewise:CreateAssetModelCompositeModel", "iotsitewise:CreateBulkImportJob", "iotsitewise:CreateDashboard", "iotsitewise:CreateGateway", "iotsitewise:CreatePortal", "iotsitewise:CreateProject", "iotsitewise:DeleteAccessPolicy", "iotsitewise:DeleteAsset", "iotsitewise:DeleteAssetModel", "iotsitewise:DeleteAssetModelCompositeModel", "iotsitewise:DeleteDashboard", "iotsitewise:DeleteGateway", "iotsitewise:DeletePortal", "iotsitewise:DeleteProject", "iotsitewise:DeleteTimeSeries", "iotsitewise:DescribeAccessPolicy", "iotsitewise:DescribeAction", "iotsitewise:DescribeAsset", "iotsitewise:DescribeAssetCompositeModel", "iotsitewise:DescribeAssetModel", "iotsitewise:DescribeAssetModelCompositeModel", "iotsitewise:DescribeAssetProperty", "iotsitewise:DescribeBulkImportJob", "iotsitewise:DescribeDashboard", "iotsitewise:DescribeDefaultEncryptionConfiguration", "iotsitewise:DescribeGateway", "iotsitewise:DescribeGatewayCapabilityConfiguration", "iotsitewise:DescribeLoggingOptions", "iotsitewise:DescribePortal", "iotsitewise:DescribeProject", "iotsitewise:DescribeStorageConfiguration", "iotsitewise:DescribeTimeSeries", "iotsitewise:DisassociateAssets", "iotsitewise:DisassociateTimeSeriesFromAssetProperty", "iotsitewise:EnableSiteWiseIntegration", "iotsitewise:ExecuteAction", "iotsitewise:ExecuteQuery", "iotsitewise:GetAssetPropertyAggregates", "iotsitewise:GetAssetPropertyValue", "iotsitewise:GetAssetPropertyValueHistory", "iotsitewise:GetInterpolatedAssetPropertyValues", "iotsitewise:ListAccessPolicies", "iotsitewise:ListActions", "iotsitewise:ListAssetModelCompositeModels", "iotsitewise:ListAssetModelProperties", "iotsitewise:ListAssetModels", "iotsitewise:ListAssetProperties", "iotsitewise:ListAssetRelationships", "iotsitewise:ListAssets", "iotsitewise:ListAssociatedAssets", "iotsitewise:ListBulkImportJobs", "iotsitewise:ListCompositionRelationships", "iotsitewise:ListDashboards", "iotsitewise:ListGateways", "iotsitewise:ListPortals", "iotsitewise:ListProjectAssets", "iotsitewise:ListProjects", "iotsitewise:ListTagsForResource", "iotsitewise:ListTimeSeries", "iotsitewise:PutDefaultEncryptionConfiguration", "iotsitewise:PutLoggingOptions", "iotsitewise:PutStorageConfiguration", "iotsitewise:TagResource", "iotsitewise:UntagResource", "iotsitewise:UpdateAccessPolicy", "iotsitewise:UpdateAsset", "iotsitewise:UpdateAssetModel", "iotsitewise:UpdateAssetModelCompositeModel", "iotsitewise:UpdateAssetModelPropertyRouting", "iotsitewise:UpdateAssetProperty", "iotsitewise:UpdateDashboard", "iotsitewise:UpdateGateway", "iotsitewise:UpdateGatewayCapabilityConfiguration", "iotsitewise:UpdatePortal", "iotsitewise:UpdateProject", "iottwinmaker:BatchPutPropertyValues", "iottwinmaker:CancelMetadataTransferJob", "iottwinmaker:CreateComponentType", "iottwinmaker:CreateEntity", "iottwinmaker:CreateMetadataTransferJob", "iottwinmaker:CreateScene", "iottwinmaker:CreateSyncJob", "iottwinmaker:CreateWorkspace", "iottwinmaker:DeleteComponentType", "iottwinmaker:DeleteEntity", "iottwinmaker:DeleteScene", "iottwinmaker:DeleteSyncJob", "iottwinmaker:DeleteWorkspace", "iottwinmaker:ExecuteQuery", "iottwinmaker:GetComponentType", "iottwinmaker:GetEntity", "iottwinmaker:GetMetadataTransferJob", "iottwinmaker:GetPricingPlan", "iottwinmaker:GetPropertyValue", "iottwinmaker:GetPropertyValueHistory", "iottwinmaker:GetScene", "iottwinmaker:GetSyncJob", "iottwinmaker:GetWorkspace", "iottwinmaker:ListComponentTypes", "iottwinmaker:ListComponents", "iottwinmaker:ListEntities", "iottwinmaker:ListMetadataTransferJobs", "iottwinmaker:ListProperties", "iottwinmaker:ListScenes", "iottwinmaker:ListSyncJobs", "iottwinmaker:ListSyncResources", "iottwinmaker:ListTagsForResource", "iottwinmaker:ListWorkspaces", "iottwinmaker:TagResource", "iottwinmaker:UntagResource", "iottwinmaker:UpdateComponentType", "iottwinmaker:UpdateEntity", "iottwinmaker:UpdatePricingPlan", "iottwinmaker:UpdateScene", "iottwinmaker:UpdateWorkspace", "iotwireless:AssociateAwsAccountWithPartnerAccount", "iotwireless:AssociateMulticastGroupWithFuotaTask", "iotwireless:AssociateWirelessDeviceWithFuotaTask", "iotwireless:AssociateWirelessDeviceWithMulticastGroup", "iotwireless:AssociateWirelessDeviceWithThing", "iotwireless:AssociateWirelessGatewayWithCertificate", "iotwireless:AssociateWirelessGatewayWithThing", "iotwireless:CancelMulticastGroupSession", "iotwireless:CreateDestination", "iotwireless:CreateDeviceProfile", "iotwireless:CreateFuotaTask", "iotwireless:CreateMulticastGroup", "iotwireless:CreateNetworkAnalyzerConfiguration", "iotwireless:CreateServiceProfile", "iotwireless:CreateWirelessDevice", "iotwireless:CreateWirelessGateway", "iotwireless:CreateWirelessGatewayTask", "iotwireless:CreateWirelessGatewayTaskDefinition", "iotwireless:DeleteDestination", "iotwireless:DeleteDeviceProfile", "iotwireless:DeleteFuotaTask", "iotwireless:DeleteMulticastGroup", "iotwireless:DeleteNetworkAnalyzerConfiguration", "iotwireless:DeleteQueuedMessages", "iotwireless:DeleteServiceProfile", "iotwireless:DeleteWirelessDevice", "iotwireless:DeleteWirelessDeviceImportTask", "iotwireless:DeleteWirelessGateway", "iotwireless:DeleteWirelessGatewayTask", "iotwireless:DeleteWirelessGatewayTaskDefinition", "iotwireless:DeregisterWirelessDevice", "iotwireless:DisassociateAwsAccountFromPartnerAccount", "iotwireless:DisassociateMulticastGroupFromFuotaTask", "iotwireless:DisassociateWirelessDeviceFromFuotaTask", "iotwireless:DisassociateWirelessDeviceFromMulticastGroup", "iotwireless:DisassociateWirelessDeviceFromThing", "iotwireless:DisassociateWirelessGatewayFromCertificate", "iotwireless:DisassociateWirelessGatewayFromThing", "iotwireless:GetDestination", "iotwireless:GetDeviceProfile", "iotwireless:GetEventConfigurationByResourceTypes", "iotwireless:GetFuotaTask", "iotwireless:GetLogLevelsByResourceTypes", "iotwireless:GetMetricConfiguration", "iotwireless:GetMetrics", "iotwireless:GetMulticastGroup", "iotwireless:GetMulticastGroupSession", "iotwireless:GetNetworkAnalyzerConfiguration", "iotwireless:GetPartnerAccount", "iotwireless:GetPosition", "iotwireless:GetPositionConfiguration", "iotwireless:GetPositionEstimate", "iotwireless:GetResourceEventConfiguration", "iotwireless:GetResourceLogLevel", "iotwireless:GetResourcePosition", "iotwireless:GetServiceEndpoint", "iotwireless:GetServiceProfile", "iotwireless:GetWirelessDevice", "iotwireless:GetWirelessDeviceImportTask", "iotwireless:GetWirelessDeviceStatistics", "iotwireless:GetWirelessGateway", "iotwireless:GetWirelessGatewayCertificate", "iotwireless:GetWirelessGatewayFirmwareInformation", "iotwireless:GetWirelessGatewayStatistics", "iotwireless:GetWirelessGatewayTask", "iotwireless:GetWirelessGatewayTaskDefinition", "iotwireless:ListDestinations", "iotwireless:ListDeviceProfiles", "iotwireless:ListDevicesForWirelessDeviceImportTask", "iotwireless:ListEventConfigurations", "iotwireless:ListFuotaTasks", "iotwireless:ListMulticastGroups", "iotwireless:ListMulticastGroupsByFuotaTask", "iotwireless:ListNetworkAnalyzerConfigurations", "iotwireless:ListPartnerAccounts", "iotwireless:ListPositionConfigurations", "iotwireless:ListQueuedMessages", "iotwireless:ListServiceProfiles", "iotwireless:ListTagsForResource", "iotwireless:ListWirelessDeviceImportTasks", "iotwireless:ListWirelessDevices", "iotwireless:ListWirelessGatewayTaskDefinitions", "iotwireless:ListWirelessGateways", "iotwireless:PutPositionConfiguration", "iotwireless:PutResourceLogLevel", "iotwireless:ResetAllResourceLogLevels", "iotwireless:ResetResourceLogLevel", "iotwireless:SendDataToMulticastGroup", "iotwireless:SendDataToWirelessDevice", "iotwireless:StartBulkAssociateWirelessDeviceWithMulticastGroup", "iotwireless:StartBulkDisassociateWirelessDeviceFromMulticastGroup", "iotwireless:StartFuotaTask", "iotwireless:StartMulticastGroupSession", "iotwireless:StartNetworkAnalyzerStream", "iotwireless:StartSingleWirelessDeviceImportTask", "iotwireless:StartWirelessDeviceImportTask", "iotwireless:TagResource", "iotwireless:TestWirelessDevice", "iotwireless:UntagResource", "iotwireless:UpdateDestination", "iotwireless:UpdateEventConfigurationByResourceTypes", "iotwireless:UpdateFuotaTask", "iotwireless:UpdateLogLevelsByResourceTypes", "iotwireless:UpdateMetricConfiguration", "iotwireless:UpdateMulticastGroup", "iotwireless:UpdateNetworkAnalyzerConfiguration", "iotwireless:UpdatePartnerAccount", "iotwireless:UpdatePosition", "iotwireless:UpdateResourceEventConfiguration", "iotwireless:UpdateResourcePosition", "iotwireless:UpdateWirelessDevice", "iotwireless:UpdateWirelessDeviceImportTask", "iotwireless:UpdateWirelessGateway", "iq:AcceptCall", "iq:ApprovePaymentRequest", "iq:ApproveProposal", "iq:ArchiveConversation", "iq:CompleteProposal", "iq:CreateConversation", "iq:CreateExpert", "iq:CreateListing", "iq:CreateMilestoneProposal", "iq:CreatePaymentRequest", "iq:CreateProject", "iq:CreateRequest", "iq:CreateScheduledProposal", "iq:CreateSeller", "iq:CreateUpfrontProposal", "iq:DeclineCall", "iq:DeleteAttachment", "iq:DisableIndividualPublicProfile", "iq:DownloadAttachment", "iq:EnableIndividualPublicProfile", "iq:EndCall", "iq:GetBuyer", "iq:GetCall", "iq:GetChatInfo", "iq:GetChatMessages", "iq:GetChatToken", "iq:GetCompanyChatMessages", "iq:GetCompanyProfile", "iq:GetConversation", "iq:GetExpert", "iq:GetListing", "iq:GetMarketplaceSeller", "iq:GetPaymentRequest", "iq:GetProposal", "iq:GetRequest", "iq:GetReview", "iq:HideRequest", "iq:InitiateCall", "iq:LinkAwsCertification", "iq:ListAttachments", "iq:ListConversations", "iq:ListExpertAccessLogs", "iq:ListListings", "iq:ListPaymentRequests", "iq:ListProposals", "iq:ListRequests", "iq:ListReviews", "iq:MarkChatMessageRead", "iq:RejectPaymentRequest", "iq:RejectProposal", "iq:SendCompanyChatMessage", "iq:SendIndividualChatMessage", "iq:UnarchiveConversation", "iq:UnlinkAwsCertification", "iq:UpdateCompanyProfile", "iq:UpdateConversationMembers", "iq:UpdateExpert", "iq:UpdateListing", "iq:UpdateRequest", "iq:UploadAttachment", "iq:WithdrawPaymentRequest", "iq:WithdrawProposal", "iq:WriteReview", "iq-permission:ApproveAccessGrant", "iq-permission:ApprovePermissionRequest", "iq-permission:AssumePermissionRole", "iq-permission:CreatePermissionRequest", "iq-permission:GetPermissionRequest", "iq-permission:ListPermissionRequests", "iq-permission:RejectPermissionRequest", "iq-permission:RevokePermissionRequest", "iq-permission:WithdrawPermissionRequest", "ivs:BatchGetChannel", "ivs:BatchGetStreamKey", "ivs:BatchStartViewerSessionRevocation", "ivs:CreateChannel", "ivs:CreateEncoderConfiguration", "ivs:CreateParticipantToken", "ivs:CreatePlaybackRestrictionPolicy", "ivs:CreateRecordingConfiguration", "ivs:CreateStage", "ivs:CreateStorageConfiguration", "ivs:CreateStreamKey", "ivs:DeleteChannel", "ivs:DeleteEncoderConfiguration", "ivs:DeletePlaybackKeyPair", "ivs:DeletePlaybackRestrictionPolicy", "ivs:DeleteRecordingConfiguration", "ivs:DeleteStage", "ivs:DeleteStorageConfiguration", "ivs:DeleteStreamKey", "ivs:DisconnectParticipant", "ivs:GetChannel", "ivs:GetComposition", "ivs:GetEncoderConfiguration", "ivs:GetParticipant", "ivs:GetPlaybackKeyPair", "ivs:GetPlaybackRestrictionPolicy", "ivs:GetRecordingConfiguration", "ivs:GetStage", "ivs:GetStageSession", "ivs:GetStorageConfiguration", "ivs:GetStream", "ivs:GetStreamKey", "ivs:GetStreamSession", "ivs:ImportPlaybackKeyPair", "ivs:ListChannels", "ivs:ListCompositions", "ivs:ListEncoderConfigurations", "ivs:ListParticipantEvents", "ivs:ListParticipants", "ivs:ListPlaybackKeyPairs", "ivs:ListPlaybackRestrictionPolicies", "ivs:ListRecordingConfigurations", "ivs:ListStageSessions", "ivs:ListStages", "ivs:ListStorageConfigurations", "ivs:ListStreamKeys", "ivs:ListStreamSessions", "ivs:ListStreams", "ivs:ListTagsForResource", "ivs:PutMetadata", "ivs:StartComposition", "ivs:StartViewerSessionRevocation", "ivs:StopComposition", "ivs:StopStream", "ivs:TagResource", "ivs:UntagResource", "ivs:UpdateChannel", "ivs:UpdatePlaybackRestrictionPolicy", "ivs:UpdateStage", "ivschat:CreateChatToken", "ivschat:CreateLoggingConfiguration", "ivschat:CreateRoom", "ivschat:DeleteLoggingConfiguration", "ivschat:DeleteMessage", "ivschat:DeleteRoom", "ivschat:DisconnectUser", "ivschat:GetLoggingConfiguration", "ivschat:GetRoom", "ivschat:ListLoggingConfigurations", "ivschat:ListRooms", "ivschat:ListTagsForResource", "ivschat:SendEvent", "ivschat:TagResource", "ivschat:UntagResource", "ivschat:UpdateLoggingConfiguration", "ivschat:UpdateRoom", "kafka:BatchAssociateScramSecret", "kafka:BatchDisassociateScramSecret", "kafka:CreateCluster", "kafka:CreateClusterV2", "kafka:CreateConfiguration", "kafka:CreateReplicator", "kafka:CreateVpcConnection", "kafka:DeleteCluster", "kafka:DeleteClusterPolicy", "kafka:DeleteConfiguration", "kafka:DeleteReplicator", "kafka:DeleteVpcConnection", "kafka:DescribeCluster", "kafka:DescribeClusterOperation", "kafka:DescribeClusterOperationV2", "kafka:DescribeClusterV2", "kafka:DescribeConfiguration", "kafka:DescribeConfigurationRevision", "kafka:DescribeReplicator", "kafka:DescribeVpcConnection", "kafka:GetBootstrapBrokers", "kafka:GetClusterPolicy", "kafka:GetCompatibleKafkaVersions", "kafka:ListClientVpcConnections", "kafka:ListClusterOperations", "kafka:ListClusterOperationsV2", "kafka:ListClusters", "kafka:ListClustersV2", "kafka:ListConfigurationRevisions", "kafka:ListConfigurations", "kafka:ListKafkaVersions", "kafka:ListNodes", "kafka:ListReplicators", "kafka:ListScramSecrets", "kafka:ListTagsForResource", "kafka:ListVpcConnections", "kafka:PutClusterPolicy", "kafka:RebootBroker", "kafka:RejectClientVpcConnection", "kafka:TagResource", "kafka:UntagResource", "kafka:UpdateBrokerCount", "kafka:UpdateBrokerStorage", "kafka:UpdateBrokerType", "kafka:UpdateClusterConfiguration", "kafka:UpdateClusterKafkaVersion", "kafka:UpdateConfiguration", "kafka:UpdateConnectivity", "kafka:UpdateMonitoring", "kafka:UpdateReplicationInfo", "kafka:UpdateSecurity", "kafka:UpdateStorage", "kafka-cluster:AlterCluster", "kafka-cluster:AlterClusterDynamicConfiguration", "kafka-cluster:AlterGroup", "kafka-cluster:AlterTopic", "kafka-cluster:AlterTopicDynamicConfiguration", "kafka-cluster:AlterTransactionalId", "kafka-cluster:Connect", "kafka-cluster:CreateTopic", "kafka-cluster:DeleteGroup", "kafka-cluster:DeleteTopic", "kafka-cluster:DescribeCluster", "kafka-cluster:DescribeClusterDynamicConfiguration", "kafka-cluster:DescribeGroup", "kafka-cluster:DescribeTopic", "kafka-cluster:DescribeTopicDynamicConfiguration", "kafka-cluster:DescribeTransactionalId", "kafka-cluster:ReadData", "kafka-cluster:WriteData", "kafka-cluster:WriteDataIdempotently", "kafkaconnect:CreateConnector", "kafkaconnect:CreateCustomPlugin", "kafkaconnect:CreateWorkerConfiguration", "kafkaconnect:DeleteConnector", "kafkaconnect:DeleteCustomPlugin", "kafkaconnect:DeleteWorkerConfiguration", "kafkaconnect:DescribeConnector", "kafkaconnect:DescribeCustomPlugin", "kafkaconnect:DescribeWorkerConfiguration", "kafkaconnect:ListConnectors", "kafkaconnect:ListCustomPlugins", "kafkaconnect:ListTagsForResource", "kafkaconnect:ListWorkerConfigurations", "kafkaconnect:TagResource", "kafkaconnect:UntagResource", "kafkaconnect:UpdateConnector", "kendra:AssociateEntitiesToExperience", "kendra:AssociatePersonasToEntities", "kendra:BatchDeleteDocument", "kendra:BatchDeleteFeaturedResultsSet", "kendra:BatchGetDocumentStatus", "kendra:BatchPutDocument", "kendra:ClearQuerySuggestions", "kendra:CreateAccessControlConfiguration", "kendra:CreateDataSource", "kendra:CreateExperience", "kendra:CreateFaq", "kendra:CreateFeaturedResultsSet", "kendra:CreateIndex", "kendra:CreateQuerySuggestionsBlockList", "kendra:CreateThesaurus", "kendra:DeleteAccessControlConfiguration", "kendra:DeleteDataSource", "kendra:DeleteExperience", "kendra:DeleteFaq", "kendra:DeleteIndex", "kendra:DeletePrincipalMapping", "kendra:DeleteQuerySuggestionsBlockList", "kendra:DeleteThesaurus", "kendra:DescribeAccessControlConfiguration", "kendra:DescribeDataSource", "kendra:DescribeExperience", "kendra:DescribeFaq", "kendra:DescribeFeaturedResultsSet", "kendra:DescribeIndex", "kendra:DescribePrincipalMapping", "kendra:DescribeQuerySuggestionsBlockList", "kendra:DescribeQuerySuggestionsConfig", "kendra:DescribeThesaurus", "kendra:DisassociateEntitiesFromExperience", "kendra:DisassociatePersonasFromEntities", "kendra:GetQuerySuggestions", "kendra:GetSnapshots", "kendra:ListAccessControlConfigurations", "kendra:ListDataSourceSyncJobs", "kendra:ListDataSources", "kendra:ListEntityPersonas", "kendra:ListExperienceEntities", "kendra:ListExperiences", "kendra:ListFaqs", "kendra:ListFeaturedResultsSets", "kendra:ListGroupsOlderThanOrderingId", "kendra:ListIndices", "kendra:ListQuerySuggestionsBlockLists", "kendra:ListTagsForResource", "kendra:ListThesauri", "kendra:PutPrincipalMapping", "kendra:Query", "kendra:Retrieve", "kendra:StartDataSourceSyncJob", "kendra:StopDataSourceSyncJob", "kendra:SubmitFeedback", "kendra:TagResource", "kendra:UntagResource", "kendra:UpdateAccessControlConfiguration", "kendra:UpdateDataSource", "kendra:UpdateExperience", "kendra:UpdateFeaturedResultsSet", "kendra:UpdateIndex", "kendra:UpdateQuerySuggestionsBlockList", "kendra:UpdateQuerySuggestionsConfig", "kendra:UpdateThesaurus", "kendra-ranking:CreateRescoreExecutionPlan", "kendra-ranking:DeleteRescoreExecutionPlan", "kendra-ranking:DescribeRescoreExecutionPlan", "kendra-ranking:ListRescoreExecutionPlans", "kendra-ranking:ListTagsForResource", "kendra-ranking:Rescore", "kendra-ranking:TagResource", "kendra-ranking:UntagResource", "kendra-ranking:UpdateRescoreExecutionPlan", "kinesis:AddTagsToStream", "kinesis:CreateStream", "kinesis:DecreaseStreamRetentionPeriod", "kinesis:DeleteResourcePolicy", "kinesis:DeleteStream", "kinesis:DeregisterStreamConsumer", "kinesis:DescribeLimits", "kinesis:DescribeStream", "kinesis:DescribeStreamConsumer", "kinesis:DescribeStreamSummary", "kinesis:DisableEnhancedMonitoring", "kinesis:EnableEnhancedMonitoring", "kinesis:GetRecords", "kinesis:GetResourcePolicy", "kinesis:GetShardIterator", "kinesis:IncreaseStreamRetentionPeriod", "kinesis:ListShards", "kinesis:ListStreamConsumers", "kinesis:ListStreams", "kinesis:ListTagsForStream", "kinesis:MergeShards", "kinesis:PutRecord", "kinesis:PutRecords", "kinesis:PutResourcePolicy", "kinesis:RegisterStreamConsumer", "kinesis:RemoveTagsFromStream", "kinesis:SplitShard", "kinesis:StartStreamEncryption", "kinesis:StopStreamEncryption", "kinesis:SubscribeToShard", "kinesis:UpdateShardCount", "kinesis:UpdateStreamMode", "kinesisanalytics:AddApplicationInput", "kinesisanalytics:AddApplicationOutput", "kinesisanalytics:AddApplicationReferenceDataSource", "kinesisanalytics:CreateApplication", "kinesisanalytics:DeleteApplication", "kinesisanalytics:DeleteApplicationOutput", "kinesisanalytics:DeleteApplicationReferenceDataSource", "kinesisanalytics:DescribeApplication", "kinesisanalytics:DiscoverInputSchema", "kinesisanalytics:GetApplicationState", "kinesisanalytics:ListApplications", "kinesisanalytics:ListTagsForResource", "kinesisanalytics:StartApplication", "kinesisanalytics:StopApplication", "kinesisanalytics:TagResource", "kinesisanalytics:UntagResource", "kinesisanalytics:UpdateApplication", "kinesisanalytics:AddApplicationCloudWatchLoggingOption", "kinesisanalytics:AddApplicationInputProcessingConfiguration", "kinesisanalytics:AddApplicationVpcConfiguration", "kinesisanalytics:CreateApplicationPresignedUrl", "kinesisanalytics:CreateApplicationSnapshot", "kinesisanalytics:DeleteApplicationCloudWatchLoggingOption", "kinesisanalytics:DeleteApplicationInputProcessingConfiguration", "kinesisanalytics:DeleteApplicationSnapshot", "kinesisanalytics:DeleteApplicationVpcConfiguration", "kinesisanalytics:DescribeApplicationSnapshot", "kinesisanalytics:DescribeApplicationVersion", "kinesisanalytics:ListApplicationSnapshots", "kinesisanalytics:ListApplicationVersions", "kinesisanalytics:RollbackApplication", "kinesisanalytics:UpdateApplicationMaintenanceConfiguration", "kinesisvideo:ConnectAsMaster", "kinesisvideo:ConnectAsViewer", "kinesisvideo:CreateSignalingChannel", "kinesisvideo:CreateStream", "kinesisvideo:DeleteEdgeConfiguration", "kinesisvideo:DeleteSignalingChannel", "kinesisvideo:DeleteStream", "kinesisvideo:DescribeEdgeConfiguration", "kinesisvideo:DescribeImageGenerationConfiguration", "kinesisvideo:DescribeMappedResourceConfiguration", "kinesisvideo:DescribeMediaStorageConfiguration", "kinesisvideo:DescribeNotificationConfiguration", "kinesisvideo:DescribeSignalingChannel", "kinesisvideo:DescribeStream", "kinesisvideo:GetClip", "kinesisvideo:GetDASHStreamingSessionURL", "kinesisvideo:GetDataEndpoint", "kinesisvideo:GetHLSStreamingSessionURL", "kinesisvideo:GetIceServerConfig", "kinesisvideo:GetImages", "kinesisvideo:GetMedia", "kinesisvideo:GetMediaForFragmentList", "kinesisvideo:GetSignalingChannelEndpoint", "kinesisvideo:JoinStorageSession", "kinesisvideo:ListEdgeAgentConfigurations", "kinesisvideo:ListFragments", "kinesisvideo:ListSignalingChannels", "kinesisvideo:ListStreams", "kinesisvideo:ListTagsForResource", "kinesisvideo:ListTagsForStream", "kinesisvideo:PutMedia", "kinesisvideo:SendAlexaOfferToMaster", "kinesisvideo:StartEdgeConfigurationUpdate", "kinesisvideo:TagResource", "kinesisvideo:TagStream", "kinesisvideo:UntagResource", "kinesisvideo:UntagStream", "kinesisvideo:UpdateDataRetention", "kinesisvideo:UpdateImageGenerationConfiguration", "kinesisvideo:UpdateMediaStorageConfiguration", "kinesisvideo:UpdateNotificationConfiguration", "kinesisvideo:UpdateSignalingChannel", "kinesisvideo:UpdateStream", "kms:CancelKeyDeletion", "kms:ConnectCustomKeyStore", "kms:CreateAlias", "kms:CreateCustomKeyStore", "kms:CreateGrant", "kms:CreateKey", "kms:Decrypt", "kms:DeleteAlias", "kms:DeleteCustomKeyStore", "kms:DeleteImportedKeyMaterial", "kms:DescribeCustomKeyStores", "kms:DescribeKey", "kms:DisableKey", "kms:DisableKeyRotation", "kms:DisconnectCustomKeyStore", "kms:EnableKey", "kms:EnableKeyRotation", "kms:Encrypt", "kms:GenerateDataKey", "kms:GenerateDataKeyPair", "kms:GenerateDataKeyPairWithoutPlaintext", "kms:GenerateDataKeyWithoutPlaintext", "kms:GenerateMac", "kms:GenerateRandom", "kms:GetKeyPolicy", "kms:GetKeyRotationStatus", "kms:GetParametersForImport", "kms:GetPublicKey", "kms:ImportKeyMaterial", "kms:ListAliases", "kms:ListGrants", "kms:ListKeyPolicies", "kms:ListKeyRotations", "kms:ListKeys", "kms:ListResourceTags", "kms:ListRetirableGrants", "kms:PutKeyPolicy", "kms:ReEncryptFrom", "kms:ReEncryptTo", "kms:ReplicateKey", "kms:RetireGrant", "kms:RevokeGrant", "kms:RotateKeyOnDemand", "kms:ScheduleKeyDeletion", "kms:Sign", "kms:SynchronizeMultiRegionKey", "kms:TagResource", "kms:UntagResource", "kms:UpdateAlias", "kms:UpdateCustomKeyStore", "kms:UpdateKeyDescription", "kms:UpdatePrimaryRegion", "kms:Verify", "kms:VerifyMac", "lakeformation:AddLFTagsToResource", "lakeformation:BatchGrantPermissions", "lakeformation:BatchRevokePermissions", "lakeformation:CancelTransaction", "lakeformation:CommitTransaction", "lakeformation:CreateDataCellsFilter", "lakeformation:CreateLFTag", "lakeformation:CreateLakeFormationIdentityCenterConfiguration", "lakeformation:CreateLakeFormationOptIn", "lakeformation:DeleteDataCellsFilter", "lakeformation:DeleteLFTag", "lakeformation:DeleteLakeFormationIdentityCenterConfiguration", "lakeformation:DeleteLakeFormationOptIn", "lakeformation:DeleteObjectsOnCancel", "lakeformation:DeregisterResource", "lakeformation:DescribeLakeFormationIdentityCenterConfiguration", "lakeformation:DescribeResource", "lakeformation:DescribeTransaction", "lakeformation:ExtendTransaction", "lakeformation:GetDataAccess", "lakeformation:GetDataCellsFilter", "lakeformation:GetDataLakeSettings", "lakeformation:GetEffectivePermissionsForPath", "lakeformation:GetLFTag", "lakeformation:GetQueryState", "lakeformation:GetQueryStatistics", "lakeformation:GetResourceLFTags", "lakeformation:GetTableObjects", "lakeformation:GetWorkUnitResults", "lakeformation:GetWorkUnits", "lakeformation:GrantPermissions", "lakeformation:ListDataCellsFilter", "lakeformation:ListLFTags", "lakeformation:ListLakeFormationOptIns", "lakeformation:ListPermissions", "lakeformation:ListResources", "lakeformation:ListTableStorageOptimizers", "lakeformation:ListTransactions", "lakeformation:PutDataLakeSettings", "lakeformation:RegisterResource", "lakeformation:RemoveLFTagsFromResource", "lakeformation:RevokePermissions", "lakeformation:SearchDatabasesByLFTags", "lakeformation:SearchTablesByLFTags", "lakeformation:StartQueryPlanning", "lakeformation:StartTransaction", "lakeformation:UpdateDataCellsFilter", "lakeformation:UpdateLFTag", "lakeformation:UpdateLakeFormationIdentityCenterConfiguration", "lakeformation:UpdateResource", "lakeformation:UpdateTableObjects", "lakeformation:UpdateTableStorageOptimizer", "lambda:AddLayerVersionPermission", "lambda:AddPermission", "lambda:CreateAlias", "lambda:CreateCodeSigningConfig", "lambda:CreateEventSourceMapping", "lambda:CreateFunction", "lambda:CreateFunctionUrlConfig", "lambda:DeleteAlias", "lambda:DeleteCodeSigningConfig", "lambda:DeleteEventSourceMapping", "lambda:DeleteFunction", "lambda:DeleteFunctionCodeSigningConfig", "lambda:DeleteFunctionConcurrency", "lambda:DeleteFunctionEventInvokeConfig", "lambda:DeleteFunctionUrlConfig", "lambda:DeleteLayerVersion", "lambda:DeleteProvisionedConcurrencyConfig", "lambda:DisableReplication", "lambda:EnableReplication", "lambda:GetAccountSettings", "lambda:GetAlias", "lambda:GetCodeSigningConfig", "lambda:GetEventSourceMapping", "lambda:GetFunction", "lambda:GetFunctionCodeSigningConfig", "lambda:GetFunctionConcurrency", "lambda:GetFunctionConfiguration", "lambda:GetFunctionEventInvokeConfig", "lambda:GetFunctionUrlConfig", "lambda:GetLayerVersion", "lambda:GetLayerVersionPolicy", "lambda:GetPolicy", "lambda:GetProvisionedConcurrencyConfig", "lambda:GetRuntimeManagementConfig", "lambda:InvokeAsync", "lambda:InvokeFunction", "lambda:InvokeFunctionUrl", "lambda:ListAliases", "lambda:ListCodeSigningConfigs", "lambda:ListEventSourceMappings", "lambda:ListFunctionEventInvokeConfigs", "lambda:ListFunctionUrlConfigs", "lambda:ListFunctions", "lambda:ListFunctionsByCodeSigningConfig", "lambda:ListLayerVersions", "lambda:ListLayers", "lambda:ListProvisionedConcurrencyConfigs", "lambda:ListTags", "lambda:ListVersionsByFunction", "lambda:PublishLayerVersion", "lambda:PublishVersion", "lambda:PutFunctionCodeSigningConfig", "lambda:PutFunctionConcurrency", "lambda:PutFunctionEventInvokeConfig", "lambda:PutProvisionedConcurrencyConfig", "lambda:PutRuntimeManagementConfig", "lambda:RemoveLayerVersionPermission", "lambda:RemovePermission", "lambda:TagResource", "lambda:UntagResource", "lambda:UpdateAlias", "lambda:UpdateCodeSigningConfig", "lambda:UpdateEventSourceMapping", "lambda:UpdateFunctionCode", "lambda:UpdateFunctionCodeSigningConfig", "lambda:UpdateFunctionConfiguration", "lambda:UpdateFunctionEventInvokeConfig", "lambda:UpdateFunctionUrlConfig", "launchwizard:CreateAdditionalNode", "launchwizard:CreateDeployment", "launchwizard:CreateSettingsSet", "launchwizard:DeleteAdditionalNode", "launchwizard:DeleteApp", "launchwizard:DeleteDeployment", "launchwizard:DeleteSettingsSet", "launchwizard:DescribeAdditionalNode", "launchwizard:DescribeProvisionedApp", "launchwizard:DescribeProvisioningEvents", "launchwizard:DescribeSettingsSet", "launchwizard:GetDeployment", "launchwizard:GetInfrastructureSuggestion", "launchwizard:GetIpAddress", "launchwizard:GetResourceCostEstimate", "launchwizard:GetResourceRecommendation", "launchwizard:GetSettingsSet", "launchwizard:GetWorkload", "launchwizard:GetWorkloadAsset", "launchwizard:GetWorkloadAssets", "launchwizard:ListAdditionalNodes", "launchwizard:ListAllowedResources", "launchwizard:ListDeploymentEvents", "launchwizard:ListDeployments", "launchwizard:ListProvisionedApps", "launchwizard:ListResourceCostEstimates", "launchwizard:ListSettingsSets", "launchwizard:ListWorkloadDeploymentOptions", "launchwizard:ListWorkloadDeploymentPatterns", "launchwizard:ListWorkloads", "launchwizard:PutSettingsSet", "launchwizard:StartProvisioning", "launchwizard:UpdateSettingsSet", "lex:CreateBotVersion", "lex:CreateIntentVersion", "lex:CreateSlotTypeVersion", "lex:DeleteBot", "lex:DeleteBotAlias", "lex:DeleteBotChannelAssociation", "lex:DeleteBotVersion", "lex:DeleteIntent", "lex:DeleteIntentVersion", "lex:DeleteSession", "lex:DeleteSlotType", "lex:DeleteSlotTypeVersion", "lex:DeleteUtterances", "lex:GetBot", "lex:GetBotAlias", "lex:GetBotAliases", "lex:GetBotChannelAssociation", "lex:GetBotChannelAssociations", "lex:GetBotVersions", "lex:GetBots", "lex:GetBuiltinIntent", "lex:GetBuiltinIntents", "lex:GetBuiltinSlotTypes", "lex:GetExport", "lex:GetImport", "lex:GetIntent", "lex:GetIntentVersions", "lex:GetIntents", "lex:GetMigration", "lex:GetMigrations", "lex:GetSession", "lex:GetSlotType", "lex:GetSlotTypeVersions", "lex:GetSlotTypes", "lex:GetUtterancesView", "lex:ListTagsForResource", "lex:PostContent", "lex:PostText", "lex:PutBot", "lex:PutBotAlias", "lex:PutIntent", "lex:PutSession", "lex:PutSlotType", "lex:StartImport", "lex:StartMigration", "lex:TagResource", "lex:UntagResource", "lex:BatchCreateCustomVocabularyItem", "lex:BatchDeleteCustomVocabularyItem", "lex:BatchUpdateCustomVocabularyItem", "lex:BuildBotLocale", "lex:CreateBot", "lex:CreateBotAlias", "lex:CreateBotChannel", "lex:CreateBotLocale", "lex:CreateBotReplica", "lex:CreateCustomVocabulary", "lex:CreateExport", "lex:CreateIntent", "lex:CreateResourcePolicy", "lex:CreateSlot", "lex:CreateSlotType", "lex:CreateTestSet", "lex:CreateTestSetDiscrepancyReport", "lex:CreateUploadUrl", "lex:DeleteBotChannel", "lex:DeleteBotLocale", "lex:DeleteBotReplica", "lex:DeleteCustomVocabulary", "lex:DeleteExport", "lex:DeleteImport", "lex:DeleteResourcePolicy", "lex:DeleteSlot", "lex:DeleteTestSet", "lex:DescribeBot", "lex:DescribeBotAlias", "lex:DescribeBotChannel", "lex:DescribeBotLocale", "lex:DescribeBotRecommendation", "lex:DescribeBotReplica", "lex:DescribeBotResourceGeneration", "lex:DescribeBotVersion", "lex:DescribeCustomVocabulary", "lex:DescribeCustomVocabularyMetadata", "lex:DescribeExport", "lex:DescribeImport", "lex:DescribeIntent", "lex:DescribeResourcePolicy", "lex:DescribeSlot", "lex:DescribeSlotType", "lex:DescribeTestExecution", "lex:DescribeTestSet", "lex:DescribeTestSetDiscrepancyReport", "lex:DescribeTestSetGeneration", "lex:GenerateBotElement", "lex:GetTestExecutionArtifactsUrl", "lex:ListAggregatedUtterances", "lex:ListBotAliasReplicas", "lex:ListBotAliases", "lex:ListBotChannels", "lex:ListBotLocales", "lex:ListBotRecommendations", "lex:ListBotReplicas", "lex:ListBotResourceGenerations", "lex:ListBotVersionReplicas", "lex:ListBotVersions", "lex:ListBots", "lex:ListBuiltInIntents", "lex:ListBuiltInSlotTypes", "lex:ListCustomVocabularyItems", "lex:ListExports", "lex:ListImports", "lex:ListIntentMetrics", "lex:ListIntentPaths", "lex:ListIntentStageMetrics", "lex:ListIntents", "lex:ListRecommendedIntents", "lex:ListSessionAnalyticsData", "lex:ListSessionMetrics", "lex:ListSlotTypes", "lex:ListSlots", "lex:ListTestExecutionResultItems", "lex:ListTestExecutions", "lex:ListTestSetRecords", "lex:ListTestSets", "lex:RecognizeText", "lex:RecognizeUtterance", "lex:SearchAssociatedTranscripts", "lex:StartBotRecommendation", "lex:StartBotResourceGeneration", "lex:StartConversation", "lex:StartTestExecution", "lex:StartTestSetGeneration", "lex:StopBotRecommendation", "lex:UpdateBot", "lex:UpdateBotAlias", "lex:UpdateBotLocale", "lex:UpdateBotRecommendation", "lex:UpdateCustomVocabulary", "lex:UpdateExport", "lex:UpdateIntent", "lex:UpdateResourcePolicy", "lex:UpdateSlot", "lex:UpdateSlotType", "lex:UpdateTestSet", "license-manager:AcceptGrant", "license-manager:CheckInLicense", "license-manager:CheckoutBorrowLicense", "license-manager:CheckoutLicense", "license-manager:CreateGrant", "license-manager:CreateGrantVersion", "license-manager:CreateLicense", "license-manager:CreateLicenseConfiguration", "license-manager:CreateLicenseConversionTaskForResource", "license-manager:CreateLicenseManagerReportGenerator", "license-manager:CreateLicenseVersion", "license-manager:CreateToken", "license-manager:DeleteGrant", "license-manager:DeleteLicense", "license-manager:DeleteLicenseConfiguration", "license-manager:DeleteLicenseManagerReportGenerator", "license-manager:DeleteToken", "license-manager:ExtendLicenseConsumption", "license-manager:GetAccessToken", "license-manager:GetGrant", "license-manager:GetLicense", "license-manager:GetLicenseConfiguration", "license-manager:GetLicenseConversionTask", "license-manager:GetLicenseManagerReportGenerator", "license-manager:GetLicenseUsage", "license-manager:GetServiceSettings", "license-manager:ListAssociationsForLicenseConfiguration", "license-manager:ListDistributedGrants", "license-manager:ListFailuresForLicenseConfigurationOperations", "license-manager:ListLicenseConfigurations", "license-manager:ListLicenseConversionTasks", "license-manager:ListLicenseManagerReportGenerators", "license-manager:ListLicenseSpecificationsForResource", "license-manager:ListLicenseVersions", "license-manager:ListLicenses", "license-manager:ListReceivedGrants", "license-manager:ListReceivedGrantsForOrganization", "license-manager:ListReceivedLicenses", "license-manager:ListReceivedLicensesForOrganization", "license-manager:ListResourceInventory", "license-manager:ListTagsForResource", "license-manager:ListTokens", "license-manager:ListUsageForLicenseConfiguration", "license-manager:RejectGrant", "license-manager:TagResource", "license-manager:UntagResource", "license-manager:UpdateLicenseConfiguration", "license-manager:UpdateLicenseManagerReportGenerator", "license-manager:UpdateLicenseSpecificationsForResource", "license-manager:UpdateServiceSettings", "license-manager-linux-subscriptions:GetServiceSettings", "license-manager-linux-subscriptions:ListLinuxSubscriptionInstances", "license-manager-linux-subscriptions:ListLinuxSubscriptions", "license-manager-linux-subscriptions:UpdateServiceSettings", "license-manager-user-subscriptions:AssociateUser", "license-manager-user-subscriptions:DeregisterIdentityProvider", "license-manager-user-subscriptions:DisassociateUser", "license-manager-user-subscriptions:ListIdentityProviders", "license-manager-user-subscriptions:ListInstances", "license-manager-user-subscriptions:ListProductSubscriptions", "license-manager-user-subscriptions:ListUserAssociations", "license-manager-user-subscriptions:RegisterIdentityProvider", "license-manager-user-subscriptions:StartProductSubscription", "license-manager-user-subscriptions:StopProductSubscription", "license-manager-user-subscriptions:UpdateIdentityProviderSettings", "lightsail:AllocateStaticIp", "lightsail:AttachCertificateToDistribution", "lightsail:AttachDisk", "lightsail:AttachInstancesToLoadBalancer", "lightsail:AttachLoadBalancerTlsCertificate", "lightsail:AttachStaticIp", "lightsail:CloseInstancePublicPorts", "lightsail:CopySnapshot", "lightsail:CreateBucket", "lightsail:CreateBucketAccessKey", "lightsail:CreateCertificate", "lightsail:CreateCloudFormationStack", "lightsail:CreateContactMethod", "lightsail:CreateContainerService", "lightsail:CreateContainerServiceDeployment", "lightsail:CreateContainerServiceRegistryLogin", "lightsail:CreateDisk", "lightsail:CreateDiskFromSnapshot", "lightsail:CreateDiskSnapshot", "lightsail:CreateDistribution", "lightsail:CreateDomain", "lightsail:CreateDomainEntry", "lightsail:CreateGUISessionAccessDetails", "lightsail:CreateInstanceSnapshot", "lightsail:CreateInstances", "lightsail:CreateInstancesFromSnapshot", "lightsail:CreateKeyPair", "lightsail:CreateLoadBalancer", "lightsail:CreateLoadBalancerTlsCertificate", "lightsail:CreateRelationalDatabase", "lightsail:CreateRelationalDatabaseFromSnapshot", "lightsail:CreateRelationalDatabaseSnapshot", "lightsail:DeleteAlarm", "lightsail:DeleteAutoSnapshot", "lightsail:DeleteBucket", "lightsail:DeleteBucketAccessKey", "lightsail:DeleteCertificate", "lightsail:DeleteContactMethod", "lightsail:DeleteContainerImage", "lightsail:DeleteContainerService", "lightsail:DeleteDisk", "lightsail:DeleteDiskSnapshot", "lightsail:DeleteDistribution", "lightsail:DeleteDomain", "lightsail:DeleteDomainEntry", "lightsail:DeleteInstance", "lightsail:DeleteInstanceSnapshot", "lightsail:DeleteKeyPair", "lightsail:DeleteKnownHostKeys", "lightsail:DeleteLoadBalancer", "lightsail:DeleteLoadBalancerTlsCertificate", "lightsail:DeleteRelationalDatabase", "lightsail:DeleteRelationalDatabaseSnapshot", "lightsail:DetachCertificateFromDistribution", "lightsail:DetachDisk", "lightsail:DetachInstancesFromLoadBalancer", "lightsail:DetachStaticIp", "lightsail:DisableAddOn", "lightsail:DownloadDefaultKeyPair", "lightsail:EnableAddOn", "lightsail:ExportSnapshot", "lightsail:GetActiveNames", "lightsail:GetAlarms", "lightsail:GetAutoSnapshots", "lightsail:GetBlueprints", "lightsail:GetBucketAccessKeys", "lightsail:GetBucketBundles", "lightsail:GetBucketMetricData", "lightsail:GetBuckets", "lightsail:GetBundles", "lightsail:GetCertificates", "lightsail:GetCloudFormationStackRecords", "lightsail:GetContactMethods", "lightsail:GetContainerAPIMetadata", "lightsail:GetContainerImages", "lightsail:GetContainerLog", "lightsail:GetContainerServiceDeployments", "lightsail:GetContainerServiceMetricData", "lightsail:GetContainerServicePowers", "lightsail:GetContainerServices", "lightsail:GetCostEstimate", "lightsail:GetDisk", "lightsail:GetDiskSnapshot", "lightsail:GetDiskSnapshots", "lightsail:GetDisks", "lightsail:GetDistributionBundles", "lightsail:GetDistributionLatestCacheReset", "lightsail:GetDistributionMetricData", "lightsail:GetDistributions", "lightsail:GetDomain", "lightsail:GetDomains", "lightsail:GetExportSnapshotRecords", "lightsail:GetInstance", "lightsail:GetInstanceAccessDetails", "lightsail:GetInstanceMetricData", "lightsail:GetInstancePortStates", "lightsail:GetInstanceSnapshot", "lightsail:GetInstanceSnapshots", "lightsail:GetInstanceState", "lightsail:GetInstances", "lightsail:GetKeyPair", "lightsail:GetKeyPairs", "lightsail:GetLoadBalancer", "lightsail:GetLoadBalancerMetricData", "lightsail:GetLoadBalancerTlsCertificates", "lightsail:GetLoadBalancerTlsPolicies", "lightsail:GetLoadBalancers", "lightsail:GetOperation", "lightsail:GetOperations", "lightsail:GetOperationsForResource", "lightsail:GetRegions", "lightsail:GetRelationalDatabase", "lightsail:GetRelationalDatabaseBlueprints", "lightsail:GetRelationalDatabaseBundles", "lightsail:GetRelationalDatabaseEvents", "lightsail:GetRelationalDatabaseLogEvents", "lightsail:GetRelationalDatabaseLogStreams", "lightsail:GetRelationalDatabaseMasterUserPassword", "lightsail:GetRelationalDatabaseMetricData", "lightsail:GetRelationalDatabaseParameters", "lightsail:GetRelationalDatabaseSnapshot", "lightsail:GetRelationalDatabaseSnapshots", "lightsail:GetRelationalDatabases", "lightsail:GetSetupHistory", "lightsail:GetStaticIp", "lightsail:GetStaticIps", "lightsail:ImportKeyPair", "lightsail:IsVpcPeered", "lightsail:OpenInstancePublicPorts", "lightsail:PeerVpc", "lightsail:PutAlarm", "lightsail:PutInstancePublicPorts", "lightsail:RebootInstance", "lightsail:RebootRelationalDatabase", "lightsail:RegisterContainerImage", "lightsail:ReleaseStaticIp", "lightsail:ResetDistributionCache", "lightsail:SendContactMethodVerification", "lightsail:SetIpAddressType", "lightsail:SetResourceAccessForBucket", "lightsail:SetupInstanceHttps", "lightsail:StartGUISession", "lightsail:StartInstance", "lightsail:StartRelationalDatabase", "lightsail:StopGUISession", "lightsail:StopInstance", "lightsail:StopRelationalDatabase", "lightsail:TagResource", "lightsail:TestAlarm", "lightsail:UnpeerVpc", "lightsail:UntagResource", "lightsail:UpdateBucket", "lightsail:UpdateBucketBundle", "lightsail:UpdateContainerService", "lightsail:UpdateDistribution", "lightsail:UpdateDistributionBundle", "lightsail:UpdateDomainEntry", "lightsail:UpdateInstanceMetadataOptions", "lightsail:UpdateLoadBalancerAttribute", "lightsail:UpdateRelationalDatabase", "lightsail:UpdateRelationalDatabaseParameters", "logs:AssociateKmsKey", "logs:CancelExportTask", "logs:CreateDelivery", "logs:CreateExportTask", "logs:CreateLogAnomalyDetector", "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteAccountPolicy", "logs:DeleteDataProtectionPolicy", "logs:DeleteDelivery", "logs:DeleteDeliveryDestination", "logs:DeleteDeliveryDestinationPolicy", "logs:DeleteDeliverySource", "logs:DeleteDestination", "logs:DeleteLogAnomalyDetector", "logs:DeleteLogDelivery", "logs:DeleteLogGroup", "logs:DeleteLogStream", "logs:DeleteMetricFilter", "logs:DeleteQueryDefinition", "logs:DeleteResourcePolicy", "logs:DeleteRetentionPolicy", "logs:DeleteSubscriptionFilter", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:DisassociateKmsKey", "logs:FilterLogEvents", "logs:GetDataProtectionPolicy", "logs:GetDelivery", "logs:GetDeliveryDestination", "logs:GetDeliveryDestinationPolicy", "logs:GetDeliverySource", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetLogRecord", "logs:GetQueryResults", "logs:Link", "logs:ListAnomalies", "logs:ListLogAnomalyDetectors", "logs:ListLogDeliveries", "logs:ListTagsForResource", "logs:ListTagsLogGroup", "logs:PutAccountPolicy", "logs:PutDataProtectionPolicy", "logs:PutDeliveryDestination", "logs:PutDeliveryDestinationPolicy", "logs:PutDeliverySource", "logs:PutDestination", "logs:PutDestinationPolicy", "logs:PutLogEvents", "logs:PutMetricFilter", "logs:PutQueryDefinition", "logs:PutResourcePolicy", "logs:PutRetentionPolicy", "logs:PutSubscriptionFilter", "logs:StartLiveTail", "logs:StartQuery", "logs:StopLiveTail", "logs:StopQuery", "logs:TagLogGroup", "logs:TagResource", "logs:TestMetricFilter", "logs:Unmask", "logs:UntagLogGroup", "logs:UntagResource", "logs:UpdateAnomaly", "logs:UpdateLogAnomalyDetector", "logs:UpdateLogDelivery", "lookoutequipment:CreateDataset", "lookoutequipment:CreateInferenceScheduler", "lookoutequipment:CreateLabel", "lookoutequipment:CreateLabelGroup", "lookoutequipment:CreateModel", "lookoutequipment:CreateRetrainingScheduler", "lookoutequipment:DeleteDataset", "lookoutequipment:DeleteInferenceScheduler", "lookoutequipment:DeleteLabel", "lookoutequipment:DeleteLabelGroup", "lookoutequipment:DeleteModel", "lookoutequipment:DeleteResourcePolicy", "lookoutequipment:DeleteRetrainingScheduler", "lookoutequipment:DescribeDataIngestionJob", "lookoutequipment:DescribeDataset", "lookoutequipment:DescribeInferenceScheduler", "lookoutequipment:DescribeLabelGroup", "lookoutequipment:DescribeModel", "lookoutequipment:DescribeModelVersion", "lookoutequipment:DescribeResourcePolicy", "lookoutequipment:DescribeRetrainingScheduler", "lookoutequipment:Describelabel", "lookoutequipment:ImportDataset", "lookoutequipment:ImportModelVersion", "lookoutequipment:ListDataIngestionJobs", "lookoutequipment:ListDatasets", "lookoutequipment:ListInferenceEvents", "lookoutequipment:ListInferenceExecutions", "lookoutequipment:ListInferenceSchedulers", "lookoutequipment:ListLabelGroups", "lookoutequipment:ListLabels", "lookoutequipment:ListModelVersions", "lookoutequipment:ListModels", "lookoutequipment:ListRetrainingSchedulers", "lookoutequipment:ListSensorStatistics", "lookoutequipment:ListTagsForResource", "lookoutequipment:PutResourcePolicy", "lookoutequipment:StartDataIngestionJob", "lookoutequipment:StartInferenceScheduler", "lookoutequipment:StartRetrainingScheduler", "lookoutequipment:StopInferenceScheduler", "lookoutequipment:StopRetrainingScheduler", "lookoutequipment:TagResource", "lookoutequipment:UntagResource", "lookoutequipment:UpdateActiveModelVersion", "lookoutequipment:UpdateInferenceScheduler", "lookoutequipment:UpdateLabelGroup", "lookoutequipment:UpdateModel", "lookoutequipment:UpdateRetrainingScheduler", "lookoutmetrics:ActivateAnomalyDetector", "lookoutmetrics:BackTestAnomalyDetector", "lookoutmetrics:CreateAlert", "lookoutmetrics:CreateAnomalyDetector", "lookoutmetrics:CreateMetricSet", "lookoutmetrics:DeactivateAnomalyDetector", "lookoutmetrics:DeleteAlert", "lookoutmetrics:DeleteAnomalyDetector", "lookoutmetrics:DescribeAlert", "lookoutmetrics:DescribeAnomalyDetectionExecutions", "lookoutmetrics:DescribeAnomalyDetector", "lookoutmetrics:DescribeMetricSet", "lookoutmetrics:DetectMetricSetConfig", "lookoutmetrics:GetAnomalyGroup", "lookoutmetrics:GetDataQualityMetrics", "lookoutmetrics:GetFeedback", "lookoutmetrics:GetSampleData", "lookoutmetrics:ListAlerts", "lookoutmetrics:ListAnomalyDetectors", "lookoutmetrics:ListAnomalyGroupRelatedMetrics", "lookoutmetrics:ListAnomalyGroupSummaries", "lookoutmetrics:ListAnomalyGroupTimeSeries", "lookoutmetrics:ListMetricSets", "lookoutmetrics:ListTagsForResource", "lookoutmetrics:PutFeedback", "lookoutmetrics:TagResource", "lookoutmetrics:UntagResource", "lookoutmetrics:UpdateAlert", "lookoutmetrics:UpdateAnomalyDetector", "lookoutmetrics:UpdateMetricSet", "lookoutvision:CreateDataset", "lookoutvision:CreateModel", "lookoutvision:CreateProject", "lookoutvision:DeleteDataset", "lookoutvision:DeleteModel", "lookoutvision:DeleteProject", "lookoutvision:DescribeDataset", "lookoutvision:DescribeModel", "lookoutvision:DescribeModelPackagingJob", "lookoutvision:DescribeProject", "lookoutvision:DescribeTrialDetection", "lookoutvision:DetectAnomalies", "lookoutvision:ListDatasetEntries", "lookoutvision:ListModelPackagingJobs", "lookoutvision:ListModels", "lookoutvision:ListProjects", "lookoutvision:ListTagsForResource", "lookoutvision:ListTrialDetections", "lookoutvision:StartModel", "lookoutvision:StartModelPackagingJob", "lookoutvision:StartTrialDetection", "lookoutvision:StopModel", "lookoutvision:TagResource", "lookoutvision:UntagResource", "lookoutvision:UpdateDatasetEntries", "m2:CancelBatchJobExecution", "m2:CreateApplication", "m2:CreateDataSetImportTask", "m2:CreateDeployment", "m2:CreateEnvironment", "m2:DeleteApplication", "m2:DeleteApplicationFromEnvironment", "m2:DeleteEnvironment", "m2:GetApplication", "m2:GetApplicationVersion", "m2:GetBatchJobExecution", "m2:GetDataSetDetails", "m2:GetDataSetImportTask", "m2:GetDeployment", "m2:GetEnvironment", "m2:GetSignedBluinsightsUrl", "m2:ListApplicationVersions", "m2:ListApplications", "m2:ListBatchJobDefinitions", "m2:ListBatchJobExecutions", "m2:ListDataSetImportHistory", "m2:ListDataSets", "m2:ListDeployments", "m2:ListEngineVersions", "m2:ListEnvironments", "m2:ListTagsForResource", "m2:StartApplication", "m2:StartBatchJob", "m2:StopApplication", "m2:TagResource", "m2:UntagResource", "m2:UpdateApplication", "m2:UpdateEnvironment", "machinelearning:AddTags", "machinelearning:CreateBatchPrediction", "machinelearning:CreateDataSourceFromRDS", "machinelearning:CreateDataSourceFromRedshift", "machinelearning:CreateDataSourceFromS3", "machinelearning:CreateEvaluation", "machinelearning:CreateMLModel", "machinelearning:CreateRealtimeEndpoint", "machinelearning:DeleteBatchPrediction", "machinelearning:DeleteDataSource", "machinelearning:DeleteEvaluation", "machinelearning:DeleteMLModel", "machinelearning:DeleteRealtimeEndpoint", "machinelearning:DeleteTags", "machinelearning:DescribeBatchPredictions", "machinelearning:DescribeDataSources", "machinelearning:DescribeEvaluations", "machinelearning:DescribeMLModels", "machinelearning:DescribeTags", "machinelearning:GetBatchPrediction", "machinelearning:GetDataSource", "machinelearning:GetEvaluation", "machinelearning:GetMLModel", "machinelearning:Predict", "machinelearning:UpdateBatchPrediction", "machinelearning:UpdateDataSource", "machinelearning:UpdateEvaluation", "machinelearning:UpdateMLModel", "macie2:AcceptInvitation", "macie2:BatchGetCustomDataIdentifiers", "macie2:CreateAllowList", "macie2:CreateClassificationJob", "macie2:CreateCustomDataIdentifier", "macie2:CreateFindingsFilter", "macie2:CreateInvitations", "macie2:CreateMember", "macie2:CreateSampleFindings", "macie2:DeclineInvitations", "macie2:DeleteAllowList", "macie2:DeleteCustomDataIdentifier", "macie2:DeleteFindingsFilter", "macie2:DeleteInvitations", "macie2:DeleteMember", "macie2:DescribeBuckets", "macie2:DescribeClassificationJob", "macie2:DescribeOrganizationConfiguration", "macie2:DisableMacie", "macie2:DisableOrganizationAdminAccount", "macie2:DisassociateFromAdministratorAccount", "macie2:DisassociateFromMasterAccount", "macie2:DisassociateMember", "macie2:EnableMacie", "macie2:EnableOrganizationAdminAccount", "macie2:GetAdministratorAccount", "macie2:GetAllowList", "macie2:GetAutomatedDiscoveryConfiguration", "macie2:GetBucketStatistics", "macie2:GetClassificationExportConfiguration", "macie2:GetClassificationScope", "macie2:GetCustomDataIdentifier", "macie2:GetFindingStatistics", "macie2:GetFindings", "macie2:GetFindingsFilter", "macie2:GetFindingsPublicationConfiguration", "macie2:GetInvitationsCount", "macie2:GetMacieSession", "macie2:GetMasterAccount", "macie2:GetMember", "macie2:GetResourceProfile", "macie2:GetRevealConfiguration", "macie2:GetSensitiveDataOccurrences", "macie2:GetSensitiveDataOccurrencesAvailability", "macie2:GetSensitivityInspectionTemplate", "macie2:GetUsageStatistics", "macie2:GetUsageTotals", "macie2:ListAllowLists", "macie2:ListClassificationJobs", "macie2:ListClassificationScopes", "macie2:ListCustomDataIdentifiers", "macie2:ListFindings", "macie2:ListFindingsFilters", "macie2:ListInvitations", "macie2:ListManagedDataIdentifiers", "macie2:ListMembers", "macie2:ListOrganizationAdminAccounts", "macie2:ListResourceProfileArtifacts", "macie2:ListResourceProfileDetections", "macie2:ListSensitivityInspectionTemplates", "macie2:ListTagsForResource", "macie2:PutClassificationExportConfiguration", "macie2:PutFindingsPublicationConfiguration", "macie2:SearchResources", "macie2:TagResource", "macie2:TestCustomDataIdentifier", "macie2:UntagResource", "macie2:UpdateAllowList", "macie2:UpdateAutomatedDiscoveryConfiguration", "macie2:UpdateClassificationJob", "macie2:UpdateClassificationScope", "macie2:UpdateFindingsFilter", "macie2:UpdateMacieSession", "macie2:UpdateMemberSession", "macie2:UpdateOrganizationConfiguration", "macie2:UpdateResourceProfile", "macie2:UpdateResourceProfileDetections", "macie2:UpdateRevealConfiguration", "macie2:UpdateSensitivityInspectionTemplate", "managedblockchain:CreateAccessor", "managedblockchain:CreateMember", "managedblockchain:CreateNetwork", "managedblockchain:CreateNode", "managedblockchain:CreateProposal", "managedblockchain:DeleteAccessor", "managedblockchain:DeleteMember", "managedblockchain:DeleteNode", "managedblockchain:GET", "managedblockchain:GetAccessor", "managedblockchain:GetMember", "managedblockchain:GetNetwork", "managedblockchain:GetNode", "managedblockchain:GetProposal", "managedblockchain:Invoke", "managedblockchain:InvokeRpcBitcoinMainnet", "managedblockchain:InvokeRpcBitcoinTestnet", "managedblockchain:InvokeRpcPolygonMainnet", "managedblockchain:InvokeRpcPolygonMumbaiTestnet", "managedblockchain:ListAccessors", "managedblockchain:ListInvitations", "managedblockchain:ListMembers", "managedblockchain:ListNetworks", "managedblockchain:ListNodes", "managedblockchain:ListProposalVotes", "managedblockchain:ListProposals", "managedblockchain:ListTagsForResource", "managedblockchain:POST", "managedblockchain:RejectInvitation", "managedblockchain:TagResource", "managedblockchain:UntagResource", "managedblockchain:UpdateMember", "managedblockchain:UpdateNode", "managedblockchain:VoteOnProposal", "managedblockchain-query:BatchGetTokenBalance", "managedblockchain-query:GetAssetContract", "managedblockchain-query:GetTokenBalance", "managedblockchain-query:GetTransaction", "managedblockchain-query:ListAssetContracts", "managedblockchain-query:ListFilteredTransactionEvents", "managedblockchain-query:ListTokenBalances", "managedblockchain-query:ListTransactionEvents", "managedblockchain-query:ListTransactions", "mapcredits:ListAssociatedPrograms", "mapcredits:ListQuarterCredits", "mapcredits:ListQuarterSpend", "marketplacecommerceanalytics:GenerateDataSet", "marketplacecommerceanalytics:StartSupportDataExport", "mechanicalturk:AcceptQualificationRequest", "mechanicalturk:ApproveAssignment", "mechanicalturk:AssociateQualificationWithWorker", "mechanicalturk:CreateAdditionalAssignmentsForHIT", "mechanicalturk:CreateHIT", "mechanicalturk:CreateHITType", "mechanicalturk:CreateHITWithHITType", "mechanicalturk:CreateQualificationType", "mechanicalturk:CreateWorkerBlock", "mechanicalturk:DeleteHIT", "mechanicalturk:DeleteQualificationType", "mechanicalturk:DeleteWorkerBlock", "mechanicalturk:DisassociateQualificationFromWorker", "mechanicalturk:GetAccountBalance", "mechanicalturk:GetAssignment", "mechanicalturk:GetFileUploadURL", "mechanicalturk:GetHIT", "mechanicalturk:GetQualificationScore", "mechanicalturk:GetQualificationType", "mechanicalturk:ListAssignmentsForHIT", "mechanicalturk:ListBonusPayments", "mechanicalturk:ListHITs", "mechanicalturk:ListHITsForQualificationType", "mechanicalturk:ListQualificationRequests", "mechanicalturk:ListQualificationTypes", "mechanicalturk:ListReviewPolicyResultsForHIT", "mechanicalturk:ListReviewableHITs", "mechanicalturk:ListWorkerBlocks", "mechanicalturk:ListWorkersWithQualificationType", "mechanicalturk:NotifyWorkers", "mechanicalturk:RejectAssignment", "mechanicalturk:RejectQualificationRequest", "mechanicalturk:SendBonus", "mechanicalturk:SendTestEventNotification", "mechanicalturk:UpdateExpirationForHIT", "mechanicalturk:UpdateHITReviewStatus", "mechanicalturk:UpdateHITTypeOfHIT", "mechanicalturk:UpdateNotificationSettings", "mechanicalturk:UpdateQualificationType", "mediaconnect:AddBridgeOutputs", "mediaconnect:AddBridgeSources", "mediaconnect:AddFlowMediaStreams", "mediaconnect:AddFlowOutputs", "mediaconnect:AddFlowSources", "mediaconnect:AddFlowVpcInterfaces", "mediaconnect:CreateBridge", "mediaconnect:CreateFlow", "mediaconnect:CreateGateway", "mediaconnect:DeleteBridge", "mediaconnect:DeleteFlow", "mediaconnect:DeleteGateway", "mediaconnect:DeregisterGatewayInstance", "mediaconnect:DescribeBridge", "mediaconnect:DescribeFlow", "mediaconnect:DescribeFlowSourceMetadata", "mediaconnect:DescribeGateway", "mediaconnect:DescribeGatewayInstance", "mediaconnect:DescribeOffering", "mediaconnect:DescribeReservation", "mediaconnect:DiscoverGatewayPollEndpoint", "mediaconnect:GrantFlowEntitlements", "mediaconnect:ListBridges", "mediaconnect:ListEntitlements", "mediaconnect:ListFlows", "mediaconnect:ListGatewayInstances", "mediaconnect:ListGateways", "mediaconnect:ListOfferings", "mediaconnect:ListReservations", "mediaconnect:ListTagsForResource", "mediaconnect:PollGateway", "mediaconnect:PurchaseOffering", "mediaconnect:RemoveBridgeOutput", "mediaconnect:RemoveBridgeSource", "mediaconnect:RemoveFlowMediaStream", "mediaconnect:RemoveFlowOutput", "mediaconnect:RemoveFlowSource", "mediaconnect:RemoveFlowVpcInterface", "mediaconnect:RevokeFlowEntitlement", "mediaconnect:StartFlow", "mediaconnect:StopFlow", "mediaconnect:SubmitGatewayStateChange", "mediaconnect:TagResource", "mediaconnect:UntagResource", "mediaconnect:UpdateBridge", "mediaconnect:UpdateBridgeOutput", "mediaconnect:UpdateBridgeSource", "mediaconnect:UpdateBridgeState", "mediaconnect:UpdateFlow", "mediaconnect:UpdateFlowEntitlement", "mediaconnect:UpdateFlowMediaStream", "mediaconnect:UpdateFlowOutput", "mediaconnect:UpdateFlowSource", "mediaconnect:UpdateGatewayInstance", "mediaconvert:AssociateCertificate", "mediaconvert:CancelJob", "mediaconvert:CreateJob", "mediaconvert:CreateJobTemplate", "mediaconvert:CreatePreset", "mediaconvert:CreateQueue", "mediaconvert:DeleteJobTemplate", "mediaconvert:DeletePolicy", "mediaconvert:DeletePreset", "mediaconvert:DeleteQueue", "mediaconvert:DescribeEndpoints", "mediaconvert:DisassociateCertificate", "mediaconvert:GetJob", "mediaconvert:GetJobTemplate", "mediaconvert:GetPolicy", "mediaconvert:GetPreset", "mediaconvert:GetQueue", "mediaconvert:ListJobTemplates", "mediaconvert:ListJobs", "mediaconvert:ListPresets", "mediaconvert:ListQueues", "mediaconvert:ListTagsForResource", "mediaconvert:PutPolicy", "mediaconvert:TagResource", "mediaconvert:UntagResource", "mediaconvert:UpdateJobTemplate", "mediaconvert:UpdatePreset", "mediaconvert:UpdateQueue", "mediaimport:CreateDatabaseBinarySnapshot", "medialive:AcceptInputDeviceTransfer", "medialive:BatchDelete", "medialive:BatchStart", "medialive:BatchStop", "medialive:BatchUpdateSchedule", "medialive:CancelInputDeviceTransfer", "medialive:ClaimDevice", "medialive:CreateChannel", "medialive:CreateCloudWatchAlarmTemplate", "medialive:CreateCloudWatchAlarmTemplateGroup", "medialive:CreateEventBridgeRuleTemplate", "medialive:CreateEventBridgeRuleTemplateGroup", "medialive:CreateInput", "medialive:CreateInputSecurityGroup", "medialive:CreateMultiplex", "medialive:CreateMultiplexProgram", "medialive:CreatePartnerInput", "medialive:CreateSignalMap", "medialive:CreateTags", "medialive:DeleteChannel", "medialive:DeleteCloudWatchAlarmTemplate", "medialive:DeleteCloudWatchAlarmTemplateGroup", "medialive:DeleteEventBridgeRuleTemplate", "medialive:DeleteEventBridgeRuleTemplateGroup", "medialive:DeleteInput", "medialive:DeleteInputSecurityGroup", "medialive:DeleteMultiplex", "medialive:DeleteMultiplexProgram", "medialive:DeleteReservation", "medialive:DeleteSchedule", "medialive:DeleteSignalMap", "medialive:DeleteTags", "medialive:DescribeAccountConfiguration", "medialive:DescribeChannel", "medialive:DescribeInput", "medialive:DescribeInputDevice", "medialive:DescribeInputDeviceThumbnail", "medialive:DescribeInputSecurityGroup", "medialive:DescribeMultiplex", "medialive:DescribeMultiplexProgram", "medialive:DescribeOffering", "medialive:DescribeReservation", "medialive:DescribeSchedule", "medialive:DescribeThumbnails", "medialive:GetCloudWatchAlarmTemplate", "medialive:GetCloudWatchAlarmTemplateGroup", "medialive:GetEventBridgeRuleTemplate", "medialive:GetEventBridgeRuleTemplateGroup", "medialive:GetSignalMap", "medialive:ListChannels", "medialive:ListCloudWatchAlarmTemplateGroups", "medialive:ListCloudWatchAlarmTemplates", "medialive:ListEventBridgeRuleTemplateGroups", "medialive:ListEventBridgeRuleTemplates", "medialive:ListInputDeviceTransfers", "medialive:ListInputDevices", "medialive:ListInputSecurityGroups", "medialive:ListInputs", "medialive:ListMultiplexPrograms", "medialive:ListMultiplexes", "medialive:ListOfferings", "medialive:ListReservations", "medialive:ListSignalMaps", "medialive:ListTagsForResource", "medialive:PurchaseOffering", "medialive:RebootInputDevice", "medialive:RejectInputDeviceTransfer", "medialive:RestartChannelPipelines", "medialive:StartChannel", "medialive:StartDeleteMonitorDeployment", "medialive:StartInputDevice", "medialive:StartInputDeviceMaintenanceWindow", "medialive:StartMonitorDeployment", "medialive:StartMultiplex", "medialive:StartUpdateSignalMap", "medialive:StopChannel", "medialive:StopInputDevice", "medialive:StopMultiplex", "medialive:TransferInputDevice", "medialive:UpdateAccountConfiguration", "medialive:UpdateChannel", "medialive:UpdateChannelClass", "medialive:UpdateCloudWatchAlarmTemplate", "medialive:UpdateCloudWatchAlarmTemplateGroup", "medialive:UpdateEventBridgeRuleTemplate", "medialive:UpdateEventBridgeRuleTemplateGroup", "medialive:UpdateInput", "medialive:UpdateInputDevice", "medialive:UpdateInputSecurityGroup", "medialive:UpdateMultiplex", "medialive:UpdateMultiplexProgram", "medialive:UpdateReservation", "mediapackage:ConfigureLogs", "mediapackage:CreateChannel", "mediapackage:CreateHarvestJob", "mediapackage:CreateOriginEndpoint", "mediapackage:DeleteChannel", "mediapackage:DeleteOriginEndpoint", "mediapackage:DescribeChannel", "mediapackage:DescribeHarvestJob", "mediapackage:DescribeOriginEndpoint", "mediapackage:ListChannels", "mediapackage:ListHarvestJobs", "mediapackage:ListOriginEndpoints", "mediapackage:ListTagsForResource", "mediapackage:RotateChannelCredentials", "mediapackage:RotateIngestEndpointCredentials", "mediapackage:TagResource", "mediapackage:UntagResource", "mediapackage:UpdateChannel", "mediapackage:UpdateOriginEndpoint", "mediapackage-vod:ConfigureLogs", "mediapackage-vod:CreateAsset", "mediapackage-vod:CreatePackagingConfiguration", "mediapackage-vod:CreatePackagingGroup", "mediapackage-vod:DeleteAsset", "mediapackage-vod:DeletePackagingConfiguration", "mediapackage-vod:DeletePackagingGroup", "mediapackage-vod:DescribeAsset", "mediapackage-vod:DescribePackagingConfiguration", "mediapackage-vod:DescribePackagingGroup", "mediapackage-vod:ListAssets", "mediapackage-vod:ListPackagingConfigurations", "mediapackage-vod:ListPackagingGroups", "mediapackage-vod:ListTagsForResource", "mediapackage-vod:TagResource", "mediapackage-vod:UntagResource", "mediapackage-vod:UpdatePackagingGroup", "mediapackagev2:CreateChannel", "mediapackagev2:CreateChannelGroup", "mediapackagev2:CreateOriginEndpoint", "mediapackagev2:DeleteChannel", "mediapackagev2:DeleteChannelGroup", "mediapackagev2:DeleteChannelPolicy", "mediapackagev2:DeleteOriginEndpoint", "mediapackagev2:DeleteOriginEndpointPolicy", "mediapackagev2:GetChannel", "mediapackagev2:GetChannelGroup", "mediapackagev2:GetChannelPolicy", "mediapackagev2:GetHeadObject", "mediapackagev2:GetObject", "mediapackagev2:GetOriginEndpoint", "mediapackagev2:GetOriginEndpointPolicy", "mediapackagev2:ListChannelGroups", "mediapackagev2:ListChannels", "mediapackagev2:ListOriginEndpoints", "mediapackagev2:ListTagsForResource", "mediapackagev2:PutChannelPolicy", "mediapackagev2:PutObject", "mediapackagev2:PutOriginEndpointPolicy", "mediapackagev2:TagResource", "mediapackagev2:UntagResource", "mediapackagev2:UpdateChannel", "mediapackagev2:UpdateChannelGroup", "mediapackagev2:UpdateOriginEndpoint", "mediastore:CreateContainer", "mediastore:DeleteContainer", "mediastore:DeleteContainerPolicy", "mediastore:DeleteCorsPolicy", "mediastore:DeleteLifecyclePolicy", "mediastore:DeleteMetricPolicy", "mediastore:DeleteObject", "mediastore:DescribeContainer", "mediastore:DescribeObject", "mediastore:GetContainerPolicy", "mediastore:GetCorsPolicy", "mediastore:GetLifecyclePolicy", "mediastore:GetMetricPolicy", "mediastore:GetObject", "mediastore:ListContainers", "mediastore:ListItems", "mediastore:ListTagsForResource", "mediastore:PutContainerPolicy", "mediastore:PutCorsPolicy", "mediastore:PutLifecyclePolicy", "mediastore:PutMetricPolicy", "mediastore:PutObject", "mediastore:StartAccessLogging", "mediastore:StopAccessLogging", "mediastore:TagResource", "mediastore:UntagResource", "mediatailor:ConfigureLogsForChannel", "mediatailor:ConfigureLogsForPlaybackConfiguration", "mediatailor:CreateChannel", "mediatailor:CreateLiveSource", "mediatailor:CreatePrefetchSchedule", "mediatailor:CreateProgram", "mediatailor:CreateSourceLocation", "mediatailor:CreateVodSource", "mediatailor:DeleteChannel", "mediatailor:DeleteChannelPolicy", "mediatailor:DeleteLiveSource", "mediatailor:DeletePlaybackConfiguration", "mediatailor:DeletePrefetchSchedule", "mediatailor:DeleteProgram", "mediatailor:DeleteSourceLocation", "mediatailor:DeleteVodSource", "mediatailor:DescribeChannel", "mediatailor:DescribeLiveSource", "mediatailor:DescribeProgram", "mediatailor:DescribeSourceLocation", "mediatailor:DescribeVodSource", "mediatailor:GetChannelPolicy", "mediatailor:GetChannelSchedule", "mediatailor:GetPlaybackConfiguration", "mediatailor:GetPrefetchSchedule", "mediatailor:ListAlerts", "mediatailor:ListChannels", "mediatailor:ListLiveSources", "mediatailor:ListPlaybackConfigurations", "mediatailor:ListPrefetchSchedules", "mediatailor:ListSourceLocations", "mediatailor:ListTagsForResource", "mediatailor:ListVodSources", "mediatailor:PutChannelPolicy", "mediatailor:PutPlaybackConfiguration", "mediatailor:StartChannel", "mediatailor:StopChannel", "mediatailor:TagResource", "mediatailor:UntagResource", "mediatailor:UpdateChannel", "mediatailor:UpdateLiveSource", "mediatailor:UpdateProgram", "mediatailor:UpdateSourceLocation", "mediatailor:UpdateVodSource", "medical-imaging:CopyImageSet", "medical-imaging:CreateDatastore", "medical-imaging:DeleteDatastore", "medical-imaging:DeleteImageSet", "medical-imaging:GetDICOMImportJob", "medical-imaging:GetDatastore", "medical-imaging:GetImageFrame", "medical-imaging:GetImageSet", "medical-imaging:GetImageSetMetadata", "medical-imaging:ListDICOMImportJobs", "medical-imaging:ListDatastores", "medical-imaging:ListImageSetVersions", "medical-imaging:ListTagsForResource", "medical-imaging:SearchImageSets", "medical-imaging:StartDICOMImportJob", "medical-imaging:TagResource", "medical-imaging:UntagResource", "medical-imaging:UpdateImageSetMetadata", "memorydb:BatchUpdateCluster", "memorydb:Connect", "memorydb:CopySnapshot", "memorydb:CreateAcl", "memorydb:CreateCluster", "memorydb:CreateParameterGroup", "memorydb:CreateSnapshot", "memorydb:CreateSubnetGroup", "memorydb:CreateUser", "memorydb:DeleteAcl", "memorydb:DeleteCluster", "memorydb:DeleteParameterGroup", "memorydb:DeleteSnapshot", "memorydb:DeleteSubnetGroup", "memorydb:DeleteUser", "memorydb:DescribeAcls", "memorydb:DescribeClusters", "memorydb:DescribeEngineVersions", "memorydb:DescribeEvents", "memorydb:DescribeParameterGroups", "memorydb:DescribeParameters", "memorydb:DescribeReservedNodes", "memorydb:DescribeReservedNodesOfferings", "memorydb:DescribeServiceUpdates", "memorydb:DescribeSnapshots", "memorydb:DescribeSubnetGroups", "memorydb:DescribeUsers", "memorydb:FailoverShard", "memorydb:ListAllowedNodeTypeUpdates", "memorydb:ListTags", "memorydb:PurchaseReservedNodesOffering", "memorydb:ResetParameterGroup", "memorydb:TagResource", "memorydb:UntagResource", "memorydb:UpdateAcl", "memorydb:UpdateCluster", "memorydb:UpdateParameterGroup", "memorydb:UpdateSubnetGroup", "memorydb:UpdateUser", "mgh:AssociateCreatedArtifact", "mgh:AssociateDiscoveredResource", "mgh:CreateHomeRegionControl", "mgh:CreateProgressUpdateStream", "mgh:DeleteHomeRegionControl", "mgh:DeleteProgressUpdateStream", "mgh:DescribeApplicationState", "mgh:DescribeHomeRegionControls", "mgh:DescribeMigrationTask", "mgh:DisassociateCreatedArtifact", "mgh:DisassociateDiscoveredResource", "mgh:GetHomeRegion", "mgh:ImportMigrationTask", "mgh:ListApplicationStates", "mgh:ListCreatedArtifacts", "mgh:ListDiscoveredResources", "mgh:ListMigrationTasks", "mgh:ListProgressUpdateStreams", "mgh:NotifyApplicationState", "mgh:NotifyMigrationTaskState", "mgh:PutResourceAttributes", "mgn:ArchiveApplication", "mgn:ArchiveWave", "mgn:AssociateApplications", "mgn:AssociateSourceServers", "mgn:BatchCreateVolumeSnapshotGroupForMgn", "mgn:BatchDeleteSnapshotRequestForMgn", "mgn:ChangeServerLifeCycleState", "mgn:CreateApplication", "mgn:CreateConnector", "mgn:CreateLaunchConfigurationTemplate", "mgn:CreateReplicationConfigurationTemplate", "mgn:CreateVcenterClientForMgn", "mgn:CreateWave", "mgn:DeleteApplication", "mgn:DeleteConnector", "mgn:DeleteJob", "mgn:DeleteLaunchConfigurationTemplate", "mgn:DeleteReplicationConfigurationTemplate", "mgn:DeleteSourceServer", "mgn:DeleteVcenterClient", "mgn:DeleteWave", "mgn:DescribeJobLogItems", "mgn:DescribeJobs", "mgn:DescribeLaunchConfigurationTemplates", "mgn:DescribeReplicationConfigurationTemplates", "mgn:DescribeReplicationServerAssociationsForMgn", "mgn:DescribeSnapshotRequestsForMgn", "mgn:DescribeSourceServers", "mgn:DescribeVcenterClients", "mgn:DisassociateApplications", "mgn:DisassociateSourceServers", "mgn:DisconnectFromService", "mgn:FinalizeCutover", "mgn:GetAgentCommandForMgn", "mgn:GetAgentConfirmedResumeInfoForMgn", "mgn:GetAgentInstallationAssetsForMgn", "mgn:GetAgentReplicationInfoForMgn", "mgn:GetAgentRuntimeConfigurationForMgn", "mgn:GetAgentSnapshotCreditsForMgn", "mgn:GetChannelCommandsForMgn", "mgn:GetLaunchConfiguration", "mgn:GetReplicationConfiguration", "mgn:GetVcenterClientCommandsForMgn", "mgn:InitializeService", "mgn:IssueClientCertificateForMgn", "mgn:ListApplications", "mgn:ListConnectors", "mgn:ListExportErrors", "mgn:ListExports", "mgn:ListImportErrors", "mgn:ListImports", "mgn:ListManagedAccounts", "mgn:ListSourceServerActions", "mgn:ListTagsForResource", "mgn:ListTemplateActions", "mgn:ListWaves", "mgn:MarkAsArchived", "mgn:NotifyAgentAuthenticationForMgn", "mgn:NotifyAgentConnectedForMgn", "mgn:NotifyAgentDisconnectedForMgn", "mgn:NotifyAgentReplicationProgressForMgn", "mgn:NotifyVcenterClientStartedForMgn", "mgn:PauseReplication", "mgn:PutSourceServerAction", "mgn:PutTemplateAction", "mgn:RegisterAgentForMgn", "mgn:RemoveSourceServerAction", "mgn:RemoveTemplateAction", "mgn:ResumeReplication", "mgn:RetryDataReplication", "mgn:SendAgentLogsForMgn", "mgn:SendAgentMetricsForMgn", "mgn:SendChannelCommandResultForMgn", "mgn:SendClientLogsForMgn", "mgn:SendClientMetricsForMgn", "mgn:SendVcenterClientCommandResultForMgn", "mgn:SendVcenterClientLogsForMgn", "mgn:SendVcenterClientMetricsForMgn", "mgn:StartCutover", "mgn:StartExport", "mgn:StartImport", "mgn:StartReplication", "mgn:StartTest", "mgn:StopReplication", "mgn:TagResource", "mgn:TerminateTargetInstances", "mgn:UnarchiveApplication", "mgn:UnarchiveWave", "mgn:UntagResource", "mgn:UpdateAgentBacklogForMgn", "mgn:UpdateAgentConversionInfoForMgn", "mgn:UpdateAgentReplicationInfoForMgn", "mgn:UpdateAgentReplicationProcessStateForMgn", "mgn:UpdateAgentSourcePropertiesForMgn", "mgn:UpdateApplication", "mgn:UpdateConnector", "mgn:UpdateLaunchConfiguration", "mgn:UpdateLaunchConfigurationTemplate", "mgn:UpdateReplicationConfiguration", "mgn:UpdateReplicationConfigurationTemplate", "mgn:UpdateSourceServer", "mgn:UpdateSourceServerReplicationType", "mgn:UpdateWave", "mgn:VerifyClientRoleForMgn", "migrationhub-orchestrator:CreateTemplate", "migrationhub-orchestrator:CreateWorkflow", "migrationhub-orchestrator:CreateWorkflowStep", "migrationhub-orchestrator:CreateWorkflowStepGroup", "migrationhub-orchestrator:DeleteTemplate", "migrationhub-orchestrator:DeleteWorkflow", "migrationhub-orchestrator:DeleteWorkflowStep", "migrationhub-orchestrator:DeleteWorkflowStepGroup", "migrationhub-orchestrator:GetMessage", "migrationhub-orchestrator:GetTemplate", "migrationhub-orchestrator:GetTemplateStep", "migrationhub-orchestrator:GetTemplateStepGroup", "migrationhub-orchestrator:GetWorkflow", "migrationhub-orchestrator:GetWorkflowStep", "migrationhub-orchestrator:GetWorkflowStepGroup", "migrationhub-orchestrator:ListPlugins", "migrationhub-orchestrator:ListTagsForResource", "migrationhub-orchestrator:ListTemplateStepGroups", "migrationhub-orchestrator:ListTemplateSteps", "migrationhub-orchestrator:ListTemplates", "migrationhub-orchestrator:ListWorkflowStepGroups", "migrationhub-orchestrator:ListWorkflowSteps", "migrationhub-orchestrator:ListWorkflows", "migrationhub-orchestrator:RegisterPlugin", "migrationhub-orchestrator:RetryWorkflowStep", "migrationhub-orchestrator:SendMessage", "migrationhub-orchestrator:StartWorkflow", "migrationhub-orchestrator:StopWorkflow", "migrationhub-orchestrator:TagResource", "migrationhub-orchestrator:UntagResource", "migrationhub-orchestrator:UpdateTemplate", "migrationhub-orchestrator:UpdateWorkflow", "migrationhub-orchestrator:UpdateWorkflowStep", "migrationhub-orchestrator:UpdateWorkflowStepGroup", "migrationhub-strategy:GetAntiPattern", "migrationhub-strategy:GetApplicationComponentDetails", "migrationhub-strategy:GetApplicationComponentStrategies", "migrationhub-strategy:GetAssessment", "migrationhub-strategy:GetImportFileTask", "migrationhub-strategy:GetLatestAssessmentId", "migrationhub-strategy:GetMessage", "migrationhub-strategy:GetPortfolioPreferences", "migrationhub-strategy:GetPortfolioSummary", "migrationhub-strategy:GetRecommendationReportDetails", "migrationhub-strategy:GetServerDetails", "migrationhub-strategy:GetServerStrategies", "migrationhub-strategy:ListAnalyzableServers", "migrationhub-strategy:ListAntiPatterns", "migrationhub-strategy:ListApplicationComponents", "migrationhub-strategy:ListCollectors", "migrationhub-strategy:ListImportFileTask", "migrationhub-strategy:ListJarArtifacts", "migrationhub-strategy:ListServers", "migrationhub-strategy:PutLogData", "migrationhub-strategy:PutMetricData", "migrationhub-strategy:PutPortfolioPreferences", "migrationhub-strategy:RegisterCollector", "migrationhub-strategy:SendMessage", "migrationhub-strategy:StartAssessment", "migrationhub-strategy:StartImportFileTask", "migrationhub-strategy:StartRecommendationReportGeneration", "migrationhub-strategy:StopAssessment", "migrationhub-strategy:UpdateApplicationComponentConfig", "migrationhub-strategy:UpdateCollectorConfiguration", "migrationhub-strategy:UpdateServerConfig", "mobileanalytics:GetFinancialReports", "mobileanalytics:GetReports", "mobileanalytics:PutEvents", "mobiletargeting:CreateApp", "mobiletargeting:CreateCampaign", "mobiletargeting:CreateEmailTemplate", "mobiletargeting:CreateExportJob", "mobiletargeting:CreateImportJob", "mobiletargeting:CreateInAppTemplate", "mobiletargeting:CreateJourney", "mobiletargeting:CreatePushTemplate", "mobiletargeting:CreateRecommenderConfiguration", "mobiletargeting:CreateSegment", "mobiletargeting:CreateSmsTemplate", "mobiletargeting:CreateVoiceTemplate", "mobiletargeting:DeleteAdmChannel", "mobiletargeting:DeleteApnsChannel", "mobiletargeting:DeleteApnsSandboxChannel", "mobiletargeting:DeleteApnsVoipChannel", "mobiletargeting:DeleteApnsVoipSandboxChannel", "mobiletargeting:DeleteApp", "mobiletargeting:DeleteBaiduChannel", "mobiletargeting:DeleteCampaign", "mobiletargeting:DeleteEmailChannel", "mobiletargeting:DeleteEmailTemplate", "mobiletargeting:DeleteEndpoint", "mobiletargeting:DeleteEventStream", "mobiletargeting:DeleteGcmChannel", "mobiletargeting:DeleteInAppTemplate", "mobiletargeting:DeleteJourney", "mobiletargeting:DeletePushTemplate", "mobiletargeting:DeleteRecommenderConfiguration", "mobiletargeting:DeleteSegment", "mobiletargeting:DeleteSmsChannel", "mobiletargeting:DeleteSmsTemplate", "mobiletargeting:DeleteUserEndpoints", "mobiletargeting:DeleteVoiceChannel", "mobiletargeting:DeleteVoiceTemplate", "mobiletargeting:GetAdmChannel", "mobiletargeting:GetApnsChannel", "mobiletargeting:GetApnsSandboxChannel", "mobiletargeting:GetApnsVoipChannel", "mobiletargeting:GetApnsVoipSandboxChannel", "mobiletargeting:GetApp", "mobiletargeting:GetApplicationDateRangeKpi", "mobiletargeting:GetApplicationSettings", "mobiletargeting:GetApps", "mobiletargeting:GetBaiduChannel", "mobiletargeting:GetCampaign", "mobiletargeting:GetCampaignActivities", "mobiletargeting:GetCampaignDateRangeKpi", "mobiletargeting:GetCampaignVersion", "mobiletargeting:GetCampaignVersions", "mobiletargeting:GetCampaigns", "mobiletargeting:GetChannels", "mobiletargeting:GetEmailChannel", "mobiletargeting:GetEmailTemplate", "mobiletargeting:GetEndpoint", "mobiletargeting:GetEventStream", "mobiletargeting:GetExportJob", "mobiletargeting:GetExportJobs", "mobiletargeting:GetGcmChannel", "mobiletargeting:GetImportJob", "mobiletargeting:GetImportJobs", "mobiletargeting:GetInAppMessages", "mobiletargeting:GetInAppTemplate", "mobiletargeting:GetJourney", "mobiletargeting:GetJourneyDateRangeKpi", "mobiletargeting:GetJourneyExecutionActivityMetrics", "mobiletargeting:GetJourneyExecutionMetrics", "mobiletargeting:GetJourneyRunExecutionActivityMetrics", "mobiletargeting:GetJourneyRunExecutionMetrics", "mobiletargeting:GetJourneyRuns", "mobiletargeting:GetPushTemplate", "mobiletargeting:GetRecommenderConfiguration", "mobiletargeting:GetRecommenderConfigurations", "mobiletargeting:GetReports", "mobiletargeting:GetSegment", "mobiletargeting:GetSegmentExportJobs", "mobiletargeting:GetSegmentImportJobs", "mobiletargeting:GetSegmentVersion", "mobiletargeting:GetSegmentVersions", "mobiletargeting:GetSegments", "mobiletargeting:GetSmsChannel", "mobiletargeting:GetSmsTemplate", "mobiletargeting:GetUserEndpoints", "mobiletargeting:GetVoiceChannel", "mobiletargeting:GetVoiceTemplate", "mobiletargeting:ListJourneys", "mobiletargeting:ListTagsForResource", "mobiletargeting:ListTemplateVersions", "mobiletargeting:ListTemplates", "mobiletargeting:PhoneNumberValidate", "mobiletargeting:PutEventStream", "mobiletargeting:PutEvents", "mobiletargeting:RemoveAttributes", "mobiletargeting:SendMessages", "mobiletargeting:SendOTPMessage", "mobiletargeting:SendUsersMessages", "mobiletargeting:TagResource", "mobiletargeting:UntagResource", "mobiletargeting:UpdateAdmChannel", "mobiletargeting:UpdateApnsChannel", "mobiletargeting:UpdateApnsSandboxChannel", "mobiletargeting:UpdateApnsVoipChannel", "mobiletargeting:UpdateApnsVoipSandboxChannel", "mobiletargeting:UpdateApplicationSettings", "mobiletargeting:UpdateBaiduChannel", "mobiletargeting:UpdateCampaign", "mobiletargeting:UpdateEmailChannel", "mobiletargeting:UpdateEmailTemplate", "mobiletargeting:UpdateEndpoint", "mobiletargeting:UpdateEndpointsBatch", "mobiletargeting:UpdateGcmChannel", "mobiletargeting:UpdateInAppTemplate", "mobiletargeting:UpdateJourney", "mobiletargeting:UpdateJourneyState", "mobiletargeting:UpdatePushTemplate", "mobiletargeting:UpdateRecommenderConfiguration", "mobiletargeting:UpdateSegment", "mobiletargeting:UpdateSmsChannel", "mobiletargeting:UpdateSmsTemplate", "mobiletargeting:UpdateTemplateActiveVersion", "mobiletargeting:UpdateVoiceChannel", "mobiletargeting:UpdateVoiceTemplate", "mobiletargeting:VerifyOTPMessage", "monitron:AssociateProjectAdminUser", "monitron:CreateProject", "monitron:CreateProjectUserAssociation", "monitron:CreateUserAccessRoleAssociation", "monitron:DeleteProject", "monitron:DeleteProjectUserAssociation", "monitron:DeleteUserAccessRoleAssociation", "monitron:DisassociateProjectAdminUser", "monitron:GetProject", "monitron:GetProjectAdminUser", "monitron:ListProjectAdminUsers", "monitron:ListProjectUserAssociations", "monitron:ListProjects", "monitron:ListTagsForResource", "monitron:ListUserAccessRoleAssociations", "monitron:TagResource", "monitron:UntagResource", "monitron:UpdateProject", "mq:CreateBroker", "mq:CreateConfiguration", "mq:CreateReplicaBroker", "mq:CreateTags", "mq:CreateUser", "mq:DeleteBroker", "mq:DeleteTags", "mq:DeleteUser", "mq:DescribeBroker", "mq:DescribeBrokerEngineTypes", "mq:DescribeBrokerInstanceOptions", "mq:DescribeConfiguration", "mq:DescribeConfigurationRevision", "mq:DescribeUser", "mq:ListBrokers", "mq:ListConfigurationRevisions", "mq:ListConfigurations", "mq:ListTags", "mq:ListUsers", "mq:Promote", "mq:RebootBroker", "mq:UpdateBroker", "mq:UpdateConfiguration", "mq:UpdateUser", "neptune-db:CancelLoaderJob", "neptune-db:CancelMLDataProcessingJob", "neptune-db:CancelMLModelTrainingJob", "neptune-db:CancelMLModelTransformJob", "neptune-db:CancelQuery", "neptune-db:CreateMLEndpoint", "neptune-db:DeleteDataViaQuery", "neptune-db:DeleteMLEndpoint", "neptune-db:DeleteStatistics", "neptune-db:GetEngineStatus", "neptune-db:GetGraphSummary", "neptune-db:GetLoaderJobStatus", "neptune-db:GetMLDataProcessingJobStatus", "neptune-db:GetMLEndpointStatus", "neptune-db:GetMLModelTrainingJobStatus", "neptune-db:GetMLModelTransformJobStatus", "neptune-db:GetQueryStatus", "neptune-db:GetStatisticsStatus", "neptune-db:GetStreamRecords", "neptune-db:ListLoaderJobs", "neptune-db:ListMLDataProcessingJobs", "neptune-db:ListMLEndpoints", "neptune-db:ListMLModelTrainingJobs", "neptune-db:ListMLModelTransformJobs", "neptune-db:ManageStatistics", "neptune-db:ReadDataViaQuery", "neptune-db:ResetDatabase", "neptune-db:StartLoaderJob", "neptune-db:StartMLDataProcessingJob", "neptune-db:StartMLModelTrainingJob", "neptune-db:StartMLModelTransformJob", "neptune-db:WriteDataViaQuery", "neptune-db:connect", "neptune-graph:CancelImportTask", "neptune-graph:CancelQuery", "neptune-graph:CreateGraph", "neptune-graph:CreateGraphSnapshot", "neptune-graph:CreateGraphUsingImportTask", "neptune-graph:CreatePrivateGraphEndpoint", "neptune-graph:DeleteDataViaQuery", "neptune-graph:DeleteGraph", "neptune-graph:DeleteGraphSnapshot", "neptune-graph:DeletePrivateGraphEndpoint", "neptune-graph:GetEngineStatus", "neptune-graph:GetGraph", "neptune-graph:GetGraphSnapshot", "neptune-graph:GetGraphSummary", "neptune-graph:GetImportTask", "neptune-graph:GetPrivateGraphEndpoint", "neptune-graph:GetQueryStatus", "neptune-graph:GetStatisticsStatus", "neptune-graph:ListGraphSnapshots", "neptune-graph:ListGraphs", "neptune-graph:ListImportTasks", "neptune-graph:ListPrivateGraphEndpoints", "neptune-graph:ListQueries", "neptune-graph:ListTagsForResource", "neptune-graph:ReadDataViaQuery", "neptune-graph:ResetGraph", "neptune-graph:RestoreGraphFromSnapshot", "neptune-graph:StartImportTask", "neptune-graph:TagResource", "neptune-graph:UntagResource", "neptune-graph:UpdateGraph", "neptune-graph:WriteDataViaQuery", "network-firewall:AssociateFirewallPolicy", "network-firewall:AssociateSubnets", "network-firewall:CreateFirewall", "network-firewall:CreateFirewallPolicy", "network-firewall:CreateRuleGroup", "network-firewall:CreateTLSInspectionConfiguration", "network-firewall:DeleteFirewall", "network-firewall:DeleteFirewallPolicy", "network-firewall:DeleteResourcePolicy", "network-firewall:DeleteRuleGroup", "network-firewall:DeleteTLSInspectionConfiguration", "network-firewall:DescribeFirewall", "network-firewall:DescribeFirewallPolicy", "network-firewall:DescribeLoggingConfiguration", "network-firewall:DescribeResourcePolicy", "network-firewall:DescribeRuleGroup", "network-firewall:DescribeRuleGroupMetadata", "network-firewall:DescribeTLSInspectionConfiguration", "network-firewall:DisassociateSubnets", "network-firewall:ListFirewallPolicies", "network-firewall:ListFirewalls", "network-firewall:ListRuleGroups", "network-firewall:ListTLSInspectionConfigurations", "network-firewall:ListTagsForResource", "network-firewall:PutResourcePolicy", "network-firewall:TagResource", "network-firewall:UntagResource", "network-firewall:UpdateFirewallDeleteProtection", "network-firewall:UpdateFirewallDescription", "network-firewall:UpdateFirewallEncryptionConfiguration", "network-firewall:UpdateFirewallPolicy", "network-firewall:UpdateFirewallPolicyChangeProtection", "network-firewall:UpdateLoggingConfiguration", "network-firewall:UpdateRuleGroup", "network-firewall:UpdateSubnetChangeProtection", "network-firewall:UpdateTLSInspectionConfiguration", "networkmanager:AcceptAttachment", "networkmanager:AssociateConnectPeer", "networkmanager:AssociateCustomerGateway", "networkmanager:AssociateLink", "networkmanager:AssociateTransitGatewayConnectPeer", "networkmanager:CreateConnectAttachment", "networkmanager:CreateConnectPeer", "networkmanager:CreateConnection", "networkmanager:CreateCoreNetwork", "networkmanager:CreateDevice", "networkmanager:CreateGlobalNetwork", "networkmanager:CreateLink", "networkmanager:CreateSite", "networkmanager:CreateSiteToSiteVpnAttachment", "networkmanager:CreateTransitGatewayPeering", "networkmanager:CreateTransitGatewayRouteTableAttachment", "networkmanager:CreateVpcAttachment", "networkmanager:DeleteAttachment", "networkmanager:DeleteConnectPeer", "networkmanager:DeleteConnection", "networkmanager:DeleteCoreNetwork", "networkmanager:DeleteCoreNetworkPolicyVersion", "networkmanager:DeleteDevice", "networkmanager:DeleteGlobalNetwork", "networkmanager:DeleteLink", "networkmanager:DeletePeering", "networkmanager:DeleteResourcePolicy", "networkmanager:DeleteSite", "networkmanager:DeregisterTransitGateway", "networkmanager:DescribeGlobalNetworks", "networkmanager:DisassociateConnectPeer", "networkmanager:DisassociateCustomerGateway", "networkmanager:DisassociateLink", "networkmanager:DisassociateTransitGatewayConnectPeer", "networkmanager:ExecuteCoreNetworkChangeSet", "networkmanager:GetConnectAttachment", "networkmanager:GetConnectPeer", "networkmanager:GetConnectPeerAssociations", "networkmanager:GetConnections", "networkmanager:GetCoreNetwork", "networkmanager:GetCoreNetworkChangeEvents", "networkmanager:GetCoreNetworkChangeSet", "networkmanager:GetCoreNetworkPolicy", "networkmanager:GetCustomerGatewayAssociations", "networkmanager:GetDevices", "networkmanager:GetLinkAssociations", "networkmanager:GetLinks", "networkmanager:GetNetworkResourceCounts", "networkmanager:GetNetworkResourceRelationships", "networkmanager:GetNetworkResources", "networkmanager:GetNetworkRoutes", "networkmanager:GetNetworkTelemetry", "networkmanager:GetResourcePolicy", "networkmanager:GetRouteAnalysis", "networkmanager:GetSiteToSiteVpnAttachment", "networkmanager:GetSites", "networkmanager:GetTransitGatewayConnectPeerAssociations", "networkmanager:GetTransitGatewayPeering", "networkmanager:GetTransitGatewayRegistrations", "networkmanager:GetTransitGatewayRouteTableAttachment", "networkmanager:GetVpcAttachment", "networkmanager:ListAttachments", "networkmanager:ListConnectPeers", "networkmanager:ListCoreNetworkPolicyVersions", "networkmanager:ListCoreNetworks", "networkmanager:ListOrganizationServiceAccessStatus", "networkmanager:ListPeerings", "networkmanager:ListTagsForResource", "networkmanager:PutCoreNetworkPolicy", "networkmanager:PutResourcePolicy", "networkmanager:RegisterTransitGateway", "networkmanager:RejectAttachment", "networkmanager:RestoreCoreNetworkPolicyVersion", "networkmanager:StartOrganizationServiceAccessUpdate", "networkmanager:StartRouteAnalysis", "networkmanager:TagResource", "networkmanager:UntagResource", "networkmanager:UpdateConnection", "networkmanager:UpdateCoreNetwork", "networkmanager:UpdateDevice", "networkmanager:UpdateGlobalNetwork", "networkmanager:UpdateLink", "networkmanager:UpdateNetworkResourceMetadata", "networkmanager:UpdateSite", "networkmanager:UpdateVpcAttachment", "networkmanager-chat:CancelMessageResponse", "networkmanager-chat:CreateConversation", "networkmanager-chat:DeleteConversation", "networkmanager-chat:ListConversationMessages", "networkmanager-chat:ListConversations", "networkmanager-chat:NotifyConversationIsActive", "networkmanager-chat:SendConversationMessage", "networkmonitor:CreateMonitor", "networkmonitor:CreateProbe", "networkmonitor:DeleteMonitor", "networkmonitor:DeleteProbe", "networkmonitor:GetMonitor", "networkmonitor:GetProbe", "networkmonitor:ListMonitors", "networkmonitor:ListTagsForResource", "networkmonitor:TagResource", "networkmonitor:UntagResource", "networkmonitor:UpdateMonitor", "networkmonitor:UpdateProbe", "nimble:AcceptEulas", "nimble:CreateLaunchProfile", "nimble:CreateStreamingImage", "nimble:CreateStreamingSession", "nimble:CreateStreamingSessionStream", "nimble:CreateStudio", "nimble:CreateStudioComponent", "nimble:DeleteLaunchProfile", "nimble:DeleteLaunchProfileMember", "nimble:DeleteStreamingImage", "nimble:DeleteStreamingSession", "nimble:DeleteStudio", "nimble:DeleteStudioComponent", "nimble:DeleteStudioMember", "nimble:GetEula", "nimble:GetFeatureMap", "nimble:GetLaunchProfile", "nimble:GetLaunchProfileDetails", "nimble:GetLaunchProfileInitialization", "nimble:GetLaunchProfileMember", "nimble:GetStreamingImage", "nimble:GetStreamingSession", "nimble:GetStreamingSessionBackup", "nimble:GetStreamingSessionStream", "nimble:GetStudio", "nimble:GetStudioComponent", "nimble:GetStudioMember", "nimble:ListEulaAcceptances", "nimble:ListEulas", "nimble:ListLaunchProfileMembers", "nimble:ListLaunchProfiles", "nimble:ListStreamingImages", "nimble:ListStreamingSessionBackups", "nimble:ListStreamingSessions", "nimble:ListStudioComponents", "nimble:ListStudioMembers", "nimble:ListStudios", "nimble:ListTagsForResource", "nimble:PutLaunchProfileMembers", "nimble:PutStudioLogEvents", "nimble:PutStudioMembers", "nimble:StartStreamingSession", "nimble:StartStudioSSOConfigurationRepair", "nimble:StopStreamingSession", "nimble:TagResource", "nimble:UntagResource", "nimble:UpdateLaunchProfile", "nimble:UpdateLaunchProfileMember", "nimble:UpdateStreamingImage", "nimble:UpdateStudio", "nimble:UpdateStudioComponent", "notifications:AssociateChannel", "notifications:CreateEventRule", "notifications:CreateNotificationConfiguration", "notifications:DeleteEventRule", "notifications:DeleteNotificationConfiguration", "notifications:DeregisterNotificationHub", "notifications:DisassociateChannel", "notifications:GetEventRule", "notifications:GetNotificationConfiguration", "notifications:GetNotificationEvent", "notifications:ListChannels", "notifications:ListEventRules", "notifications:ListNotificationConfigurations", "notifications:ListNotificationEvents", "notifications:ListNotificationHubs", "notifications:ListTagsForResource", "notifications:RegisterNotificationHub", "notifications:TagResource", "notifications:UntagResource", "notifications:UpdateEventRule", "notifications:UpdateNotificationConfiguration", "notifications-contacts:ActivateEmailContact", "notifications-contacts:CreateEmailContact", "notifications-contacts:DeleteEmailContact", "notifications-contacts:GetEmailContact", "notifications-contacts:ListEmailContacts", "notifications-contacts:ListTagsForResource", "notifications-contacts:SendActivationCode", "notifications-contacts:TagResource", "notifications-contacts:UntagResource", "oam:CreateLink", "oam:CreateSink", "oam:DeleteLink", "oam:DeleteSink", "oam:GetLink", "oam:GetSink", "oam:GetSinkPolicy", "oam:ListAttachedLinks", "oam:ListLinks", "oam:ListSinks", "oam:ListTagsForResource", "oam:PutSinkPolicy", "oam:TagResource", "oam:UntagResource", "oam:UpdateLink", "omics:AbortMultipartReadSetUpload", "omics:AcceptShare", "omics:BatchDeleteReadSet", "omics:CancelAnnotationImportJob", "omics:CancelRun", "omics:CancelVariantImportJob", "omics:CompleteMultipartReadSetUpload", "omics:CreateAnnotationStore", "omics:CreateAnnotationStoreVersion", "omics:CreateMultipartReadSetUpload", "omics:CreateReferenceStore", "omics:CreateRunGroup", "omics:CreateSequenceStore", "omics:CreateShare", "omics:CreateVariantStore", "omics:CreateWorkflow", "omics:DeleteAnnotationStore", "omics:DeleteAnnotationStoreVersions", "omics:DeleteReference", "omics:DeleteReferenceStore", "omics:DeleteRun", "omics:DeleteRunGroup", "omics:DeleteSequenceStore", "omics:DeleteShare", "omics:DeleteVariantStore", "omics:DeleteWorkflow", "omics:GetAnnotationImportJob", "omics:GetAnnotationStore", "omics:GetAnnotationStoreVersion", "omics:GetReadSet", "omics:GetReadSetActivationJob", "omics:GetReadSetExportJob", "omics:GetReadSetImportJob", "omics:GetReadSetMetadata", "omics:GetReference", "omics:GetReferenceImportJob", "omics:GetReferenceMetadata", "omics:GetReferenceStore", "omics:GetRun", "omics:GetRunGroup", "omics:GetRunTask", "omics:GetSequenceStore", "omics:GetShare", "omics:GetVariantImportJob", "omics:GetVariantStore", "omics:GetWorkflow", "omics:ListAnnotationImportJobs", "omics:ListAnnotationStoreVersions", "omics:ListAnnotationStores", "omics:ListMultipartReadSetUploads", "omics:ListReadSetActivationJobs", "omics:ListReadSetExportJobs", "omics:ListReadSetImportJobs", "omics:ListReadSetUploadParts", "omics:ListReadSets", "omics:ListReferenceImportJobs", "omics:ListReferenceStores", "omics:ListReferences", "omics:ListRunGroups", "omics:ListRunTasks", "omics:ListRuns", "omics:ListSequenceStores", "omics:ListShares", "omics:ListTagsForResource", "omics:ListVariantImportJobs", "omics:ListVariantStores", "omics:ListWorkflows", "omics:StartAnnotationImportJob", "omics:StartReadSetActivationJob", "omics:StartReadSetExportJob", "omics:StartReadSetImportJob", "omics:StartReferenceImportJob", "omics:StartRun", "omics:StartVariantImportJob", "omics:TagResource", "omics:UntagResource", "omics:UpdateAnnotationStore", "omics:UpdateAnnotationStoreVersion", "omics:UpdateRunGroup", "omics:UpdateVariantStore", "omics:UpdateWorkflow", "omics:UploadReadSetPart", "one:CreateDeviceActivationQrCode", "one:CreateDeviceConfigurationTemplate", "one:CreateDeviceInstance", "one:CreateDeviceInstanceConfiguration", "one:CreateSite", "one:DeleteAssociatedDevice", "one:DeleteDeviceConfigurationTemplate", "one:DeleteDeviceInstance", "one:DeleteSite", "one:DeleteUser", "one:GetDeviceConfigurationTemplate", "one:GetDeviceInstance", "one:GetDeviceInstanceConfiguration", "one:GetSite", "one:GetSiteAddress", "one:ListDeviceConfigurationTemplates", "one:ListDeviceInstances", "one:ListSites", "one:ListTagsForResource", "one:ListUsers", "one:RebootDevice", "one:TagResource", "one:UntagResource", "one:UpdateDeviceConfigurationTemplate", "one:UpdateDeviceInstance", "one:UpdateSite", "one:UpdateSiteAddress", "opsworks:AssignInstance", "opsworks:AssignVolume", "opsworks:AssociateElasticIp", "opsworks:AttachElasticLoadBalancer", "opsworks:CloneStack", "opsworks:CreateApp", "opsworks:CreateDeployment", "opsworks:CreateInstance", "opsworks:CreateLayer", "opsworks:CreateStack", "opsworks:CreateUserProfile", "opsworks:DeleteApp", "opsworks:DeleteInstance", "opsworks:DeleteLayer", "opsworks:DeleteStack", "opsworks:DeleteUserProfile", "opsworks:DeregisterEcsCluster", "opsworks:DeregisterElasticIp", "opsworks:DeregisterInstance", "opsworks:DeregisterRdsDbInstance", "opsworks:DeregisterVolume", "opsworks:DescribeAgentVersions", "opsworks:DescribeApps", "opsworks:DescribeCommands", "opsworks:DescribeDeployments", "opsworks:DescribeEcsClusters", "opsworks:DescribeElasticIps", "opsworks:DescribeElasticLoadBalancers", "opsworks:DescribeInstances", "opsworks:DescribeLayers", "opsworks:DescribeLoadBasedAutoScaling", "opsworks:DescribeMyUserProfile", "opsworks:DescribeOperatingSystems", "opsworks:DescribePermissions", "opsworks:DescribeRaidArrays", "opsworks:DescribeRdsDbInstances", "opsworks:DescribeServiceErrors", "opsworks:DescribeStackProvisioningParameters", "opsworks:DescribeStackSummary", "opsworks:DescribeStacks", "opsworks:DescribeTimeBasedAutoScaling", "opsworks:DescribeUserProfiles", "opsworks:DescribeVolumes", "opsworks:DetachElasticLoadBalancer", "opsworks:DisassociateElasticIp", "opsworks:GetHostnameSuggestion", "opsworks:GrantAccess", "opsworks:ListTags", "opsworks:RebootInstance", "opsworks:RegisterEcsCluster", "opsworks:RegisterElasticIp", "opsworks:RegisterInstance", "opsworks:RegisterRdsDbInstance", "opsworks:RegisterVolume", "opsworks:SetLoadBasedAutoScaling", "opsworks:SetPermission", "opsworks:SetTimeBasedAutoScaling", "opsworks:StartInstance", "opsworks:StartStack", "opsworks:StopInstance", "opsworks:StopStack", "opsworks:TagResource", "opsworks:UnassignInstance", "opsworks:UnassignVolume", "opsworks:UntagResource", "opsworks:UpdateApp", "opsworks:UpdateElasticIp", "opsworks:UpdateInstance", "opsworks:UpdateLayer", "opsworks:UpdateMyUserProfile", "opsworks:UpdateRdsDbInstance", "opsworks:UpdateStack", "opsworks:UpdateUserProfile", "opsworks:UpdateVolume", "opsworks-cm:AssociateNode", "opsworks-cm:CreateBackup", "opsworks-cm:CreateServer", "opsworks-cm:DeleteBackup", "opsworks-cm:DeleteServer", "opsworks-cm:DescribeAccountAttributes", "opsworks-cm:DescribeBackups", "opsworks-cm:DescribeEvents", "opsworks-cm:DescribeNodeAssociationStatus", "opsworks-cm:DescribeServers", "opsworks-cm:DisassociateNode", "opsworks-cm:ExportServerEngineAttribute", "opsworks-cm:ListTagsForResource", "opsworks-cm:RestoreServer", "opsworks-cm:StartMaintenance", "opsworks-cm:TagResource", "opsworks-cm:UntagResource", "opsworks-cm:UpdateServer", "opsworks-cm:UpdateServerEngineAttributes", "organizations:AcceptHandshake", "organizations:AttachPolicy", "organizations:CancelHandshake", "organizations:CloseAccount", "organizations:CreateAccount", "organizations:CreateGovCloudAccount", "organizations:CreateOrganization", "organizations:CreateOrganizationalUnit", "organizations:CreatePolicy", "organizations:DeclineHandshake", "organizations:DeleteOrganization", "organizations:DeleteOrganizationalUnit", "organizations:DeletePolicy", "organizations:DeleteResourcePolicy", "organizations:DeregisterDelegatedAdministrator", "organizations:DescribeAccount", "organizations:DescribeCreateAccountStatus", "organizations:DescribeEffectivePolicy", "organizations:DescribeHandshake", "organizations:DescribeOrganization", "organizations:DescribeOrganizationalUnit", "organizations:DescribePolicy", "organizations:DescribeResourcePolicy", "organizations:DetachPolicy", "organizations:DisableAWSServiceAccess", "organizations:DisablePolicyType", "organizations:EnableAWSServiceAccess", "organizations:EnableAllFeatures", "organizations:EnablePolicyType", "organizations:InviteAccountToOrganization", "organizations:LeaveOrganization", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListAccounts", "organizations:ListAccountsForParent", "organizations:ListChildren", "organizations:ListCreateAccountStatus", "organizations:ListDelegatedAdministrators", "organizations:ListDelegatedServicesForAccount", "organizations:ListHandshakesForAccount", "organizations:ListHandshakesForOrganization", "organizations:ListOrganizationalUnitsForParent", "organizations:ListParents", "organizations:ListPolicies", "organizations:ListPoliciesForTarget", "organizations:ListRoots", "organizations:ListTagsForResource", "organizations:ListTargetsForPolicy", "organizations:MoveAccount", "organizations:PutResourcePolicy", "organizations:RegisterDelegatedAdministrator", "organizations:RemoveAccountFromOrganization", "organizations:TagResource", "organizations:UntagResource", "organizations:UpdateOrganizationalUnit", "organizations:UpdatePolicy", "osis:CreatePipeline", "osis:DeletePipeline", "osis:GetPipeline", "osis:GetPipelineBlueprint", "osis:GetPipelineChangeProgress", "osis:Ingest", "osis:ListPipelineBlueprints", "osis:ListPipelines", "osis:ListTagsForResource", "osis:StartPipeline", "osis:StopPipeline", "osis:TagResource", "osis:UntagResource", "osis:UpdatePipeline", "osis:ValidatePipeline", "outposts:CancelCapacityTask", "outposts:CancelOrder", "outposts:CreateOrder", "outposts:CreateOutpost", "outposts:CreatePrivateConnectivityConfig", "outposts:CreateSite", "outposts:DeleteOutpost", "outposts:DeleteSite", "outposts:GetCapacityTask", "outposts:GetCatalogItem", "outposts:GetConnection", "outposts:GetOrder", "outposts:GetOutpost", "outposts:GetOutpostInstanceTypes", "outposts:GetOutpostSupportedInstanceTypes", "outposts:GetPrivateConnectivityConfig", "outposts:GetSite", "outposts:GetSiteAddress", "outposts:ListAssets", "outposts:ListCapacityTasks", "outposts:ListCatalogItems", "outposts:ListOrders", "outposts:ListOutposts", "outposts:ListSites", "outposts:ListTagsForResource", "outposts:StartCapacityTask", "outposts:StartConnection", "outposts:TagResource", "outposts:UntagResource", "outposts:UpdateOutpost", "outposts:UpdateSite", "outposts:UpdateSiteAddress", "outposts:UpdateSiteRackPhysicalProperties", "panorama:CreateApplicationInstance", "panorama:CreateJobForDevices", "panorama:CreateNodeFromTemplateJob", "panorama:CreatePackage", "panorama:CreatePackageImportJob", "panorama:DeleteDevice", "panorama:DeletePackage", "panorama:DeregisterPackageVersion", "panorama:DescribeApplicationInstance", "panorama:DescribeApplicationInstanceDetails", "panorama:DescribeDevice", "panorama:DescribeDeviceJob", "panorama:DescribeNode", "panorama:DescribeNodeFromTemplateJob", "panorama:DescribePackage", "panorama:DescribePackageImportJob", "panorama:DescribePackageVersion", "panorama:DescribeSoftware", "panorama:GetWebSocketURL", "panorama:ListApplicationInstanceDependencies", "panorama:ListApplicationInstanceNodeInstances", "panorama:ListApplicationInstances", "panorama:ListDevices", "panorama:ListDevicesJobs", "panorama:ListNodeFromTemplateJobs", "panorama:ListNodes", "panorama:ListPackageImportJobs", "panorama:ListPackages", "panorama:ListTagsForResource", "panorama:ProvisionDevice", "panorama:RegisterPackageVersion", "panorama:RemoveApplicationInstance", "panorama:SignalApplicationInstanceNodeInstances", "panorama:TagResource", "panorama:UntagResource", "panorama:UpdateDeviceMetadata", "partnercentral-account-management:AssociatePartnerAccount", "partnercentral-account-management:AssociatePartnerUser", "partnercentral-account-management:DisassociatePartnerUser", "payment-cryptography:CreateAlias", "payment-cryptography:CreateKey", "payment-cryptography:DecryptData", "payment-cryptography:DeleteAlias", "payment-cryptography:DeleteKey", "payment-cryptography:EncryptData", "payment-cryptography:ExportKey", "payment-cryptography:GenerateCardValidationData", "payment-cryptography:GenerateMac", "payment-cryptography:GeneratePinData", "payment-cryptography:GetAlias", "payment-cryptography:GetKey", "payment-cryptography:GetParametersForExport", "payment-cryptography:GetParametersForImport", "payment-cryptography:GetPublicKeyCertificate", "payment-cryptography:ImportKey", "payment-cryptography:ListAliases", "payment-cryptography:ListKeys", "payment-cryptography:ListTagsForResource", "payment-cryptography:ReEncryptData", "payment-cryptography:RestoreKey", "payment-cryptography:StartKeyUsage", "payment-cryptography:StopKeyUsage", "payment-cryptography:TagResource", "payment-cryptography:TranslatePinData", "payment-cryptography:UntagResource", "payment-cryptography:UpdateAlias", "payment-cryptography:VerifyAuthRequestCryptogram", "payment-cryptography:VerifyCardValidationData", "payment-cryptography:VerifyMac", "payment-cryptography:VerifyPinData", "payments:CreatePaymentInstrument", "payments:DeletePaymentInstrument", "payments:GetPaymentInstrument", "payments:GetPaymentStatus", "payments:ListPaymentPreferences", "payments:MakePayment", "payments:UpdatePaymentPreferences", "pca-connector-ad:CreateConnector", "pca-connector-ad:CreateDirectoryRegistration", "pca-connector-ad:CreateServicePrincipalName", "pca-connector-ad:CreateTemplate", "pca-connector-ad:CreateTemplateGroupAccessControlEntry", "pca-connector-ad:DeleteConnector", "pca-connector-ad:DeleteDirectoryRegistration", "pca-connector-ad:DeleteServicePrincipalName", "pca-connector-ad:DeleteTemplate", "pca-connector-ad:DeleteTemplateGroupAccessControlEntry", "pca-connector-ad:GetConnector", "pca-connector-ad:GetDirectoryRegistration", "pca-connector-ad:GetServicePrincipalName", "pca-connector-ad:GetTemplate", "pca-connector-ad:GetTemplateGroupAccessControlEntry", "pca-connector-ad:ListConnectors", "pca-connector-ad:ListDirectoryRegistrations", "pca-connector-ad:ListServicePrincipalNames", "pca-connector-ad:ListTagsForResource", "pca-connector-ad:ListTemplateGroupAccessControlEntries", "pca-connector-ad:ListTemplates", "pca-connector-ad:TagResource", "pca-connector-ad:UntagResource", "pca-connector-ad:UpdateTemplate", "pca-connector-ad:UpdateTemplateGroupAccessControlEntry", "personalize:CreateBatchInferenceJob", "personalize:CreateBatchSegmentJob", "personalize:CreateCampaign", "personalize:CreateDataInsightsJob", "personalize:CreateDataset", "personalize:CreateDatasetExportJob", "personalize:CreateDatasetGroup", "personalize:CreateDatasetImportJob", "personalize:CreateEventTracker", "personalize:CreateFilter", "personalize:CreateMetricAttribution", "personalize:CreateRecommender", "personalize:CreateSchema", "personalize:CreateSolution", "personalize:CreateSolutionVersion", "personalize:DeleteCampaign", "personalize:DeleteDataset", "personalize:DeleteDatasetGroup", "personalize:DeleteEventTracker", "personalize:DeleteFilter", "personalize:DeleteMetricAttribution", "personalize:DeleteRecommender", "personalize:DeleteSchema", "personalize:DeleteSolution", "personalize:DescribeAlgorithm", "personalize:DescribeBatchInferenceJob", "personalize:DescribeBatchSegmentJob", "personalize:DescribeCampaign", "personalize:DescribeDataInsightsJob", "personalize:DescribeDataset", "personalize:DescribeDatasetExportJob", "personalize:DescribeDatasetGroup", "personalize:DescribeDatasetImportJob", "personalize:DescribeEventTracker", "personalize:DescribeFeatureTransformation", "personalize:DescribeFilter", "personalize:DescribeMetricAttribution", "personalize:DescribeRecipe", "personalize:DescribeRecommender", "personalize:DescribeSchema", "personalize:DescribeSolution", "personalize:DescribeSolutionVersion", "personalize:GetActionRecommendations", "personalize:GetDataInsights", "personalize:GetPersonalizedRanking", "personalize:GetRecommendations", "personalize:GetSolutionMetrics", "personalize:ListBatchInferenceJobs", "personalize:ListBatchSegmentJobs", "personalize:ListCampaigns", "personalize:ListDataInsightsJobs", "personalize:ListDatasetExportJobs", "personalize:ListDatasetGroups", "personalize:ListDatasetImportJobs", "personalize:ListDatasets", "personalize:ListEventTrackers", "personalize:ListFilters", "personalize:ListMetricAttributionMetrics", "personalize:ListMetricAttributions", "personalize:ListRecipes", "personalize:ListRecommenders", "personalize:ListSchemas", "personalize:ListSolutionVersions", "personalize:ListSolutions", "personalize:ListTagsForResource", "personalize:PutActionInteractions", "personalize:PutActions", "personalize:PutEvents", "personalize:PutItems", "personalize:PutUsers", "personalize:StartRecommender", "personalize:StopRecommender", "personalize:StopSolutionVersionCreation", "personalize:TagResource", "personalize:UntagResource", "personalize:UpdateCampaign", "personalize:UpdateDataset", "personalize:UpdateMetricAttribution", "personalize:UpdateRecommender", "pi:CreatePerformanceAnalysisReport", "pi:DeletePerformanceAnalysisReport", "pi:DescribeDimensionKeys", "pi:GetDimensionKeyDetails", "pi:GetPerformanceAnalysisReport", "pi:GetResourceMetadata", "pi:GetResourceMetrics", "pi:ListAvailableResourceDimensions", "pi:ListAvailableResourceMetrics", "pi:ListPerformanceAnalysisReports", "pi:ListTagsForResource", "pi:TagResource", "pi:UntagResource", "pipes:CreatePipe", "pipes:DeletePipe", "pipes:DescribePipe", "pipes:ListPipes", "pipes:ListTagsForResource", "pipes:StartPipe", "pipes:StopPipe", "pipes:TagResource", "pipes:UntagResource", "pipes:UpdatePipe", "polly:DeleteLexicon", "polly:DescribeVoices", "polly:GetLexicon", "polly:GetSpeechSynthesisTask", "polly:ListLexicons", "polly:ListSpeechSynthesisTasks", "polly:PutLexicon", "polly:StartSpeechSynthesisTask", "polly:SynthesizeSpeech", "pricing:DescribeServices", "pricing:GetAttributeValues", "pricing:GetPriceListFileUrl", "pricing:GetProducts", "pricing:ListPriceLists", "private-networks:AcknowledgeOrderReceipt", "private-networks:ActivateDeviceIdentifier", "private-networks:ActivateNetworkSite", "private-networks:ConfigureAccessPoint", "private-networks:CreateNetwork", "private-networks:CreateNetworkSite", "private-networks:DeactivateDeviceIdentifier", "private-networks:DeleteNetwork", "private-networks:DeleteNetworkSite", "private-networks:GetDeviceIdentifier", "private-networks:GetNetwork", "private-networks:GetNetworkResource", "private-networks:GetNetworkSite", "private-networks:GetOrder", "private-networks:ListDeviceIdentifiers", "private-networks:ListNetworkResources", "private-networks:ListNetworkSites", "private-networks:ListNetworks", "private-networks:ListOrders", "private-networks:ListTagsForResource", "private-networks:Ping", "private-networks:StartNetworkResourceUpdate", "private-networks:TagResource", "private-networks:UntagResource", "private-networks:UpdateNetworkSite", "private-networks:UpdateNetworkSitePlan", "profile:AddProfileKey", "profile:CreateCalculatedAttributeDefinition", "profile:CreateDomain", "profile:CreateEventStream", "profile:CreateIntegrationWorkflow", "profile:CreateProfile", "profile:DeleteCalculatedAttributeDefinition", "profile:DeleteDomain", "profile:DeleteEventStream", "profile:DeleteIntegration", "profile:DeleteProfile", "profile:DeleteProfileKey", "profile:DeleteProfileObject", "profile:DeleteProfileObjectType", "profile:DeleteWorkflow", "profile:DetectProfileObjectType", "profile:GetAutoMergingPreview", "profile:GetCalculatedAttributeDefinition", "profile:GetCalculatedAttributeForProfile", "profile:GetDomain", "profile:GetEventStream", "profile:GetIdentityResolutionJob", "profile:GetIntegration", "profile:GetMatches", "profile:GetProfileObjectType", "profile:GetProfileObjectTypeTemplate", "profile:GetSimilarProfiles", "profile:GetWorkflow", "profile:GetWorkflowSteps", "profile:ListAccountIntegrations", "profile:ListCalculatedAttributeDefinitions", "profile:ListCalculatedAttributesForProfile", "profile:ListDomains", "profile:ListEventStreams", "profile:ListIdentityResolutionJobs", "profile:ListIntegrations", "profile:ListProfileObjectTypeTemplates", "profile:ListProfileObjectTypes", "profile:ListProfileObjects", "profile:ListRuleBasedMatches", "profile:ListTagsForResource", "profile:ListWorkflows", "profile:MergeProfiles", "profile:PutIntegration", "profile:PutProfileObject", "profile:PutProfileObjectType", "profile:SearchProfiles", "profile:TagResource", "profile:UntagResource", "profile:UpdateCalculatedAttributeDefinition", "profile:UpdateDomain", "profile:UpdateProfile", "proton:AcceptEnvironmentAccountConnection", "proton:CancelComponentDeployment", "proton:CancelEnvironmentDeployment", "proton:CancelServiceInstanceDeployment", "proton:CancelServicePipelineDeployment", "proton:CreateComponent", "proton:CreateEnvironment", "proton:CreateEnvironmentAccountConnection", "proton:CreateEnvironmentTemplate", "proton:CreateEnvironmentTemplateMajorVersion", "proton:CreateEnvironmentTemplateMinorVersion", "proton:CreateEnvironmentTemplateVersion", "proton:CreateRepository", "proton:CreateService", "proton:CreateServiceInstance", "proton:CreateServiceSyncConfig", "proton:CreateServiceTemplate", "proton:CreateServiceTemplateMajorVersion", "proton:CreateServiceTemplateMinorVersion", "proton:CreateServiceTemplateVersion", "proton:CreateTemplateSyncConfig", "proton:DeleteAccountRoles", "proton:DeleteComponent", "proton:DeleteDeployment", "proton:DeleteEnvironment", "proton:DeleteEnvironmentAccountConnection", "proton:DeleteEnvironmentTemplate", "proton:DeleteEnvironmentTemplateMajorVersion", "proton:DeleteEnvironmentTemplateMinorVersion", "proton:DeleteEnvironmentTemplateVersion", "proton:DeleteRepository", "proton:DeleteService", "proton:DeleteServiceSyncConfig", "proton:DeleteServiceTemplate", "proton:DeleteServiceTemplateMajorVersion", "proton:DeleteServiceTemplateMinorVersion", "proton:DeleteServiceTemplateVersion", "proton:DeleteTemplateSyncConfig", "proton:GetAccountRoles", "proton:GetAccountSettings", "proton:GetComponent", "proton:GetDeployment", "proton:GetEnvironment", "proton:GetEnvironmentAccountConnection", "proton:GetEnvironmentTemplate", "proton:GetEnvironmentTemplateMajorVersion", "proton:GetEnvironmentTemplateMinorVersion", "proton:GetEnvironmentTemplateVersion", "proton:GetRepository", "proton:GetRepositorySyncStatus", "proton:GetResourceTemplateVersionStatusCounts", "proton:GetResourcesSummary", "proton:GetService", "proton:GetServiceInstance", "proton:GetServiceInstanceSyncStatus", "proton:GetServiceSyncBlockerSummary", "proton:GetServiceSyncConfig", "proton:GetServiceTemplate", "proton:GetServiceTemplateMajorVersion", "proton:GetServiceTemplateMinorVersion", "proton:GetServiceTemplateVersion", "proton:GetTemplateSyncConfig", "proton:GetTemplateSyncStatus", "proton:ListComponentOutputs", "proton:ListComponentProvisionedResources", "proton:ListComponents", "proton:ListDeployments", "proton:ListEnvironmentAccountConnections", "proton:ListEnvironmentOutputs", "proton:ListEnvironmentProvisionedResources", "proton:ListEnvironmentTemplateMajorVersions", "proton:ListEnvironmentTemplateMinorVersions", "proton:ListEnvironmentTemplateVersions", "proton:ListEnvironmentTemplates", "proton:ListEnvironments", "proton:ListRepositories", "proton:ListRepositorySyncDefinitions", "proton:ListServiceInstanceOutputs", "proton:ListServiceInstanceProvisionedResources", "proton:ListServiceInstances", "proton:ListServicePipelineOutputs", "proton:ListServicePipelineProvisionedResources", "proton:ListServiceTemplateMajorVersions", "proton:ListServiceTemplateMinorVersions", "proton:ListServiceTemplateVersions", "proton:ListServiceTemplates", "proton:ListServices", "proton:ListTagsForResource", "proton:NotifyResourceDeploymentStatusChange", "proton:RejectEnvironmentAccountConnection", "proton:TagResource", "proton:UntagResource", "proton:UpdateAccountRoles", "proton:UpdateAccountSettings", "proton:UpdateComponent", "proton:UpdateEnvironment", "proton:UpdateEnvironmentAccountConnection", "proton:UpdateEnvironmentTemplate", "proton:UpdateEnvironmentTemplateMajorVersion", "proton:UpdateEnvironmentTemplateMinorVersion", "proton:UpdateEnvironmentTemplateVersion", "proton:UpdateService", "proton:UpdateServiceInstance", "proton:UpdateServicePipeline", "proton:UpdateServiceSyncBlocker", "proton:UpdateServiceSyncConfig", "proton:UpdateServiceTemplate", "proton:UpdateServiceTemplateMajorVersion", "proton:UpdateServiceTemplateMinorVersion", "proton:UpdateServiceTemplateVersion", "proton:UpdateTemplateSyncConfig", "purchase-orders:AddPurchaseOrder", "purchase-orders:DeletePurchaseOrder", "purchase-orders:GetConsoleActionSetEnforced", "purchase-orders:GetPurchaseOrder", "purchase-orders:ListPurchaseOrderInvoices", "purchase-orders:ListPurchaseOrders", "purchase-orders:ListTagsForResource", "purchase-orders:ModifyPurchaseOrders", "purchase-orders:TagResource", "purchase-orders:UntagResource", "purchase-orders:UpdateConsoleActionSetEnforced", "purchase-orders:UpdatePurchaseOrder", "purchase-orders:UpdatePurchaseOrderStatus", "purchase-orders:ViewPurchaseOrders", "q:GetConversation", "q:GetIdentityMetadata", "q:GetTroubleshootingResults", "q:ListConversations", "q:PassRequest", "q:SendMessage", "q:StartConversation", "q:StartTroubleshootingAnalysis", "q:StartTroubleshootingResolutionExplanation", "q:UpdateTroubleshootingCommandResult", "qbusiness:AddUserLicenses", "qbusiness:BatchDeleteDocument", "qbusiness:BatchPutDocument", "qbusiness:Chat", "qbusiness:ChatSync", "qbusiness:CreateApplication", "qbusiness:CreateDataSource", "qbusiness:CreateIndex", "qbusiness:CreateLicense", "qbusiness:CreatePlugin", "qbusiness:CreateRetriever", "qbusiness:CreateUser", "qbusiness:CreateWebExperience", "qbusiness:DeleteApplication", "qbusiness:DeleteChatControlsConfiguration", "qbusiness:DeleteConversation", "qbusiness:DeleteDataSource", "qbusiness:DeleteGroup", "qbusiness:DeleteIndex", "qbusiness:DeletePlugin", "qbusiness:DeleteRetriever", "qbusiness:DeleteUser", "qbusiness:DeleteWebExperience", "qbusiness:GetApplication", "qbusiness:GetChatControlsConfiguration", "qbusiness:GetDataSource", "qbusiness:GetGroup", "qbusiness:GetIndex", "qbusiness:GetLicense", "qbusiness:GetPlugin", "qbusiness:GetRetriever", "qbusiness:GetUser", "qbusiness:GetWebExperience", "qbusiness:ListApplications", "qbusiness:ListConversations", "qbusiness:ListDataSourceSyncJobs", "qbusiness:ListDataSources", "qbusiness:ListDocuments", "qbusiness:ListGroups", "qbusiness:ListIndices", "qbusiness:ListMessages", "qbusiness:ListPlugins", "qbusiness:ListRetrievers", "qbusiness:ListTagsForResource", "qbusiness:ListUserLicenses", "qbusiness:ListWebExperiences", "qbusiness:PutFeedback", "qbusiness:PutGroup", "qbusiness:RemoveUserLicenses", "qbusiness:StartDataSourceSyncJob", "qbusiness:StopDataSourceSyncJob", "qbusiness:TagResource", "qbusiness:UntagResource", "qbusiness:UpdateApplication", "qbusiness:UpdateChatControlsConfiguration", "qbusiness:UpdateDataSource", "qbusiness:UpdateIndex", "qbusiness:UpdatePlugin", "qbusiness:UpdateRetriever", "qbusiness:UpdateUser", "qbusiness:UpdateWebExperience", "qldb:CancelJournalKinesisStream", "qldb:CreateLedger", "qldb:DeleteLedger", "qldb:DescribeJournalKinesisStream", "qldb:DescribeJournalS3Export", "qldb:DescribeLedger", "qldb:ExecuteStatement", "qldb:ExportJournalToS3", "qldb:GetBlock", "qldb:GetDigest", "qldb:GetRevision", "qldb:InsertSampleData", "qldb:ListJournalKinesisStreamsForLedger", "qldb:ListJournalS3Exports", "qldb:ListJournalS3ExportsForLedger", "qldb:ListLedgers", "qldb:ListTagsForResource", "qldb:PartiQLCreateIndex", "qldb:PartiQLCreateTable", "qldb:PartiQLDelete", "qldb:PartiQLDropIndex", "qldb:PartiQLDropTable", "qldb:PartiQLHistoryFunction", "qldb:PartiQLInsert", "qldb:PartiQLRedact", "qldb:PartiQLSelect", "qldb:PartiQLUndropTable", "qldb:PartiQLUpdate", "qldb:SendCommand", "qldb:ShowCatalog", "qldb:StreamJournalToKinesis", "qldb:TagResource", "qldb:UntagResource", "qldb:UpdateLedger", "qldb:UpdateLedgerPermissionsMode", "quicksight:AccountConfigurations", "quicksight:CancelIngestion", "quicksight:CreateAccountCustomization", "quicksight:CreateAccountSubscription", "quicksight:CreateAdmin", "quicksight:CreateAnalysis", "quicksight:CreateCustomPermissions", "quicksight:CreateDashboard", "quicksight:CreateDataSet", "quicksight:CreateDataSource", "quicksight:CreateEmailCustomizationTemplate", "quicksight:CreateFolder", "quicksight:CreateFolderMembership", "quicksight:CreateGroup", "quicksight:CreateGroupMembership", "quicksight:CreateIAMPolicyAssignment", "quicksight:CreateIngestion", "quicksight:CreateNamespace", "quicksight:CreateReader", "quicksight:CreateRefreshSchedule", "quicksight:CreateRoleMembership", "quicksight:CreateTemplate", "quicksight:CreateTemplateAlias", "quicksight:CreateTheme", "quicksight:CreateThemeAlias", "quicksight:CreateTopic", "quicksight:CreateTopicRefreshSchedule", "quicksight:CreateUser", "quicksight:CreateVPCConnection", "quicksight:DeleteAccountCustomization", "quicksight:DeleteAccountSubscription", "quicksight:DeleteAnalysis", "quicksight:DeleteCustomPermissions", "quicksight:DeleteDashboard", "quicksight:DeleteDataSet", "quicksight:DeleteDataSetRefreshProperties", "quicksight:DeleteDataSource", "quicksight:DeleteEmailCustomizationTemplate", "quicksight:DeleteFolder", "quicksight:DeleteFolderMembership", "quicksight:DeleteGroup", "quicksight:DeleteGroupMembership", "quicksight:DeleteIAMPolicyAssignment", "quicksight:DeleteIdentityPropagationConfig", "quicksight:DeleteNamespace", "quicksight:DeleteRefreshSchedule", "quicksight:DeleteRoleCustomPermission", "quicksight:DeleteRoleMembership", "quicksight:DeleteTemplate", "quicksight:DeleteTemplateAlias", "quicksight:DeleteTheme", "quicksight:DeleteThemeAlias", "quicksight:DeleteTopic", "quicksight:DeleteTopicRefreshSchedule", "quicksight:DeleteUser", "quicksight:DeleteUserByPrincipalId", "quicksight:DeleteVPCConnection", "quicksight:DescribeAccountCustomization", "quicksight:DescribeAccountSettings", "quicksight:DescribeAccountSubscription", "quicksight:DescribeAnalysis", "quicksight:DescribeAnalysisPermissions", "quicksight:DescribeAssetBundleExportJob", "quicksight:DescribeAssetBundleImportJob", "quicksight:DescribeCustomPermissions", "quicksight:DescribeDashboard", "quicksight:DescribeDashboardPermissions", "quicksight:DescribeDashboardSnapshotJob", "quicksight:DescribeDashboardSnapshotJobResult", "quicksight:DescribeDataSet", "quicksight:DescribeDataSetPermissions", "quicksight:DescribeDataSetRefreshProperties", "quicksight:DescribeDataSource", "quicksight:DescribeDataSourcePermissions", "quicksight:DescribeEmailCustomizationTemplate", "quicksight:DescribeFolder", "quicksight:DescribeFolderPermissions", "quicksight:DescribeFolderResolvedPermissions", "quicksight:DescribeGroup", "quicksight:DescribeGroupMembership", "quicksight:DescribeIAMPolicyAssignment", "quicksight:DescribeIngestion", "quicksight:DescribeIpRestriction", "quicksight:DescribeNamespace", "quicksight:DescribeRefreshSchedule", "quicksight:DescribeRoleCustomPermission", "quicksight:DescribeTemplate", "quicksight:DescribeTemplateAlias", "quicksight:DescribeTemplatePermissions", "quicksight:DescribeTheme", "quicksight:DescribeThemeAlias", "quicksight:DescribeThemePermissions", "quicksight:DescribeTopic", "quicksight:DescribeTopicPermissions", "quicksight:DescribeTopicRefresh", "quicksight:DescribeTopicRefreshSchedule", "quicksight:DescribeUser", "quicksight:DescribeVPCConnection", "quicksight:GenerateEmbedUrlForAnonymousUser", "quicksight:GenerateEmbedUrlForRegisteredUser", "quicksight:GetAnonymousUserEmbedUrl", "quicksight:GetAuthCode", "quicksight:GetDashboardEmbedUrl", "quicksight:GetGroupMapping", "quicksight:GetSessionEmbedUrl", "quicksight:ListAnalyses", "quicksight:ListAssetBundleExportJobs", "quicksight:ListAssetBundleImportJobs", "quicksight:ListCustomPermissions", "quicksight:ListCustomerManagedKeys", "quicksight:ListDashboardVersions", "quicksight:ListDashboards", "quicksight:ListDataSets", "quicksight:ListDataSources", "quicksight:ListFolderMembers", "quicksight:ListFolders", "quicksight:ListGroupMemberships", "quicksight:ListGroups", "quicksight:ListIAMPolicyAssignments", "quicksight:ListIAMPolicyAssignmentsForUser", "quicksight:ListIdentityPropagationConfigs", "quicksight:ListIngestions", "quicksight:ListKMSKeysForUser", "quicksight:ListNamespaces", "quicksight:ListRefreshSchedules", "quicksight:ListRoleMemberships", "quicksight:ListTagsForResource", "quicksight:ListTemplateAliases", "quicksight:ListTemplateVersions", "quicksight:ListTemplates", "quicksight:ListThemeAliases", "quicksight:ListThemeVersions", "quicksight:ListThemes", "quicksight:ListTopicRefreshSchedules", "quicksight:ListTopics", "quicksight:ListUserGroups", "quicksight:ListUsers", "quicksight:ListVPCConnections", "quicksight:PassDataSet", "quicksight:PassDataSource", "quicksight:PutDataSetRefreshProperties", "quicksight:RegisterCustomerManagedKey", "quicksight:RegisterUser", "quicksight:RemoveCustomerManagedKey", "quicksight:RestoreAnalysis", "quicksight:ScopeDownPolicy", "quicksight:SearchAnalyses", "quicksight:SearchDashboards", "quicksight:SearchDataSets", "quicksight:SearchDataSources", "quicksight:SearchDirectoryGroups", "quicksight:SearchFolders", "quicksight:SearchGroups", "quicksight:SearchUsers", "quicksight:SetGroupMapping", "quicksight:StartAssetBundleExportJob", "quicksight:StartAssetBundleImportJob", "quicksight:StartDashboardSnapshotJob", "quicksight:Subscribe", "quicksight:TagResource", "quicksight:Unsubscribe", "quicksight:UntagResource", "quicksight:UpdateAccountCustomization", "quicksight:UpdateAccountSettings", "quicksight:UpdateAnalysis", "quicksight:UpdateAnalysisPermissions", "quicksight:UpdateCustomPermissions", "quicksight:UpdateDashboard", "quicksight:UpdateDashboardLinks", "quicksight:UpdateDashboardPermissions", "quicksight:UpdateDashboardPublishedVersion", "quicksight:UpdateDataSet", "quicksight:UpdateDataSetPermissions", "quicksight:UpdateDataSource", "quicksight:UpdateDataSourcePermissions", "quicksight:UpdateEmailCustomizationTemplate", "quicksight:UpdateFolder", "quicksight:UpdateFolderPermissions", "quicksight:UpdateGroup", "quicksight:UpdateIAMPolicyAssignment", "quicksight:UpdateIdentityPropagationConfig", "quicksight:UpdateIpRestriction", "quicksight:UpdatePublicSharingSettings", "quicksight:UpdateRefreshSchedule", "quicksight:UpdateResourcePermissions", "quicksight:UpdateRoleCustomPermission", "quicksight:UpdateSPICECapacityConfiguration", "quicksight:UpdateTemplate", "quicksight:UpdateTemplateAlias", "quicksight:UpdateTemplatePermissions", "quicksight:UpdateTheme", "quicksight:UpdateThemeAlias", "quicksight:UpdateThemePermissions", "quicksight:UpdateTopic", "quicksight:UpdateTopicPermissions", "quicksight:UpdateTopicRefreshSchedule", "quicksight:UpdateUser", "quicksight:UpdateVPCConnection", "ram:AcceptResourceShareInvitation", "ram:AssociateResourceShare", "ram:AssociateResourceSharePermission", "ram:CreatePermission", "ram:CreatePermissionVersion", "ram:CreateResourceShare", "ram:DeletePermission", "ram:DeletePermissionVersion", "ram:DeleteResourceShare", "ram:DisassociateResourceShare", "ram:DisassociateResourceSharePermission", "ram:EnableSharingWithAwsOrganization", "ram:GetPermission", "ram:GetResourcePolicies", "ram:GetResourceShareAssociations", "ram:GetResourceShareInvitations", "ram:GetResourceShares", "ram:ListPendingInvitationResources", "ram:ListPermissionAssociations", "ram:ListPermissionVersions", "ram:ListPermissions", "ram:ListPrincipals", "ram:ListReplacePermissionAssociationsWork", "ram:ListResourceSharePermissions", "ram:ListResourceTypes", "ram:ListResources", "ram:PromotePermissionCreatedFromPolicy", "ram:PromoteResourceShareCreatedFromPolicy", "ram:RejectResourceShareInvitation", "ram:ReplacePermissionAssociations", "ram:SetDefaultPermissionVersion", "ram:TagResource", "ram:UntagResource", "ram:UpdateResourceShare", "rbin:CreateRule", "rbin:DeleteRule", "rbin:GetRule", "rbin:ListRules", "rbin:ListTagsForResource", "rbin:LockRule", "rbin:TagResource", "rbin:UnlockRule", "rbin:UntagResource", "rbin:UpdateRule", "rds:AddRoleToDBCluster", "rds:AddRoleToDBInstance", "rds:AddSourceIdentifierToSubscription", "rds:AddTagsToResource", "rds:ApplyPendingMaintenanceAction", "rds:AuthorizeDBSecurityGroupIngress", "rds:BacktrackDBCluster", "rds:CancelExportTask", "rds:CopyDBClusterParameterGroup", "rds:CopyDBClusterSnapshot", "rds:CopyDBParameterGroup", "rds:CopyDBSnapshot", "rds:CopyOptionGroup", "rds:CreateBlueGreenDeployment", "rds:CreateCustomDBEngineVersion", "rds:CreateDBCluster", "rds:CreateDBClusterEndpoint", "rds:CreateDBClusterParameterGroup", "rds:CreateDBClusterSnapshot", "rds:CreateDBInstance", "rds:CreateDBInstanceReadReplica", "rds:CreateDBParameterGroup", "rds:CreateDBProxy", "rds:CreateDBProxyEndpoint", "rds:CreateDBSecurityGroup", "rds:CreateDBShardGroup", "rds:CreateDBSnapshot", "rds:CreateDBSubnetGroup", "rds:CreateEventSubscription", "rds:CreateGlobalCluster", "rds:CreateIntegration", "rds:CreateOptionGroup", "rds:CreateTenantDatabase", "rds:CrossRegionCommunication", "rds:DeleteBlueGreenDeployment", "rds:DeleteCustomDBEngineVersion", "rds:DeleteDBCluster", "rds:DeleteDBClusterAutomatedBackup", "rds:DeleteDBClusterEndpoint", "rds:DeleteDBClusterParameterGroup", "rds:DeleteDBClusterSnapshot", "rds:DeleteDBInstance", "rds:DeleteDBInstanceAutomatedBackup", "rds:DeleteDBParameterGroup", "rds:DeleteDBProxy", "rds:DeleteDBProxyEndpoint", "rds:DeleteDBSecurityGroup", "rds:DeleteDBShardGroup", "rds:DeleteDBSnapshot", "rds:DeleteDBSubnetGroup", "rds:DeleteEventSubscription", "rds:DeleteGlobalCluster", "rds:DeleteIntegration", "rds:DeleteOptionGroup", "rds:DeleteTenantDatabase", "rds:DeregisterDBProxyTargets", "rds:DescribeAccountAttributes", "rds:DescribeBlueGreenDeployments", "rds:DescribeCertificates", "rds:DescribeDBClusterAutomatedBackups", "rds:DescribeDBClusterBacktracks", "rds:DescribeDBClusterEndpoints", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBProxies", "rds:DescribeDBProxyEndpoints", "rds:DescribeDBProxyTargetGroups", "rds:DescribeDBProxyTargets", "rds:DescribeDBRecommendations", "rds:DescribeDBSecurityGroups", "rds:DescribeDBShardGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeDbSnapshotTenantDatabases", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeExportTasks", "rds:DescribeGlobalClusters", "rds:DescribeIntegrations", "rds:DescribeOptionGroupOptions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeRecommendationGroups", "rds:DescribeRecommendations", "rds:DescribeReservedDBInstances", "rds:DescribeReservedDBInstancesOfferings", "rds:DescribeSourceRegions", "rds:DescribeTenantDatabases", "rds:DescribeValidDBInstanceModifications", "rds:DisableHttpEndpoint", "rds:DownloadCompleteDBLogFile", "rds:DownloadDBLogFilePortion", "rds:EnableHttpEndpoint", "rds:FailoverDBCluster", "rds:FailoverGlobalCluster", "rds:ListTagsForResource", "rds:ModifyActivityStream", "rds:ModifyCertificates", "rds:ModifyCurrentDBClusterCapacity", "rds:ModifyCustomDBEngineVersion", "rds:ModifyDBCluster", "rds:ModifyDBClusterEndpoint", "rds:ModifyDBClusterParameterGroup", "rds:ModifyDBClusterSnapshotAttribute", "rds:ModifyDBInstance", "rds:ModifyDBParameterGroup", "rds:ModifyDBProxy", "rds:ModifyDBProxyEndpoint", "rds:ModifyDBProxyTargetGroup", "rds:ModifyDBRecommendation", "rds:ModifyDBShardGroup", "rds:ModifyDBSnapshot", "rds:ModifyDBSnapshotAttribute", "rds:ModifyDBSubnetGroup", "rds:ModifyEventSubscription", "rds:ModifyGlobalCluster", "rds:ModifyIntegration", "rds:ModifyOptionGroup", "rds:ModifyRecommendation", "rds:ModifyTenantDatabase", "rds:PromoteReadReplica", "rds:PromoteReadReplicaDBCluster", "rds:PurchaseReservedDBInstancesOffering", "rds:RebootDBCluster", "rds:RebootDBInstance", "rds:RebootDBShardGroup", "rds:RegisterDBProxyTargets", "rds:RemoveFromGlobalCluster", "rds:RemoveRoleFromDBCluster", "rds:RemoveRoleFromDBInstance", "rds:RemoveSourceIdentifierFromSubscription", "rds:RemoveTagsFromResource", "rds:ResetDBClusterParameterGroup", "rds:ResetDBParameterGroup", "rds:RestoreDBClusterFromS3", "rds:RestoreDBClusterFromSnapshot", "rds:RestoreDBClusterToPointInTime", "rds:RestoreDBInstanceFromDBSnapshot", "rds:RestoreDBInstanceFromS3", "rds:RestoreDBInstanceToPointInTime", "rds:RevokeDBSecurityGroupIngress", "rds:StartActivityStream", "rds:StartDBCluster", "rds:StartDBInstance", "rds:StartDBInstanceAutomatedBackupsReplication", "rds:StartExportTask", "rds:StopActivityStream", "rds:StopDBCluster", "rds:StopDBInstance", "rds:StopDBInstanceAutomatedBackupsReplication", "rds:SwitchoverBlueGreenDeployment", "rds:SwitchoverGlobalCluster", "rds:SwitchoverReadReplica", "rds-data:BatchExecuteStatement", "rds-data:BeginTransaction", "rds-data:CommitTransaction", "rds-data:ExecuteSql", "rds-data:ExecuteStatement", "rds-data:RollbackTransaction", "rds-db:connect", "redshift:AcceptReservedNodeExchange", "redshift:AddPartner", "redshift:AssociateDataShareConsumer", "redshift:AuthorizeClusterSecurityGroupIngress", "redshift:AuthorizeDataShare", "redshift:AuthorizeEndpointAccess", "redshift:AuthorizeSnapshotAccess", "redshift:BatchDeleteClusterSnapshots", "redshift:BatchModifyClusterSnapshots", "redshift:CancelQuery", "redshift:CancelQuerySession", "redshift:CancelResize", "redshift:CopyClusterSnapshot", "redshift:CreateAuthenticationProfile", "redshift:CreateCluster", "redshift:CreateClusterParameterGroup", "redshift:CreateClusterSecurityGroup", "redshift:CreateClusterSnapshot", "redshift:CreateClusterSubnetGroup", "redshift:CreateClusterUser", "redshift:CreateCustomDomainAssociation", "redshift:CreateEndpointAccess", "redshift:CreateEventSubscription", "redshift:CreateHsmClientCertificate", "redshift:CreateHsmConfiguration", "redshift:CreateQev2IdcApplication", "redshift:CreateRedshiftIdcApplication", "redshift:CreateSavedQuery", "redshift:CreateScheduledAction", "redshift:CreateSnapshotCopyGrant", "redshift:CreateSnapshotSchedule", "redshift:CreateTags", "redshift:CreateUsageLimit", "redshift:DeauthorizeDataShare", "redshift:DeleteAuthenticationProfile", "redshift:DeleteCluster", "redshift:DeleteClusterParameterGroup", "redshift:DeleteClusterSecurityGroup", "redshift:DeleteClusterSnapshot", "redshift:DeleteClusterSubnetGroup", "redshift:DeleteCustomDomainAssociation", "redshift:DeleteEndpointAccess", "redshift:DeleteEventSubscription", "redshift:DeleteHsmClientCertificate", "redshift:DeleteHsmConfiguration", "redshift:DeletePartner", "redshift:DeleteQev2IdcApplication", "redshift:DeleteRedshiftIdcApplication", "redshift:DeleteResourcePolicy", "redshift:DeleteSavedQueries", "redshift:DeleteScheduledAction", "redshift:DeleteSnapshotCopyGrant", "redshift:DeleteSnapshotSchedule", "redshift:DeleteTags", "redshift:DeleteUsageLimit", "redshift:DescribeAccountAttributes", "redshift:DescribeAuthenticationProfiles", "redshift:DescribeClusterDbRevisions", "redshift:DescribeClusterParameterGroups", "redshift:DescribeClusterParameters", "redshift:DescribeClusterSecurityGroups", "redshift:DescribeClusterSnapshots", "redshift:DescribeClusterSubnetGroups", "redshift:DescribeClusterTracks", "redshift:DescribeClusterVersions", "redshift:DescribeClusters", "redshift:DescribeCustomDomainAssociations", "redshift:DescribeDataShares", "redshift:DescribeDataSharesForConsumer", "redshift:DescribeDataSharesForProducer", "redshift:DescribeDefaultClusterParameters", "redshift:DescribeEndpointAccess", "redshift:DescribeEndpointAuthorization", "redshift:DescribeEventCategories", "redshift:DescribeEventSubscriptions", "redshift:DescribeEvents", "redshift:DescribeHsmClientCertificates", "redshift:DescribeHsmConfigurations", "redshift:DescribeInboundIntegrations", "redshift:DescribeLoggingStatus", "redshift:DescribeNodeConfigurationOptions", "redshift:DescribeOrderableClusterOptions", "redshift:DescribePartners", "redshift:DescribeQev2IdcApplications", "redshift:DescribeQuery", "redshift:DescribeRedshiftIdcApplications", "redshift:DescribeReservedNodeExchangeStatus", "redshift:DescribeReservedNodeOfferings", "redshift:DescribeReservedNodes", "redshift:DescribeResize", "redshift:DescribeSavedQueries", "redshift:DescribeScheduledActions", "redshift:DescribeSnapshotCopyGrants", "redshift:DescribeSnapshotSchedules", "redshift:DescribeStorage", "redshift:DescribeTable", "redshift:DescribeTableRestoreStatus", "redshift:DescribeTags", "redshift:DescribeUsageLimits", "redshift:DisableLogging", "redshift:DisableSnapshotCopy", "redshift:DisassociateDataShareConsumer", "redshift:EnableLogging", "redshift:EnableSnapshotCopy", "redshift:ExecuteQuery", "redshift:FailoverPrimaryCompute", "redshift:FetchResults", "redshift:GetClusterCredentials", "redshift:GetClusterCredentialsWithIAM", "redshift:GetReservedNodeExchangeConfigurationOptions", "redshift:GetReservedNodeExchangeOfferings", "redshift:GetResourcePolicy", "redshift:JoinGroup", "redshift:ListDatabases", "redshift:ListRecommendations", "redshift:ListSavedQueries", "redshift:ListSchemas", "redshift:ListTables", "redshift:ModifyAquaConfiguration", "redshift:ModifyAuthenticationProfile", "redshift:ModifyCluster", "redshift:ModifyClusterDbRevision", "redshift:ModifyClusterIamRoles", "redshift:ModifyClusterMaintenance", "redshift:ModifyClusterParameterGroup", "redshift:ModifyClusterSnapshot", "redshift:ModifyClusterSnapshotSchedule", "redshift:ModifyClusterSubnetGroup", "redshift:ModifyCustomDomainAssociation", "redshift:ModifyEndpointAccess", "redshift:ModifyEventSubscription", "redshift:ModifyQev2IdcApplication", "redshift:ModifyRedshiftIdcApplication", "redshift:ModifySavedQuery", "redshift:ModifyScheduledAction", "redshift:ModifySnapshotCopyRetentionPeriod", "redshift:ModifySnapshotSchedule", "redshift:ModifyUsageLimit", "redshift:PauseCluster", "redshift:PurchaseReservedNodeOffering", "redshift:PutResourcePolicy", "redshift:RebootCluster", "redshift:RejectDataShare", "redshift:ResetClusterParameterGroup", "redshift:ResizeCluster", "redshift:RestoreFromClusterSnapshot", "redshift:RestoreTableFromClusterSnapshot", "redshift:ResumeCluster", "redshift:RevokeClusterSecurityGroupIngress", "redshift:RevokeEndpointAccess", "redshift:RevokeSnapshotAccess", "redshift:RotateEncryptionKey", "redshift:UpdatePartnerStatus", "redshift:ViewQueriesFromConsole", "redshift:ViewQueriesInConsole", "redshift-data:BatchExecuteStatement", "redshift-data:CancelStatement", "redshift-data:DescribeStatement", "redshift-data:DescribeTable", "redshift-data:ExecuteStatement", "redshift-data:GetStatementResult", "redshift-data:ListDatabases", "redshift-data:ListSchemas", "redshift-data:ListStatements", "redshift-data:ListTables", "redshift-serverless:ConvertRecoveryPointToSnapshot", "redshift-serverless:CreateCustomDomainAssociation", "redshift-serverless:CreateEndpointAccess", "redshift-serverless:CreateNamespace", "redshift-serverless:CreateScheduledAction", "redshift-serverless:CreateSnapshot", "redshift-serverless:CreateSnapshotCopyConfiguration", "redshift-serverless:CreateUsageLimit", "redshift-serverless:CreateWorkgroup", "redshift-serverless:DeleteCustomDomainAssociation", "redshift-serverless:DeleteEndpointAccess", "redshift-serverless:DeleteNamespace", "redshift-serverless:DeleteResourcePolicy", "redshift-serverless:DeleteScheduledAction", "redshift-serverless:DeleteSnapshot", "redshift-serverless:DeleteSnapshotCopyConfiguration", "redshift-serverless:DeleteUsageLimit", "redshift-serverless:DeleteWorkgroup", "redshift-serverless:DescribeOneTimeCredit", "redshift-serverless:GetCredentials", "redshift-serverless:GetCustomDomainAssociation", "redshift-serverless:GetEndpointAccess", "redshift-serverless:GetNamespace", "redshift-serverless:GetRecoveryPoint", "redshift-serverless:GetResourcePolicy", "redshift-serverless:GetScheduledAction", "redshift-serverless:GetSnapshot", "redshift-serverless:GetTableRestoreStatus", "redshift-serverless:GetUsageLimit", "redshift-serverless:GetWorkgroup", "redshift-serverless:ListCustomDomainAssociations", "redshift-serverless:ListEndpointAccess", "redshift-serverless:ListNamespaces", "redshift-serverless:ListRecoveryPoints", "redshift-serverless:ListScheduledActions", "redshift-serverless:ListSnapshotCopyConfigurations", "redshift-serverless:ListSnapshots", "redshift-serverless:ListTableRestoreStatus", "redshift-serverless:ListTagsForResource", "redshift-serverless:ListUsageLimits", "redshift-serverless:ListWorkgroups", "redshift-serverless:PutResourcePolicy", "redshift-serverless:RestoreFromRecoveryPoint", "redshift-serverless:RestoreFromSnapshot", "redshift-serverless:RestoreTableFromRecoveryPoint", "redshift-serverless:RestoreTableFromSnapshot", "redshift-serverless:TagResource", "redshift-serverless:UntagResource", "redshift-serverless:UpdateCustomDomainAssociation", "redshift-serverless:UpdateEndpointAccess", "redshift-serverless:UpdateNamespace", "redshift-serverless:UpdateScheduledAction", "redshift-serverless:UpdateSnapshot", "redshift-serverless:UpdateSnapshotCopyConfiguration", "redshift-serverless:UpdateUsageLimit", "redshift-serverless:UpdateWorkgroup", "refactor-spaces:CreateApplication", "refactor-spaces:CreateEnvironment", "refactor-spaces:CreateRoute", "refactor-spaces:CreateService", "refactor-spaces:DeleteApplication", "refactor-spaces:DeleteEnvironment", "refactor-spaces:DeleteResourcePolicy", "refactor-spaces:DeleteRoute", "refactor-spaces:DeleteService", "refactor-spaces:GetApplication", "refactor-spaces:GetEnvironment", "refactor-spaces:GetResourcePolicy", "refactor-spaces:GetRoute", "refactor-spaces:GetService", "refactor-spaces:ListApplications", "refactor-spaces:ListEnvironmentVpcs", "refactor-spaces:ListEnvironments", "refactor-spaces:ListRoutes", "refactor-spaces:ListServices", "refactor-spaces:ListTagsForResource", "refactor-spaces:PutResourcePolicy", "refactor-spaces:TagResource", "refactor-spaces:UntagResource", "refactor-spaces:UpdateRoute", "rekognition:AssociateFaces", "rekognition:CompareFaces", "rekognition:CopyProjectVersion", "rekognition:CreateCollection", "rekognition:CreateDataset", "rekognition:CreateFaceLivenessSession", "rekognition:CreateProject", "rekognition:CreateProjectVersion", "rekognition:CreateStreamProcessor", "rekognition:CreateUser", "rekognition:DeleteCollection", "rekognition:DeleteDataset", "rekognition:DeleteFaces", "rekognition:DeleteProject", "rekognition:DeleteProjectPolicy", "rekognition:DeleteProjectVersion", "rekognition:DeleteStreamProcessor", "rekognition:DeleteUser", "rekognition:DescribeCollection", "rekognition:DescribeDataset", "rekognition:DescribeProjectVersions", "rekognition:DescribeProjects", "rekognition:DescribeStreamProcessor", "rekognition:DetectCustomLabels", "rekognition:DetectFaces", "rekognition:DetectLabels", "rekognition:DetectModerationLabels", "rekognition:DetectProtectiveEquipment", "rekognition:DetectText", "rekognition:DisassociateFaces", "rekognition:DistributeDatasetEntries", "rekognition:GetCelebrityInfo", "rekognition:GetCelebrityRecognition", "rekognition:GetContentModeration", "rekognition:GetFaceDetection", "rekognition:GetFaceLivenessSessionResults", "rekognition:GetFaceSearch", "rekognition:GetLabelDetection", "rekognition:GetMediaAnalysisJob", "rekognition:GetPersonTracking", "rekognition:GetSegmentDetection", "rekognition:GetTextDetection", "rekognition:IndexFaces", "rekognition:ListCollections", "rekognition:ListDatasetEntries", "rekognition:ListDatasetLabels", "rekognition:ListFaces", "rekognition:ListMediaAnalysisJobs", "rekognition:ListProjectPolicies", "rekognition:ListStreamProcessors", "rekognition:ListTagsForResource", "rekognition:ListUsers", "rekognition:PutProjectPolicy", "rekognition:RecognizeCelebrities", "rekognition:SearchFaces", "rekognition:SearchFacesByImage", "rekognition:SearchUsers", "rekognition:SearchUsersByImage", "rekognition:StartCelebrityRecognition", "rekognition:StartContentModeration", "rekognition:StartFaceDetection", "rekognition:StartFaceLivenessSession", "rekognition:StartFaceSearch", "rekognition:StartLabelDetection", "rekognition:StartMediaAnalysisJob", "rekognition:StartPersonTracking", "rekognition:StartProjectVersion", "rekognition:StartSegmentDetection", "rekognition:StartStreamProcessor", "rekognition:StartTextDetection", "rekognition:StopProjectVersion", "rekognition:StopStreamProcessor", "rekognition:TagResource", "rekognition:UntagResource", "rekognition:UpdateDatasetEntries", "rekognition:UpdateStreamProcessor", "repostspace:CreateSpace", "repostspace:DeleteSpace", "repostspace:DeregisterAdmin", "repostspace:GetSpace", "repostspace:ListSpaces", "repostspace:ListTagsForResource", "repostspace:RegisterAdmin", "repostspace:SendInvites", "repostspace:TagResource", "repostspace:UntagResource", "repostspace:UpdateSpace", "resiliencehub:AddDraftAppVersionResourceMappings", "resiliencehub:BatchUpdateRecommendationStatus", "resiliencehub:CreateApp", "resiliencehub:CreateAppVersionAppComponent", "resiliencehub:CreateAppVersionResource", "resiliencehub:CreateRecommendationTemplate", "resiliencehub:CreateResiliencyPolicy", "resiliencehub:DeleteApp", "resiliencehub:DeleteAppAssessment", "resiliencehub:DeleteAppInputSource", "resiliencehub:DeleteAppVersionAppComponent", "resiliencehub:DeleteAppVersionResource", "resiliencehub:DeleteRecommendationTemplate", "resiliencehub:DeleteResiliencyPolicy", "resiliencehub:DescribeApp", "resiliencehub:DescribeAppAssessment", "resiliencehub:DescribeAppVersion", "resiliencehub:DescribeAppVersionAppComponent", "resiliencehub:DescribeAppVersionResource", "resiliencehub:DescribeAppVersionResourcesResolutionStatus", "resiliencehub:DescribeAppVersionTemplate", "resiliencehub:DescribeDraftAppVersionResourcesImportStatus", "resiliencehub:DescribeResiliencyPolicy", "resiliencehub:ImportResourcesToDraftAppVersion", "resiliencehub:ListAlarmRecommendations", "resiliencehub:ListAppAssessmentComplianceDrifts", "resiliencehub:ListAppAssessments", "resiliencehub:ListAppComponentCompliances", "resiliencehub:ListAppComponentRecommendations", "resiliencehub:ListAppInputSources", "resiliencehub:ListAppVersionAppComponents", "resiliencehub:ListAppVersionResourceMappings", "resiliencehub:ListAppVersionResources", "resiliencehub:ListAppVersions", "resiliencehub:ListApps", "resiliencehub:ListRecommendationTemplates", "resiliencehub:ListResiliencyPolicies", "resiliencehub:ListSopRecommendations", "resiliencehub:ListSuggestedResiliencyPolicies", "resiliencehub:ListTagsForResource", "resiliencehub:ListTestRecommendations", "resiliencehub:ListUnsupportedAppVersionResources", "resiliencehub:PublishAppVersion", "resiliencehub:PutDraftAppVersionTemplate", "resiliencehub:RemoveDraftAppVersionResourceMappings", "resiliencehub:ResolveAppVersionResources", "resiliencehub:StartAppAssessment", "resiliencehub:TagResource", "resiliencehub:UntagResource", "resiliencehub:UpdateApp", "resiliencehub:UpdateAppVersion", "resiliencehub:UpdateAppVersionAppComponent", "resiliencehub:UpdateAppVersionResource", "resiliencehub:UpdateResiliencyPolicy", "resource-explorer:ListResourceTypes", "resource-explorer:ListResources", "resource-explorer:ListTags", "resource-explorer-2:AssociateDefaultView", "resource-explorer-2:BatchGetView", "resource-explorer-2:CreateIndex", "resource-explorer-2:CreateView", "resource-explorer-2:DeleteIndex", "resource-explorer-2:DeleteView", "resource-explorer-2:DisassociateDefaultView", "resource-explorer-2:GetAccountLevelServiceConfiguration", "resource-explorer-2:GetDefaultView", "resource-explorer-2:GetIndex", "resource-explorer-2:GetView", "resource-explorer-2:ListIndexes", "resource-explorer-2:ListIndexesForMembers", "resource-explorer-2:ListSupportedResourceTypes", "resource-explorer-2:ListTagsForResource", "resource-explorer-2:ListViews", "resource-explorer-2:Search", "resource-explorer-2:TagResource", "resource-explorer-2:UntagResource", "resource-explorer-2:UpdateIndexType", "resource-explorer-2:UpdateView", "resource-groups:AssociateResource", "resource-groups:CreateGroup", "resource-groups:DeleteGroup", "resource-groups:DeleteGroupPolicy", "resource-groups:DisassociateResource", "resource-groups:GetAccountSettings", "resource-groups:GetGroup", "resource-groups:GetGroupConfiguration", "resource-groups:GetGroupPolicy", "resource-groups:GetGroupQuery", "resource-groups:GetTags", "resource-groups:GroupResources", "resource-groups:ListGroupResources", "resource-groups:ListGroups", "resource-groups:ListResourceTypes", "resource-groups:PutGroupConfiguration", "resource-groups:PutGroupPolicy", "resource-groups:SearchResources", "resource-groups:Tag", "resource-groups:UngroupResources", "resource-groups:Untag", "resource-groups:UpdateAccountSettings", "resource-groups:UpdateGroup", "resource-groups:UpdateGroupQuery", "rhelkb:GetRhelURL", "robomaker:BatchDeleteWorlds", "robomaker:BatchDescribeSimulationJob", "robomaker:CancelDeploymentJob", "robomaker:CancelSimulationJob", "robomaker:CancelSimulationJobBatch", "robomaker:CancelWorldExportJob", "robomaker:CancelWorldGenerationJob", "robomaker:CreateDeploymentJob", "robomaker:CreateFleet", "robomaker:CreateRobot", "robomaker:CreateRobotApplication", "robomaker:CreateRobotApplicationVersion", "robomaker:CreateSimulationApplication", "robomaker:CreateSimulationApplicationVersion", "robomaker:CreateSimulationJob", "robomaker:CreateWorldExportJob", "robomaker:CreateWorldGenerationJob", "robomaker:CreateWorldTemplate", "robomaker:DeleteFleet", "robomaker:DeleteRobot", "robomaker:DeleteRobotApplication", "robomaker:DeleteSimulationApplication", "robomaker:DeleteWorldTemplate", "robomaker:DeregisterRobot", "robomaker:DescribeDeploymentJob", "robomaker:DescribeFleet", "robomaker:DescribeRobot", "robomaker:DescribeRobotApplication", "robomaker:DescribeSimulationApplication", "robomaker:DescribeSimulationJob", "robomaker:DescribeSimulationJobBatch", "robomaker:DescribeWorld", "robomaker:DescribeWorldExportJob", "robomaker:DescribeWorldGenerationJob", "robomaker:DescribeWorldTemplate", "robomaker:GetWorldTemplateBody", "robomaker:ListDeploymentJobs", "robomaker:ListFleets", "robomaker:ListRobotApplications", "robomaker:ListRobots", "robomaker:ListSimulationApplications", "robomaker:ListSimulationJobBatches", "robomaker:ListSimulationJobs", "robomaker:ListSupportedAvailabilityZones", "robomaker:ListTagsForResource", "robomaker:ListWorldExportJobs", "robomaker:ListWorldGenerationJobs", "robomaker:ListWorldTemplates", "robomaker:ListWorlds", "robomaker:RegisterRobot", "robomaker:RestartSimulationJob", "robomaker:StartSimulationJobBatch", "robomaker:SyncDeploymentJob", "robomaker:TagResource", "robomaker:UntagResource", "robomaker:UpdateRobotApplication", "robomaker:UpdateRobotDeployment", "robomaker:UpdateSimulationApplication", "robomaker:UpdateWorldTemplate", "rolesanywhere:CreateProfile", "rolesanywhere:CreateTrustAnchor", "rolesanywhere:DeleteAttributeMapping", "rolesanywhere:DeleteCrl", "rolesanywhere:DeleteProfile", "rolesanywhere:DeleteTrustAnchor", "rolesanywhere:DisableCrl", "rolesanywhere:DisableProfile", "rolesanywhere:DisableTrustAnchor", "rolesanywhere:EnableCrl", "rolesanywhere:EnableProfile", "rolesanywhere:EnableTrustAnchor", "rolesanywhere:GetCrl", "rolesanywhere:GetProfile", "rolesanywhere:GetSubject", "rolesanywhere:GetTrustAnchor", "rolesanywhere:ImportCrl", "rolesanywhere:ListCrls", "rolesanywhere:ListProfiles", "rolesanywhere:ListSubjects", "rolesanywhere:ListTagsForResource", "rolesanywhere:ListTrustAnchors", "rolesanywhere:PutAttributeMapping", "rolesanywhere:PutNotificationSettings", "rolesanywhere:ResetNotificationSettings", "rolesanywhere:TagResource", "rolesanywhere:UntagResource", "rolesanywhere:UpdateCrl", "rolesanywhere:UpdateProfile", "rolesanywhere:UpdateTrustAnchor", "route53:ActivateKeySigningKey", "route53:AssociateVPCWithHostedZone", "route53:ChangeCidrCollection", "route53:ChangeResourceRecordSets", "route53:ChangeTagsForResource", "route53:CreateCidrCollection", "route53:CreateHealthCheck", "route53:CreateHostedZone", "route53:CreateKeySigningKey", "route53:CreateQueryLoggingConfig", "route53:CreateReusableDelegationSet", "route53:CreateTrafficPolicy", "route53:CreateTrafficPolicyInstance", "route53:CreateTrafficPolicyVersion", "route53:CreateVPCAssociationAuthorization", "route53:DeactivateKeySigningKey", "route53:DeleteCidrCollection", "route53:DeleteHealthCheck", "route53:DeleteHostedZone", "route53:DeleteKeySigningKey", "route53:DeleteQueryLoggingConfig", "route53:DeleteReusableDelegationSet", "route53:DeleteTrafficPolicy", "route53:DeleteTrafficPolicyInstance", "route53:DeleteVPCAssociationAuthorization", "route53:DisableHostedZoneDNSSEC", "route53:DisassociateVPCFromHostedZone", "route53:EnableHostedZoneDNSSEC", "route53:GetAccountLimit", "route53:GetChange", "route53:GetCheckerIpRanges", "route53:GetDNSSEC", "route53:GetGeoLocation", "route53:GetHealthCheck", "route53:GetHealthCheckCount", "route53:GetHealthCheckLastFailureReason", "route53:GetHealthCheckStatus", "route53:GetHostedZone", "route53:GetHostedZoneCount", "route53:GetHostedZoneLimit", "route53:GetQueryLoggingConfig", "route53:GetReusableDelegationSet", "route53:GetReusableDelegationSetLimit", "route53:GetTrafficPolicy", "route53:GetTrafficPolicyInstance", "route53:GetTrafficPolicyInstanceCount", "route53:ListCidrBlocks", "route53:ListCidrCollections", "route53:ListCidrLocations", "route53:ListGeoLocations", "route53:ListHealthChecks", "route53:ListHostedZones", "route53:ListHostedZonesByName", "route53:ListHostedZonesByVPC", "route53:ListQueryLoggingConfigs", "route53:ListResourceRecordSets", "route53:ListReusableDelegationSets", "route53:ListTagsForResource", "route53:ListTagsForResources", "route53:ListTrafficPolicies", "route53:ListTrafficPolicyInstances", "route53:ListTrafficPolicyInstancesByHostedZone", "route53:ListTrafficPolicyInstancesByPolicy", "route53:ListTrafficPolicyVersions", "route53:ListVPCAssociationAuthorizations", "route53:TestDNSAnswer", "route53:UpdateHealthCheck", "route53:UpdateHostedZoneComment", "route53:UpdateTrafficPolicyComment", "route53:UpdateTrafficPolicyInstance", "route53-recovery-cluster:GetRoutingControlState", "route53-recovery-cluster:ListRoutingControls", "route53-recovery-cluster:UpdateRoutingControlState", "route53-recovery-cluster:UpdateRoutingControlStates", "route53-recovery-control-config:CreateCluster", "route53-recovery-control-config:CreateControlPanel", "route53-recovery-control-config:CreateRoutingControl", "route53-recovery-control-config:CreateSafetyRule", "route53-recovery-control-config:DeleteCluster", "route53-recovery-control-config:DeleteControlPanel", "route53-recovery-control-config:DeleteRoutingControl", "route53-recovery-control-config:DeleteSafetyRule", "route53-recovery-control-config:DescribeCluster", "route53-recovery-control-config:DescribeControlPanel", "route53-recovery-control-config:DescribeRoutingControl", "route53-recovery-control-config:DescribeRoutingControlByName", "route53-recovery-control-config:DescribeSafetyRule", "route53-recovery-control-config:GetResourcePolicy", "route53-recovery-control-config:ListAssociatedRoute53HealthChecks", "route53-recovery-control-config:ListClusters", "route53-recovery-control-config:ListControlPanels", "route53-recovery-control-config:ListRoutingControls", "route53-recovery-control-config:ListSafetyRules", "route53-recovery-control-config:ListTagsForResource", "route53-recovery-control-config:TagResource", "route53-recovery-control-config:UntagResource", "route53-recovery-control-config:UpdateControlPanel", "route53-recovery-control-config:UpdateRoutingControl", "route53-recovery-control-config:UpdateSafetyRule", "route53-recovery-readiness:CreateCell", "route53-recovery-readiness:CreateCrossAccountAuthorization", "route53-recovery-readiness:CreateReadinessCheck", "route53-recovery-readiness:CreateRecoveryGroup", "route53-recovery-readiness:CreateResourceSet", "route53-recovery-readiness:DeleteCell", "route53-recovery-readiness:DeleteCrossAccountAuthorization", "route53-recovery-readiness:DeleteReadinessCheck", "route53-recovery-readiness:DeleteRecoveryGroup", "route53-recovery-readiness:DeleteResourceSet", "route53-recovery-readiness:GetArchitectureRecommendations", "route53-recovery-readiness:GetCell", "route53-recovery-readiness:GetCellReadinessSummary", "route53-recovery-readiness:GetReadinessCheck", "route53-recovery-readiness:GetReadinessCheckResourceStatus", "route53-recovery-readiness:GetReadinessCheckStatus", "route53-recovery-readiness:GetRecoveryGroup", "route53-recovery-readiness:GetRecoveryGroupReadinessSummary", "route53-recovery-readiness:GetResourceSet", "route53-recovery-readiness:ListCells", "route53-recovery-readiness:ListCrossAccountAuthorizations", "route53-recovery-readiness:ListReadinessChecks", "route53-recovery-readiness:ListRecoveryGroups", "route53-recovery-readiness:ListResourceSets", "route53-recovery-readiness:ListRules", "route53-recovery-readiness:ListTagsForResources", "route53-recovery-readiness:TagResource", "route53-recovery-readiness:UntagResource", "route53-recovery-readiness:UpdateCell", "route53-recovery-readiness:UpdateReadinessCheck", "route53-recovery-readiness:UpdateRecoveryGroup", "route53-recovery-readiness:UpdateResourceSet", "route53domains:AcceptDomainTransferFromAnotherAwsAccount", "route53domains:AssociateDelegationSignerToDomain", "route53domains:CancelDomainTransferToAnotherAwsAccount", "route53domains:CheckDomainAvailability", "route53domains:CheckDomainTransferability", "route53domains:DeleteDomain", "route53domains:DeleteTagsForDomain", "route53domains:DisableDomainAutoRenew", "route53domains:DisableDomainTransferLock", "route53domains:DisassociateDelegationSignerFromDomain", "route53domains:EnableDomainAutoRenew", "route53domains:EnableDomainTransferLock", "route53domains:GetContactReachabilityStatus", "route53domains:GetDomainDetail", "route53domains:GetDomainSuggestions", "route53domains:GetOperationDetail", "route53domains:ListDomains", "route53domains:ListOperations", "route53domains:ListPrices", "route53domains:ListTagsForDomain", "route53domains:PushDomain", "route53domains:RegisterDomain", "route53domains:RejectDomainTransferFromAnotherAwsAccount", "route53domains:RenewDomain", "route53domains:ResendContactReachabilityEmail", "route53domains:ResendOperationAuthorization", "route53domains:RetrieveDomainAuthCode", "route53domains:TransferDomain", "route53domains:TransferDomainToAnotherAwsAccount", "route53domains:UpdateDomainContact", "route53domains:UpdateDomainContactPrivacy", "route53domains:UpdateDomainNameservers", "route53domains:UpdateTagsForDomain", "route53domains:ViewBilling", "route53profiles:AssociateProfile", "route53profiles:AssociateResourceToProfile", "route53profiles:CreateProfile", "route53profiles:DeleteProfile", "route53profiles:DisassociateProfile", "route53profiles:DisassociateResourceFromProfile", "route53profiles:GetProfile", "route53profiles:GetProfileAssociation", "route53profiles:GetProfileResourceAssociation", "route53profiles:ListProfileAssociations", "route53profiles:ListProfileResourceAssociations", "route53profiles:ListProfiles", "route53profiles:ListTagsForResource", "route53profiles:TagResource", "route53profiles:UntagResource", "route53profiles:UpdateProfileResourceAssociation", "route53resolver:AssociateFirewallRuleGroup", "route53resolver:AssociateResolverEndpointIpAddress", "route53resolver:AssociateResolverQueryLogConfig", "route53resolver:AssociateResolverRule", "route53resolver:CreateFirewallDomainList", "route53resolver:CreateFirewallRule", "route53resolver:CreateFirewallRuleGroup", "route53resolver:CreateOutpostResolver", "route53resolver:CreateResolverEndpoint", "route53resolver:CreateResolverQueryLogConfig", "route53resolver:CreateResolverRule", "route53resolver:DeleteFirewallDomainList", "route53resolver:DeleteFirewallRule", "route53resolver:DeleteFirewallRuleGroup", "route53resolver:DeleteOutpostResolver", "route53resolver:DeleteResolverEndpoint", "route53resolver:DeleteResolverQueryLogConfig", "route53resolver:DeleteResolverRule", "route53resolver:DisassociateFirewallRuleGroup", "route53resolver:DisassociateResolverEndpointIpAddress", "route53resolver:DisassociateResolverQueryLogConfig", "route53resolver:DisassociateResolverRule", "route53resolver:GetFirewallConfig", "route53resolver:GetFirewallDomainList", "route53resolver:GetFirewallRuleGroup", "route53resolver:GetFirewallRuleGroupAssociation", "route53resolver:GetFirewallRuleGroupPolicy", "route53resolver:GetOutpostResolver", "route53resolver:GetResolverConfig", "route53resolver:GetResolverDnssecConfig", "route53resolver:GetResolverEndpoint", "route53resolver:GetResolverQueryLogConfig", "route53resolver:GetResolverQueryLogConfigAssociation", "route53resolver:GetResolverQueryLogConfigPolicy", "route53resolver:GetResolverRule", "route53resolver:GetResolverRuleAssociation", "route53resolver:GetResolverRulePolicy", "route53resolver:ImportFirewallDomains", "route53resolver:ListFirewallConfigs", "route53resolver:ListFirewallDomainLists", "route53resolver:ListFirewallDomains", "route53resolver:ListFirewallRuleGroupAssociations", "route53resolver:ListFirewallRuleGroups", "route53resolver:ListFirewallRules", "route53resolver:ListOutpostResolvers", "route53resolver:ListResolverConfigs", "route53resolver:ListResolverDnssecConfigs", "route53resolver:ListResolverEndpointIpAddresses", "route53resolver:ListResolverEndpoints", "route53resolver:ListResolverQueryLogConfigAssociations", "route53resolver:ListResolverQueryLogConfigs", "route53resolver:ListResolverRuleAssociations", "route53resolver:ListResolverRules", "route53resolver:ListTagsForResource", "route53resolver:PutFirewallRuleGroupPolicy", "route53resolver:PutResolverQueryLogConfigPolicy", "route53resolver:PutResolverRulePolicy", "route53resolver:TagResource", "route53resolver:UntagResource", "route53resolver:UpdateFirewallConfig", "route53resolver:UpdateFirewallDomains", "route53resolver:UpdateFirewallRule", "route53resolver:UpdateFirewallRuleGroupAssociation", "route53resolver:UpdateOutpostResolver", "route53resolver:UpdateResolverConfig", "route53resolver:UpdateResolverDnssecConfig", "route53resolver:UpdateResolverEndpoint", "route53resolver:UpdateResolverRule", "rum:BatchCreateRumMetricDefinitions", "rum:BatchDeleteRumMetricDefinitions", "rum:BatchGetRumMetricDefinitions", "rum:CreateAppMonitor", "rum:DeleteAppMonitor", "rum:DeleteRumMetricsDestination", "rum:GetAppMonitor", "rum:GetAppMonitorData", "rum:ListAppMonitors", "rum:ListRumMetricsDestinations", "rum:ListTagsForResource", "rum:PutRumEvents", "rum:PutRumMetricsDestination", "rum:TagResource", "rum:UntagResource", "rum:UpdateAppMonitor", "rum:UpdateRumMetricDefinition", "s3:AbortMultipartUpload", "s3:AssociateAccessGrantsIdentityCenter", "s3:BypassGovernanceRetention", "s3:CreateAccessGrant", "s3:CreateAccessGrantsInstance", "s3:CreateAccessGrantsLocation", "s3:CreateAccessPoint", "s3:CreateAccessPointForObjectLambda", "s3:CreateBucket", "s3:CreateJob", "s3:CreateMultiRegionAccessPoint", "s3:CreateStorageLensGroup", "s3:DeleteAccessGrant", "s3:DeleteAccessGrantsInstance", "s3:DeleteAccessGrantsInstanceResourcePolicy", "s3:DeleteAccessGrantsLocation", "s3:DeleteAccessPoint", "s3:DeleteAccessPointForObjectLambda", "s3:DeleteAccessPointPolicy", "s3:DeleteAccessPointPolicyForObjectLambda", "s3:DeleteBucket", "s3:DeleteBucketPolicy", "s3:DeleteBucketWebsite", "s3:DeleteIntelligentTieringConfiguration", "s3:DeleteJobTagging", "s3:DeleteMultiRegionAccessPoint", "s3:DeleteObject", "s3:DeleteObjectTagging", "s3:DeleteObjectVersion", "s3:DeleteObjectVersionTagging", "s3:DeleteStorageLensConfiguration", "s3:DeleteStorageLensConfigurationTagging", "s3:DeleteStorageLensGroup", "s3:DescribeJob", "s3:DescribeMultiRegionAccessPointOperation", "s3:DissociateAccessGrantsIdentityCenter", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:InitiateReplication", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:ObjectOwnerOverrideToBucketOwner", "s3:PutAccelerateConfiguration", "s3:PutAccessGrantsInstanceResourcePolicy", "s3:PutAccessPointConfigurationForObjectLambda", "s3:PutAccessPointPolicy", "s3:PutAccessPointPolicyForObjectLambda", "s3:PutAccessPointPublicAccessBlock", "s3:PutAccountPublicAccessBlock", "s3:PutAnalyticsConfiguration", "s3:PutBucketAcl", "s3:PutBucketCORS", "s3:PutBucketLogging", "s3:PutBucketNotification", "s3:PutBucketObjectLockConfiguration", "s3:PutBucketOwnershipControls", "s3:PutBucketPolicy", "s3:PutBucketPublicAccessBlock", "s3:PutBucketRequestPayment", "s3:PutBucketTagging", "s3:PutBucketVersioning", "s3:PutBucketWebsite", "s3:PutEncryptionConfiguration", "s3:PutIntelligentTieringConfiguration", "s3:PutInventoryConfiguration", "s3:PutJobTagging", "s3:PutLifecycleConfiguration", "s3:PutMetricsConfiguration", "s3:PutMultiRegionAccessPointPolicy", "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionAcl", "s3:PutObjectVersionTagging", "s3:PutReplicationConfiguration", "s3:PutStorageLensConfiguration", "s3:PutStorageLensConfigurationTagging", "s3:ReplicateDelete", "s3:ReplicateObject", "s3:ReplicateTags", "s3:RestoreObject", "s3:SubmitMultiRegionAccessPointRoutes", "s3:TagResource", "s3:UntagResource", "s3:UpdateAccessGrantsLocation", "s3:UpdateJobPriority", "s3:UpdateJobStatus", "s3:UpdateStorageLensGroup", "s3-object-lambda:AbortMultipartUpload", "s3-object-lambda:DeleteObject", "s3-object-lambda:DeleteObjectTagging", "s3-object-lambda:DeleteObjectVersion", "s3-object-lambda:DeleteObjectVersionTagging", "s3-object-lambda:GetObject", "s3-object-lambda:GetObjectAcl", "s3-object-lambda:GetObjectLegalHold", "s3-object-lambda:GetObjectRetention", "s3-object-lambda:GetObjectTagging", "s3-object-lambda:GetObjectVersion", "s3-object-lambda:GetObjectVersionAcl", "s3-object-lambda:GetObjectVersionTagging", "s3-object-lambda:ListBucket", "s3-object-lambda:ListBucketMultipartUploads", "s3-object-lambda:ListBucketVersions", "s3-object-lambda:ListMultipartUploadParts", "s3-object-lambda:PutObject", "s3-object-lambda:PutObjectAcl", "s3-object-lambda:PutObjectLegalHold", "s3-object-lambda:PutObjectRetention", "s3-object-lambda:PutObjectTagging", "s3-object-lambda:PutObjectVersionAcl", "s3-object-lambda:PutObjectVersionTagging", "s3-object-lambda:RestoreObject", "s3-object-lambda:WriteGetObjectResponse", "s3-outposts:AbortMultipartUpload", "s3-outposts:CreateAccessPoint", "s3-outposts:CreateBucket", "s3-outposts:CreateEndpoint", "s3-outposts:DeleteAccessPoint", "s3-outposts:DeleteAccessPointPolicy", "s3-outposts:DeleteBucket", "s3-outposts:DeleteBucketPolicy", "s3-outposts:DeleteEndpoint", "s3-outposts:DeleteObject", "s3-outposts:DeleteObjectTagging", "s3-outposts:DeleteObjectVersion", "s3-outposts:DeleteObjectVersionTagging", "s3-outposts:GetAccessPoint", "s3-outposts:GetAccessPointPolicy", "s3-outposts:GetBucket", "s3-outposts:GetBucketPolicy", "s3-outposts:GetBucketTagging", "s3-outposts:GetBucketVersioning", "s3-outposts:GetLifecycleConfiguration", "s3-outposts:GetObject", "s3-outposts:GetObjectTagging", "s3-outposts:GetObjectVersion", "s3-outposts:GetObjectVersionForReplication", "s3-outposts:GetObjectVersionTagging", "s3-outposts:GetReplicationConfiguration", "s3-outposts:ListAccessPoints", "s3-outposts:ListBucket", "s3-outposts:ListBucketMultipartUploads", "s3-outposts:ListBucketVersions", "s3-outposts:ListEndpoints", "s3-outposts:ListMultipartUploadParts", "s3-outposts:ListOutpostsWithS3", "s3-outposts:ListRegionalBuckets", "s3-outposts:ListSharedEndpoints", "s3-outposts:PutAccessPointPolicy", "s3-outposts:PutBucketPolicy", "s3-outposts:PutBucketTagging", "s3-outposts:PutBucketVersioning", "s3-outposts:PutLifecycleConfiguration", "s3-outposts:PutObject", "s3-outposts:PutObjectAcl", "s3-outposts:PutObjectTagging", "s3-outposts:PutObjectVersionTagging", "s3-outposts:PutReplicationConfiguration", "s3-outposts:ReplicateDelete", "s3-outposts:ReplicateObject", "s3-outposts:ReplicateTags", "s3express:CreateBucket", "s3express:CreateSession", "s3express:DeleteBucket", "s3express:DeleteBucketPolicy", "s3express:GetBucketPolicy", "s3express:ListAllMyDirectoryBuckets", "s3express:PutBucketPolicy", "sagemaker:AddAssociation", "sagemaker:AddTags", "sagemaker:AssociateTrialComponent", "sagemaker:BatchDescribeModelPackage", "sagemaker:BatchGetMetrics", "sagemaker:BatchGetRecord", "sagemaker:BatchPutMetrics", "sagemaker:CreateAction", "sagemaker:CreateAlgorithm", "sagemaker:CreateApp", "sagemaker:CreateAppImageConfig", "sagemaker:CreateArtifact", "sagemaker:CreateAutoMLJob", "sagemaker:CreateAutoMLJobV2", "sagemaker:CreateCluster", "sagemaker:CreateCodeRepository", "sagemaker:CreateCompilationJob", "sagemaker:CreateContext", "sagemaker:CreateDataQualityJobDefinition", "sagemaker:CreateDeviceFleet", "sagemaker:CreateDomain", "sagemaker:CreateEdgeDeploymentPlan", "sagemaker:CreateEdgeDeploymentStage", "sagemaker:CreateEdgePackagingJob", "sagemaker:CreateEndpoint", "sagemaker:CreateEndpointConfig", "sagemaker:CreateExperiment", "sagemaker:CreateFeatureGroup", "sagemaker:CreateFlowDefinition", "sagemaker:CreateHub", "sagemaker:CreateHumanTaskUi", "sagemaker:CreateHyperParameterTuningJob", "sagemaker:CreateImage", "sagemaker:CreateImageVersion", "sagemaker:CreateInferenceComponent", "sagemaker:CreateInferenceExperiment", "sagemaker:CreateInferenceRecommendationsJob", "sagemaker:CreateLabelingJob", "sagemaker:CreateLineageGroupPolicy", "sagemaker:CreateModel", "sagemaker:CreateModelBiasJobDefinition", "sagemaker:CreateModelCard", "sagemaker:CreateModelCardExportJob", "sagemaker:CreateModelExplainabilityJobDefinition", "sagemaker:CreateModelPackage", "sagemaker:CreateModelPackageGroup", "sagemaker:CreateModelQualityJobDefinition", "sagemaker:CreateMonitoringSchedule", "sagemaker:CreateNotebookInstance", "sagemaker:CreateNotebookInstanceLifecycleConfig", "sagemaker:CreatePipeline", "sagemaker:CreatePresignedDomainUrl", "sagemaker:CreatePresignedNotebookInstanceUrl", "sagemaker:CreateProcessingJob", "sagemaker:CreateProject", "sagemaker:CreateSharedModel", "sagemaker:CreateSpace", "sagemaker:CreateStudioLifecycleConfig", "sagemaker:CreateTrainingJob", "sagemaker:CreateTransformJob", "sagemaker:CreateTrial", "sagemaker:CreateTrialComponent", "sagemaker:CreateUserProfile", "sagemaker:CreateWorkforce", "sagemaker:CreateWorkteam", "sagemaker:DeleteAction", "sagemaker:DeleteAlgorithm", "sagemaker:DeleteApp", "sagemaker:DeleteAppImageConfig", "sagemaker:DeleteArtifact", "sagemaker:DeleteAssociation", "sagemaker:DeleteCluster", "sagemaker:DeleteCodeRepository", "sagemaker:DeleteCompilationJob", "sagemaker:DeleteContext", "sagemaker:DeleteDataQualityJobDefinition", "sagemaker:DeleteDeviceFleet", "sagemaker:DeleteDomain", "sagemaker:DeleteEdgeDeploymentPlan", "sagemaker:DeleteEdgeDeploymentStage", "sagemaker:DeleteEndpoint", "sagemaker:DeleteEndpointConfig", "sagemaker:DeleteExperiment", "sagemaker:DeleteFeatureGroup", "sagemaker:DeleteFlowDefinition", "sagemaker:DeleteHub", "sagemaker:DeleteHubContent", "sagemaker:DeleteHumanLoop", "sagemaker:DeleteHumanTaskUi", "sagemaker:DeleteHyperParameterTuningJob", "sagemaker:DeleteImage", "sagemaker:DeleteImageVersion", "sagemaker:DeleteInferenceComponent", "sagemaker:DeleteInferenceExperiment", "sagemaker:DeleteLineageGroupPolicy", "sagemaker:DeleteModel", "sagemaker:DeleteModelBiasJobDefinition", "sagemaker:DeleteModelCard", "sagemaker:DeleteModelExplainabilityJobDefinition", "sagemaker:DeleteModelPackage", "sagemaker:DeleteModelPackageGroup", "sagemaker:DeleteModelPackageGroupPolicy", "sagemaker:DeleteModelQualityJobDefinition", "sagemaker:DeleteMonitoringSchedule", "sagemaker:DeleteNotebookInstance", "sagemaker:DeleteNotebookInstanceLifecycleConfig", "sagemaker:DeletePipeline", "sagemaker:DeleteProject", "sagemaker:DeleteRecord", "sagemaker:DeleteResourcePolicy", "sagemaker:DeleteSpace", "sagemaker:DeleteStudioLifecycleConfig", "sagemaker:DeleteTags", "sagemaker:DeleteTrial", "sagemaker:DeleteTrialComponent", "sagemaker:DeleteUserProfile", "sagemaker:DeleteWorkforce", "sagemaker:DeleteWorkteam", "sagemaker:DeregisterDevices", "sagemaker:DescribeAction", "sagemaker:DescribeAlgorithm", "sagemaker:DescribeApp", "sagemaker:DescribeAppImageConfig", "sagemaker:DescribeArtifact", "sagemaker:DescribeAutoMLJob", "sagemaker:DescribeAutoMLJobV2", "sagemaker:DescribeCluster", "sagemaker:DescribeClusterNode", "sagemaker:DescribeCodeRepository", "sagemaker:DescribeCompilationJob", "sagemaker:DescribeContext", "sagemaker:DescribeDataQualityJobDefinition", "sagemaker:DescribeDevice", "sagemaker:DescribeDeviceFleet", "sagemaker:DescribeDomain", "sagemaker:DescribeEdgeDeploymentPlan", "sagemaker:DescribeEdgePackagingJob", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeExperiment", "sagemaker:DescribeFeatureGroup", "sagemaker:DescribeFeatureMetadata", "sagemaker:DescribeFlowDefinition", "sagemaker:DescribeHub", "sagemaker:DescribeHubContent", "sagemaker:DescribeHumanLoop", "sagemaker:DescribeHumanTaskUi", "sagemaker:DescribeHyperParameterTuningJob", "sagemaker:DescribeImage", "sagemaker:DescribeImageVersion", "sagemaker:DescribeInferenceComponent", "sagemaker:DescribeInferenceExperiment", "sagemaker:DescribeInferenceRecommendationsJob", "sagemaker:DescribeLabelingJob", "sagemaker:DescribeLineageGroup", "sagemaker:DescribeModel", "sagemaker:DescribeModelBiasJobDefinition", "sagemaker:DescribeModelCard", "sagemaker:DescribeModelCardExportJob", "sagemaker:DescribeModelExplainabilityJobDefinition", "sagemaker:DescribeModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:DescribeModelQualityJobDefinition", "sagemaker:DescribeMonitoringSchedule", "sagemaker:DescribeNotebookInstance", "sagemaker:DescribeNotebookInstanceLifecycleConfig", "sagemaker:DescribePipeline", "sagemaker:DescribePipelineDefinitionForExecution", "sagemaker:DescribePipelineExecution", "sagemaker:DescribeProcessingJob", "sagemaker:DescribeProject", "sagemaker:DescribeSharedModel", "sagemaker:DescribeSpace", "sagemaker:DescribeStudioLifecycleConfig", "sagemaker:DescribeSubscribedWorkteam", "sagemaker:DescribeTrainingJob", "sagemaker:DescribeTransformJob", "sagemaker:DescribeTrial", "sagemaker:DescribeTrialComponent", "sagemaker:DescribeUserProfile", "sagemaker:DescribeWorkforce", "sagemaker:DescribeWorkteam", "sagemaker:DisableSagemakerServicecatalogPortfolio", "sagemaker:DisassociateTrialComponent", "sagemaker:EnableSagemakerServicecatalogPortfolio", "sagemaker:GetDeployments", "sagemaker:GetDeviceFleetReport", "sagemaker:GetDeviceRegistration", "sagemaker:GetLineageGroupPolicy", "sagemaker:GetModelPackageGroupPolicy", "sagemaker:GetRecord", "sagemaker:GetResourcePolicy", "sagemaker:GetSagemakerServicecatalogPortfolioStatus", "sagemaker:GetScalingConfigurationRecommendation", "sagemaker:GetSearchSuggestions", "sagemaker:ImportHubContent", "sagemaker:InvokeEndpoint", "sagemaker:InvokeEndpointAsync", "sagemaker:InvokeEndpointWithResponseStream", "sagemaker:ListActions", "sagemaker:ListAlgorithms", "sagemaker:ListAliases", "sagemaker:ListAppImageConfigs", "sagemaker:ListApps", "sagemaker:ListArtifacts", "sagemaker:ListAssociations", "sagemaker:ListAutoMLJobs", "sagemaker:ListCandidatesForAutoMLJob", "sagemaker:ListClusterNodes", "sagemaker:ListClusters", "sagemaker:ListCodeRepositories", "sagemaker:ListCompilationJobs", "sagemaker:ListContexts", "sagemaker:ListDataQualityJobDefinitions", "sagemaker:ListDeviceFleets", "sagemaker:ListDevices", "sagemaker:ListDomains", "sagemaker:ListEdgeDeploymentPlans", "sagemaker:ListEdgePackagingJobs", "sagemaker:ListEndpointConfigs", "sagemaker:ListEndpoints", "sagemaker:ListExperiments", "sagemaker:ListFeatureGroups", "sagemaker:ListFlowDefinitions", "sagemaker:ListHubContentVersions", "sagemaker:ListHubContents", "sagemaker:ListHubs", "sagemaker:ListHumanLoops", "sagemaker:ListHumanTaskUis", "sagemaker:ListHyperParameterTuningJobs", "sagemaker:ListImageVersions", "sagemaker:ListImages", "sagemaker:ListInferenceComponents", "sagemaker:ListInferenceExperiments", "sagemaker:ListInferenceRecommendationsJobSteps", "sagemaker:ListInferenceRecommendationsJobs", "sagemaker:ListLabelingJobs", "sagemaker:ListLabelingJobsForWorkteam", "sagemaker:ListLineageGroups", "sagemaker:ListModelBiasJobDefinitions", "sagemaker:ListModelCardExportJobs", "sagemaker:ListModelCardVersions", "sagemaker:ListModelCards", "sagemaker:ListModelExplainabilityJobDefinitions", "sagemaker:ListModelMetadata", "sagemaker:ListModelPackageGroups", "sagemaker:ListModelPackages", "sagemaker:ListModelQualityJobDefinitions", "sagemaker:ListModels", "sagemaker:ListMonitoringAlertHistory", "sagemaker:ListMonitoringAlerts", "sagemaker:ListMonitoringExecutions", "sagemaker:ListMonitoringSchedules", "sagemaker:ListNotebookInstanceLifecycleConfigs", "sagemaker:ListNotebookInstances", "sagemaker:ListPipelineExecutionSteps", "sagemaker:ListPipelineExecutions", "sagemaker:ListPipelineParametersForExecution", "sagemaker:ListPipelines", "sagemaker:ListProcessingJobs", "sagemaker:ListProjects", "sagemaker:ListResourceCatalogs", "sagemaker:ListSharedModelEvents", "sagemaker:ListSharedModelVersions", "sagemaker:ListSharedModels", "sagemaker:ListSpaces", "sagemaker:ListStageDevices", "sagemaker:ListStudioLifecycleConfigs", "sagemaker:ListSubscribedWorkteams", "sagemaker:ListTags", "sagemaker:ListTrainingJobs", "sagemaker:ListTrainingJobsForHyperParameterTuningJob", "sagemaker:ListTransformJobs", "sagemaker:ListTrialComponents", "sagemaker:ListTrials", "sagemaker:ListUserProfiles", "sagemaker:ListWorkforces", "sagemaker:ListWorkteams", "sagemaker:PutLineageGroupPolicy", "sagemaker:PutModelPackageGroupPolicy", "sagemaker:PutRecord", "sagemaker:PutResourcePolicy", "sagemaker:QueryLineage", "sagemaker:RegisterDevices", "sagemaker:RenderUiTemplate", "sagemaker:RetryPipelineExecution", "sagemaker:Search", "sagemaker:SendHeartbeat", "sagemaker:SendPipelineExecutionStepFailure", "sagemaker:SendPipelineExecutionStepSuccess", "sagemaker:SendSharedModelEvent", "sagemaker:StartEdgeDeploymentStage", "sagemaker:StartHumanLoop", "sagemaker:StartInferenceExperiment", "sagemaker:StartMonitoringSchedule", "sagemaker:StartNotebookInstance", "sagemaker:StartPipelineExecution", "sagemaker:StopAutoMLJob", "sagemaker:StopCompilationJob", "sagemaker:StopEdgeDeploymentStage", "sagemaker:StopEdgePackagingJob", "sagemaker:StopHumanLoop", "sagemaker:StopHyperParameterTuningJob", "sagemaker:StopInferenceExperiment", "sagemaker:StopInferenceRecommendationsJob", "sagemaker:StopLabelingJob", "sagemaker:StopMonitoringSchedule", "sagemaker:StopNotebookInstance", "sagemaker:StopPipelineExecution", "sagemaker:StopProcessingJob", "sagemaker:StopTrainingJob", "sagemaker:StopTransformJob", "sagemaker:UpdateAction", "sagemaker:UpdateAppImageConfig", "sagemaker:UpdateArtifact", "sagemaker:UpdateCluster", "sagemaker:UpdateClusterSoftware", "sagemaker:UpdateCodeRepository", "sagemaker:UpdateContext", "sagemaker:UpdateDeviceFleet", "sagemaker:UpdateDevices", "sagemaker:UpdateDomain", "sagemaker:UpdateEndpoint", "sagemaker:UpdateEndpointWeightsAndCapacities", "sagemaker:UpdateExperiment", "sagemaker:UpdateFeatureGroup", "sagemaker:UpdateFeatureMetadata", "sagemaker:UpdateHub", "sagemaker:UpdateImage", "sagemaker:UpdateImageVersion", "sagemaker:UpdateInferenceComponent", "sagemaker:UpdateInferenceComponentRuntimeConfig", "sagemaker:UpdateInferenceExperiment", "sagemaker:UpdateModelCard", "sagemaker:UpdateModelPackage", "sagemaker:UpdateMonitoringAlert", "sagemaker:UpdateMonitoringSchedule", "sagemaker:UpdateNotebookInstance", "sagemaker:UpdateNotebookInstanceLifecycleConfig", "sagemaker:UpdatePipeline", "sagemaker:UpdatePipelineExecution", "sagemaker:UpdateProject", "sagemaker:UpdateSharedModel", "sagemaker:UpdateSpace", "sagemaker:UpdateTrainingJob", "sagemaker:UpdateTrial", "sagemaker:UpdateTrialComponent", "sagemaker:UpdateUserProfile", "sagemaker:UpdateWorkforce", "sagemaker:UpdateWorkteam", "sagemaker-geospatial:DeleteEarthObservationJob", "sagemaker-geospatial:DeleteVectorEnrichmentJob", "sagemaker-geospatial:ExportEarthObservationJob", "sagemaker-geospatial:ExportVectorEnrichmentJob", "sagemaker-geospatial:GetEarthObservationJob", "sagemaker-geospatial:GetRasterDataCollection", "sagemaker-geospatial:GetTile", "sagemaker-geospatial:GetVectorEnrichmentJob", "sagemaker-geospatial:ListEarthObservationJobs", "sagemaker-geospatial:ListRasterDataCollections", "sagemaker-geospatial:ListTagsForResource", "sagemaker-geospatial:ListVectorEnrichmentJobs", "sagemaker-geospatial:SearchRasterDataCollection", "sagemaker-geospatial:StartEarthObservationJob", "sagemaker-geospatial:StartVectorEnrichmentJob", "sagemaker-geospatial:StopEarthObservationJob", "sagemaker-geospatial:StopVectorEnrichmentJob", "sagemaker-geospatial:TagResource", "sagemaker-geospatial:UntagResource", "sagemaker-groundtruth-synthetic:CreateProject", "sagemaker-groundtruth-synthetic:DeleteProject", "sagemaker-groundtruth-synthetic:GetAccountDetails", "sagemaker-groundtruth-synthetic:GetBatch", "sagemaker-groundtruth-synthetic:GetProject", "sagemaker-groundtruth-synthetic:ListBatchDataTransfers", "sagemaker-groundtruth-synthetic:ListBatchSummaries", "sagemaker-groundtruth-synthetic:ListProjectDataTransfers", "sagemaker-groundtruth-synthetic:ListProjectSummaries", "sagemaker-groundtruth-synthetic:StartBatchDataTransfer", "sagemaker-groundtruth-synthetic:StartProjectDataTransfer", "sagemaker-groundtruth-synthetic:UpdateBatch", "savingsplans:CreateSavingsPlan", "savingsplans:DeleteQueuedSavingsPlan", "savingsplans:DescribeSavingsPlanRates", "savingsplans:DescribeSavingsPlans", "savingsplans:DescribeSavingsPlansOfferingRates", "savingsplans:DescribeSavingsPlansOfferings", "savingsplans:ListTagsForResource", "savingsplans:ReturnSavingsPlan", "savingsplans:TagResource", "savingsplans:UntagResource", "scheduler:CreateSchedule", "scheduler:CreateScheduleGroup", "scheduler:DeleteSchedule", "scheduler:DeleteScheduleGroup", "scheduler:GetSchedule", "scheduler:GetScheduleGroup", "scheduler:ListScheduleGroups", "scheduler:ListSchedules", "scheduler:ListTagsForResource", "scheduler:TagResource", "scheduler:UntagResource", "scheduler:UpdateSchedule", "schemas:CreateDiscoverer", "schemas:CreateRegistry", "schemas:CreateSchema", "schemas:DeleteDiscoverer", "schemas:DeleteRegistry", "schemas:DeleteResourcePolicy", "schemas:DeleteSchema", "schemas:DeleteSchemaVersion", "schemas:DescribeCodeBinding", "schemas:DescribeDiscoverer", "schemas:DescribeRegistry", "schemas:DescribeSchema", "schemas:ExportSchema", "schemas:GetCodeBindingSource", "schemas:GetDiscoveredSchema", "schemas:GetResourcePolicy", "schemas:ListDiscoverers", "schemas:ListRegistries", "schemas:ListSchemaVersions", "schemas:ListSchemas", "schemas:ListTagsForResource", "schemas:PutCodeBinding", "schemas:PutResourcePolicy", "schemas:SearchSchemas", "schemas:StartDiscoverer", "schemas:StopDiscoverer", "schemas:TagResource", "schemas:UntagResource", "schemas:UpdateDiscoverer", "schemas:UpdateRegistry", "schemas:UpdateSchema", "scn:AssignAdminPermissionsToUser", "scn:CreateBillOfMaterialsImportJob", "scn:CreateInstance", "scn:CreateSSOApplication", "scn:DeleteInstance", "scn:DeleteSSOApplication", "scn:DescribeInstance", "scn:GetBillOfMaterialsImportJob", "scn:ListAdminUsers", "scn:ListInstances", "scn:ListTagsForResource", "scn:RemoveAdminPermissionsForUser", "scn:SendDataIntegrationEvent", "scn:TagResource", "scn:UntagResource", "scn:UpdateInstance", "sdb:BatchDeleteAttributes", "sdb:BatchPutAttributes", "sdb:CreateDomain", "sdb:DeleteAttributes", "sdb:DeleteDomain", "sdb:DomainMetadata", "sdb:GetAttributes", "sdb:ListDomains", "sdb:PutAttributes", "sdb:Select", "secretsmanager:BatchGetSecretValue", "secretsmanager:CancelRotateSecret", "secretsmanager:CreateSecret", "secretsmanager:DeleteResourcePolicy", "secretsmanager:DeleteSecret", "secretsmanager:DescribeSecret", "secretsmanager:GetRandomPassword", "secretsmanager:GetResourcePolicy", "secretsmanager:GetSecretValue", "secretsmanager:ListSecretVersionIds", "secretsmanager:ListSecrets", "secretsmanager:PutResourcePolicy", "secretsmanager:PutSecretValue", "secretsmanager:RemoveRegionsFromReplication", "secretsmanager:ReplicateSecretToRegions", "secretsmanager:RestoreSecret", "secretsmanager:RotateSecret", "secretsmanager:StopReplicationToReplica", "secretsmanager:TagResource", "secretsmanager:UntagResource", "secretsmanager:UpdateSecret", "secretsmanager:UpdateSecretVersionStage", "secretsmanager:ValidateResourcePolicy", "securityhub:AcceptAdministratorInvitation", "securityhub:AcceptInvitation", "securityhub:BatchDeleteAutomationRules", "securityhub:BatchDisableStandards", "securityhub:BatchEnableStandards", "securityhub:BatchGetAutomationRules", "securityhub:BatchGetConfigurationPolicyAssociations", "securityhub:BatchGetControlEvaluations", "securityhub:BatchGetSecurityControls", "securityhub:BatchGetStandardsControlAssociations", "securityhub:BatchImportFindings", "securityhub:BatchUpdateAutomationRules", "securityhub:BatchUpdateFindings", "securityhub:BatchUpdateStandardsControlAssociations", "securityhub:CreateActionTarget", "securityhub:CreateAutomationRule", "securityhub:CreateConfigurationPolicy", "securityhub:CreateFindingAggregator", "securityhub:CreateInsight", "securityhub:CreateMembers", "securityhub:DeclineInvitations", "securityhub:DeleteActionTarget", "securityhub:DeleteConfigurationPolicy", "securityhub:DeleteFindingAggregator", "securityhub:DeleteInsight", "securityhub:DeleteInvitations", "securityhub:DeleteMembers", "securityhub:DescribeActionTargets", "securityhub:DescribeHub", "securityhub:DescribeOrganizationConfiguration", "securityhub:DescribeProducts", "securityhub:DescribeStandards", "securityhub:DescribeStandardsControls", "securityhub:DisableImportFindingsForProduct", "securityhub:DisableOrganizationAdminAccount", "securityhub:DisableSecurityHub", "securityhub:DisassociateFromAdministratorAccount", "securityhub:DisassociateFromMasterAccount", "securityhub:DisassociateMembers", "securityhub:EnableImportFindingsForProduct", "securityhub:EnableOrganizationAdminAccount", "securityhub:EnableSecurityHub", "securityhub:GetAdhocInsightResults", "securityhub:GetAdministratorAccount", "securityhub:GetConfigurationPolicy", "securityhub:GetConfigurationPolicyAssociation", "securityhub:GetControlFindingSummary", "securityhub:GetEnabledStandards", "securityhub:GetFindingAggregator", "securityhub:GetFindingHistory", "securityhub:GetFindings", "securityhub:GetFreeTrialEndDate", "securityhub:GetFreeTrialUsage", "securityhub:GetInsightFindingTrend", "securityhub:GetInsightResults", "securityhub:GetInsights", "securityhub:GetInvitationsCount", "securityhub:GetMasterAccount", "securityhub:GetMembers", "securityhub:GetSecurityControlDefinition", "securityhub:GetUsage", "securityhub:InviteMembers", "securityhub:ListAutomationRules", "securityhub:ListConfigurationPolicies", "securityhub:ListConfigurationPolicyAssociations", "securityhub:ListControlEvaluationSummaries", "securityhub:ListEnabledProductsForImport", "securityhub:ListFindingAggregators", "securityhub:ListInvitations", "securityhub:ListMembers", "securityhub:ListOrganizationAdminAccounts", "securityhub:ListSecurityControlDefinitions", "securityhub:ListStandardsControlAssociations", "securityhub:ListTagsForResource", "securityhub:SendFindingEvents", "securityhub:SendInsightEvents", "securityhub:StartConfigurationPolicyAssociation", "securityhub:StartConfigurationPolicyDisassociation", "securityhub:TagResource", "securityhub:UntagResource", "securityhub:UpdateActionTarget", "securityhub:UpdateConfigurationPolicy", "securityhub:UpdateFindingAggregator", "securityhub:UpdateFindings", "securityhub:UpdateInsight", "securityhub:UpdateOrganizationConfiguration", "securityhub:UpdateSecurityControl", "securityhub:UpdateSecurityHubConfiguration", "securityhub:UpdateStandardsControl", "securitylake:CreateAwsLogSource", "securitylake:CreateCustomLogSource", "securitylake:CreateDataLake", "securitylake:CreateDataLakeExceptionSubscription", "securitylake:CreateDataLakeOrganizationConfiguration", "securitylake:CreateSubscriber", "securitylake:CreateSubscriberNotification", "securitylake:DeleteAwsLogSource", "securitylake:DeleteCustomLogSource", "securitylake:DeleteDataLake", "securitylake:DeleteDataLakeExceptionSubscription", "securitylake:DeleteDataLakeOrganizationConfiguration", "securitylake:DeleteSubscriber", "securitylake:DeleteSubscriberNotification", "securitylake:DeregisterDataLakeDelegatedAdministrator", "securitylake:GetDataLakeExceptionSubscription", "securitylake:GetDataLakeOrganizationConfiguration", "securitylake:GetDataLakeSources", "securitylake:GetSubscriber", "securitylake:ListDataLakeExceptions", "securitylake:ListDataLakes", "securitylake:ListLogSources", "securitylake:ListSubscribers", "securitylake:ListTagsForResource", "securitylake:RegisterDataLakeDelegatedAdministrator", "securitylake:TagResource", "securitylake:UntagResource", "securitylake:UpdateDataLake", "securitylake:UpdateDataLakeExceptionSubscription", "securitylake:UpdateSubscriber", "securitylake:UpdateSubscriberNotification", "serverlessrepo:CreateApplication", "serverlessrepo:CreateApplicationVersion", "serverlessrepo:CreateCloudFormationChangeSet", "serverlessrepo:CreateCloudFormationTemplate", "serverlessrepo:DeleteApplication", "serverlessrepo:GetApplication", "serverlessrepo:GetApplicationPolicy", "serverlessrepo:GetCloudFormationTemplate", "serverlessrepo:ListApplicationDependencies", "serverlessrepo:ListApplicationVersions", "serverlessrepo:ListApplications", "serverlessrepo:PutApplicationPolicy", "serverlessrepo:SearchApplications", "serverlessrepo:UnshareApplication", "serverlessrepo:UpdateApplication", "servicecatalog:AcceptPortfolioShare", "servicecatalog:AssociateAttributeGroup", "servicecatalog:AssociateBudgetWithResource", "servicecatalog:AssociatePrincipalWithPortfolio", "servicecatalog:AssociateProductWithPortfolio", "servicecatalog:AssociateResource", "servicecatalog:AssociateServiceActionWithProvisioningArtifact", "servicecatalog:AssociateTagOptionWithResource", "servicecatalog:BatchAssociateServiceActionWithProvisioningArtifact", "servicecatalog:BatchDisassociateServiceActionFromProvisioningArtifact", "servicecatalog:CopyProduct", "servicecatalog:CreateApplication", "servicecatalog:CreateAttributeGroup", "servicecatalog:CreateConstraint", "servicecatalog:CreatePortfolio", "servicecatalog:CreatePortfolioShare", "servicecatalog:CreateProduct", "servicecatalog:CreateProvisionedProductPlan", "servicecatalog:CreateProvisioningArtifact", "servicecatalog:CreateServiceAction", "servicecatalog:CreateTagOption", "servicecatalog:DeleteApplication", "servicecatalog:DeleteAttributeGroup", "servicecatalog:DeleteConstraint", "servicecatalog:DeletePortfolio", "servicecatalog:DeletePortfolioShare", "servicecatalog:DeleteProduct", "servicecatalog:DeleteProvisionedProductPlan", "servicecatalog:DeleteProvisioningArtifact", "servicecatalog:DeleteServiceAction", "servicecatalog:DeleteTagOption", "servicecatalog:DescribeConstraint", "servicecatalog:DescribeCopyProductStatus", "servicecatalog:DescribePortfolio", "servicecatalog:DescribePortfolioShareStatus", "servicecatalog:DescribePortfolioShares", "servicecatalog:DescribeProduct", "servicecatalog:DescribeProductAsAdmin", "servicecatalog:DescribeProductView", "servicecatalog:DescribeProvisionedProduct", "servicecatalog:DescribeProvisionedProductPlan", "servicecatalog:DescribeProvisioningArtifact", "servicecatalog:DescribeProvisioningParameters", "servicecatalog:DescribeRecord", "servicecatalog:DescribeServiceAction", "servicecatalog:DescribeServiceActionExecutionParameters", "servicecatalog:DescribeTagOption", "servicecatalog:DisableAWSOrganizationsAccess", "servicecatalog:DisassociateAttributeGroup", "servicecatalog:DisassociateBudgetFromResource", "servicecatalog:DisassociatePrincipalFromPortfolio", "servicecatalog:DisassociateProductFromPortfolio", "servicecatalog:DisassociateResource", "servicecatalog:DisassociateServiceActionFromProvisioningArtifact", "servicecatalog:DisassociateTagOptionFromResource", "servicecatalog:EnableAWSOrganizationsAccess", "servicecatalog:ExecuteProvisionedProductPlan", "servicecatalog:ExecuteProvisionedProductServiceAction", "servicecatalog:GetAWSOrganizationsAccessStatus", "servicecatalog:GetApplication", "servicecatalog:GetAssociatedResource", "servicecatalog:GetAttributeGroup", "servicecatalog:GetConfiguration", "servicecatalog:GetProvisionedProductOutputs", "servicecatalog:ImportAsProvisionedProduct", "servicecatalog:ListAcceptedPortfolioShares", "servicecatalog:ListApplications", "servicecatalog:ListAssociatedAttributeGroups", "servicecatalog:ListAssociatedResources", "servicecatalog:ListAttributeGroups", "servicecatalog:ListAttributeGroupsForApplication", "servicecatalog:ListBudgetsForResource", "servicecatalog:ListConstraintsForPortfolio", "servicecatalog:ListLaunchPaths", "servicecatalog:ListOrganizationPortfolioAccess", "servicecatalog:ListPortfolioAccess", "servicecatalog:ListPortfolios", "servicecatalog:ListPortfoliosForProduct", "servicecatalog:ListPrincipalsForPortfolio", "servicecatalog:ListProvisionedProductPlans", "servicecatalog:ListProvisioningArtifacts", "servicecatalog:ListProvisioningArtifactsForServiceAction", "servicecatalog:ListRecordHistory", "servicecatalog:ListResourcesForTagOption", "servicecatalog:ListServiceActions", "servicecatalog:ListServiceActionsForProvisioningArtifact", "servicecatalog:ListStackInstancesForProvisionedProduct", "servicecatalog:ListTagOptions", "servicecatalog:ListTagsForResource", "servicecatalog:NotifyProvisionProductEngineWorkflowResult", "servicecatalog:NotifyTerminateProvisionedProductEngineWorkflowResult", "servicecatalog:NotifyUpdateProvisionedProductEngineWorkflowResult", "servicecatalog:ProvisionProduct", "servicecatalog:PutConfiguration", "servicecatalog:RejectPortfolioShare", "servicecatalog:ScanProvisionedProducts", "servicecatalog:SearchProducts", "servicecatalog:SearchProductsAsAdmin", "servicecatalog:SearchProvisionedProducts", "servicecatalog:SyncResource", "servicecatalog:TagResource", "servicecatalog:TerminateProvisionedProduct", "servicecatalog:UntagResource", "servicecatalog:UpdateApplication", "servicecatalog:UpdateAttributeGroup", "servicecatalog:UpdateConstraint", "servicecatalog:UpdatePortfolio", "servicecatalog:UpdatePortfolioShare", "servicecatalog:UpdateProduct", "servicecatalog:UpdateProvisionedProduct", "servicecatalog:UpdateProvisionedProductProperties", "servicecatalog:UpdateProvisioningArtifact", "servicecatalog:UpdateServiceAction", "servicecatalog:UpdateTagOption", "servicediscovery:CreateHttpNamespace", "servicediscovery:CreatePrivateDnsNamespace", "servicediscovery:CreatePublicDnsNamespace", "servicediscovery:CreateService", "servicediscovery:DeleteNamespace", "servicediscovery:DeleteService", "servicediscovery:DeregisterInstance", "servicediscovery:DiscoverInstances", "servicediscovery:DiscoverInstancesRevision", "servicediscovery:GetInstance", "servicediscovery:GetInstancesHealthStatus", "servicediscovery:GetNamespace", "servicediscovery:GetOperation", "servicediscovery:GetService", "servicediscovery:ListInstances", "servicediscovery:ListNamespaces", "servicediscovery:ListOperations", "servicediscovery:ListServices", "servicediscovery:ListTagsForResource", "servicediscovery:RegisterInstance", "servicediscovery:TagResource", "servicediscovery:UntagResource", "servicediscovery:UpdateHttpNamespace", "servicediscovery:UpdateInstanceCustomHealthStatus", "servicediscovery:UpdatePrivateDnsNamespace", "servicediscovery:UpdatePublicDnsNamespace", "servicediscovery:UpdateService", "serviceextract:GetConfig", "servicequotas:AssociateServiceQuotaTemplate", "servicequotas:DeleteServiceQuotaIncreaseRequestFromTemplate", "servicequotas:DisassociateServiceQuotaTemplate", "servicequotas:GetAWSDefaultServiceQuota", "servicequotas:GetAssociationForServiceQuotaTemplate", "servicequotas:GetRequestedServiceQuotaChange", "servicequotas:GetServiceQuota", "servicequotas:GetServiceQuotaIncreaseRequestFromTemplate", "servicequotas:ListAWSDefaultServiceQuotas", "servicequotas:ListRequestedServiceQuotaChangeHistory", "servicequotas:ListRequestedServiceQuotaChangeHistoryByQuota", "servicequotas:ListServiceQuotaIncreaseRequestsInTemplate", "servicequotas:ListServiceQuotas", "servicequotas:ListServices", "servicequotas:ListTagsForResource", "servicequotas:PutServiceQuotaIncreaseRequestIntoTemplate", "servicequotas:RequestServiceQuotaIncrease", "servicequotas:TagResource", "servicequotas:UntagResource", "ses:CreateConfigurationSet", "ses:CreateConfigurationSetEventDestination", "ses:CreateDedicatedIpPool", "ses:CreateDeliverabilityTestReport", "ses:CreateEmailIdentity", "ses:DeleteConfigurationSet", "ses:DeleteConfigurationSetEventDestination", "ses:DeleteDedicatedIpPool", "ses:DeleteEmailIdentity", "ses:GetAccount", "ses:GetBlacklistReports", "ses:GetConfigurationSet", "ses:GetConfigurationSetEventDestinations", "ses:GetDedicatedIp", "ses:GetDedicatedIps", "ses:GetDeliverabilityDashboardOptions", "ses:GetDeliverabilityTestReport", "ses:GetDomainDeliverabilityCampaign", "ses:GetDomainStatisticsReport", "ses:GetEmailIdentity", "ses:ListConfigurationSets", "ses:ListDedicatedIpPools", "ses:ListDeliverabilityTestReports", "ses:ListDomainDeliverabilityCampaigns", "ses:ListEmailIdentities", "ses:ListTagsForResource", "ses:PutAccountDedicatedIpWarmupAttributes", "ses:PutAccountSendingAttributes", "ses:PutConfigurationSetDeliveryOptions", "ses:PutConfigurationSetReputationOptions", "ses:PutConfigurationSetSendingOptions", "ses:PutConfigurationSetTrackingOptions", "ses:PutDedicatedIpInPool", "ses:PutDedicatedIpWarmupAttributes", "ses:PutDeliverabilityDashboardOption", "ses:PutEmailIdentityDkimAttributes", "ses:PutEmailIdentityFeedbackAttributes", "ses:PutEmailIdentityMailFromAttributes", "ses:SendEmail", "ses:TagResource", "ses:UntagResource", "ses:UpdateConfigurationSetEventDestination", "ses:CloneReceiptRuleSet", "ses:CreateConfigurationSetTrackingOptions", "ses:CreateCustomVerificationEmailTemplate", "ses:CreateReceiptFilter", "ses:CreateReceiptRule", "ses:CreateReceiptRuleSet", "ses:CreateTemplate", "ses:DeleteConfigurationSetTrackingOptions", "ses:DeleteCustomVerificationEmailTemplate", "ses:DeleteIdentity", "ses:DeleteIdentityPolicy", "ses:DeleteReceiptFilter", "ses:DeleteReceiptRule", "ses:DeleteReceiptRuleSet", "ses:DeleteTemplate", "ses:DeleteVerifiedEmailAddress", "ses:DescribeActiveReceiptRuleSet", "ses:DescribeConfigurationSet", "ses:DescribeReceiptRule", "ses:DescribeReceiptRuleSet", "ses:GetAccountSendingEnabled", "ses:GetCustomVerificationEmailTemplate", "ses:GetIdentityDkimAttributes", "ses:GetIdentityMailFromDomainAttributes", "ses:GetIdentityNotificationAttributes", "ses:GetIdentityPolicies", "ses:GetIdentityVerificationAttributes", "ses:GetSendQuota", "ses:GetSendStatistics", "ses:GetTemplate", "ses:ListCustomVerificationEmailTemplates", "ses:ListIdentities", "ses:ListIdentityPolicies", "ses:ListReceiptFilters", "ses:ListReceiptRuleSets", "ses:ListTemplates", "ses:ListVerifiedEmailAddresses", "ses:PutIdentityPolicy", "ses:ReorderReceiptRuleSet", "ses:SendBounce", "ses:SendBulkTemplatedEmail", "ses:SendCustomVerificationEmail", "ses:SendRawEmail", "ses:SendTemplatedEmail", "ses:SetActiveReceiptRuleSet", "ses:SetIdentityDkimEnabled", "ses:SetIdentityFeedbackForwardingEnabled", "ses:SetIdentityHeadersInNotificationsEnabled", "ses:SetIdentityMailFromDomain", "ses:SetIdentityNotificationTopic", "ses:SetReceiptRulePosition", "ses:TestRenderTemplate", "ses:UpdateAccountSendingEnabled", "ses:UpdateConfigurationSetReputationMetricsEnabled", "ses:UpdateConfigurationSetSendingEnabled", "ses:UpdateConfigurationSetTrackingOptions", "ses:UpdateCustomVerificationEmailTemplate", "ses:UpdateReceiptRule", "ses:UpdateTemplate", "ses:VerifyDomainDkim", "ses:VerifyDomainIdentity", "ses:VerifyEmailAddress", "ses:VerifyEmailIdentity", "ses:BatchGetMetricData", "ses:CancelExportJob", "ses:CreateContact", "ses:CreateContactList", "ses:CreateEmailIdentityPolicy", "ses:CreateEmailTemplate", "ses:CreateExportJob", "ses:CreateImportJob", "ses:DeleteContact", "ses:DeleteContactList", "ses:DeleteEmailIdentityPolicy", "ses:DeleteEmailTemplate", "ses:DeleteSuppressedDestination", "ses:GetContact", "ses:GetContactList", "ses:GetDedicatedIpPool", "ses:GetEmailIdentityPolicies", "ses:GetEmailTemplate", "ses:GetExportJob", "ses:GetImportJob", "ses:GetMessageInsights", "ses:GetSuppressedDestination", "ses:ListContactLists", "ses:ListContacts", "ses:ListEmailTemplates", "ses:ListExportJobs", "ses:ListImportJobs", "ses:ListRecommendations", "ses:ListSuppressedDestinations", "ses:PutAccountDetails", "ses:PutAccountSuppressionAttributes", "ses:PutAccountVdmAttributes", "ses:PutConfigurationSetSuppressionOptions", "ses:PutConfigurationSetVdmOptions", "ses:PutDedicatedIpPoolScalingAttributes", "ses:PutEmailIdentityConfigurationSetAttributes", "ses:PutEmailIdentityDkimSigningAttributes", "ses:PutSuppressedDestination", "ses:SendBulkEmail", "ses:TestRenderEmailTemplate", "ses:UpdateContact", "ses:UpdateContactList", "ses:UpdateEmailIdentityPolicy", "ses:UpdateEmailTemplate", "shield:AssociateDRTLogBucket", "shield:AssociateDRTRole", "shield:AssociateHealthCheck", "shield:AssociateProactiveEngagementDetails", "shield:CreateProtection", "shield:CreateProtectionGroup", "shield:CreateSubscription", "shield:DeleteProtection", "shield:DeleteProtectionGroup", "shield:DeleteSubscription", "shield:DescribeAttack", "shield:DescribeAttackStatistics", "shield:DescribeDRTAccess", "shield:DescribeEmergencyContactSettings", "shield:DescribeProtection", "shield:DescribeProtectionGroup", "shield:DescribeSubscription", "shield:DisableApplicationLayerAutomaticResponse", "shield:DisableProactiveEngagement", "shield:DisassociateDRTLogBucket", "shield:DisassociateDRTRole", "shield:DisassociateHealthCheck", "shield:EnableApplicationLayerAutomaticResponse", "shield:EnableProactiveEngagement", "shield:GetSubscriptionState", "shield:ListAttacks", "shield:ListProtectionGroups", "shield:ListProtections", "shield:ListResourcesInProtectionGroup", "shield:ListTagsForResource", "shield:TagResource", "shield:UntagResource", "shield:UpdateApplicationLayerAutomaticResponse", "shield:UpdateEmergencyContactSettings", "shield:UpdateProtectionGroup", "shield:UpdateSubscription", "signer:AddProfilePermission", "signer:CancelSigningProfile", "signer:DescribeSigningJob", "signer:GetRevocationStatus", "signer:GetSigningPlatform", "signer:GetSigningProfile", "signer:ListProfilePermissions", "signer:ListSigningJobs", "signer:ListSigningPlatforms", "signer:ListSigningProfiles", "signer:ListTagsForResource", "signer:PutSigningProfile", "signer:RemoveProfilePermission", "signer:RevokeSignature", "signer:RevokeSigningProfile", "signer:SignPayload", "signer:StartSigningJob", "signer:TagResource", "signer:UntagResource", "signin:CreateTrustedIdentityPropagationApplicationForConsole", "signin:ListTrustedIdentityPropagationApplicationsForConsole", "simspaceweaver:CreateSnapshot", "simspaceweaver:DeleteApp", "simspaceweaver:DeleteSimulation", "simspaceweaver:DescribeApp", "simspaceweaver:DescribeSimulation", "simspaceweaver:ListApps", "simspaceweaver:ListSimulations", "simspaceweaver:ListTagsForResource", "simspaceweaver:StartApp", "simspaceweaver:StartClock", "simspaceweaver:StartSimulation", "simspaceweaver:StopApp", "simspaceweaver:StopClock", "simspaceweaver:StopSimulation", "simspaceweaver:TagResource", "simspaceweaver:UntagResource", "sms:CreateApp", "sms:CreateReplicationJob", "sms:DeleteApp", "sms:DeleteAppLaunchConfiguration", "sms:DeleteAppReplicationConfiguration", "sms:DeleteAppValidationConfiguration", "sms:DeleteReplicationJob", "sms:DeleteServerCatalog", "sms:DisassociateConnector", "sms:GenerateChangeSet", "sms:GenerateTemplate", "sms:GetApp", "sms:GetAppLaunchConfiguration", "sms:GetAppReplicationConfiguration", "sms:GetAppValidationConfiguration", "sms:GetAppValidationOutput", "sms:GetConnectors", "sms:GetMessages", "sms:GetReplicationJobs", "sms:GetReplicationRuns", "sms:GetServers", "sms:ImportAppCatalog", "sms:ImportServerCatalog", "sms:LaunchApp", "sms:ListApps", "sms:NotifyAppValidationOutput", "sms:PutAppLaunchConfiguration", "sms:PutAppReplicationConfiguration", "sms:PutAppValidationConfiguration", "sms:SendMessage", "sms:StartAppReplication", "sms:StartOnDemandAppReplication", "sms:StartOnDemandReplicationRun", "sms:StopAppReplication", "sms:TerminateApp", "sms:UpdateApp", "sms:UpdateReplicationJob", "sms-voice:CreateConfigurationSet", "sms-voice:CreateConfigurationSetEventDestination", "sms-voice:DeleteConfigurationSet", "sms-voice:DeleteConfigurationSetEventDestination", "sms-voice:GetConfigurationSetEventDestinations", "sms-voice:ListConfigurationSets", "sms-voice:SendVoiceMessage", "sms-voice:UpdateConfigurationSetEventDestination", "sms-voice:AssociateOriginationIdentity", "sms-voice:CreateEventDestination", "sms-voice:CreateOptOutList", "sms-voice:CreatePool", "sms-voice:CreateRegistration", "sms-voice:CreateRegistrationAssociation", "sms-voice:CreateRegistrationAttachment", "sms-voice:CreateRegistrationVersion", "sms-voice:CreateVerifiedDestinationNumber", "sms-voice:DeleteDefaultMessageType", "sms-voice:DeleteDefaultSenderId", "sms-voice:DeleteEventDestination", "sms-voice:DeleteKeyword", "sms-voice:DeleteOptOutList", "sms-voice:DeleteOptedOutNumber", "sms-voice:DeletePool", "sms-voice:DeleteRegistration", "sms-voice:DeleteRegistrationAttachment", "sms-voice:DeleteRegistrationFieldValue", "sms-voice:DeleteTextMessageSpendLimitOverride", "sms-voice:DeleteVerifiedDestinationNumber", "sms-voice:DeleteVoiceMessageSpendLimitOverride", "sms-voice:DescribeAccountAttributes", "sms-voice:DescribeAccountLimits", "sms-voice:DescribeConfigurationSets", "sms-voice:DescribeKeywords", "sms-voice:DescribeOptOutLists", "sms-voice:DescribeOptedOutNumbers", "sms-voice:DescribePhoneNumbers", "sms-voice:DescribePools", "sms-voice:DescribeRegistrationAttachments", "sms-voice:DescribeRegistrationFieldDefinitions", "sms-voice:DescribeRegistrationFieldValues", "sms-voice:DescribeRegistrationSectionDefinitions", "sms-voice:DescribeRegistrationTypeDefinitions", "sms-voice:DescribeRegistrationVersions", "sms-voice:DescribeRegistrations", "sms-voice:DescribeSenderIds", "sms-voice:DescribeSpendLimits", "sms-voice:DescribeVerifiedDestinationNumbers", "sms-voice:DisassociateOriginationIdentity", "sms-voice:DiscardRegistrationVersion", "sms-voice:ListPoolOriginationIdentities", "sms-voice:ListRegistrationAssociations", "sms-voice:ListTagsForResource", "sms-voice:PutKeyword", "sms-voice:PutOptedOutNumber", "sms-voice:PutRegistrationFieldValue", "sms-voice:ReleasePhoneNumber", "sms-voice:ReleaseSenderId", "sms-voice:RequestPhoneNumber", "sms-voice:RequestSenderId", "sms-voice:SendDestinationNumberVerificationCode", "sms-voice:SendTextMessage", "sms-voice:SetDefaultMessageType", "sms-voice:SetDefaultSenderId", "sms-voice:SetTextMessageSpendLimitOverride", "sms-voice:SetVoiceMessageSpendLimitOverride", "sms-voice:SubmitRegistrationVersion", "sms-voice:TagResource", "sms-voice:UntagResource", "sms-voice:UpdateEventDestination", "sms-voice:UpdatePhoneNumber", "sms-voice:UpdatePool", "sms-voice:UpdateSenderId", "sms-voice:VerifyDestinationNumber", "snow-device-management:CancelTask", "snow-device-management:CreateTask", "snow-device-management:DescribeDevice", "snow-device-management:DescribeDeviceEc2Instances", "snow-device-management:DescribeExecution", "snow-device-management:DescribeTask", "snow-device-management:ListDeviceResources", "snow-device-management:ListDevices", "snow-device-management:ListExecutions", "snow-device-management:ListTagsForResource", "snow-device-management:ListTasks", "snow-device-management:TagResource", "snow-device-management:UntagResource", "snowball:CancelCluster", "snowball:CancelJob", "snowball:CreateAddress", "snowball:CreateCluster", "snowball:CreateJob", "snowball:CreateLongTermPricing", "snowball:CreateReturnShippingLabel", "snowball:DescribeAddress", "snowball:DescribeAddresses", "snowball:DescribeCluster", "snowball:DescribeJob", "snowball:DescribeReturnShippingLabel", "snowball:GetJobManifest", "snowball:GetJobUnlockCode", "snowball:GetSnowballUsage", "snowball:GetSoftwareUpdates", "snowball:ListClusterJobs", "snowball:ListClusters", "snowball:ListCompatibleImages", "snowball:ListJobs", "snowball:ListLongTermPricing", "snowball:ListPickupLocations", "snowball:ListServiceVersions", "snowball:UpdateCluster", "snowball:UpdateJob", "snowball:UpdateJobShipmentState", "snowball:UpdateLongTermPricing", "sns:AddPermission", "sns:CheckIfPhoneNumberIsOptedOut", "sns:ConfirmSubscription", "sns:CreatePlatformApplication", "sns:CreatePlatformEndpoint", "sns:CreateSMSSandboxPhoneNumber", "sns:CreateTopic", "sns:DeleteEndpoint", "sns:DeletePlatformApplication", "sns:DeleteSMSSandboxPhoneNumber", "sns:DeleteTopic", "sns:GetDataProtectionPolicy", "sns:GetEndpointAttributes", "sns:GetPlatformApplicationAttributes", "sns:GetSMSAttributes", "sns:GetSMSSandboxAccountStatus", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:ListEndpointsByPlatformApplication", "sns:ListOriginationNumbers", "sns:ListPhoneNumbersOptedOut", "sns:ListPlatformApplications", "sns:ListSMSSandboxPhoneNumbers", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "sns:OptInPhoneNumber", "sns:Publish", "sns:PutDataProtectionPolicy", "sns:RemovePermission", "sns:SetEndpointAttributes", "sns:SetPlatformApplicationAttributes", "sns:SetSMSAttributes", "sns:SetSubscriptionAttributes", "sns:SetTopicAttributes", "sns:Subscribe", "sns:TagResource", "sns:Unsubscribe", "sns:UntagResource", "sns:VerifySMSSandboxPhoneNumber", "sqlworkbench:AssociateConnectionWithChart", "sqlworkbench:AssociateConnectionWithTab", "sqlworkbench:AssociateNotebookWithTab", "sqlworkbench:AssociateQueryWithTab", "sqlworkbench:BatchDeleteFolder", "sqlworkbench:BatchGetNotebookCell", "sqlworkbench:CreateAccount", "sqlworkbench:CreateChart", "sqlworkbench:CreateConnection", "sqlworkbench:CreateFolder", "sqlworkbench:CreateNotebook", "sqlworkbench:CreateNotebookCell", "sqlworkbench:CreateNotebookFromVersion", "sqlworkbench:CreateNotebookVersion", "sqlworkbench:CreateSavedQuery", "sqlworkbench:DeleteChart", "sqlworkbench:DeleteConnection", "sqlworkbench:DeleteNotebook", "sqlworkbench:DeleteNotebookCell", "sqlworkbench:DeleteNotebookVersion", "sqlworkbench:DeleteSavedQuery", "sqlworkbench:DeleteTab", "sqlworkbench:DriverExecute", "sqlworkbench:DuplicateNotebook", "sqlworkbench:ExportNotebook", "sqlworkbench:GenerateSession", "sqlworkbench:GetAccountInfo", "sqlworkbench:GetAccountSettings", "sqlworkbench:GetAutocompletionMetadata", "sqlworkbench:GetAutocompletionResource", "sqlworkbench:GetChart", "sqlworkbench:GetConnection", "sqlworkbench:GetNotebook", "sqlworkbench:GetNotebookVersion", "sqlworkbench:GetQSqlRecommendations", "sqlworkbench:GetQueryExecutionHistory", "sqlworkbench:GetSavedQuery", "sqlworkbench:GetSchemaInference", "sqlworkbench:GetUserInfo", "sqlworkbench:GetUserWorkspaceSettings", "sqlworkbench:ImportNotebook", "sqlworkbench:ListConnections", "sqlworkbench:ListDatabases", "sqlworkbench:ListFiles", "sqlworkbench:ListNotebookVersions", "sqlworkbench:ListNotebooks", "sqlworkbench:ListQueryExecutionHistory", "sqlworkbench:ListRedshiftClusters", "sqlworkbench:ListSampleDatabases", "sqlworkbench:ListSavedQueryVersions", "sqlworkbench:ListTabs", "sqlworkbench:ListTaggedResources", "sqlworkbench:ListTagsForResource", "sqlworkbench:PutTab", "sqlworkbench:PutUserWorkspaceSettings", "sqlworkbench:RestoreNotebookVersion", "sqlworkbench:TagResource", "sqlworkbench:UntagResource", "sqlworkbench:UpdateAccountConnectionSettings", "sqlworkbench:UpdateAccountExportSettings", "sqlworkbench:UpdateAccountGeneralSettings", "sqlworkbench:UpdateAccountQSqlSettings", "sqlworkbench:UpdateChart", "sqlworkbench:UpdateConnection", "sqlworkbench:UpdateFileFolder", "sqlworkbench:UpdateFolder", "sqlworkbench:UpdateNotebook", "sqlworkbench:UpdateNotebookCellContent", "sqlworkbench:UpdateNotebookCellLayout", "sqlworkbench:UpdateSavedQuery", "sqs:AddPermission", "sqs:CancelMessageMoveTask", "sqs:ChangeMessageVisibility", "sqs:CreateQueue", "sqs:DeleteMessage", "sqs:DeleteQueue", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "sqs:ListDeadLetterSourceQueues", "sqs:ListMessageMoveTasks", "sqs:ListQueueTags", "sqs:ListQueues", "sqs:PurgeQueue", "sqs:ReceiveMessage", "sqs:RemovePermission", "sqs:SendMessage", "sqs:SetQueueAttributes", "sqs:StartMessageMoveTask", "sqs:TagQueue", "sqs:UntagQueue", "ssm:AddTagsToResource", "ssm:AssociateOpsItemRelatedItem", "ssm:CancelCommand", "ssm:CancelMaintenanceWindowExecution", "ssm:CreateActivation", "ssm:CreateAssociation", "ssm:CreateAssociationBatch", "ssm:CreateDocument", "ssm:CreateMaintenanceWindow", "ssm:CreateOpsItem", "ssm:CreateOpsMetadata", "ssm:CreatePatchBaseline", "ssm:CreateResourceDataSync", "ssm:DeleteActivation", "ssm:DeleteAssociation", "ssm:DeleteDocument", "ssm:DeleteInventory", "ssm:DeleteMaintenanceWindow", "ssm:DeleteOpsItem", "ssm:DeleteOpsMetadata", "ssm:DeleteParameter", "ssm:DeleteParameters", "ssm:DeletePatchBaseline", "ssm:DeleteResourceDataSync", "ssm:DeleteResourcePolicy", "ssm:DeregisterManagedInstance", "ssm:DeregisterPatchBaselineForPatchGroup", "ssm:DeregisterTargetFromMaintenanceWindow", "ssm:DeregisterTaskFromMaintenanceWindow", "ssm:DescribeActivations", "ssm:DescribeAssociation", "ssm:DescribeAssociationExecutionTargets", "ssm:DescribeAssociationExecutions", "ssm:DescribeAutomationExecutions", "ssm:DescribeAutomationStepExecutions", "ssm:DescribeAvailablePatches", "ssm:DescribeDocument", "ssm:DescribeDocumentParameters", "ssm:DescribeDocumentPermission", "ssm:DescribeEffectiveInstanceAssociations", "ssm:DescribeEffectivePatchesForPatchBaseline", "ssm:DescribeInstanceAssociationsStatus", "ssm:DescribeInstanceInformation", "ssm:DescribeInstancePatchStates", "ssm:DescribeInstancePatchStatesForPatchGroup", "ssm:DescribeInstancePatches", "ssm:DescribeInstanceProperties", "ssm:DescribeInventoryDeletions", "ssm:DescribeMaintenanceWindowExecutionTaskInvocations", "ssm:DescribeMaintenanceWindowExecutionTasks", "ssm:DescribeMaintenanceWindowExecutions", "ssm:DescribeMaintenanceWindowSchedule", "ssm:DescribeMaintenanceWindowTargets", "ssm:DescribeMaintenanceWindowTasks", "ssm:DescribeMaintenanceWindows", "ssm:DescribeMaintenanceWindowsForTarget", "ssm:DescribeOpsItems", "ssm:DescribeParameters", "ssm:DescribePatchBaselines", "ssm:DescribePatchGroupState", "ssm:DescribePatchGroups", "ssm:DescribePatchProperties", "ssm:DescribeSessions", "ssm:DisassociateOpsItemRelatedItem", "ssm:GetAutomationExecution", "ssm:GetCalendar", "ssm:GetCalendarState", "ssm:GetCommandInvocation", "ssm:GetConnectionStatus", "ssm:GetDefaultPatchBaseline", "ssm:GetDeployablePatchSnapshotForInstance", "ssm:GetDocument", "ssm:GetInventory", "ssm:GetInventorySchema", "ssm:GetMaintenanceWindow", "ssm:GetMaintenanceWindowExecution", "ssm:GetMaintenanceWindowExecutionTask", "ssm:GetMaintenanceWindowExecutionTaskInvocation", "ssm:GetMaintenanceWindowTask", "ssm:GetManifest", "ssm:GetOpsItem", "ssm:GetOpsMetadata", "ssm:GetOpsSummary", "ssm:GetParameter", "ssm:GetParameterHistory", "ssm:GetParameters", "ssm:GetParametersByPath", "ssm:GetPatchBaseline", "ssm:GetPatchBaselineForPatchGroup", "ssm:GetResourcePolicies", "ssm:GetServiceSetting", "ssm:LabelParameterVersion", "ssm:ListAssociationVersions", "ssm:ListAssociations", "ssm:ListCommandInvocations", "ssm:ListCommands", "ssm:ListComplianceItems", "ssm:ListComplianceSummaries", "ssm:ListDocumentMetadataHistory", "ssm:ListDocumentVersions", "ssm:ListDocuments", "ssm:ListInstanceAssociations", "ssm:ListInventoryEntries", "ssm:ListOpsItemEvents", "ssm:ListOpsItemRelatedItems", "ssm:ListOpsMetadata", "ssm:ListResourceComplianceSummaries", "ssm:ListResourceDataSync", "ssm:ListTagsForResource", "ssm:ModifyDocumentPermission", "ssm:PutCalendar", "ssm:PutComplianceItems", "ssm:PutConfigurePackageResult", "ssm:PutInventory", "ssm:PutParameter", "ssm:PutResourcePolicy", "ssm:RegisterDefaultPatchBaseline", "ssm:RegisterManagedInstance", "ssm:RegisterPatchBaselineForPatchGroup", "ssm:RegisterTargetWithMaintenanceWindow", "ssm:RegisterTaskWithMaintenanceWindow", "ssm:RemoveTagsFromResource", "ssm:ResetServiceSetting", "ssm:ResumeSession", "ssm:SendAutomationSignal", "ssm:SendCommand", "ssm:StartAssociationsOnce", "ssm:StartAutomationExecution", "ssm:StartChangeRequestExecution", "ssm:StartSession", "ssm:StopAutomationExecution", "ssm:TerminateSession", "ssm:UnlabelParameterVersion", "ssm:UpdateAssociation", "ssm:UpdateAssociationStatus", "ssm:UpdateDocument", "ssm:UpdateDocumentDefaultVersion", "ssm:UpdateDocumentMetadata", "ssm:UpdateInstanceAssociationStatus", "ssm:UpdateInstanceInformation", "ssm:UpdateMaintenanceWindow", "ssm:UpdateMaintenanceWindowTarget", "ssm:UpdateMaintenanceWindowTask", "ssm:UpdateManagedInstanceRole", "ssm:UpdateOpsItem", "ssm:UpdateOpsMetadata", "ssm:UpdatePatchBaseline", "ssm:UpdateResourceDataSync", "ssm:UpdateServiceSetting", "ssm-contacts:AcceptPage", "ssm-contacts:ActivateContactChannel", "ssm-contacts:AssociateContact", "ssm-contacts:CreateContact", "ssm-contacts:CreateContactChannel", "ssm-contacts:CreateRotation", "ssm-contacts:CreateRotationOverride", "ssm-contacts:DeactivateContactChannel", "ssm-contacts:DeleteContact", "ssm-contacts:DeleteContactChannel", "ssm-contacts:DeleteRotation", "ssm-contacts:DeleteRotationOverride", "ssm-contacts:DescribeEngagement", "ssm-contacts:DescribePage", "ssm-contacts:GetContact", "ssm-contacts:GetContactChannel", "ssm-contacts:GetContactPolicy", "ssm-contacts:GetRotation", "ssm-contacts:GetRotationOverride", "ssm-contacts:ListContactChannels", "ssm-contacts:ListContacts", "ssm-contacts:ListEngagements", "ssm-contacts:ListPageReceipts", "ssm-contacts:ListPageResolutions", "ssm-contacts:ListPagesByContact", "ssm-contacts:ListPagesByEngagement", "ssm-contacts:ListPreviewRotationShifts", "ssm-contacts:ListRotationOverrides", "ssm-contacts:ListRotationShifts", "ssm-contacts:ListRotations", "ssm-contacts:ListTagsForResource", "ssm-contacts:PutContactPolicy", "ssm-contacts:SendActivationCode", "ssm-contacts:StartEngagement", "ssm-contacts:StopEngagement", "ssm-contacts:TagResource", "ssm-contacts:UntagResource", "ssm-contacts:UpdateContact", "ssm-contacts:UpdateContactChannel", "ssm-contacts:UpdateRotation", "ssm-guiconnect:CancelConnection", "ssm-guiconnect:GetConnection", "ssm-guiconnect:StartConnection", "ssm-incidents:BatchGetIncidentFindings", "ssm-incidents:CreateReplicationSet", "ssm-incidents:CreateResponsePlan", "ssm-incidents:CreateTimelineEvent", "ssm-incidents:DeleteIncidentRecord", "ssm-incidents:DeleteReplicationSet", "ssm-incidents:DeleteResourcePolicy", "ssm-incidents:DeleteResponsePlan", "ssm-incidents:DeleteTimelineEvent", "ssm-incidents:GetIncidentRecord", "ssm-incidents:GetReplicationSet", "ssm-incidents:GetResourcePolicies", "ssm-incidents:GetResponsePlan", "ssm-incidents:GetTimelineEvent", "ssm-incidents:ListIncidentFindings", "ssm-incidents:ListIncidentRecords", "ssm-incidents:ListRelatedItems", "ssm-incidents:ListReplicationSets", "ssm-incidents:ListResponsePlans", "ssm-incidents:ListTagsForResource", "ssm-incidents:ListTimelineEvents", "ssm-incidents:PutResourcePolicy", "ssm-incidents:StartIncident", "ssm-incidents:TagResource", "ssm-incidents:UntagResource", "ssm-incidents:UpdateDeletionProtection", "ssm-incidents:UpdateIncidentRecord", "ssm-incidents:UpdateRelatedItems", "ssm-incidents:UpdateReplicationSet", "ssm-incidents:UpdateResponsePlan", "ssm-incidents:UpdateTimelineEvent", "ssm-sap:BackupDatabase", "ssm-sap:DeleteResourcePermission", "ssm-sap:DeregisterApplication", "ssm-sap:GetApplication", "ssm-sap:GetComponent", "ssm-sap:GetDatabase", "ssm-sap:GetOperation", "ssm-sap:GetResourcePermission", "ssm-sap:ListApplications", "ssm-sap:ListComponents", "ssm-sap:ListDatabases", "ssm-sap:ListOperations", "ssm-sap:ListTagsForResource", "ssm-sap:PutResourcePermission", "ssm-sap:RegisterApplication", "ssm-sap:RestoreDatabase", "ssm-sap:StartApplicationRefresh", "ssm-sap:TagResource", "ssm-sap:UntagResource", "ssm-sap:UpdateApplicationSettings", "ssm-sap:UpdateHANABackupSettings", "ssmmessages:CreateControlChannel", "ssmmessages:CreateDataChannel", "ssmmessages:OpenControlChannel", "ssmmessages:OpenDataChannel", "sso:AssociateDirectory", "sso:AssociateProfile", "sso:AttachCustomerManagedPolicyReferenceToPermissionSet", "sso:AttachManagedPolicyToPermissionSet", "sso:CreateAccountAssignment", "sso:CreateApplication", "sso:CreateApplicationAssignment", "sso:CreateApplicationInstance", "sso:CreateApplicationInstanceCertificate", "sso:CreateInstance", "sso:CreateInstanceAccessControlAttributeConfiguration", "sso:CreateManagedApplicationInstance", "sso:CreatePermissionSet", "sso:CreateProfile", "sso:CreateTrust", "sso:CreateTrustedTokenIssuer", "sso:DeleteAccountAssignment", "sso:DeleteApplication", "sso:DeleteApplicationAccessScope", "sso:DeleteApplicationAssignment", "sso:DeleteApplicationAuthenticationMethod", "sso:DeleteApplicationGrant", "sso:DeleteApplicationInstance", "sso:DeleteApplicationInstanceCertificate", "sso:DeleteInlinePolicyFromPermissionSet", "sso:DeleteInstance", "sso:DeleteInstanceAccessControlAttributeConfiguration", "sso:DeleteManagedApplicationInstance", "sso:DeletePermissionSet", "sso:DeletePermissionsBoundaryFromPermissionSet", "sso:DeletePermissionsPolicy", "sso:DeleteProfile", "sso:DeleteTrustedTokenIssuer", "sso:DescribeAccountAssignmentCreationStatus", "sso:DescribeAccountAssignmentDeletionStatus", "sso:DescribeApplication", "sso:DescribeApplicationAssignment", "sso:DescribeApplicationProvider", "sso:DescribeDirectories", "sso:DescribeInstance", "sso:DescribeInstanceAccessControlAttributeConfiguration", "sso:DescribePermissionSet", "sso:DescribePermissionSetProvisioningStatus", "sso:DescribePermissionsPolicies", "sso:DescribeRegisteredRegions", "sso:DescribeTrustedTokenIssuer", "sso:DescribeTrusts", "sso:DetachCustomerManagedPolicyReferenceFromPermissionSet", "sso:DetachManagedPolicyFromPermissionSet", "sso:DisassociateDirectory", "sso:DisassociateProfile", "sso:GetApplicationAccessScope", "sso:GetApplicationAssignmentConfiguration", "sso:GetApplicationAuthenticationMethod", "sso:GetApplicationGrant", "sso:GetApplicationInstance", "sso:GetApplicationTemplate", "sso:GetInlinePolicyForPermissionSet", "sso:GetManagedApplicationInstance", "sso:GetMfaDeviceManagementForDirectory", "sso:GetPermissionSet", "sso:GetPermissionsBoundaryForPermissionSet", "sso:GetPermissionsPolicy", "sso:GetProfile", "sso:GetSSOStatus", "sso:GetSharedSsoConfiguration", "sso:GetSsoConfiguration", "sso:GetTrust", "sso:ImportApplicationInstanceServiceProviderMetadata", "sso:ListAccountAssignmentCreationStatus", "sso:ListAccountAssignmentDeletionStatus", "sso:ListAccountAssignments", "sso:ListAccountAssignmentsForPrincipal", "sso:ListAccountsForProvisionedPermissionSet", "sso:ListApplicationAccessScopes", "sso:ListApplicationAssignments", "sso:ListApplicationAssignmentsForPrincipal", "sso:ListApplicationAuthenticationMethods", "sso:ListApplicationGrants", "sso:ListApplicationInstanceCertificates", "sso:ListApplicationInstances", "sso:ListApplicationProviders", "sso:ListApplicationTemplates", "sso:ListApplications", "sso:ListCustomerManagedPolicyReferencesInPermissionSet", "sso:ListDirectoryAssociations", "sso:ListInstances", "sso:ListManagedPoliciesInPermissionSet", "sso:ListPermissionSetProvisioningStatus", "sso:ListPermissionSets", "sso:ListPermissionSetsProvisionedToAccount", "sso:ListProfileAssociations", "sso:ListProfiles", "sso:ListTagsForResource", "sso:ListTrustedTokenIssuers", "sso:ProvisionPermissionSet", "sso:PutApplicationAccessScope", "sso:PutApplicationAssignmentConfiguration", "sso:PutApplicationAuthenticationMethod", "sso:PutApplicationGrant", "sso:PutInlinePolicyToPermissionSet", "sso:PutMfaDeviceManagementForDirectory", "sso:PutPermissionsBoundaryToPermissionSet", "sso:PutPermissionsPolicy", "sso:SearchGroups", "sso:SearchUsers", "sso:StartSSO", "sso:TagResource", "sso:UntagResource", "sso:UpdateApplication", "sso:UpdateApplicationInstanceActiveCertificate", "sso:UpdateApplicationInstanceDisplayData", "sso:UpdateApplicationInstanceResponseConfiguration", "sso:UpdateApplicationInstanceResponseSchemaConfiguration", "sso:UpdateApplicationInstanceSecurityConfiguration", "sso:UpdateApplicationInstanceServiceProviderConfiguration", "sso:UpdateApplicationInstanceStatus", "sso:UpdateDirectoryAssociation", "sso:UpdateInstance", "sso:UpdateInstanceAccessControlAttributeConfiguration", "sso:UpdateManagedApplicationInstanceStatus", "sso:UpdatePermissionSet", "sso:UpdateProfile", "sso:UpdateSSOConfiguration", "sso:UpdateTrust", "sso:UpdateTrustedTokenIssuer", "sso-directory:AddMemberToGroup", "sso-directory:CompleteVirtualMfaDeviceRegistration", "sso-directory:CompleteWebAuthnDeviceRegistration", "sso-directory:CreateAlias", "sso-directory:CreateBearerToken", "sso-directory:CreateExternalIdPConfigurationForDirectory", "sso-directory:CreateGroup", "sso-directory:CreateProvisioningTenant", "sso-directory:CreateUser", "sso-directory:DeleteBearerToken", "sso-directory:DeleteExternalIdPCertificate", "sso-directory:DeleteExternalIdPConfigurationForDirectory", "sso-directory:DeleteGroup", "sso-directory:DeleteMfaDeviceForUser", "sso-directory:DeleteProvisioningTenant", "sso-directory:DeleteUser", "sso-directory:DescribeDirectory", "sso-directory:DescribeGroup", "sso-directory:DescribeGroups", "sso-directory:DescribeProvisioningTenant", "sso-directory:DescribeUser", "sso-directory:DescribeUserByUniqueAttribute", "sso-directory:DescribeUsers", "sso-directory:DisableExternalIdPConfigurationForDirectory", "sso-directory:DisableUser", "sso-directory:EnableExternalIdPConfigurationForDirectory", "sso-directory:EnableUser", "sso-directory:GetAWSSPConfigurationForDirectory", "sso-directory:GetUserPoolInfo", "sso-directory:ImportExternalIdPCertificate", "sso-directory:IsMemberInGroup", "sso-directory:ListBearerTokens", "sso-directory:ListExternalIdPCertificates", "sso-directory:ListExternalIdPConfigurationsForDirectory", "sso-directory:ListGroupsForMember", "sso-directory:ListGroupsForUser", "sso-directory:ListMembersInGroup", "sso-directory:ListMfaDevicesForUser", "sso-directory:ListProvisioningTenants", "sso-directory:RemoveMemberFromGroup", "sso-directory:SearchGroups", "sso-directory:SearchUsers", "sso-directory:StartVirtualMfaDeviceRegistration", "sso-directory:StartWebAuthnDeviceRegistration", "sso-directory:UpdateExternalIdPConfigurationForDirectory", "sso-directory:UpdateGroup", "sso-directory:UpdateGroupDisplayName", "sso-directory:UpdateMfaDeviceForUser", "sso-directory:UpdatePassword", "sso-directory:UpdateUser", "sso-directory:UpdateUserName", "sso-directory:VerifyEmail", "sso-oauth:CreateTokenWithIAM", "states:CreateActivity", "states:CreateStateMachine", "states:CreateStateMachineAlias", "states:DeleteActivity", "states:DeleteStateMachine", "states:DeleteStateMachineAlias", "states:DeleteStateMachineVersion", "states:DescribeActivity", "states:DescribeExecution", "states:DescribeMapRun", "states:DescribeStateMachine", "states:DescribeStateMachineAlias", "states:DescribeStateMachineForExecution", "states:GetActivityTask", "states:GetExecutionHistory", "states:InvokeHTTPEndpoint", "states:ListActivities", "states:ListExecutions", "states:ListMapRuns", "states:ListStateMachineAliases", "states:ListStateMachineVersions", "states:ListStateMachines", "states:ListTagsForResource", "states:PublishStateMachineVersion", "states:RedriveExecution", "states:RevealSecrets", "states:SendTaskFailure", "states:SendTaskHeartbeat", "states:SendTaskSuccess", "states:StartExecution", "states:StartSyncExecution", "states:StopExecution", "states:TagResource", "states:TestState", "states:UntagResource", "states:UpdateMapRun", "states:UpdateStateMachine", "states:UpdateStateMachineAlias", "states:ValidateStateMachineDefinition", "storagegateway:ActivateGateway", "storagegateway:AddCache", "storagegateway:AddTagsToResource", "storagegateway:AddUploadBuffer", "storagegateway:AddWorkingStorage", "storagegateway:AssignTapePool", "storagegateway:AssociateFileSystem", "storagegateway:AttachVolume", "storagegateway:BypassGovernanceRetention", "storagegateway:CancelArchival", "storagegateway:CancelRetrieval", "storagegateway:CreateCachediSCSIVolume", "storagegateway:CreateNFSFileShare", "storagegateway:CreateSMBFileShare", "storagegateway:CreateSnapshot", "storagegateway:CreateSnapshotFromVolumeRecoveryPoint", "storagegateway:CreateStorediSCSIVolume", "storagegateway:CreateTapePool", "storagegateway:CreateTapeWithBarcode", "storagegateway:CreateTapes", "storagegateway:DeleteAutomaticTapeCreationPolicy", "storagegateway:DeleteBandwidthRateLimit", "storagegateway:DeleteChapCredentials", "storagegateway:DeleteFileShare", "storagegateway:DeleteGateway", "storagegateway:DeleteSnapshotSchedule", "storagegateway:DeleteTape", "storagegateway:DeleteTapeArchive", "storagegateway:DeleteTapePool", "storagegateway:DeleteVolume", "storagegateway:DescribeAvailabilityMonitorTest", "storagegateway:DescribeBandwidthRateLimit", "storagegateway:DescribeBandwidthRateLimitSchedule", "storagegateway:DescribeCache", "storagegateway:DescribeCachediSCSIVolumes", "storagegateway:DescribeChapCredentials", "storagegateway:DescribeFileSystemAssociations", "storagegateway:DescribeGatewayInformation", "storagegateway:DescribeMaintenanceStartTime", "storagegateway:DescribeNFSFileShares", "storagegateway:DescribeSMBFileShares", "storagegateway:DescribeSMBSettings", "storagegateway:DescribeSnapshotSchedule", "storagegateway:DescribeStorediSCSIVolumes", "storagegateway:DescribeTapeArchives", "storagegateway:DescribeTapeRecoveryPoints", "storagegateway:DescribeTapes", "storagegateway:DescribeUploadBuffer", "storagegateway:DescribeVTLDevices", "storagegateway:DescribeWorkingStorage", "storagegateway:DetachVolume", "storagegateway:DisableGateway", "storagegateway:DisassociateFileSystem", "storagegateway:JoinDomain", "storagegateway:ListAutomaticTapeCreationPolicies", "storagegateway:ListFileShares", "storagegateway:ListFileSystemAssociations", "storagegateway:ListGateways", "storagegateway:ListLocalDisks", "storagegateway:ListTagsForResource", "storagegateway:ListTapePools", "storagegateway:ListTapes", "storagegateway:ListVolumeInitiators", "storagegateway:ListVolumeRecoveryPoints", "storagegateway:ListVolumes", "storagegateway:NotifyWhenUploaded", "storagegateway:RefreshCache", "storagegateway:RemoveTagsFromResource", "storagegateway:ResetCache", "storagegateway:RetrieveTapeArchive", "storagegateway:RetrieveTapeRecoveryPoint", "storagegateway:SetLocalConsolePassword", "storagegateway:SetSMBGuestPassword", "storagegateway:ShutdownGateway", "storagegateway:StartAvailabilityMonitorTest", "storagegateway:StartGateway", "storagegateway:UpdateAutomaticTapeCreationPolicy", "storagegateway:UpdateBandwidthRateLimit", "storagegateway:UpdateBandwidthRateLimitSchedule", "storagegateway:UpdateChapCredentials", "storagegateway:UpdateFileSystemAssociation", "storagegateway:UpdateGatewayInformation", "storagegateway:UpdateGatewaySoftwareNow", "storagegateway:UpdateMaintenanceStartTime", "storagegateway:UpdateNFSFileShare", "storagegateway:UpdateSMBFileShare", "storagegateway:UpdateSMBFileShareVisibility", "storagegateway:UpdateSMBLocalGroups", "storagegateway:UpdateSMBSecurityStrategy", "storagegateway:UpdateSnapshotSchedule", "storagegateway:UpdateVTLDeviceType", "sts:AssumeRole", "sts:AssumeRoleWithSAML", "sts:AssumeRoleWithWebIdentity", "sts:DecodeAuthorizationMessage", "sts:GetAccessKeyInfo", "sts:GetCallerIdentity", "sts:GetFederationToken", "sts:GetServiceBearerToken", "sts:GetSessionToken", "sts:SetContext", "sts:SetSourceIdentity", "sts:TagSession", "support:AddAttachmentsToSet", "support:AddCommunicationToCase", "support:CreateCase", "support:DescribeAttachment", "support:DescribeCaseAttributes", "support:DescribeCases", "support:DescribeCommunication", "support:DescribeCommunications", "support:DescribeCreateCaseOptions", "support:DescribeIssueTypes", "support:DescribeServices", "support:DescribeSeverityLevels", "support:DescribeSupportLevel", "support:DescribeSupportedLanguages", "support:DescribeTrustedAdvisorCheckRefreshStatuses", "support:DescribeTrustedAdvisorCheckResult", "support:DescribeTrustedAdvisorCheckSummaries", "support:DescribeTrustedAdvisorChecks", "support:InitiateCallForCase", "support:InitiateChatForCase", "support:PutCaseAttributes", "support:RateCaseCommunication", "support:RefreshTrustedAdvisorCheck", "support:ResolveCase", "support:SearchForCases", "supportapp:CreateSlackChannelConfiguration", "supportapp:DeleteAccountAlias", "supportapp:DeleteSlackChannelConfiguration", "supportapp:DeleteSlackWorkspaceConfiguration", "supportapp:DescribeSlackChannels", "supportapp:GetAccountAlias", "supportapp:GetSlackOauthParameters", "supportapp:ListSlackChannelConfigurations", "supportapp:ListSlackWorkspaceConfigurations", "supportapp:PutAccountAlias", "supportapp:RedeemSlackOauthCode", "supportapp:RegisterSlackWorkspaceForOrganization", "supportapp:UpdateSlackChannelConfiguration", "supportplans:CreateSupportPlanSchedule", "supportplans:GetSupportPlan", "supportplans:GetSupportPlanUpdateStatus", "supportplans:StartSupportPlanUpdate", "sustainability:GetCarbonFootprintSummary", "swf:CancelTimer", "swf:CancelWorkflowExecution", "swf:CompleteWorkflowExecution", "swf:ContinueAsNewWorkflowExecution", "swf:CountClosedWorkflowExecutions", "swf:CountOpenWorkflowExecutions", "swf:CountPendingActivityTasks", "swf:CountPendingDecisionTasks", "swf:DeprecateActivityType", "swf:DeprecateDomain", "swf:DeprecateWorkflowType", "swf:DescribeActivityType", "swf:DescribeDomain", "swf:DescribeWorkflowExecution", "swf:DescribeWorkflowType", "swf:FailWorkflowExecution", "swf:GetWorkflowExecutionHistory", "swf:ListActivityTypes", "swf:ListClosedWorkflowExecutions", "swf:ListDomains", "swf:ListOpenWorkflowExecutions", "swf:ListTagsForResource", "swf:ListWorkflowTypes", "swf:PollForActivityTask", "swf:PollForDecisionTask", "swf:RecordActivityTaskHeartbeat", "swf:RecordMarker", "swf:RegisterActivityType", "swf:RegisterDomain", "swf:RegisterWorkflowType", "swf:RequestCancelActivityTask", "swf:RequestCancelExternalWorkflowExecution", "swf:RequestCancelWorkflowExecution", "swf:RespondActivityTaskCanceled", "swf:RespondActivityTaskCompleted", "swf:RespondActivityTaskFailed", "swf:RespondDecisionTaskCompleted", "swf:ScheduleActivityTask", "swf:SignalExternalWorkflowExecution", "swf:SignalWorkflowExecution", "swf:StartChildWorkflowExecution", "swf:StartTimer", "swf:StartWorkflowExecution", "swf:TagResource", "swf:TerminateWorkflowExecution", "swf:UndeprecateActivityType", "swf:UndeprecateDomain", "swf:UndeprecateWorkflowType", "swf:UntagResource", "synthetics:AssociateResource", "synthetics:CreateCanary", "synthetics:CreateGroup", "synthetics:DeleteCanary", "synthetics:DeleteGroup", "synthetics:DescribeCanaries", "synthetics:DescribeCanariesLastRun", "synthetics:DescribeRuntimeVersions", "synthetics:DisassociateResource", "synthetics:GetCanary", "synthetics:GetCanaryRuns", "synthetics:GetGroup", "synthetics:ListAssociatedGroups", "synthetics:ListGroupResources", "synthetics:ListGroups", "synthetics:ListTagsForResource", "synthetics:StartCanary", "synthetics:StopCanary", "synthetics:TagResource", "synthetics:UntagResource", "synthetics:UpdateCanary", "tag:DescribeReportCreation", "tag:GetComplianceSummary", "tag:GetResources", "tag:GetTagKeys", "tag:GetTagValues", "tag:StartReportCreation", "tag:TagResources", "tag:UntagResources", "tax:BatchPutTaxRegistration", "tax:DeleteTaxRegistration", "tax:GetExemptions", "tax:GetTaxInfoReportingDocument", "tax:GetTaxInheritance", "tax:GetTaxInterview", "tax:GetTaxRegistration", "tax:GetTaxRegistrationDocument", "tax:ListTaxRegistrations", "tax:PutTaxInheritance", "tax:PutTaxInterview", "tax:PutTaxRegistration", "tax:UpdateExemptions", "textract:AnalyzeDocument", "textract:AnalyzeExpense", "textract:AnalyzeID", "textract:CreateAdapter", "textract:CreateAdapterVersion", "textract:DeleteAdapter", "textract:DeleteAdapterVersion", "textract:DetectDocumentText", "textract:GetAdapter", "textract:GetAdapterVersion", "textract:GetDocumentAnalysis", "textract:GetDocumentTextDetection", "textract:GetExpenseAnalysis", "textract:GetLendingAnalysis", "textract:GetLendingAnalysisSummary", "textract:ListAdapterVersions", "textract:ListAdapters", "textract:ListTagsForResource", "textract:StartDocumentAnalysis", "textract:StartDocumentTextDetection", "textract:StartExpenseAnalysis", "textract:StartLendingAnalysis", "textract:TagResource", "textract:UntagResource", "textract:UpdateAdapter", "thinclient:CreateEnvironment", "thinclient:DeleteDevice", "thinclient:DeleteEnvironment", "thinclient:DeregisterDevice", "thinclient:GetDevice", "thinclient:GetEnvironment", "thinclient:GetSoftwareSet", "thinclient:ListDeviceSessions", "thinclient:ListDevices", "thinclient:ListEnvironments", "thinclient:ListSoftwareSets", "thinclient:ListTagsForResource", "thinclient:TagResource", "thinclient:UntagResource", "thinclient:UpdateDevice", "thinclient:UpdateEnvironment", "thinclient:UpdateSoftwareSet", "timestream:CancelQuery", "timestream:CreateBatchLoadTask", "timestream:CreateDatabase", "timestream:CreateScheduledQuery", "timestream:CreateTable", "timestream:DeleteDatabase", "timestream:DeleteScheduledQuery", "timestream:DeleteTable", "timestream:DescribeBatchLoadTask", "timestream:DescribeDatabase", "timestream:DescribeEndpoints", "timestream:DescribeScheduledQuery", "timestream:DescribeTable", "timestream:ExecuteScheduledQuery", "timestream:GetAwsBackupStatus", "timestream:GetAwsRestoreStatus", "timestream:ListBatchLoadTasks", "timestream:ListDatabases", "timestream:ListMeasures", "timestream:ListScheduledQueries", "timestream:ListTables", "timestream:ListTagsForResource", "timestream:PrepareQuery", "timestream:ResumeBatchLoadTask", "timestream:Select", "timestream:SelectValues", "timestream:StartAwsBackupJob", "timestream:StartAwsRestoreJob", "timestream:TagResource", "timestream:Unload", "timestream:UntagResource", "timestream:UpdateDatabase", "timestream:UpdateScheduledQuery", "timestream:UpdateTable", "timestream:WriteRecords", "timestream-influxdb:CreateDbInstance", "timestream-influxdb:CreateDbParameterGroup", "timestream-influxdb:DeleteDbInstance", "timestream-influxdb:GetDbInstance", "timestream-influxdb:GetDbParameterGroup", "timestream-influxdb:ListDbInstances", "timestream-influxdb:ListDbParameterGroups", "timestream-influxdb:ListTagsForResource", "timestream-influxdb:TagResource", "timestream-influxdb:UntagResource", "timestream-influxdb:UpdateDbInstance", "tiros:CreateQuery", "tiros:ExtendQuery", "tiros:GetQueryAnswer", "tiros:GetQueryExplanation", "tiros:GetQueryExtensionAccounts", "tnb:CancelSolNetworkOperation", "tnb:CreateSolFunctionPackage", "tnb:CreateSolNetworkInstance", "tnb:CreateSolNetworkPackage", "tnb:DeleteSolFunctionPackage", "tnb:DeleteSolNetworkInstance", "tnb:DeleteSolNetworkPackage", "tnb:GetSolFunctionInstance", "tnb:GetSolFunctionPackage", "tnb:GetSolFunctionPackageContent", "tnb:GetSolFunctionPackageDescriptor", "tnb:GetSolNetworkInstance", "tnb:GetSolNetworkOperation", "tnb:GetSolNetworkPackage", "tnb:GetSolNetworkPackageContent", "tnb:GetSolNetworkPackageDescriptor", "tnb:InstantiateSolNetworkInstance", "tnb:ListSolFunctionInstances", "tnb:ListSolFunctionPackages", "tnb:ListSolNetworkInstances", "tnb:ListSolNetworkOperations", "tnb:ListSolNetworkPackages", "tnb:ListTagsForResource", "tnb:PutSolFunctionPackageContent", "tnb:PutSolNetworkPackageContent", "tnb:TagResource", "tnb:TerminateSolNetworkInstance", "tnb:UntagResource", "tnb:UpdateSolFunctionPackage", "tnb:UpdateSolNetworkInstance", "tnb:UpdateSolNetworkPackage", "tnb:ValidateSolFunctionPackageContent", "tnb:ValidateSolNetworkPackageContent", "transcribe:CreateCallAnalyticsCategory", "transcribe:CreateLanguageModel", "transcribe:CreateMedicalVocabulary", "transcribe:CreateVocabulary", "transcribe:CreateVocabularyFilter", "transcribe:DeleteCallAnalyticsCategory", "transcribe:DeleteCallAnalyticsJob", "transcribe:DeleteLanguageModel", "transcribe:DeleteMedicalScribeJob", "transcribe:DeleteMedicalTranscriptionJob", "transcribe:DeleteMedicalVocabulary", "transcribe:DeleteTranscriptionJob", "transcribe:DeleteVocabulary", "transcribe:DeleteVocabularyFilter", "transcribe:DescribeLanguageModel", "transcribe:GetCallAnalyticsCategory", "transcribe:GetCallAnalyticsJob", "transcribe:GetMedicalScribeJob", "transcribe:GetMedicalTranscriptionJob", "transcribe:GetMedicalVocabulary", "transcribe:GetTranscriptionJob", "transcribe:GetVocabulary", "transcribe:GetVocabularyFilter", "transcribe:ListCallAnalyticsCategories", "transcribe:ListCallAnalyticsJobs", "transcribe:ListLanguageModels", "transcribe:ListMedicalScribeJobs", "transcribe:ListMedicalTranscriptionJobs", "transcribe:ListMedicalVocabularies", "transcribe:ListTagsForResource", "transcribe:ListTranscriptionJobs", "transcribe:ListVocabularies", "transcribe:ListVocabularyFilters", "transcribe:StartCallAnalyticsJob", "transcribe:StartCallAnalyticsStreamTranscription", "transcribe:StartCallAnalyticsStreamTranscriptionWebSocket", "transcribe:StartMedicalScribeJob", "transcribe:StartMedicalStreamTranscription", "transcribe:StartMedicalStreamTranscriptionWebSocket", "transcribe:StartMedicalTranscriptionJob", "transcribe:StartStreamTranscription", "transcribe:StartStreamTranscriptionWebSocket", "transcribe:StartTranscriptionJob", "transcribe:TagResource", "transcribe:UntagResource", "transcribe:UpdateCallAnalyticsCategory", "transcribe:UpdateMedicalVocabulary", "transcribe:UpdateVocabulary", "transcribe:UpdateVocabularyFilter", "transfer:CreateAccess", "transfer:CreateAgreement", "transfer:CreateConnector", "transfer:CreateProfile", "transfer:CreateServer", "transfer:CreateUser", "transfer:CreateWorkflow", "transfer:DeleteAccess", "transfer:DeleteAgreement", "transfer:DeleteCertificate", "transfer:DeleteConnector", "transfer:DeleteHostKey", "transfer:DeleteProfile", "transfer:DeleteServer", "transfer:DeleteSshPublicKey", "transfer:DeleteUser", "transfer:DeleteWorkflow", "transfer:DescribeAccess", "transfer:DescribeAgreement", "transfer:DescribeCertificate", "transfer:DescribeConnector", "transfer:DescribeExecution", "transfer:DescribeHostKey", "transfer:DescribeProfile", "transfer:DescribeSecurityPolicy", "transfer:DescribeServer", "transfer:DescribeUser", "transfer:DescribeWorkflow", "transfer:ImportCertificate", "transfer:ImportHostKey", "transfer:ImportSshPublicKey", "transfer:ListAccesses", "transfer:ListAgreements", "transfer:ListCertificates", "transfer:ListConnectors", "transfer:ListExecutions", "transfer:ListHostKeys", "transfer:ListProfiles", "transfer:ListSecurityPolicies", "transfer:ListServers", "transfer:ListTagsForResource", "transfer:ListUsers", "transfer:ListWorkflows", "transfer:SendWorkflowStepState", "transfer:StartFileTransfer", "transfer:StartServer", "transfer:StopServer", "transfer:TagResource", "transfer:TestConnection", "transfer:TestIdentityProvider", "transfer:UntagResource", "transfer:UpdateAccess", "transfer:UpdateAgreement", "transfer:UpdateCertificate", "transfer:UpdateConnector", "transfer:UpdateHostKey", "transfer:UpdateProfile", "transfer:UpdateServer", "transfer:UpdateUser", "translate:CreateParallelData", "translate:DeleteParallelData", "translate:DeleteTerminology", "translate:DescribeTextTranslationJob", "translate:GetParallelData", "translate:GetTerminology", "translate:ImportTerminology", "translate:ListLanguages", "translate:ListParallelData", "translate:ListTagsForResource", "translate:ListTerminologies", "translate:ListTextTranslationJobs", "translate:StartTextTranslationJob", "translate:StopTextTranslationJob", "translate:TagResource", "translate:TranslateDocument", "translate:TranslateText", "translate:UntagResource", "translate:UpdateParallelData", "trustedadvisor:CreateEngagement", "trustedadvisor:CreateEngagementAttachment", "trustedadvisor:CreateEngagementCommunication", "trustedadvisor:DeleteNotificationConfigurationForDelegatedAdmin", "trustedadvisor:DescribeAccount", "trustedadvisor:DescribeAccountAccess", "trustedadvisor:DescribeCheckItems", "trustedadvisor:DescribeCheckRefreshStatuses", "trustedadvisor:DescribeCheckStatusHistoryChanges", "trustedadvisor:DescribeCheckSummaries", "trustedadvisor:DescribeChecks", "trustedadvisor:DescribeNotificationConfigurations", "trustedadvisor:DescribeNotificationPreferences", "trustedadvisor:DescribeOrganization", "trustedadvisor:DescribeOrganizationAccounts", "trustedadvisor:DescribeReports", "trustedadvisor:DescribeRisk", "trustedadvisor:DescribeRiskResources", "trustedadvisor:DescribeRisks", "trustedadvisor:DescribeServiceMetadata", "trustedadvisor:DownloadRisk", "trustedadvisor:ExcludeCheckItems", "trustedadvisor:GenerateReport", "trustedadvisor:GetEngagement", "trustedadvisor:GetEngagementAttachment", "trustedadvisor:GetEngagementType", "trustedadvisor:GetOrganizationRecommendation", "trustedadvisor:GetRecommendation", "trustedadvisor:IncludeCheckItems", "trustedadvisor:ListAccountsForParent", "trustedadvisor:ListChecks", "trustedadvisor:ListEngagementCommunications", "trustedadvisor:ListEngagementTypes", "trustedadvisor:ListEngagements", "trustedadvisor:ListOrganizationRecommendationAccounts", "trustedadvisor:ListOrganizationRecommendationResources", "trustedadvisor:ListOrganizationRecommendations", "trustedadvisor:ListOrganizationalUnitsForParent", "trustedadvisor:ListRecommendationResources", "trustedadvisor:ListRecommendations", "trustedadvisor:ListRoots", "trustedadvisor:RefreshCheck", "trustedadvisor:SetAccountAccess", "trustedadvisor:SetOrganizationAccess", "trustedadvisor:UpdateEngagement", "trustedadvisor:UpdateEngagementStatus", "trustedadvisor:UpdateNotificationConfigurations", "trustedadvisor:UpdateNotificationPreferences", "trustedadvisor:UpdateOrganizationRecommendationLifecycle", "trustedadvisor:UpdateRecommendationLifecycle", "trustedadvisor:UpdateRiskStatus", "ts:GetExecution", "ts:GetExecutionOutput", "ts:GetTool", "ts:ListExecutions", "ts:ListTagsForResource", "ts:ListTools", "ts:StartExecution", "ts:TagResource", "ts:UntagResource", "vendor-insights:ActivateSecurityProfile", "vendor-insights:AssociateDataSource", "vendor-insights:CreateDataSource", "vendor-insights:CreateSecurityProfile", "vendor-insights:DeactivateSecurityProfile", "vendor-insights:DeleteDataSource", "vendor-insights:DisassociateDataSource", "vendor-insights:GetDataSource", "vendor-insights:GetEntitledSecurityProfileSnapshot", "vendor-insights:GetProfileAccessTerms", "vendor-insights:GetSecurityProfile", "vendor-insights:GetSecurityProfileSnapshot", "vendor-insights:ListDataSources", "vendor-insights:ListEntitledSecurityProfileSnapshots", "vendor-insights:ListEntitledSecurityProfiles", "vendor-insights:ListSecurityProfileSnapshots", "vendor-insights:ListSecurityProfiles", "vendor-insights:ListTagsForResource", "vendor-insights:TagResource", "vendor-insights:UntagResource", "vendor-insights:UpdateDataSource", "vendor-insights:UpdateSecurityProfile", "vendor-insights:UpdateSecurityProfileSnapshotCreationConfiguration", "vendor-insights:UpdateSecurityProfileSnapshotReleaseConfiguration", "verified-access:AllowVerifiedAccess", "verifiedpermissions:CreateIdentitySource", "verifiedpermissions:CreatePolicy", "verifiedpermissions:CreatePolicyStore", "verifiedpermissions:CreatePolicyTemplate", "verifiedpermissions:DeleteIdentitySource", "verifiedpermissions:DeletePolicy", "verifiedpermissions:DeletePolicyStore", "verifiedpermissions:DeletePolicyTemplate", "verifiedpermissions:GetIdentitySource", "verifiedpermissions:GetPolicy", "verifiedpermissions:GetPolicyStore", "verifiedpermissions:GetPolicyTemplate", "verifiedpermissions:GetSchema", "verifiedpermissions:IsAuthorized", "verifiedpermissions:IsAuthorizedWithToken", "verifiedpermissions:ListIdentitySources", "verifiedpermissions:ListPolicies", "verifiedpermissions:ListPolicyStores", "verifiedpermissions:ListPolicyTemplates", "verifiedpermissions:PutSchema", "verifiedpermissions:UpdateIdentitySource", "verifiedpermissions:UpdatePolicy", "verifiedpermissions:UpdatePolicyStore", "verifiedpermissions:UpdatePolicyTemplate", "verifiedpermissions:isauthorized", "voiceid:AssociateFraudster", "voiceid:CreateDomain", "voiceid:CreateWatchlist", "voiceid:DeleteDomain", "voiceid:DeleteFraudster", "voiceid:DeleteSpeaker", "voiceid:DeleteWatchlist", "voiceid:DescribeComplianceConsent", "voiceid:DescribeDomain", "voiceid:DescribeFraudster", "voiceid:DescribeFraudsterRegistrationJob", "voiceid:DescribeSpeaker", "voiceid:DescribeSpeakerEnrollmentJob", "voiceid:DescribeWatchlist", "voiceid:DisassociateFraudster", "voiceid:EvaluateSession", "voiceid:ListDomains", "voiceid:ListFraudsterRegistrationJobs", "voiceid:ListFraudsters", "voiceid:ListSpeakerEnrollmentJobs", "voiceid:ListSpeakers", "voiceid:ListTagsForResource", "voiceid:ListWatchlists", "voiceid:OptOutSpeaker", "voiceid:RegisterComplianceConsent", "voiceid:StartFraudsterRegistrationJob", "voiceid:StartSpeakerEnrollmentJob", "voiceid:TagResource", "voiceid:UntagResource", "voiceid:UpdateDomain", "voiceid:UpdateWatchlist", "vpc-lattice:CreateAccessLogSubscription", "vpc-lattice:CreateListener", "vpc-lattice:CreateRule", "vpc-lattice:CreateService", "vpc-lattice:CreateServiceNetwork", "vpc-lattice:CreateServiceNetworkServiceAssociation", "vpc-lattice:CreateServiceNetworkVpcAssociation", "vpc-lattice:CreateTargetGroup", "vpc-lattice:DeleteAccessLogSubscription", "vpc-lattice:DeleteAuthPolicy", "vpc-lattice:DeleteListener", "vpc-lattice:DeleteResourcePolicy", "vpc-lattice:DeleteRule", "vpc-lattice:DeleteService", "vpc-lattice:DeleteServiceNetwork", "vpc-lattice:DeleteServiceNetworkServiceAssociation", "vpc-lattice:DeleteServiceNetworkVpcAssociation", "vpc-lattice:DeleteTargetGroup", "vpc-lattice:DeregisterTargets", "vpc-lattice:GetAccessLogSubscription", "vpc-lattice:GetAuthPolicy", "vpc-lattice:GetListener", "vpc-lattice:GetResourcePolicy", "vpc-lattice:GetRule", "vpc-lattice:GetService", "vpc-lattice:GetServiceNetwork", "vpc-lattice:GetServiceNetworkServiceAssociation", "vpc-lattice:GetServiceNetworkVpcAssociation", "vpc-lattice:GetTargetGroup", "vpc-lattice:ListAccessLogSubscriptions", "vpc-lattice:ListListeners", "vpc-lattice:ListRules", "vpc-lattice:ListServiceNetworkServiceAssociations", "vpc-lattice:ListServiceNetworkVpcAssociations", "vpc-lattice:ListServiceNetworks", "vpc-lattice:ListServices", "vpc-lattice:ListTagsForResource", "vpc-lattice:ListTargetGroups", "vpc-lattice:ListTargets", "vpc-lattice:PutAuthPolicy", "vpc-lattice:PutResourcePolicy", "vpc-lattice:RegisterTargets", "vpc-lattice:TagResource", "vpc-lattice:UntagResource", "vpc-lattice:UpdateAccessLogSubscription", "vpc-lattice:UpdateListener", "vpc-lattice:UpdateRule", "vpc-lattice:UpdateService", "vpc-lattice:UpdateServiceNetwork", "vpc-lattice:UpdateServiceNetworkVpcAssociation", "vpc-lattice:UpdateTargetGroup", "vpc-lattice-svcs:Invoke", "waf:CreateByteMatchSet", "waf:CreateGeoMatchSet", "waf:CreateIPSet", "waf:CreateRateBasedRule", "waf:CreateRegexMatchSet", "waf:CreateRegexPatternSet", "waf:CreateRule", "waf:CreateRuleGroup", "waf:CreateSizeConstraintSet", "waf:CreateSqlInjectionMatchSet", "waf:CreateWebACL", "waf:CreateWebACLMigrationStack", "waf:CreateXssMatchSet", "waf:DeleteByteMatchSet", "waf:DeleteGeoMatchSet", "waf:DeleteIPSet", "waf:DeleteLoggingConfiguration", "waf:DeletePermissionPolicy", "waf:DeleteRateBasedRule", "waf:DeleteRegexMatchSet", "waf:DeleteRegexPatternSet", "waf:DeleteRule", "waf:DeleteRuleGroup", "waf:DeleteSizeConstraintSet", "waf:DeleteSqlInjectionMatchSet", "waf:DeleteWebACL", "waf:DeleteXssMatchSet", "waf:GetByteMatchSet", "waf:GetChangeToken", "waf:GetChangeTokenStatus", "waf:GetGeoMatchSet", "waf:GetIPSet", "waf:GetLoggingConfiguration", "waf:GetPermissionPolicy", "waf:GetRateBasedRule", "waf:GetRateBasedRuleManagedKeys", "waf:GetRegexMatchSet", "waf:GetRegexPatternSet", "waf:GetRule", "waf:GetRuleGroup", "waf:GetSampledRequests", "waf:GetSizeConstraintSet", "waf:GetSqlInjectionMatchSet", "waf:GetWebACL", "waf:GetXssMatchSet", "waf:ListActivatedRulesInRuleGroup", "waf:ListByteMatchSets", "waf:ListGeoMatchSets", "waf:ListIPSets", "waf:ListLoggingConfigurations", "waf:ListRateBasedRules", "waf:ListRegexMatchSets", "waf:ListRegexPatternSets", "waf:ListRuleGroups", "waf:ListRules", "waf:ListSizeConstraintSets", "waf:ListSqlInjectionMatchSets", "waf:ListSubscribedRuleGroups", "waf:ListTagsForResource", "waf:ListWebACLs", "waf:ListXssMatchSets", "waf:PutLoggingConfiguration", "waf:PutPermissionPolicy", "waf:TagResource", "waf:UntagResource", "waf:UpdateByteMatchSet", "waf:UpdateGeoMatchSet", "waf:UpdateIPSet", "waf:UpdateRateBasedRule", "waf:UpdateRegexMatchSet", "waf:UpdateRegexPatternSet", "waf:UpdateRule", "waf:UpdateRuleGroup", "waf:UpdateSizeConstraintSet", "waf:UpdateSqlInjectionMatchSet", "waf:UpdateWebACL", "waf:UpdateXssMatchSet", "waf-regional:AssociateWebACL", "waf-regional:CreateByteMatchSet", "waf-regional:CreateGeoMatchSet", "waf-regional:CreateIPSet", "waf-regional:CreateRateBasedRule", "waf-regional:CreateRegexMatchSet", "waf-regional:CreateRegexPatternSet", "waf-regional:CreateRule", "waf-regional:CreateRuleGroup", "waf-regional:CreateSizeConstraintSet", "waf-regional:CreateSqlInjectionMatchSet", "waf-regional:CreateWebACL", "waf-regional:CreateWebACLMigrationStack", "waf-regional:CreateXssMatchSet", "waf-regional:DeleteByteMatchSet", "waf-regional:DeleteGeoMatchSet", "waf-regional:DeleteIPSet", "waf-regional:DeleteLoggingConfiguration", "waf-regional:DeletePermissionPolicy", "waf-regional:DeleteRateBasedRule", "waf-regional:DeleteRegexMatchSet", "waf-regional:DeleteRegexPatternSet", "waf-regional:DeleteRule", "waf-regional:DeleteRuleGroup", "waf-regional:DeleteSizeConstraintSet", "waf-regional:DeleteSqlInjectionMatchSet", "waf-regional:DeleteWebACL", "waf-regional:DeleteXssMatchSet", "waf-regional:DisassociateWebACL", "waf-regional:GetByteMatchSet", "waf-regional:GetChangeToken", "waf-regional:GetChangeTokenStatus", "waf-regional:GetGeoMatchSet", "waf-regional:GetIPSet", "waf-regional:GetLoggingConfiguration", "waf-regional:GetPermissionPolicy", "waf-regional:GetRateBasedRule", "waf-regional:GetRateBasedRuleManagedKeys", "waf-regional:GetRegexMatchSet", "waf-regional:GetRegexPatternSet", "waf-regional:GetRule", "waf-regional:GetRuleGroup", "waf-regional:GetSampledRequests", "waf-regional:GetSizeConstraintSet", "waf-regional:GetSqlInjectionMatchSet", "waf-regional:GetWebACL", "waf-regional:GetWebACLForResource", "waf-regional:GetXssMatchSet", "waf-regional:ListActivatedRulesInRuleGroup", "waf-regional:ListByteMatchSets", "waf-regional:ListGeoMatchSets", "waf-regional:ListIPSets", "waf-regional:ListLoggingConfigurations", "waf-regional:ListRateBasedRules", "waf-regional:ListRegexMatchSets", "waf-regional:ListRegexPatternSets", "waf-regional:ListResourcesForWebACL", "waf-regional:ListRuleGroups", "waf-regional:ListRules", "waf-regional:ListSizeConstraintSets", "waf-regional:ListSqlInjectionMatchSets", "waf-regional:ListSubscribedRuleGroups", "waf-regional:ListTagsForResource", "waf-regional:ListWebACLs", "waf-regional:ListXssMatchSets", "waf-regional:PutLoggingConfiguration", "waf-regional:PutPermissionPolicy", "waf-regional:TagResource", "waf-regional:UntagResource", "waf-regional:UpdateByteMatchSet", "waf-regional:UpdateGeoMatchSet", "waf-regional:UpdateIPSet", "waf-regional:UpdateRateBasedRule", "waf-regional:UpdateRegexMatchSet", "waf-regional:UpdateRegexPatternSet", "waf-regional:UpdateRule", "waf-regional:UpdateRuleGroup", "waf-regional:UpdateSizeConstraintSet", "waf-regional:UpdateSqlInjectionMatchSet", "waf-regional:UpdateWebACL", "waf-regional:UpdateXssMatchSet", "wafv2:AssociateWebACL", "wafv2:CheckCapacity", "wafv2:CreateAPIKey", "wafv2:CreateIPSet", "wafv2:CreateRegexPatternSet", "wafv2:CreateRuleGroup", "wafv2:CreateWebACL", "wafv2:DeleteAPIKey", "wafv2:DeleteFirewallManagerRuleGroups", "wafv2:DeleteIPSet", "wafv2:DeleteLoggingConfiguration", "wafv2:DeletePermissionPolicy", "wafv2:DeleteRegexPatternSet", "wafv2:DeleteRuleGroup", "wafv2:DeleteWebACL", "wafv2:DescribeAllManagedProducts", "wafv2:DescribeManagedProductsByVendor", "wafv2:DescribeManagedRuleGroup", "wafv2:DisassociateFirewallManager", "wafv2:DisassociateWebACL", "wafv2:GenerateMobileSdkReleaseUrl", "wafv2:GetDecryptedAPIKey", "wafv2:GetIPSet", "wafv2:GetLoggingConfiguration", "wafv2:GetManagedRuleSet", "wafv2:GetMobileSdkRelease", "wafv2:GetPermissionPolicy", "wafv2:GetRateBasedStatementManagedKeys", "wafv2:GetRegexPatternSet", "wafv2:GetRuleGroup", "wafv2:GetSampledRequests", "wafv2:GetWebACL", "wafv2:GetWebACLForResource", "wafv2:ListAPIKeys", "wafv2:ListAvailableManagedRuleGroupVersions", "wafv2:ListAvailableManagedRuleGroups", "wafv2:ListIPSets", "wafv2:ListLoggingConfigurations", "wafv2:ListManagedRuleSets", "wafv2:ListMobileSdkReleases", "wafv2:ListRegexPatternSets", "wafv2:ListResourcesForWebACL", "wafv2:ListRuleGroups", "wafv2:ListTagsForResource", "wafv2:ListWebACLs", "wafv2:PutFirewallManagerRuleGroups", "wafv2:PutLoggingConfiguration", "wafv2:PutManagedRuleSetVersions", "wafv2:PutPermissionPolicy", "wafv2:TagResource", "wafv2:UntagResource", "wafv2:UpdateIPSet", "wafv2:UpdateManagedRuleSetVersionExpiryDate", "wafv2:UpdateRegexPatternSet", "wafv2:UpdateRuleGroup", "wafv2:UpdateWebACL", "wam:AuthenticatePackager", "wellarchitected:AssociateLenses", "wellarchitected:AssociateProfiles", "wellarchitected:ConfigureIntegration", "wellarchitected:CreateLensShare", "wellarchitected:CreateLensVersion", "wellarchitected:CreateMilestone", "wellarchitected:CreateProfile", "wellarchitected:CreateProfileShare", "wellarchitected:CreateReviewTemplate", "wellarchitected:CreateTemplateShare", "wellarchitected:CreateWorkload", "wellarchitected:CreateWorkloadShare", "wellarchitected:DeleteLens", "wellarchitected:DeleteLensShare", "wellarchitected:DeleteProfile", "wellarchitected:DeleteProfileShare", "wellarchitected:DeleteReviewTemplate", "wellarchitected:DeleteTemplateShare", "wellarchitected:DeleteWorkload", "wellarchitected:DeleteWorkloadShare", "wellarchitected:DisassociateLenses", "wellarchitected:DisassociateProfiles", "wellarchitected:ExportLens", "wellarchitected:GetAnswer", "wellarchitected:GetConsolidatedReport", "wellarchitected:GetGlobalSettings", "wellarchitected:GetLens", "wellarchitected:GetLensReview", "wellarchitected:GetLensReviewReport", "wellarchitected:GetLensVersionDifference", "wellarchitected:GetMilestone", "wellarchitected:GetProfile", "wellarchitected:GetProfileTemplate", "wellarchitected:GetReviewTemplate", "wellarchitected:GetReviewTemplateAnswer", "wellarchitected:GetReviewTemplateLensReview", "wellarchitected:GetWorkload", "wellarchitected:ImportLens", "wellarchitected:ListAnswers", "wellarchitected:ListCheckDetails", "wellarchitected:ListCheckSummaries", "wellarchitected:ListLensReviewImprovements", "wellarchitected:ListLensReviews", "wellarchitected:ListLensShares", "wellarchitected:ListLenses", "wellarchitected:ListMilestones", "wellarchitected:ListNotifications", "wellarchitected:ListProfileNotifications", "wellarchitected:ListProfileShares", "wellarchitected:ListProfiles", "wellarchitected:ListReviewTemplateAnswers", "wellarchitected:ListReviewTemplates", "wellarchitected:ListShareInvitations", "wellarchitected:ListTagsForResource", "wellarchitected:ListTemplateShares", "wellarchitected:ListWorkloadShares", "wellarchitected:ListWorkloads", "wellarchitected:TagResource", "wellarchitected:UntagResource", "wellarchitected:UpdateAnswer", "wellarchitected:UpdateGlobalSettings", "wellarchitected:UpdateIntegration", "wellarchitected:UpdateLensReview", "wellarchitected:UpdateProfile", "wellarchitected:UpdateReviewTemplate", "wellarchitected:UpdateReviewTemplateAnswer", "wellarchitected:UpdateReviewTemplateLensReview", "wellarchitected:UpdateShareInvitation", "wellarchitected:UpdateWorkload", "wellarchitected:UpdateWorkloadShare", "wellarchitected:UpgradeLensReview", "wellarchitected:UpgradeProfileVersion", "wellarchitected:UpgradeReviewTemplateLensReview", "wickr:CreateAdminSession", "wickr:CreateNetwork", "wickr:ListNetworks", "wickr:ListTagsForResource", "wickr:TagResource", "wickr:UntagResource", "wickr:UpdateNetworkDetails", "wisdom:CreateAssistant", "wisdom:CreateAssistantAssociation", "wisdom:CreateContent", "wisdom:CreateKnowledgeBase", "wisdom:CreateQuickResponse", "wisdom:CreateSession", "wisdom:DeleteAssistant", "wisdom:DeleteAssistantAssociation", "wisdom:DeleteContent", "wisdom:DeleteImportJob", "wisdom:DeleteKnowledgeBase", "wisdom:DeleteQuickResponse", "wisdom:GetAssistant", "wisdom:GetAssistantAssociation", "wisdom:GetContent", "wisdom:GetContentSummary", "wisdom:GetImportJob", "wisdom:GetKnowledgeBase", "wisdom:GetQuickResponse", "wisdom:GetRecommendations", "wisdom:GetSession", "wisdom:ListAssistantAssociations", "wisdom:ListAssistants", "wisdom:ListContents", "wisdom:ListImportJobs", "wisdom:ListKnowledgeBases", "wisdom:ListQuickResponses", "wisdom:ListTagsForResource", "wisdom:NotifyRecommendationsReceived", "wisdom:PutFeedback", "wisdom:QueryAssistant", "wisdom:RemoveKnowledgeBaseTemplateUri", "wisdom:SearchContent", "wisdom:SearchQuickResponses", "wisdom:SearchSessions", "wisdom:StartContentUpload", "wisdom:StartImportJob", "wisdom:TagResource", "wisdom:UntagResource", "wisdom:UpdateContent", "wisdom:UpdateKnowledgeBaseTemplateUri", "wisdom:UpdateQuickResponse", "wisdom:UpdateSession", "workdocs:AbortDocumentVersionUpload", "workdocs:ActivateUser", "workdocs:AddNotificationPermissions", "workdocs:AddResourcePermissions", "workdocs:AddUserToGroup", "workdocs:CheckAlias", "workdocs:CreateComment", "workdocs:CreateCustomMetadata", "workdocs:CreateFolder", "workdocs:CreateInstance", "workdocs:CreateLabels", "workdocs:CreateNotificationSubscription", "workdocs:CreateUser", "workdocs:DeactivateUser", "workdocs:DeleteComment", "workdocs:DeleteCustomMetadata", "workdocs:DeleteDocument", "workdocs:DeleteDocumentVersion", "workdocs:DeleteFolder", "workdocs:DeleteFolderContents", "workdocs:DeleteInstance", "workdocs:DeleteLabels", "workdocs:DeleteNotificationPermissions", "workdocs:DeleteNotificationSubscription", "workdocs:DeleteUser", "workdocs:DeregisterDirectory", "workdocs:DescribeActivities", "workdocs:DescribeAvailableDirectories", "workdocs:DescribeComments", "workdocs:DescribeDocumentVersions", "workdocs:DescribeFolderContents", "workdocs:DescribeGroups", "workdocs:DescribeInstanceExports", "workdocs:DescribeInstances", "workdocs:DescribeNotificationPermissions", "workdocs:DescribeNotificationSubscriptions", "workdocs:DescribeResourcePermissions", "workdocs:DescribeRootFolders", "workdocs:DescribeUsers", "workdocs:DownloadDocumentVersion", "workdocs:GetCurrentUser", "workdocs:GetDocument", "workdocs:GetDocumentPath", "workdocs:GetDocumentVersion", "workdocs:GetFolder", "workdocs:GetFolderPath", "workdocs:GetGroup", "workdocs:GetResources", "workdocs:InitiateDocumentVersionUpload", "workdocs:RegisterDirectory", "workdocs:RemoveAllResourcePermissions", "workdocs:RemoveResourcePermission", "workdocs:RestoreDocumentVersions", "workdocs:SearchResources", "workdocs:StartInstanceExport", "workdocs:UpdateDocument", "workdocs:UpdateDocumentVersion", "workdocs:UpdateFolder", "workdocs:UpdateInstanceAlias", "workdocs:UpdateUser", "workdocs:UpdateUserAdministrativeSettings", "worklink:AssociateDomain", "worklink:AssociateWebsiteAuthorizationProvider", "worklink:AssociateWebsiteCertificateAuthority", "worklink:CreateFleet", "worklink:DeleteFleet", "worklink:DescribeAuditStreamConfiguration", "worklink:DescribeCompanyNetworkConfiguration", "worklink:DescribeDevice", "worklink:DescribeDevicePolicyConfiguration", "worklink:DescribeDomain", "worklink:DescribeFleetMetadata", "worklink:DescribeIdentityProviderConfiguration", "worklink:DescribeWebsiteCertificateAuthority", "worklink:DisassociateDomain", "worklink:DisassociateWebsiteAuthorizationProvider", "worklink:DisassociateWebsiteCertificateAuthority", "worklink:ListDevices", "worklink:ListDomains", "worklink:ListFleets", "worklink:ListTagsForResource", "worklink:ListWebsiteAuthorizationProviders", "worklink:ListWebsiteCertificateAuthorities", "worklink:RestoreDomainAccess", "worklink:RevokeDomainAccess", "worklink:SearchEntity", "worklink:SignOutUser", "worklink:TagResource", "worklink:UntagResource", "worklink:UpdateAuditStreamConfiguration", "worklink:UpdateCompanyNetworkConfiguration", "worklink:UpdateDevicePolicyConfiguration", "worklink:UpdateDomainMetadata", "worklink:UpdateFleetMetadata", "worklink:UpdateIdentityProviderConfiguration", "workmail:AddMembersToGroup", "workmail:AllowVendedLogDeliveryForResource", "workmail:AssociateDelegateToResource", "workmail:AssociateMemberToGroup", "workmail:AssumeImpersonationRole", "workmail:CancelMailboxExportJob", "workmail:CreateAlias", "workmail:CreateAvailabilityConfiguration", "workmail:CreateGroup", "workmail:CreateImpersonationRole", "workmail:CreateInboundMailFlowRule", "workmail:CreateMailDomain", "workmail:CreateMobileDeviceAccessRule", "workmail:CreateOrganization", "workmail:CreateOutboundMailFlowRule", "workmail:CreateResource", "workmail:CreateSmtpGateway", "workmail:CreateUser", "workmail:DeleteAccessControlRule", "workmail:DeleteAlias", "workmail:DeleteAvailabilityConfiguration", "workmail:DeleteEmailMonitoringConfiguration", "workmail:DeleteGroup", "workmail:DeleteImpersonationRole", "workmail:DeleteInboundMailFlowRule", "workmail:DeleteMailDomain", "workmail:DeleteMailboxPermissions", "workmail:DeleteMobileDevice", "workmail:DeleteMobileDeviceAccessOverride", "workmail:DeleteMobileDeviceAccessRule", "workmail:DeleteOrganization", "workmail:DeleteOutboundMailFlowRule", "workmail:DeleteResource", "workmail:DeleteRetentionPolicy", "workmail:DeleteSmtpGateway", "workmail:DeleteUser", "workmail:DeregisterFromWorkMail", "workmail:DeregisterMailDomain", "workmail:DescribeDirectories", "workmail:DescribeEmailMonitoringConfiguration", "workmail:DescribeEntity", "workmail:DescribeGroup", "workmail:DescribeInboundDmarcSettings", "workmail:DescribeInboundMailFlowRule", "workmail:DescribeKmsKeys", "workmail:DescribeMailDomains", "workmail:DescribeMailGroups", "workmail:DescribeMailUsers", "workmail:DescribeMailboxExportJob", "workmail:DescribeOrganization", "workmail:DescribeOrganizations", "workmail:DescribeOutboundMailFlowRule", "workmail:DescribeResource", "workmail:DescribeSmtpGateway", "workmail:DescribeUser", "workmail:DisassociateDelegateFromResource", "workmail:DisassociateMemberFromGroup", "workmail:EnableMailDomain", "workmail:GetAccessControlEffect", "workmail:GetDefaultRetentionPolicy", "workmail:GetImpersonationRole", "workmail:GetImpersonationRoleEffect", "workmail:GetJournalingRules", "workmail:GetMailDomain", "workmail:GetMailDomainDetails", "workmail:GetMailGroupDetails", "workmail:GetMailboxDetails", "workmail:GetMobileDeviceAccessEffect", "workmail:GetMobileDeviceAccessOverride", "workmail:GetMobileDeviceDetails", "workmail:GetMobileDevicesForUser", "workmail:GetMobilePolicyDetails", "workmail:ListAccessControlRules", "workmail:ListAliases", "workmail:ListAvailabilityConfigurations", "workmail:ListGroupMembers", "workmail:ListGroups", "workmail:ListGroupsForEntity", "workmail:ListImpersonationRoles", "workmail:ListInboundMailFlowRules", "workmail:ListMailDomains", "workmail:ListMailboxExportJobs", "workmail:ListMailboxPermissions", "workmail:ListMembersInMailGroup", "workmail:ListMobileDeviceAccessOverrides", "workmail:ListMobileDeviceAccessRules", "workmail:ListOrganizations", "workmail:ListOutboundMailFlowRules", "workmail:ListResourceDelegates", "workmail:ListResources", "workmail:ListSmtpGateways", "workmail:ListTagsForResource", "workmail:ListUsers", "workmail:PutAccessControlRule", "workmail:PutEmailMonitoringConfiguration", "workmail:PutInboundDmarcSettings", "workmail:PutMailboxPermissions", "workmail:PutMobileDeviceAccessOverride", "workmail:PutRetentionPolicy", "workmail:RegisterMailDomain", "workmail:RegisterToWorkMail", "workmail:RemoveMembersFromGroup", "workmail:ResetPassword", "workmail:ResetUserPassword", "workmail:SearchMembers", "workmail:SetAdmin", "workmail:SetDefaultMailDomain", "workmail:SetJournalingRules", "workmail:SetMobilePolicyDetails", "workmail:StartMailboxExportJob", "workmail:TagResource", "workmail:TestAvailabilityConfiguration", "workmail:TestInboundMailFlowRules", "workmail:TestOutboundMailFlowRules", "workmail:UntagResource", "workmail:UpdateAvailabilityConfiguration", "workmail:UpdateDefaultMailDomain", "workmail:UpdateGroup", "workmail:UpdateImpersonationRole", "workmail:UpdateInboundMailFlowRule", "workmail:UpdateMailboxQuota", "workmail:UpdateMobileDeviceAccessRule", "workmail:UpdateOutboundMailFlowRule", "workmail:UpdatePrimaryEmailAddress", "workmail:UpdateResource", "workmail:UpdateSmtpGateway", "workmail:UpdateUser", "workmail:WipeMobileDevice", "workmailmessageflow:GetRawMessageContent", "workmailmessageflow:PutRawMessageContent", "workspaces:AcceptAccountLinkInvitation", "workspaces:AssociateConnectionAlias", "workspaces:AssociateIpGroups", "workspaces:AssociateWorkspaceApplication", "workspaces:AuthorizeIpRules", "workspaces:CopyWorkspaceImage", "workspaces:CreateAccountLinkInvitation", "workspaces:CreateConnectClientAddIn", "workspaces:CreateConnectionAlias", "workspaces:CreateIpGroup", "workspaces:CreateStandbyWorkspaces", "workspaces:CreateTags", "workspaces:CreateUpdatedWorkspaceImage", "workspaces:CreateWorkspaceBundle", "workspaces:CreateWorkspaceImage", "workspaces:CreateWorkspaces", "workspaces:DeleteAccountLinkInvitation", "workspaces:DeleteClientBranding", "workspaces:DeleteConnectClientAddIn", "workspaces:DeleteConnectionAlias", "workspaces:DeleteIpGroup", "workspaces:DeleteTags", "workspaces:DeleteWorkspaceBundle", "workspaces:DeleteWorkspaceImage", "workspaces:DeployWorkspaceApplications", "workspaces:DeregisterWorkspaceDirectory", "workspaces:DescribeAccount", "workspaces:DescribeAccountModifications", "workspaces:DescribeApplicationAssociations", "workspaces:DescribeApplications", "workspaces:DescribeBundleAssociations", "workspaces:DescribeClientBranding", "workspaces:DescribeClientProperties", "workspaces:DescribeConnectClientAddIns", "workspaces:DescribeConnectionAliasPermissions", "workspaces:DescribeConnectionAliases", "workspaces:DescribeImageAssociations", "workspaces:DescribeIpGroups", "workspaces:DescribeTags", "workspaces:DescribeWorkspaceAssociations", "workspaces:DescribeWorkspaceBundles", "workspaces:DescribeWorkspaceDirectories", "workspaces:DescribeWorkspaceImagePermissions", "workspaces:DescribeWorkspaceImages", "workspaces:DescribeWorkspaceSnapshots", "workspaces:DescribeWorkspaces", "workspaces:DescribeWorkspacesConnectionStatus", "workspaces:DisassociateConnectionAlias", "workspaces:DisassociateIpGroups", "workspaces:DisassociateWorkspaceApplication", "workspaces:GetAccountLink", "workspaces:ImportClientBranding", "workspaces:ImportWorkspaceImage", "workspaces:ListAccountLinks", "workspaces:ListAvailableManagementCidrRanges", "workspaces:MigrateWorkspace", "workspaces:ModifyAccount", "workspaces:ModifyCertificateBasedAuthProperties", "workspaces:ModifyClientProperties", "workspaces:ModifySamlProperties", "workspaces:ModifySelfservicePermissions", "workspaces:ModifyWorkspaceAccessProperties", "workspaces:ModifyWorkspaceCreationProperties", "workspaces:ModifyWorkspaceProperties", "workspaces:ModifyWorkspaceState", "workspaces:RebootWorkspaces", "workspaces:RebuildWorkspaces", "workspaces:RegisterWorkspaceDirectory", "workspaces:RejectAccountLinkInvitation", "workspaces:RestoreWorkspace", "workspaces:RevokeIpRules", "workspaces:StartWorkspaces", "workspaces:StopWorkspaces", "workspaces:Stream", "workspaces:TerminateWorkspaces", "workspaces:UpdateConnectClientAddIn", "workspaces:UpdateConnectionAliasPermission", "workspaces:UpdateRulesOfIpGroup", "workspaces:UpdateWorkspaceBundle", "workspaces:UpdateWorkspaceImagePermission", "workspaces-web:AssociateBrowserSettings", "workspaces-web:AssociateIpAccessSettings", "workspaces-web:AssociateNetworkSettings", "workspaces-web:AssociateTrustStore", "workspaces-web:AssociateUserAccessLoggingSettings", "workspaces-web:AssociateUserSettings", "workspaces-web:CreateBrowserSettings", "workspaces-web:CreateIdentityProvider", "workspaces-web:CreateIpAccessSettings", "workspaces-web:CreateNetworkSettings", "workspaces-web:CreatePortal", "workspaces-web:CreateTrustStore", "workspaces-web:CreateUserAccessLoggingSettings", "workspaces-web:CreateUserSettings", "workspaces-web:DeleteBrowserSettings", "workspaces-web:DeleteIdentityProvider", "workspaces-web:DeleteIpAccessSettings", "workspaces-web:DeleteNetworkSettings", "workspaces-web:DeletePortal", "workspaces-web:DeleteTrustStore", "workspaces-web:DeleteUserAccessLoggingSettings", "workspaces-web:DeleteUserSettings", "workspaces-web:DisassociateBrowserSettings", "workspaces-web:DisassociateIpAccessSettings", "workspaces-web:DisassociateNetworkSettings", "workspaces-web:DisassociateTrustStore", "workspaces-web:DisassociateUserAccessLoggingSettings", "workspaces-web:DisassociateUserSettings", "workspaces-web:GetBrowserSettings", "workspaces-web:GetIdentityProvider", "workspaces-web:GetIpAccessSettings", "workspaces-web:GetNetworkSettings", "workspaces-web:GetPortal", "workspaces-web:GetPortalServiceProviderMetadata", "workspaces-web:GetTrustStore", "workspaces-web:GetTrustStoreCertificate", "workspaces-web:GetUserAccessLoggingSettings", "workspaces-web:GetUserSettings", "workspaces-web:ListBrowserSettings", "workspaces-web:ListIdentityProviders", "workspaces-web:ListIpAccessSettings", "workspaces-web:ListNetworkSettings", "workspaces-web:ListPortals", "workspaces-web:ListTagsForResource", "workspaces-web:ListTrustStoreCertificates", "workspaces-web:ListTrustStores", "workspaces-web:ListUserAccessLoggingSettings", "workspaces-web:ListUserSettings", "workspaces-web:TagResource", "workspaces-web:UntagResource", "workspaces-web:UpdateBrowserSettings", "workspaces-web:UpdateIdentityProvider", "workspaces-web:UpdateIpAccessSettings", "workspaces-web:UpdateNetworkSettings", "workspaces-web:UpdatePortal", "workspaces-web:UpdateTrustStore", "workspaces-web:UpdateUserAccessLoggingSettings", "workspaces-web:UpdateUserSettings", "xray:BatchGetTraceSummaryById", "xray:BatchGetTraces", "xray:CreateGroup", "xray:CreateSamplingRule", "xray:DeleteGroup", "xray:DeleteResourcePolicy", "xray:DeleteSamplingRule", "xray:GetDistinctTraceGraphs", "xray:GetEncryptionConfig", "xray:GetGroup", "xray:GetGroups", "xray:GetInsight", "xray:GetInsightEvents", "xray:GetInsightImpactGraph", "xray:GetInsightSummaries", "xray:GetSamplingRules", "xray:GetSamplingStatisticSummaries", "xray:GetSamplingTargets", "xray:GetServiceGraph", "xray:GetTimeSeriesServiceStatistics", "xray:GetTraceGraph", "xray:GetTraceSummaries", "xray:Link", "xray:ListResourcePolicies", "xray:ListTagsForResource", "xray:PutEncryptionConfig", "xray:PutResourcePolicy", "xray:PutTelemetryRecords", "xray:PutTraceSegments", "xray:TagResource", "xray:UntagResource", "xray:UpdateGroup", "xray:UpdateSamplingRule" ], "malformed": false, "name": "AdministratorAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": true, "unknown_actions": false, "updatedate": "2015-02-06T18:39:46+00:00", "version": "v1" }, { "access_levels": [], "arn": "arn:aws:iam::aws:policy/AWSIAMIdentityCenterAllowListForIdentityContext", "createdate": "2024-04-19T18:58:23Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [], "malformed": true, "name": "AWSIAMIdentityCenterAllowListForIdentityContext", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-19T18:58:23+00:00", "version": "v4" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonCodeCatalystSupportAccess", "createdate": "2023-04-20T12:34:44Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "support:DescribeAttachment", "support:DescribeCaseAttributes", "support:DescribeCases", "support:DescribeCommunications", "support:DescribeIssueTypes", "support:DescribeServices", "support:DescribeSeverityLevels", "support:DescribeSupportLevel", "support:SearchForCases", "support:AddAttachmentsToSet", "support:AddCommunicationToCase", "support:CreateCase", "support:InitiateCallForCase", "support:InitiateChatForCase", "support:PutCaseAttributes", "support:RateCaseCommunication", "support:ResolveCase" ], "malformed": false, "name": "AmazonCodeCatalystSupportAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-20T12:34:44+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSElasticBeanstalkWorkerTier", "createdate": "2020-09-09T19:53:40Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudwatch:PutMetricData", "xray:PutTraceSegments", "xray:PutTelemetryRecords", "xray:GetSamplingRules", "xray:GetSamplingTargets", "xray:GetSamplingStatisticSummaries", "sqs:ChangeMessageVisibility", "sqs:DeleteMessage", "sqs:ReceiveMessage", "sqs:SendMessage", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:PutObject", "dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:DeleteItem", "dynamodb:GetItem", "dynamodb:PutItem", "dynamodb:Query", "dynamodb:Scan", "dynamodb:UpdateItem", "logs:PutLogEvents", "logs:CreateLogStream", "elasticbeanstalk:PutInstanceStatistics" ], "malformed": false, "name": "AWSElasticBeanstalkWorkerTier", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-09-09T19:53:40+00:00", "version": "v6" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSAppSyncInvokeFullAccess", "createdate": "2018-03-20T21:21:20Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "appsync:GraphQL", "appsync:GetGraphqlApi", "appsync:ListGraphqlApis", "appsync:ListApiKeys" ], "malformed": false, "name": "AWSAppSyncInvokeFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-03-20T21:21:20+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/EC2InstanceProfileForImageBuilderECRContainerBuilds", "createdate": "2020-12-11T19:48:15Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "imagebuilder:GetComponent", "imagebuilder:GetContainerRecipe", "ecr:GetAuthorizationToken", "ecr:BatchGetImage", "ecr:InitiateLayerUpload", "ecr:UploadLayerPart", "ecr:CompleteLayerUpload", "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:PutImage", "kms:Decrypt", "s3:GetObject", "logs:CreateLogStream", "logs:CreateLogGroup", "logs:PutLogEvents" ], "malformed": false, "name": "EC2InstanceProfileForImageBuilderECRContainerBuilds", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-11T19:48:15+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSElasticLoadBalancingServiceRolePolicy", "createdate": "2021-08-26T19:01:48Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeAddresses", "ec2:DescribeCoipPools", "ec2:DescribeInstances", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "ec2:DescribeVpcs", "ec2:DescribeInternetGateways", "ec2:DescribeAccountAttributes", "ec2:DescribeClassicLinkInstances", "ec2:DescribeVpcClassicLink", "ec2:CreateSecurityGroup", "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:GetCoipPoolUsage", "ec2:ModifyNetworkInterfaceAttribute", "ec2:AllocateAddress", "ec2:AuthorizeSecurityGroupIngress", "ec2:AssociateAddress", "ec2:DisassociateAddress", "ec2:AttachNetworkInterface", "ec2:DetachNetworkInterface", "ec2:AssignPrivateIpAddresses", "ec2:AssignIpv6Addresses", "ec2:ReleaseAddress", "ec2:UnassignIpv6Addresses", "ec2:DescribeVpcPeeringConnections", "logs:CreateLogDelivery", "logs:GetLogDelivery", "logs:UpdateLogDelivery", "logs:DeleteLogDelivery", "logs:ListLogDeliveries", "outposts:GetOutpostInstanceTypes" ], "malformed": false, "name": "AWSElasticLoadBalancingServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-08-26T19:01:48+00:00", "version": "v7" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonEventBridgeSchemasReadOnlyAccess", "createdate": "2020-05-01T00:50:53Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "schemas:ListDiscoverers", "schemas:DescribeDiscoverer", "schemas:ListRegistries", "schemas:DescribeRegistry", "schemas:SearchSchemas", "schemas:ListSchemas", "schemas:ListSchemaVersions", "schemas:DescribeSchema", "schemas:GetDiscoveredSchema", "schemas:DescribeCodeBinding", "schemas:GetCodeBindingSource", "schemas:ListTagsForResource", "schemas:GetResourcePolicy" ], "malformed": false, "name": "AmazonEventBridgeSchemasReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-05-01T00:50:53+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSCodeBuildReadOnlyAccess", "createdate": "2020-09-14T16:04:04Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "codebuild:BatchGetBuildBatches", "codebuild:BatchGetBuilds", "codebuild:BatchGetFleets", "codebuild:BatchGetProjects", "codebuild:BatchGetReportGroups", "codebuild:BatchGetReports", "codebuild:GetResourcePolicy", "codebuild:ListBuildBatches", "codebuild:ListBuildBatchesForProject", "codebuild:ListBuilds", "codebuild:ListBuildsForProject", "codebuild:ListConnectedOAuthAccounts", "codebuild:ListCuratedEnvironmentImages", "codebuild:ListFleets", "codebuild:ListProjects", "codebuild:ListReportGroups", "codebuild:ListReports", "codebuild:ListReportsForReportGroup", "codebuild:ListRepositories", "codebuild:ListSharedProjects", "codebuild:ListSharedReportGroups", "codebuild:ListSourceCredentials", "codebuild:DescribeTestCases", "codebuild:DescribeCodeCoverages", "codecommit:GetBranch", "codecommit:GetCommit", "codecommit:GetRepository", "cloudwatch:GetMetricStatistics", "events:DescribeRule", "events:ListTargetsByRule", "events:ListRuleNamesByTarget", "logs:GetLogEvents", "codestar-connections:ListConnections", "codestar-connections:GetConnection", "codestar-notifications:DescribeNotificationRule", "codestar-notifications:ListNotificationRules", "codestar-notifications:ListEventTypes", "codestar-notifications:ListTargets" ], "malformed": false, "name": "AWSCodeBuildReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-09-14T16:04:04+00:00", "version": "v11" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSDeadlineCloud-UserAccessFleets", "createdate": "2024-04-01T17:01:50Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "identitystore:DescribeGroup", "identitystore:DescribeUser", "identitystore:ListGroupMembershipsForMember", "deadline:GetApplicationVersion", "ec2:DescribeInstanceTypes", "identitystore:ListUsers", "deadline:AssociateMemberToFleet", "deadline:DisassociateMemberFromFleet", "deadline:AssociateMemberToFleet", "deadline:DisassociateMemberFromFleet", "deadline:ListFleetMembers", "deadline:AssumeFleetRoleForRead", "deadline:GetFleet", "deadline:GetQueueFleetAssociation", "deadline:GetWorker", "deadline:ListQueueFleetAssociations", "deadline:ListSessionsForWorker", "deadline:ListWorkers", "deadline:SearchWorkers", "deadline:ListFleets" ], "malformed": false, "name": "AWSDeadlineCloud-UserAccessFleets", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-01T17:01:50+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonCloudDirectoryFullAccess", "createdate": "2017-02-25T00:41:39Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "clouddirectory:AddFacetToObject", "clouddirectory:ApplySchema", "clouddirectory:AttachObject", "clouddirectory:AttachPolicy", "clouddirectory:AttachToIndex", "clouddirectory:AttachTypedLink", "clouddirectory:BatchRead", "clouddirectory:BatchWrite", "clouddirectory:CreateDirectory", "clouddirectory:CreateFacet", "clouddirectory:CreateIndex", "clouddirectory:CreateObject", "clouddirectory:CreateSchema", "clouddirectory:CreateTypedLinkFacet", "clouddirectory:DeleteDirectory", "clouddirectory:DeleteFacet", "clouddirectory:DeleteObject", "clouddirectory:DeleteSchema", "clouddirectory:DeleteTypedLinkFacet", "clouddirectory:DetachFromIndex", "clouddirectory:DetachObject", "clouddirectory:DetachPolicy", "clouddirectory:DetachTypedLink", "clouddirectory:DisableDirectory", "clouddirectory:EnableDirectory", "clouddirectory:GetAppliedSchemaVersion", "clouddirectory:GetDirectory", "clouddirectory:GetFacet", "clouddirectory:GetLinkAttributes", "clouddirectory:GetObjectAttributes", "clouddirectory:GetObjectInformation", "clouddirectory:GetSchemaAsJson", "clouddirectory:GetTypedLinkFacetInformation", "clouddirectory:ListAppliedSchemaArns", "clouddirectory:ListAttachedIndices", "clouddirectory:ListDevelopmentSchemaArns", "clouddirectory:ListDirectories", "clouddirectory:ListFacetAttributes", "clouddirectory:ListFacetNames", "clouddirectory:ListIncomingTypedLinks", "clouddirectory:ListIndex", "clouddirectory:ListManagedSchemaArns", "clouddirectory:ListObjectAttributes", "clouddirectory:ListObjectChildren", "clouddirectory:ListObjectParentPaths", "clouddirectory:ListObjectParents", "clouddirectory:ListObjectPolicies", "clouddirectory:ListOutgoingTypedLinks", "clouddirectory:ListPolicyAttachments", "clouddirectory:ListPublishedSchemaArns", "clouddirectory:ListTagsForResource", "clouddirectory:ListTypedLinkFacetAttributes", "clouddirectory:ListTypedLinkFacetNames", "clouddirectory:LookupPolicy", "clouddirectory:PublishSchema", "clouddirectory:PutSchemaFromJson", "clouddirectory:RemoveFacetFromObject", "clouddirectory:TagResource", "clouddirectory:UntagResource", "clouddirectory:UpdateFacet", "clouddirectory:UpdateLinkAttributes", "clouddirectory:UpdateObjectAttributes", "clouddirectory:UpdateSchema", "clouddirectory:UpdateTypedLinkFacet", "clouddirectory:UpgradeAppliedSchema", "clouddirectory:UpgradePublishedSchema" ], "malformed": false, "name": "AmazonCloudDirectoryFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-02-25T00:41:39+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonWorkspacesPCAAccess", "createdate": "2022-11-08T00:25:55Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "acm-pca:IssueCertificate", "acm-pca:GetCertificate", "acm-pca:DescribeCertificateAuthority" ], "malformed": false, "name": "AmazonWorkspacesPCAAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-08T00:25:55+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonGlacierFullAccess", "createdate": "2015-02-06T18:40:28Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "glacier:AbortMultipartUpload", "glacier:AbortVaultLock", "glacier:AddTagsToVault", "glacier:CompleteMultipartUpload", "glacier:CompleteVaultLock", "glacier:CreateVault", "glacier:DeleteArchive", "glacier:DeleteVault", "glacier:DeleteVaultAccessPolicy", "glacier:DeleteVaultNotifications", "glacier:DescribeJob", "glacier:DescribeVault", "glacier:GetDataRetrievalPolicy", "glacier:GetJobOutput", "glacier:GetVaultAccessPolicy", "glacier:GetVaultLock", "glacier:GetVaultNotifications", "glacier:InitiateJob", "glacier:InitiateMultipartUpload", "glacier:InitiateVaultLock", "glacier:ListJobs", "glacier:ListMultipartUploads", "glacier:ListParts", "glacier:ListProvisionedCapacity", "glacier:ListTagsForVault", "glacier:ListVaults", "glacier:PurchaseProvisionedCapacity", "glacier:RemoveTagsFromVault", "glacier:SetDataRetrievalPolicy", "glacier:SetVaultAccessPolicy", "glacier:SetVaultNotifications", "glacier:UploadArchive", "glacier:UploadMultipartPart" ], "malformed": false, "name": "AmazonGlacierFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:40:28+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRolePolicyForBackupReports", "createdate": "2023-03-10T00:51:25Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "backup:DescribeFramework", "backup:ListBackupJobs", "backup:ListRestoreJobs", "backup:ListCopyJobs", "config:DescribeConfigurationRecorders", "config:DescribeConfigurationRecorderStatus", "config:BatchGetResourceConfig", "config:SelectResourceConfig", "config:DescribeConfigurationAggregators", "config:SelectAggregateResourceConfig", "config:DescribeConfigRuleEvaluationStatus", "config:DescribeConfigRules", "s3:GetBucketLocation", "config:GetComplianceDetailsByConfigRule", "config:PutConfigRule", "config:DeleteConfigRule", "config:DeleteConfigurationAggregator", "config:PutConfigurationAggregator" ], "malformed": false, "name": "AWSServiceRolePolicyForBackupReports", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-10T00:51:25+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy", "createdate": "2023-02-07T17:33:23Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "autoscaling:DescribeAutoScalingGroups", "autoscaling:UpdateAutoScalingGroup", "ec2:AttachVolume", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateRoute", "ec2:CreateSecurityGroup", "ec2:CreateTags", "ec2:CreateVolume", "ec2:DeleteRoute", "ec2:DeleteSecurityGroup", "ec2:DeleteVolume", "ec2:DescribeInstances", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", "ec2:DescribeDhcpOptions", "ec2:DescribeNetworkInterfaces", "ec2:DescribeAvailabilityZones", "ec2:DetachVolume", "ec2:ModifyInstanceAttribute", "ec2:ModifyVolume", "ec2:RevokeSecurityGroupIngress", "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DescribeInternetGateways", "elasticloadbalancing:AddTags", "elasticloadbalancing:ApplySecurityGroupsToLoadBalancer", "elasticloadbalancing:AttachLoadBalancerToSubnets", "elasticloadbalancing:ConfigureHealthCheck", "elasticloadbalancing:CreateListener", "elasticloadbalancing:CreateLoadBalancer", "elasticloadbalancing:CreateLoadBalancerListeners", "elasticloadbalancing:CreateLoadBalancerPolicy", "elasticloadbalancing:CreateTargetGroup", "elasticloadbalancing:DeleteListener", "elasticloadbalancing:DeleteLoadBalancer", "elasticloadbalancing:DeleteLoadBalancerListeners", "elasticloadbalancing:DeleteTargetGroup", "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:DeregisterTargets", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DetachLoadBalancerFromSubnets", "elasticloadbalancing:ModifyListener", "elasticloadbalancing:ModifyLoadBalancerAttributes", "elasticloadbalancing:ModifyTargetGroup", "elasticloadbalancing:ModifyTargetGroupAttributes", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer", "elasticloadbalancing:SetLoadBalancerPoliciesOfListener", "kms:DescribeKey", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonEKSClusterPolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-02-07T17:33:23+00:00", "version": "v6" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSImageBuilderFullAccess", "createdate": "2021-04-13T17:33:42Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "imagebuilder:CancelImageCreation", "imagebuilder:CancelLifecycleExecution", "imagebuilder:CreateComponent", "imagebuilder:CreateContainerRecipe", "imagebuilder:CreateDistributionConfiguration", "imagebuilder:CreateImage", "imagebuilder:CreateImagePipeline", "imagebuilder:CreateImageRecipe", "imagebuilder:CreateInfrastructureConfiguration", "imagebuilder:CreateLifecyclePolicy", "imagebuilder:CreateWorkflow", "imagebuilder:DeleteComponent", "imagebuilder:DeleteContainerRecipe", "imagebuilder:DeleteDistributionConfiguration", "imagebuilder:DeleteImage", "imagebuilder:DeleteImagePipeline", "imagebuilder:DeleteImageRecipe", "imagebuilder:DeleteInfrastructureConfiguration", "imagebuilder:DeleteLifecyclePolicy", "imagebuilder:DeleteWorkflow", "imagebuilder:GetComponent", "imagebuilder:GetComponentPolicy", "imagebuilder:GetContainerRecipe", "imagebuilder:GetContainerRecipePolicy", "imagebuilder:GetDistributionConfiguration", "imagebuilder:GetImage", "imagebuilder:GetImagePipeline", "imagebuilder:GetImagePolicy", "imagebuilder:GetImageRecipe", "imagebuilder:GetImageRecipePolicy", "imagebuilder:GetInfrastructureConfiguration", "imagebuilder:GetLifecycleExecution", "imagebuilder:GetLifecyclePolicy", "imagebuilder:GetWorkflow", "imagebuilder:GetWorkflowExecution", "imagebuilder:GetWorkflowStepExecution", "imagebuilder:ImportComponent", "imagebuilder:ImportVmImage", "imagebuilder:ListComponentBuildVersions", "imagebuilder:ListComponents", "imagebuilder:ListContainerRecipes", "imagebuilder:ListDistributionConfigurations", "imagebuilder:ListImageBuildVersions", "imagebuilder:ListImagePackages", "imagebuilder:ListImagePipelineImages", "imagebuilder:ListImagePipelines", "imagebuilder:ListImageRecipes", "imagebuilder:ListImageScanFindingAggregations", "imagebuilder:ListImageScanFindings", "imagebuilder:ListImages", "imagebuilder:ListInfrastructureConfigurations", "imagebuilder:ListLifecycleExecutionResources", "imagebuilder:ListLifecycleExecutions", "imagebuilder:ListLifecyclePolicies", "imagebuilder:ListTagsForResource", "imagebuilder:ListWaitingWorkflowSteps", "imagebuilder:ListWorkflowBuildVersions", "imagebuilder:ListWorkflowExecutions", "imagebuilder:ListWorkflowStepExecutions", "imagebuilder:ListWorkflows", "imagebuilder:PutComponentPolicy", "imagebuilder:PutContainerRecipePolicy", "imagebuilder:PutImagePolicy", "imagebuilder:PutImageRecipePolicy", "imagebuilder:SendWorkflowStepAction", "imagebuilder:StartImagePipelineExecution", "imagebuilder:StartResourceStateUpdate", "imagebuilder:TagResource", "imagebuilder:UntagResource", "imagebuilder:UpdateDistributionConfiguration", "imagebuilder:UpdateImagePipeline", "imagebuilder:UpdateInfrastructureConfiguration", "imagebuilder:UpdateLifecyclePolicy", "sns:ListTopics", "sns:Publish", "license-manager:ListLicenseConfigurations", "license-manager:ListLicenseSpecificationsForResource", "iam:GetRole", "iam:GetInstanceProfile", "iam:ListInstanceProfiles", "iam:ListRoles", "iam:PassRole", "s3:ListAllMyBuckets", "s3:GetBucketLocation", "s3:ListBucket", "iam:CreateServiceLinkedRole", "ec2:DescribeImages", "ec2:DescribeSnapshots", "ec2:DescribeVpcs", "ec2:DescribeRegions", "ec2:DescribeVolumes", "ec2:DescribeSubnets", "ec2:DescribeKeyPairs", "ec2:DescribeSecurityGroups", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeLaunchTemplates" ], "malformed": false, "name": "AWSImageBuilderFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-04-13T17:33:42+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSElasticBeanstalkWebTier", "createdate": "2020-09-09T19:38:36Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:PutObject", "xray:PutTraceSegments", "xray:PutTelemetryRecords", "xray:GetSamplingRules", "xray:GetSamplingTargets", "xray:GetSamplingStatisticSummaries", "logs:PutLogEvents", "logs:CreateLogStream", "logs:DescribeLogStreams", "logs:DescribeLogGroups", "elasticbeanstalk:PutInstanceStatistics" ], "malformed": false, "name": "AWSElasticBeanstalkWebTier", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-09-09T19:38:36+00:00", "version": "v7" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSS3OnOutpostsServiceRolePolicy", "createdate": "2023-10-03T20:32:36Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "ec2:DescribeNetworkInterfaces", "ec2:DescribeVpcs", "ec2:DescribeCoipPools", "ec2:GetCoipPoolUsage", "ec2:DescribeAddresses", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterface", "ec2:AllocateAddress", "ec2:AllocateAddress", "ec2:ModifyNetworkInterfaceAttribute", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DisassociateAddress", "ec2:ReleaseAddress", "ec2:AssociateAddress", "ec2:CreateTags" ], "malformed": false, "name": "AWSS3OnOutpostsServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-10-03T20:32:36+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": null, "createdate": "2019-09-23T18:37:21Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [ "worklink:DescribeAuditStreamConfiguration", "worklink:DescribeCompanyNetworkConfiguration", "worklink:DescribeDevice", "worklink:DescribeDevicePolicyConfiguration", "worklink:DescribeDomain", "worklink:DescribeFleetMetadata", "worklink:DescribeIdentityProviderConfiguration", "worklink:DescribeWebsiteCertificateAuthority", "worklink:ListDevices", "worklink:ListDomains", "worklink:ListFleets", "worklink:ListTagsForResource", "worklink:ListWebsiteAuthorizationProviders", "worklink:ListWebsiteCertificateAuthorities", "worklink:SearchEntity" ], "malformed": false, "name": "AmazonWorkLinkReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonDetectiveInvestigatorAccess", "createdate": "2023-11-27T03:13:25Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "detective:BatchGetGraphMemberDatasources", "detective:BatchGetMembershipDatasources", "detective:DescribeOrganizationConfiguration", "detective:GetFreeTrialEligibility", "detective:GetGraphIngestState", "detective:GetMembers", "detective:GetPricingInformation", "detective:GetUsageInformation", "detective:ListDatasourcePackages", "detective:ListGraphs", "detective:ListHighDegreeEntities", "detective:ListInvitations", "detective:ListMembers", "detective:ListOrganizationAdminAccount", "detective:ListTagsForResource", "detective:SearchGraph", "detective:StartInvestigation", "detective:GetInvestigation", "detective:ListInvestigations", "detective:UpdateInvestigationState", "detective:ListIndicators", "detective:InvokeAssistant", "organizations:DescribeOrganization", "organizations:ListAccounts", "guardduty:ArchiveFindings", "guardduty:GetFindings", "guardduty:ListDetectors", "securityhub:GetFindings" ], "malformed": false, "name": "AmazonDetectiveInvestigatorAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-27T03:13:25+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/CloudFormationStackSetsOrgAdminServiceRolePolicy", "createdate": "2019-12-10T00:20:05Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:ListAWSServiceAccessForOrganization", "organizations:ListAccounts", "organizations:ListAccountsForParent", "organizations:ListChildren", "organizations:ListCreateAccountStatus", "organizations:ListDelegatedAdministrators", "organizations:ListDelegatedServicesForAccount", "organizations:ListHandshakesForAccount", "organizations:ListHandshakesForOrganization", "organizations:ListOrganizationalUnitsForParent", "organizations:ListParents", "organizations:ListPolicies", "organizations:ListPoliciesForTarget", "organizations:ListRoots", "organizations:ListTagsForResource", "organizations:ListTargetsForPolicy", "organizations:DescribeAccount", "organizations:DescribeCreateAccountStatus", "organizations:DescribeEffectivePolicy", "organizations:DescribeHandshake", "organizations:DescribeOrganization", "organizations:DescribeOrganizationalUnit", "organizations:DescribePolicy", "organizations:DescribeResourcePolicy", "sts:AssumeRole" ], "malformed": false, "name": "CloudFormationStackSetsOrgAdminServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-12-10T00:20:05+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": null, "createdate": "2018-09-06T18:04:54Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "cloudformation:DescribeChangeSet", "cloudformation:DescribeStackResources", "cloudformation:DescribeStacks", "cloudformation:GetTemplate", "cloudformation:ListStackResources", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "cognito-identity:ListIdentityPools", "cognito-sync:GetCognitoEvents", "dynamodb:BatchGetItem", "dynamodb:DescribeStream", "dynamodb:DescribeTable", "dynamodb:GetItem", "dynamodb:ListStreams", "dynamodb:ListTables", "dynamodb:Query", "dynamodb:Scan", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "events:DescribeApiDestination", "events:DescribeArchive", "events:DescribeConnection", "events:DescribeEndpoint", "events:DescribeEventBus", "events:DescribeEventSource", "events:DescribePartnerEventSource", "events:DescribeReplay", "events:DescribeRule", "events:ListApiDestinations", "events:ListArchives", "events:ListConnections", "events:ListEndpoints", "events:ListEventBuses", "events:ListEventSources", "events:ListPartnerEventSourceAccounts", "events:ListPartnerEventSources", "events:ListReplays", "events:ListRuleNamesByTarget", "events:ListRules", "events:ListTagsForResource", "events:ListTargetsByRule", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:GetRole", "iam:GetRolePolicy", "iam:ListAttachedRolePolicies", "iam:ListRolePolicies", "iam:ListRoles", "iot:DescribeEndpoint", "iot:GetTopicRule", "iot:ListPolicies", "iot:ListThings", "iot:ListTopicRules", "kinesis:DescribeStream", "kinesis:ListStreams", "kms:ListAliases", "lambda:GetAccountSettings", "lambda:GetAlias", "lambda:GetCodeSigningConfig", "lambda:GetEventSourceMapping", "lambda:GetFunction", "lambda:GetFunctionCodeSigningConfig", "lambda:GetFunctionConcurrency", "lambda:GetFunctionConfiguration", "lambda:GetFunctionEventInvokeConfig", "lambda:GetFunctionUrlConfig", "lambda:GetLayerVersion", "lambda:GetLayerVersionPolicy", "lambda:GetPolicy", "lambda:GetProvisionedConcurrencyConfig", "lambda:GetRuntimeManagementConfig", "lambda:ListAliases", "lambda:ListCodeSigningConfigs", "lambda:ListEventSourceMappings", "lambda:ListFunctionEventInvokeConfigs", "lambda:ListFunctionUrlConfigs", "lambda:ListFunctions", "lambda:ListFunctionsByCodeSigningConfig", "lambda:ListLayerVersions", "lambda:ListLayers", "lambda:ListProvisionedConcurrencyConfigs", "lambda:ListTags", "lambda:ListVersionsByFunction", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:GetLogEvents", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTopics", "sqs:ListQueues", "tag:GetResources" ], "malformed": false, "name": "AWSLambdaReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v8" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSElasticBeanstalkMaintenance", "createdate": "2019-06-04T17:48:27Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudformation:CreateChangeSet", "cloudformation:DescribeChangeSet", "cloudformation:ExecuteChangeSet", "cloudformation:DeleteChangeSet", "cloudformation:ListChangeSets", "cloudformation:DescribeStacks", "elasticloadbalancing:DescribeLoadBalancers" ], "malformed": false, "name": "AWSElasticBeanstalkMaintenance", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-04T17:48:27+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonDocDBElasticFullAccess", "createdate": "2023-06-21T18:05:47Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "docdb-elastic:CreateCluster", "docdb-elastic:UpdateCluster", "docdb-elastic:GetCluster", "docdb-elastic:DeleteCluster", "docdb-elastic:ListClusters", "docdb-elastic:CreateClusterSnapshot", "docdb-elastic:GetClusterSnapshot", "docdb-elastic:DeleteClusterSnapshot", "docdb-elastic:ListClusterSnapshots", "docdb-elastic:RestoreClusterFromSnapshot", "docdb-elastic:TagResource", "docdb-elastic:UntagResource", "docdb-elastic:ListTagsForResource", "ec2:CreateVpcEndpoint", "ec2:DescribeVpcEndpoints", "ec2:DeleteVpcEndpoints", "ec2:ModifyVpcEndpoint", "ec2:DescribeVpcAttribute", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeAvailabilityZones", "secretsmanager:ListSecrets", "kms:Decrypt", "kms:DescribeKey", "kms:GenerateDataKey", "kms:CreateGrant", "secretsmanager:ListSecretVersionIds", "secretsmanager:DescribeSecret", "secretsmanager:GetSecretValue", "secretsmanager:GetResourcePolicy", "cloudwatch:GetMetricData", "cloudwatch:ListMetrics", "cloudwatch:GetMetricStatistics", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonDocDBElasticFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-06-21T18:05:47+00:00", "version": "v2" }, { "access_levels": [ "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryStagingAccountPolicy_v2", "createdate": "2023-11-27T13:32:09Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "drs:DescribeSourceServers", "drs:DescribeRecoverySnapshots", "drs:CreateConvertedSnapshotForDrs", "drs:GetReplicationConfiguration", "drs:DescribeJobs", "drs:DescribeJobLogItems", "ec2:ModifySnapshotAttribute", "drs:IssueAgentCertificateForDrs" ], "malformed": false, "name": "AWSElasticDisasterRecoveryStagingAccountPolicy_v2", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-27T13:32:09+00:00", "version": "v2" }, { "access_levels": [ "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonAPIGatewayAdministrator", "createdate": "2015-07-09T17:34:45Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "apigateway:DELETE", "apigateway:GET", "apigateway:PATCH", "apigateway:POST", "apigateway:PUT", "apigateway:AddCertificateToDomain", "apigateway:RemoveCertificateFromDomain", "apigateway:SetWebACL", "apigateway:UpdateRestApiPolicy" ], "malformed": false, "name": "AmazonAPIGatewayAdministrator", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-07-09T17:34:45+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSElementalMediaConvertFullAccess", "createdate": "2019-06-10T22:52:25Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mediaconvert:AssociateCertificate", "mediaconvert:CancelJob", "mediaconvert:CreateJob", "mediaconvert:CreateJobTemplate", "mediaconvert:CreatePreset", "mediaconvert:CreateQueue", "mediaconvert:DeleteJobTemplate", "mediaconvert:DeletePolicy", "mediaconvert:DeletePreset", "mediaconvert:DeleteQueue", "mediaconvert:DescribeEndpoints", "mediaconvert:DisassociateCertificate", "mediaconvert:GetJob", "mediaconvert:GetJobTemplate", "mediaconvert:GetPolicy", "mediaconvert:GetPreset", "mediaconvert:GetQueue", "mediaconvert:ListJobTemplates", "mediaconvert:ListJobs", "mediaconvert:ListPresets", "mediaconvert:ListQueues", "mediaconvert:ListTagsForResource", "mediaconvert:PutPolicy", "mediaconvert:TagResource", "mediaconvert:UntagResource", "mediaconvert:UpdateJobTemplate", "mediaconvert:UpdatePreset", "mediaconvert:UpdateQueue", "s3:ListAllMyBuckets", "s3:ListBucket", "iam:PassRole" ], "malformed": false, "name": "AWSElementalMediaConvertFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-10T22:52:25+00:00", "version": "v2" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSApplicationMigrationConversionServerPolicy", "createdate": "2021-04-07T06:48:58Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mgn:SendClientMetricsForMgn", "mgn:SendClientLogsForMgn", "mgn:GetChannelCommandsForMgn", "mgn:SendChannelCommandResultForMgn" ], "malformed": false, "name": "AWSApplicationMigrationConversionServerPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-04-07T06:48:58+00:00", "version": "v1" }, { "access_levels": [ "List", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonEKSForFargateServiceRolePolicy", "createdate": "2019-11-22T04:36:25Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterface", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeDhcpOptions", "ec2:DescribeRouteTables" ], "malformed": false, "name": "AmazonEKSForFargateServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-11-22T04:36:25+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/WAFRegionalLoggingServiceRolePolicy", "createdate": "2018-08-24T18:40:55Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "firehose:PutRecord", "firehose:PutRecordBatch" ], "malformed": false, "name": "WAFRegionalLoggingServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-08-24T18:40:55+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSMigrationHubOrchestratorServiceRolePolicy", "createdate": "2024-03-04T18:25:12Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "discovery:DescribeConfigurations", "discovery:ListConfigurations", "launchwizard:ListProvisionedApps", "launchwizard:DescribeProvisionedApp", "launchwizard:ListDeployments", "launchwizard:GetDeployment", "ec2:DescribeInstances", "ec2:CreateLaunchTemplateVersion", "ec2:ModifyLaunchTemplate", "ec2:DescribeLaunchTemplates", "mgh:GetHomeRegion", "ssm:SendCommand", "ssm:GetCommandInvocation", "ssm:CancelCommand", "ssm:DescribeInstanceInformation", "ssm:GetCommandInvocation", "s3:GetObject", "events:PutTargets", "events:DescribeRule", "events:DeleteRule", "events:PutRule", "events:RemoveTargets", "mgn:GetReplicationConfiguration", "mgn:GetLaunchConfiguration", "mgn:StartCutover", "mgn:FinalizeCutover", "mgn:StartTest", "mgn:UpdateReplicationConfiguration", "mgn:DescribeSourceServers", "mgn:MarkAsArchived", "mgn:ChangeServerLifeCycleState", "ec2:DescribeImportImageTasks", "s3:ListBucket" ], "malformed": false, "name": "AWSMigrationHubOrchestratorServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-04T18:25:12+00:00", "version": "v4" }, { "access_levels": [ "List" ], "arn": "arn:aws:iam::aws:policy/service-role/ROSAWorkerInstancePolicy", "createdate": "2023-04-20T22:35:32Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeInstances", "ec2:DescribeRegions" ], "malformed": false, "name": "ROSAWorkerInstancePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-20T22:35:32+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSManagedServicesDeploymentToolkitPolicy", "createdate": "2024-04-04T20:41:54Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:CreateBucket", "s3:DeleteBucket", "s3:DeleteBucketPolicy", "s3:DeleteObject", "s3:DeleteObjectTagging", "s3:DeleteObjectVersion", "s3:DeleteObjectVersionTagging", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketPolicy", "s3:GetBucketVersioning", "s3:GetLifecycleConfiguration", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:ListBucket", "s3:ListBucketVersions", "s3:PutBucketAcl", "s3:PutBucketLogging", "s3:PutBucketObjectLockConfiguration", "s3:PutBucketPolicy", "s3:PutBucketPublicAccessBlock", "s3:PutBucketTagging", "s3:PutBucketVersioning", "s3:PutEncryptionConfiguration", "s3:PutLifecycleConfiguration", "cloudformation:CreateChangeSet", "cloudformation:DeleteChangeSet", "cloudformation:DeleteStack", "cloudformation:DescribeChangeSet", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackResources", "cloudformation:DescribeStacks", "cloudformation:ExecuteChangeSet", "cloudformation:GetTemplate", "cloudformation:GetTemplateSummary", "cloudformation:TagResource", "cloudformation:UntagResource", "cloudformation:UpdateTerminationProtection", "ecr:BatchGetRepositoryScanningConfiguration", "ecr:CreateRepository", "ecr:DeleteLifecyclePolicy", "ecr:DeleteRepository", "ecr:DeleteRepositoryPolicy", "ecr:DescribeRepositories", "ecr:GetLifecyclePolicy", "ecr:ListTagsForResource", "ecr:PutImageScanningConfiguration", "ecr:PutImageTagMutability", "ecr:PutLifecyclePolicy", "ecr:SetRepositoryPolicy", "ecr:TagResource", "ecr:UntagResource" ], "malformed": false, "name": "AWSManagedServicesDeploymentToolkitPolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-04T20:41:54+00:00", "version": "v4" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonElasticTranscoder_ReadOnlyAccess", "createdate": "2019-06-10T22:48:32Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elastictranscoder:ReadJob", "elastictranscoder:ReadPipeline", "elastictranscoder:ReadPreset", "elastictranscoder:ListJobsByPipeline", "elastictranscoder:ListJobsByStatus", "elastictranscoder:ListPipelines", "elastictranscoder:ListPresets", "s3:ListAllMyBuckets", "s3:ListBucket", "iam:ListRoles", "sns:ListTopics" ], "malformed": false, "name": "AmazonElasticTranscoder_ReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-10T22:48:32+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonWorkMailFullAccess", "createdate": "2020-12-21T14:13:40Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ds:AuthorizeApplication", "ds:CheckAlias", "ds:CreateAlias", "ds:CreateDirectory", "ds:CreateIdentityPoolDirectory", "ds:DeleteDirectory", "ds:DescribeDirectories", "ds:GetDirectoryLimits", "ds:ListAuthorizedApplications", "ds:UnauthorizeApplication", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateNetworkInterface", "ec2:CreateSecurityGroup", "ec2:CreateSubnet", "ec2:CreateTags", "ec2:CreateVpc", "ec2:DeleteSecurityGroup", "ec2:DeleteSubnet", "ec2:DeleteVpc", "ec2:DescribeAvailabilityZones", "ec2:DescribeRouteTables", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "kms:DescribeKey", "kms:ListAliases", "lambda:ListFunctions", "route53:ChangeResourceRecordSets", "route53:ListHostedZones", "route53:ListResourceRecordSets", "route53:GetHostedZone", "route53domains:CheckDomainAvailability", "route53domains:ListDomains", "ses:CreateConfigurationSet", "ses:CreateConfigurationSetEventDestination", "ses:CreateDedicatedIpPool", "ses:CreateDeliverabilityTestReport", "ses:CreateEmailIdentity", "ses:DeleteConfigurationSet", "ses:DeleteConfigurationSetEventDestination", "ses:DeleteDedicatedIpPool", "ses:DeleteEmailIdentity", "ses:GetAccount", "ses:GetBlacklistReports", "ses:GetConfigurationSet", "ses:GetConfigurationSetEventDestinations", "ses:GetDedicatedIp", "ses:GetDedicatedIps", "ses:GetDeliverabilityDashboardOptions", "ses:GetDeliverabilityTestReport", "ses:GetDomainDeliverabilityCampaign", "ses:GetDomainStatisticsReport", "ses:GetEmailIdentity", "ses:ListConfigurationSets", "ses:ListDedicatedIpPools", "ses:ListDeliverabilityTestReports", "ses:ListDomainDeliverabilityCampaigns", "ses:ListEmailIdentities", "ses:ListTagsForResource", "ses:PutAccountDedicatedIpWarmupAttributes", "ses:PutAccountSendingAttributes", "ses:PutConfigurationSetDeliveryOptions", "ses:PutConfigurationSetReputationOptions", "ses:PutConfigurationSetSendingOptions", "ses:PutConfigurationSetTrackingOptions", "ses:PutDedicatedIpInPool", "ses:PutDedicatedIpWarmupAttributes", "ses:PutDeliverabilityDashboardOption", "ses:PutEmailIdentityDkimAttributes", "ses:PutEmailIdentityFeedbackAttributes", "ses:PutEmailIdentityMailFromAttributes", "ses:SendEmail", "ses:TagResource", "ses:UntagResource", "ses:UpdateConfigurationSetEventDestination", "ses:CloneReceiptRuleSet", "ses:CreateConfigurationSetTrackingOptions", "ses:CreateCustomVerificationEmailTemplate", "ses:CreateReceiptFilter", "ses:CreateReceiptRule", "ses:CreateReceiptRuleSet", "ses:CreateTemplate", "ses:DeleteConfigurationSetTrackingOptions", "ses:DeleteCustomVerificationEmailTemplate", "ses:DeleteIdentity", "ses:DeleteIdentityPolicy", "ses:DeleteReceiptFilter", "ses:DeleteReceiptRule", "ses:DeleteReceiptRuleSet", "ses:DeleteTemplate", "ses:DeleteVerifiedEmailAddress", "ses:DescribeActiveReceiptRuleSet", "ses:DescribeConfigurationSet", "ses:DescribeReceiptRule", "ses:DescribeReceiptRuleSet", "ses:GetAccountSendingEnabled", "ses:GetCustomVerificationEmailTemplate", "ses:GetIdentityDkimAttributes", "ses:GetIdentityMailFromDomainAttributes", "ses:GetIdentityNotificationAttributes", "ses:GetIdentityPolicies", "ses:GetIdentityVerificationAttributes", "ses:GetSendQuota", "ses:GetSendStatistics", "ses:GetTemplate", "ses:ListCustomVerificationEmailTemplates", "ses:ListIdentities", "ses:ListIdentityPolicies", "ses:ListReceiptFilters", "ses:ListReceiptRuleSets", "ses:ListTemplates", "ses:ListVerifiedEmailAddresses", "ses:PutIdentityPolicy", "ses:ReorderReceiptRuleSet", "ses:SendBounce", "ses:SendBulkTemplatedEmail", "ses:SendCustomVerificationEmail", "ses:SendRawEmail", "ses:SendTemplatedEmail", "ses:SetActiveReceiptRuleSet", "ses:SetIdentityDkimEnabled", "ses:SetIdentityFeedbackForwardingEnabled", "ses:SetIdentityHeadersInNotificationsEnabled", "ses:SetIdentityMailFromDomain", "ses:SetIdentityNotificationTopic", "ses:SetReceiptRulePosition", "ses:TestRenderTemplate", "ses:UpdateAccountSendingEnabled", "ses:UpdateConfigurationSetReputationMetricsEnabled", "ses:UpdateConfigurationSetSendingEnabled", "ses:UpdateConfigurationSetTrackingOptions", "ses:UpdateCustomVerificationEmailTemplate", "ses:UpdateReceiptRule", "ses:UpdateTemplate", "ses:VerifyDomainDkim", "ses:VerifyDomainIdentity", "ses:VerifyEmailAddress", "ses:VerifyEmailIdentity", "ses:BatchGetMetricData", "ses:CancelExportJob", "ses:CreateContact", "ses:CreateContactList", "ses:CreateEmailIdentityPolicy", "ses:CreateEmailTemplate", "ses:CreateExportJob", "ses:CreateImportJob", "ses:DeleteContact", "ses:DeleteContactList", "ses:DeleteEmailIdentityPolicy", "ses:DeleteEmailTemplate", "ses:DeleteSuppressedDestination", "ses:GetContact", "ses:GetContactList", "ses:GetDedicatedIpPool", "ses:GetEmailIdentityPolicies", "ses:GetEmailTemplate", "ses:GetExportJob", "ses:GetImportJob", "ses:GetMessageInsights", "ses:GetSuppressedDestination", "ses:ListContactLists", "ses:ListContacts", "ses:ListEmailTemplates", "ses:ListExportJobs", "ses:ListImportJobs", "ses:ListRecommendations", "ses:ListSuppressedDestinations", "ses:PutAccountDetails", "ses:PutAccountSuppressionAttributes", "ses:PutAccountVdmAttributes", "ses:PutConfigurationSetSuppressionOptions", "ses:PutConfigurationSetVdmOptions", "ses:PutDedicatedIpPoolScalingAttributes", "ses:PutEmailIdentityConfigurationSetAttributes", "ses:PutEmailIdentityDkimSigningAttributes", "ses:PutSuppressedDestination", "ses:SendBulkEmail", "ses:TestRenderEmailTemplate", "ses:UpdateContact", "ses:UpdateContactList", "ses:UpdateEmailIdentityPolicy", "ses:UpdateEmailTemplate", "workmail:AddMembersToGroup", "workmail:AllowVendedLogDeliveryForResource", "workmail:AssociateDelegateToResource", "workmail:AssociateMemberToGroup", "workmail:AssumeImpersonationRole", "workmail:CancelMailboxExportJob", "workmail:CreateAlias", "workmail:CreateAvailabilityConfiguration", "workmail:CreateGroup", "workmail:CreateImpersonationRole", "workmail:CreateInboundMailFlowRule", "workmail:CreateMailDomain", "workmail:CreateMobileDeviceAccessRule", "workmail:CreateOrganization", "workmail:CreateOutboundMailFlowRule", "workmail:CreateResource", "workmail:CreateSmtpGateway", "workmail:CreateUser", "workmail:DeleteAccessControlRule", "workmail:DeleteAlias", "workmail:DeleteAvailabilityConfiguration", "workmail:DeleteEmailMonitoringConfiguration", "workmail:DeleteGroup", "workmail:DeleteImpersonationRole", "workmail:DeleteInboundMailFlowRule", "workmail:DeleteMailDomain", "workmail:DeleteMailboxPermissions", "workmail:DeleteMobileDevice", "workmail:DeleteMobileDeviceAccessOverride", "workmail:DeleteMobileDeviceAccessRule", "workmail:DeleteOrganization", "workmail:DeleteOutboundMailFlowRule", "workmail:DeleteResource", "workmail:DeleteRetentionPolicy", "workmail:DeleteSmtpGateway", "workmail:DeleteUser", "workmail:DeregisterFromWorkMail", "workmail:DeregisterMailDomain", "workmail:DescribeDirectories", "workmail:DescribeEmailMonitoringConfiguration", "workmail:DescribeEntity", "workmail:DescribeGroup", "workmail:DescribeInboundDmarcSettings", "workmail:DescribeInboundMailFlowRule", "workmail:DescribeKmsKeys", "workmail:DescribeMailDomains", "workmail:DescribeMailGroups", "workmail:DescribeMailUsers", "workmail:DescribeMailboxExportJob", "workmail:DescribeOrganization", "workmail:DescribeOrganizations", "workmail:DescribeOutboundMailFlowRule", "workmail:DescribeResource", "workmail:DescribeSmtpGateway", "workmail:DescribeUser", "workmail:DisassociateDelegateFromResource", "workmail:DisassociateMemberFromGroup", "workmail:EnableMailDomain", "workmail:GetAccessControlEffect", "workmail:GetDefaultRetentionPolicy", "workmail:GetImpersonationRole", "workmail:GetImpersonationRoleEffect", "workmail:GetJournalingRules", "workmail:GetMailDomain", "workmail:GetMailDomainDetails", "workmail:GetMailGroupDetails", "workmail:GetMailboxDetails", "workmail:GetMobileDeviceAccessEffect", "workmail:GetMobileDeviceAccessOverride", "workmail:GetMobileDeviceDetails", "workmail:GetMobileDevicesForUser", "workmail:GetMobilePolicyDetails", "workmail:ListAccessControlRules", "workmail:ListAliases", "workmail:ListAvailabilityConfigurations", "workmail:ListGroupMembers", "workmail:ListGroups", "workmail:ListGroupsForEntity", "workmail:ListImpersonationRoles", "workmail:ListInboundMailFlowRules", "workmail:ListMailDomains", "workmail:ListMailboxExportJobs", "workmail:ListMailboxPermissions", "workmail:ListMembersInMailGroup", "workmail:ListMobileDeviceAccessOverrides", "workmail:ListMobileDeviceAccessRules", "workmail:ListOrganizations", "workmail:ListOutboundMailFlowRules", "workmail:ListResourceDelegates", "workmail:ListResources", "workmail:ListSmtpGateways", "workmail:ListTagsForResource", "workmail:ListUsers", "workmail:PutAccessControlRule", "workmail:PutEmailMonitoringConfiguration", "workmail:PutInboundDmarcSettings", "workmail:PutMailboxPermissions", "workmail:PutMobileDeviceAccessOverride", "workmail:PutRetentionPolicy", "workmail:RegisterMailDomain", "workmail:RegisterToWorkMail", "workmail:RemoveMembersFromGroup", "workmail:ResetPassword", "workmail:ResetUserPassword", "workmail:SearchMembers", "workmail:SetAdmin", "workmail:SetDefaultMailDomain", "workmail:SetJournalingRules", "workmail:SetMobilePolicyDetails", "workmail:StartMailboxExportJob", "workmail:TagResource", "workmail:TestAvailabilityConfiguration", "workmail:TestInboundMailFlowRules", "workmail:TestOutboundMailFlowRules", "workmail:UntagResource", "workmail:UpdateAvailabilityConfiguration", "workmail:UpdateDefaultMailDomain", "workmail:UpdateGroup", "workmail:UpdateImpersonationRole", "workmail:UpdateInboundMailFlowRule", "workmail:UpdateMailboxQuota", "workmail:UpdateMobileDeviceAccessRule", "workmail:UpdateOutboundMailFlowRule", "workmail:UpdatePrimaryEmailAddress", "workmail:UpdateResource", "workmail:UpdateSmtpGateway", "workmail:UpdateUser", "workmail:WipeMobileDevice", "iam:ListRoles", "logs:DescribeLogGroups", "logs:CreateLogGroup", "logs:PutRetentionPolicy", "cloudwatch:GetMetricData", "iam:CreateServiceLinkedRole", "iam:DeleteServiceLinkedRole", "iam:GetServiceLinkedRoleDeletionStatus", "iam:PassRole" ], "malformed": false, "name": "AmazonWorkMailFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-21T14:13:40+00:00", "version": "v10" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSCodeDeployRoleForLambda", "createdate": "2019-12-03T19:53:10Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudwatch:DescribeAlarms", "lambda:UpdateAlias", "lambda:GetAlias", "lambda:GetProvisionedConcurrencyConfig", "sns:Publish", "s3:GetObject", "s3:GetObjectVersion", "s3:GetObject", "s3:GetObjectVersion", "lambda:InvokeFunction" ], "malformed": false, "name": "AWSCodeDeployRoleForLambda", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-12-03T19:53:10+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonSageMakerCanvasBedrockAccess", "createdate": "2024-02-02T18:37:25Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:GetObject", "s3:PutObject", "s3:ListBucket" ], "malformed": false, "name": "AmazonSageMakerCanvasBedrockAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-02T18:37:25+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSBackupOperatorAccess", "createdate": "2023-09-06T20:45:05Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "backup:GetBackupPlan", "backup:GetBackupPlanFromJSON", "backup:GetBackupPlanFromTemplate", "backup:GetBackupSelection", "backup:GetBackupVaultAccessPolicy", "backup:GetBackupVaultNotifications", "backup:GetBackupVaultSharingPolicy", "backup:GetLegalHold", "backup:GetRecoveryPointRestoreMetadata", "backup:GetRestoreJobMetadata", "backup:GetRestoreTestingInferredMetadata", "backup:GetRestoreTestingPlan", "backup:GetRestoreTestingSelection", "backup:GetSupportedResourceTypes", "backup:ListBackupJobSummaries", "backup:ListBackupJobs", "backup:ListBackupPlanTemplates", "backup:ListBackupPlanVersions", "backup:ListBackupPlans", "backup:ListBackupSelections", "backup:ListBackupVaults", "backup:ListCopyJobSummaries", "backup:ListCopyJobs", "backup:ListFrameworks", "backup:ListLegalHolds", "backup:ListProtectedResources", "backup:ListProtectedResourcesByBackupVault", "backup:ListRecoveryPointsByBackupVault", "backup:ListRecoveryPointsByLegalHold", "backup:ListRecoveryPointsByResource", "backup:ListReportJobs", "backup:ListReportPlans", "backup:ListRestoreJobSummaries", "backup:ListRestoreJobs", "backup:ListRestoreJobsByProtectedResource", "backup:ListRestoreTestingPlans", "backup:ListRestoreTestingSelections", "backup:ListTags", "backup:DescribeBackupJob", "backup:DescribeBackupVault", "backup:DescribeCopyJob", "backup:DescribeFramework", "backup:DescribeGlobalSettings", "backup:DescribeProtectedResource", "backup:DescribeRecoveryPoint", "backup:DescribeRegionSettings", "backup:DescribeReportJob", "backup:DescribeReportPlan", "backup:DescribeRestoreJob", "backup:CreateBackupSelection", "backup:DeleteBackupSelection", "backup:StartBackupJob", "backup:StartRestoreJob", "backup:StartCopyJob", "rds:DescribeDBSnapshots", "rds:ListTagsForResource", "rds:DescribeDBInstances", "rds:DescribeDBEngineVersions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribeDBSubnetGroups", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBParameterGroups", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBClusterAutomatedBackups", "dynamodb:ListBackups", "dynamodb:ListTables", "elasticfilesystem:DescribeFileSystems", "ec2:DescribeSnapshots", "ec2:DescribeVolumes", "ec2:DescribeAvailabilityZones", "ec2:DescribeVpcs", "ec2:DescribeAccountAttributes", "ec2:DescribeSecurityGroups", "ec2:DescribeImages", "ec2:DescribeSubnets", "ec2:DescribePlacementGroups", "ec2:DescribeInstances", "ec2:DescribeInstanceTypes", "ec2:DescribeVpcEndpoints", "ec2:DescribeAddresses", "tag:GetTagKeys", "tag:GetTagValues", "tag:GetResources", "storagegateway:DescribeCachediSCSIVolumes", "storagegateway:DescribeStorediSCSIVolumes", "storagegateway:ListGateways", "storagegateway:DescribeGatewayInformation", "storagegateway:ListVolumes", "storagegateway:ListLocalDisks", "iam:ListRoles", "iam:GetRole", "iam:PassRole", "organizations:DescribeOrganization", "ssm:CancelCommand", "ssm:GetCommandInvocation", "ssm:SendCommand", "fsx:DescribeBackups", "fsx:DescribeFileSystems", "fsx:DescribeVolumes", "fsx:DescribeStorageVirtualMachines", "ds:DescribeDirectories", "backup-gateway:ListGateways", "backup-gateway:ListHypervisors", "backup-gateway:ListTagsForResource", "backup-gateway:ListVirtualMachines", "backup-gateway:GetHypervisor", "backup-gateway:GetHypervisorPropertyMappings", "backup-gateway:GetVirtualMachine", "backup-gateway:GetBandwidthRateLimitSchedule", "backup-gateway:GetGateway", "cloudwatch:GetMetricData", "timestream:ListDatabases", "timestream:ListTables", "timestream:DescribeEndpoints", "s3:ListAllMyBuckets", "redshift:DescribeClusters", "redshift:DescribeClusterSubnetGroups", "redshift:DescribeClusterSnapshots", "redshift:DescribeSnapshotSchedules", "redshift:DescribeNodeConfigurationOptions", "redshift:DescribeOrderableClusterOptions", "redshift:DescribeClusterParameterGroups", "redshift:DescribeClusterTracks", "cloudformation:ListStacks", "ssm-sap:GetOperation", "ssm-sap:ListDatabases", "ssm-sap:GetDatabase", "ssm-sap:ListTagsForResource", "ram:GetResourceShareAssociations" ], "malformed": false, "name": "AWSBackupOperatorAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-09-06T20:45:05+00:00", "version": "v15" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/AWSMarketplaceMeteringFullAccess", "createdate": "2016-03-17T22:39:22Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "aws-marketplace:MeterUsage" ], "malformed": false, "name": "AWSMarketplaceMeteringFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2016-03-17T22:39:22+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonDynamoDBFullAccesswithDataPipeline", "createdate": "2015-11-12T02:17:42Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudwatch:DeleteAlarms", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "cloudwatch:PutMetricAlarm", "dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:ConditionCheckItem", "dynamodb:CreateBackup", "dynamodb:CreateGlobalTable", "dynamodb:CreateTable", "dynamodb:CreateTableReplica", "dynamodb:DeleteBackup", "dynamodb:DeleteItem", "dynamodb:DeleteResourcePolicy", "dynamodb:DeleteTable", "dynamodb:DeleteTableReplica", "dynamodb:DescribeBackup", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeContributorInsights", "dynamodb:DescribeEndpoints", "dynamodb:DescribeExport", "dynamodb:DescribeGlobalTable", "dynamodb:DescribeGlobalTableSettings", "dynamodb:DescribeImport", "dynamodb:DescribeKinesisStreamingDestination", "dynamodb:DescribeLimits", "dynamodb:DescribeReservedCapacity", "dynamodb:DescribeReservedCapacityOfferings", "dynamodb:DescribeStream", "dynamodb:DescribeTable", "dynamodb:DescribeTableReplicaAutoScaling", "dynamodb:DescribeTimeToLive", "dynamodb:DisableKinesisStreamingDestination", "dynamodb:EnableKinesisStreamingDestination", "dynamodb:ExportTableToPointInTime", "dynamodb:GetItem", "dynamodb:GetRecords", "dynamodb:GetResourcePolicy", "dynamodb:GetShardIterator", "dynamodb:ImportTable", "dynamodb:ListBackups", "dynamodb:ListContributorInsights", "dynamodb:ListExports", "dynamodb:ListGlobalTables", "dynamodb:ListImports", "dynamodb:ListStreams", "dynamodb:ListTables", "dynamodb:ListTagsOfResource", "dynamodb:PartiQLDelete", "dynamodb:PartiQLInsert", "dynamodb:PartiQLSelect", "dynamodb:PartiQLUpdate", "dynamodb:PurchaseReservedCapacityOfferings", "dynamodb:PutItem", "dynamodb:PutResourcePolicy", "dynamodb:Query", "dynamodb:RestoreTableFromAwsBackup", "dynamodb:RestoreTableFromBackup", "dynamodb:RestoreTableToPointInTime", "dynamodb:Scan", "dynamodb:StartAwsBackupJob", "dynamodb:TagResource", "dynamodb:UntagResource", "dynamodb:UpdateContinuousBackups", "dynamodb:UpdateContributorInsights", "dynamodb:UpdateGlobalTable", "dynamodb:UpdateGlobalTableSettings", "dynamodb:UpdateGlobalTableVersion", "dynamodb:UpdateItem", "dynamodb:UpdateKinesisStreamingDestination", "dynamodb:UpdateTable", "dynamodb:UpdateTableReplicaAutoScaling", "dynamodb:UpdateTimeToLive", "sns:CreateTopic", "sns:DeleteTopic", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTopics", "sns:Subscribe", "sns:Unsubscribe", "sns:SetTopicAttributes", "lambda:AddLayerVersionPermission", "lambda:AddPermission", "lambda:CreateAlias", "lambda:CreateCodeSigningConfig", "lambda:CreateEventSourceMapping", "lambda:CreateFunction", "lambda:CreateFunctionUrlConfig", "lambda:DeleteAlias", "lambda:DeleteCodeSigningConfig", "lambda:DeleteEventSourceMapping", "lambda:DeleteFunction", "lambda:DeleteFunctionCodeSigningConfig", "lambda:DeleteFunctionConcurrency", "lambda:DeleteFunctionEventInvokeConfig", "lambda:DeleteFunctionUrlConfig", "lambda:DeleteLayerVersion", "lambda:DeleteProvisionedConcurrencyConfig", "lambda:DisableReplication", "lambda:EnableReplication", "lambda:GetAccountSettings", "lambda:GetAlias", "lambda:GetCodeSigningConfig", "lambda:GetEventSourceMapping", "lambda:GetFunction", "lambda:GetFunctionCodeSigningConfig", "lambda:GetFunctionConcurrency", "lambda:GetFunctionConfiguration", "lambda:GetFunctionEventInvokeConfig", "lambda:GetFunctionUrlConfig", "lambda:GetLayerVersion", "lambda:GetLayerVersionPolicy", "lambda:GetPolicy", "lambda:GetProvisionedConcurrencyConfig", "lambda:GetRuntimeManagementConfig", "lambda:InvokeAsync", "lambda:InvokeFunction", "lambda:InvokeFunctionUrl", "lambda:ListAliases", "lambda:ListCodeSigningConfigs", "lambda:ListEventSourceMappings", "lambda:ListFunctionEventInvokeConfigs", "lambda:ListFunctionUrlConfigs", "lambda:ListFunctions", "lambda:ListFunctionsByCodeSigningConfig", "lambda:ListLayerVersions", "lambda:ListLayers", "lambda:ListProvisionedConcurrencyConfigs", "lambda:ListTags", "lambda:ListVersionsByFunction", "lambda:PublishLayerVersion", "lambda:PublishVersion", "lambda:PutFunctionCodeSigningConfig", "lambda:PutFunctionConcurrency", "lambda:PutFunctionEventInvokeConfig", "lambda:PutProvisionedConcurrencyConfig", "lambda:PutRuntimeManagementConfig", "lambda:RemoveLayerVersionPermission", "lambda:RemovePermission", "lambda:TagResource", "lambda:UntagResource", "lambda:UpdateAlias", "lambda:UpdateCodeSigningConfig", "lambda:UpdateEventSourceMapping", "lambda:UpdateFunctionCode", "lambda:UpdateFunctionCodeSigningConfig", "lambda:UpdateFunctionConfiguration", "lambda:UpdateFunctionEventInvokeConfig", "lambda:UpdateFunctionUrlConfig", "iam:ListRoles", "datapipeline:ActivatePipeline", "datapipeline:AddTags", "datapipeline:CreatePipeline", "datapipeline:DeactivatePipeline", "datapipeline:DeletePipeline", "datapipeline:DescribeObjects", "datapipeline:DescribePipelines", "datapipeline:EvaluateExpression", "datapipeline:GetAccountLimits", "datapipeline:GetPipelineDefinition", "datapipeline:ListPipelines", "datapipeline:PollForTask", "datapipeline:PutAccountLimits", "datapipeline:PutPipelineDefinition", "datapipeline:QueryObjects", "datapipeline:RemoveTags", "datapipeline:ReportTaskProgress", "datapipeline:ReportTaskRunnerHeartbeat", "datapipeline:SetStatus", "datapipeline:SetTaskStatus", "datapipeline:ValidatePipelineDefinition", "iam:ListRoles", "iam:GetRolePolicy", "iam:PassRole", "ec2:CreateTags", "ec2:DescribeInstances", "ec2:RunInstances", "ec2:StartInstances", "ec2:StopInstances", "ec2:TerminateInstances", "elasticmapreduce:AddInstanceFleet", "elasticmapreduce:AddInstanceGroups", "elasticmapreduce:AddJobFlowSteps", "elasticmapreduce:AddTags", "elasticmapreduce:AttachEditor", "elasticmapreduce:CancelSteps", "elasticmapreduce:CreateEditor", "elasticmapreduce:CreatePersistentAppUI", "elasticmapreduce:CreateRepository", "elasticmapreduce:CreateSecurityConfiguration", "elasticmapreduce:CreateStudio", "elasticmapreduce:CreateStudioPresignedUrl", "elasticmapreduce:CreateStudioSessionMapping", "elasticmapreduce:DeleteEditor", "elasticmapreduce:DeleteRepository", "elasticmapreduce:DeleteSecurityConfiguration", "elasticmapreduce:DeleteStudio", "elasticmapreduce:DeleteStudioSessionMapping", "elasticmapreduce:DeleteWorkspaceAccess", "elasticmapreduce:DescribeCluster", "elasticmapreduce:DescribeEditor", "elasticmapreduce:DescribeJobFlows", "elasticmapreduce:DescribeNotebookExecution", "elasticmapreduce:DescribePersistentAppUI", "elasticmapreduce:DescribeReleaseLabel", "elasticmapreduce:DescribeRepository", "elasticmapreduce:DescribeSecurityConfiguration", "elasticmapreduce:DescribeStep", "elasticmapreduce:DescribeStudio", "elasticmapreduce:DetachEditor", "elasticmapreduce:GetAutoTerminationPolicy", "elasticmapreduce:GetBlockPublicAccessConfiguration", "elasticmapreduce:GetClusterSessionCredentials", "elasticmapreduce:GetManagedScalingPolicy", "elasticmapreduce:GetOnClusterAppUIPresignedURL", "elasticmapreduce:GetPersistentAppUIPresignedURL", "elasticmapreduce:GetStudioSessionMapping", "elasticmapreduce:LinkRepository", "elasticmapreduce:ListBootstrapActions", "elasticmapreduce:ListClusters", "elasticmapreduce:ListEditors", "elasticmapreduce:ListInstanceFleets", "elasticmapreduce:ListInstanceGroups", "elasticmapreduce:ListInstances", "elasticmapreduce:ListNotebookExecutions", "elasticmapreduce:ListReleaseLabels", "elasticmapreduce:ListRepositories", "elasticmapreduce:ListSecurityConfigurations", "elasticmapreduce:ListSteps", "elasticmapreduce:ListStudioSessionMappings", "elasticmapreduce:ListStudios", "elasticmapreduce:ListSupportedInstanceTypes", "elasticmapreduce:ListWorkspaceAccessIdentities", "elasticmapreduce:ModifyCluster", "elasticmapreduce:ModifyInstanceFleet", "elasticmapreduce:ModifyInstanceGroups", "elasticmapreduce:OpenEditorInConsole", "elasticmapreduce:PutAutoScalingPolicy", "elasticmapreduce:PutAutoTerminationPolicy", "elasticmapreduce:PutBlockPublicAccessConfiguration", "elasticmapreduce:PutManagedScalingPolicy", "elasticmapreduce:PutWorkspaceAccess", "elasticmapreduce:RemoveAutoScalingPolicy", "elasticmapreduce:RemoveAutoTerminationPolicy", "elasticmapreduce:RemoveManagedScalingPolicy", "elasticmapreduce:RemoveTags", "elasticmapreduce:RunJobFlow", "elasticmapreduce:SetKeepJobFlowAliveWhenNoSteps", "elasticmapreduce:SetTerminationProtection", "elasticmapreduce:SetUnhealthyNodeReplacement", "elasticmapreduce:SetVisibleToAllUsers", "elasticmapreduce:StartEditor", "elasticmapreduce:StartNotebookExecution", "elasticmapreduce:StopEditor", "elasticmapreduce:StopNotebookExecution", "elasticmapreduce:TerminateJobFlows", "elasticmapreduce:UnlinkRepository", "elasticmapreduce:UpdateEditor", "elasticmapreduce:UpdateRepository", "elasticmapreduce:UpdateStudio", "elasticmapreduce:UpdateStudioSessionMapping", "elasticmapreduce:ViewEventsFromAllClustersInConsole", "datapipeline:ActivatePipeline", "datapipeline:AddTags", "datapipeline:CreatePipeline", "datapipeline:DeactivatePipeline", "datapipeline:DeletePipeline", "datapipeline:DescribeObjects", "datapipeline:DescribePipelines", "datapipeline:EvaluateExpression", "datapipeline:GetAccountLimits", "datapipeline:GetPipelineDefinition", "datapipeline:ListPipelines", "datapipeline:PollForTask", "datapipeline:PutAccountLimits", "datapipeline:PutPipelineDefinition", "datapipeline:QueryObjects", "datapipeline:RemoveTags", "datapipeline:ReportTaskProgress", "datapipeline:ReportTaskRunnerHeartbeat", "datapipeline:SetStatus", "datapipeline:SetTaskStatus", "datapipeline:ValidatePipelineDefinition", "s3:DeleteObject", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:PutAccelerateConfiguration", "s3:PutAccessGrantsInstanceResourcePolicy", "s3:PutAccessPointConfigurationForObjectLambda", "s3:PutAccessPointPolicy", "s3:PutAccessPointPolicyForObjectLambda", "s3:PutAccessPointPublicAccessBlock", "s3:PutAccountPublicAccessBlock", "s3:PutAnalyticsConfiguration", "s3:PutBucketAcl", "s3:PutBucketCORS", "s3:PutBucketLogging", "s3:PutBucketNotification", "s3:PutBucketObjectLockConfiguration", "s3:PutBucketOwnershipControls", "s3:PutBucketPolicy", "s3:PutBucketPublicAccessBlock", "s3:PutBucketRequestPayment", "s3:PutBucketTagging", "s3:PutBucketVersioning", "s3:PutBucketWebsite", "s3:PutEncryptionConfiguration", "s3:PutIntelligentTieringConfiguration", "s3:PutInventoryConfiguration", "s3:PutJobTagging", "s3:PutLifecycleConfiguration", "s3:PutMetricsConfiguration", "s3:PutMultiRegionAccessPointPolicy", "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionAcl", "s3:PutObjectVersionTagging", "s3:PutReplicationConfiguration", "s3:PutStorageLensConfiguration", "s3:PutStorageLensConfigurationTagging" ], "malformed": false, "name": "AmazonDynamoDBFullAccesswithDataPipeline", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-11-12T02:17:42+00:00", "version": "v2" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSrePostPrivateCloudWatchAccess", "createdate": "2023-11-15T16:37:33Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:PutMetricData" ], "malformed": false, "name": "AWSrePostPrivateCloudWatchAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-15T16:37:33+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonEFSCSIDriverPolicy", "createdate": "2023-07-25T20:10:04Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elasticfilesystem:DescribeAccessPoints", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeMountTargets", "ec2:DescribeAvailabilityZones", "elasticfilesystem:CreateAccessPoint", "elasticfilesystem:TagResource", "elasticfilesystem:DeleteAccessPoint" ], "malformed": false, "name": "AmazonEFSCSIDriverPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-07-25T20:10:04+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/SecurityAudit", "createdate": "2024-04-05T17:32:58Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "a4b:ListSkills", "access-analyzer:GetAnalyzedResource", "access-analyzer:GetAnalyzer", "access-analyzer:GetArchiveRule", "access-analyzer:GetFinding", "access-analyzer:ListAnalyzedResources", "access-analyzer:ListAnalyzers", "access-analyzer:ListArchiveRules", "access-analyzer:ListFindings", "access-analyzer:ListTagsForResource", "account:GetAlternateContact", "account:GetRegionOptStatus", "acm-pca:DescribeCertificateAuthority", "acm-pca:DescribeCertificateAuthorityAuditReport", "acm-pca:GetPolicy", "acm-pca:ListCertificateAuthorities", "acm-pca:ListPermissions", "acm-pca:ListTags", "acm:DescribeCertificate", "acm:ListCertificates", "acm:ListTagsForCertificate", "airflow:GetEnvironment", "airflow:ListEnvironments", "appflow:ListFlows", "appflow:ListTagsForResource", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingActivities", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:DescribeScheduledActions", "appmesh:DescribeGatewayRoute", "appmesh:DescribeMesh", "appmesh:DescribeRoute", "appmesh:DescribeVirtualGateway", "appmesh:DescribeVirtualNode", "appmesh:DescribeVirtualRouter", "appmesh:DescribeVirtualService", "appmesh:ListGatewayRoutes", "appmesh:ListMeshes", "appmesh:ListRoutes", "appmesh:ListTagsForResource", "appmesh:ListVirtualGateways", "appmesh:ListVirtualNodes", "appmesh:ListVirtualRouters", "appmesh:ListVirtualServices", "apprunner:DescribeAutoScalingConfiguration", "apprunner:DescribeCustomDomains", "apprunner:DescribeObservabilityConfiguration", "apprunner:DescribeService", "apprunner:DescribeVpcConnector", "apprunner:DescribeVpcIngressConnection", "apprunner:ListAutoScalingConfigurations", "apprunner:ListConnections", "apprunner:ListObservabilityConfigurations", "apprunner:ListOperations", "apprunner:ListServices", "apprunner:ListTagsForResource", "apprunner:ListVpcConnectors", "apprunner:ListVpcIngressConnections", "appsync:GetApiCache", "appsync:ListApiKeys", "appsync:ListDataSources", "appsync:ListDomainNames", "appsync:ListFunctions", "appsync:ListGraphqlApis", "appsync:ListResolvers", "appsync:ListResolversByFunction", "appsync:ListSourceApiAssociations", "appsync:ListTagsForResource", "appsync:ListTypes", "appsync:ListTypesByAssociation", "athena:GetWorkGroup", "athena:ListApplicationDPUSizes", "athena:ListCalculationExecutions", "athena:ListCapacityReservations", "athena:ListDataCatalogs", "athena:ListDatabases", "athena:ListEngineVersions", "athena:ListExecutors", "athena:ListNamedQueries", "athena:ListNotebookMetadata", "athena:ListNotebookSessions", "athena:ListPreparedStatements", "athena:ListQueryExecutions", "athena:ListSessions", "athena:ListTableMetadata", "athena:ListTagsForResource", "athena:ListWorkGroups", "auditmanager:GetAccountStatus", "auditmanager:ListAssessmentControlInsightsByControlDomain", "auditmanager:ListAssessmentFrameworkShareRequests", "auditmanager:ListAssessmentFrameworks", "auditmanager:ListAssessmentReports", "auditmanager:ListAssessments", "auditmanager:ListControlDomainInsights", "auditmanager:ListControlDomainInsightsByAssessment", "auditmanager:ListControlInsightsByControlDomain", "auditmanager:ListControls", "auditmanager:ListNotifications", "auditmanager:ListTagsForResource", "autoscaling-plans:DescribeScalingPlans", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "backup:DescribeGlobalSettings", "backup:DescribeRegionSettings", "backup:GetBackupVaultAccessPolicy", "backup:GetBackupVaultNotifications", "backup:ListBackupVaults", "backup:ListTags", "batch:DescribeComputeEnvironments", "batch:DescribeJobDefinitions", "bedrock:GetCustomModel", "bedrock:GetModelInvocationLoggingConfiguration", "bedrock:ListCustomModels", "bedrock:ListTagsForResource", "braket:SearchJobs", "braket:SearchQuantumTasks", "chime:ListAccountUsageReportData", "chime:ListAccounts", "chime:ListApiKeys", "chime:ListAppInstanceAdmins", "chime:ListAppInstanceBots", "chime:ListAppInstanceUserEndpoints", "chime:ListAppInstanceUsers", "chime:ListAppInstances", "chime:ListAttendeeTags", "chime:ListAttendees", "chime:ListAvailableVoiceConnectorRegions", "chime:ListBots", "chime:ListCDRBucket", "chime:ListCallingRegions", "chime:ListChannelBans", "chime:ListChannelFlows", "chime:ListChannelMemberships", "chime:ListChannelMembershipsForAppInstanceUser", "chime:ListChannelMessages", "chime:ListChannelModerators", "chime:ListChannels", "chime:ListChannelsAssociatedWithChannelFlow", "chime:ListChannelsModeratedByAppInstanceUser", "chime:ListDelegates", "chime:ListDirectories", "chime:ListDomains", "chime:ListGroups", "chime:ListMediaCapturePipelines", "chime:ListMediaInsightsPipelineConfigurations", "chime:ListMediaPipelineKinesisVideoStreamPools", "chime:ListMediaPipelines", "chime:ListMeetingEvents", "chime:ListMeetingTags", "chime:ListMeetings", "chime:ListMeetingsReportData", "chime:ListPhoneNumberOrders", "chime:ListPhoneNumbers", "chime:ListProxySessions", "chime:ListRoomMemberships", "chime:ListRooms", "chime:ListSipMediaApplications", "chime:ListSipRules", "chime:ListSubChannels", "chime:ListSupportedPhoneNumberCountries", "chime:ListTagsForResource", "chime:ListUsers", "chime:ListVoiceConnectorGroups", "chime:ListVoiceConnectorTerminationCredentials", "chime:ListVoiceConnectors", "chime:ListVoiceProfileDomains", "chime:ListVoiceProfiles", "cloud9:DescribeEC2Remote", "cloud9:DescribeEnvironmentMemberships", "cloud9:DescribeEnvironmentStatus", "cloud9:DescribeEnvironments", "cloud9:DescribeSSHRemote", "cloud9:ListEnvironments", "clouddirectory:ListDirectories", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:GetStackPolicy", "cloudformation:GetTemplate", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudfront:GetCachePolicy", "cloudfront:GetCachePolicyConfig", "cloudfront:GetCloudFrontOriginAccessIdentity", "cloudfront:GetCloudFrontOriginAccessIdentityConfig", "cloudfront:GetContinuousDeploymentPolicy", "cloudfront:GetContinuousDeploymentPolicyConfig", "cloudfront:GetDistribution", "cloudfront:GetDistributionConfig", "cloudfront:GetFieldLevelEncryption", "cloudfront:GetFieldLevelEncryptionConfig", "cloudfront:GetFieldLevelEncryptionProfile", "cloudfront:GetFieldLevelEncryptionProfileConfig", "cloudfront:GetFunction", "cloudfront:GetInvalidation", "cloudfront:GetKeyGroup", "cloudfront:GetKeyGroupConfig", "cloudfront:GetMonitoringSubscription", "cloudfront:GetOriginAccessControl", "cloudfront:GetOriginAccessControlConfig", "cloudfront:GetOriginRequestPolicy", "cloudfront:GetOriginRequestPolicyConfig", "cloudfront:GetPublicKey", "cloudfront:GetPublicKeyConfig", "cloudfront:GetRealtimeLogConfig", "cloudfront:GetResponseHeadersPolicy", "cloudfront:GetResponseHeadersPolicyConfig", "cloudfront:GetSavingsPlan", "cloudfront:GetStreamingDistribution", "cloudfront:GetStreamingDistributionConfig", "cloudfront:ListCachePolicies", "cloudfront:ListCloudFrontOriginAccessIdentities", "cloudfront:ListConflictingAliases", "cloudfront:ListContinuousDeploymentPolicies", "cloudfront:ListDistributions", "cloudfront:ListDistributionsByCachePolicyId", "cloudfront:ListDistributionsByKeyGroup", "cloudfront:ListDistributionsByLambdaFunction", "cloudfront:ListDistributionsByOriginRequestPolicyId", "cloudfront:ListDistributionsByRealtimeLogConfig", "cloudfront:ListDistributionsByResponseHeadersPolicyId", "cloudfront:ListDistributionsByWebACLId", "cloudfront:ListFieldLevelEncryptionConfigs", "cloudfront:ListFieldLevelEncryptionProfiles", "cloudfront:ListFunctions", "cloudfront:ListInvalidations", "cloudfront:ListKeyGroups", "cloudfront:ListKeyValueStores", "cloudfront:ListOriginAccessControls", "cloudfront:ListOriginRequestPolicies", "cloudfront:ListPublicKeys", "cloudfront:ListRateCards", "cloudfront:ListRealtimeLogConfigs", "cloudfront:ListResponseHeadersPolicies", "cloudfront:ListSavingsPlans", "cloudfront:ListStreamingDistributions", "cloudfront:ListTagsForResource", "cloudfront:ListUsages", "cloudsearch:DescribeDomainEndpointOptions", "cloudsearch:DescribeDomains", "cloudsearch:DescribeServiceAccessPolicies", "cloudtrail:DescribeTrails", "cloudtrail:GetEventSelectors", "cloudtrail:GetInsightSelectors", "cloudtrail:GetTrail", "cloudtrail:GetTrailStatus", "cloudtrail:ListTags", "cloudtrail:ListTrails", "cloudtrail:LookupEvents", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:GetDashboard", "cloudwatch:ListDashboards", "cloudwatch:ListTagsForResource", "codeartifact:GetDomainPermissionsPolicy", "codeartifact:GetRepositoryPermissionsPolicy", "codeartifact:ListRepositories", "codebuild:BatchGetProjects", "codebuild:GetResourcePolicy", "codebuild:ListProjects", "codecommit:BatchGetRepositories", "codecommit:GetBranch", "codecommit:GetObjectIdentifier", "codecommit:GetRepository", "codecommit:GetRepositoryTriggers", "codecommit:ListApprovalRuleTemplates", "codecommit:ListAssociatedApprovalRuleTemplatesForRepository", "codecommit:ListBranches", "codecommit:ListFileCommitHistory", "codecommit:ListPullRequests", "codecommit:ListRepositories", "codecommit:ListRepositoriesForApprovalRuleTemplate", "codecommit:ListTagsForResource", "codedeploy:BatchGetApplicationRevisions", "codedeploy:BatchGetApplications", "codedeploy:BatchGetDeploymentGroups", "codedeploy:BatchGetDeploymentInstances", "codedeploy:BatchGetDeploymentTargets", "codedeploy:BatchGetDeployments", "codedeploy:BatchGetOnPremisesInstances", "codedeploy:GetApplication", "codedeploy:GetApplicationRevision", "codedeploy:GetDeployment", "codedeploy:GetDeploymentConfig", "codedeploy:GetDeploymentGroup", "codedeploy:GetDeploymentInstance", "codedeploy:GetDeploymentTarget", "codedeploy:GetOnPremisesInstance", "codedeploy:ListApplicationRevisions", "codedeploy:ListApplications", "codedeploy:ListDeploymentConfigs", "codedeploy:ListDeploymentGroups", "codedeploy:ListDeploymentInstances", "codedeploy:ListDeploymentTargets", "codedeploy:ListDeployments", "codedeploy:ListGitHubAccountTokenNames", "codedeploy:ListOnPremisesInstances", "codedeploy:ListTagsForResource", "codepipeline:GetJobDetails", "codepipeline:GetPipeline", "codepipeline:GetPipelineExecution", "codepipeline:GetPipelineState", "codepipeline:ListPipelines", "codestar:DescribeProject", "codestar:DescribeUserProfile", "codestar:ListProjects", "codestar:ListResources", "codestar:ListTagsForProject", "codestar:ListTeamMembers", "codestar:ListUserProfiles", "cognito-identity:DescribeIdentity", "cognito-identity:DescribeIdentityPool", "cognito-identity:GetIdentityPoolRoles", "cognito-identity:ListIdentityPools", "cognito-identity:ListTagsForResource", "cognito-idp:DescribeIdentityProvider", "cognito-idp:DescribeResourceServer", "cognito-idp:DescribeRiskConfiguration", "cognito-idp:DescribeUserImportJob", "cognito-idp:DescribeUserPool", "cognito-idp:DescribeUserPoolClient", "cognito-idp:DescribeUserPoolDomain", "cognito-idp:ListDevices", "cognito-idp:ListGroups", "cognito-idp:ListIdentityProviders", "cognito-idp:ListResourceServers", "cognito-idp:ListTagsForResource", "cognito-idp:ListUserImportJobs", "cognito-idp:ListUserPoolClients", "cognito-idp:ListUserPools", "cognito-idp:ListUsers", "cognito-idp:ListUsersInGroup", "cognito-sync:DescribeDataset", "cognito-sync:DescribeIdentityPoolUsage", "cognito-sync:DescribeIdentityUsage", "cognito-sync:ListDatasets", "cognito-sync:ListIdentityPoolUsage", "cognito-sync:ListRecords", "comprehend:DescribeDataset", "comprehend:DescribeDocumentClassificationJob", "comprehend:DescribeDocumentClassifier", "comprehend:DescribeDominantLanguageDetectionJob", "comprehend:DescribeEndpoint", "comprehend:DescribeEntitiesDetectionJob", "comprehend:DescribeEntityRecognizer", "comprehend:DescribeEventsDetectionJob", "comprehend:DescribeFlywheel", "comprehend:DescribeFlywheelIteration", "comprehend:DescribeKeyPhrasesDetectionJob", "comprehend:DescribePiiEntitiesDetectionJob", "comprehend:DescribeResourcePolicy", "comprehend:DescribeSentimentDetectionJob", "comprehend:DescribeTargetedSentimentDetectionJob", "comprehend:DescribeTopicsDetectionJob", "comprehend:ListDatasets", "comprehend:ListDocumentClassificationJobs", "comprehend:ListDocumentClassifierSummaries", "comprehend:ListDocumentClassifiers", "comprehend:ListDominantLanguageDetectionJobs", "comprehend:ListEndpoints", "comprehend:ListEntitiesDetectionJobs", "comprehend:ListEntityRecognizerSummaries", "comprehend:ListEntityRecognizers", "comprehend:ListEventsDetectionJobs", "comprehend:ListFlywheelIterationHistory", "comprehend:ListFlywheels", "comprehend:ListKeyPhrasesDetectionJobs", "comprehend:ListPiiEntitiesDetectionJobs", "comprehend:ListSentimentDetectionJobs", "comprehend:ListTagsForResource", "comprehend:ListTargetedSentimentDetectionJobs", "comprehend:ListTopicsDetectionJobs", "comprehendmedical:ListICD10CMInferenceJobs", "comprehendmedical:ListPHIDetectionJobs", "comprehendmedical:ListRxNormInferenceJobs", "comprehendmedical:ListSNOMEDCTInferenceJobs", "config:BatchGetAggregateResourceConfig", "config:BatchGetResourceConfig", "config:DeliverConfigSnapshot", "config:DescribeAggregateComplianceByConfigRules", "config:DescribeAggregateComplianceByConformancePacks", "config:DescribeAggregationAuthorizations", "config:DescribeComplianceByConfigRule", "config:DescribeComplianceByResource", "config:DescribeConfigRuleEvaluationStatus", "config:DescribeConfigRules", "config:DescribeConfigurationAggregatorSourcesStatus", "config:DescribeConfigurationAggregators", "config:DescribeConfigurationRecorderStatus", "config:DescribeConfigurationRecorders", "config:DescribeConformancePackCompliance", "config:DescribeConformancePackStatus", "config:DescribeConformancePacks", "config:DescribeDeliveryChannelStatus", "config:DescribeDeliveryChannels", "config:DescribeOrganizationConfigRuleStatuses", "config:DescribeOrganizationConfigRules", "config:DescribeOrganizationConformancePackStatuses", "config:DescribeOrganizationConformancePacks", "config:DescribePendingAggregationRequests", "config:DescribeRemediationConfigurations", "config:DescribeRemediationExceptions", "config:DescribeRemediationExecutionStatus", "config:DescribeRetentionConfigurations", "config:GetAggregateComplianceDetailsByConfigRule", "config:GetAggregateConfigRuleComplianceSummary", "config:GetAggregateConformancePackComplianceSummary", "config:GetAggregateDiscoveredResourceCounts", "config:GetAggregateResourceConfig", "config:GetComplianceDetailsByConfigRule", "config:GetComplianceDetailsByResource", "config:GetComplianceSummaryByConfigRule", "config:GetComplianceSummaryByResourceType", "config:GetConformancePackComplianceDetails", "config:GetConformancePackComplianceSummary", "config:GetCustomRulePolicy", "config:GetDiscoveredResourceCounts", "config:GetOrganizationConfigRuleDetailedStatus", "config:GetOrganizationConformancePackDetailedStatus", "config:GetOrganizationCustomRulePolicy", "config:GetResourceConfigHistory", "config:GetResourceEvaluationSummary", "config:GetStoredQuery", "config:ListAggregateDiscoveredResources", "config:ListConformancePackComplianceScores", "config:ListDiscoveredResources", "config:ListResourceEvaluations", "config:ListStoredQueries", "config:ListTagsForResource", "config:SelectAggregateResourceConfig", "config:SelectResourceConfig", "connect:ListApprovedOrigins", "connect:ListInstanceAttributes", "connect:ListInstanceStorageConfigs", "connect:ListInstances", "connect:ListIntegrationAssociations", "connect:ListLambdaFunctions", "connect:ListLexBots", "connect:ListSecurityKeys", "databrew:DescribeDataset", "databrew:DescribeProject", "databrew:ListJobs", "databrew:ListProjects", "dataexchange:ListDataSets", "datapipeline:DescribeObjects", "datapipeline:DescribePipelines", "datapipeline:EvaluateExpression", "datapipeline:GetPipelineDefinition", "datapipeline:ListPipelines", "datapipeline:QueryObjects", "datapipeline:ValidatePipelineDefinition", "datasync:DescribeAgent", "datasync:DescribeDiscoveryJob", "datasync:DescribeLocationAzureBlob", "datasync:DescribeLocationEfs", "datasync:DescribeLocationFsxLustre", "datasync:DescribeLocationFsxOntap", "datasync:DescribeLocationFsxOpenZfs", "datasync:DescribeLocationFsxWindows", "datasync:DescribeLocationHdfs", "datasync:DescribeLocationNfs", "datasync:DescribeLocationObjectStorage", "datasync:DescribeLocationS3", "datasync:DescribeLocationSmb", "datasync:DescribeStorageSystem", "datasync:DescribeStorageSystemResourceMetrics", "datasync:DescribeStorageSystemResources", "datasync:DescribeTask", "datasync:DescribeTaskExecution", "datasync:ListAgents", "datasync:ListDiscoveryJobs", "datasync:ListLocations", "datasync:ListStorageSystems", "datasync:ListTagsForResource", "datasync:ListTaskExecutions", "datasync:ListTasks", "dax:DescribeClusters", "dax:DescribeDefaultParameters", "dax:DescribeEvents", "dax:DescribeParameterGroups", "dax:DescribeParameters", "dax:DescribeSubnetGroups", "dax:ListTags", "deepracer:ListModels", "detective:GetGraphIngestState", "detective:ListGraphs", "detective:ListMembers", "devicefarm:ListProjects", "directconnect:DescribeConnectionLoa", "directconnect:DescribeConnections", "directconnect:DescribeConnectionsOnInterconnect", "directconnect:DescribeCustomerMetadata", "directconnect:DescribeDirectConnectGatewayAssociationProposals", "directconnect:DescribeDirectConnectGatewayAssociations", "directconnect:DescribeDirectConnectGatewayAttachments", "directconnect:DescribeDirectConnectGateways", "directconnect:DescribeHostedConnections", "directconnect:DescribeInterconnectLoa", "directconnect:DescribeInterconnects", "directconnect:DescribeLags", "directconnect:DescribeLoa", "directconnect:DescribeLocations", "directconnect:DescribeRouterConfiguration", "directconnect:DescribeTags", "directconnect:DescribeVirtualGateways", "directconnect:DescribeVirtualInterfaces", "discovery:DescribeAgents", "discovery:DescribeConfigurations", "discovery:DescribeContinuousExports", "discovery:DescribeExportConfigurations", "discovery:DescribeExportTasks", "discovery:DescribeImportTasks", "dms:DescribeAccountAttributes", "dms:DescribeApplicableIndividualAssessments", "dms:DescribeCertificates", "dms:DescribeConnections", "dms:DescribeConversionConfiguration", "dms:DescribeDataMigrations", "dms:DescribeDataProviders", "dms:DescribeEndpointSettings", "dms:DescribeEndpointTypes", "dms:DescribeEndpoints", "dms:DescribeEngineVersions", "dms:DescribeEventCategories", "dms:DescribeEventSubscriptions", "dms:DescribeEvents", "dms:DescribeExtensionPackAssociations", "dms:DescribeFleetAdvisorCollectors", "dms:DescribeFleetAdvisorDatabases", "dms:DescribeFleetAdvisorLsaAnalysis", "dms:DescribeFleetAdvisorSchemaObjectSummary", "dms:DescribeFleetAdvisorSchemas", "dms:DescribeInstanceProfiles", "dms:DescribeMetadataModelAssessments", "dms:DescribeMetadataModelConversions", "dms:DescribeMetadataModelExportsAsScript", "dms:DescribeMetadataModelExportsToTarget", "dms:DescribeMetadataModelImports", "dms:DescribeMigrationProjects", "dms:DescribeOrderableReplicationInstances", "dms:DescribePendingMaintenanceActions", "dms:DescribeRecommendationLimitations", "dms:DescribeRecommendations", "dms:DescribeRefreshSchemasStatus", "dms:DescribeReplicationConfigs", "dms:DescribeReplicationInstanceTaskLogs", "dms:DescribeReplicationInstances", "dms:DescribeReplicationSubnetGroups", "dms:DescribeReplicationTableStatistics", "dms:DescribeReplicationTaskAssessmentResults", "dms:DescribeReplicationTaskAssessmentRuns", "dms:DescribeReplicationTaskIndividualAssessments", "dms:DescribeReplicationTasks", "dms:DescribeReplications", "dms:DescribeSchemas", "dms:DescribeTableStatistics", "dms:ListTagsForResource", "docdb-elastic:ListClusters", "ds:DescribeDirectories", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeExport", "dynamodb:DescribeGlobalTable", "dynamodb:DescribeKinesisStreamingDestination", "dynamodb:DescribeTable", "dynamodb:DescribeTimeToLive", "dynamodb:ListBackups", "dynamodb:ListExports", "dynamodb:ListGlobalTables", "dynamodb:ListStreams", "dynamodb:ListTables", "dynamodb:ListTagsOfResource", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:GetEbsEncryptionByDefault", "ec2:GetImageBlockPublicAccessState", "ec2:GetManagedPrefixListAssociations", "ec2:GetManagedPrefixListEntries", "ec2:GetNetworkInsightsAccessScopeAnalysisFindings", "ec2:GetNetworkInsightsAccessScopeContent", "ec2:GetTransitGatewayAttachmentPropagations", "ec2:GetTransitGatewayMulticastDomainAssociations", "ec2:GetTransitGatewayPrefixListReferences", "ec2:GetTransitGatewayRouteTableAssociations", "ec2:GetTransitGatewayRouteTablePropagations", "ec2:SearchTransitGatewayRoutes", "ecr-public:DescribeImageTags", "ecr-public:DescribeImages", "ecr-public:DescribeRegistries", "ecr-public:DescribeRepositories", "ecr-public:GetRegistryCatalogData", "ecr-public:GetRepositoryCatalogData", "ecr-public:GetRepositoryPolicy", "ecr-public:ListTagsForResource", "ecr:BatchGetRepositoryScanningConfiguration", "ecr:DescribeImageScanFindings", "ecr:DescribeImages", "ecr:DescribeRegistry", "ecr:DescribeRepositories", "ecr:GetLifecyclePolicy", "ecr:GetRegistryPolicy", "ecr:GetRegistryScanningConfiguration", "ecr:GetRepositoryPolicy", "ecr:ListImages", "ecr:ListTagsForResource", "ecs:DescribeCapacityProviders", "ecs:DescribeClusters", "ecs:DescribeContainerInstances", "ecs:DescribeServices", "ecs:DescribeTaskDefinition", "ecs:DescribeTaskSets", "ecs:DescribeTasks", "ecs:ListAccountSettings", "ecs:ListAttributes", "ecs:ListClusters", "ecs:ListContainerInstances", "ecs:ListServices", "ecs:ListServicesByNamespace", "ecs:ListTagsForResource", "ecs:ListTaskDefinitionFamilies", "ecs:ListTaskDefinitions", "ecs:ListTasks", "eks:DescribeCluster", "eks:DescribeFargateProfile", "eks:DescribeNodegroup", "eks:ListClusters", "eks:ListFargateProfiles", "eks:ListNodegroups", "eks:ListTagsForResource", "eks:ListUpdates", "elastic-inference:DescribeAccelerators", "elasticache:DescribeCacheClusters", "elasticache:DescribeCacheEngineVersions", "elasticache:DescribeCacheParameterGroups", "elasticache:DescribeCacheParameters", "elasticache:DescribeCacheSecurityGroups", "elasticache:DescribeCacheSubnetGroups", "elasticache:DescribeEngineDefaultParameters", "elasticache:DescribeEvents", "elasticache:DescribeGlobalReplicationGroups", "elasticache:DescribeReplicationGroups", "elasticache:DescribeReservedCacheNodes", "elasticache:DescribeReservedCacheNodesOfferings", "elasticache:DescribeServerlessCacheSnapshots", "elasticache:DescribeServerlessCaches", "elasticache:DescribeServiceUpdates", "elasticache:DescribeSnapshots", "elasticache:DescribeUpdateActions", "elasticache:DescribeUserGroups", "elasticache:DescribeUsers", "elasticache:ListTagsForResource", "elasticbeanstalk:DescribeAccountAttributes", "elasticbeanstalk:DescribeApplicationVersions", "elasticbeanstalk:DescribeApplications", "elasticbeanstalk:DescribeConfigurationOptions", "elasticbeanstalk:DescribeConfigurationSettings", "elasticbeanstalk:DescribeEnvironmentHealth", "elasticbeanstalk:DescribeEnvironmentManagedActionHistory", "elasticbeanstalk:DescribeEnvironmentManagedActions", "elasticbeanstalk:DescribeEnvironmentResources", "elasticbeanstalk:DescribeEnvironments", "elasticbeanstalk:DescribeEvents", "elasticbeanstalk:DescribeInstancesHealth", "elasticbeanstalk:DescribePlatformVersion", "elasticbeanstalk:ListTagsForResource", "elasticfilesystem:DescribeAccessPoints", "elasticfilesystem:DescribeAccountPreferences", "elasticfilesystem:DescribeBackupPolicy", "elasticfilesystem:DescribeFileSystemPolicy", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeLifecycleConfiguration", "elasticfilesystem:DescribeMountTargetSecurityGroups", "elasticfilesystem:DescribeMountTargets", "elasticfilesystem:DescribeReplicationConfigurations", "elasticfilesystem:DescribeTags", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "elasticmapreduce:DescribeCluster", "elasticmapreduce:DescribeEditor", "elasticmapreduce:DescribeJobFlows", "elasticmapreduce:DescribeNotebookExecution", "elasticmapreduce:DescribePersistentAppUI", "elasticmapreduce:DescribeReleaseLabel", "elasticmapreduce:DescribeRepository", "elasticmapreduce:DescribeSecurityConfiguration", "elasticmapreduce:DescribeStep", "elasticmapreduce:DescribeStudio", "elasticmapreduce:GetAutoTerminationPolicy", "elasticmapreduce:GetBlockPublicAccessConfiguration", "elasticmapreduce:GetManagedScalingPolicy", "elasticmapreduce:ListClusters", "elasticmapreduce:ListInstances", "elasticmapreduce:ListSecurityConfigurations", "elastictranscoder:ListPipelines", "emr-serverless:GetApplication", "emr-serverless:ListApplications", "emr-serverless:ListJobRuns", "es:DescribeDomain", "es:DescribeDomainAutoTunes", "es:DescribeDomainChangeProgress", "es:DescribeDomainConfig", "es:DescribeDomainHealth", "es:DescribeDomainNodes", "es:DescribeDomains", "es:DescribeDryRunProgress", "es:DescribeElasticsearchDomain", "es:DescribeElasticsearchDomainConfig", "es:DescribeElasticsearchDomains", "es:DescribeElasticsearchInstanceTypeLimits", "es:DescribeInboundConnections", "es:DescribeInboundCrossClusterSearchConnections", "es:DescribeInstanceTypeLimits", "es:DescribeOutboundConnections", "es:DescribeOutboundCrossClusterSearchConnections", "es:DescribePackages", "es:DescribeReservedElasticsearchInstanceOfferings", "es:DescribeReservedElasticsearchInstances", "es:DescribeReservedInstanceOfferings", "es:DescribeReservedInstances", "es:DescribeVpcEndpoints", "es:GetCompatibleVersions", "es:ListDomainNames", "es:ListElasticsearchInstanceTypeDetails", "es:ListElasticsearchVersions", "es:ListTags", "events:DescribeApiDestination", "events:DescribeArchive", "events:DescribeConnection", "events:DescribeEndpoint", "events:DescribeEventBus", "events:DescribeEventSource", "events:DescribePartnerEventSource", "events:DescribeReplay", "events:DescribeRule", "events:ListApiDestinations", "events:ListArchives", "events:ListConnections", "events:ListEndpoints", "events:ListEventBuses", "events:ListEventSources", "events:ListPartnerEventSourceAccounts", "events:ListPartnerEventSources", "events:ListReplays", "events:ListRuleNamesByTarget", "events:ListRules", "events:ListTagsForResource", "events:ListTargetsByRule", "events:TestEventPattern", "finspace:ListEnvironments", "finspace:ListKxEnvironments", "firehose:DescribeDeliveryStream", "firehose:ListDeliveryStreams", "firehose:ListTagsForDeliveryStream", "fms:ListComplianceStatus", "fms:ListPolicies", "forecast:ListDatasets", "frauddetector:GetDetectors", "fsx:DescribeAssociatedFileGateways", "fsx:DescribeBackups", "fsx:DescribeDataRepositoryAssociations", "fsx:DescribeDataRepositoryTasks", "fsx:DescribeFileCaches", "fsx:DescribeFileSystemAliases", "fsx:DescribeFileSystems", "fsx:DescribeSharedVpcConfiguration", "fsx:DescribeSnapshots", "fsx:DescribeStorageVirtualMachines", "fsx:DescribeVolumes", "fsx:ListTagsForResource", "gamelift:ListBuilds", "gamelift:ListFleets", "geo:ListMaps", "glacier:DescribeVault", "glacier:GetDataRetrievalPolicy", "glacier:GetVaultAccessPolicy", "glacier:GetVaultLock", "glacier:ListVaults", "globalaccelerator:DescribeAccelerator", "globalaccelerator:DescribeAcceleratorAttributes", "globalaccelerator:DescribeCrossAccountAttachment", "globalaccelerator:DescribeCustomRoutingAccelerator", "globalaccelerator:DescribeCustomRoutingAcceleratorAttributes", "globalaccelerator:DescribeCustomRoutingEndpointGroup", "globalaccelerator:DescribeCustomRoutingListener", "globalaccelerator:DescribeEndpointGroup", "globalaccelerator:DescribeListener", "globalaccelerator:ListAccelerators", "globalaccelerator:ListByoipCidrs", "globalaccelerator:ListCrossAccountAttachments", "globalaccelerator:ListCrossAccountResourceAccounts", "globalaccelerator:ListCrossAccountResources", "globalaccelerator:ListCustomRoutingAccelerators", "globalaccelerator:ListCustomRoutingEndpointGroups", "globalaccelerator:ListCustomRoutingListeners", "globalaccelerator:ListCustomRoutingPortMappings", "globalaccelerator:ListCustomRoutingPortMappingsByDestination", "globalaccelerator:ListEndpointGroups", "globalaccelerator:ListListeners", "globalaccelerator:ListTagsForResource", "glue:GetCrawlers", "glue:GetDataCatalogEncryptionSettings", "glue:GetDatabases", "glue:GetDevEndpoints", "glue:GetJobs", "glue:GetResourcePolicy", "glue:GetSecurityConfiguration", "glue:GetSecurityConfigurations", "glue:GetTags", "grafana:ListWorkspaces", "greengrass:ListClientDevicesAssociatedWithCoreDevice", "greengrass:ListComponentVersions", "greengrass:ListComponents", "greengrass:ListCoreDevices", "greengrass:ListDeployments", "greengrass:ListEffectiveDeployments", "greengrass:ListInstalledComponents", "greengrass:ListTagsForResource", "greengrass:ListBulkDeploymentDetailedReports", "greengrass:ListBulkDeployments", "greengrass:ListConnectorDefinitionVersions", "greengrass:ListConnectorDefinitions", "greengrass:ListCoreDefinitionVersions", "greengrass:ListCoreDefinitions", "greengrass:ListDeviceDefinitionVersions", "greengrass:ListDeviceDefinitions", "greengrass:ListFunctionDefinitionVersions", "greengrass:ListFunctionDefinitions", "greengrass:ListGroupCertificateAuthorities", "greengrass:ListGroupVersions", "greengrass:ListGroups", "greengrass:ListLoggerDefinitionVersions", "greengrass:ListLoggerDefinitions", "greengrass:ListResourceDefinitionVersions", "greengrass:ListResourceDefinitions", "greengrass:ListSubscriptionDefinitionVersions", "greengrass:ListSubscriptionDefinitions", "guardduty:DescribePublishingDestination", "guardduty:GetAdministratorAccount", "guardduty:GetCoverageStatistics", "guardduty:GetDetector", "guardduty:GetFilter", "guardduty:GetFindings", "guardduty:GetFindingsStatistics", "guardduty:GetIPSet", "guardduty:GetInvitationsCount", "guardduty:GetMalwareScanSettings", "guardduty:GetMasterAccount", "guardduty:GetMemberDetectors", "guardduty:GetMembers", "guardduty:GetOrganizationStatistics", "guardduty:GetRemainingFreeTrialDays", "guardduty:GetThreatIntelSet", "guardduty:GetUsageStatistics", "guardduty:ListCoverage", "guardduty:ListDetectors", "guardduty:ListFilters", "guardduty:ListFindings", "guardduty:ListIPSets", "guardduty:ListInvitations", "guardduty:ListMembers", "guardduty:ListOrganizationAdminAccounts", "guardduty:ListPublishingDestinations", "guardduty:ListTagsForResource", "guardduty:ListThreatIntelSets", "health:DescribeAffectedAccountsForOrganization", "health:DescribeAffectedEntities", "health:DescribeAffectedEntitiesForOrganization", "health:DescribeEntityAggregates", "health:DescribeEventAggregates", "health:DescribeEventDetails", "health:DescribeEventDetailsForOrganization", "health:DescribeEventTypes", "health:DescribeEvents", "health:DescribeEventsForOrganization", "health:DescribeHealthServiceStatusForOrganization", "healthlake:ListFHIRDatastores", "honeycode:ListTables", "iam:GenerateCredentialReport", "iam:GenerateServiceLastAccessedDetails", "iam:GetAccessKeyLastUsed", "iam:GetAccountAuthorizationDetails", "iam:GetAccountEmailAddress", "iam:GetAccountName", "iam:GetAccountPasswordPolicy", "iam:GetAccountSummary", "iam:GetCloudFrontPublicKey", "iam:GetContextKeysForCustomPolicy", "iam:GetContextKeysForPrincipalPolicy", "iam:GetCredentialReport", "iam:GetGroup", "iam:GetGroupPolicy", "iam:GetInstanceProfile", "iam:GetLoginProfile", "iam:GetMFADevice", "iam:GetOpenIDConnectProvider", "iam:GetOrganizationsAccessReport", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:GetRole", "iam:GetRolePolicy", "iam:GetSAMLProvider", "iam:GetSSHPublicKey", "iam:GetServerCertificate", "iam:GetServiceLastAccessedDetails", "iam:GetServiceLastAccessedDetailsWithEntities", "iam:GetServiceLinkedRoleDeletionStatus", "iam:GetUser", "iam:GetUserPolicy", "iam:ListAccessKeys", "iam:ListAccountAliases", "iam:ListAttachedGroupPolicies", "iam:ListAttachedRolePolicies", "iam:ListAttachedUserPolicies", "iam:ListCloudFrontPublicKeys", "iam:ListEntitiesForPolicy", "iam:ListGroupPolicies", "iam:ListGroups", "iam:ListGroupsForUser", "iam:ListInstanceProfileTags", "iam:ListInstanceProfiles", "iam:ListInstanceProfilesForRole", "iam:ListMFADeviceTags", "iam:ListMFADevices", "iam:ListOpenIDConnectProviderTags", "iam:ListOpenIDConnectProviders", "iam:ListPolicies", "iam:ListPoliciesGrantingServiceAccess", "iam:ListPolicyTags", "iam:ListPolicyVersions", "iam:ListRolePolicies", "iam:ListRoleTags", "iam:ListRoles", "iam:ListSAMLProviderTags", "iam:ListSAMLProviders", "iam:ListSSHPublicKeys", "iam:ListSTSRegionalEndpointsStatus", "iam:ListServerCertificateTags", "iam:ListServerCertificates", "iam:ListServiceSpecificCredentials", "iam:ListSigningCertificates", "iam:ListUserPolicies", "iam:ListUserTags", "iam:ListUsers", "iam:ListVirtualMFADevices", "iam:SimulateCustomPolicy", "iam:SimulatePrincipalPolicy", "identitystore:ListGroupMemberships", "identitystore:ListGroupMembershipsForMember", "identitystore:ListGroups", "identitystore:ListUsers", "inspector2:BatchGetAccountStatus", "inspector2:BatchGetFreeTrialInfo", "inspector2:DescribeOrganizationConfiguration", "inspector2:GetConfiguration", "inspector2:GetDelegatedAdminAccount", "inspector2:GetFindingsReportStatus", "inspector2:GetMember", "inspector2:ListAccountPermissions", "inspector2:ListCoverage", "inspector2:ListCoverageStatistics", "inspector2:ListDelegatedAdminAccounts", "inspector2:ListFilters", "inspector2:ListFindingAggregations", "inspector2:ListFindings", "inspector2:ListTagsForResource", "inspector2:ListUsageTotals", "inspector:DescribeAssessmentRuns", "inspector:DescribeAssessmentTargets", "inspector:DescribeAssessmentTemplates", "inspector:DescribeCrossAccountAccessRole", "inspector:DescribeExclusions", "inspector:DescribeFindings", "inspector:DescribeResourceGroups", "inspector:DescribeRulesPackages", "inspector:GetAssessmentReport", "inspector:GetExclusionsPreview", "inspector:GetTelemetryMetadata", "inspector:ListAssessmentRunAgents", "inspector:ListAssessmentRuns", "inspector:ListAssessmentTargets", "inspector:ListAssessmentTemplates", "inspector:ListEventSubscriptions", "inspector:ListExclusions", "inspector:ListFindings", "inspector:ListRulesPackages", "inspector:ListTagsForResource", "inspector:PreviewAgents", "iot:DescribeAccountAuditConfiguration", "iot:DescribeAuditFinding", "iot:DescribeAuditMitigationActionsTask", "iot:DescribeAuditSuppression", "iot:DescribeAuditTask", "iot:DescribeAuthorizer", "iot:DescribeBillingGroup", "iot:DescribeCACertificate", "iot:DescribeCertificate", "iot:DescribeCertificateProvider", "iot:DescribeCustomMetric", "iot:DescribeDefaultAuthorizer", "iot:DescribeDetectMitigationActionsTask", "iot:DescribeDimension", "iot:DescribeDomainConfiguration", "iot:DescribeEndpoint", "iot:DescribeEventConfigurations", "iot:DescribeFleetMetric", "iot:DescribeIndex", "iot:DescribeJob", "iot:DescribeJobExecution", "iot:DescribeJobTemplate", "iot:DescribeManagedJobTemplate", "iot:DescribeMitigationAction", "iot:DescribeProvisioningTemplate", "iot:DescribeProvisioningTemplateVersion", "iot:DescribeRoleAlias", "iot:DescribeScheduledAudit", "iot:DescribeSecurityProfile", "iot:DescribeStream", "iot:DescribeThing", "iot:DescribeThingGroup", "iot:DescribeThingRegistrationTask", "iot:DescribeThingType", "iot:DescribeTunnel", "iot:GetPolicy", "iot:GetPolicyVersion", "iot:ListActiveViolations", "iot:ListAttachedPolicies", "iot:ListAuditFindings", "iot:ListAuditMitigationActionsExecutions", "iot:ListAuditMitigationActionsTasks", "iot:ListAuditSuppressions", "iot:ListAuditTasks", "iot:ListAuthorizers", "iot:ListBillingGroups", "iot:ListCACertificates", "iot:ListCertificateProviders", "iot:ListCertificates", "iot:ListCertificatesByCA", "iot:ListCustomMetrics", "iot:ListDetectMitigationActionsExecutions", "iot:ListDetectMitigationActionsTasks", "iot:ListDimensions", "iot:ListDomainConfigurations", "iot:ListFleetMetrics", "iot:ListIndices", "iot:ListJobExecutionsForJob", "iot:ListJobExecutionsForThing", "iot:ListJobTemplates", "iot:ListJobs", "iot:ListManagedJobTemplates", "iot:ListMetricValues", "iot:ListMitigationActions", "iot:ListNamedShadowsForThing", "iot:ListOTAUpdates", "iot:ListOutgoingCertificates", "iot:ListPackageVersions", "iot:ListPackages", "iot:ListPolicies", "iot:ListPolicyPrincipals", "iot:ListPolicyVersions", "iot:ListPrincipalPolicies", "iot:ListPrincipalThings", "iot:ListProvisioningTemplateVersions", "iot:ListProvisioningTemplates", "iot:ListRelatedResourcesForAuditFinding", "iot:ListRetainedMessages", "iot:ListRoleAliases", "iot:ListScheduledAudits", "iot:ListSecurityProfiles", "iot:ListSecurityProfilesForTarget", "iot:ListStreams", "iot:ListTagsForResource", "iot:ListTargetsForPolicy", "iot:ListTargetsForSecurityProfile", "iot:ListThingGroups", "iot:ListThingGroupsForThing", "iot:ListThingPrincipals", "iot:ListThingRegistrationTaskReports", "iot:ListThingRegistrationTasks", "iot:ListThingTypes", "iot:ListThings", "iot:ListThingsInBillingGroup", "iot:ListThingsInThingGroup", "iot:ListTopicRuleDestinations", "iot:ListTopicRules", "iot:ListTunnels", "iot:ListV2LoggingLevels", "iot:ListViolationEvents", "iotanalytics:ListChannels", "iotevents:ListInputs", "iotfleetwise:ListModelManifests", "iotsitewise:DescribeGatewayCapabilityConfiguration", "iotsitewise:ListAssetModels", "iotsitewise:ListGateways", "iottwinmaker:ListWorkspaces", "kafka-cluster:DescribeCluster", "kafka-cluster:DescribeClusterDynamicConfiguration", "kafka-cluster:DescribeGroup", "kafka-cluster:DescribeTopic", "kafka-cluster:DescribeTopicDynamicConfiguration", "kafka-cluster:DescribeTransactionalId", "kafka:DescribeCluster", "kafka:DescribeClusterOperation", "kafka:DescribeClusterOperationV2", "kafka:DescribeClusterV2", "kafka:DescribeConfiguration", "kafka:DescribeConfigurationRevision", "kafka:DescribeReplicator", "kafka:DescribeVpcConnection", "kafka:GetBootstrapBrokers", "kafka:GetCompatibleKafkaVersions", "kafka:ListClientVpcConnections", "kafka:ListClusterOperations", "kafka:ListClusterOperationsV2", "kafka:ListClusters", "kafka:ListClustersV2", "kafka:ListConfigurationRevisions", "kafka:ListConfigurations", "kafka:ListKafkaVersions", "kafka:ListNodes", "kafka:ListReplicators", "kafka:ListScramSecrets", "kafka:ListTagsForResource", "kafka:ListVpcConnections", "kafkaconnect:DescribeConnector", "kafkaconnect:DescribeCustomPlugin", "kafkaconnect:DescribeWorkerConfiguration", "kafkaconnect:ListConnectors", "kafkaconnect:ListCustomPlugins", "kafkaconnect:ListTagsForResource", "kafkaconnect:ListWorkerConfigurations", "kendra:DescribeIndex", "kendra:ListDataSources", "kendra:ListIndices", "kendra:ListTagsForResource", "kinesis:DescribeLimits", "kinesis:DescribeStream", "kinesis:DescribeStreamConsumer", "kinesis:DescribeStreamSummary", "kinesis:ListShards", "kinesis:ListStreamConsumers", "kinesis:ListStreams", "kinesis:ListTagsForStream", "kinesisanalytics:ListApplications", "kinesisanalytics:ListTagsForResource", "kinesisvideo:DescribeEdgeConfiguration", "kinesisvideo:DescribeMappedResourceConfiguration", "kinesisvideo:DescribeMediaStorageConfiguration", "kinesisvideo:DescribeNotificationConfiguration", "kinesisvideo:DescribeSignalingChannel", "kinesisvideo:DescribeStream", "kinesisvideo:ListSignalingChannels", "kinesisvideo:ListStreams", "kinesisvideo:ListTagsForResource", "kinesisvideo:ListTagsForStream", "kms:DescribeCustomKeyStores", "kms:DescribeKey", "kms:GetKeyPolicy", "kms:GetKeyRotationStatus", "kms:GetParametersForImport", "kms:GetPublicKey", "kms:ListAliases", "kms:ListGrants", "kms:ListKeyPolicies", "kms:ListKeyRotations", "kms:ListKeys", "kms:ListResourceTags", "kms:ListRetirableGrants", "lambda:GetAccountSettings", "lambda:GetFunctionConfiguration", "lambda:GetFunctionEventInvokeConfig", "lambda:GetLayerVersionPolicy", "lambda:GetPolicy", "lambda:ListAliases", "lambda:ListCodeSigningConfigs", "lambda:ListEventSourceMappings", "lambda:ListFunctionEventInvokeConfigs", "lambda:ListFunctionUrlConfigs", "lambda:ListFunctions", "lambda:ListFunctionsByCodeSigningConfig", "lambda:ListLayerVersions", "lambda:ListLayers", "lambda:ListProvisionedConcurrencyConfigs", "lambda:ListTags", "lambda:ListVersionsByFunction", "lex:DescribeBot", "lex:DescribeResourcePolicy", "lex:ListBots", "license-manager:ListAssociationsForLicenseConfiguration", "license-manager:ListDistributedGrants", "license-manager:ListFailuresForLicenseConfigurationOperations", "license-manager:ListLicenseConfigurations", "license-manager:ListLicenseConversionTasks", "license-manager:ListLicenseManagerReportGenerators", "license-manager:ListLicenseSpecificationsForResource", "license-manager:ListLicenseVersions", "license-manager:ListLicenses", "license-manager:ListReceivedGrants", "license-manager:ListReceivedGrantsForOrganization", "license-manager:ListReceivedLicenses", "license-manager:ListReceivedLicensesForOrganization", "license-manager:ListResourceInventory", "license-manager:ListTagsForResource", "license-manager:ListTokens", "license-manager:ListUsageForLicenseConfiguration", "lightsail:GetBuckets", "lightsail:GetContainerServices", "lightsail:GetDiskSnapshots", "lightsail:GetDisks", "lightsail:GetInstances", "lightsail:GetLoadBalancers", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:ListTagsForResource", "logs:ListTagsLogGroup", "lookoutequipment:ListDatasets", "lookoutmetrics:ListAnomalyDetectors", "lookoutvision:ListProjects", "machinelearning:DescribeMLModels", "macie2:ListFindings", "managedblockchain:ListNetworks", "mechanicalturk:ListHITs", "mediaconnect:DescribeBridge", "mediaconnect:DescribeFlow", "mediaconnect:DescribeFlowSourceMetadata", "mediaconnect:DescribeGateway", "mediaconnect:DescribeGatewayInstance", "mediaconnect:DescribeOffering", "mediaconnect:DescribeReservation", "mediaconnect:ListBridges", "mediaconnect:ListEntitlements", "mediaconnect:ListFlows", "mediaconnect:ListGatewayInstances", "mediaconnect:ListGateways", "mediaconnect:ListOfferings", "mediaconnect:ListReservations", "mediaconnect:ListTagsForResource", "medialive:ListChannels", "mediapackage-vod:DescribePackagingGroup", "mediapackage-vod:ListPackagingGroups", "mediapackage:DescribeOriginEndpoint", "mediapackage:ListOriginEndpoints", "mediastore:GetContainerPolicy", "mediastore:GetCorsPolicy", "mediastore:ListContainers", "memorydb:DescribeClusters", "mq:DescribeBroker", "mq:DescribeBrokerEngineTypes", "mq:DescribeBrokerInstanceOptions", "mq:DescribeConfiguration", "mq:DescribeConfigurationRevision", "mq:DescribeUser", "mq:ListBrokers", "mq:ListConfigurationRevisions", "mq:ListConfigurations", "mq:ListTags", "mq:ListUsers", "network-firewall:DescribeFirewall", "network-firewall:DescribeFirewallPolicy", "network-firewall:DescribeLoggingConfiguration", "network-firewall:DescribeResourcePolicy", "network-firewall:DescribeRuleGroup", "network-firewall:ListFirewallPolicies", "network-firewall:ListFirewalls", "network-firewall:ListRuleGroups", "networkmanager:DescribeGlobalNetworks", "nimble:ListStudios", "opsworks-cm:DescribeServers", "opsworks:DescribeStacks", "organizations:DescribeAccount", "organizations:DescribeCreateAccountStatus", "organizations:DescribeEffectivePolicy", "organizations:DescribeHandshake", "organizations:DescribeOrganization", "organizations:DescribeOrganizationalUnit", "organizations:DescribePolicy", "organizations:DescribeResourcePolicy", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListAccounts", "organizations:ListAccountsForParent", "organizations:ListChildren", "organizations:ListCreateAccountStatus", "organizations:ListDelegatedAdministrators", "organizations:ListDelegatedServicesForAccount", "organizations:ListHandshakesForAccount", "organizations:ListHandshakesForOrganization", "organizations:ListOrganizationalUnitsForParent", "organizations:ListParents", "organizations:ListPolicies", "organizations:ListPoliciesForTarget", "organizations:ListRoots", "organizations:ListTagsForResource", "organizations:ListTargetsForPolicy", "personalize:DescribeDatasetGroup", "personalize:ListDatasetGroups", "private-networks:ListNetworks", "profile:GetDomain", "profile:ListDomains", "profile:ListIntegrations", "qldb:DescribeJournalS3Export", "qldb:DescribeLedger", "qldb:ListJournalS3Exports", "qldb:ListJournalS3ExportsForLedger", "qldb:ListLedgers", "quicksight:DescribeAccountCustomization", "quicksight:DescribeAccountSettings", "quicksight:DescribeAccountSubscription", "quicksight:DescribeAnalysis", "quicksight:DescribeAnalysisPermissions", "quicksight:DescribeAssetBundleExportJob", "quicksight:DescribeAssetBundleImportJob", "quicksight:DescribeCustomPermissions", "quicksight:DescribeDashboard", "quicksight:DescribeDashboardPermissions", "quicksight:DescribeDashboardSnapshotJob", "quicksight:DescribeDashboardSnapshotJobResult", "quicksight:DescribeDataSet", "quicksight:DescribeDataSetPermissions", "quicksight:DescribeDataSetRefreshProperties", "quicksight:DescribeDataSource", "quicksight:DescribeDataSourcePermissions", "quicksight:DescribeEmailCustomizationTemplate", "quicksight:DescribeFolder", "quicksight:DescribeFolderPermissions", "quicksight:DescribeFolderResolvedPermissions", "quicksight:DescribeGroup", "quicksight:DescribeGroupMembership", "quicksight:DescribeIAMPolicyAssignment", "quicksight:DescribeIngestion", "quicksight:DescribeIpRestriction", "quicksight:DescribeNamespace", "quicksight:DescribeRefreshSchedule", "quicksight:DescribeRoleCustomPermission", "quicksight:DescribeTemplate", "quicksight:DescribeTemplateAlias", "quicksight:DescribeTemplatePermissions", "quicksight:DescribeTheme", "quicksight:DescribeThemeAlias", "quicksight:DescribeThemePermissions", "quicksight:DescribeTopic", "quicksight:DescribeTopicPermissions", "quicksight:DescribeTopicRefresh", "quicksight:DescribeTopicRefreshSchedule", "quicksight:DescribeUser", "quicksight:DescribeVPCConnection", "quicksight:ListAnalyses", "quicksight:ListAssetBundleExportJobs", "quicksight:ListAssetBundleImportJobs", "quicksight:ListCustomPermissions", "quicksight:ListCustomerManagedKeys", "quicksight:ListDashboardVersions", "quicksight:ListDashboards", "quicksight:ListDataSets", "quicksight:ListDataSources", "quicksight:ListFolderMembers", "quicksight:ListFolders", "quicksight:ListGroupMemberships", "quicksight:ListGroups", "quicksight:ListIAMPolicyAssignments", "quicksight:ListIAMPolicyAssignmentsForUser", "quicksight:ListIdentityPropagationConfigs", "quicksight:ListIngestions", "quicksight:ListKMSKeysForUser", "quicksight:ListNamespaces", "quicksight:ListRefreshSchedules", "quicksight:ListRoleMemberships", "quicksight:ListTagsForResource", "quicksight:ListTemplateAliases", "quicksight:ListTemplateVersions", "quicksight:ListTemplates", "quicksight:ListThemeAliases", "quicksight:ListThemeVersions", "quicksight:ListThemes", "quicksight:ListTopicRefreshSchedules", "quicksight:ListTopics", "quicksight:ListUserGroups", "quicksight:ListUsers", "quicksight:ListVPCConnections", "ram:GetResourceShares", "ram:ListPendingInvitationResources", "ram:ListPermissionAssociations", "ram:ListPermissionVersions", "ram:ListPermissions", "ram:ListPrincipals", "ram:ListReplacePermissionAssociationsWork", "ram:ListResourceSharePermissions", "ram:ListResourceTypes", "ram:ListResources", "rds:DescribeAccountAttributes", "rds:DescribeBlueGreenDeployments", "rds:DescribeCertificates", "rds:DescribeDBClusterAutomatedBackups", "rds:DescribeDBClusterBacktracks", "rds:DescribeDBClusterEndpoints", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBProxies", "rds:DescribeDBProxyEndpoints", "rds:DescribeDBProxyTargetGroups", "rds:DescribeDBProxyTargets", "rds:DescribeDBRecommendations", "rds:DescribeDBSecurityGroups", "rds:DescribeDBShardGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeDbSnapshotTenantDatabases", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeExportTasks", "rds:DescribeGlobalClusters", "rds:DescribeIntegrations", "rds:DescribeOptionGroupOptions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeRecommendationGroups", "rds:DescribeRecommendations", "rds:DescribeReservedDBInstances", "rds:DescribeReservedDBInstancesOfferings", "rds:DescribeSourceRegions", "rds:DescribeTenantDatabases", "rds:DescribeValidDBInstanceModifications", "rds:DownloadDBLogFilePortion", "rds:ListTagsForResource", "redshift-serverless:GetNamespace", "redshift-serverless:ListTagsForResource", "redshift-serverless:ListWorkgroups", "redshift:DescribeAccountAttributes", "redshift:DescribeAuthenticationProfiles", "redshift:DescribeClusterDbRevisions", "redshift:DescribeClusterParameterGroups", "redshift:DescribeClusterParameters", "redshift:DescribeClusterSecurityGroups", "redshift:DescribeClusterSnapshots", "redshift:DescribeClusterSubnetGroups", "redshift:DescribeClusterTracks", "redshift:DescribeClusterVersions", "redshift:DescribeClusters", "redshift:DescribeCustomDomainAssociations", "redshift:DescribeDataShares", "redshift:DescribeDataSharesForConsumer", "redshift:DescribeDataSharesForProducer", "redshift:DescribeDefaultClusterParameters", "redshift:DescribeEndpointAccess", "redshift:DescribeEndpointAuthorization", "redshift:DescribeEventCategories", "redshift:DescribeEventSubscriptions", "redshift:DescribeEvents", "redshift:DescribeHsmClientCertificates", "redshift:DescribeHsmConfigurations", "redshift:DescribeInboundIntegrations", "redshift:DescribeLoggingStatus", "redshift:DescribeNodeConfigurationOptions", "redshift:DescribeOrderableClusterOptions", "redshift:DescribePartners", "redshift:DescribeQev2IdcApplications", "redshift:DescribeQuery", "redshift:DescribeRedshiftIdcApplications", "redshift:DescribeReservedNodeExchangeStatus", "redshift:DescribeReservedNodeOfferings", "redshift:DescribeReservedNodes", "redshift:DescribeResize", "redshift:DescribeSavedQueries", "redshift:DescribeScheduledActions", "redshift:DescribeSnapshotCopyGrants", "redshift:DescribeSnapshotSchedules", "redshift:DescribeStorage", "redshift:DescribeTable", "redshift:DescribeTableRestoreStatus", "redshift:DescribeTags", "redshift:DescribeUsageLimits", "rekognition:DescribeCollection", "rekognition:DescribeDataset", "rekognition:DescribeProjectVersions", "rekognition:DescribeProjects", "rekognition:DescribeStreamProcessor", "rekognition:ListCollections", "rekognition:ListDatasetEntries", "rekognition:ListDatasetLabels", "rekognition:ListFaces", "rekognition:ListMediaAnalysisJobs", "rekognition:ListProjectPolicies", "rekognition:ListStreamProcessors", "rekognition:ListTagsForResource", "rekognition:ListUsers", "resource-groups:ListGroupResources", "robomaker:DescribeDeploymentJob", "robomaker:DescribeFleet", "robomaker:DescribeRobot", "robomaker:DescribeRobotApplication", "robomaker:DescribeSimulationApplication", "robomaker:DescribeSimulationJob", "robomaker:DescribeSimulationJobBatch", "robomaker:DescribeWorld", "robomaker:DescribeWorldExportJob", "robomaker:DescribeWorldGenerationJob", "robomaker:DescribeWorldTemplate", "robomaker:ListDeploymentJobs", "robomaker:ListFleets", "robomaker:ListRobotApplications", "robomaker:ListRobots", "robomaker:ListSimulationApplications", "robomaker:ListSimulationJobBatches", "robomaker:ListSimulationJobs", "robomaker:ListSupportedAvailabilityZones", "robomaker:ListTagsForResource", "robomaker:ListWorldExportJobs", "robomaker:ListWorldGenerationJobs", "robomaker:ListWorldTemplates", "robomaker:ListWorlds", "route53:GetAccountLimit", "route53:GetChange", "route53:GetCheckerIpRanges", "route53:GetDNSSEC", "route53:GetGeoLocation", "route53:GetHealthCheck", "route53:GetHealthCheckCount", "route53:GetHealthCheckLastFailureReason", "route53:GetHealthCheckStatus", "route53:GetHostedZone", "route53:GetHostedZoneCount", "route53:GetHostedZoneLimit", "route53:GetQueryLoggingConfig", "route53:GetReusableDelegationSet", "route53:GetReusableDelegationSetLimit", "route53:GetTrafficPolicy", "route53:GetTrafficPolicyInstance", "route53:GetTrafficPolicyInstanceCount", "route53:ListCidrBlocks", "route53:ListCidrCollections", "route53:ListCidrLocations", "route53:ListGeoLocations", "route53:ListHealthChecks", "route53:ListHostedZones", "route53:ListHostedZonesByName", "route53:ListHostedZonesByVPC", "route53:ListQueryLoggingConfigs", "route53:ListResourceRecordSets", "route53:ListReusableDelegationSets", "route53:ListTagsForResource", "route53:ListTagsForResources", "route53:ListTrafficPolicies", "route53:ListTrafficPolicyInstances", "route53:ListTrafficPolicyInstancesByHostedZone", "route53:ListTrafficPolicyInstancesByPolicy", "route53:ListTrafficPolicyVersions", "route53:ListVPCAssociationAuthorizations", "route53domains:GetDomainDetail", "route53domains:GetOperationDetail", "route53domains:ListDomains", "route53domains:ListOperations", "route53domains:ListTagsForDomain", "route53resolver:GetFirewallConfig", "route53resolver:GetFirewallDomainList", "route53resolver:GetFirewallRuleGroup", "route53resolver:GetFirewallRuleGroupAssociation", "route53resolver:GetFirewallRuleGroupPolicy", "route53resolver:GetOutpostResolver", "route53resolver:GetResolverConfig", "route53resolver:GetResolverDnssecConfig", "route53resolver:GetResolverEndpoint", "route53resolver:GetResolverQueryLogConfig", "route53resolver:GetResolverQueryLogConfigAssociation", "route53resolver:GetResolverQueryLogConfigPolicy", "route53resolver:GetResolverRule", "route53resolver:GetResolverRuleAssociation", "route53resolver:GetResolverRulePolicy", "route53resolver:ListFirewallConfigs", "route53resolver:ListFirewallDomainLists", "route53resolver:ListFirewallDomains", "route53resolver:ListFirewallRuleGroupAssociations", "route53resolver:ListFirewallRuleGroups", "route53resolver:ListFirewallRules", "route53resolver:ListOutpostResolvers", "route53resolver:ListResolverConfigs", "route53resolver:ListResolverDnssecConfigs", "route53resolver:ListResolverEndpointIpAddresses", "route53resolver:ListResolverEndpoints", "route53resolver:ListResolverQueryLogConfigAssociations", "route53resolver:ListResolverQueryLogConfigs", "route53resolver:ListResolverRuleAssociations", "route53resolver:ListResolverRules", "route53resolver:ListTagsForResource", "s3-outposts:ListEndpoints", "s3-outposts:ListOutpostsWithS3", "s3-outposts:ListSharedEndpoints", "s3:GetAccelerateConfiguration", "s3:GetAccessPoint", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyStatus", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetEncryptionConfiguration", "s3:GetInventoryConfiguration", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPointPolicy", "s3:GetObjectAcl", "s3:GetObjectVersionAcl", "s3:GetReplicationConfiguration", "s3:ListAccessPoints", "s3:ListAllMyBuckets", "s3:ListMultiRegionAccessPoints", "sagemaker:DescribeAction", "sagemaker:DescribeAlgorithm", "sagemaker:DescribeApp", "sagemaker:DescribeAppImageConfig", "sagemaker:DescribeArtifact", "sagemaker:DescribeAutoMLJob", "sagemaker:DescribeAutoMLJobV2", "sagemaker:DescribeCluster", "sagemaker:DescribeClusterNode", "sagemaker:DescribeCodeRepository", "sagemaker:DescribeCompilationJob", "sagemaker:DescribeContext", "sagemaker:DescribeDataQualityJobDefinition", "sagemaker:DescribeDevice", "sagemaker:DescribeDeviceFleet", "sagemaker:DescribeDomain", "sagemaker:DescribeEdgeDeploymentPlan", "sagemaker:DescribeEdgePackagingJob", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeExperiment", "sagemaker:DescribeFeatureGroup", "sagemaker:DescribeFeatureMetadata", "sagemaker:DescribeFlowDefinition", "sagemaker:DescribeHub", "sagemaker:DescribeHubContent", "sagemaker:DescribeHumanLoop", "sagemaker:DescribeHumanTaskUi", "sagemaker:DescribeHyperParameterTuningJob", "sagemaker:DescribeImage", "sagemaker:DescribeImageVersion", "sagemaker:DescribeInferenceComponent", "sagemaker:DescribeInferenceExperiment", "sagemaker:DescribeInferenceRecommendationsJob", "sagemaker:DescribeLabelingJob", "sagemaker:DescribeLineageGroup", "sagemaker:DescribeModel", "sagemaker:DescribeModelBiasJobDefinition", "sagemaker:DescribeModelCard", "sagemaker:DescribeModelCardExportJob", "sagemaker:DescribeModelExplainabilityJobDefinition", "sagemaker:DescribeModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:DescribeModelQualityJobDefinition", "sagemaker:DescribeMonitoringSchedule", "sagemaker:DescribeNotebookInstance", "sagemaker:DescribeNotebookInstanceLifecycleConfig", "sagemaker:DescribePipeline", "sagemaker:DescribePipelineDefinitionForExecution", "sagemaker:DescribePipelineExecution", "sagemaker:DescribeProcessingJob", "sagemaker:DescribeProject", "sagemaker:DescribeSharedModel", "sagemaker:DescribeSpace", "sagemaker:DescribeStudioLifecycleConfig", "sagemaker:DescribeSubscribedWorkteam", "sagemaker:DescribeTrainingJob", "sagemaker:DescribeTransformJob", "sagemaker:DescribeTrial", "sagemaker:DescribeTrialComponent", "sagemaker:DescribeUserProfile", "sagemaker:DescribeWorkforce", "sagemaker:DescribeWorkteam", "sagemaker:ListActions", "sagemaker:ListAlgorithms", "sagemaker:ListAliases", "sagemaker:ListAppImageConfigs", "sagemaker:ListApps", "sagemaker:ListArtifacts", "sagemaker:ListAssociations", "sagemaker:ListAutoMLJobs", "sagemaker:ListCandidatesForAutoMLJob", "sagemaker:ListClusterNodes", "sagemaker:ListClusters", "sagemaker:ListCodeRepositories", "sagemaker:ListCompilationJobs", "sagemaker:ListContexts", "sagemaker:ListDataQualityJobDefinitions", "sagemaker:ListDeviceFleets", "sagemaker:ListDevices", "sagemaker:ListDomains", "sagemaker:ListEdgeDeploymentPlans", "sagemaker:ListEdgePackagingJobs", "sagemaker:ListEndpointConfigs", "sagemaker:ListEndpoints", "sagemaker:ListExperiments", "sagemaker:ListFeatureGroups", "sagemaker:ListFlowDefinitions", "sagemaker:ListHubContentVersions", "sagemaker:ListHubContents", "sagemaker:ListHubs", "sagemaker:ListHumanLoops", "sagemaker:ListHumanTaskUis", "sagemaker:ListHyperParameterTuningJobs", "sagemaker:ListImageVersions", "sagemaker:ListImages", "sagemaker:ListInferenceComponents", "sagemaker:ListInferenceExperiments", "sagemaker:ListInferenceRecommendationsJobSteps", "sagemaker:ListInferenceRecommendationsJobs", "sagemaker:ListLabelingJobs", "sagemaker:ListLabelingJobsForWorkteam", "sagemaker:ListLineageGroups", "sagemaker:ListModelBiasJobDefinitions", "sagemaker:ListModelCardExportJobs", "sagemaker:ListModelCardVersions", "sagemaker:ListModelCards", "sagemaker:ListModelExplainabilityJobDefinitions", "sagemaker:ListModelMetadata", "sagemaker:ListModelPackageGroups", "sagemaker:ListModelPackages", "sagemaker:ListModelQualityJobDefinitions", "sagemaker:ListModels", "sagemaker:ListMonitoringAlertHistory", "sagemaker:ListMonitoringAlerts", "sagemaker:ListMonitoringExecutions", "sagemaker:ListMonitoringSchedules", "sagemaker:ListNotebookInstanceLifecycleConfigs", "sagemaker:ListNotebookInstances", "sagemaker:ListPipelineExecutionSteps", "sagemaker:ListPipelineExecutions", "sagemaker:ListPipelineParametersForExecution", "sagemaker:ListPipelines", "sagemaker:ListProcessingJobs", "sagemaker:ListProjects", "sagemaker:ListResourceCatalogs", "sagemaker:ListSharedModelEvents", "sagemaker:ListSharedModelVersions", "sagemaker:ListSharedModels", "sagemaker:ListSpaces", "sagemaker:ListStageDevices", "sagemaker:ListStudioLifecycleConfigs", "sagemaker:ListSubscribedWorkteams", "sagemaker:ListTags", "sagemaker:ListTrainingJobs", "sagemaker:ListTrainingJobsForHyperParameterTuningJob", "sagemaker:ListTransformJobs", "sagemaker:ListTrialComponents", "sagemaker:ListTrials", "sagemaker:ListUserProfiles", "sagemaker:ListWorkforces", "sagemaker:ListWorkteams", "schemas:DescribeCodeBinding", "schemas:DescribeDiscoverer", "schemas:DescribeRegistry", "schemas:DescribeSchema", "schemas:GetResourcePolicy", "schemas:ListDiscoverers", "schemas:ListRegistries", "schemas:ListSchemaVersions", "schemas:ListSchemas", "schemas:ListTagsForResource", "sdb:DomainMetadata", "sdb:ListDomains", "secretsmanager:DescribeSecret", "secretsmanager:GetResourcePolicy", "secretsmanager:ListSecretVersionIds", "secretsmanager:ListSecrets", "securityhub:DescribeActionTargets", "securityhub:DescribeHub", "securityhub:DescribeOrganizationConfiguration", "securityhub:DescribeProducts", "securityhub:DescribeStandards", "securityhub:DescribeStandardsControls", "securityhub:GetAdhocInsightResults", "securityhub:GetAdministratorAccount", "securityhub:GetConfigurationPolicy", "securityhub:GetConfigurationPolicyAssociation", "securityhub:GetControlFindingSummary", "securityhub:GetEnabledStandards", "securityhub:GetFindingAggregator", "securityhub:GetFindingHistory", "securityhub:GetFindings", "securityhub:GetFreeTrialEndDate", "securityhub:GetFreeTrialUsage", "securityhub:GetInsightFindingTrend", "securityhub:GetInsightResults", "securityhub:GetInsights", "securityhub:GetInvitationsCount", "securityhub:GetMasterAccount", "securityhub:GetMembers", "securityhub:GetSecurityControlDefinition", "securityhub:GetUsage", "securityhub:ListAutomationRules", "securityhub:ListConfigurationPolicies", "securityhub:ListConfigurationPolicyAssociations", "securityhub:ListControlEvaluationSummaries", "securityhub:ListEnabledProductsForImport", "securityhub:ListFindingAggregators", "securityhub:ListInvitations", "securityhub:ListMembers", "securityhub:ListOrganizationAdminAccounts", "securityhub:ListSecurityControlDefinitions", "securityhub:ListStandardsControlAssociations", "securityhub:ListTagsForResource", "serverlessrepo:GetApplicationPolicy", "serverlessrepo:ListApplicationDependencies", "serverlessrepo:ListApplicationVersions", "serverlessrepo:ListApplications", "servicequotas:GetAWSDefaultServiceQuota", "servicequotas:GetAssociationForServiceQuotaTemplate", "servicequotas:GetRequestedServiceQuotaChange", "servicequotas:GetServiceQuota", "servicequotas:GetServiceQuotaIncreaseRequestFromTemplate", "servicequotas:ListAWSDefaultServiceQuotas", "servicequotas:ListRequestedServiceQuotaChangeHistory", "servicequotas:ListRequestedServiceQuotaChangeHistoryByQuota", "servicequotas:ListServiceQuotaIncreaseRequestsInTemplate", "servicequotas:ListServiceQuotas", "servicequotas:ListServices", "servicequotas:ListTagsForResource", "ses:DescribeActiveReceiptRuleSet", "ses:DescribeConfigurationSet", "ses:DescribeReceiptRule", "ses:DescribeReceiptRuleSet", "ses:GetAccount", "ses:GetAccountSendingEnabled", "ses:GetConfigurationSet", "ses:GetConfigurationSetEventDestinations", "ses:GetDedicatedIps", "ses:GetEmailIdentity", "ses:GetIdentityDkimAttributes", "ses:GetIdentityPolicies", "ses:GetIdentityVerificationAttributes", "ses:ListConfigurationSets", "ses:ListDedicatedIpPools", "ses:ListIdentities", "ses:ListIdentityPolicies", "ses:ListReceiptFilters", "ses:ListReceiptRuleSets", "ses:ListVerifiedEmailAddresses", "shield:DescribeAttack", "shield:DescribeAttackStatistics", "shield:DescribeDRTAccess", "shield:DescribeEmergencyContactSettings", "shield:DescribeProtection", "shield:DescribeProtectionGroup", "shield:DescribeSubscription", "shield:GetSubscriptionState", "shield:ListAttacks", "shield:ListProtectionGroups", "shield:ListProtections", "shield:ListResourcesInProtectionGroup", "shield:ListTagsForResource", "snowball:ListClusters", "snowball:ListJobs", "sns:GetPlatformApplicationAttributes", "sns:GetTopicAttributes", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "sqs:GetQueueAttributes", "sqs:ListDeadLetterSourceQueues", "sqs:ListQueueTags", "sqs:ListQueues", "ssm:DescribeActivations", "ssm:DescribeAssociation", "ssm:DescribeAssociationExecutionTargets", "ssm:DescribeAssociationExecutions", "ssm:DescribeAutomationExecutions", "ssm:DescribeAutomationStepExecutions", "ssm:DescribeAvailablePatches", "ssm:DescribeDocument", "ssm:DescribeDocumentParameters", "ssm:DescribeDocumentPermission", "ssm:DescribeEffectiveInstanceAssociations", "ssm:DescribeEffectivePatchesForPatchBaseline", "ssm:DescribeInstanceAssociationsStatus", "ssm:DescribeInstanceInformation", "ssm:DescribeInstancePatchStates", "ssm:DescribeInstancePatchStatesForPatchGroup", "ssm:DescribeInstancePatches", "ssm:DescribeInstanceProperties", "ssm:DescribeInventoryDeletions", "ssm:DescribeMaintenanceWindowExecutionTaskInvocations", "ssm:DescribeMaintenanceWindowExecutionTasks", "ssm:DescribeMaintenanceWindowExecutions", "ssm:DescribeMaintenanceWindowSchedule", "ssm:DescribeMaintenanceWindowTargets", "ssm:DescribeMaintenanceWindowTasks", "ssm:DescribeMaintenanceWindows", "ssm:DescribeMaintenanceWindowsForTarget", "ssm:DescribeOpsItems", "ssm:DescribeParameters", "ssm:DescribePatchBaselines", "ssm:DescribePatchGroupState", "ssm:DescribePatchGroups", "ssm:DescribePatchProperties", "ssm:DescribeSessions", "ssm:GetAutomationExecution", "ssm:GetServiceSetting", "ssm:ListAssociationVersions", "ssm:ListAssociations", "ssm:ListCommands", "ssm:ListComplianceItems", "ssm:ListComplianceSummaries", "ssm:ListDocumentMetadataHistory", "ssm:ListDocumentVersions", "ssm:ListDocuments", "ssm:ListInventoryEntries", "ssm:ListOpsMetadata", "ssm:ListResourceComplianceSummaries", "ssm:ListResourceDataSync", "ssm:ListTagsForResource", "sso:DescribeAccountAssignmentCreationStatus", "sso:DescribePermissionSet", "sso:DescribePermissionsPolicies", "sso:ListAccountAssignmentCreationStatus", "sso:ListAccountAssignmentDeletionStatus", "sso:ListAccountAssignments", "sso:ListAccountAssignmentsForPrincipal", "sso:ListAccountsForProvisionedPermissionSet", "sso:ListApplicationAccessScopes", "sso:ListApplicationAssignments", "sso:ListApplicationAssignmentsForPrincipal", "sso:ListApplicationAuthenticationMethods", "sso:ListApplicationGrants", "sso:ListApplicationInstanceCertificates", "sso:ListApplicationInstances", "sso:ListApplicationProviders", "sso:ListApplicationTemplates", "sso:ListApplications", "sso:ListCustomerManagedPolicyReferencesInPermissionSet", "sso:ListDirectoryAssociations", "sso:ListInstances", "sso:ListManagedPoliciesInPermissionSet", "sso:ListPermissionSetProvisioningStatus", "sso:ListPermissionSets", "sso:ListPermissionSetsProvisionedToAccount", "sso:ListProfileAssociations", "sso:ListProfiles", "sso:ListTagsForResource", "sso:ListTrustedTokenIssuers", "states:DescribeStateMachine", "states:ListStateMachines", "storagegateway:DescribeBandwidthRateLimit", "storagegateway:DescribeCache", "storagegateway:DescribeCachediSCSIVolumes", "storagegateway:DescribeGatewayInformation", "storagegateway:DescribeMaintenanceStartTime", "storagegateway:DescribeNFSFileShares", "storagegateway:DescribeSnapshotSchedule", "storagegateway:DescribeStorediSCSIVolumes", "storagegateway:DescribeTapeArchives", "storagegateway:DescribeTapeRecoveryPoints", "storagegateway:DescribeTapes", "storagegateway:DescribeUploadBuffer", "storagegateway:DescribeVTLDevices", "storagegateway:DescribeWorkingStorage", "storagegateway:ListAutomaticTapeCreationPolicies", "storagegateway:ListFileShares", "storagegateway:ListFileSystemAssociations", "storagegateway:ListGateways", "storagegateway:ListLocalDisks", "storagegateway:ListTagsForResource", "storagegateway:ListTapePools", "storagegateway:ListTapes", "storagegateway:ListVolumeInitiators", "storagegateway:ListVolumeRecoveryPoints", "storagegateway:ListVolumes", "sts:GetAccessKeyInfo", "support:DescribeTrustedAdvisorCheckRefreshStatuses", "support:DescribeTrustedAdvisorCheckResult", "support:DescribeTrustedAdvisorCheckSummaries", "support:DescribeTrustedAdvisorChecks", "synthetics:DescribeCanaries", "synthetics:DescribeCanariesLastRun", "synthetics:DescribeRuntimeVersions", "synthetics:GetCanary", "synthetics:GetCanaryRuns", "synthetics:GetGroup", "synthetics:ListAssociatedGroups", "synthetics:ListGroupResources", "synthetics:ListGroups", "synthetics:ListTagsForResource", "tag:GetResources", "tag:GetTagKeys", "transcribe:GetCallAnalyticsCategory", "transcribe:GetMedicalVocabulary", "transcribe:GetVocabulary", "transcribe:GetVocabularyFilter", "transcribe:ListCallAnalyticsCategories", "transcribe:ListCallAnalyticsJobs", "transcribe:ListLanguageModels", "transcribe:ListMedicalTranscriptionJobs", "transcribe:ListMedicalVocabularies", "transcribe:ListTagsForResource", "transcribe:ListTranscriptionJobs", "transcribe:ListVocabularies", "transcribe:ListVocabularyFilters", "transfer:DescribeAccess", "transfer:DescribeAgreement", "transfer:DescribeCertificate", "transfer:DescribeConnector", "transfer:DescribeExecution", "transfer:DescribeHostKey", "transfer:DescribeProfile", "transfer:DescribeSecurityPolicy", "transfer:DescribeServer", "transfer:DescribeUser", "transfer:DescribeWorkflow", "transfer:ListAccesses", "transfer:ListAgreements", "transfer:ListCertificates", "transfer:ListConnectors", "transfer:ListExecutions", "transfer:ListHostKeys", "transfer:ListProfiles", "transfer:ListSecurityPolicies", "transfer:ListServers", "transfer:ListTagsForResource", "transfer:ListUsers", "transfer:ListWorkflows", "translate:ListLanguages", "translate:ListParallelData", "translate:ListTagsForResource", "translate:ListTerminologies", "translate:ListTextTranslationJobs", "trustedadvisor:DescribeAccount", "trustedadvisor:DescribeAccountAccess", "trustedadvisor:DescribeCheckItems", "trustedadvisor:DescribeCheckRefreshStatuses", "trustedadvisor:DescribeCheckStatusHistoryChanges", "trustedadvisor:DescribeCheckSummaries", "trustedadvisor:DescribeChecks", "trustedadvisor:DescribeNotificationConfigurations", "trustedadvisor:DescribeNotificationPreferences", "trustedadvisor:DescribeOrganization", "trustedadvisor:DescribeOrganizationAccounts", "trustedadvisor:DescribeReports", "trustedadvisor:DescribeRisk", "trustedadvisor:DescribeRiskResources", "trustedadvisor:DescribeRisks", "trustedadvisor:DescribeServiceMetadata", "voiceid:DescribeDomain", "waf-regional:GetWebACL", "waf-regional:ListResourcesForWebACL", "waf-regional:ListTagsForResource", "waf-regional:ListWebACLs", "waf:GetWebACL", "waf:ListTagsForResource", "waf:ListWebACLs", "wafv2:GetLoggingConfiguration", "wafv2:GetWebACL", "wafv2:GetWebACLForResource", "wafv2:ListAvailableManagedRuleGroups", "wafv2:ListIPSets", "wafv2:ListLoggingConfigurations", "wafv2:ListRegexPatternSets", "wafv2:ListResourcesForWebACL", "wafv2:ListRuleGroups", "wafv2:ListTagsForResource", "wafv2:ListWebACLs", "wisdom:GetAssistant", "workdocs:DescribeResourcePermissions", "workspaces:DescribeAccount", "workspaces:DescribeAccountModifications", "workspaces:DescribeApplicationAssociations", "workspaces:DescribeApplications", "workspaces:DescribeBundleAssociations", "workspaces:DescribeClientBranding", "workspaces:DescribeClientProperties", "workspaces:DescribeConnectClientAddIns", "workspaces:DescribeConnectionAliasPermissions", "workspaces:DescribeConnectionAliases", "workspaces:DescribeImageAssociations", "workspaces:DescribeIpGroups", "workspaces:DescribeTags", "workspaces:DescribeWorkspaceAssociations", "workspaces:DescribeWorkspaceBundles", "workspaces:DescribeWorkspaceDirectories", "workspaces:DescribeWorkspaceImagePermissions", "workspaces:DescribeWorkspaceImages", "workspaces:DescribeWorkspaceSnapshots", "workspaces:DescribeWorkspaces", "workspaces:DescribeWorkspacesConnectionStatus", "xray:GetEncryptionConfig", "xray:GetGroup", "xray:GetGroups", "xray:GetSamplingRules", "xray:GetSamplingTargets", "xray:GetTraceSummaries", "xray:ListTagsForResource", "apigateway:GET" ], "malformed": false, "name": "SecurityAudit", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-05T17:32:58+00:00", "version": "v42" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSRoboMakerServicePolicy", "createdate": "2021-11-11T22:23:45Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ec2:CreateNetworkInterfacePermission", "ec2:DescribeNetworkInterfaces", "ec2:DeleteNetworkInterface", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeSecurityGroups", "greengrass:CreateDeployment", "greengrass:CreateGroupVersion", "greengrass:CreateFunctionDefinition", "greengrass:CreateFunctionDefinitionVersion", "greengrass:GetDeploymentStatus", "greengrass:GetGroup", "greengrass:GetGroupVersion", "greengrass:GetCoreDefinitionVersion", "greengrass:GetFunctionDefinitionVersion", "greengrass:GetAssociatedRole", "lambda:CreateFunction", "robomaker:CreateSimulationJob", "robomaker:CancelSimulationJob", "robomaker:TagResource", "lambda:UpdateFunctionCode", "lambda:GetFunction", "lambda:UpdateFunctionConfiguration", "lambda:DeleteFunction", "lambda:ListVersionsByFunction", "lambda:GetAlias", "lambda:UpdateAlias", "lambda:CreateAlias", "lambda:DeleteAlias", "iam:PassRole" ], "malformed": false, "name": "AWSRoboMakerServicePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-11-11T22:23:45+00:00", "version": "v6" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSLambdaDynamoDBExecutionRole", "createdate": "2015-04-09T15:09:29Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "dynamodb:DescribeStream", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:ListStreams", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "malformed": false, "name": "AWSLambdaDynamoDBExecutionRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-04-09T15:09:29+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/IAMReadOnlyAccess", "createdate": "2018-01-25T19:11:27Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:GenerateCredentialReport", "iam:GenerateServiceLastAccessedDetails", "iam:GetAccessKeyLastUsed", "iam:GetAccountAuthorizationDetails", "iam:GetAccountEmailAddress", "iam:GetAccountName", "iam:GetAccountPasswordPolicy", "iam:GetAccountSummary", "iam:GetCloudFrontPublicKey", "iam:GetContextKeysForCustomPolicy", "iam:GetContextKeysForPrincipalPolicy", "iam:GetCredentialReport", "iam:GetGroup", "iam:GetGroupPolicy", "iam:GetInstanceProfile", "iam:GetLoginProfile", "iam:GetMFADevice", "iam:GetOpenIDConnectProvider", "iam:GetOrganizationsAccessReport", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:GetRole", "iam:GetRolePolicy", "iam:GetSAMLProvider", "iam:GetSSHPublicKey", "iam:GetServerCertificate", "iam:GetServiceLastAccessedDetails", "iam:GetServiceLastAccessedDetailsWithEntities", "iam:GetServiceLinkedRoleDeletionStatus", "iam:GetUser", "iam:GetUserPolicy", "iam:ListAccessKeys", "iam:ListAccountAliases", "iam:ListAttachedGroupPolicies", "iam:ListAttachedRolePolicies", "iam:ListAttachedUserPolicies", "iam:ListCloudFrontPublicKeys", "iam:ListEntitiesForPolicy", "iam:ListGroupPolicies", "iam:ListGroups", "iam:ListGroupsForUser", "iam:ListInstanceProfileTags", "iam:ListInstanceProfiles", "iam:ListInstanceProfilesForRole", "iam:ListMFADeviceTags", "iam:ListMFADevices", "iam:ListOpenIDConnectProviderTags", "iam:ListOpenIDConnectProviders", "iam:ListPolicies", "iam:ListPoliciesGrantingServiceAccess", "iam:ListPolicyTags", "iam:ListPolicyVersions", "iam:ListRolePolicies", "iam:ListRoleTags", "iam:ListRoles", "iam:ListSAMLProviderTags", "iam:ListSAMLProviders", "iam:ListSSHPublicKeys", "iam:ListSTSRegionalEndpointsStatus", "iam:ListServerCertificateTags", "iam:ListServerCertificates", "iam:ListServiceSpecificCredentials", "iam:ListSigningCertificates", "iam:ListUserPolicies", "iam:ListUserTags", "iam:ListUsers", "iam:ListVirtualMFADevices", "iam:SimulateCustomPolicy", "iam:SimulatePrincipalPolicy" ], "malformed": false, "name": "IAMReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-01-25T19:11:27+00:00", "version": "v4" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSVPCS2SVpnServiceRolePolicy", "createdate": "2019-08-06T14:13:58Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "acm:ExportCertificate", "acm:DescribeCertificate", "acm:ListCertificates", "acm-pca:DescribeCertificateAuthority" ], "malformed": false, "name": "AWSVPCS2SVpnServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-08-06T14:13:58+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonMonitronFullAccess", "createdate": "2022-06-08T16:27:42Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "iam:CreateServiceLinkedRole", "monitron:AssociateProjectAdminUser", "monitron:CreateProject", "monitron:CreateProjectUserAssociation", "monitron:CreateUserAccessRoleAssociation", "monitron:DeleteProject", "monitron:DeleteProjectUserAssociation", "monitron:DeleteUserAccessRoleAssociation", "monitron:DisassociateProjectAdminUser", "monitron:GetProject", "monitron:GetProjectAdminUser", "monitron:ListProjectAdminUsers", "monitron:ListProjectUserAssociations", "monitron:ListProjects", "monitron:ListTagsForResource", "monitron:ListUserAccessRoleAssociations", "monitron:TagResource", "monitron:UntagResource", "monitron:UpdateProject", "kms:ListKeys", "kms:DescribeKey", "kms:ListAliases", "kms:CreateGrant", "organizations:DescribeAccount", "organizations:DescribeOrganization", "ds:DescribeDirectories", "ds:DescribeTrusts", "kinesis:DescribeStream", "kinesis:ListStreams", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:GetLogEvents", "logs:CreateLogGroup" ], "malformed": false, "name": "AmazonMonitronFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-06-08T16:27:42+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSCleanRoomsMLReadOnlyAccess", "createdate": "2023-11-29T20:55:31Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cleanrooms:GetCollaboration", "cleanrooms:GetConfiguredAudienceModelAssociation", "cleanrooms:GetMembership", "cleanrooms:ListAnalysisTemplates", "cleanrooms:ListCollaborationAnalysisTemplates", "cleanrooms:ListCollaborationConfiguredAudienceModelAssociations", "cleanrooms:ListCollaborations", "cleanrooms:ListConfiguredTableAssociations", "cleanrooms:ListConfiguredTables", "cleanrooms:ListMembers", "cleanrooms:ListMemberships", "cleanrooms:ListProtectedQueries", "cleanrooms:ListSchemas", "cleanrooms:ListTagsForResource", "cleanrooms-ml:GetAudienceGenerationJob", "cleanrooms-ml:GetAudienceModel", "cleanrooms-ml:GetConfiguredAudienceModel", "cleanrooms-ml:GetConfiguredAudienceModelPolicy", "cleanrooms-ml:GetTrainingDataset", "cleanrooms-ml:ListAudienceExportJobs", "cleanrooms-ml:ListAudienceGenerationJobs", "cleanrooms-ml:ListAudienceModels", "cleanrooms-ml:ListConfiguredAudienceModels", "cleanrooms-ml:ListTagsForResource", "cleanrooms-ml:ListTrainingDatasets" ], "malformed": false, "name": "AWSCleanRoomsMLReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-29T20:55:31+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonRDSEnhancedMonitoringRole", "createdate": "2015-11-11T19:58:29Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "logs:CreateLogGroup", "logs:PutRetentionPolicy", "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogStreams", "logs:GetLogEvents" ], "malformed": false, "name": "AmazonRDSEnhancedMonitoringRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-11-11T19:58:29+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonESReadOnlyAccess", "createdate": "2018-10-03T03:32:56Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "es:DescribeDomain", "es:DescribeDomainAutoTunes", "es:DescribeDomainChangeProgress", "es:DescribeDomainConfig", "es:DescribeDomainHealth", "es:DescribeDomainNodes", "es:DescribeDomains", "es:DescribeDryRunProgress", "es:DescribeElasticsearchDomain", "es:DescribeElasticsearchDomainConfig", "es:DescribeElasticsearchDomains", "es:DescribeElasticsearchInstanceTypeLimits", "es:DescribeInboundConnections", "es:DescribeInboundCrossClusterSearchConnections", "es:DescribeInstanceTypeLimits", "es:DescribeOutboundConnections", "es:DescribeOutboundCrossClusterSearchConnections", "es:DescribePackages", "es:DescribeReservedElasticsearchInstanceOfferings", "es:DescribeReservedElasticsearchInstances", "es:DescribeReservedInstanceOfferings", "es:DescribeReservedInstances", "es:DescribeVpcEndpoints", "es:ListDataSources", "es:ListDomainMaintenances", "es:ListDomainNames", "es:ListDomainsForPackage", "es:ListElasticsearchInstanceTypeDetails", "es:ListElasticsearchInstanceTypes", "es:ListElasticsearchVersions", "es:ListInstanceTypeDetails", "es:ListPackagesForDomain", "es:ListScheduledActions", "es:ListTags", "es:ListVersions", "es:ListVpcEndpointAccess", "es:ListVpcEndpoints", "es:ListVpcEndpointsForDomain", "es:GetCompatibleElasticsearchVersions", "es:GetCompatibleVersions", "es:GetDataSource", "es:GetDomainMaintenanceStatus", "es:GetPackageVersionHistory", "es:GetUpgradeHistory", "es:GetUpgradeStatus" ], "malformed": false, "name": "AmazonESReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-10-03T03:32:56+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonFraudDetectorFullAccessPolicy", "createdate": "2019-12-03T22:46:26Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "frauddetector:BatchCreateVariable", "frauddetector:BatchGetVariable", "frauddetector:CancelBatchImportJob", "frauddetector:CancelBatchPredictionJob", "frauddetector:CreateBatchImportJob", "frauddetector:CreateBatchPredictionJob", "frauddetector:CreateDetectorVersion", "frauddetector:CreateList", "frauddetector:CreateModel", "frauddetector:CreateModelVersion", "frauddetector:CreateRule", "frauddetector:CreateVariable", "frauddetector:DeleteBatchImportJob", "frauddetector:DeleteBatchPredictionJob", "frauddetector:DeleteDetector", "frauddetector:DeleteDetectorVersion", "frauddetector:DeleteEntityType", "frauddetector:DeleteEvent", "frauddetector:DeleteEventType", "frauddetector:DeleteEventsByEventType", "frauddetector:DeleteExternalModel", "frauddetector:DeleteLabel", "frauddetector:DeleteList", "frauddetector:DeleteModel", "frauddetector:DeleteModelVersion", "frauddetector:DeleteOutcome", "frauddetector:DeleteRule", "frauddetector:DeleteVariable", "frauddetector:DescribeDetector", "frauddetector:DescribeModelVersions", "frauddetector:GetBatchImportJobValidationReport", "frauddetector:GetBatchImportJobs", "frauddetector:GetBatchPredictionJobs", "frauddetector:GetDeleteEventsByEventTypeStatus", "frauddetector:GetDetectorVersion", "frauddetector:GetDetectors", "frauddetector:GetEntityTypes", "frauddetector:GetEvent", "frauddetector:GetEventPrediction", "frauddetector:GetEventPredictionMetadata", "frauddetector:GetEventTypes", "frauddetector:GetExternalModels", "frauddetector:GetKMSEncryptionKey", "frauddetector:GetLabels", "frauddetector:GetListElements", "frauddetector:GetListsMetadata", "frauddetector:GetModelVersion", "frauddetector:GetModels", "frauddetector:GetOutcomes", "frauddetector:GetRules", "frauddetector:GetVariables", "frauddetector:ListEventPredictions", "frauddetector:ListTagsForResource", "frauddetector:PutDetector", "frauddetector:PutEntityType", "frauddetector:PutEventType", "frauddetector:PutExternalModel", "frauddetector:PutKMSEncryptionKey", "frauddetector:PutLabel", "frauddetector:PutOutcome", "frauddetector:SendEvent", "frauddetector:TagResource", "frauddetector:UntagResource", "frauddetector:UpdateDetectorVersion", "frauddetector:UpdateDetectorVersionMetadata", "frauddetector:UpdateDetectorVersionStatus", "frauddetector:UpdateEventLabel", "frauddetector:UpdateList", "frauddetector:UpdateModel", "frauddetector:UpdateModelVersion", "frauddetector:UpdateModelVersionStatus", "frauddetector:UpdateRuleMetadata", "frauddetector:UpdateRuleVersion", "frauddetector:UpdateVariable", "sagemaker:ListEndpoints", "sagemaker:DescribeEndpoint", "s3:ListAllMyBuckets", "s3:GetBucketLocation", "iam:ListRoles", "iam:PassRole" ], "malformed": false, "name": "AmazonFraudDetectorFullAccessPolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-12-03T22:46:26+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonTimestreamFullAccess", "createdate": "2021-11-26T23:42:00Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "timestream:CancelQuery", "timestream:CreateBatchLoadTask", "timestream:CreateDatabase", "timestream:CreateScheduledQuery", "timestream:CreateTable", "timestream:DeleteDatabase", "timestream:DeleteScheduledQuery", "timestream:DeleteTable", "timestream:DescribeBatchLoadTask", "timestream:DescribeDatabase", "timestream:DescribeEndpoints", "timestream:DescribeScheduledQuery", "timestream:DescribeTable", "timestream:ExecuteScheduledQuery", "timestream:GetAwsBackupStatus", "timestream:GetAwsRestoreStatus", "timestream:ListBatchLoadTasks", "timestream:ListDatabases", "timestream:ListMeasures", "timestream:ListScheduledQueries", "timestream:ListTables", "timestream:ListTagsForResource", "timestream:PrepareQuery", "timestream:ResumeBatchLoadTask", "timestream:Select", "timestream:SelectValues", "timestream:StartAwsBackupJob", "timestream:StartAwsRestoreJob", "timestream:TagResource", "timestream:Unload", "timestream:UntagResource", "timestream:UpdateDatabase", "timestream:UpdateScheduledQuery", "timestream:UpdateTable", "timestream:WriteRecords", "kms:DescribeKey", "kms:CreateGrant", "s3:ListAllMyBuckets" ], "malformed": false, "name": "AmazonTimestreamFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-11-26T23:42:00+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/IAMAccessAdvisorReadOnly", "createdate": "2019-06-21T19:33:45Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:ListRoles", "iam:ListUsers", "iam:ListGroups", "iam:ListPolicies", "iam:ListPoliciesGrantingServiceAccess", "iam:GenerateServiceLastAccessedDetails", "iam:GenerateOrganizationsAccessReport", "iam:GenerateCredentialReport", "iam:GetRole", "iam:GetPolicy", "iam:GetServiceLastAccessedDetails", "iam:GetServiceLastAccessedDetailsWithEntities", "iam:GetOrganizationsAccessReport", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:DescribeOrganizationalUnit", "organizations:DescribePolicy", "organizations:ListChildren", "organizations:ListParents", "organizations:ListPoliciesForTarget", "organizations:ListRoots", "organizations:ListPolicies", "organizations:ListTargetsForPolicy" ], "malformed": false, "name": "IAMAccessAdvisorReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-21T19:33:45+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonEventBridgePipesOperatorAccess", "createdate": "2022-12-01T17:04:32Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "pipes:DescribePipe", "pipes:ListPipes", "pipes:ListTagsForResource", "pipes:StartPipe", "pipes:StopPipe" ], "malformed": false, "name": "AmazonEventBridgePipesOperatorAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-12-01T17:04:32+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSCodeStarFullAccess", "createdate": "2023-03-28T00:06:28Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "codestar:AssociateTeamMember", "codestar:CreateProject", "codestar:CreateUserProfile", "codestar:DeleteExtendedAccess", "codestar:DeleteProject", "codestar:DeleteUserProfile", "codestar:DescribeProject", "codestar:DescribeUserProfile", "codestar:DisassociateTeamMember", "codestar:GetExtendedAccess", "codestar:ListProjects", "codestar:ListResources", "codestar:ListTagsForProject", "codestar:ListTeamMembers", "codestar:ListUserProfiles", "codestar:PutExtendedAccess", "codestar:TagProject", "codestar:UntagProject", "codestar:UpdateProject", "codestar:UpdateTeamMember", "codestar:UpdateUserProfile", "codestar:VerifyServiceRole", "ec2:DescribeKeyPairs", "ec2:DescribeVpcs", "ec2:DescribeSubnets", "cloud9:DescribeEnvironmentMemberships", "cloud9:DescribeEnvironmentStatus", "cloud9:DescribeEnvironments", "cloud9:ValidateEnvironmentName", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:GetTemplateSummary" ], "malformed": false, "name": "AWSCodeStarFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-28T00:06:28+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonCodeGuruProfilerReadOnlyAccess", "createdate": "2020-06-27T23:52:52Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "codeguru:GetCodeGuruFreeTrialSummary", "codeguru-profiler:BatchGetFrameMetricData", "codeguru-profiler:DescribeProfilingGroup", "codeguru-profiler:GetFindingsReportAccountSummary", "codeguru-profiler:GetNotificationConfiguration", "codeguru-profiler:GetPolicy", "codeguru-profiler:GetProfile", "codeguru-profiler:GetRecommendations", "codeguru-profiler:ListFindingsReports", "codeguru-profiler:ListProfileTimes", "codeguru-profiler:ListProfilingGroups", "codeguru-profiler:ListTagsForResource", "iam:ListRoles", "iam:ListUsers" ], "malformed": false, "name": "AmazonCodeGuruProfilerReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-06-27T23:52:52+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonLookoutVisionFullAccess", "createdate": "2021-05-11T19:24:54Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "lookoutvision:CreateDataset", "lookoutvision:CreateModel", "lookoutvision:CreateProject", "lookoutvision:DeleteDataset", "lookoutvision:DeleteModel", "lookoutvision:DeleteProject", "lookoutvision:DescribeDataset", "lookoutvision:DescribeModel", "lookoutvision:DescribeModelPackagingJob", "lookoutvision:DescribeProject", "lookoutvision:DescribeTrialDetection", "lookoutvision:DetectAnomalies", "lookoutvision:ListDatasetEntries", "lookoutvision:ListModelPackagingJobs", "lookoutvision:ListModels", "lookoutvision:ListProjects", "lookoutvision:ListTagsForResource", "lookoutvision:ListTrialDetections", "lookoutvision:StartModel", "lookoutvision:StartModelPackagingJob", "lookoutvision:StartTrialDetection", "lookoutvision:StopModel", "lookoutvision:TagResource", "lookoutvision:UntagResource", "lookoutvision:UpdateDatasetEntries" ], "malformed": false, "name": "AmazonLookoutVisionFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-05-11T19:24:54+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonLexReplicationPolicy", "createdate": "2024-03-08T17:11:32Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "lex:BuildBotLocale", "lex:ListBotLocales", "lex:CreateBotAlias", "lex:UpdateBotAlias", "lex:DeleteBotAlias", "lex:DescribeBotAlias", "lex:CreateBotVersion", "lex:DeleteBotVersion", "lex:DescribeBotVersion", "lex:CreateExport", "lex:DescribeBot", "lex:UpdateExport", "lex:DescribeExport", "lex:DescribeBotLocale", "lex:DescribeIntent", "lex:ListIntents", "lex:DescribeSlotType", "lex:ListSlotTypes", "lex:DescribeSlot", "lex:ListSlots", "lex:DescribeCustomVocabulary", "lex:StartImport", "lex:DescribeImport", "lex:CreateBot", "lex:UpdateBot", "lex:DeleteBot", "lex:CreateBotLocale", "lex:UpdateBotLocale", "lex:DeleteBotLocale", "lex:CreateIntent", "lex:UpdateIntent", "lex:DeleteIntent", "lex:CreateSlotType", "lex:UpdateSlotType", "lex:DeleteSlotType", "lex:CreateSlot", "lex:UpdateSlot", "lex:DeleteSlot", "lex:CreateCustomVocabulary", "lex:UpdateCustomVocabulary", "lex:DeleteCustomVocabulary", "lex:DeleteBotChannel", "lex:DeleteResourcePolicy", "lex:CreateUploadUrl", "lex:ListBots", "iam:PassRole" ], "malformed": false, "name": "AmazonLexReplicationPolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-08T17:11:32+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSCloudTrail_ReadOnlyAccess", "createdate": "2022-06-14T17:19:05Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudtrail:GetChannel", "cloudtrail:GetEventDataStore", "cloudtrail:GetEventDataStoreData", "cloudtrail:GetEventSelectors", "cloudtrail:GetImport", "cloudtrail:GetInsightSelectors", "cloudtrail:GetQueryResults", "cloudtrail:GetResourcePolicy", "cloudtrail:GetServiceLinkedChannel", "cloudtrail:GetTrail", "cloudtrail:GetTrailStatus", "cloudtrail:DescribeQuery", "cloudtrail:DescribeTrails", "cloudtrail:ListChannels", "cloudtrail:ListEventDataStores", "cloudtrail:ListImportFailures", "cloudtrail:ListImports", "cloudtrail:ListPublicKeys", "cloudtrail:ListQueries", "cloudtrail:ListServiceLinkedChannels", "cloudtrail:ListTags", "cloudtrail:ListTrails", "cloudtrail:LookupEvents" ], "malformed": false, "name": "AWSCloudTrail_ReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-06-14T17:19:05+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonRoute53FullAccess", "createdate": "2018-12-20T21:42:00Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "route53:ActivateKeySigningKey", "route53:AssociateVPCWithHostedZone", "route53:ChangeCidrCollection", "route53:ChangeResourceRecordSets", "route53:ChangeTagsForResource", "route53:CreateCidrCollection", "route53:CreateHealthCheck", "route53:CreateHostedZone", "route53:CreateKeySigningKey", "route53:CreateQueryLoggingConfig", "route53:CreateReusableDelegationSet", "route53:CreateTrafficPolicy", "route53:CreateTrafficPolicyInstance", "route53:CreateTrafficPolicyVersion", "route53:CreateVPCAssociationAuthorization", "route53:DeactivateKeySigningKey", "route53:DeleteCidrCollection", "route53:DeleteHealthCheck", "route53:DeleteHostedZone", "route53:DeleteKeySigningKey", "route53:DeleteQueryLoggingConfig", "route53:DeleteReusableDelegationSet", "route53:DeleteTrafficPolicy", "route53:DeleteTrafficPolicyInstance", "route53:DeleteVPCAssociationAuthorization", "route53:DisableHostedZoneDNSSEC", "route53:DisassociateVPCFromHostedZone", "route53:EnableHostedZoneDNSSEC", "route53:GetAccountLimit", "route53:GetChange", "route53:GetCheckerIpRanges", "route53:GetDNSSEC", "route53:GetGeoLocation", "route53:GetHealthCheck", "route53:GetHealthCheckCount", "route53:GetHealthCheckLastFailureReason", "route53:GetHealthCheckStatus", "route53:GetHostedZone", "route53:GetHostedZoneCount", "route53:GetHostedZoneLimit", "route53:GetQueryLoggingConfig", "route53:GetReusableDelegationSet", "route53:GetReusableDelegationSetLimit", "route53:GetTrafficPolicy", "route53:GetTrafficPolicyInstance", "route53:GetTrafficPolicyInstanceCount", "route53:ListCidrBlocks", "route53:ListCidrCollections", "route53:ListCidrLocations", "route53:ListGeoLocations", "route53:ListHealthChecks", "route53:ListHostedZones", "route53:ListHostedZonesByName", "route53:ListHostedZonesByVPC", "route53:ListQueryLoggingConfigs", "route53:ListResourceRecordSets", "route53:ListReusableDelegationSets", "route53:ListTagsForResource", "route53:ListTagsForResources", "route53:ListTrafficPolicies", "route53:ListTrafficPolicyInstances", "route53:ListTrafficPolicyInstancesByHostedZone", "route53:ListTrafficPolicyInstancesByPolicy", "route53:ListTrafficPolicyVersions", "route53:ListVPCAssociationAuthorizations", "route53:TestDNSAnswer", "route53:UpdateHealthCheck", "route53:UpdateHostedZoneComment", "route53:UpdateTrafficPolicyComment", "route53:UpdateTrafficPolicyInstance", "route53domains:AcceptDomainTransferFromAnotherAwsAccount", "route53domains:AssociateDelegationSignerToDomain", "route53domains:CancelDomainTransferToAnotherAwsAccount", "route53domains:CheckDomainAvailability", "route53domains:CheckDomainTransferability", "route53domains:DeleteDomain", "route53domains:DeleteTagsForDomain", "route53domains:DisableDomainAutoRenew", "route53domains:DisableDomainTransferLock", "route53domains:DisassociateDelegationSignerFromDomain", "route53domains:EnableDomainAutoRenew", "route53domains:EnableDomainTransferLock", "route53domains:GetContactReachabilityStatus", "route53domains:GetDomainDetail", "route53domains:GetDomainSuggestions", "route53domains:GetOperationDetail", "route53domains:ListDomains", "route53domains:ListOperations", "route53domains:ListPrices", "route53domains:ListTagsForDomain", "route53domains:PushDomain", "route53domains:RegisterDomain", "route53domains:RejectDomainTransferFromAnotherAwsAccount", "route53domains:RenewDomain", "route53domains:ResendContactReachabilityEmail", "route53domains:ResendOperationAuthorization", "route53domains:RetrieveDomainAuthCode", "route53domains:TransferDomain", "route53domains:TransferDomainToAnotherAwsAccount", "route53domains:UpdateDomainContact", "route53domains:UpdateDomainContactPrivacy", "route53domains:UpdateDomainNameservers", "route53domains:UpdateTagsForDomain", "route53domains:ViewBilling", "cloudfront:ListDistributions", "elasticloadbalancing:DescribeLoadBalancers", "elasticbeanstalk:DescribeEnvironments", "s3:ListBucket", "s3:GetBucketLocation", "s3:GetBucketWebsite", "ec2:DescribeVpcs", "ec2:DescribeVpcEndpoints", "ec2:DescribeRegions", "sns:ListTopics", "sns:ListSubscriptionsByTopic", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricStatistics", "apigateway:GET" ], "malformed": false, "name": "AmazonRoute53FullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-12-20T21:42:00+00:00", "version": "v4" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/ResourceGroupsServiceRolePolicy", "createdate": "2023-01-05T16:57:08Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "tag:GetResources", "cloudformation:DescribeStacks", "cloudformation:ListStackResources" ], "malformed": false, "name": "ResourceGroupsServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-01-05T16:57:08+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSCodeDeployRoleForCloudFormation", "createdate": "2020-05-19T17:12:52Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "lambda:InvokeFunction" ], "malformed": false, "name": "AWSCodeDeployRoleForCloudFormation", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-05-19T17:12:52+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonDataZoneFullUserAccess", "createdate": "2024-04-01T19:27:32Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "datazone:PostTimeSeriesDataPoints", "datazone:ListTimeSeriesDataPoints", "datazone:GetTimeSeriesDataPoint", "datazone:DeleteTimeSeriesDataPoints", "datazone:GetDomain", "datazone:CreateFormType", "datazone:GetFormType", "datazone:GetIamPortalLoginUrl", "datazone:SearchUserProfiles", "datazone:SearchGroupProfiles", "datazone:GetUserProfile", "datazone:GetGroupProfile", "datazone:ListGroupsForUser", "datazone:DeleteFormType", "datazone:CreateAssetType", "datazone:GetAssetType", "datazone:DeleteAssetType", "datazone:CreateGlossary", "datazone:GetGlossary", "datazone:DeleteGlossary", "datazone:UpdateGlossary", "datazone:CreateGlossaryTerm", "datazone:GetGlossaryTerm", "datazone:DeleteGlossaryTerm", "datazone:UpdateGlossaryTerm", "datazone:CreateAsset", "datazone:GetAsset", "datazone:DeleteAsset", "datazone:CreateAssetRevision", "datazone:ListAssetRevisions", "datazone:AcceptPredictions", "datazone:RejectPredictions", "datazone:Search", "datazone:SearchTypes", "datazone:CreateListingChangeSet", "datazone:DeleteListing", "datazone:SearchListings", "datazone:GetListing", "datazone:CreateDataSource", "datazone:GetDataSource", "datazone:DeleteDataSource", "datazone:UpdateDataSource", "datazone:ListDataSources", "datazone:StartDataSourceRun", "datazone:GetDataSourceRun", "datazone:ListDataSourceRuns", "datazone:ListDataSourceRunActivities", "datazone:ListEnvironmentBlueprintConfigurations", "datazone:CreateEnvironmentBlueprint", "datazone:GetEnvironmentBlueprint", "datazone:DeleteEnvironmentBlueprint", "datazone:UpdateEnvironmentBlueprint", "datazone:ListEnvironmentBlueprints", "datazone:CreateProject", "datazone:UpdateProject", "datazone:GetProject", "datazone:DeleteProject", "datazone:ListProjects", "datazone:CreateProjectMembership", "datazone:DeleteProjectMembership", "datazone:ListProjectMemberships", "datazone:CreateEnvironmentProfile", "datazone:GetEnvironmentProfile", "datazone:UpdateEnvironmentProfile", "datazone:DeleteEnvironmentProfile", "datazone:ListEnvironmentProfiles", "datazone:CreateEnvironment", "datazone:GetEnvironment", "datazone:DeleteEnvironment", "datazone:UpdateEnvironment", "datazone:UpdateEnvironmentDeploymentStatus", "datazone:ListEnvironments", "datazone:ListAccountEnvironments", "datazone:GetEnvironmentActionLink", "datazone:GetEnvironmentCredentials", "datazone:GetSubscriptionTarget", "datazone:DeleteSubscriptionTarget", "datazone:ListSubscriptionTargets", "datazone:CreateSubscriptionRequest", "datazone:AcceptSubscriptionRequest", "datazone:UpdateSubscriptionRequest", "datazone:ListWarehouseMetadata", "datazone:RejectSubscriptionRequest", "datazone:GetSubscriptionRequestDetails", "datazone:ListSubscriptionRequests", "datazone:DeleteSubscriptionRequest", "datazone:GetSubscription", "datazone:CancelSubscription", "datazone:GetSubscriptionEligibility", "datazone:ListSubscriptions", "datazone:RevokeSubscription", "datazone:CreateSubscriptionGrant", "datazone:DeleteSubscriptionGrant", "datazone:GetSubscriptionGrant", "datazone:ListSubscriptionGrants", "datazone:UpdateSubscriptionGrantStatus", "datazone:ListNotifications", "datazone:StartMetadataGenerationRun", "datazone:GetMetadataGenerationRun", "datazone:CancelMetadataGenerationRun", "datazone:ListMetadataGenerationRuns", "ram:GetResourceShareAssociations" ], "malformed": false, "name": "AmazonDataZoneFullUserAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-01T19:27:32+00:00", "version": "v6" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/CloudWatchInternetMonitorServiceRolePolicy", "createdate": "2023-07-20T04:46:37Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudfront:GetDistribution", "ec2:DescribeNetworkInterfaces", "ec2:DescribeVpcs", "elasticloadbalancing:DescribeLoadBalancers", "workspaces:DescribeWorkspaceDirectories", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DescribeLogStreams", "logs:PutLogEvents", "cloudwatch:PutMetricData" ], "malformed": false, "name": "CloudWatchInternetMonitorServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-07-20T04:46:37+00:00", "version": "v2" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/ElementalSupportCenterFullAccess", "createdate": "2021-02-05T21:02:54Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elemental-support-cases:CheckCasePermission", "elemental-support-cases:CreateCase", "elemental-support-cases:GetCase", "elemental-support-cases:GetCases", "elemental-support-cases:UpdateCase", "elemental-support-content:Query", "elemental-activations:CompleteAccountRegistration" ], "malformed": false, "name": "ElementalSupportCenterFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-02-05T21:02:54+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSElementalMediaStoreReadOnly", "createdate": "2018-03-08T19:48:22Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "mediastore:GetContainerPolicy", "mediastore:GetCorsPolicy", "mediastore:GetLifecyclePolicy", "mediastore:GetMetricPolicy", "mediastore:GetObject", "mediastore:ListContainers", "mediastore:ListItems", "mediastore:ListTagsForResource", "mediastore:DescribeContainer", "mediastore:DescribeObject" ], "malformed": false, "name": "AWSElementalMediaStoreReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-03-08T19:48:22+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSKeyManagementServicePowerUser", "createdate": "2017-03-07T00:55:11Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "kms:CreateAlias", "kms:CreateKey", "kms:DeleteAlias", "kms:DescribeCustomKeyStores", "kms:DescribeKey", "kms:GenerateRandom", "kms:GetKeyPolicy", "kms:GetKeyRotationStatus", "kms:GetParametersForImport", "kms:GetPublicKey", "kms:ListAliases", "kms:ListGrants", "kms:ListKeyPolicies", "kms:ListKeyRotations", "kms:ListKeys", "kms:ListResourceTags", "kms:ListRetirableGrants", "kms:TagResource", "kms:UntagResource", "iam:ListGroups", "iam:ListRoles", "iam:ListUsers" ], "malformed": false, "name": "AWSKeyManagementServicePowerUser", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-03-07T00:55:11+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSCodeCommitFullAccess", "createdate": "2023-07-17T21:50:11Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "codecommit:AssociateApprovalRuleTemplateWithRepository", "codecommit:BatchAssociateApprovalRuleTemplateWithRepositories", "codecommit:BatchDescribeMergeConflicts", "codecommit:BatchDisassociateApprovalRuleTemplateFromRepositories", "codecommit:BatchGetCommits", "codecommit:BatchGetPullRequests", "codecommit:BatchGetRepositories", "codecommit:CancelUploadArchive", "codecommit:CreateApprovalRuleTemplate", "codecommit:CreateBranch", "codecommit:CreateCommit", "codecommit:CreatePullRequest", "codecommit:CreatePullRequestApprovalRule", "codecommit:CreateRepository", "codecommit:CreateUnreferencedMergeCommit", "codecommit:DeleteApprovalRuleTemplate", "codecommit:DeleteBranch", "codecommit:DeleteCommentContent", "codecommit:DeleteFile", "codecommit:DeletePullRequestApprovalRule", "codecommit:DeleteRepository", "codecommit:DescribeMergeConflicts", "codecommit:DescribePullRequestEvents", "codecommit:DisassociateApprovalRuleTemplateFromRepository", "codecommit:EvaluatePullRequestApprovalRules", "codecommit:GetApprovalRuleTemplate", "codecommit:GetBlob", "codecommit:GetBranch", "codecommit:GetComment", "codecommit:GetCommentReactions", "codecommit:GetCommentsForComparedCommit", "codecommit:GetCommentsForPullRequest", "codecommit:GetCommit", "codecommit:GetCommitHistory", "codecommit:GetCommitsFromMergeBase", "codecommit:GetDifferences", "codecommit:GetFile", "codecommit:GetFolder", "codecommit:GetMergeCommit", "codecommit:GetMergeConflicts", "codecommit:GetMergeOptions", "codecommit:GetObjectIdentifier", "codecommit:GetPullRequest", "codecommit:GetPullRequestApprovalStates", "codecommit:GetPullRequestOverrideState", "codecommit:GetReferences", "codecommit:GetRepository", "codecommit:GetRepositoryTriggers", "codecommit:GetTree", "codecommit:GetUploadArchiveStatus", "codecommit:GitPull", "codecommit:GitPush", "codecommit:ListApprovalRuleTemplates", "codecommit:ListAssociatedApprovalRuleTemplatesForRepository", "codecommit:ListBranches", "codecommit:ListFileCommitHistory", "codecommit:ListPullRequests", "codecommit:ListRepositories", "codecommit:ListRepositoriesForApprovalRuleTemplate", "codecommit:ListTagsForResource", "codecommit:MergeBranchesByFastForward", "codecommit:MergeBranchesBySquash", "codecommit:MergeBranchesByThreeWay", "codecommit:MergePullRequestByFastForward", "codecommit:MergePullRequestBySquash", "codecommit:MergePullRequestByThreeWay", "codecommit:OverridePullRequestApprovalRules", "codecommit:PostCommentForComparedCommit", "codecommit:PostCommentForPullRequest", "codecommit:PostCommentReply", "codecommit:PutCommentReaction", "codecommit:PutFile", "codecommit:PutRepositoryTriggers", "codecommit:TagResource", "codecommit:TestRepositoryTriggers", "codecommit:UntagResource", "codecommit:UpdateApprovalRuleTemplateContent", "codecommit:UpdateApprovalRuleTemplateDescription", "codecommit:UpdateApprovalRuleTemplateName", "codecommit:UpdateComment", "codecommit:UpdateDefaultBranch", "codecommit:UpdatePullRequestApprovalRuleContent", "codecommit:UpdatePullRequestApprovalState", "codecommit:UpdatePullRequestDescription", "codecommit:UpdatePullRequestStatus", "codecommit:UpdatePullRequestTitle", "codecommit:UpdateRepositoryDescription", "codecommit:UpdateRepositoryEncryptionKey", "codecommit:UpdateRepositoryName", "codecommit:UploadArchive", "events:DeleteRule", "events:DescribeRule", "events:DisableRule", "events:EnableRule", "events:PutRule", "events:PutTargets", "events:RemoveTargets", "events:ListTargetsByRule", "sns:CreateTopic", "sns:DeleteTopic", "sns:Subscribe", "sns:Unsubscribe", "sns:SetTopicAttributes", "sns:ListTopics", "sns:ListSubscriptionsByTopic", "sns:GetTopicAttributes", "lambda:ListFunctions", "iam:ListUsers", "iam:ListAccessKeys", "iam:ListSSHPublicKeys", "iam:ListServiceSpecificCredentials", "iam:DeleteSSHPublicKey", "iam:GetSSHPublicKey", "iam:ListSSHPublicKeys", "iam:UpdateSSHPublicKey", "iam:UploadSSHPublicKey", "iam:CreateServiceSpecificCredential", "iam:UpdateServiceSpecificCredential", "iam:DeleteServiceSpecificCredential", "iam:ResetServiceSpecificCredential", "codestar-notifications:CreateNotificationRule", "codestar-notifications:DescribeNotificationRule", "codestar-notifications:UpdateNotificationRule", "codestar-notifications:DeleteNotificationRule", "codestar-notifications:Subscribe", "codestar-notifications:Unsubscribe", "codestar-notifications:ListNotificationRules", "codestar-notifications:ListTargets", "codestar-notifications:ListTagsForResource", "codestar-notifications:ListEventTypes", "sns:CreateTopic", "sns:SetTopicAttributes", "codeguru-reviewer:AssociateRepository", "codeguru-reviewer:DescribeRepositoryAssociation", "codeguru-reviewer:ListRepositoryAssociations", "codeguru-reviewer:DisassociateRepository", "codeguru-reviewer:DescribeCodeReview", "codeguru-reviewer:ListCodeReviews", "iam:CreateServiceLinkedRole", "events:PutRule", "events:PutTargets", "events:DeleteRule", "events:RemoveTargets", "chatbot:DescribeSlackChannelConfigurations", "chatbot:ListMicrosoftTeamsChannelConfigurations", "codestar-connections:ListConnections", "codestar-connections:GetConnection" ], "malformed": false, "name": "AWSCodeCommitFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-07-17T21:50:11+00:00", "version": "v10" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSBatchFullAccess", "createdate": "2022-10-24T16:09:09Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "batch:CancelJob", "batch:CreateComputeEnvironment", "batch:CreateJobQueue", "batch:CreateSchedulingPolicy", "batch:DeleteComputeEnvironment", "batch:DeleteJobQueue", "batch:DeleteSchedulingPolicy", "batch:DeregisterJobDefinition", "batch:DescribeComputeEnvironments", "batch:DescribeJobDefinitions", "batch:DescribeJobQueues", "batch:DescribeJobs", "batch:DescribeSchedulingPolicies", "batch:ListJobs", "batch:ListSchedulingPolicies", "batch:ListTagsForResource", "batch:RegisterJobDefinition", "batch:SubmitJob", "batch:TagResource", "batch:TerminateJob", "batch:UntagResource", "batch:UpdateComputeEnvironment", "batch:UpdateJobQueue", "batch:UpdateSchedulingPolicy", "cloudwatch:GetMetricStatistics", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "ec2:DescribeKeyPairs", "ec2:DescribeVpcs", "ec2:DescribeImages", "ec2:DescribeLaunchTemplates", "ec2:DescribeLaunchTemplateVersions", "ecs:DescribeClusters", "ecs:DescribeCapacityProviders", "ecs:DescribeClusters", "ecs:DescribeContainerInstances", "ecs:DescribeServices", "ecs:DescribeTaskDefinition", "ecs:DescribeTaskSets", "ecs:DescribeTasks", "ecs:ListAccountSettings", "ecs:ListAttributes", "ecs:ListClusters", "ecs:ListContainerInstances", "ecs:ListServices", "ecs:ListServicesByNamespace", "ecs:ListTagsForResource", "ecs:ListTaskDefinitionFamilies", "ecs:ListTaskDefinitions", "ecs:ListTasks", "eks:DescribeCluster", "eks:ListClusters", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:GetDataProtectionPolicy", "logs:GetDelivery", "logs:GetDeliveryDestination", "logs:GetDeliveryDestinationPolicy", "logs:GetDeliverySource", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetLogRecord", "logs:GetQueryResults", "logs:TestMetricFilter", "logs:FilterLogEvents", "iam:ListInstanceProfiles", "iam:ListRoles", "iam:PassRole", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSBatchFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-10-24T16:09:09+00:00", "version": "v7" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/GroundTruthSyntheticConsoleFullAccess", "createdate": "2022-08-25T15:58:49Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "sagemaker-groundtruth-synthetic:CreateProject", "sagemaker-groundtruth-synthetic:DeleteProject", "sagemaker-groundtruth-synthetic:GetAccountDetails", "sagemaker-groundtruth-synthetic:GetBatch", "sagemaker-groundtruth-synthetic:GetProject", "sagemaker-groundtruth-synthetic:ListBatchDataTransfers", "sagemaker-groundtruth-synthetic:ListBatchSummaries", "sagemaker-groundtruth-synthetic:ListProjectDataTransfers", "sagemaker-groundtruth-synthetic:ListProjectSummaries", "sagemaker-groundtruth-synthetic:StartBatchDataTransfer", "sagemaker-groundtruth-synthetic:StartProjectDataTransfer", "sagemaker-groundtruth-synthetic:UpdateBatch", "s3:ListBucket" ], "malformed": false, "name": "GroundTruthSyntheticConsoleFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-08-25T15:58:49+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": null, "createdate": "2019-10-10T20:56:45Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "ec2:AttachVolume", "ec2:ModifyVolume", "ec2:DescribeInstances", "ec2:DescribeVolumes", "ec2:CreateVolume", "ec2:CreateTags", "s3:GetObject", "logs:PutLogEvents", "ec2:DescribeAddresses", "ec2:AssociateAddress", "logs:CreateDelivery", "logs:CreateExportTask", "logs:CreateLogAnomalyDetector", "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream" ], "malformed": false, "name": "AmazonEC2RolePolicyForApplicationWizard", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSCodeDeployRoleForECSLimited", "createdate": "2019-09-23T22:10:29Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ecs:DescribeServices", "ecs:CreateTaskSet", "ecs:UpdateServicePrimaryTaskSet", "ecs:DeleteTaskSet", "cloudwatch:DescribeAlarms", "sns:Publish", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:ModifyListener", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:ModifyRule", "lambda:InvokeFunction", "s3:GetObject", "s3:GetObjectVersion", "iam:PassRole" ], "malformed": false, "name": "AWSCodeDeployRoleForECSLimited", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-09-23T22:10:29+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AutoScalingReadOnlyAccess", "createdate": "2017-01-12T19:39:35Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool" ], "malformed": false, "name": "AutoScalingReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-01-12T19:39:35+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/CloudFormationStackSetsOrgMemberServiceRolePolicy", "createdate": "2019-12-09T23:52:37Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:CreateRole", "iam:DeleteRole", "iam:GetRole", "iam:DetachRolePolicy", "iam:AttachRolePolicy" ], "malformed": false, "name": "CloudFormationStackSetsOrgMemberServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-12-09T23:52:37+00:00", "version": "v1" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryEc2InstancePolicy", "createdate": "2023-11-27T13:39:44Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "drs:GetAgentInstallationAssetsForDrs", "drs:SendClientLogsForDrs", "drs:SendClientMetricsForDrs", "drs:CreateSourceServerForDrs", "drs:CreateSourceNetwork", "drs:TagResource", "drs:TagResource", "drs:SendAgentMetricsForDrs", "drs:SendAgentLogsForDrs", "drs:UpdateAgentSourcePropertiesForDrs", "drs:UpdateAgentReplicationInfoForDrs", "drs:UpdateAgentConversionInfoForDrs", "drs:GetAgentCommandForDrs", "drs:GetAgentConfirmedResumeInfoForDrs", "drs:GetAgentRuntimeConfigurationForDrs", "drs:UpdateAgentBacklogForDrs", "drs:GetAgentReplicationInfoForDrs", "sts:AssumeRole", "sts:TagSession" ], "malformed": false, "name": "AWSElasticDisasterRecoveryEc2InstancePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-27T13:39:44+00:00", "version": "v5" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/DAXServiceRolePolicy", "createdate": "2018-03-05T17:51:25Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateNetworkInterface", "ec2:CreateSecurityGroup", "ec2:DeleteNetworkInterface", "ec2:DeleteSecurityGroup", "ec2:DescribeAvailabilityZones", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:ModifyNetworkInterfaceAttribute", "ec2:RevokeSecurityGroupIngress" ], "malformed": false, "name": "DAXServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-03-05T17:51:25+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/CloudWatchReadOnlyAccess", "createdate": "2023-12-05T19:24:15Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "application-autoscaling:DescribeScalingPolicies", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "cloudwatch:BatchGetServiceLevelIndicatorReport", "cloudwatch:BatchGetServiceLevelObjectiveBudgetReport", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:GenerateQuery", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "logs:GetDataProtectionPolicy", "logs:GetDelivery", "logs:GetDeliveryDestination", "logs:GetDeliveryDestinationPolicy", "logs:GetDeliverySource", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetLogRecord", "logs:GetQueryResults", "logs:ListAnomalies", "logs:ListLogAnomalyDetectors", "logs:ListLogDeliveries", "logs:ListTagsForResource", "logs:ListTagsLogGroup", "logs:StartQuery", "logs:StopQuery", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:TestMetricFilter", "logs:FilterLogEvents", "logs:StartLiveTail", "logs:StopLiveTail", "oam:ListSinks", "sns:GetDataProtectionPolicy", "sns:GetEndpointAttributes", "sns:GetPlatformApplicationAttributes", "sns:GetSMSAttributes", "sns:GetSMSSandboxAccountStatus", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:ListEndpointsByPlatformApplication", "sns:ListOriginationNumbers", "sns:ListPhoneNumbersOptedOut", "sns:ListPlatformApplications", "sns:ListSMSSandboxPhoneNumbers", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "rum:BatchGetRumMetricDefinitions", "rum:GetAppMonitor", "rum:GetAppMonitorData", "rum:ListAppMonitors", "rum:ListRumMetricsDestinations", "rum:ListTagsForResource", "synthetics:DescribeCanaries", "synthetics:DescribeCanariesLastRun", "synthetics:DescribeRuntimeVersions", "synthetics:GetCanary", "synthetics:GetCanaryRuns", "synthetics:GetGroup", "synthetics:ListAssociatedGroups", "synthetics:ListGroupResources", "synthetics:ListGroups", "synthetics:ListTagsForResource", "xray:BatchGetTraceSummaryById", "xray:BatchGetTraces", "xray:GetDistinctTraceGraphs", "xray:GetEncryptionConfig", "xray:GetGroup", "xray:GetGroups", "xray:GetInsight", "xray:GetInsightEvents", "xray:GetInsightImpactGraph", "xray:GetInsightSummaries", "xray:GetSamplingRules", "xray:GetSamplingStatisticSummaries", "xray:GetSamplingTargets", "xray:GetServiceGraph", "xray:GetTimeSeriesServiceStatistics", "xray:GetTraceGraph", "xray:GetTraceSummaries", "oam:ListAttachedLinks" ], "malformed": false, "name": "CloudWatchReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-05T19:24:15+00:00", "version": "v8" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM", "createdate": "2019-01-24T19:20:51Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ssm:DescribeAssociation", "ssm:GetDeployablePatchSnapshotForInstance", "ssm:GetDocument", "ssm:DescribeDocument", "ssm:GetManifest", "ssm:GetParameters", "ssm:ListAssociations", "ssm:ListInstanceAssociations", "ssm:PutInventory", "ssm:PutComplianceItems", "ssm:PutConfigurePackageResult", "ssm:UpdateAssociationStatus", "ssm:UpdateInstanceAssociationStatus", "ssm:UpdateInstanceInformation", "ssmmessages:CreateControlChannel", "ssmmessages:CreateDataChannel", "ssmmessages:OpenControlChannel", "ssmmessages:OpenDataChannel", "ec2messages:AcknowledgeMessage", "ec2messages:DeleteMessage", "ec2messages:FailMessage", "ec2messages:GetEndpoint", "ec2messages:GetMessages", "ec2messages:SendReply", "cloudwatch:PutMetricData", "ec2:DescribeInstanceStatus", "ds:CreateComputer", "ds:DescribeDirectories", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:PutLogEvents", "s3:GetBucketLocation", "s3:PutObject", "s3:GetObject", "s3:GetEncryptionConfiguration", "s3:AbortMultipartUpload", "s3:ListMultipartUploadParts", "s3:ListBucket", "s3:ListBucketMultipartUploads" ], "malformed": false, "name": "AmazonEC2RoleforSSM", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-01-24T19:20:51+00:00", "version": "v8" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSWellArchitectedOrganizationsServiceRolePolicy", "createdate": "2022-07-25T18:03:31Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:ListAWSServiceAccessForOrganization", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListAccounts", "organizations:ListAccountsForParent", "organizations:ListChildren", "organizations:ListParents", "organizations:ListRoots" ], "malformed": false, "name": "AWSWellArchitectedOrganizationsServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-07-25T18:03:31+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role", "createdate": "2023-03-06T22:19:04Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "ec2:DescribeTags", "ecs:CreateCluster", "ecs:DeregisterContainerInstance", "ecs:DiscoverPollEndpoint", "ecs:Poll", "ecs:RegisterContainerInstance", "ecs:StartTelemetrySession", "ecs:UpdateContainerInstancesState", "ecs:SubmitAttachmentStateChanges", "ecs:SubmitContainerStateChange", "ecs:SubmitTaskStateChange", "ecr:GetAuthorizationToken", "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", "logs:CreateLogStream", "logs:PutLogEvents", "ecs:TagResource" ], "malformed": false, "name": "AmazonEC2ContainerServiceforEC2Role", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-06T22:19:04+00:00", "version": "v7" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSResourceExplorerServiceRolePolicy", "createdate": "2023-12-20T13:58:52Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudtrail:CreateServiceLinkedChannel", "apigateway:GET", "access-analyzer:ListAnalyzers", "acm-pca:ListCertificateAuthorities", "amplify:ListApps", "amplify:ListBackendEnvironments", "amplify:ListBranches", "amplify:ListDomainAssociations", "amplifyuibuilder:ListComponents", "amplifyuibuilder:ListThemes", "app-integrations:ListEventIntegrations", "apprunner:ListServices", "apprunner:ListVpcConnectors", "appstream:DescribeAppBlocks", "appstream:DescribeApplications", "appstream:DescribeFleets", "appstream:DescribeImageBuilders", "appstream:DescribeStacks", "appsync:ListGraphqlApis", "aps:ListRuleGroupsNamespaces", "aps:ListWorkspaces", "athena:ListDataCatalogs", "athena:ListWorkGroups", "autoscaling:DescribeAutoScalingGroups", "backup:ListBackupPlans", "backup:ListReportPlans", "batch:DescribeComputeEnvironments", "batch:DescribeJobQueues", "batch:ListSchedulingPolicies", "cloudformation:ListStacks", "cloudformation:ListStackSets", "cloudfront:ListCachePolicies", "cloudfront:ListCloudFrontOriginAccessIdentities", "cloudfront:ListDistributions", "cloudfront:ListFieldLevelEncryptionConfigs", "cloudfront:ListFieldLevelEncryptionProfiles", "cloudfront:ListFunctions", "cloudfront:ListOriginAccessControls", "cloudfront:ListOriginRequestPolicies", "cloudfront:ListRealtimeLogConfigs", "cloudfront:ListResponseHeadersPolicies", "cloudtrail:ListTrails", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeInsightRules", "cloudwatch:ListDashboards", "cloudwatch:ListMetricStreams", "codeartifact:ListDomains", "codeartifact:ListRepositories", "codebuild:ListProjects", "codecommit:ListRepositories", "codeguru-profiler:ListProfilingGroups", "codepipeline:ListPipelines", "codestar-connections:ListConnections", "cognito-identity:ListIdentityPools", "cognito-idp:ListUserPools", "databrew:ListDatasets", "databrew:ListRecipes", "databrew:ListRulesets", "detective:ListGraphs", "ds:DescribeDirectories", "dynamodb:ListStreams", "dynamodb:ListTables", "ec2:DescribeAddresses", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamPools", "ec2:DescribeIpams", "ec2:DescribeIpamScopes", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplates", "ec2:DescribeManagedPrefixLists", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePublicIpv4Pools", "ec2:DescribeReservedInstances", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshots", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSubnets", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGateways", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumes", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:GetSubnetCidrReservations", "ecr:DescribeRepositories", "ecr-public:DescribeRepositories", "ecs:DescribeCapacityProviders", "ecs:DescribeServices", "ecs:ListClusters", "ecs:ListContainerInstances", "ecs:ListServices", "ecs:ListTaskDefinitions", "ecs:ListTasks", "elasticache:DescribeCacheClusters", "elasticache:DescribeCacheParameterGroups", "elasticache:DescribeCacheSecurityGroups", "elasticache:DescribeCacheSubnetGroups", "elasticache:DescribeGlobalReplicationGroups", "elasticache:DescribeReplicationGroups", "elasticache:DescribeReservedCacheNodes", "elasticache:DescribeSnapshots", "elasticache:DescribeUserGroups", "elasticache:DescribeUsers", "elasticbeanstalk:DescribeApplications", "elasticbeanstalk:DescribeApplicationVersions", "elasticbeanstalk:DescribeEnvironments", "elasticfilesystem:DescribeAccessPoints", "elasticfilesystem:DescribeFileSystems", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeTargetGroups", "emr-serverless:ListApplications", "es:ListDomainNames", "events:ListEventBuses", "events:ListRules", "evidently:ListExperiments", "evidently:ListFeatures", "evidently:ListLaunches", "evidently:ListProjects", "finspace:ListEnvironments", "firehose:ListDeliveryStreams", "fis:ListExperimentTemplates", "forecast:ListDatasetGroups", "forecast:ListDatasets", "frauddetector:GetDetectors", "frauddetector:GetEntityTypes", "frauddetector:GetEventTypes", "frauddetector:GetLabels", "frauddetector:GetOutcomes", "frauddetector:GetVariables", "gamelift:ListAliases", "geo:ListPlaceIndexes", "geo:ListTrackers", "greengrass:ListComponents", "globalaccelerator:ListAccelerators", "globalaccelerator:ListEndpointGroups", "globalaccelerator:ListListeners", "glue:GetDatabases", "glue:GetJobs", "glue:GetTables", "glue:GetTriggers", "greengrass:ListComponentVersions", "greengrass:ListGroups", "healthlake:ListFHIRDatastores", "iam:ListGroups", "iam:ListInstanceProfiles", "iam:ListOpenIDConnectProviders", "iam:ListPolicies", "iam:ListRoles", "iam:ListSAMLProviders", "iam:ListServerCertificates", "iam:ListUsers", "iam:ListVirtualMFADevices", "imagebuilder:ListComponentBuildVersions", "imagebuilder:ListComponents", "imagebuilder:ListContainerRecipes", "imagebuilder:ListDistributionConfigurations", "imagebuilder:ListImageBuildVersions", "imagebuilder:ListImagePipelines", "imagebuilder:ListImageRecipes", "imagebuilder:ListImages", "imagebuilder:ListInfrastructureConfigurations", "iotanalytics:ListChannels", "iotanalytics:ListDatasets", "iotanalytics:ListDatastores", "iotanalytics:ListPipelines", "iotevents:ListAlarmModels", "iotevents:ListDetectorModels", "iotevents:ListInputs", "iot:ListJobTemplates", "iot:ListAuthorizers", "iot:ListMitigationActions", "iot:ListPolicies", "iot:ListProvisioningTemplates", "iot:ListRoleAliases", "iot:ListSecurityProfiles", "iot:ListThings", "iot:ListTopicRuleDestinations", "iot:ListTopicRules", "iotsitewise:ListAssetModels", "iotsitewise:ListAssets", "iotsitewise:ListGateways", "iottwinmaker:ListComponentTypes", "iottwinmaker:ListEntities", "iottwinmaker:ListScenes", "iottwinmaker:ListWorkspaces", "kafka:ListConfigurations", "kms:ListKeys", "ivs:ListChannels", "ivs:ListStreamKeys", "kafka:ListClusters", "kinesis:ListStreamConsumers", "kinesis:ListStreams", "kinesisanalytics:ListApplications", "kinesisvideo:ListStreams", "lambda:ListAliases", "lambda:ListCodeSigningConfigs", "lambda:ListEventSourceMappings", "lambda:ListFunctions", "lambda:ListLayers", "lambda:ListLayerVersions", "lex:ListBots", "lex:ListBotAliases", "logs:DescribeDestinations", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "lookoutmetrics:ListAlerts", "lookoutvision:ListProjects", "mediapackage:ListChannels", "mediapackage:ListOriginEndpoints", "mediapackage-vod:ListPackagingConfigurations", "mediapackage-vod:ListPackagingGroups", "mq:ListBrokers", "mediatailor:ListPlaybackConfigurations", "memorydb:DescribeAcls", "memorydb:DescribeClusters", "memorydb:DescribeParameterGroups", "memorydb:DescribeUsers", "mobiletargeting:GetApps", "mobiletargeting:GetSegments", "mobiletargeting:ListTemplates", "network-firewall:ListFirewallPolicies", "network-firewall:ListFirewalls", "networkmanager:DescribeGlobalNetworks", "networkmanager:GetDevices", "networkmanager:GetLinks", "networkmanager:ListAttachments", "networkmanager:ListCoreNetworks", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListAccounts", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListDelegatedAdministrators", "panorama:ListPackages", "personalize:ListDatasetGroups", "personalize:ListDatasets", "personalize:ListSchemas", "qldb:ListJournalKinesisStreamsForLedger", "qldb:ListLedgers", "rds:DescribeBlueGreenDeployments", "rds:DescribeDBClusterEndpoints", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusters", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBInstances", "rds:DescribeDBParameterGroups", "rds:DescribeDBProxies", "rds:DescribeDBProxyEndpoints", "rds:DescribeDBSecurityGroups", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeEventSubscriptions", "rds:DescribeGlobalClusters", "rds:DescribeOptionGroups", "rds:DescribeReservedDBInstances", "redshift:DescribeClusterParameterGroups", "redshift:DescribeClusters", "redshift:DescribeClusterSnapshots", "redshift:DescribeClusterSubnetGroups", "redshift:DescribeEventSubscriptions", "redshift:DescribeSnapshotCopyGrants", "redshift:DescribeSnapshotSchedules", "redshift:DescribeUsageLimits", "refactor-spaces:ListApplications", "refactor-spaces:ListEnvironments", "refactor-spaces:ListRoutes", "refactor-spaces:ListServices", "rekognition:DescribeProjects", "resiliencehub:ListApps", "resiliencehub:ListResiliencyPolicies", "resource-explorer-2:GetIndex", "resource-explorer-2:ListIndexes", "resource-explorer-2:ListViews", "resource-groups:ListGroups", "route53:ListHealthChecks", "route53:ListHostedZones", "route53-recovery-readiness:ListRecoveryGroups", "route53-recovery-readiness:ListResourceSets", "route53resolver:ListFirewallDomainLists", "route53resolver:ListFirewallRuleGroups", "route53resolver:ListResolverEndpoints", "route53resolver:ListResolverRules", "s3:GetBucketLocation", "s3:ListAccessPoints", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListStorageLensConfigurations", "sagemaker:ListModels", "sagemaker:ListNotebookInstances", "secretsmanager:ListSecrets", "servicecatalog:ListApplications", "servicecatalog:ListAttributeGroups", "signer:ListSigningProfiles", "sns:ListTopics", "sqs:ListQueues", "ssm:DescribeAutomationExecutions", "ssm:DescribeInstanceInformation", "ssm:DescribeMaintenanceWindows", "ssm:DescribeMaintenanceWindowTargets", "ssm:DescribeMaintenanceWindowTasks", "ssm:DescribeParameters", "ssm:DescribePatchBaselines", "ssm-incidents:ListResponsePlans", "ssm:ListAssociations", "ssm:ListDocuments", "ssm:ListInventoryEntries", "ssm:ListResourceDataSync", "states:ListActivities", "states:ListStateMachines", "timestream:ListDatabases", "wisdom:ListAssistantAssociations", "wisdom:ListAssistants", "wisdom:ListKnowledgeBases" ], "malformed": false, "name": "AWSResourceExplorerServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-20T13:58:52+00:00", "version": "v7" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSServiceCatalogEndUserFullAccess", "createdate": "2019-07-10T20:30:52Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudformation:CreateStack", "cloudformation:DeleteStack", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStacks", "cloudformation:SetStackPolicy", "cloudformation:ValidateTemplate", "cloudformation:UpdateStack", "cloudformation:CreateChangeSet", "cloudformation:DescribeChangeSet", "cloudformation:ExecuteChangeSet", "cloudformation:ListChangeSets", "cloudformation:DeleteChangeSet", "cloudformation:TagResource", "cloudformation:CreateStackSet", "cloudformation:CreateStackInstances", "cloudformation:UpdateStackSet", "cloudformation:UpdateStackInstances", "cloudformation:DeleteStackSet", "cloudformation:DeleteStackInstances", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackSetOperation", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSetOperationResults", "cloudformation:GetTemplateSummary", "servicecatalog:DescribeProduct", "servicecatalog:DescribeProductView", "servicecatalog:DescribeProvisioningParameters", "servicecatalog:ListLaunchPaths", "servicecatalog:ProvisionProduct", "servicecatalog:SearchProducts", "ssm:DescribeDocument", "ssm:GetAutomationExecution", "config:DescribeConfigurationRecorders", "config:DescribeConfigurationRecorderStatus", "servicecatalog:DescribeProvisionedProduct", "servicecatalog:DescribeRecord", "servicecatalog:ListRecordHistory", "servicecatalog:ListStackInstancesForProvisionedProduct", "servicecatalog:ScanProvisionedProducts", "servicecatalog:TerminateProvisionedProduct", "servicecatalog:UpdateProvisionedProduct", "servicecatalog:SearchProvisionedProducts", "servicecatalog:CreateProvisionedProductPlan", "servicecatalog:DescribeProvisionedProductPlan", "servicecatalog:ExecuteProvisionedProductPlan", "servicecatalog:DeleteProvisionedProductPlan", "servicecatalog:ListProvisionedProductPlans", "servicecatalog:ListServiceActionsForProvisioningArtifact", "servicecatalog:ExecuteProvisionedProductServiceAction", "servicecatalog:DescribeServiceActionExecutionParameters" ], "malformed": false, "name": "AWSServiceCatalogEndUserFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-07-10T20:30:52+00:00", "version": "v7" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonCognitoIdpServiceRolePolicy", "createdate": "2020-06-26T22:30:20Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "cognito-idp:DescribeIdentityProvider", "cognito-idp:DescribeResourceServer", "cognito-idp:DescribeRiskConfiguration", "cognito-idp:DescribeUserImportJob", "cognito-idp:DescribeUserPool", "cognito-idp:DescribeUserPoolClient", "cognito-idp:DescribeUserPoolDomain" ], "malformed": false, "name": "AmazonCognitoIdpServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-06-26T22:30:20+00:00", "version": "v1" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/LexBotPolicy", "createdate": "2019-11-13T22:29:16Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "polly:SynthesizeSpeech", "comprehend:DetectSentiment" ], "malformed": false, "name": "LexBotPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-11-13T22:29:16+00:00", "version": "v2" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSCodeDeployRoleForECS", "createdate": "2019-09-23T22:37:46Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ecs:DescribeServices", "ecs:CreateTaskSet", "ecs:UpdateServicePrimaryTaskSet", "ecs:DeleteTaskSet", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:ModifyListener", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:ModifyRule", "lambda:InvokeFunction", "cloudwatch:DescribeAlarms", "sns:Publish", "s3:GetObject", "s3:GetObjectVersion", "iam:PassRole" ], "malformed": false, "name": "AWSCodeDeployRoleForECS", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-09-23T22:37:46+00:00", "version": "v3" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSEC2SpotFleetServiceRolePolicy", "createdate": "2020-03-16T19:16:21Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeImages", "ec2:DescribeSubnets", "ec2:RequestSpotInstances", "ec2:DescribeInstanceStatus", "ec2:RunInstances", "iam:PassRole", "ec2:CreateTags", "ec2:TerminateInstances", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:RegisterTargets" ], "malformed": false, "name": "AWSEC2SpotFleetServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-03-16T19:16:21+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSBugBustFullAccess", "createdate": "2021-07-22T20:04:29Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "codeguru-reviewer:DescribeCodeReview", "codeguru-reviewer:ListRecommendations", "codeguru-reviewer:ListCodeReviews", "codeguru-profiler:ListProfilingGroups", "codeguru-profiler:DescribeProfilingGroup", "bugbust:CreateEvent", "bugbust:EvaluateProfilingGroups", "bugbust:GetEvent", "bugbust:GetJoinEventStatus", "bugbust:JoinEvent", "bugbust:ListBugs", "bugbust:ListEventParticipants", "bugbust:ListEventScores", "bugbust:ListEvents", "bugbust:ListProfilingGroups", "bugbust:ListPullRequests", "bugbust:ListTagsForResource", "bugbust:TagResource", "bugbust:UntagResource", "bugbust:UpdateEvent", "bugbust:UpdateWorkItem", "bugbust:UpdateWorkItemAdmin", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSBugBustFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-07-22T20:04:29+00:00", "version": "v2" }, { "access_levels": [ "List" ], "arn": "arn:aws:iam::aws:policy/AmazonZocaloReadOnlyAccess", "createdate": "2015-02-06T18:41:14Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ds:DescribeDirectories", "ec2:DescribeVpcs", "ec2:DescribeSubnets" ], "malformed": false, "name": "AmazonZocaloReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": true, "updatedate": "2015-02-06T18:41:14+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/AWSIoTWirelessDataAccess", "createdate": "2020-12-15T15:31:39Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iotwireless:SendDataToWirelessDevice" ], "malformed": false, "name": "AWSIoTWirelessDataAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-15T15:31:39+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSImageBuilderReadOnlyAccess", "createdate": "2019-12-19T22:29:23Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "imagebuilder:GetComponent", "imagebuilder:GetComponentPolicy", "imagebuilder:GetContainerRecipe", "imagebuilder:GetContainerRecipePolicy", "imagebuilder:GetDistributionConfiguration", "imagebuilder:GetImage", "imagebuilder:GetImagePipeline", "imagebuilder:GetImagePolicy", "imagebuilder:GetImageRecipe", "imagebuilder:GetImageRecipePolicy", "imagebuilder:GetInfrastructureConfiguration", "imagebuilder:GetLifecycleExecution", "imagebuilder:GetLifecyclePolicy", "imagebuilder:GetWorkflow", "imagebuilder:GetWorkflowExecution", "imagebuilder:GetWorkflowStepExecution", "imagebuilder:ListComponentBuildVersions", "imagebuilder:ListComponents", "imagebuilder:ListContainerRecipes", "imagebuilder:ListDistributionConfigurations", "imagebuilder:ListImageBuildVersions", "imagebuilder:ListImagePackages", "imagebuilder:ListImagePipelineImages", "imagebuilder:ListImagePipelines", "imagebuilder:ListImageRecipes", "imagebuilder:ListImageScanFindingAggregations", "imagebuilder:ListImageScanFindings", "imagebuilder:ListImages", "imagebuilder:ListInfrastructureConfigurations", "imagebuilder:ListLifecycleExecutionResources", "imagebuilder:ListLifecycleExecutions", "imagebuilder:ListLifecyclePolicies", "imagebuilder:ListTagsForResource", "imagebuilder:ListWaitingWorkflowSteps", "imagebuilder:ListWorkflowBuildVersions", "imagebuilder:ListWorkflowExecutions", "imagebuilder:ListWorkflowStepExecutions", "imagebuilder:ListWorkflows", "iam:GetRole" ], "malformed": false, "name": "AWSImageBuilderReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-12-19T22:29:23+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryCrossAccountReplicationPolicy", "createdate": "2024-01-17T13:19:58Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeVolumes", "ec2:DescribeVolumeAttribute", "ec2:DescribeInstances", "drs:DescribeSourceServers", "drs:DescribeReplicationConfigurationTemplates", "drs:CreateSourceServerForDrs", "drs:TagResource" ], "malformed": false, "name": "AWSElasticDisasterRecoveryCrossAccountReplicationPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-17T13:19:58+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSOpsWorksCMInstanceProfileRole", "createdate": "2021-04-23T17:34:03Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudformation:DescribeStackResource", "cloudformation:SignalResource", "s3:AbortMultipartUpload", "s3:DeleteObject", "s3:GetObject", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListMultipartUploadParts", "s3:PutObject", "acm:GetCertificate", "secretsmanager:GetSecretValue" ], "malformed": false, "name": "AWSOpsWorksCMInstanceProfileRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-04-23T17:34:03+00:00", "version": "v5" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSBillingConductorReadOnlyAccess", "createdate": "2022-04-13T18:02:59Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "billingconductor:ListAccountAssociations", "billingconductor:ListBillingGroupCostReports", "billingconductor:ListBillingGroups", "billingconductor:ListCustomLineItemVersions", "billingconductor:ListCustomLineItems", "billingconductor:ListPricingPlans", "billingconductor:ListPricingPlansAssociatedWithPricingRule", "billingconductor:ListPricingRules", "billingconductor:ListPricingRulesAssociatedToPricingPlan", "billingconductor:ListResourcesAssociatedToCustomLineItem", "billingconductor:ListTagsForResource", "organizations:ListAccounts", "pricing:DescribeServices" ], "malformed": false, "name": "AWSBillingConductorReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-04-13T18:02:59+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonBraketServiceRolePolicy", "createdate": "2020-08-06T20:10:42Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:PutObject", "s3:GetObject", "s3:ListBucket", "logs:PutLogEvents", "logs:CreateLogStream", "logs:DescribeLogStreams", "logs:CreateLogGroup", "logs:DescribeLogGroups" ], "malformed": false, "name": "AmazonBraketServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-08-06T20:10:42+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonPrometheusConsoleFullAccess", "createdate": "2022-10-24T22:25:39Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "tag:GetTagValues", "tag:GetTagKeys", "aps:CreateWorkspace", "aps:DescribeWorkspace", "aps:UpdateWorkspaceAlias", "aps:DeleteWorkspace", "aps:ListWorkspaces", "aps:DescribeAlertManagerDefinition", "aps:DescribeRuleGroupsNamespace", "aps:CreateAlertManagerDefinition", "aps:CreateRuleGroupsNamespace", "aps:DeleteAlertManagerDefinition", "aps:DeleteRuleGroupsNamespace", "aps:ListRuleGroupsNamespaces", "aps:PutAlertManagerDefinition", "aps:PutRuleGroupsNamespace", "aps:TagResource", "aps:UntagResource", "aps:CreateLoggingConfiguration", "aps:UpdateLoggingConfiguration", "aps:DeleteLoggingConfiguration", "aps:DescribeLoggingConfiguration" ], "malformed": false, "name": "AmazonPrometheusConsoleFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-10-24T22:25:39+00:00", "version": "v3" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonRoute53RecoveryClusterReadOnlyAccess", "createdate": "2022-04-01T17:37:55Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "route53-recovery-cluster:GetRoutingControlState", "route53-recovery-cluster:ListRoutingControls" ], "malformed": false, "name": "AmazonRoute53RecoveryClusterReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-04-01T17:37:55+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AutoScalingConsoleReadOnlyAccess", "createdate": "2017-01-12T19:48:53Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeVpcs", "ec2:DescribeVpcClassicLink", "ec2:DescribeAvailabilityZones", "ec2:DescribeSubnets", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "cloudwatch:ListMetrics", "cloudwatch:GetMetricStatistics", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "sns:ListSubscriptions", "sns:ListTopics" ], "malformed": false, "name": "AutoScalingConsoleReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-01-12T19:48:53+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/ServerMigrationServiceConsoleFullAccess", "createdate": "2020-07-20T22:00:37Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "sms:CreateApp", "sms:CreateReplicationJob", "sms:DeleteApp", "sms:DeleteAppLaunchConfiguration", "sms:DeleteAppReplicationConfiguration", "sms:DeleteAppValidationConfiguration", "sms:DeleteReplicationJob", "sms:DeleteServerCatalog", "sms:DisassociateConnector", "sms:GenerateChangeSet", "sms:GenerateTemplate", "sms:GetApp", "sms:GetAppLaunchConfiguration", "sms:GetAppReplicationConfiguration", "sms:GetAppValidationConfiguration", "sms:GetAppValidationOutput", "sms:GetConnectors", "sms:GetMessages", "sms:GetReplicationJobs", "sms:GetReplicationRuns", "sms:GetServers", "sms:ImportAppCatalog", "sms:ImportServerCatalog", "sms:LaunchApp", "sms:ListApps", "sms:NotifyAppValidationOutput", "sms:PutAppLaunchConfiguration", "sms:PutAppReplicationConfiguration", "sms:PutAppValidationConfiguration", "sms:SendMessage", "sms:StartAppReplication", "sms:StartOnDemandAppReplication", "sms:StartOnDemandReplicationRun", "sms:StopAppReplication", "sms:TerminateApp", "sms:UpdateApp", "sms:UpdateReplicationJob", "cloudformation:ListStacks", "cloudformation:DescribeStacks", "cloudformation:DescribeStackResources", "s3:ListAllMyBuckets", "s3:GetObject", "ec2:DescribeKeyPairs", "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "iam:ListRoles", "iam:CreateServiceLinkedRole", "iam:GetInstanceProfile" ], "malformed": false, "name": "ServerMigrationServiceConsoleFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-07-20T22:00:37+00:00", "version": "v2" }, { "access_levels": [ "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSMarketplaceResaleAuthorizationServiceRolePolicy", "createdate": "2024-03-05T18:47:54Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ram:CreateResourceShare", "ram:AssociateResourceShare", "ram:AcceptResourceShareInvitation", "ram:GetResourceShareInvitations", "ram:GetResourceShareAssociations", "aws-marketplace:PutResourcePolicy", "aws-marketplace:GetResourcePolicy", "aws-marketplace:DescribeEntity" ], "malformed": false, "name": "AWSMarketplaceResaleAuthorizationServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-05T18:47:54+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonSageMakerClusterInstanceRolePolicy", "createdate": "2023-11-29T15:11:26Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "logs:PutLogEvents", "logs:CreateLogStream", "logs:DescribeLogStreams", "logs:CreateLogGroup", "cloudwatch:PutMetricData", "s3:ListBucket", "s3:GetObject", "ssmmessages:CreateControlChannel", "ssmmessages:CreateDataChannel", "ssmmessages:OpenControlChannel", "ssmmessages:OpenDataChannel" ], "malformed": false, "name": "AmazonSageMakerClusterInstanceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-29T15:11:26+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSIoT1ClickReadOnlyAccess", "createdate": "2018-05-11T21:49:24Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iot1click:DescribeDevice", "iot1click:DescribePlacement", "iot1click:DescribeProject", "iot1click:GetDeviceMethods", "iot1click:GetDevicesInPlacement", "iot1click:ListDeviceEvents", "iot1click:ListDevices", "iot1click:ListPlacements", "iot1click:ListProjects", "iot1click:ListTagsForResource" ], "malformed": false, "name": "AWSIoT1ClickReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-05-11T21:49:24+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSTransferFullAccess", "createdate": "2020-12-14T19:37:23Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "transfer:CreateAccess", "transfer:CreateAgreement", "transfer:CreateConnector", "transfer:CreateProfile", "transfer:CreateServer", "transfer:CreateUser", "transfer:CreateWorkflow", "transfer:DeleteAccess", "transfer:DeleteAgreement", "transfer:DeleteCertificate", "transfer:DeleteConnector", "transfer:DeleteHostKey", "transfer:DeleteProfile", "transfer:DeleteServer", "transfer:DeleteSshPublicKey", "transfer:DeleteUser", "transfer:DeleteWorkflow", "transfer:DescribeAccess", "transfer:DescribeAgreement", "transfer:DescribeCertificate", "transfer:DescribeConnector", "transfer:DescribeExecution", "transfer:DescribeHostKey", "transfer:DescribeProfile", "transfer:DescribeSecurityPolicy", "transfer:DescribeServer", "transfer:DescribeUser", "transfer:DescribeWorkflow", "transfer:ImportCertificate", "transfer:ImportHostKey", "transfer:ImportSshPublicKey", "transfer:ListAccesses", "transfer:ListAgreements", "transfer:ListCertificates", "transfer:ListConnectors", "transfer:ListExecutions", "transfer:ListHostKeys", "transfer:ListProfiles", "transfer:ListSecurityPolicies", "transfer:ListServers", "transfer:ListTagsForResource", "transfer:ListUsers", "transfer:ListWorkflows", "transfer:SendWorkflowStepState", "transfer:StartFileTransfer", "transfer:StartServer", "transfer:StopServer", "transfer:TagResource", "transfer:TestConnection", "transfer:TestIdentityProvider", "transfer:UntagResource", "transfer:UpdateAccess", "transfer:UpdateAgreement", "transfer:UpdateCertificate", "transfer:UpdateConnector", "transfer:UpdateHostKey", "transfer:UpdateProfile", "transfer:UpdateServer", "transfer:UpdateUser", "iam:PassRole", "ec2:DescribeVpcEndpoints", "ec2:DescribeNetworkInterfaces", "ec2:DescribeAddresses" ], "malformed": false, "name": "AWSTransferFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-14T19:37:23+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": null, "createdate": "2023-02-21T16:56:31Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [ "cloudwatch:PutMetricData" ], "malformed": false, "name": "AWSIotRoboRunnerServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole", "createdate": "2023-05-23T21:32:57Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "malformed": false, "name": "AmazonDMSCloudWatchLogsRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-05-23T21:32:57+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonSageMakerModelRegistryFullAccess", "createdate": "2023-04-13T05:20:48Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "sagemaker:DescribeAction", "sagemaker:DescribeInferenceRecommendationsJob", "sagemaker:DescribeModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:DescribePipeline", "sagemaker:DescribePipelineExecution", "sagemaker:ListAssociations", "sagemaker:ListArtifacts", "sagemaker:ListModelMetadata", "sagemaker:ListModelPackages", "sagemaker:Search", "sagemaker:GetSearchSuggestions", "sagemaker:AddTags", "sagemaker:CreateModel", "sagemaker:CreateModelPackage", "sagemaker:CreateModelPackageGroup", "sagemaker:CreateEndpoint", "sagemaker:CreateEndpointConfig", "sagemaker:CreateInferenceRecommendationsJob", "sagemaker:DeleteModelPackage", "sagemaker:DeleteModelPackageGroup", "sagemaker:DeleteTags", "sagemaker:UpdateModelPackage", "s3:GetObject", "s3:ListBucket", "s3:ListAllMyBuckets", "ecr:BatchGetImage", "ecr:DescribeImages", "iam:PassRole", "tag:GetResources", "resource-groups:GetGroupQuery", "resource-groups:ListGroupResources", "resource-groups:CreateGroup", "resource-groups:Tag", "resource-groups:DeleteGroup" ], "malformed": false, "name": "AmazonSageMakerModelRegistryFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-13T05:20:48+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSSystemsManagerForSAPFullAccess", "createdate": "2022-11-18T21:58:54Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ssm-sap:BackupDatabase", "ssm-sap:DeleteResourcePermission", "ssm-sap:DeregisterApplication", "ssm-sap:GetApplication", "ssm-sap:GetComponent", "ssm-sap:GetDatabase", "ssm-sap:GetOperation", "ssm-sap:GetResourcePermission", "ssm-sap:ListApplications", "ssm-sap:ListComponents", "ssm-sap:ListDatabases", "ssm-sap:ListOperations", "ssm-sap:ListTagsForResource", "ssm-sap:PutResourcePermission", "ssm-sap:RegisterApplication", "ssm-sap:RestoreDatabase", "ssm-sap:StartApplicationRefresh", "ssm-sap:TagResource", "ssm-sap:UntagResource", "ssm-sap:UpdateApplicationSettings", "ssm-sap:UpdateHANABackupSettings", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSSystemsManagerForSAPFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-18T21:58:54+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsGlueServiceRolePolicy", "createdate": "2022-08-26T19:13:02Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "glue:BatchCreatePartition", "glue:BatchDeletePartition", "glue:BatchDeleteTable", "glue:BatchDeleteTableVersion", "glue:BatchGetPartition", "glue:CreateDatabase", "glue:CreatePartition", "glue:CreateTable", "glue:DeletePartition", "glue:DeleteTable", "glue:DeleteTableVersion", "glue:GetDatabase", "glue:GetPartition", "glue:GetPartitions", "glue:GetTable", "glue:GetTables", "glue:GetTableVersion", "glue:GetTableVersions", "glue:SearchTables", "glue:UpdatePartition", "glue:UpdateTable", "glue:GetUserDefinedFunctions", "s3:CreateBucket", "s3:DeleteBucket", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:PutBucketCORS", "s3:AbortMultipartUpload", "s3:DeleteObject", "s3:GetObject", "s3:GetObjectVersion", "s3:PutObject", "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteLogDelivery", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:ListLogDeliveries", "logs:PutLogEvents", "logs:PutResourcePolicy", "logs:UpdateLogDelivery" ], "malformed": false, "name": "AmazonSageMakerServiceCatalogProductsGlueServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-08-26T19:13:02+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonDocDBConsoleFullAccess", "createdate": "2022-11-30T15:23:27Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "docdb-elastic:CreateCluster", "docdb-elastic:UpdateCluster", "docdb-elastic:GetCluster", "docdb-elastic:DeleteCluster", "docdb-elastic:ListClusters", "docdb-elastic:CreateClusterSnapshot", "docdb-elastic:GetClusterSnapshot", "docdb-elastic:DeleteClusterSnapshot", "docdb-elastic:ListClusterSnapshots", "docdb-elastic:RestoreClusterFromSnapshot", "docdb-elastic:TagResource", "docdb-elastic:UntagResource", "docdb-elastic:ListTagsForResource", "rds:AddRoleToDBCluster", "rds:AddSourceIdentifierToSubscription", "rds:AddTagsToResource", "rds:ApplyPendingMaintenanceAction", "rds:CopyDBClusterParameterGroup", "rds:CopyDBClusterSnapshot", "rds:CopyDBParameterGroup", "rds:CreateDBCluster", "rds:CreateDBClusterParameterGroup", "rds:CreateDBClusterSnapshot", "rds:CreateDBInstance", "rds:CreateDBParameterGroup", "rds:CreateDBSubnetGroup", "rds:CreateEventSubscription", "rds:CreateGlobalCluster", "rds:DeleteDBCluster", "rds:DeleteDBClusterParameterGroup", "rds:DeleteDBClusterSnapshot", "rds:DeleteDBInstance", "rds:DeleteDBParameterGroup", "rds:DeleteDBSubnetGroup", "rds:DeleteEventSubscription", "rds:DeleteGlobalCluster", "rds:DescribeAccountAttributes", "rds:DescribeCertificates", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBSecurityGroups", "rds:DescribeDBSubnetGroups", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeGlobalClusters", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeValidDBInstanceModifications", "rds:DownloadDBLogFilePortion", "rds:FailoverDBCluster", "rds:ListTagsForResource", "rds:ModifyDBCluster", "rds:ModifyDBClusterParameterGroup", "rds:ModifyDBClusterSnapshotAttribute", "rds:ModifyDBInstance", "rds:ModifyDBParameterGroup", "rds:ModifyDBSubnetGroup", "rds:ModifyEventSubscription", "rds:ModifyGlobalCluster", "rds:PromoteReadReplicaDBCluster", "rds:RebootDBInstance", "rds:RemoveFromGlobalCluster", "rds:RemoveRoleFromDBCluster", "rds:RemoveSourceIdentifierFromSubscription", "rds:RemoveTagsFromResource", "rds:ResetDBClusterParameterGroup", "rds:ResetDBParameterGroup", "rds:RestoreDBClusterFromSnapshot", "rds:RestoreDBClusterToPointInTime", "iam:GetRole", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "ec2:AllocateAddress", "ec2:AssignIpv6Addresses", "ec2:AssignPrivateIpAddresses", "ec2:AssociateAddress", "ec2:AssociateRouteTable", "ec2:AssociateSubnetCidrBlock", "ec2:AssociateVpcCidrBlock", "ec2:AttachInternetGateway", "ec2:AttachNetworkInterface", "ec2:CreateCustomerGateway", "ec2:CreateDefaultSubnet", "ec2:CreateDefaultVpc", "ec2:CreateInternetGateway", "ec2:CreateNatGateway", "ec2:CreateNetworkInterface", "ec2:CreateRoute", "ec2:CreateRouteTable", "ec2:CreateSecurityGroup", "ec2:CreateSubnet", "ec2:CreateVpc", "ec2:CreateVpcEndpoint", "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DescribeAvailabilityZones", "ec2:DescribeCustomerGateways", "ec2:DescribeInstances", "ec2:DescribeNatGateways", "ec2:DescribeNetworkInterfaces", "ec2:DescribePrefixLists", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcs", "ec2:ModifyNetworkInterfaceAttribute", "ec2:ModifySubnetAttribute", "ec2:ModifyVpcAttribute", "ec2:ModifyVpcEndpoint", "kms:DescribeKey", "kms:ListAliases", "kms:ListKeyPolicies", "kms:ListKeys", "kms:ListRetirableGrants", "logs:DescribeLogStreams", "logs:GetLogEvents", "sns:ListSubscriptions", "sns:ListTopics", "sns:Publish", "iam:CreateServiceLinkedRole", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonDocDBConsoleFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-30T15:23:27+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonCognitoReadOnly", "createdate": "2019-08-01T19:21:04Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "cognito-identity:DescribeIdentity", "cognito-identity:DescribeIdentityPool", "cognito-identity:GetCredentialsForIdentity", "cognito-identity:GetId", "cognito-identity:GetIdentityPoolAnalytics", "cognito-identity:GetIdentityPoolDailyAnalytics", "cognito-identity:GetIdentityPoolRoles", "cognito-identity:GetIdentityProviderDailyAnalytics", "cognito-identity:GetOpenIdToken", "cognito-identity:GetOpenIdTokenForDeveloperIdentity", "cognito-identity:GetPrincipalTagAttributeMap", "cognito-identity:ListIdentities", "cognito-identity:ListIdentityPools", "cognito-identity:ListTagsForResource", "cognito-idp:DescribeIdentityProvider", "cognito-idp:DescribeResourceServer", "cognito-idp:DescribeRiskConfiguration", "cognito-idp:DescribeUserImportJob", "cognito-idp:DescribeUserPool", "cognito-idp:DescribeUserPoolClient", "cognito-idp:DescribeUserPoolDomain", "cognito-idp:AdminGetDevice", "cognito-idp:AdminGetUser", "cognito-idp:AdminListDevices", "cognito-idp:AdminListGroupsForUser", "cognito-idp:AdminListUserAuthEvents", "cognito-idp:ListDevices", "cognito-idp:ListGroups", "cognito-idp:ListIdentityProviders", "cognito-idp:ListResourceServers", "cognito-idp:ListResourcesForWebACL", "cognito-idp:ListTagsForResource", "cognito-idp:ListUserImportJobs", "cognito-idp:ListUserPoolClients", "cognito-idp:ListUserPools", "cognito-idp:ListUsers", "cognito-idp:ListUsersInGroup", "cognito-idp:GetCSVHeader", "cognito-idp:GetDevice", "cognito-idp:GetGroup", "cognito-idp:GetIdentityProviderByIdentifier", "cognito-idp:GetLogDeliveryConfiguration", "cognito-idp:GetSigningCertificate", "cognito-idp:GetUICustomization", "cognito-idp:GetUser", "cognito-idp:GetUserAttributeVerificationCode", "cognito-idp:GetUserPoolMfaConfig", "cognito-idp:GetWebACLForResource", "cognito-sync:DescribeDataset", "cognito-sync:DescribeIdentityPoolUsage", "cognito-sync:DescribeIdentityUsage", "cognito-sync:GetBulkPublishDetails", "cognito-sync:GetCognitoEvents", "cognito-sync:GetIdentityPoolConfiguration", "cognito-sync:ListDatasets", "cognito-sync:ListIdentityPoolUsage", "cognito-sync:ListRecords", "iam:ListOpenIDConnectProviders", "iam:ListRoles", "sns:ListPlatformApplications" ], "malformed": false, "name": "AmazonCognitoReadOnly", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-08-01T19:21:04+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonCodeGuruSecurityScanAccess", "createdate": "2023-05-09T20:54:32Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "codeguru-security:CreateScan", "codeguru-security:CreateUploadUrl", "codeguru-security:GetScan", "codeguru-security:GetFindings" ], "malformed": false, "name": "AmazonCodeGuruSecurityScanAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-05-09T20:54:32+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForIoTSiteWise", "createdate": "2023-11-13T18:27:50Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "greengrass:GetAssociatedRole", "greengrass:GetCoreDefinition", "greengrass:GetCoreDefinitionVersion", "greengrass:GetGroup", "greengrass:GetGroupVersion", "logs:CreateLogGroup", "logs:DescribeLogGroups", "logs:CreateLogStream", "logs:DescribeLogStreams", "logs:PutLogEvents", "iottwinmaker:GetWorkspace", "iottwinmaker:ExecuteQuery" ], "malformed": false, "name": "AWSServiceRoleForIoTSiteWise", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-13T18:27:50+00:00", "version": "v8" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSResourceExplorerReadOnlyAccess", "createdate": "2023-11-14T16:43:41Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "resource-explorer-2:GetAccountLevelServiceConfiguration", "resource-explorer-2:GetDefaultView", "resource-explorer-2:GetIndex", "resource-explorer-2:GetView", "resource-explorer-2:ListIndexes", "resource-explorer-2:ListIndexesForMembers", "resource-explorer-2:ListSupportedResourceTypes", "resource-explorer-2:ListTagsForResource", "resource-explorer-2:ListViews", "resource-explorer-2:Search", "resource-explorer-2:BatchGetView", "ec2:DescribeRegions", "ram:ListResources", "ram:GetResourceShares", "organizations:DescribeOrganization" ], "malformed": false, "name": "AWSResourceExplorerReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-14T16:43:41+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSQuicksightAthenaAccess", "createdate": "2021-07-07T20:09:06Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "athena:BatchGetQueryExecution", "athena:CancelQueryExecution", "athena:GetCatalogs", "athena:GetExecutionEngine", "athena:GetExecutionEngines", "athena:GetNamespace", "athena:GetNamespaces", "athena:GetQueryExecution", "athena:GetQueryExecutions", "athena:GetQueryResults", "athena:GetQueryResultsStream", "athena:GetTable", "athena:GetTables", "athena:ListQueryExecutions", "athena:RunQuery", "athena:StartQueryExecution", "athena:StopQueryExecution", "athena:ListWorkGroups", "athena:ListEngineVersions", "athena:GetWorkGroup", "athena:GetDataCatalog", "athena:GetDatabase", "athena:GetTableMetadata", "athena:ListDataCatalogs", "athena:ListDatabases", "athena:ListTableMetadata", "glue:CreateDatabase", "glue:DeleteDatabase", "glue:GetDatabase", "glue:GetDatabases", "glue:UpdateDatabase", "glue:CreateTable", "glue:DeleteTable", "glue:BatchDeleteTable", "glue:UpdateTable", "glue:GetTable", "glue:GetTables", "glue:BatchCreatePartition", "glue:CreatePartition", "glue:DeletePartition", "glue:BatchDeletePartition", "glue:UpdatePartition", "glue:GetPartition", "glue:GetPartitions", "glue:BatchGetPartition", "s3:GetBucketLocation", "s3:GetObject", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListMultipartUploadParts", "s3:AbortMultipartUpload", "s3:CreateBucket", "s3:PutObject", "s3:PutBucketPublicAccessBlock", "lakeformation:GetDataAccess" ], "malformed": false, "name": "AWSQuicksightAthenaAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-07-07T20:09:06+00:00", "version": "v10" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSCloud9EnvironmentMember", "createdate": "2023-10-11T12:13:40Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloud9:GetUserSettings", "cloud9:UpdateUserSettings", "iam:GetUser", "iam:ListUsers", "cloud9:DescribeEnvironmentMemberships", "ssm:StartSession", "ssm:GetConnectionStatus", "ssm:StartSession" ], "malformed": false, "name": "AWSCloud9EnvironmentMember", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-10-11T12:13:40+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSQuickSightDescribeRedshift", "createdate": "2015-11-10T23:25:01Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "redshift:DescribeAccountAttributes", "redshift:DescribeAuthenticationProfiles", "redshift:DescribeClusterDbRevisions", "redshift:DescribeClusterParameterGroups", "redshift:DescribeClusterParameters", "redshift:DescribeClusterSecurityGroups", "redshift:DescribeClusterSnapshots", "redshift:DescribeClusterSubnetGroups", "redshift:DescribeClusterTracks", "redshift:DescribeClusterVersions", "redshift:DescribeClusters", "redshift:DescribeCustomDomainAssociations", "redshift:DescribeDataShares", "redshift:DescribeDataSharesForConsumer", "redshift:DescribeDataSharesForProducer", "redshift:DescribeDefaultClusterParameters", "redshift:DescribeEndpointAccess", "redshift:DescribeEndpointAuthorization", "redshift:DescribeEventCategories", "redshift:DescribeEventSubscriptions", "redshift:DescribeEvents", "redshift:DescribeHsmClientCertificates", "redshift:DescribeHsmConfigurations", "redshift:DescribeInboundIntegrations", "redshift:DescribeLoggingStatus", "redshift:DescribeNodeConfigurationOptions", "redshift:DescribeOrderableClusterOptions", "redshift:DescribePartners", "redshift:DescribeQev2IdcApplications", "redshift:DescribeQuery", "redshift:DescribeRedshiftIdcApplications", "redshift:DescribeReservedNodeExchangeStatus", "redshift:DescribeReservedNodeOfferings", "redshift:DescribeReservedNodes", "redshift:DescribeResize", "redshift:DescribeSavedQueries", "redshift:DescribeScheduledActions", "redshift:DescribeSnapshotCopyGrants", "redshift:DescribeSnapshotSchedules", "redshift:DescribeStorage", "redshift:DescribeTable", "redshift:DescribeTableRestoreStatus", "redshift:DescribeTags", "redshift:DescribeUsageLimits" ], "malformed": false, "name": "AWSQuickSightDescribeRedshift", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-11-10T23:25:01+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSIdentitySyncReadOnlyAccess", "createdate": "2022-03-23T23:29:52Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "identity-sync:GetSyncProfile", "identity-sync:ListSyncFilters", "identity-sync:GetSyncTarget" ], "malformed": false, "name": "AWSIdentitySyncReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-03-23T23:29:52+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSIoTSiteWiseFullAccess", "createdate": "2018-12-04T20:53:39Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iotsitewise:AssociateAssets", "iotsitewise:AssociateTimeSeriesToAssetProperty", "iotsitewise:BatchAssociateProjectAssets", "iotsitewise:BatchDisassociateProjectAssets", "iotsitewise:BatchGetAssetPropertyAggregates", "iotsitewise:BatchGetAssetPropertyValue", "iotsitewise:BatchGetAssetPropertyValueHistory", "iotsitewise:BatchPutAssetPropertyValue", "iotsitewise:CreateAccessPolicy", "iotsitewise:CreateAsset", "iotsitewise:CreateAssetModel", "iotsitewise:CreateAssetModelCompositeModel", "iotsitewise:CreateBulkImportJob", "iotsitewise:CreateDashboard", "iotsitewise:CreateGateway", "iotsitewise:CreatePortal", "iotsitewise:CreateProject", "iotsitewise:DeleteAccessPolicy", "iotsitewise:DeleteAsset", "iotsitewise:DeleteAssetModel", "iotsitewise:DeleteAssetModelCompositeModel", "iotsitewise:DeleteDashboard", "iotsitewise:DeleteGateway", "iotsitewise:DeletePortal", "iotsitewise:DeleteProject", "iotsitewise:DeleteTimeSeries", "iotsitewise:DescribeAccessPolicy", "iotsitewise:DescribeAction", "iotsitewise:DescribeAsset", "iotsitewise:DescribeAssetCompositeModel", "iotsitewise:DescribeAssetModel", "iotsitewise:DescribeAssetModelCompositeModel", "iotsitewise:DescribeAssetProperty", "iotsitewise:DescribeBulkImportJob", "iotsitewise:DescribeDashboard", "iotsitewise:DescribeDefaultEncryptionConfiguration", "iotsitewise:DescribeGateway", "iotsitewise:DescribeGatewayCapabilityConfiguration", "iotsitewise:DescribeLoggingOptions", "iotsitewise:DescribePortal", "iotsitewise:DescribeProject", "iotsitewise:DescribeStorageConfiguration", "iotsitewise:DescribeTimeSeries", "iotsitewise:DisassociateAssets", "iotsitewise:DisassociateTimeSeriesFromAssetProperty", "iotsitewise:EnableSiteWiseIntegration", "iotsitewise:ExecuteAction", "iotsitewise:ExecuteQuery", "iotsitewise:GetAssetPropertyAggregates", "iotsitewise:GetAssetPropertyValue", "iotsitewise:GetAssetPropertyValueHistory", "iotsitewise:GetInterpolatedAssetPropertyValues", "iotsitewise:ListAccessPolicies", "iotsitewise:ListActions", "iotsitewise:ListAssetModelCompositeModels", "iotsitewise:ListAssetModelProperties", "iotsitewise:ListAssetModels", "iotsitewise:ListAssetProperties", "iotsitewise:ListAssetRelationships", "iotsitewise:ListAssets", "iotsitewise:ListAssociatedAssets", "iotsitewise:ListBulkImportJobs", "iotsitewise:ListCompositionRelationships", "iotsitewise:ListDashboards", "iotsitewise:ListGateways", "iotsitewise:ListPortals", "iotsitewise:ListProjectAssets", "iotsitewise:ListProjects", "iotsitewise:ListTagsForResource", "iotsitewise:ListTimeSeries", "iotsitewise:PutDefaultEncryptionConfiguration", "iotsitewise:PutLoggingOptions", "iotsitewise:PutStorageConfiguration", "iotsitewise:TagResource", "iotsitewise:UntagResource", "iotsitewise:UpdateAccessPolicy", "iotsitewise:UpdateAsset", "iotsitewise:UpdateAssetModel", "iotsitewise:UpdateAssetModelCompositeModel", "iotsitewise:UpdateAssetModelPropertyRouting", "iotsitewise:UpdateAssetProperty", "iotsitewise:UpdateDashboard", "iotsitewise:UpdateGateway", "iotsitewise:UpdateGatewayCapabilityConfiguration", "iotsitewise:UpdatePortal", "iotsitewise:UpdateProject" ], "malformed": false, "name": "AWSIoTSiteWiseFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-12-04T20:53:39+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForMonitronPolicy", "createdate": "2022-09-29T20:38:15Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "sso:GetManagedApplicationInstance", "sso:GetProfile", "sso:ListProfiles", "sso:ListProfileAssociations", "sso:AssociateProfile", "sso:ListDirectoryAssociations", "sso-directory:DescribeUsers", "sso-directory:SearchUsers" ], "malformed": false, "name": "AWSServiceRoleForMonitronPolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-09-29T20:38:15+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonGlacierReadOnlyAccess", "createdate": "2016-05-05T18:46:10Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "glacier:DescribeJob", "glacier:DescribeVault", "glacier:GetDataRetrievalPolicy", "glacier:GetJobOutput", "glacier:GetVaultAccessPolicy", "glacier:GetVaultLock", "glacier:GetVaultNotifications", "glacier:ListJobs", "glacier:ListMultipartUploads", "glacier:ListParts", "glacier:ListTagsForVault", "glacier:ListVaults" ], "malformed": false, "name": "AmazonGlacierReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2016-05-05T18:46:10+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryReplicationServerPolicy", "createdate": "2023-11-27T13:28:14Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "drs:SendClientMetricsForDrs", "drs:SendClientLogsForDrs", "drs:GetChannelCommandsForDrs", "drs:SendChannelCommandResultForDrs", "drs:GetAgentSnapshotCreditsForDrs", "drs:DescribeReplicationServerAssociationsForDrs", "drs:DescribeSnapshotRequestsForDrs", "drs:BatchDeleteSnapshotRequestForDrs", "drs:NotifyAgentAuthenticationForDrs", "drs:BatchCreateVolumeSnapshotGroupForDrs", "drs:UpdateAgentReplicationProcessStateForDrs", "drs:NotifyAgentReplicationProgressForDrs", "drs:NotifyAgentConnectedForDrs", "drs:NotifyAgentDisconnectedForDrs", "drs:NotifyVolumeEventForDrs", "drs:SendVolumeStatsForDrs", "ec2:DescribeInstances", "ec2:DescribeSnapshots", "ec2:CreateSnapshot", "ec2:CreateSnapshot", "ec2:CreateTags" ], "malformed": false, "name": "AWSElasticDisasterRecoveryReplicationServerPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-27T13:28:14+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingRDSClusterPolicy", "createdate": "2018-08-07T19:14:24Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "rds:AddTagsToResource", "rds:CreateDBInstance", "rds:DeleteDBInstance", "rds:DescribeDBClusters", "rds:DescribeDBInstances", "rds:ModifyDBCluster", "cloudwatch:PutMetricAlarm", "cloudwatch:DescribeAlarms", "cloudwatch:DeleteAlarms", "iam:PassRole" ], "malformed": false, "name": "AWSApplicationAutoscalingRDSClusterPolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-08-07T19:14:24+00:00", "version": "v3" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonMemoryDBFullAccess", "createdate": "2021-10-08T19:24:16Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "memorydb:BatchUpdateCluster", "memorydb:Connect", "memorydb:CopySnapshot", "memorydb:CreateAcl", "memorydb:CreateCluster", "memorydb:CreateParameterGroup", "memorydb:CreateSnapshot", "memorydb:CreateSubnetGroup", "memorydb:CreateUser", "memorydb:DeleteAcl", "memorydb:DeleteCluster", "memorydb:DeleteParameterGroup", "memorydb:DeleteSnapshot", "memorydb:DeleteSubnetGroup", "memorydb:DeleteUser", "memorydb:DescribeAcls", "memorydb:DescribeClusters", "memorydb:DescribeEngineVersions", "memorydb:DescribeEvents", "memorydb:DescribeParameterGroups", "memorydb:DescribeParameters", "memorydb:DescribeReservedNodes", "memorydb:DescribeReservedNodesOfferings", "memorydb:DescribeServiceUpdates", "memorydb:DescribeSnapshots", "memorydb:DescribeSubnetGroups", "memorydb:DescribeUsers", "memorydb:FailoverShard", "memorydb:ListAllowedNodeTypeUpdates", "memorydb:ListTags", "memorydb:PurchaseReservedNodesOffering", "memorydb:ResetParameterGroup", "memorydb:TagResource", "memorydb:UntagResource", "memorydb:UpdateAcl", "memorydb:UpdateCluster", "memorydb:UpdateParameterGroup", "memorydb:UpdateSubnetGroup", "memorydb:UpdateUser", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonMemoryDBFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-10-08T19:24:16+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonElasticMapReduceReadOnlyAccess", "createdate": "2020-07-29T23:14:09Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "elasticmapreduce:DescribeCluster", "elasticmapreduce:DescribeEditor", "elasticmapreduce:DescribeJobFlows", "elasticmapreduce:DescribeNotebookExecution", "elasticmapreduce:DescribePersistentAppUI", "elasticmapreduce:DescribeReleaseLabel", "elasticmapreduce:DescribeRepository", "elasticmapreduce:DescribeSecurityConfiguration", "elasticmapreduce:DescribeStep", "elasticmapreduce:DescribeStudio", "elasticmapreduce:ListBootstrapActions", "elasticmapreduce:ListClusters", "elasticmapreduce:ListEditors", "elasticmapreduce:ListInstanceFleets", "elasticmapreduce:ListInstanceGroups", "elasticmapreduce:ListInstances", "elasticmapreduce:ListNotebookExecutions", "elasticmapreduce:ListReleaseLabels", "elasticmapreduce:ListRepositories", "elasticmapreduce:ListSecurityConfigurations", "elasticmapreduce:ListSteps", "elasticmapreduce:ListStudioSessionMappings", "elasticmapreduce:ListStudios", "elasticmapreduce:ListSupportedInstanceTypes", "elasticmapreduce:ListWorkspaceAccessIdentities", "elasticmapreduce:GetBlockPublicAccessConfiguration", "elasticmapreduce:ViewEventsFromAllClustersInConsole", "s3:GetObject", "s3:ListAllMyBuckets", "s3:ListBucket", "sdb:Select", "cloudwatch:GetMetricStatistics" ], "malformed": false, "name": "AmazonElasticMapReduceReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-07-29T23:14:09+00:00", "version": "v3" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AWSSupportAppReadOnlyAccess", "createdate": "2022-08-22T17:01:15Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "support:DescribeCases", "support:DescribeCommunications" ], "malformed": false, "name": "AWSSupportAppReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-08-22T17:01:15+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonOpenSearchIngestionFullAccess", "createdate": "2023-04-26T18:11:38Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "osis:CreatePipeline", "osis:UpdatePipeline", "osis:DeletePipeline", "osis:StartPipeline", "osis:StopPipeline", "osis:ListPipelines", "osis:GetPipeline", "osis:GetPipelineChangeProgress", "osis:ValidatePipeline", "osis:GetPipelineBlueprint", "osis:ListPipelineBlueprints", "osis:TagResource", "osis:UntagResource", "osis:ListTagsForResource", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonOpenSearchIngestionFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-26T18:11:38+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSBatchServiceEventTargetRole", "createdate": "2018-02-28T22:31:13Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "batch:SubmitJob" ], "malformed": false, "name": "AWSBatchServiceEventTargetRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-02-28T22:31:13+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSCodePipelineCustomActionAccess", "createdate": "2015-07-09T17:02:54Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "codepipeline:AcknowledgeJob", "codepipeline:GetJobDetails", "codepipeline:PollForJobs", "codepipeline:PutJobFailureResult", "codepipeline:PutJobSuccessResult" ], "malformed": false, "name": "AWSCodePipelineCustomActionAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-07-09T17:02:54+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSAccountManagementFullAccess", "createdate": "2021-09-30T23:20:37Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "account:CloseAccount", "account:DeleteAlternateContact", "account:DisableRegion", "account:EnableRegion", "account:GetAccountInformation", "account:GetAlternateContact", "account:GetChallengeQuestions", "account:GetContactInformation", "account:GetRegionOptStatus", "account:ListRegions", "account:PutAlternateContact", "account:PutChallengeQuestions", "account:PutContactInformation" ], "malformed": false, "name": "AWSAccountManagementFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-09-30T23:20:37+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/RDSCloudHsmAuthorizationRole", "createdate": "2019-09-26T22:14:29Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudhsm:CreateLunaClient", "cloudhsm:DeleteLunaClient", "cloudhsm:DescribeHapg", "cloudhsm:DescribeLunaClient", "cloudhsm:GetConfig", "cloudhsm:ModifyHapg", "cloudhsm:ModifyLunaClient" ], "malformed": false, "name": "RDSCloudHsmAuthorizationRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-09-26T22:14:29+00:00", "version": "v2" }, { "access_levels": [ "List" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSEnhancedClassicNetworkingMangementPolicy", "createdate": "2017-09-20T17:29:09Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeInstances", "ec2:DescribeSecurityGroups" ], "malformed": false, "name": "AWSEnhancedClassicNetworkingMangementPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-09-20T17:29:09+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderPublishFindingsToSNSMitigationAction", "createdate": "2019-08-07T17:04:37Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "sns:Publish" ], "malformed": false, "name": "AWSIoTDeviceDefenderPublishFindingsToSNSMitigationAction", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-08-07T17:04:37+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsCloudformationServiceRolePolicy", "createdate": "2022-03-25T04:26:40Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "sagemaker:AddAssociation", "sagemaker:AddTags", "sagemaker:AssociateTrialComponent", "sagemaker:BatchDescribeModelPackage", "sagemaker:BatchGetMetrics", "sagemaker:BatchGetRecord", "sagemaker:BatchPutMetrics", "sagemaker:CreateAction", "sagemaker:CreateAlgorithm", "sagemaker:CreateApp", "sagemaker:CreateAppImageConfig", "sagemaker:CreateArtifact", "sagemaker:CreateAutoMLJob", "sagemaker:CreateCodeRepository", "sagemaker:CreateCompilationJob", "sagemaker:CreateContext", "sagemaker:CreateDataQualityJobDefinition", "sagemaker:CreateDeviceFleet", "sagemaker:CreateDomain", "sagemaker:CreateEdgePackagingJob", "sagemaker:CreateEndpoint", "sagemaker:CreateEndpointConfig", "sagemaker:CreateExperiment", "sagemaker:CreateFeatureGroup", "sagemaker:CreateFlowDefinition", "sagemaker:CreateHumanTaskUi", "sagemaker:CreateHyperParameterTuningJob", "sagemaker:CreateImage", "sagemaker:CreateImageVersion", "sagemaker:CreateInferenceRecommendationsJob", "sagemaker:CreateLabelingJob", "sagemaker:CreateLineageGroupPolicy", "sagemaker:CreateModel", "sagemaker:CreateModelBiasJobDefinition", "sagemaker:CreateModelExplainabilityJobDefinition", "sagemaker:CreateModelPackage", "sagemaker:CreateModelPackageGroup", "sagemaker:CreateModelQualityJobDefinition", "sagemaker:CreateMonitoringSchedule", "sagemaker:CreateNotebookInstance", "sagemaker:CreateNotebookInstanceLifecycleConfig", "sagemaker:CreatePipeline", "sagemaker:CreatePresignedDomainUrl", "sagemaker:CreatePresignedNotebookInstanceUrl", "sagemaker:CreateProcessingJob", "sagemaker:CreateProject", "sagemaker:CreateTrainingJob", "sagemaker:CreateTransformJob", "sagemaker:CreateTrial", "sagemaker:CreateTrialComponent", "sagemaker:CreateUserProfile", "sagemaker:CreateWorkforce", "sagemaker:CreateWorkteam", "sagemaker:DeleteAction", "sagemaker:DeleteAlgorithm", "sagemaker:DeleteApp", "sagemaker:DeleteAppImageConfig", "sagemaker:DeleteArtifact", "sagemaker:DeleteAssociation", "sagemaker:DeleteCodeRepository", "sagemaker:DeleteContext", "sagemaker:DeleteDataQualityJobDefinition", "sagemaker:DeleteDeviceFleet", "sagemaker:DeleteDomain", "sagemaker:DeleteEndpoint", "sagemaker:DeleteEndpointConfig", "sagemaker:DeleteExperiment", "sagemaker:DeleteFeatureGroup", "sagemaker:DeleteFlowDefinition", "sagemaker:DeleteHumanLoop", "sagemaker:DeleteHumanTaskUi", "sagemaker:DeleteImage", "sagemaker:DeleteImageVersion", "sagemaker:DeleteLineageGroupPolicy", "sagemaker:DeleteModel", "sagemaker:DeleteModelBiasJobDefinition", "sagemaker:DeleteModelExplainabilityJobDefinition", "sagemaker:DeleteModelPackage", "sagemaker:DeleteModelPackageGroup", "sagemaker:DeleteModelPackageGroupPolicy", "sagemaker:DeleteModelQualityJobDefinition", "sagemaker:DeleteMonitoringSchedule", "sagemaker:DeleteNotebookInstance", "sagemaker:DeleteNotebookInstanceLifecycleConfig", "sagemaker:DeletePipeline", "sagemaker:DeleteProject", "sagemaker:DeleteRecord", "sagemaker:DeleteTags", "sagemaker:DeleteTrial", "sagemaker:DeleteTrialComponent", "sagemaker:DeleteUserProfile", "sagemaker:DeleteWorkforce", "sagemaker:DeleteWorkteam", "sagemaker:DeregisterDevices", "sagemaker:DescribeAction", "sagemaker:DescribeAlgorithm", "sagemaker:DescribeApp", "sagemaker:DescribeAppImageConfig", "sagemaker:DescribeArtifact", "sagemaker:DescribeAutoMLJob", "sagemaker:DescribeCodeRepository", "sagemaker:DescribeCompilationJob", "sagemaker:DescribeContext", "sagemaker:DescribeDataQualityJobDefinition", "sagemaker:DescribeDevice", "sagemaker:DescribeDeviceFleet", "sagemaker:DescribeDomain", "sagemaker:DescribeEdgePackagingJob", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeExperiment", "sagemaker:DescribeFeatureGroup", "sagemaker:DescribeFlowDefinition", "sagemaker:DescribeHumanLoop", "sagemaker:DescribeHumanTaskUi", "sagemaker:DescribeHyperParameterTuningJob", "sagemaker:DescribeImage", "sagemaker:DescribeImageVersion", "sagemaker:DescribeInferenceRecommendationsJob", "sagemaker:DescribeLabelingJob", "sagemaker:DescribeLineageGroup", "sagemaker:DescribeModel", "sagemaker:DescribeModelBiasJobDefinition", "sagemaker:DescribeModelExplainabilityJobDefinition", "sagemaker:DescribeModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:DescribeModelQualityJobDefinition", "sagemaker:DescribeMonitoringSchedule", "sagemaker:DescribeNotebookInstance", "sagemaker:DescribeNotebookInstanceLifecycleConfig", "sagemaker:DescribePipeline", "sagemaker:DescribePipelineDefinitionForExecution", "sagemaker:DescribePipelineExecution", "sagemaker:DescribeProcessingJob", "sagemaker:DescribeProject", "sagemaker:DescribeSubscribedWorkteam", "sagemaker:DescribeTrainingJob", "sagemaker:DescribeTransformJob", "sagemaker:DescribeTrial", "sagemaker:DescribeTrialComponent", "sagemaker:DescribeUserProfile", "sagemaker:DescribeWorkforce", "sagemaker:DescribeWorkteam", "sagemaker:DisableSagemakerServicecatalogPortfolio", "sagemaker:DisassociateTrialComponent", "sagemaker:EnableSagemakerServicecatalogPortfolio", "sagemaker:GetDeviceFleetReport", "sagemaker:GetDeviceRegistration", "sagemaker:GetLineageGroupPolicy", "sagemaker:GetModelPackageGroupPolicy", "sagemaker:GetRecord", "sagemaker:GetSagemakerServicecatalogPortfolioStatus", "sagemaker:GetSearchSuggestions", "sagemaker:InvokeEndpoint", "sagemaker:InvokeEndpointAsync", "sagemaker:ListActions", "sagemaker:ListAlgorithms", "sagemaker:ListAppImageConfigs", "sagemaker:ListApps", "sagemaker:ListArtifacts", "sagemaker:ListAssociations", "sagemaker:ListAutoMLJobs", "sagemaker:ListCandidatesForAutoMLJob", "sagemaker:ListCodeRepositories", "sagemaker:ListCompilationJobs", "sagemaker:ListContexts", "sagemaker:ListDataQualityJobDefinitions", "sagemaker:ListDeviceFleets", "sagemaker:ListDevices", "sagemaker:ListDomains", "sagemaker:ListEdgePackagingJobs", "sagemaker:ListEndpointConfigs", "sagemaker:ListEndpoints", "sagemaker:ListExperiments", "sagemaker:ListFeatureGroups", "sagemaker:ListFlowDefinitions", "sagemaker:ListHumanLoops", "sagemaker:ListHumanTaskUis", "sagemaker:ListHyperParameterTuningJobs", "sagemaker:ListImageVersions", "sagemaker:ListImages", "sagemaker:ListInferenceRecommendationsJobs", "sagemaker:ListLabelingJobs", "sagemaker:ListLabelingJobsForWorkteam", "sagemaker:ListLineageGroups", "sagemaker:ListModelBiasJobDefinitions", "sagemaker:ListModelExplainabilityJobDefinitions", "sagemaker:ListModelMetadata", "sagemaker:ListModelPackageGroups", "sagemaker:ListModelPackages", "sagemaker:ListModelQualityJobDefinitions", "sagemaker:ListModels", "sagemaker:ListMonitoringExecutions", "sagemaker:ListMonitoringSchedules", "sagemaker:ListNotebookInstanceLifecycleConfigs", "sagemaker:ListNotebookInstances", "sagemaker:ListPipelineExecutionSteps", "sagemaker:ListPipelineExecutions", "sagemaker:ListPipelineParametersForExecution", "sagemaker:ListPipelines", "sagemaker:ListProcessingJobs", "sagemaker:ListProjects", "sagemaker:ListSubscribedWorkteams", "sagemaker:ListTags", "sagemaker:ListTrainingJobs", "sagemaker:ListTrainingJobsForHyperParameterTuningJob", "sagemaker:ListTransformJobs", "sagemaker:ListTrialComponents", "sagemaker:ListTrials", "sagemaker:ListUserProfiles", "sagemaker:ListWorkforces", "sagemaker:ListWorkteams", "sagemaker:PutLineageGroupPolicy", "sagemaker:PutModelPackageGroupPolicy", "sagemaker:PutRecord", "sagemaker:QueryLineage", "sagemaker:RegisterDevices", "sagemaker:RenderUiTemplate", "sagemaker:Search", "sagemaker:SendHeartbeat", "sagemaker:SendPipelineExecutionStepFailure", "sagemaker:SendPipelineExecutionStepSuccess", "sagemaker:StartHumanLoop", "sagemaker:StartMonitoringSchedule", "sagemaker:StartNotebookInstance", "sagemaker:StartPipelineExecution", "sagemaker:StopAutoMLJob", "sagemaker:StopCompilationJob", "sagemaker:StopEdgePackagingJob", "sagemaker:StopHumanLoop", "sagemaker:StopHyperParameterTuningJob", "sagemaker:StopInferenceRecommendationsJob", "sagemaker:StopLabelingJob", "sagemaker:StopMonitoringSchedule", "sagemaker:StopNotebookInstance", "sagemaker:StopPipelineExecution", "sagemaker:StopProcessingJob", "sagemaker:StopTrainingJob", "sagemaker:StopTransformJob", "sagemaker:UpdateAction", "sagemaker:UpdateAppImageConfig", "sagemaker:UpdateArtifact", "sagemaker:UpdateCodeRepository", "sagemaker:UpdateContext", "sagemaker:UpdateDeviceFleet", "sagemaker:UpdateDevices", "sagemaker:UpdateDomain", "sagemaker:UpdateEndpoint", "sagemaker:UpdateEndpointWeightsAndCapacities", "sagemaker:UpdateExperiment", "sagemaker:UpdateImage", "sagemaker:UpdateModelPackage", "sagemaker:UpdateMonitoringSchedule", "sagemaker:UpdateNotebookInstance", "sagemaker:UpdateNotebookInstanceLifecycleConfig", "sagemaker:UpdatePipeline", "sagemaker:UpdatePipelineExecution", "sagemaker:UpdateProject", "sagemaker:UpdateTrainingJob", "sagemaker:UpdateTrial", "sagemaker:UpdateTrialComponent", "sagemaker:UpdateUserProfile", "sagemaker:UpdateWorkforce", "sagemaker:UpdateWorkteam", "iam:PassRole" ], "malformed": false, "name": "AmazonSageMakerServiceCatalogProductsCloudformationServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-03-25T04:26:40+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSSystemsManagerChangeManagementServicePolicy", "createdate": "2020-12-07T22:21:57Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ssm:CreateAssociation", "ssm:DeleteAssociation", "ssm:CreateOpsItem", "ssm:GetOpsItem", "ssm:UpdateOpsItem", "ssm:StartAutomationExecution", "ssm:StopAutomationExecution", "ssm:GetAutomationExecution", "ssm:GetCalendarState", "ssm:GetDocument", "cloudwatch:DescribeAlarms", "sso:ListDirectoryAssociations", "sso-directory:DescribeUsers", "sso-directory:IsMemberInGroup", "iam:GetGroup", "iam:PassRole" ], "malformed": false, "name": "AWSSystemsManagerChangeManagementServicePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-07T22:21:57+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonEKSLocalOutpostServiceRolePolicy", "createdate": "2022-10-24T16:24:51Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeRouteTables", "ec2:DescribeAddresses", "ec2:DescribeImages", "ec2:DescribeInstances", "ec2:DescribeNetworkInterfaces", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeSecurityGroups", "ec2:DescribeVpcAttribute", "ec2:DescribePlacementGroups", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterface", "ec2:ModifyNetworkInterfaceAttribute", "ec2:CreateSecurityGroup", "ec2:CreateSecurityGroup", "ec2:RunInstances", "ec2:RunInstances", "ec2:AuthorizeSecurityGroupIngress", "ec2:RevokeSecurityGroupIngress", "ec2:DeleteNetworkInterface", "ec2:DeleteSecurityGroup", "ec2:TerminateInstances", "ec2:GetConsoleOutput", "ec2:CreateTags", "secretsmanager:TagResource", "secretsmanager:CreateSecret", "secretsmanager:DeleteSecret", "secretsmanager:DescribeSecret", "iam:PassRole", "iam:GetInstanceProfile", "iam:DeleteInstanceProfile", "iam:RemoveRoleFromInstanceProfile", "ssm:StartSession", "ssm:StartSession", "ssm:ResumeSession", "ssm:TerminateSession", "outposts:GetOutpost" ], "malformed": false, "name": "AmazonEKSLocalOutpostServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-10-24T16:24:51+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonMQApiReadOnlyAccess", "createdate": "2018-12-18T20:31:13Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mq:DescribeBroker", "mq:DescribeBrokerEngineTypes", "mq:DescribeBrokerInstanceOptions", "mq:DescribeConfiguration", "mq:DescribeConfigurationRevision", "mq:DescribeUser", "mq:ListBrokers", "mq:ListConfigurationRevisions", "mq:ListConfigurations", "mq:ListTags", "mq:ListUsers", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs" ], "malformed": false, "name": "AmazonMQApiReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-12-18T20:31:13+00:00", "version": "v1" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonLexV2BotPolicy", "createdate": "2021-01-13T20:10:29Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "polly:SynthesizeSpeech" ], "malformed": false, "name": "AmazonLexV2BotPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-01-13T20:10:29+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryNetworkReplicationPolicy", "createdate": "2024-01-02T13:25:23Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeVpcAttribute", "ec2:DescribeInternetGateways", "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeNetworkAcls", "ec2:DescribeSecurityGroups", "ec2:DescribeRouteTables", "ec2:DescribeAvailabilityZones", "ec2:DescribeDhcpOptions", "ec2:DescribeInstances", "ec2:DescribeManagedPrefixLists", "ec2:GetManagedPrefixListEntries", "ec2:GetManagedPrefixListAssociations" ], "malformed": false, "name": "AWSElasticDisasterRecoveryNetworkReplicationPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-02T13:25:23+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSGreengrassResourceAccessRolePolicy", "createdate": "2018-11-14T00:35:02Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "iot:DeleteThingShadow", "iot:GetThingShadow", "iot:UpdateThingShadow", "iot:DescribeThing", "iot:DescribeCertificate", "greengrass:AssociateServiceRoleToAccount", "greengrass:BatchAssociateClientDeviceWithCoreDevice", "greengrass:BatchDisassociateClientDeviceFromCoreDevice", "greengrass:CancelDeployment", "greengrass:CreateComponentVersion", "greengrass:CreateDeployment", "greengrass:DeleteComponent", "greengrass:DeleteCoreDevice", "greengrass:DeleteDeployment", "greengrass:DescribeComponent", "greengrass:DisassociateServiceRoleFromAccount", "greengrass:GetComponent", "greengrass:GetComponentVersionArtifact", "greengrass:GetConnectivityInfo", "greengrass:GetCoreDevice", "greengrass:GetDeployment", "greengrass:GetServiceRoleForAccount", "greengrass:ListClientDevicesAssociatedWithCoreDevice", "greengrass:ListComponentVersions", "greengrass:ListComponents", "greengrass:ListCoreDevices", "greengrass:ListDeployments", "greengrass:ListEffectiveDeployments", "greengrass:ListInstalledComponents", "greengrass:ListTagsForResource", "greengrass:ResolveComponentCandidates", "greengrass:TagResource", "greengrass:UntagResource", "greengrass:UpdateConnectivityInfo", "greengrass:AssociateRoleToGroup", "greengrass:CreateConnectorDefinition", "greengrass:CreateConnectorDefinitionVersion", "greengrass:CreateCoreDefinition", "greengrass:CreateCoreDefinitionVersion", "greengrass:CreateDeviceDefinition", "greengrass:CreateDeviceDefinitionVersion", "greengrass:CreateFunctionDefinition", "greengrass:CreateFunctionDefinitionVersion", "greengrass:CreateGroup", "greengrass:CreateGroupCertificateAuthority", "greengrass:CreateGroupVersion", "greengrass:CreateLoggerDefinition", "greengrass:CreateLoggerDefinitionVersion", "greengrass:CreateResourceDefinition", "greengrass:CreateResourceDefinitionVersion", "greengrass:CreateSoftwareUpdateJob", "greengrass:CreateSubscriptionDefinition", "greengrass:CreateSubscriptionDefinitionVersion", "greengrass:DeleteConnectorDefinition", "greengrass:DeleteCoreDefinition", "greengrass:DeleteDeviceDefinition", "greengrass:DeleteFunctionDefinition", "greengrass:DeleteGroup", "greengrass:DeleteLoggerDefinition", "greengrass:DeleteResourceDefinition", "greengrass:DeleteSubscriptionDefinition", "greengrass:DisassociateRoleFromGroup", "greengrass:Discover", "greengrass:GetAssociatedRole", "greengrass:GetBulkDeploymentStatus", "greengrass:GetConnectorDefinition", "greengrass:GetConnectorDefinitionVersion", "greengrass:GetCoreDefinition", "greengrass:GetCoreDefinitionVersion", "greengrass:GetDeploymentStatus", "greengrass:GetDeviceDefinition", "greengrass:GetDeviceDefinitionVersion", "greengrass:GetFunctionDefinition", "greengrass:GetFunctionDefinitionVersion", "greengrass:GetGroup", "greengrass:GetGroupCertificateAuthority", "greengrass:GetGroupCertificateConfiguration", "greengrass:GetGroupVersion", "greengrass:GetLoggerDefinition", "greengrass:GetLoggerDefinitionVersion", "greengrass:GetResourceDefinition", "greengrass:GetResourceDefinitionVersion", "greengrass:GetSubscriptionDefinition", "greengrass:GetSubscriptionDefinitionVersion", "greengrass:GetThingRuntimeConfiguration", "greengrass:ListBulkDeploymentDetailedReports", "greengrass:ListBulkDeployments", "greengrass:ListConnectorDefinitionVersions", "greengrass:ListConnectorDefinitions", "greengrass:ListCoreDefinitionVersions", "greengrass:ListCoreDefinitions", "greengrass:ListDeviceDefinitionVersions", "greengrass:ListDeviceDefinitions", "greengrass:ListFunctionDefinitionVersions", "greengrass:ListFunctionDefinitions", "greengrass:ListGroupCertificateAuthorities", "greengrass:ListGroupVersions", "greengrass:ListGroups", "greengrass:ListLoggerDefinitionVersions", "greengrass:ListLoggerDefinitions", "greengrass:ListResourceDefinitionVersions", "greengrass:ListResourceDefinitions", "greengrass:ListSubscriptionDefinitionVersions", "greengrass:ListSubscriptionDefinitions", "greengrass:ResetDeployments", "greengrass:StartBulkDeployment", "greengrass:StopBulkDeployment", "greengrass:UpdateConnectorDefinition", "greengrass:UpdateCoreDefinition", "greengrass:UpdateDeviceDefinition", "greengrass:UpdateFunctionDefinition", "greengrass:UpdateGroup", "greengrass:UpdateGroupCertificateConfiguration", "greengrass:UpdateLoggerDefinition", "greengrass:UpdateResourceDefinition", "greengrass:UpdateSubscriptionDefinition", "greengrass:UpdateThingRuntimeConfiguration", "lambda:GetFunction", "lambda:GetFunctionConfiguration", "secretsmanager:GetSecretValue", "s3:GetObject", "s3:GetBucketLocation", "sagemaker:DescribeTrainingJob" ], "malformed": false, "name": "AWSGreengrassResourceAccessRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-11-14T00:35:02+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSMigrationHubStrategyConsoleFullAccess", "createdate": "2022-11-09T00:00:06Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "migrationhub-strategy:GetAntiPattern", "migrationhub-strategy:GetApplicationComponentDetails", "migrationhub-strategy:GetApplicationComponentStrategies", "migrationhub-strategy:GetAssessment", "migrationhub-strategy:GetImportFileTask", "migrationhub-strategy:GetLatestAssessmentId", "migrationhub-strategy:GetMessage", "migrationhub-strategy:GetPortfolioPreferences", "migrationhub-strategy:GetPortfolioSummary", "migrationhub-strategy:GetRecommendationReportDetails", "migrationhub-strategy:GetServerDetails", "migrationhub-strategy:GetServerStrategies", "migrationhub-strategy:ListAnalyzableServers", "migrationhub-strategy:ListAntiPatterns", "migrationhub-strategy:ListApplicationComponents", "migrationhub-strategy:ListCollectors", "migrationhub-strategy:ListImportFileTask", "migrationhub-strategy:ListJarArtifacts", "migrationhub-strategy:ListServers", "migrationhub-strategy:PutLogData", "migrationhub-strategy:PutMetricData", "migrationhub-strategy:PutPortfolioPreferences", "migrationhub-strategy:RegisterCollector", "migrationhub-strategy:SendMessage", "migrationhub-strategy:StartAssessment", "migrationhub-strategy:StartImportFileTask", "migrationhub-strategy:StartRecommendationReportGeneration", "migrationhub-strategy:StopAssessment", "migrationhub-strategy:UpdateApplicationComponentConfig", "migrationhub-strategy:UpdateCollectorConfiguration", "migrationhub-strategy:UpdateServerConfig", "s3:ListAllMyBuckets", "s3:GetObject", "s3:CreateBucket", "s3:PutEncryptionConfiguration", "s3:PutBucketPublicAccessBlock", "s3:PutBucketPolicy", "s3:PutBucketVersioning", "s3:PutLifecycleConfiguration", "secretsmanager:ListSecrets", "discovery:GetDiscoverySummary", "discovery:DescribeTags", "discovery:DescribeConfigurations", "discovery:ListConfigurations", "iam:CreateServiceLinkedRole", "iam:GetRole" ], "malformed": false, "name": "AWSMigrationHubStrategyConsoleFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-09T00:00:06+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonInspectorFullAccess", "createdate": "2017-12-21T14:53:31Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "inspector:AddAttributesToFindings", "inspector:CreateAssessmentTarget", "inspector:CreateAssessmentTemplate", "inspector:CreateExclusionsPreview", "inspector:CreateResourceGroup", "inspector:DeleteAssessmentRun", "inspector:DeleteAssessmentTarget", "inspector:DeleteAssessmentTemplate", "inspector:DescribeAssessmentRuns", "inspector:DescribeAssessmentTargets", "inspector:DescribeAssessmentTemplates", "inspector:DescribeCrossAccountAccessRole", "inspector:DescribeExclusions", "inspector:DescribeFindings", "inspector:DescribeResourceGroups", "inspector:DescribeRulesPackages", "inspector:GetAssessmentReport", "inspector:GetExclusionsPreview", "inspector:GetTelemetryMetadata", "inspector:ListAssessmentRunAgents", "inspector:ListAssessmentRuns", "inspector:ListAssessmentTargets", "inspector:ListAssessmentTemplates", "inspector:ListEventSubscriptions", "inspector:ListExclusions", "inspector:ListFindings", "inspector:ListRulesPackages", "inspector:ListTagsForResource", "inspector:PreviewAgents", "inspector:RegisterCrossAccountAccessRole", "inspector:RemoveAttributesFromFindings", "inspector:SetTagsForResource", "inspector:StartAssessmentRun", "inspector:StopAssessmentRun", "inspector:SubscribeToEvent", "inspector:UnsubscribeFromEvent", "inspector:UpdateAssessmentTarget", "ec2:DescribeInstances", "ec2:DescribeTags", "sns:ListTopics", "events:DescribeRule", "events:ListRuleNamesByTarget", "iam:PassRole", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonInspectorFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-12-21T14:53:31+00:00", "version": "v5" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonCodeGuruProfilerAgentAccess", "createdate": "2022-05-05T18:11:03Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "codeguru-profiler:ConfigureAgent", "codeguru-profiler:CreateProfilingGroup", "codeguru-profiler:PostAgentProfile" ], "malformed": false, "name": "AmazonCodeGuruProfilerAgentAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-05-05T18:11:03+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole", "createdate": "2023-08-16T20:38:58Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "autoscaling:CompleteLifecycleAction", "autoscaling:DeleteLifecycleHook", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeLifecycleHooks", "autoscaling:PutLifecycleHook", "autoscaling:RecordLifecycleActionHeartbeat", "autoscaling:CreateAutoScalingGroup", "autoscaling:CreateOrUpdateTags", "autoscaling:UpdateAutoScalingGroup", "autoscaling:EnableMetricsCollection", "autoscaling:DescribePolicies", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeNotificationConfigurations", "autoscaling:SuspendProcesses", "autoscaling:ResumeProcesses", "autoscaling:AttachLoadBalancers", "autoscaling:AttachLoadBalancerTargetGroups", "autoscaling:PutScalingPolicy", "autoscaling:PutScheduledUpdateGroupAction", "autoscaling:PutNotificationConfiguration", "autoscaling:PutWarmPool", "autoscaling:DescribeScalingActivities", "autoscaling:DeleteAutoScalingGroup", "ec2:DescribeInstances", "ec2:DescribeInstanceStatus", "ec2:TerminateInstances", "tag:GetResources", "sns:Publish", "cloudwatch:DescribeAlarms", "cloudwatch:PutMetricAlarm", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:DeregisterTargets" ], "malformed": false, "name": "AWSCodeDeployRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-08-16T20:38:58+00:00", "version": "v11" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonElasticContainerRegistryPublicReadOnly", "createdate": "2020-12-01T17:27:04Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "ecr-public:GetAuthorizationToken", "sts:GetServiceBearerToken", "ecr-public:BatchCheckLayerAvailability", "ecr-public:GetRepositoryPolicy", "ecr-public:DescribeRepositories", "ecr-public:DescribeRegistries", "ecr-public:DescribeImages", "ecr-public:DescribeImageTags", "ecr-public:GetRepositoryCatalogData", "ecr-public:GetRegistryCatalogData" ], "malformed": false, "name": "AmazonElasticContainerRegistryPublicReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-01T17:27:04+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/EC2InstanceProfileForImageBuilder", "createdate": "2020-08-27T16:40:50Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "imagebuilder:GetComponent", "kms:Decrypt", "s3:GetObject", "logs:CreateLogStream", "logs:CreateLogGroup", "logs:PutLogEvents" ], "malformed": false, "name": "EC2InstanceProfileForImageBuilder", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-08-27T16:40:50+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonSNSReadOnlyAccess", "createdate": "2015-02-06T18:41:06Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "sns:GetTopicAttributes", "sns:ListEndpointsByPlatformApplication", "sns:ListOriginationNumbers", "sns:ListPhoneNumbersOptedOut", "sns:ListPlatformApplications", "sns:ListSMSSandboxPhoneNumbers", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics" ], "malformed": false, "name": "AmazonSNSReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:41:06+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonMachineLearningManageRealTimeEndpointOnlyAccess", "createdate": "2015-04-09T17:32:41Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "machinelearning:CreateRealtimeEndpoint", "machinelearning:DeleteRealtimeEndpoint" ], "malformed": false, "name": "AmazonMachineLearningManageRealTimeEndpointOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-04-09T17:32:41+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSDirectConnectFullAccess", "createdate": "2019-04-30T15:29:29Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "directconnect:AcceptDirectConnectGatewayAssociationProposal", "directconnect:AllocateConnectionOnInterconnect", "directconnect:AllocateHostedConnection", "directconnect:AllocatePrivateVirtualInterface", "directconnect:AllocatePublicVirtualInterface", "directconnect:AllocateTransitVirtualInterface", "directconnect:AssociateConnectionWithLag", "directconnect:AssociateHostedConnection", "directconnect:AssociateMacSecKey", "directconnect:AssociateVirtualInterface", "directconnect:ConfirmConnection", "directconnect:ConfirmCustomerAgreement", "directconnect:ConfirmPrivateVirtualInterface", "directconnect:ConfirmPublicVirtualInterface", "directconnect:ConfirmTransitVirtualInterface", "directconnect:CreateBGPPeer", "directconnect:CreateConnection", "directconnect:CreateDirectConnectGateway", "directconnect:CreateDirectConnectGatewayAssociation", "directconnect:CreateDirectConnectGatewayAssociationProposal", "directconnect:CreateInterconnect", "directconnect:CreateLag", "directconnect:CreatePrivateVirtualInterface", "directconnect:CreatePublicVirtualInterface", "directconnect:CreateTransitVirtualInterface", "directconnect:DeleteBGPPeer", "directconnect:DeleteConnection", "directconnect:DeleteDirectConnectGateway", "directconnect:DeleteDirectConnectGatewayAssociation", "directconnect:DeleteDirectConnectGatewayAssociationProposal", "directconnect:DeleteInterconnect", "directconnect:DeleteLag", "directconnect:DeleteVirtualInterface", "directconnect:DescribeConnectionLoa", "directconnect:DescribeConnections", "directconnect:DescribeConnectionsOnInterconnect", "directconnect:DescribeCustomerMetadata", "directconnect:DescribeDirectConnectGatewayAssociationProposals", "directconnect:DescribeDirectConnectGatewayAssociations", "directconnect:DescribeDirectConnectGatewayAttachments", "directconnect:DescribeDirectConnectGateways", "directconnect:DescribeHostedConnections", "directconnect:DescribeInterconnectLoa", "directconnect:DescribeInterconnects", "directconnect:DescribeLags", "directconnect:DescribeLoa", "directconnect:DescribeLocations", "directconnect:DescribeRouterConfiguration", "directconnect:DescribeTags", "directconnect:DescribeVirtualGateways", "directconnect:DescribeVirtualInterfaces", "directconnect:DisassociateConnectionFromLag", "directconnect:DisassociateMacSecKey", "directconnect:ListVirtualInterfaceTestHistory", "directconnect:StartBgpFailoverTest", "directconnect:StopBgpFailoverTest", "directconnect:TagResource", "directconnect:UntagResource", "directconnect:UpdateConnection", "directconnect:UpdateDirectConnectGateway", "directconnect:UpdateDirectConnectGatewayAssociation", "directconnect:UpdateLag", "directconnect:UpdateVirtualInterfaceAttributes", "ec2:DescribeVpnGateways", "ec2:DescribeTransitGateways" ], "malformed": false, "name": "AWSDirectConnectFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-04-30T15:29:29+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonRDSBetaServiceRolePolicy", "createdate": "2022-12-14T18:33:17Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:AllocateAddress", "ec2:AssociateAddress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateCoipPoolPermission", "ec2:CreateLocalGatewayRouteTablePermission", "ec2:CreateNetworkInterface", "ec2:CreateSecurityGroup", "ec2:DeleteCoipPoolPermission", "ec2:DeleteLocalGatewayRouteTablePermission", "ec2:DeleteNetworkInterface", "ec2:DeleteSecurityGroup", "ec2:DescribeAddresses", "ec2:DescribeAvailabilityZones", "ec2:DescribeCoipPools", "ec2:DescribeInternetGateways", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGateways", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcs", "ec2:DisassociateAddress", "ec2:ModifyNetworkInterfaceAttribute", "ec2:ModifyVpcEndpoint", "ec2:ReleaseAddress", "ec2:RevokeSecurityGroupIngress", "ec2:CreateVpcEndpoint", "ec2:DescribeVpcEndpoints", "ec2:DeleteVpcEndpoints", "sns:Publish", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogStreams", "cloudwatch:PutMetricData", "secretsmanager:GetRandomPassword", "secretsmanager:DeleteSecret", "secretsmanager:DescribeSecret", "secretsmanager:PutSecretValue", "secretsmanager:RotateSecret", "secretsmanager:UpdateSecret", "secretsmanager:UpdateSecretVersionStage", "secretsmanager:ListSecretVersionIds", "secretsmanager:TagResource" ], "malformed": false, "name": "AmazonRDSBetaServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-12-14T18:33:17+00:00", "version": "v8" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonSSMManagedEC2InstanceDefaultPolicy", "createdate": "2022-08-30T20:54:27Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ssm:DescribeAssociation", "ssm:GetDeployablePatchSnapshotForInstance", "ssm:GetDocument", "ssm:DescribeDocument", "ssm:GetManifest", "ssm:ListAssociations", "ssm:ListInstanceAssociations", "ssm:PutInventory", "ssm:PutComplianceItems", "ssm:PutConfigurePackageResult", "ssm:UpdateAssociationStatus", "ssm:UpdateInstanceAssociationStatus", "ssm:UpdateInstanceInformation", "ssmmessages:CreateControlChannel", "ssmmessages:CreateDataChannel", "ssmmessages:OpenControlChannel", "ssmmessages:OpenDataChannel", "ec2messages:AcknowledgeMessage", "ec2messages:DeleteMessage", "ec2messages:FailMessage", "ec2messages:GetEndpoint", "ec2messages:GetMessages", "ec2messages:SendReply" ], "malformed": false, "name": "AmazonSSMManagedEC2InstanceDefaultPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-08-30T20:54:27+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSSupportPlansFullAccess", "createdate": "2023-05-09T21:07:01Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "supportplans:GetSupportPlan", "supportplans:GetSupportPlanUpdateStatus", "supportplans:StartSupportPlanUpdate", "supportplans:CreateSupportPlanSchedule" ], "malformed": false, "name": "AWSSupportPlansFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-05-09T21:07:01+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonRoute53ResolverReadOnlyAccess", "createdate": "2019-09-27T16:37:48Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "route53resolver:GetFirewallConfig", "route53resolver:GetFirewallDomainList", "route53resolver:GetFirewallRuleGroup", "route53resolver:GetFirewallRuleGroupAssociation", "route53resolver:GetFirewallRuleGroupPolicy", "route53resolver:GetOutpostResolver", "route53resolver:GetResolverConfig", "route53resolver:GetResolverDnssecConfig", "route53resolver:GetResolverEndpoint", "route53resolver:GetResolverQueryLogConfig", "route53resolver:GetResolverQueryLogConfigAssociation", "route53resolver:GetResolverQueryLogConfigPolicy", "route53resolver:GetResolverRule", "route53resolver:GetResolverRuleAssociation", "route53resolver:GetResolverRulePolicy", "route53resolver:ListFirewallConfigs", "route53resolver:ListFirewallDomainLists", "route53resolver:ListFirewallDomains", "route53resolver:ListFirewallRuleGroupAssociations", "route53resolver:ListFirewallRuleGroups", "route53resolver:ListFirewallRules", "route53resolver:ListOutpostResolvers", "route53resolver:ListResolverConfigs", "route53resolver:ListResolverDnssecConfigs", "route53resolver:ListResolverEndpointIpAddresses", "route53resolver:ListResolverEndpoints", "route53resolver:ListResolverQueryLogConfigAssociations", "route53resolver:ListResolverQueryLogConfigs", "route53resolver:ListResolverRuleAssociations", "route53resolver:ListResolverRules", "route53resolver:ListTagsForResource", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSecurityGroups", "ec2:DescribeVpcs", "ec2:DescribeSubnets" ], "malformed": false, "name": "AmazonRoute53ResolverReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-09-27T16:37:48+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSCertificateManagerFullAccess", "createdate": "2020-08-17T22:18:28Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "acm:AddTagsToCertificate", "acm:DeleteCertificate", "acm:DescribeCertificate", "acm:ExportCertificate", "acm:GetAccountConfiguration", "acm:GetCertificate", "acm:ImportCertificate", "acm:ListCertificates", "acm:ListTagsForCertificate", "acm:PutAccountConfiguration", "acm:RemoveTagsFromCertificate", "acm:RenewCertificate", "acm:RequestCertificate", "acm:ResendValidationEmail", "acm:UpdateCertificateOptions", "iam:CreateServiceLinkedRole", "iam:DeleteServiceLinkedRole", "iam:GetServiceLinkedRoleDeletionStatus", "iam:GetRole" ], "malformed": false, "name": "AWSCertificateManagerFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-08-17T22:18:28+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSControlTowerServiceRolePolicy", "createdate": "2023-04-12T19:15:51Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudformation:CreateStack", "cloudformation:CreateStackInstances", "cloudformation:CreateStackSet", "cloudformation:DeleteStack", "cloudformation:DeleteStackInstances", "cloudformation:DeleteStackSet", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStacks", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:ListStackInstances", "cloudformation:UpdateStack", "cloudformation:UpdateStackInstances", "cloudformation:UpdateStackSet", "cloudformation:CreateStack", "cloudformation:CreateStackInstances", "cloudformation:CreateStackSet", "cloudformation:DeleteStack", "cloudformation:DeleteStackInstances", "cloudformation:DeleteStackSet", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStacks", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:GetTemplate", "cloudformation:ListStackInstances", "cloudformation:UpdateStack", "cloudformation:UpdateStackInstances", "cloudformation:UpdateStackSet", "cloudtrail:CreateTrail", "cloudtrail:DeleteTrail", "cloudtrail:GetTrailStatus", "cloudtrail:StartLogging", "cloudtrail:StopLogging", "cloudtrail:UpdateTrail", "cloudtrail:PutEventSelectors", "logs:CreateLogStream", "logs:PutLogEvents", "logs:PutRetentionPolicy", "s3:GetObject", "sts:AssumeRole", "cloudtrail:DescribeTrails", "ec2:DescribeAvailabilityZones", "iam:ListRoles", "logs:CreateLogGroup", "logs:DescribeLogGroups", "organizations:CreateAccount", "organizations:DescribeAccount", "organizations:DescribeCreateAccountStatus", "organizations:DescribeOrganization", "organizations:DescribeOrganizationalUnit", "organizations:DescribePolicy", "organizations:ListAccounts", "organizations:ListAccountsForParent", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListChildren", "organizations:ListOrganizationalUnitsForParent", "organizations:ListParents", "organizations:ListPoliciesForTarget", "organizations:ListTargetsForPolicy", "organizations:ListRoots", "organizations:MoveAccount", "servicecatalog:AssociatePrincipalWithPortfolio", "iam:GetRole", "iam:GetUser", "iam:ListAttachedRolePolicies", "iam:GetRolePolicy", "iam:PassRole", "config:DeleteConfigurationAggregator", "config:PutConfigurationAggregator", "config:TagResource", "organizations:EnableAWSServiceAccess", "organizations:DisableAWSServiceAccess", "iam:CreateServiceLinkedRole", "account:EnableRegion", "account:ListRegions", "account:GetRegionOptStatus" ], "malformed": false, "name": "AWSControlTowerServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-12T19:15:51+00:00", "version": "v10" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSRoboMaker_FullAccess", "createdate": "2021-09-16T21:06:10Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "robomaker:BatchDeleteWorlds", "robomaker:BatchDescribeSimulationJob", "robomaker:CancelDeploymentJob", "robomaker:CancelSimulationJob", "robomaker:CancelSimulationJobBatch", "robomaker:CancelWorldExportJob", "robomaker:CancelWorldGenerationJob", "robomaker:CreateDeploymentJob", "robomaker:CreateFleet", "robomaker:CreateRobot", "robomaker:CreateRobotApplication", "robomaker:CreateRobotApplicationVersion", "robomaker:CreateSimulationApplication", "robomaker:CreateSimulationApplicationVersion", "robomaker:CreateSimulationJob", "robomaker:CreateWorldExportJob", "robomaker:CreateWorldGenerationJob", "robomaker:CreateWorldTemplate", "robomaker:DeleteFleet", "robomaker:DeleteRobot", "robomaker:DeleteRobotApplication", "robomaker:DeleteSimulationApplication", "robomaker:DeleteWorldTemplate", "robomaker:DeregisterRobot", "robomaker:DescribeDeploymentJob", "robomaker:DescribeFleet", "robomaker:DescribeRobot", "robomaker:DescribeRobotApplication", "robomaker:DescribeSimulationApplication", "robomaker:DescribeSimulationJob", "robomaker:DescribeSimulationJobBatch", "robomaker:DescribeWorld", "robomaker:DescribeWorldExportJob", "robomaker:DescribeWorldGenerationJob", "robomaker:DescribeWorldTemplate", "robomaker:GetWorldTemplateBody", "robomaker:ListDeploymentJobs", "robomaker:ListFleets", "robomaker:ListRobotApplications", "robomaker:ListRobots", "robomaker:ListSimulationApplications", "robomaker:ListSimulationJobBatches", "robomaker:ListSimulationJobs", "robomaker:ListSupportedAvailabilityZones", "robomaker:ListTagsForResource", "robomaker:ListWorldExportJobs", "robomaker:ListWorldGenerationJobs", "robomaker:ListWorldTemplates", "robomaker:ListWorlds", "robomaker:RegisterRobot", "robomaker:RestartSimulationJob", "robomaker:StartSimulationJobBatch", "robomaker:SyncDeploymentJob", "robomaker:TagResource", "robomaker:UntagResource", "robomaker:UpdateRobotApplication", "robomaker:UpdateRobotDeployment", "robomaker:UpdateSimulationApplication", "robomaker:UpdateWorldTemplate", "s3:GetObject", "ecr:BatchGetImage", "ecr-public:DescribeImages", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSRoboMaker_FullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-09-16T21:06:10+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSQuickSightAssetBundleExportPolicy", "createdate": "2024-03-27T21:31:03Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "quicksight:ListTagsForResource", "quicksight:DescribeDashboard", "quicksight:DescribeDashboardPermissions", "quicksight:DescribeAnalysis", "quicksight:DescribeAnalysisPermissions", "quicksight:DescribeDataSet", "quicksight:DescribeDataSetRefreshProperties", "quicksight:ListRefreshSchedules", "quicksight:DescribeDataSetPermissions", "quicksight:DescribeDataSource", "quicksight:DescribeDataSourcePermissions", "quicksight:DescribeTheme", "quicksight:DescribeThemePermissions", "quicksight:DescribeVPCConnection", "quicksight:ListVPCConnections", "quicksight:DescribeRefreshSchedule", "quicksight:DescribeAssetBundleExportJob", "quicksight:ListAssetBundleExportJobs", "quicksight:StartAssetBundleExportJob" ], "malformed": false, "name": "AWSQuickSightAssetBundleExportPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-27T21:31:03+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSAppSyncPushToCloudWatchLogs", "createdate": "2018-04-09T19:38:55Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "malformed": false, "name": "AWSAppSyncPushToCloudWatchLogs", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-04-09T19:38:55+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSConnector", "createdate": "2015-09-28T19:50:38Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "iam:GetUser", "s3:ListAllMyBuckets", "s3:CreateBucket", "s3:DeleteBucket", "s3:DeleteObject", "s3:GetBucketLocation", "s3:GetObject", "s3:ListBucket", "s3:PutObject", "s3:PutObjectAcl", "s3:AbortMultipartUpload", "s3:ListBucketMultipartUploads", "s3:ListMultipartUploadParts", "ec2:CancelConversionTask", "ec2:CancelExportTask", "ec2:CreateImage", "ec2:CreateInstanceExportTask", "ec2:CreateTags", "ec2:CreateVolume", "ec2:DeleteTags", "ec2:DeleteVolume", "ec2:DescribeConversionTasks", "ec2:DescribeExportTasks", "ec2:DescribeImages", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceStatus", "ec2:DescribeInstances", "ec2:DescribeRegions", "ec2:DescribeTags", "ec2:DetachVolume", "ec2:ImportInstance", "ec2:ImportVolume", "ec2:ModifyInstanceAttribute", "ec2:RunInstances", "ec2:StartInstances", "ec2:StopInstances", "ec2:TerminateInstances", "ec2:ImportImage", "ec2:DescribeImportImageTasks", "ec2:DeregisterImage", "ec2:DescribeSnapshots", "ec2:DeleteSnapshot", "ec2:CancelImportTask", "ec2:ImportSnapshot", "ec2:DescribeImportSnapshotTasks", "sns:Publish" ], "malformed": false, "name": "AWSConnector", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-09-28T19:50:38+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAUser", "createdate": "2019-06-20T17:42:37Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "acm-pca:IssueCertificate", "acm-pca:RevokeCertificate", "acm-pca:GetCertificate", "acm-pca:ListPermissions", "acm-pca:ListCertificateAuthorities" ], "malformed": false, "name": "AWSCertificateManagerPrivateCAUser", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-20T17:42:37+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/job-function/SupportUser", "createdate": "2023-08-25T18:40:27Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "support:AddAttachmentsToSet", "support:AddCommunicationToCase", "support:CreateCase", "support:DescribeAttachment", "support:DescribeCaseAttributes", "support:DescribeCases", "support:DescribeCommunication", "support:DescribeCommunications", "support:DescribeCreateCaseOptions", "support:DescribeIssueTypes", "support:DescribeServices", "support:DescribeSeverityLevels", "support:DescribeSupportLevel", "support:DescribeSupportedLanguages", "support:DescribeTrustedAdvisorCheckRefreshStatuses", "support:DescribeTrustedAdvisorCheckResult", "support:DescribeTrustedAdvisorCheckSummaries", "support:DescribeTrustedAdvisorChecks", "support:InitiateCallForCase", "support:InitiateChatForCase", "support:PutCaseAttributes", "support:RateCaseCommunication", "support:RefreshTrustedAdvisorCheck", "support:ResolveCase", "support:SearchForCases", "acm:DescribeCertificate", "acm:GetCertificate", "acm:ListCertificates", "acm:ListTagsForCertificate", "acm-pca:DescribeCertificateAuthority", "acm-pca:ListCertificateAuthorities", "apigateway:GET", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "aws-marketplace:ViewSubscriptions", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeChangeSet", "cloudformation:DescribeChangeSetHooks", "cloudformation:DescribeGeneratedTemplate", "cloudformation:DescribeOrganizationsAccess", "cloudformation:DescribePublisher", "cloudformation:DescribeResourceScan", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:DescribeType", "cloudformation:DescribeTypeRegistration", "cloudformation:GetResource", "cloudformation:GetResourceRequestStatus", "cloudformation:GetGeneratedTemplate", "cloudformation:GetStackPolicy", "cloudformation:GetTemplate", "cloudformation:GetTemplateSummary", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "cloudformation:EstimateTemplateCost", "cloudfront:GetCachePolicy", "cloudfront:GetCachePolicyConfig", "cloudfront:GetCloudFrontOriginAccessIdentity", "cloudfront:GetCloudFrontOriginAccessIdentityConfig", "cloudfront:GetContinuousDeploymentPolicy", "cloudfront:GetContinuousDeploymentPolicyConfig", "cloudfront:GetDistribution", "cloudfront:GetDistributionConfig", "cloudfront:GetFieldLevelEncryption", "cloudfront:GetFieldLevelEncryptionConfig", "cloudfront:GetFieldLevelEncryptionProfile", "cloudfront:GetFieldLevelEncryptionProfileConfig", "cloudfront:GetFunction", "cloudfront:GetInvalidation", "cloudfront:GetKeyGroup", "cloudfront:GetKeyGroupConfig", "cloudfront:GetMonitoringSubscription", "cloudfront:GetOriginAccessControl", "cloudfront:GetOriginAccessControlConfig", "cloudfront:GetOriginRequestPolicy", "cloudfront:GetOriginRequestPolicyConfig", "cloudfront:GetPublicKey", "cloudfront:GetPublicKeyConfig", "cloudfront:GetRealtimeLogConfig", "cloudfront:GetResponseHeadersPolicy", "cloudfront:GetResponseHeadersPolicyConfig", "cloudfront:GetSavingsPlan", "cloudfront:GetStreamingDistribution", "cloudfront:GetStreamingDistributionConfig", "cloudfront:ListCachePolicies", "cloudfront:ListCloudFrontOriginAccessIdentities", "cloudfront:ListConflictingAliases", "cloudfront:ListContinuousDeploymentPolicies", "cloudfront:ListDistributions", "cloudfront:ListDistributionsByCachePolicyId", "cloudfront:ListDistributionsByKeyGroup", "cloudfront:ListDistributionsByLambdaFunction", "cloudfront:ListDistributionsByOriginRequestPolicyId", "cloudfront:ListDistributionsByRealtimeLogConfig", "cloudfront:ListDistributionsByResponseHeadersPolicyId", "cloudfront:ListDistributionsByWebACLId", "cloudfront:ListFieldLevelEncryptionConfigs", "cloudfront:ListFieldLevelEncryptionProfiles", "cloudfront:ListFunctions", "cloudfront:ListInvalidations", "cloudfront:ListKeyGroups", "cloudfront:ListKeyValueStores", "cloudfront:ListOriginAccessControls", "cloudfront:ListOriginRequestPolicies", "cloudfront:ListPublicKeys", "cloudfront:ListRateCards", "cloudfront:ListRealtimeLogConfigs", "cloudfront:ListResponseHeadersPolicies", "cloudfront:ListSavingsPlans", "cloudfront:ListStreamingDistributions", "cloudfront:ListTagsForResource", "cloudfront:ListUsages", "cloudsearch:DescribeAnalysisSchemes", "cloudsearch:DescribeAvailabilityOptions", "cloudsearch:DescribeDomainEndpointOptions", "cloudsearch:DescribeDomains", "cloudsearch:DescribeExpressions", "cloudsearch:DescribeIndexFields", "cloudsearch:DescribeScalingParameters", "cloudsearch:DescribeServiceAccessPolicies", "cloudsearch:DescribeSuggesters", "cloudsearch:ListDomainNames", "cloudsearch:ListTags", "cloudtrail:DescribeTrails", "cloudtrail:GetTrailStatus", "cloudtrail:LookupEvents", "cloudtrail:ListTags", "cloudtrail:ListPublicKeys", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "codecommit:BatchGetRepositories", "codecommit:GetApprovalRuleTemplate", "codecommit:GetBlob", "codecommit:GetBranch", "codecommit:GetComment", "codecommit:GetCommentReactions", "codecommit:GetCommentsForComparedCommit", "codecommit:GetCommentsForPullRequest", "codecommit:GetCommit", "codecommit:GetCommitHistory", "codecommit:GetCommitsFromMergeBase", "codecommit:GetDifferences", "codecommit:GetFile", "codecommit:GetFolder", "codecommit:GetMergeCommit", "codecommit:GetMergeConflicts", "codecommit:GetMergeOptions", "codecommit:GetObjectIdentifier", "codecommit:GetPullRequest", "codecommit:GetPullRequestApprovalStates", "codecommit:GetPullRequestOverrideState", "codecommit:GetReferences", "codecommit:GetRepository", "codecommit:GetRepositoryTriggers", "codecommit:GetTree", "codecommit:GetUploadArchiveStatus", "codecommit:ListApprovalRuleTemplates", "codecommit:ListAssociatedApprovalRuleTemplatesForRepository", "codecommit:ListBranches", "codecommit:ListFileCommitHistory", "codecommit:ListPullRequests", "codecommit:ListRepositories", "codecommit:ListRepositoriesForApprovalRuleTemplate", "codecommit:ListTagsForResource", "codedeploy:BatchGetApplicationRevisions", "codedeploy:BatchGetApplications", "codedeploy:BatchGetDeploymentGroups", "codedeploy:BatchGetDeploymentInstances", "codedeploy:BatchGetDeploymentTargets", "codedeploy:BatchGetDeployments", "codedeploy:BatchGetOnPremisesInstances", "codedeploy:GetApplication", "codedeploy:GetApplicationRevision", "codedeploy:GetDeployment", "codedeploy:GetDeploymentConfig", "codedeploy:GetDeploymentGroup", "codedeploy:GetDeploymentInstance", "codedeploy:GetDeploymentTarget", "codedeploy:GetOnPremisesInstance", "codedeploy:ListApplicationRevisions", "codedeploy:ListApplications", "codedeploy:ListDeploymentConfigs", "codedeploy:ListDeploymentGroups", "codedeploy:ListDeploymentInstances", "codedeploy:ListDeploymentTargets", "codedeploy:ListDeployments", "codedeploy:ListGitHubAccountTokenNames", "codedeploy:ListOnPremisesInstances", "codedeploy:ListTagsForResource", "codepipeline:AcknowledgeJob", "codepipeline:AcknowledgeThirdPartyJob", "codepipeline:ListActionTypes", "codepipeline:ListPipelines", "codepipeline:PollForJobs", "codepipeline:PollForThirdPartyJobs", "codepipeline:GetPipelineState", "codepipeline:GetPipeline", "cognito-identity:ListIdentities", "cognito-identity:ListIdentityPools", "cognito-identity:ListTagsForResource", "cognito-identity:LookupDeveloperIdentity", "cognito-identity:DescribeIdentity", "cognito-identity:DescribeIdentityPool", "cognito-idp:DescribeResourceServer", "cognito-idp:DescribeRiskConfiguration", "cognito-idp:DescribeUserImportJob", "cognito-idp:DescribeUserPool", "cognito-idp:DescribeUserPoolDomain", "cognito-idp:ListDevices", "cognito-idp:ListGroups", "cognito-idp:ListIdentityProviders", "cognito-idp:ListResourceServers", "cognito-idp:ListResourcesForWebACL", "cognito-idp:ListTagsForResource", "cognito-idp:ListUserImportJobs", "cognito-idp:ListUserPoolClients", "cognito-idp:ListUserPools", "cognito-idp:ListUsers", "cognito-idp:ListUsersInGroup", "cognito-sync:DescribeDataset", "cognito-sync:DescribeIdentityPoolUsage", "cognito-sync:DescribeIdentityUsage", "cognito-sync:GetBulkPublishDetails", "cognito-sync:GetCognitoEvents", "cognito-sync:GetIdentityPoolConfiguration", "cognito-sync:ListDatasets", "cognito-sync:ListIdentityPoolUsage", "cognito-sync:ListRecords", "config:DescribeConfigurationRecorders", "config:DescribeConfigurationRecorderStatus", "config:DescribeConfigRuleEvaluationStatus", "config:DescribeConfigRules", "config:DescribeDeliveryChannels", "config:DescribeDeliveryChannelStatus", "config:GetResourceConfigHistory", "config:ListDiscoveredResources", "datapipeline:DescribeObjects", "datapipeline:DescribePipelines", "datapipeline:GetPipelineDefinition", "datapipeline:ListPipelines", "datapipeline:QueryObjects", "datapipeline:ReportTaskProgress", "datapipeline:ReportTaskRunnerHeartbeat", "devicefarm:ListArtifacts", "devicefarm:ListDeviceInstances", "devicefarm:ListDevicePools", "devicefarm:ListDevices", "devicefarm:ListInstanceProfiles", "devicefarm:ListJobs", "devicefarm:ListNetworkProfiles", "devicefarm:ListOfferingPromotions", "devicefarm:ListOfferingTransactions", "devicefarm:ListOfferings", "devicefarm:ListProjects", "devicefarm:ListRemoteAccessSessions", "devicefarm:ListRuns", "devicefarm:ListSamples", "devicefarm:ListSuites", "devicefarm:ListTagsForResource", "devicefarm:ListTestGridProjects", "devicefarm:ListTestGridSessionActions", "devicefarm:ListTestGridSessionArtifacts", "devicefarm:ListTestGridSessions", "devicefarm:ListTests", "devicefarm:ListUniqueProblems", "devicefarm:ListUploads", "devicefarm:ListVPCEConfigurations", "devicefarm:GetAccountSettings", "devicefarm:GetDevice", "devicefarm:GetDeviceInstance", "devicefarm:GetDevicePool", "devicefarm:GetDevicePoolCompatibility", "devicefarm:GetInstanceProfile", "devicefarm:GetJob", "devicefarm:GetNetworkProfile", "devicefarm:GetOfferingStatus", "devicefarm:GetProject", "devicefarm:GetRemoteAccessSession", "devicefarm:GetRun", "devicefarm:GetSuite", "devicefarm:GetTest", "devicefarm:GetTestGridProject", "devicefarm:GetTestGridSession", "devicefarm:GetUpload", "devicefarm:GetVPCEConfiguration", "directconnect:DescribeConnectionLoa", "directconnect:DescribeConnections", "directconnect:DescribeConnectionsOnInterconnect", "directconnect:DescribeCustomerMetadata", "directconnect:DescribeDirectConnectGatewayAssociationProposals", "directconnect:DescribeDirectConnectGatewayAssociations", "directconnect:DescribeDirectConnectGatewayAttachments", "directconnect:DescribeDirectConnectGateways", "directconnect:DescribeHostedConnections", "directconnect:DescribeInterconnectLoa", "directconnect:DescribeInterconnects", "directconnect:DescribeLags", "directconnect:DescribeLoa", "directconnect:DescribeLocations", "directconnect:DescribeRouterConfiguration", "directconnect:DescribeTags", "directconnect:DescribeVirtualGateways", "directconnect:DescribeVirtualInterfaces", "discovery:DescribeAgents", "discovery:DescribeBatchDeleteConfigurationTask", "discovery:DescribeConfigurations", "discovery:DescribeContinuousExports", "discovery:DescribeExportConfigurations", "discovery:DescribeExportTasks", "discovery:DescribeImportTasks", "discovery:DescribeTags", "discovery:ListConfigurations", "dms:DescribeAccountAttributes", "dms:DescribeApplicableIndividualAssessments", "dms:DescribeCertificates", "dms:DescribeConnections", "dms:DescribeConversionConfiguration", "dms:DescribeDataMigrations", "dms:DescribeDataProviders", "dms:DescribeEndpointSettings", "dms:DescribeEndpointTypes", "dms:DescribeEndpoints", "dms:DescribeEngineVersions", "dms:DescribeEventCategories", "dms:DescribeEventSubscriptions", "dms:DescribeEvents", "dms:DescribeExtensionPackAssociations", "dms:DescribeFleetAdvisorCollectors", "dms:DescribeFleetAdvisorDatabases", "dms:DescribeFleetAdvisorLsaAnalysis", "dms:DescribeFleetAdvisorSchemaObjectSummary", "dms:DescribeFleetAdvisorSchemas", "dms:DescribeInstanceProfiles", "dms:DescribeMetadataModelAssessments", "dms:DescribeMetadataModelConversions", "dms:DescribeMetadataModelExportsAsScript", "dms:DescribeMetadataModelExportsToTarget", "dms:DescribeMetadataModelImports", "dms:DescribeMigrationProjects", "dms:DescribeOrderableReplicationInstances", "dms:DescribePendingMaintenanceActions", "dms:DescribeRecommendationLimitations", "dms:DescribeRecommendations", "dms:DescribeRefreshSchemasStatus", "dms:DescribeReplicationConfigs", "dms:DescribeReplicationInstanceTaskLogs", "dms:DescribeReplicationInstances", "dms:DescribeReplicationSubnetGroups", "dms:DescribeReplicationTableStatistics", "dms:DescribeReplicationTaskAssessmentResults", "dms:DescribeReplicationTaskAssessmentRuns", "dms:DescribeReplicationTaskIndividualAssessments", "dms:DescribeReplicationTasks", "dms:DescribeReplications", "dms:DescribeSchemas", "dms:DescribeTableStatistics", "dms:ListDataProviders", "dms:ListExtensionPacks", "dms:ListInstanceProfiles", "dms:ListMetadataModelAssessmentActionItems", "dms:ListMetadataModelAssessments", "dms:ListMetadataModelConversions", "dms:ListMetadataModelExports", "dms:ListMigrationProjects", "dms:ListTagsForResource", "ds:DescribeDirectories", "ds:DescribeSnapshots", "ds:GetDirectoryLimits", "ds:GetSnapshotLimits", "ds:ListAuthorizedApplications", "dynamodb:DescribeLimits", "dynamodb:DescribeTable", "dynamodb:ListTables", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:DescribeHosts", "ec2:DescribeIdentityIdFormat", "ec2:DescribeIdFormat", "ec2:DescribeInstanceAttribute", "ec2:DescribeNatGateways", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeTags", "ec2:SearchLocalGatewayRoutes", "ecr:GetRepositoryPolicy", "ecr:BatchCheckLayerAvailability", "ecr:DescribeRepositories", "ecr:ListImages", "ecs:DescribeCapacityProviders", "ecs:DescribeClusters", "ecs:DescribeContainerInstances", "ecs:DescribeServices", "ecs:DescribeTaskDefinition", "ecs:DescribeTaskSets", "ecs:DescribeTasks", "ecs:ListAccountSettings", "ecs:ListAttributes", "ecs:ListClusters", "ecs:ListContainerInstances", "ecs:ListServices", "ecs:ListServicesByNamespace", "ecs:ListTagsForResource", "ecs:ListTaskDefinitionFamilies", "ecs:ListTaskDefinitions", "ecs:ListTasks", "elasticache:DescribeCacheClusters", "elasticache:DescribeCacheEngineVersions", "elasticache:DescribeCacheParameterGroups", "elasticache:DescribeCacheParameters", "elasticache:DescribeCacheSecurityGroups", "elasticache:DescribeCacheSubnetGroups", "elasticache:DescribeEngineDefaultParameters", "elasticache:DescribeEvents", "elasticache:DescribeGlobalReplicationGroups", "elasticache:DescribeReplicationGroups", "elasticache:DescribeReservedCacheNodes", "elasticache:DescribeReservedCacheNodesOfferings", "elasticache:DescribeServerlessCacheSnapshots", "elasticache:DescribeServerlessCaches", "elasticache:DescribeServiceUpdates", "elasticache:DescribeSnapshots", "elasticache:DescribeUpdateActions", "elasticache:DescribeUserGroups", "elasticache:DescribeUsers", "elasticache:ListAllowedNodeTypeModifications", "elasticache:ListTagsForResource", "elasticbeanstalk:CheckDNSAvailability", "elasticbeanstalk:DescribeAccountAttributes", "elasticbeanstalk:DescribeApplicationVersions", "elasticbeanstalk:DescribeApplications", "elasticbeanstalk:DescribeConfigurationOptions", "elasticbeanstalk:DescribeConfigurationSettings", "elasticbeanstalk:DescribeEnvironmentHealth", "elasticbeanstalk:DescribeEnvironmentManagedActionHistory", "elasticbeanstalk:DescribeEnvironmentManagedActions", "elasticbeanstalk:DescribeEnvironmentResources", "elasticbeanstalk:DescribeEnvironments", "elasticbeanstalk:DescribeEvents", "elasticbeanstalk:DescribeInstancesHealth", "elasticbeanstalk:DescribePlatformVersion", "elasticbeanstalk:ListAvailableSolutionStacks", "elasticbeanstalk:ListPlatformBranches", "elasticbeanstalk:ListPlatformVersions", "elasticbeanstalk:ListTagsForResource", "elasticbeanstalk:RequestEnvironmentInfo", "elasticbeanstalk:RetrieveEnvironmentInfo", "elasticbeanstalk:ValidateConfigurationSettings", "elasticfilesystem:DescribeAccessPoints", "elasticfilesystem:DescribeAccountPreferences", "elasticfilesystem:DescribeBackupPolicy", "elasticfilesystem:DescribeFileSystemPolicy", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeLifecycleConfiguration", "elasticfilesystem:DescribeMountTargetSecurityGroups", "elasticfilesystem:DescribeMountTargets", "elasticfilesystem:DescribeReplicationConfigurations", "elasticfilesystem:DescribeTags", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "elasticmapreduce:DescribeCluster", "elasticmapreduce:DescribeEditor", "elasticmapreduce:DescribeJobFlows", "elasticmapreduce:DescribeNotebookExecution", "elasticmapreduce:DescribePersistentAppUI", "elasticmapreduce:DescribeReleaseLabel", "elasticmapreduce:DescribeRepository", "elasticmapreduce:DescribeSecurityConfiguration", "elasticmapreduce:DescribeStep", "elasticmapreduce:DescribeStudio", "elasticmapreduce:ListBootstrapActions", "elasticmapreduce:ListClusters", "elasticmapreduce:ListEditors", "elasticmapreduce:ListInstanceFleets", "elasticmapreduce:ListInstanceGroups", "elasticmapreduce:ListInstances", "elasticmapreduce:ListNotebookExecutions", "elasticmapreduce:ListReleaseLabels", "elasticmapreduce:ListRepositories", "elasticmapreduce:ListSecurityConfigurations", "elasticmapreduce:ListSteps", "elasticmapreduce:ListStudioSessionMappings", "elasticmapreduce:ListStudios", "elasticmapreduce:ListSupportedInstanceTypes", "elasticmapreduce:ListWorkspaceAccessIdentities", "elastictranscoder:ListJobsByPipeline", "elastictranscoder:ListJobsByStatus", "elastictranscoder:ListPipelines", "elastictranscoder:ListPresets", "elastictranscoder:ReadJob", "elasticfilesystem:DescribeFileSystems", "es:DescribeDomain", "es:DescribeDomainAutoTunes", "es:DescribeDomainChangeProgress", "es:DescribeDomainConfig", "es:DescribeDomainHealth", "es:DescribeDomainNodes", "es:DescribeDomains", "es:DescribeDryRunProgress", "es:DescribeElasticsearchDomain", "es:DescribeElasticsearchDomainConfig", "es:DescribeElasticsearchDomains", "es:DescribeElasticsearchInstanceTypeLimits", "es:DescribeInboundConnections", "es:DescribeInboundCrossClusterSearchConnections", "es:DescribeInstanceTypeLimits", "es:DescribeOutboundConnections", "es:DescribeOutboundCrossClusterSearchConnections", "es:DescribePackages", "es:DescribeReservedElasticsearchInstanceOfferings", "es:DescribeReservedElasticsearchInstances", "es:DescribeReservedInstanceOfferings", "es:DescribeReservedInstances", "es:DescribeVpcEndpoints", "es:ListDataSources", "es:ListDomainMaintenances", "es:ListDomainNames", "es:ListDomainsForPackage", "es:ListElasticsearchInstanceTypeDetails", "es:ListElasticsearchInstanceTypes", "es:ListElasticsearchVersions", "es:ListInstanceTypeDetails", "es:ListPackagesForDomain", "es:ListScheduledActions", "es:ListTags", "es:ListVersions", "es:ListVpcEndpointAccess", "es:ListVpcEndpoints", "es:ListVpcEndpointsForDomain", "es:ESHttpGet", "es:ESHttpHead", "events:DescribeRule", "events:ListApiDestinations", "events:ListArchives", "events:ListConnections", "events:ListEndpoints", "events:ListEventBuses", "events:ListEventSources", "events:ListPartnerEventSourceAccounts", "events:ListPartnerEventSources", "events:ListReplays", "events:ListRuleNamesByTarget", "events:ListRules", "events:ListTagsForResource", "events:ListTargetsByRule", "events:TestEventPattern", "firehose:DescribeDeliveryStream", "firehose:ListDeliveryStreams", "firehose:ListTagsForDeliveryStream", "gamelift:ListAliases", "gamelift:ListBuilds", "gamelift:ListCompute", "gamelift:ListContainerGroupDefinitions", "gamelift:ListFleets", "gamelift:ListGameServerGroups", "gamelift:ListGameServers", "gamelift:ListLocations", "gamelift:ListScripts", "gamelift:ListTagsForResource", "gamelift:DescribeAlias", "gamelift:DescribeBuild", "gamelift:DescribeCompute", "gamelift:DescribeContainerGroupDefinition", "gamelift:DescribeEC2InstanceLimits", "gamelift:DescribeFleetAttributes", "gamelift:DescribeFleetCapacity", "gamelift:DescribeFleetEvents", "gamelift:DescribeFleetLocationAttributes", "gamelift:DescribeFleetLocationCapacity", "gamelift:DescribeFleetLocationUtilization", "gamelift:DescribeFleetPortSettings", "gamelift:DescribeFleetUtilization", "gamelift:DescribeGameServer", "gamelift:DescribeGameServerGroup", "gamelift:DescribeGameServerInstances", "gamelift:DescribeGameSessionDetails", "gamelift:DescribeGameSessionPlacement", "gamelift:DescribeGameSessionQueues", "gamelift:DescribeGameSessions", "gamelift:DescribeInstances", "gamelift:DescribeMatchmaking", "gamelift:DescribeMatchmakingConfigurations", "gamelift:DescribeMatchmakingRuleSets", "gamelift:DescribePlayerSessions", "gamelift:DescribeRuntimeConfiguration", "gamelift:DescribeScalingPolicies", "gamelift:DescribeScript", "gamelift:DescribeVpcPeeringAuthorizations", "gamelift:DescribeVpcPeeringConnections", "glacier:ListVaults", "glacier:DescribeVault", "glacier:DescribeJob", "glacier:GetDataRetrievalPolicy", "glacier:GetJobOutput", "glacier:GetVaultAccessPolicy", "glacier:GetVaultLock", "glacier:GetVaultNotifications", "glacier:ListJobs", "glacier:ListMultipartUploads", "glacier:ListParts", "glacier:ListProvisionedCapacity", "glacier:ListTagsForVault", "glacier:ListVaults", "iam:GenerateCredentialReport", "iam:GenerateServiceLastAccessedDetails", "iam:GetAccessKeyLastUsed", "iam:GetAccountAuthorizationDetails", "iam:GetAccountEmailAddress", "iam:GetAccountName", "iam:GetAccountPasswordPolicy", "iam:GetAccountSummary", "iam:GetCloudFrontPublicKey", "iam:GetContextKeysForCustomPolicy", "iam:GetContextKeysForPrincipalPolicy", "iam:GetCredentialReport", "iam:GetGroup", "iam:GetGroupPolicy", "iam:GetInstanceProfile", "iam:GetLoginProfile", "iam:GetMFADevice", "iam:GetOpenIDConnectProvider", "iam:GetOrganizationsAccessReport", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:GetRole", "iam:GetRolePolicy", "iam:GetSAMLProvider", "iam:GetSSHPublicKey", "iam:GetServerCertificate", "iam:GetServiceLastAccessedDetails", "iam:GetServiceLastAccessedDetailsWithEntities", "iam:GetServiceLinkedRoleDeletionStatus", "iam:GetUser", "iam:GetUserPolicy", "iam:ListAccessKeys", "iam:ListAccountAliases", "iam:ListAttachedGroupPolicies", "iam:ListAttachedRolePolicies", "iam:ListAttachedUserPolicies", "iam:ListCloudFrontPublicKeys", "iam:ListEntitiesForPolicy", "iam:ListGroupPolicies", "iam:ListGroups", "iam:ListGroupsForUser", "iam:ListInstanceProfileTags", "iam:ListInstanceProfiles", "iam:ListInstanceProfilesForRole", "iam:ListMFADeviceTags", "iam:ListMFADevices", "iam:ListOpenIDConnectProviderTags", "iam:ListOpenIDConnectProviders", "iam:ListPolicies", "iam:ListPoliciesGrantingServiceAccess", "iam:ListPolicyTags", "iam:ListPolicyVersions", "iam:ListRolePolicies", "iam:ListRoleTags", "iam:ListRoles", "iam:ListSAMLProviderTags", "iam:ListSAMLProviders", "iam:ListSSHPublicKeys", "iam:ListSTSRegionalEndpointsStatus", "iam:ListServerCertificateTags", "iam:ListServerCertificates", "iam:ListServiceSpecificCredentials", "iam:ListSigningCertificates", "iam:ListUserPolicies", "iam:ListUserTags", "iam:ListUsers", "iam:ListVirtualMFADevices", "importexport:GetStatus", "importexport:ListJobs", "inspector:DescribeAssessmentRuns", "inspector:DescribeAssessmentTargets", "inspector:DescribeAssessmentTemplates", "inspector:DescribeCrossAccountAccessRole", "inspector:DescribeExclusions", "inspector:DescribeFindings", "inspector:DescribeResourceGroups", "inspector:DescribeRulesPackages", "inspector:ListAssessmentRunAgents", "inspector:ListAssessmentRuns", "inspector:ListAssessmentTargets", "inspector:ListAssessmentTemplates", "inspector:ListEventSubscriptions", "inspector:ListExclusions", "inspector:ListFindings", "inspector:ListRulesPackages", "inspector:ListTagsForResource", "iot:DescribeAccountAuditConfiguration", "iot:DescribeAuditFinding", "iot:DescribeAuditMitigationActionsTask", "iot:DescribeAuditSuppression", "iot:DescribeAuditTask", "iot:DescribeAuthorizer", "iot:DescribeBillingGroup", "iot:DescribeCACertificate", "iot:DescribeCertificate", "iot:DescribeCertificateProvider", "iot:DescribeCustomMetric", "iot:DescribeDefaultAuthorizer", "iot:DescribeDetectMitigationActionsTask", "iot:DescribeDimension", "iot:DescribeDomainConfiguration", "iot:DescribeEndpoint", "iot:DescribeEventConfigurations", "iot:DescribeFleetMetric", "iot:DescribeIndex", "iot:DescribeJob", "iot:DescribeJobExecution", "iot:DescribeJobTemplate", "iot:DescribeManagedJobTemplate", "iot:DescribeMitigationAction", "iot:DescribeProvisioningTemplate", "iot:DescribeProvisioningTemplateVersion", "iot:DescribeRoleAlias", "iot:DescribeScheduledAudit", "iot:DescribeSecurityProfile", "iot:DescribeStream", "iot:DescribeThing", "iot:DescribeThingGroup", "iot:DescribeThingRegistrationTask", "iot:DescribeThingType", "iot:DescribeTunnel", "iot:GetBehaviorModelTrainingSummaries", "iot:GetBucketsAggregation", "iot:GetCardinality", "iot:GetEffectivePolicies", "iot:GetIndexingConfiguration", "iot:GetJobDocument", "iot:GetLoggingOptions", "iot:GetOTAUpdate", "iot:GetPackage", "iot:GetPackageConfiguration", "iot:GetPackageVersion", "iot:GetPercentiles", "iot:GetPolicy", "iot:GetPolicyVersion", "iot:GetRegistrationCode", "iot:GetRetainedMessage", "iot:GetStatistics", "iot:GetThingShadow", "iot:GetTopicRule", "iot:GetTopicRuleDestination", "iot:GetV2LoggingOptions", "iot:ListActiveViolations", "iot:ListAttachedPolicies", "iot:ListAuditFindings", "iot:ListAuditMitigationActionsExecutions", "iot:ListAuditMitigationActionsTasks", "iot:ListAuditSuppressions", "iot:ListAuditTasks", "iot:ListAuthorizers", "iot:ListBillingGroups", "iot:ListCACertificates", "iot:ListCertificateProviders", "iot:ListCertificates", "iot:ListCertificatesByCA", "iot:ListCustomMetrics", "iot:ListDetectMitigationActionsExecutions", "iot:ListDetectMitigationActionsTasks", "iot:ListDimensions", "iot:ListDomainConfigurations", "iot:ListFleetMetrics", "iot:ListIndices", "iot:ListJobExecutionsForJob", "iot:ListJobExecutionsForThing", "iot:ListJobTemplates", "iot:ListJobs", "iot:ListManagedJobTemplates", "iot:ListMetricValues", "iot:ListMitigationActions", "iot:ListNamedShadowsForThing", "iot:ListOTAUpdates", "iot:ListOutgoingCertificates", "iot:ListPackageVersions", "iot:ListPackages", "iot:ListPolicies", "iot:ListPolicyPrincipals", "iot:ListPolicyVersions", "iot:ListPrincipalPolicies", "iot:ListPrincipalThings", "iot:ListProvisioningTemplateVersions", "iot:ListProvisioningTemplates", "iot:ListRelatedResourcesForAuditFinding", "iot:ListRetainedMessages", "iot:ListRoleAliases", "iot:ListScheduledAudits", "iot:ListSecurityProfiles", "iot:ListSecurityProfilesForTarget", "iot:ListStreams", "iot:ListTagsForResource", "iot:ListTargetsForPolicy", "iot:ListTargetsForSecurityProfile", "iot:ListThingGroups", "iot:ListThingGroupsForThing", "iot:ListThingPrincipals", "iot:ListThingRegistrationTaskReports", "iot:ListThingRegistrationTasks", "iot:ListThingTypes", "iot:ListThings", "iot:ListThingsInBillingGroup", "iot:ListThingsInThingGroup", "iot:ListTopicRuleDestinations", "iot:ListTopicRules", "iot:ListTunnels", "iot:ListV2LoggingLevels", "iot:ListViolationEvents", "kinesisanalytics:DescribeApplication", "kinesisanalytics:DiscoverInputSchema", "kinesisanalytics:GetApplicationState", "kinesisanalytics:ListApplications", "kinesis:DescribeLimits", "kinesis:DescribeStream", "kinesis:DescribeStreamConsumer", "kinesis:DescribeStreamSummary", "kinesis:GetRecords", "kinesis:GetResourcePolicy", "kinesis:GetShardIterator", "kinesis:ListShards", "kinesis:ListStreamConsumers", "kinesis:ListStreams", "kinesis:ListTagsForStream", "kms:DescribeCustomKeyStores", "kms:DescribeKey", "kms:GetKeyPolicy", "kms:GetKeyRotationStatus", "kms:GetParametersForImport", "kms:GetPublicKey", "kms:ListAliases", "kms:ListGrants", "kms:ListKeyPolicies", "kms:ListKeyRotations", "kms:ListKeys", "kms:ListResourceTags", "kms:ListRetirableGrants", "lambda:ListAliases", "lambda:ListCodeSigningConfigs", "lambda:ListEventSourceMappings", "lambda:ListFunctionEventInvokeConfigs", "lambda:ListFunctionUrlConfigs", "lambda:ListFunctions", "lambda:ListFunctionsByCodeSigningConfig", "lambda:ListLayerVersions", "lambda:ListLayers", "lambda:ListProvisionedConcurrencyConfigs", "lambda:ListTags", "lambda:ListVersionsByFunction", "lambda:GetAccountSettings", "lambda:GetAlias", "lambda:GetCodeSigningConfig", "lambda:GetEventSourceMapping", "lambda:GetFunction", "lambda:GetFunctionCodeSigningConfig", "lambda:GetFunctionConcurrency", "lambda:GetFunctionConfiguration", "lambda:GetFunctionEventInvokeConfig", "lambda:GetFunctionUrlConfig", "lambda:GetLayerVersion", "lambda:GetLayerVersionPolicy", "lambda:GetPolicy", "lambda:GetProvisionedConcurrencyConfig", "lambda:GetRuntimeManagementConfig", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:TestMetricFilter", "machinelearning:DescribeBatchPredictions", "machinelearning:DescribeDataSources", "machinelearning:DescribeEvaluations", "machinelearning:DescribeMLModels", "machinelearning:DescribeTags", "machinelearning:GetBatchPrediction", "machinelearning:GetDataSource", "machinelearning:GetEvaluation", "machinelearning:GetMLModel", "opsworks:DescribeAgentVersions", "opsworks:DescribeApps", "opsworks:DescribeCommands", "opsworks:DescribeDeployments", "opsworks:DescribeEcsClusters", "opsworks:DescribeElasticIps", "opsworks:DescribeElasticLoadBalancers", "opsworks:DescribeInstances", "opsworks:DescribeLayers", "opsworks:DescribeLoadBasedAutoScaling", "opsworks:DescribeMyUserProfile", "opsworks:DescribeOperatingSystems", "opsworks:DescribePermissions", "opsworks:DescribeRaidArrays", "opsworks:DescribeRdsDbInstances", "opsworks:DescribeServiceErrors", "opsworks:DescribeStackProvisioningParameters", "opsworks:DescribeStackSummary", "opsworks:DescribeStacks", "opsworks:DescribeTimeBasedAutoScaling", "opsworks:DescribeUserProfiles", "opsworks:DescribeVolumes", "rds:DescribeAccountAttributes", "rds:DescribeBlueGreenDeployments", "rds:DescribeCertificates", "rds:DescribeDBClusterAutomatedBackups", "rds:DescribeDBClusterBacktracks", "rds:DescribeDBClusterEndpoints", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBProxies", "rds:DescribeDBProxyEndpoints", "rds:DescribeDBProxyTargetGroups", "rds:DescribeDBProxyTargets", "rds:DescribeDBRecommendations", "rds:DescribeDBSecurityGroups", "rds:DescribeDBShardGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeDbSnapshotTenantDatabases", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeExportTasks", "rds:DescribeGlobalClusters", "rds:DescribeIntegrations", "rds:DescribeOptionGroupOptions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeRecommendationGroups", "rds:DescribeRecommendations", "rds:DescribeReservedDBInstances", "rds:DescribeReservedDBInstancesOfferings", "rds:DescribeSourceRegions", "rds:DescribeTenantDatabases", "rds:DescribeValidDBInstanceModifications", "rds:ListTagsForResource", "redshift:DescribeAccountAttributes", "redshift:DescribeAuthenticationProfiles", "redshift:DescribeClusterDbRevisions", "redshift:DescribeClusterParameterGroups", "redshift:DescribeClusterParameters", "redshift:DescribeClusterSecurityGroups", "redshift:DescribeClusterSnapshots", "redshift:DescribeClusterSubnetGroups", "redshift:DescribeClusterTracks", "redshift:DescribeClusterVersions", "redshift:DescribeClusters", "redshift:DescribeCustomDomainAssociations", "redshift:DescribeDataShares", "redshift:DescribeDataSharesForConsumer", "redshift:DescribeDataSharesForProducer", "redshift:DescribeDefaultClusterParameters", "redshift:DescribeEndpointAccess", "redshift:DescribeEndpointAuthorization", "redshift:DescribeEventCategories", "redshift:DescribeEventSubscriptions", "redshift:DescribeEvents", "redshift:DescribeHsmClientCertificates", "redshift:DescribeHsmConfigurations", "redshift:DescribeInboundIntegrations", "redshift:DescribeLoggingStatus", "redshift:DescribeNodeConfigurationOptions", "redshift:DescribeOrderableClusterOptions", "redshift:DescribePartners", "redshift:DescribeQev2IdcApplications", "redshift:DescribeQuery", "redshift:DescribeRedshiftIdcApplications", "redshift:DescribeReservedNodeExchangeStatus", "redshift:DescribeReservedNodeOfferings", "redshift:DescribeReservedNodes", "redshift:DescribeResize", "redshift:DescribeSavedQueries", "redshift:DescribeScheduledActions", "redshift:DescribeSnapshotCopyGrants", "redshift:DescribeSnapshotSchedules", "redshift:DescribeStorage", "redshift:DescribeTable", "redshift:DescribeTableRestoreStatus", "redshift:DescribeTags", "redshift:DescribeUsageLimits", "route53:GetAccountLimit", "route53:GetChange", "route53:GetCheckerIpRanges", "route53:GetDNSSEC", "route53:GetGeoLocation", "route53:GetHealthCheck", "route53:GetHealthCheckCount", "route53:GetHealthCheckLastFailureReason", "route53:GetHealthCheckStatus", "route53:GetHostedZone", "route53:GetHostedZoneCount", "route53:GetHostedZoneLimit", "route53:GetQueryLoggingConfig", "route53:GetReusableDelegationSet", "route53:GetReusableDelegationSetLimit", "route53:GetTrafficPolicy", "route53:GetTrafficPolicyInstance", "route53:GetTrafficPolicyInstanceCount", "route53:ListCidrBlocks", "route53:ListCidrCollections", "route53:ListCidrLocations", "route53:ListGeoLocations", "route53:ListHealthChecks", "route53:ListHostedZones", "route53:ListHostedZonesByName", "route53:ListHostedZonesByVPC", "route53:ListQueryLoggingConfigs", "route53:ListResourceRecordSets", "route53:ListReusableDelegationSets", "route53:ListTagsForResource", "route53:ListTagsForResources", "route53:ListTrafficPolicies", "route53:ListTrafficPolicyInstances", "route53:ListTrafficPolicyInstancesByHostedZone", "route53:ListTrafficPolicyInstancesByPolicy", "route53:ListTrafficPolicyVersions", "route53:ListVPCAssociationAuthorizations", "route53domains:CheckDomainAvailability", "route53domains:GetDomainDetail", "route53domains:GetOperationDetail", "route53domains:ListDomains", "route53domains:ListOperations", "route53domains:ListPrices", "route53domains:ListTagsForDomain", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "sdb:GetAttributes", "sdb:ListDomains", "sdb:Select", "servicecatalog:SearchProducts", "servicecatalog:DescribeProduct", "servicecatalog:DescribeProductView", "servicecatalog:ListLaunchPaths", "servicecatalog:DescribeProvisioningParameters", "servicecatalog:ListRecordHistory", "servicecatalog:DescribeRecord", "servicecatalog:ScanProvisionedProducts", "ses:GetAccount", "ses:GetBlacklistReports", "ses:GetConfigurationSet", "ses:GetConfigurationSetEventDestinations", "ses:GetDedicatedIp", "ses:GetDedicatedIps", "ses:GetDeliverabilityDashboardOptions", "ses:GetDeliverabilityTestReport", "ses:GetDomainDeliverabilityCampaign", "ses:GetDomainStatisticsReport", "ses:GetEmailIdentity", "ses:GetAccountSendingEnabled", "ses:GetCustomVerificationEmailTemplate", "ses:GetIdentityDkimAttributes", "ses:GetIdentityMailFromDomainAttributes", "ses:GetIdentityNotificationAttributes", "ses:GetIdentityPolicies", "ses:GetIdentityVerificationAttributes", "ses:GetSendQuota", "ses:GetSendStatistics", "ses:GetTemplate", "ses:GetContact", "ses:GetContactList", "ses:GetDedicatedIpPool", "ses:GetEmailIdentityPolicies", "ses:GetEmailTemplate", "ses:GetExportJob", "ses:GetImportJob", "ses:GetMessageInsights", "ses:GetSuppressedDestination", "ses:ListConfigurationSets", "ses:ListDedicatedIpPools", "ses:ListDeliverabilityTestReports", "ses:ListDomainDeliverabilityCampaigns", "ses:ListEmailIdentities", "ses:ListTagsForResource", "ses:ListCustomVerificationEmailTemplates", "ses:ListIdentities", "ses:ListIdentityPolicies", "ses:ListReceiptFilters", "ses:ListReceiptRuleSets", "ses:ListTemplates", "ses:ListVerifiedEmailAddresses", "ses:ListContactLists", "ses:ListContacts", "ses:ListEmailTemplates", "ses:ListExportJobs", "ses:ListImportJobs", "ses:ListRecommendations", "ses:ListSuppressedDestinations", "sns:GetDataProtectionPolicy", "sns:GetEndpointAttributes", "sns:GetPlatformApplicationAttributes", "sns:GetSMSAttributes", "sns:GetSMSSandboxAccountStatus", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:ListEndpointsByPlatformApplication", "sns:ListOriginationNumbers", "sns:ListPhoneNumbersOptedOut", "sns:ListPlatformApplications", "sns:ListSMSSandboxPhoneNumbers", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "sqs:ListQueues", "sqs:ReceiveMessage", "ssm:ListAssociationVersions", "ssm:ListAssociations", "ssm:ListCommandInvocations", "ssm:ListCommands", "ssm:ListComplianceItems", "ssm:ListComplianceSummaries", "ssm:ListDocumentMetadataHistory", "ssm:ListDocumentVersions", "ssm:ListDocuments", "ssm:ListInstanceAssociations", "ssm:ListInventoryEntries", "ssm:ListOpsItemEvents", "ssm:ListOpsItemRelatedItems", "ssm:ListOpsMetadata", "ssm:ListResourceComplianceSummaries", "ssm:ListResourceDataSync", "ssm:ListTagsForResource", "ssm:DescribeActivations", "ssm:DescribeAssociation", "ssm:DescribeAssociationExecutionTargets", "ssm:DescribeAssociationExecutions", "ssm:DescribeAutomationExecutions", "ssm:DescribeAutomationStepExecutions", "ssm:DescribeAvailablePatches", "ssm:DescribeDocument", "ssm:DescribeDocumentParameters", "ssm:DescribeDocumentPermission", "ssm:DescribeEffectiveInstanceAssociations", "ssm:DescribeEffectivePatchesForPatchBaseline", "ssm:DescribeInstanceAssociationsStatus", "ssm:DescribeInstanceInformation", "ssm:DescribeInstancePatchStates", "ssm:DescribeInstancePatchStatesForPatchGroup", "ssm:DescribeInstancePatches", "ssm:DescribeInstanceProperties", "ssm:DescribeInventoryDeletions", "ssm:DescribeMaintenanceWindowExecutionTaskInvocations", "ssm:DescribeMaintenanceWindowExecutionTasks", "ssm:DescribeMaintenanceWindowExecutions", "ssm:DescribeMaintenanceWindowSchedule", "ssm:DescribeMaintenanceWindowTargets", "ssm:DescribeMaintenanceWindowTasks", "ssm:DescribeMaintenanceWindows", "ssm:DescribeMaintenanceWindowsForTarget", "ssm:DescribeOpsItems", "ssm:DescribeParameters", "ssm:DescribePatchBaselines", "ssm:DescribePatchGroupState", "ssm:DescribePatchGroups", "ssm:DescribePatchProperties", "ssm:DescribeSessions", "storagegateway:DescribeAvailabilityMonitorTest", "storagegateway:DescribeBandwidthRateLimit", "storagegateway:DescribeBandwidthRateLimitSchedule", "storagegateway:DescribeCache", "storagegateway:DescribeCachediSCSIVolumes", "storagegateway:DescribeChapCredentials", "storagegateway:DescribeFileSystemAssociations", "storagegateway:DescribeGatewayInformation", "storagegateway:DescribeMaintenanceStartTime", "storagegateway:DescribeNFSFileShares", "storagegateway:DescribeSMBFileShares", "storagegateway:DescribeSMBSettings", "storagegateway:DescribeSnapshotSchedule", "storagegateway:DescribeStorediSCSIVolumes", "storagegateway:DescribeTapeArchives", "storagegateway:DescribeTapeRecoveryPoints", "storagegateway:DescribeTapes", "storagegateway:DescribeUploadBuffer", "storagegateway:DescribeVTLDevices", "storagegateway:DescribeWorkingStorage", "storagegateway:ListAutomaticTapeCreationPolicies", "storagegateway:ListFileShares", "storagegateway:ListFileSystemAssociations", "storagegateway:ListGateways", "storagegateway:ListLocalDisks", "storagegateway:ListTagsForResource", "storagegateway:ListTapePools", "storagegateway:ListTapes", "storagegateway:ListVolumeInitiators", "storagegateway:ListVolumeRecoveryPoints", "storagegateway:ListVolumes", "swf:CountClosedWorkflowExecutions", "swf:CountOpenWorkflowExecutions", "swf:CountPendingActivityTasks", "swf:CountPendingDecisionTasks", "swf:DescribeActivityType", "swf:DescribeDomain", "swf:DescribeWorkflowExecution", "swf:DescribeWorkflowType", "swf:GetWorkflowExecutionHistory", "swf:ListActivityTypes", "swf:ListClosedWorkflowExecutions", "swf:ListDomains", "swf:ListOpenWorkflowExecutions", "swf:ListTagsForResource", "swf:ListWorkflowTypes", "waf:GetByteMatchSet", "waf:GetChangeToken", "waf:GetChangeTokenStatus", "waf:GetGeoMatchSet", "waf:GetIPSet", "waf:GetLoggingConfiguration", "waf:GetPermissionPolicy", "waf:GetRateBasedRule", "waf:GetRateBasedRuleManagedKeys", "waf:GetRegexMatchSet", "waf:GetRegexPatternSet", "waf:GetRule", "waf:GetRuleGroup", "waf:GetSampledRequests", "waf:GetSizeConstraintSet", "waf:GetSqlInjectionMatchSet", "waf:GetWebACL", "waf:GetXssMatchSet", "waf:ListActivatedRulesInRuleGroup", "waf:ListByteMatchSets", "waf:ListGeoMatchSets", "waf:ListIPSets", "waf:ListLoggingConfigurations", "waf:ListRateBasedRules", "waf:ListRegexMatchSets", "waf:ListRegexPatternSets", "waf:ListRuleGroups", "waf:ListRules", "waf:ListSizeConstraintSets", "waf:ListSqlInjectionMatchSets", "waf:ListSubscribedRuleGroups", "waf:ListTagsForResource", "waf:ListWebACLs", "waf:ListXssMatchSets", "workdocs:DescribeActivities", "workdocs:DescribeAvailableDirectories", "workdocs:DescribeComments", "workdocs:DescribeDocumentVersions", "workdocs:DescribeFolderContents", "workdocs:DescribeGroups", "workdocs:DescribeInstanceExports", "workdocs:DescribeInstances", "workdocs:DescribeNotificationPermissions", "workdocs:DescribeNotificationSubscriptions", "workdocs:DescribeResourcePermissions", "workdocs:DescribeRootFolders", "workdocs:DescribeUsers", "workmail:DescribeDirectories", "workmail:DescribeEmailMonitoringConfiguration", "workmail:DescribeEntity", "workmail:DescribeGroup", "workmail:DescribeInboundDmarcSettings", "workmail:DescribeInboundMailFlowRule", "workmail:DescribeKmsKeys", "workmail:DescribeMailDomains", "workmail:DescribeMailGroups", "workmail:DescribeMailUsers", "workmail:DescribeMailboxExportJob", "workmail:DescribeOrganization", "workmail:DescribeOrganizations", "workmail:DescribeOutboundMailFlowRule", "workmail:DescribeResource", "workmail:DescribeSmtpGateway", "workmail:DescribeUser", "workmail:GetAccessControlEffect", "workmail:GetDefaultRetentionPolicy", "workmail:GetImpersonationRole", "workmail:GetImpersonationRoleEffect", "workmail:GetJournalingRules", "workmail:GetMailDomain", "workmail:GetMailDomainDetails", "workmail:GetMailGroupDetails", "workmail:GetMailboxDetails", "workmail:GetMobileDeviceAccessEffect", "workmail:GetMobileDeviceAccessOverride", "workmail:GetMobileDeviceDetails", "workmail:GetMobileDevicesForUser", "workmail:GetMobilePolicyDetails", "workspaces:DescribeAccount", "workspaces:DescribeAccountModifications", "workspaces:DescribeApplicationAssociations", "workspaces:DescribeApplications", "workspaces:DescribeBundleAssociations", "workspaces:DescribeClientBranding", "workspaces:DescribeClientProperties", "workspaces:DescribeConnectClientAddIns", "workspaces:DescribeConnectionAliasPermissions", "workspaces:DescribeConnectionAliases", "workspaces:DescribeImageAssociations", "workspaces:DescribeIpGroups", "workspaces:DescribeTags", "workspaces:DescribeWorkspaceAssociations", "workspaces:DescribeWorkspaceBundles", "workspaces:DescribeWorkspaceDirectories", "workspaces:DescribeWorkspaceImagePermissions", "workspaces:DescribeWorkspaceImages", "workspaces:DescribeWorkspaceSnapshots", "workspaces:DescribeWorkspaces", "workspaces:DescribeWorkspacesConnectionStatus" ], "malformed": false, "name": "SupportUser", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-08-25T18:40:27+00:00", "version": "v8" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSServiceCatalogAdminFullAccess", "createdate": "2023-04-13T18:43:01Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudformation:CreateStack", "cloudformation:DeleteStack", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStacks", "cloudformation:SetStackPolicy", "cloudformation:UpdateStack", "cloudformation:CreateChangeSet", "cloudformation:DescribeChangeSet", "cloudformation:ExecuteChangeSet", "cloudformation:ListChangeSets", "cloudformation:DeleteChangeSet", "cloudformation:ListStackResources", "cloudformation:TagResource", "cloudformation:CreateStackSet", "cloudformation:CreateStackInstances", "cloudformation:UpdateStackSet", "cloudformation:UpdateStackInstances", "cloudformation:DeleteStackSet", "cloudformation:DeleteStackInstances", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackSetOperation", "cloudformation:ListStackInstances", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSetOperationResults", "cloudformation:CreateUploadBucket", "cloudformation:GetTemplateSummary", "cloudformation:ValidateTemplate", "iam:GetGroup", "iam:GetRole", "iam:GetUser", "iam:ListGroups", "iam:ListRoles", "iam:ListUsers", "servicecatalog:GetAWSOrganizationsAccessStatus", "servicecatalog:GetApplication", "servicecatalog:GetAssociatedResource", "servicecatalog:GetAttributeGroup", "servicecatalog:GetConfiguration", "servicecatalog:GetProvisionedProductOutputs", "servicecatalog:ScanProvisionedProducts", "servicecatalog:SearchProducts", "servicecatalog:SearchProductsAsAdmin", "servicecatalog:SearchProvisionedProducts", "servicecatalog:ListAcceptedPortfolioShares", "servicecatalog:ListApplications", "servicecatalog:ListAssociatedAttributeGroups", "servicecatalog:ListAssociatedResources", "servicecatalog:ListAttributeGroups", "servicecatalog:ListAttributeGroupsForApplication", "servicecatalog:ListBudgetsForResource", "servicecatalog:ListConstraintsForPortfolio", "servicecatalog:ListLaunchPaths", "servicecatalog:ListOrganizationPortfolioAccess", "servicecatalog:ListPortfolioAccess", "servicecatalog:ListPortfolios", "servicecatalog:ListPortfoliosForProduct", "servicecatalog:ListPrincipalsForPortfolio", "servicecatalog:ListProvisionedProductPlans", "servicecatalog:ListProvisioningArtifacts", "servicecatalog:ListProvisioningArtifactsForServiceAction", "servicecatalog:ListRecordHistory", "servicecatalog:ListResourcesForTagOption", "servicecatalog:ListServiceActions", "servicecatalog:ListServiceActionsForProvisioningArtifact", "servicecatalog:ListStackInstancesForProvisionedProduct", "servicecatalog:ListTagOptions", "servicecatalog:ListTagsForResource", "servicecatalog:TagResource", "servicecatalog:UntagResource", "servicecatalog:SyncResource", "ssm:DescribeDocument", "ssm:GetAutomationExecution", "ssm:ListDocuments", "ssm:ListDocumentVersions", "config:DescribeConfigurationRecorders", "config:DescribeConfigurationRecorderStatus", "servicecatalog:AcceptPortfolioShare", "servicecatalog:AssociateAttributeGroup", "servicecatalog:AssociateBudgetWithResource", "servicecatalog:AssociatePrincipalWithPortfolio", "servicecatalog:AssociateProductWithPortfolio", "servicecatalog:AssociateResource", "servicecatalog:AssociateServiceActionWithProvisioningArtifact", "servicecatalog:AssociateTagOptionWithResource", "servicecatalog:BatchAssociateServiceActionWithProvisioningArtifact", "servicecatalog:BatchDisassociateServiceActionFromProvisioningArtifact", "servicecatalog:CopyProduct", "servicecatalog:CreateApplication", "servicecatalog:CreateAttributeGroup", "servicecatalog:CreateConstraint", "servicecatalog:CreatePortfolio", "servicecatalog:CreatePortfolioShare", "servicecatalog:CreateProduct", "servicecatalog:CreateProvisionedProductPlan", "servicecatalog:CreateProvisioningArtifact", "servicecatalog:CreateServiceAction", "servicecatalog:CreateTagOption", "servicecatalog:DeleteApplication", "servicecatalog:DeleteAttributeGroup", "servicecatalog:DeleteConstraint", "servicecatalog:DeletePortfolio", "servicecatalog:DeletePortfolioShare", "servicecatalog:DeleteProduct", "servicecatalog:DeleteProvisionedProductPlan", "servicecatalog:DeleteProvisioningArtifact", "servicecatalog:DeleteServiceAction", "servicecatalog:DeleteTagOption", "servicecatalog:DescribeConstraint", "servicecatalog:DescribeCopyProductStatus", "servicecatalog:DescribePortfolio", "servicecatalog:DescribePortfolioShareStatus", "servicecatalog:DescribePortfolioShares", "servicecatalog:DescribeProduct", "servicecatalog:DescribeProductAsAdmin", "servicecatalog:DescribeProductView", "servicecatalog:DescribeProvisionedProduct", "servicecatalog:DescribeProvisionedProductPlan", "servicecatalog:DescribeProvisioningArtifact", "servicecatalog:DescribeProvisioningParameters", "servicecatalog:DescribeRecord", "servicecatalog:DescribeServiceAction", "servicecatalog:DescribeServiceActionExecutionParameters", "servicecatalog:DescribeTagOption", "servicecatalog:DisableAWSOrganizationsAccess", "servicecatalog:DisassociateAttributeGroup", "servicecatalog:DisassociateBudgetFromResource", "servicecatalog:DisassociatePrincipalFromPortfolio", "servicecatalog:DisassociateProductFromPortfolio", "servicecatalog:DisassociateResource", "servicecatalog:DisassociateServiceActionFromProvisioningArtifact", "servicecatalog:DisassociateTagOptionFromResource", "servicecatalog:EnableAWSOrganizationsAccess", "servicecatalog:ExecuteProvisionedProductPlan", "servicecatalog:ExecuteProvisionedProductServiceAction", "servicecatalog:ImportAsProvisionedProduct", "servicecatalog:ProvisionProduct", "servicecatalog:PutConfiguration", "servicecatalog:RejectPortfolioShare", "servicecatalog:TerminateProvisionedProduct", "servicecatalog:UpdateApplication", "servicecatalog:UpdateAttributeGroup", "servicecatalog:UpdateConstraint", "servicecatalog:UpdatePortfolio", "servicecatalog:UpdatePortfolioShare", "servicecatalog:UpdateProduct", "servicecatalog:UpdateProvisionedProduct", "servicecatalog:UpdateProvisionedProductProperties", "servicecatalog:UpdateProvisioningArtifact", "servicecatalog:UpdateServiceAction", "servicecatalog:UpdateTagOption", "iam:PassRole", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSServiceCatalogAdminFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-13T18:43:01+00:00", "version": "v8" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonDevOpsGuruReadOnlyAccess", "createdate": "2022-08-25T18:11:21Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "devops-guru:DescribeAccountHealth", "devops-guru:DescribeAccountOverview", "devops-guru:DescribeAnomaly", "devops-guru:DescribeEventSourcesConfig", "devops-guru:DescribeFeedback", "devops-guru:DescribeInsight", "devops-guru:DescribeResourceCollectionHealth", "devops-guru:DescribeServiceIntegration", "devops-guru:GetCostEstimation", "devops-guru:GetResourceCollection", "devops-guru:ListAnomaliesForInsight", "devops-guru:ListEvents", "devops-guru:ListInsights", "devops-guru:ListAnomalousLogGroups", "devops-guru:ListMonitoredResources", "devops-guru:ListNotificationChannels", "devops-guru:ListRecommendations", "devops-guru:SearchInsights", "devops-guru:StartCostEstimation", "cloudformation:DescribeStacks", "cloudformation:ListStacks", "iam:GetRole", "cloudwatch:GetMetricData", "rds:DescribeDBInstances", "logs:FilterLogEvents" ], "malformed": false, "name": "AmazonDevOpsGuruReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-08-25T18:11:21+00:00", "version": "v6" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSThinkboxDeadlineResourceTrackerAdminPolicy", "createdate": "2024-04-12T20:55:58Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "application-autoscaling:DeleteScalingPolicy", "application-autoscaling:DeregisterScalableTarget", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:PutScalingPolicy", "application-autoscaling:RegisterScalableTarget", "cloudformation:ListStacks", "cloudformation:CreateStack", "cloudformation:DeleteStack", "cloudformation:UpdateStack", "cloudformation:DescribeStacks", "cloudformation:UpdateTerminationProtection", "cloudformation:TagResource", "cloudformation:UntagResource", "dynamodb:CreateTable", "dynamodb:DeleteTable", "dynamodb:DescribeTable", "dynamodb:ListTagsOfResource", "dynamodb:TagResource", "dynamodb:UntagResource", "dynamodb:BatchWriteItem", "dynamodb:Scan", "events:DeleteRule", "events:DescribeRule", "events:PutRule", "events:PutTargets", "events:RemoveTargets", "iam:GetRole", "iam:ListAttachedRolePolicies", "iam:GetUser", "iam:CreateServiceLinkedRole", "iam:PassRole", "iam:PassRole", "lambda:GetEventSourceMapping", "lambda:CreateEventSourceMapping", "lambda:DeleteEventSourceMapping", "lambda:AddPermission", "lambda:RemovePermission", "lambda:CreateFunction", "lambda:DeleteFunction", "lambda:DeleteFunctionConcurrency", "lambda:GetFunction", "lambda:GetFunctionConfiguration", "lambda:ListTags", "lambda:PutFunctionConcurrency", "lambda:TagResource", "lambda:UntagResource", "lambda:UpdateFunctionCode", "lambda:UpdateFunctionConfiguration", "s3:GetObject", "sqs:CreateQueue", "sqs:DeleteQueue", "sqs:GetQueueAttributes", "sqs:ListQueueTags", "sqs:TagQueue", "sqs:UntagQueue" ], "malformed": false, "name": "AWSThinkboxDeadlineResourceTrackerAdminPolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-12T20:55:58+00:00", "version": "v7" }, { "access_levels": [ "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleSNS", "createdate": "2020-06-05T21:46:22Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "sns:CreateTopic", "sns:SetTopicAttributes", "sns:DeleteTopic", "sns:GetTopicAttributes", "sns:Subscribe", "sns:Unsubscribe", "sns:Publish" ], "malformed": false, "name": "AWSElasticBeanstalkRoleSNS", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-06-05T21:46:22+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonPollyFullAccess", "createdate": "2016-11-30T18:59:06Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "polly:DeleteLexicon", "polly:DescribeVoices", "polly:GetLexicon", "polly:GetSpeechSynthesisTask", "polly:ListLexicons", "polly:ListSpeechSynthesisTasks", "polly:PutLexicon", "polly:StartSpeechSynthesisTask", "polly:SynthesizeSpeech" ], "malformed": false, "name": "AmazonPollyFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2016-11-30T18:59:06+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmplifyBackendDeployFullAccess", "createdate": "2024-04-17T16:00:59Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudformation:DescribeStacks", "cloudformation:DescribeStackEvents", "cloudformation:GetTemplate", "cloudformation:ListStackResources", "cloudformation:GetTemplateSummary", "cloudformation:DeleteStack", "amplify:ListApps", "cloudformation:ListStacks", "ssm:DescribeParameters", "appsync:GetIntrospectionSchema", "amplify:GetBackendEnvironment", "appsync:GetSchemaCreationStatus", "appsync:StartSchemaCreation", "appsync:UpdateResolver", "appsync:ListFunctions", "appsync:UpdateFunction", "appsync:UpdateApiKey", "lambda:InvokeFunction", "lambda:UpdateFunctionCode", "lambda:GetFunction", "lambda:UpdateFunctionConfiguration", "s3:GetObject", "sts:AssumeRole", "ssm:GetParametersByPath", "ssm:GetParameters", "ssm:GetParameter", "ssm:PutParameter", "ssm:DeleteParameter", "ssm:DeleteParameters", "rds:DescribeDBProxies", "rds:DescribeDBInstances", "rds:DescribeDBClusters", "ec2:DescribeSubnets", "rds:DescribeDBSubnetGroups" ], "malformed": false, "name": "AmplifyBackendDeployFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-17T16:00:59+00:00", "version": "v6" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonDocDBReadOnlyAccess", "createdate": "2019-01-09T20:30:28Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "rds:DescribeAccountAttributes", "rds:DescribeCertificates", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBSubnetGroups", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DownloadDBLogFilePortion", "rds:ListTagsForResource", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", "ec2:DescribeInternetGateways", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcs", "kms:ListKeys", "kms:ListRetirableGrants", "kms:ListAliases", "kms:ListKeyPolicies", "logs:DescribeLogStreams", "logs:GetLogEvents" ], "malformed": false, "name": "AmazonDocDBReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-01-09T20:30:28+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/NeptuneReadOnlyAccess", "createdate": "2024-01-22T16:33:46Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "rds:DescribeAccountAttributes", "rds:DescribeCertificates", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBSubnetGroups", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeGlobalClusters", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DownloadDBLogFilePortion", "rds:ListTagsForResource", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", "ec2:DescribeInternetGateways", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcs", "kms:ListKeys", "kms:ListRetirableGrants", "kms:ListAliases", "kms:ListKeyPolicies", "logs:DescribeLogStreams", "logs:GetLogEvents", "neptune-db:ReadDataViaQuery", "neptune-db:GetEngineStatus", "neptune-db:GetGraphSummary", "neptune-db:GetLoaderJobStatus", "neptune-db:GetMLDataProcessingJobStatus", "neptune-db:GetMLEndpointStatus", "neptune-db:GetMLModelTrainingJobStatus", "neptune-db:GetMLModelTransformJobStatus", "neptune-db:GetQueryStatus", "neptune-db:GetStatisticsStatus", "neptune-db:GetStreamRecords", "neptune-db:ListLoaderJobs", "neptune-db:ListMLDataProcessingJobs", "neptune-db:ListMLEndpoints", "neptune-db:ListMLModelTrainingJobs", "neptune-db:ListMLModelTransformJobs" ], "malformed": false, "name": "NeptuneReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-22T16:33:46+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkEnhancedHealth", "createdate": "2018-04-09T22:12:53Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTargetHealth", "ec2:DescribeInstances", "ec2:DescribeInstanceStatus", "ec2:GetConsoleOutput", "ec2:AssociateAddress", "ec2:DescribeAddresses", "ec2:DescribeSecurityGroups", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeNotificationConfigurations", "sns:Publish", "logs:DescribeLogStreams", "logs:CreateLogStream", "logs:PutLogEvents" ], "malformed": false, "name": "AWSElasticBeanstalkEnhancedHealth", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-04-09T22:12:53+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonEventBridgeSchedulerFullAccess", "createdate": "2022-11-10T18:37:25Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "scheduler:CreateSchedule", "scheduler:CreateScheduleGroup", "scheduler:DeleteSchedule", "scheduler:DeleteScheduleGroup", "scheduler:GetSchedule", "scheduler:GetScheduleGroup", "scheduler:ListScheduleGroups", "scheduler:ListSchedules", "scheduler:ListTagsForResource", "scheduler:TagResource", "scheduler:UntagResource", "scheduler:UpdateSchedule", "iam:PassRole" ], "malformed": false, "name": "AmazonEventBridgeSchedulerFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-10T18:37:25+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/MigrationHubSMSAccessServiceRolePolicy", "createdate": "2019-10-07T18:02:22Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mgh:CreateProgressUpdateStream", "mgh:DescribeMigrationTask", "mgh:AssociateDiscoveredResource", "mgh:ListDiscoveredResources", "mgh:ImportMigrationTask", "mgh:ListCreatedArtifacts", "mgh:DisassociateDiscoveredResource", "mgh:AssociateCreatedArtifact", "mgh:NotifyMigrationTaskState", "mgh:DisassociateCreatedArtifact", "mgh:PutResourceAttributes", "mgh:ListMigrationTasks", "mgh:NotifyApplicationState", "mgh:DescribeApplicationState", "mgh:GetHomeRegion" ], "malformed": false, "name": "MigrationHubSMSAccessServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-10-07T18:02:22+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSProtonCodeBuildProvisioningServiceRolePolicy", "createdate": "2023-05-17T16:11:40Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudformation:CreateStack", "cloudformation:CreateChangeSet", "cloudformation:DeleteChangeSet", "cloudformation:DeleteStack", "cloudformation:UpdateStack", "cloudformation:DescribeStacks", "cloudformation:DescribeStackEvents", "cloudformation:ListStackResources", "codebuild:CreateProject", "codebuild:DeleteProject", "codebuild:UpdateProject", "codebuild:StartBuild", "codebuild:StopBuild", "codebuild:RetryBuild", "codebuild:BatchGetBuilds", "codebuild:BatchGetProjects", "iam:PassRole", "servicequotas:GetServiceQuota" ], "malformed": false, "name": "AWSProtonCodeBuildProvisioningServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-05-17T16:11:40+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSResourceGroupsReadOnlyAccess", "createdate": "2019-02-05T17:56:25Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "resource-groups:GetAccountSettings", "resource-groups:GetGroup", "resource-groups:GetGroupConfiguration", "resource-groups:GetGroupPolicy", "resource-groups:GetGroupQuery", "resource-groups:GetTags", "resource-groups:ListGroupResources", "resource-groups:ListGroups", "resource-groups:ListResourceTypes", "resource-groups:SearchResources", "tag:GetComplianceSummary", "tag:GetResources", "tag:GetTagKeys", "tag:GetTagValues", "cloudformation:DescribeStacks", "cloudformation:ListStackResources", "ec2:DescribeInstances", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshots", "ec2:DescribeVolumes", "ec2:DescribeVpcs", "elasticache:DescribeCacheClusters", "elasticache:DescribeSnapshots", "elasticache:ListTagsForResource", "elasticbeanstalk:DescribeEnvironments", "elasticmapreduce:DescribeCluster", "elasticmapreduce:ListClusters", "glacier:ListVaults", "glacier:DescribeVault", "glacier:ListTagsForVault", "kinesis:ListStreams", "kinesis:DescribeStream", "kinesis:ListTagsForStream", "opsworks:DescribeStacks", "opsworks:ListTags", "rds:DescribeDBInstances", "rds:DescribeDBSnapshots", "rds:ListTagsForResource", "redshift:DescribeClusters", "redshift:DescribeTags", "route53domains:ListDomains", "route53:ListHealthChecks", "route53:GetHealthCheck", "route53:ListHostedZones", "route53:GetHostedZone", "route53:ListTagsForResource", "storagegateway:ListGateways", "storagegateway:DescribeGatewayInformation", "storagegateway:ListTagsForResource", "s3:ListAllMyBuckets", "s3:GetBucketTagging", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "ssm:ListDocuments" ], "malformed": false, "name": "AWSResourceGroupsReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-02-05T17:56:25+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonZocaloFullAccess", "createdate": "2015-02-06T18:41:13Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ds:AcceptSharedDirectory", "ds:AddIpRoutes", "ds:AddRegion", "ds:AddTagsToResource", "ds:AuthorizeApplication", "ds:CancelSchemaExtension", "ds:CheckAlias", "ds:ConnectDirectory", "ds:CreateAlias", "ds:CreateComputer", "ds:CreateConditionalForwarder", "ds:CreateDirectory", "ds:CreateIdentityPoolDirectory", "ds:CreateLogSubscription", "ds:CreateMicrosoftAD", "ds:CreateSnapshot", "ds:CreateTrust", "ds:DeleteConditionalForwarder", "ds:DeleteDirectory", "ds:DeleteLogSubscription", "ds:DeleteSnapshot", "ds:DeleteTrust", "ds:DeregisterCertificate", "ds:DeregisterEventTopic", "ds:DescribeCertificate", "ds:DescribeClientAuthenticationSettings", "ds:DescribeConditionalForwarders", "ds:DescribeDirectories", "ds:DescribeDomainControllers", "ds:DescribeEventTopics", "ds:DescribeLDAPSSettings", "ds:DescribeRegions", "ds:DescribeSettings", "ds:DescribeSharedDirectories", "ds:DescribeSnapshots", "ds:DescribeTrusts", "ds:DescribeUpdateDirectory", "ds:DisableClientAuthentication", "ds:DisableLDAPS", "ds:DisableRadius", "ds:DisableRoleAccess", "ds:DisableSso", "ds:EnableClientAuthentication", "ds:EnableLDAPS", "ds:EnableRadius", "ds:EnableRoleAccess", "ds:EnableSso", "ds:GetAuthorizedApplicationDetails", "ds:GetDirectoryLimits", "ds:GetSnapshotLimits", "ds:ListAuthorizedApplications", "ds:ListCertificates", "ds:ListIpRoutes", "ds:ListLogSubscriptions", "ds:ListSchemaExtensions", "ds:ListTagsForResource", "ds:RegisterCertificate", "ds:RegisterEventTopic", "ds:RejectSharedDirectory", "ds:RemoveIpRoutes", "ds:RemoveRegion", "ds:RemoveTagsFromResource", "ds:ResetUserPassword", "ds:RestoreFromSnapshot", "ds:ShareDirectory", "ds:StartSchemaExtension", "ds:UnauthorizeApplication", "ds:UnshareDirectory", "ds:UpdateAuthorizedApplication", "ds:UpdateConditionalForwarder", "ds:UpdateDirectory", "ds:UpdateDirectorySetup", "ds:UpdateNumberOfDomainControllers", "ds:UpdateRadius", "ds:UpdateSettings", "ds:UpdateTrust", "ds:VerifyTrust", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateNetworkInterface", "ec2:CreateSecurityGroup", "ec2:CreateSubnet", "ec2:CreateTags", "ec2:CreateVpc", "ec2:DescribeAvailabilityZones", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DeleteNetworkInterface", "ec2:DeleteSecurityGroup", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress" ], "malformed": false, "name": "AmazonZocaloFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": true, "updatedate": "2015-02-06T18:41:13+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonHealthLakeReadOnlyAccess", "createdate": "2021-02-17T02:43:31Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "healthlake:ListFHIRDatastores", "healthlake:DescribeFHIRDatastore", "healthlake:DescribeFHIRImportJob", "healthlake:DescribeFHIRExportJob", "healthlake:GetCapabilities", "healthlake:ReadResource", "healthlake:SearchWithGet", "healthlake:SearchWithPost" ], "malformed": false, "name": "AmazonHealthLakeReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-02-17T02:43:31+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSIoTWirelessFullPublishAccess", "createdate": "2020-12-15T15:29:59Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iot:DescribeEndpoint", "iot:Publish" ], "malformed": false, "name": "AWSIoTWirelessFullPublishAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-15T15:29:59+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": null, "createdate": "2019-06-13T22:54:21Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "cloudwatch:PutMetricData", "secretsmanager:GetSecretValue", "s3:GetObject", "s3:PutObject", "logs:AssociateKmsKey", "logs:CancelExportTask", "logs:CreateDelivery", "logs:CreateExportTask", "logs:CreateLogAnomalyDetector", "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteAccountPolicy", "logs:DeleteDataProtectionPolicy", "logs:DeleteDelivery", "logs:DeleteDeliveryDestination", "logs:DeleteDeliveryDestinationPolicy", "logs:DeleteDeliverySource", "logs:DeleteDestination", "logs:DeleteLogAnomalyDetector", "logs:DeleteLogDelivery", "logs:DeleteLogGroup", "logs:DeleteLogStream", "logs:DeleteMetricFilter", "logs:DeleteQueryDefinition", "logs:DeleteResourcePolicy", "logs:DeleteRetentionPolicy", "logs:DeleteSubscriptionFilter", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:DisassociateKmsKey", "logs:FilterLogEvents", "logs:GetDataProtectionPolicy", "logs:GetDelivery", "logs:GetDeliveryDestination", "logs:GetDeliveryDestinationPolicy", "logs:GetDeliverySource", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetLogRecord", "logs:GetQueryResults", "logs:Link", "logs:ListAnomalies", "logs:ListLogAnomalyDetectors", "logs:ListLogDeliveries", "logs:ListTagsForResource", "logs:ListTagsLogGroup", "logs:PutAccountPolicy", "logs:PutDataProtectionPolicy", "logs:PutDeliveryDestination", "logs:PutDeliveryDestinationPolicy", "logs:PutDeliverySource", "logs:PutDestination", "logs:PutDestinationPolicy", "logs:PutLogEvents", "logs:PutMetricFilter", "logs:PutQueryDefinition", "logs:PutResourcePolicy", "logs:PutRetentionPolicy", "logs:PutSubscriptionFilter", "logs:StartLiveTail", "logs:StartQuery", "logs:StopLiveTail", "logs:StopQuery", "logs:TagLogGroup", "logs:TagResource", "logs:TestMetricFilter", "logs:Unmask", "logs:UntagLogGroup", "logs:UntagResource", "logs:UpdateAnomaly", "logs:UpdateLogAnomalyDetector", "logs:UpdateLogDelivery" ], "malformed": false, "name": "AmazonEverestServicePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonCloudWatchRUMReadOnlyAccess", "createdate": "2022-10-28T18:12:58Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "rum:GetAppMonitor", "rum:GetAppMonitorData", "rum:ListAppMonitors", "rum:ListRumMetricsDestinations", "rum:BatchGetRumMetricDefinitions" ], "malformed": false, "name": "AmazonCloudWatchRUMReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-10-28T18:12:58+00:00", "version": "v2" }, { "access_levels": [ "List", "Write" ], "arn": null, "createdate": "2017-11-07T19:14:10Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [ "ec2:DescribeImages", "ec2:DescribeSubnets", "ec2:RequestSpotInstances", "ec2:TerminateInstances", "ec2:DescribeInstanceStatus", "iam:PassRole", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:RegisterTargets" ], "malformed": false, "name": "AmazonEC2SpotFleetRole", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v4" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonOpenSearchServiceCognitoAccess", "createdate": "2021-12-20T14:04:18Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "cognito-idp:DescribeUserPool", "cognito-idp:CreateUserPoolClient", "cognito-idp:DeleteUserPoolClient", "cognito-idp:UpdateUserPoolClient", "cognito-idp:DescribeUserPoolClient", "cognito-idp:AdminInitiateAuth", "cognito-idp:AdminUserGlobalSignOut", "cognito-idp:ListUserPoolClients", "cognito-identity:DescribeIdentityPool", "cognito-identity:UpdateIdentityPool", "cognito-identity:GetIdentityPoolRoles", "iam:PassRole", "cognito-identity:SetIdentityPoolRoles" ], "malformed": false, "name": "AmazonOpenSearchServiceCognitoAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-12-20T14:04:18+00:00", "version": "v2" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSEC2SpotServiceRolePolicy", "createdate": "2018-12-12T00:13:51Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeInstances", "ec2:StartInstances", "ec2:StopInstances", "ec2:RunInstances", "iam:PassRole", "ec2:CreateTags" ], "malformed": false, "name": "AWSEC2SpotServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-12-12T00:13:51+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/Route53ResolverServiceRolePolicy", "createdate": "2020-08-12T17:47:24Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:CreateLogDelivery", "logs:GetLogDelivery", "logs:UpdateLogDelivery", "logs:DeleteLogDelivery", "logs:ListLogDeliveries", "logs:DescribeResourcePolicies", "logs:DescribeLogGroups", "s3:GetBucketPolicy" ], "malformed": false, "name": "Route53ResolverServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-08-12T17:47:24+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonAugmentedAIHumanLoopFullAccess", "createdate": "2019-12-03T16:20:47Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "sagemaker:DeleteHumanLoop", "sagemaker:DescribeHumanLoop", "sagemaker:StartHumanLoop", "sagemaker:StopHumanLoop", "sagemaker:ListHumanLoops" ], "malformed": false, "name": "AmazonAugmentedAIHumanLoopFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-12-03T16:20:47+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy", "createdate": "2020-12-15T17:28:15Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudfront:ListCachePolicies", "cloudfront:ListCloudFrontOriginAccessIdentities", "cloudfront:ListConflictingAliases", "cloudfront:ListContinuousDeploymentPolicies", "cloudfront:ListDistributions", "cloudfront:ListDistributionsByCachePolicyId", "cloudfront:ListDistributionsByKeyGroup", "cloudfront:ListDistributionsByLambdaFunction", "cloudfront:ListDistributionsByOriginRequestPolicyId", "cloudfront:ListDistributionsByRealtimeLogConfig", "cloudfront:ListDistributionsByResponseHeadersPolicyId", "cloudfront:ListDistributionsByWebACLId", "cloudfront:ListFieldLevelEncryptionConfigs", "cloudfront:ListFieldLevelEncryptionProfiles", "cloudfront:ListFunctions", "cloudfront:ListInvalidations", "cloudfront:ListKeyGroups", "cloudfront:ListKeyValueStores", "cloudfront:ListOriginAccessControls", "cloudfront:ListOriginRequestPolicies", "cloudfront:ListPublicKeys", "cloudfront:ListRateCards", "cloudfront:ListRealtimeLogConfigs", "cloudfront:ListResponseHeadersPolicies", "cloudfront:ListSavingsPlans", "cloudfront:ListStreamingDistributions", "cloudfront:ListTagsForResource", "cloudfront:ListUsages", "route53:ListCidrBlocks", "route53:ListCidrCollections", "route53:ListCidrLocations", "route53:ListGeoLocations", "route53:ListHealthChecks", "route53:ListHostedZones", "route53:ListHostedZonesByName", "route53:ListHostedZonesByVPC", "route53:ListQueryLoggingConfigs", "route53:ListResourceRecordSets", "route53:ListReusableDelegationSets", "route53:ListTagsForResource", "route53:ListTagsForResources", "route53:ListTrafficPolicies", "route53:ListTrafficPolicyInstances", "route53:ListTrafficPolicyInstancesByHostedZone", "route53:ListTrafficPolicyInstancesByPolicy", "route53:ListTrafficPolicyVersions", "route53:ListVPCAssociationAuthorizations", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "cloudfront:GetDistribution", "cloudfront:GetDistributionConfig", "globalaccelerator:ListAccelerators", "globalaccelerator:DescribeAccelerator", "ec2:DescribeRegions", "ec2:DescribeAddresses", "shield:AssociateDRTLogBucket", "shield:AssociateDRTRole", "shield:AssociateHealthCheck", "shield:AssociateProactiveEngagementDetails", "shield:CreateProtection", "shield:CreateProtectionGroup", "shield:CreateSubscription", "shield:DeleteProtection", "shield:DeleteProtectionGroup", "shield:DeleteSubscription", "shield:DescribeAttack", "shield:DescribeAttackStatistics", "shield:DescribeDRTAccess", "shield:DescribeEmergencyContactSettings", "shield:DescribeProtection", "shield:DescribeProtectionGroup", "shield:DescribeSubscription", "shield:DisableApplicationLayerAutomaticResponse", "shield:DisableProactiveEngagement", "shield:DisassociateDRTLogBucket", "shield:DisassociateDRTRole", "shield:DisassociateHealthCheck", "shield:EnableApplicationLayerAutomaticResponse", "shield:EnableProactiveEngagement", "shield:GetSubscriptionState", "shield:ListAttacks", "shield:ListProtectionGroups", "shield:ListProtections", "shield:ListResourcesInProtectionGroup", "shield:ListTagsForResource", "shield:TagResource", "shield:UntagResource", "shield:UpdateApplicationLayerAutomaticResponse", "shield:UpdateEmergencyContactSettings", "shield:UpdateProtectionGroup", "shield:UpdateSubscription", "waf:CreateByteMatchSet", "waf:CreateGeoMatchSet", "waf:CreateIPSet", "waf:CreateRateBasedRule", "waf:CreateRegexMatchSet", "waf:CreateRegexPatternSet", "waf:CreateRule", "waf:CreateRuleGroup", "waf:CreateSizeConstraintSet", "waf:CreateSqlInjectionMatchSet", "waf:CreateWebACL", "waf:CreateWebACLMigrationStack", "waf:CreateXssMatchSet", "waf:DeleteByteMatchSet", "waf:DeleteGeoMatchSet", "waf:DeleteIPSet", "waf:DeleteLoggingConfiguration", "waf:DeletePermissionPolicy", "waf:DeleteRateBasedRule", "waf:DeleteRegexMatchSet", "waf:DeleteRegexPatternSet", "waf:DeleteRule", "waf:DeleteRuleGroup", "waf:DeleteSizeConstraintSet", "waf:DeleteSqlInjectionMatchSet", "waf:DeleteWebACL", "waf:DeleteXssMatchSet", "waf:GetByteMatchSet", "waf:GetChangeToken", "waf:GetChangeTokenStatus", "waf:GetGeoMatchSet", "waf:GetIPSet", "waf:GetLoggingConfiguration", "waf:GetPermissionPolicy", "waf:GetRateBasedRule", "waf:GetRateBasedRuleManagedKeys", "waf:GetRegexMatchSet", "waf:GetRegexPatternSet", "waf:GetRule", "waf:GetRuleGroup", "waf:GetSampledRequests", "waf:GetSizeConstraintSet", "waf:GetSqlInjectionMatchSet", "waf:GetWebACL", "waf:GetXssMatchSet", "waf:ListActivatedRulesInRuleGroup", "waf:ListByteMatchSets", "waf:ListGeoMatchSets", "waf:ListIPSets", "waf:ListLoggingConfigurations", "waf:ListRateBasedRules", "waf:ListRegexMatchSets", "waf:ListRegexPatternSets", "waf:ListRuleGroups", "waf:ListRules", "waf:ListSizeConstraintSets", "waf:ListSqlInjectionMatchSets", "waf:ListSubscribedRuleGroups", "waf:ListTagsForResource", "waf:ListWebACLs", "waf:ListXssMatchSets", "waf:PutLoggingConfiguration", "waf:PutPermissionPolicy", "waf:TagResource", "waf:UntagResource", "waf:UpdateByteMatchSet", "waf:UpdateGeoMatchSet", "waf:UpdateIPSet", "waf:UpdateRateBasedRule", "waf:UpdateRegexMatchSet", "waf:UpdateRegexPatternSet", "waf:UpdateRule", "waf:UpdateRuleGroup", "waf:UpdateSizeConstraintSet", "waf:UpdateSqlInjectionMatchSet", "waf:UpdateWebACL", "waf:UpdateXssMatchSet", "wafv2:AssociateWebACL", "wafv2:CheckCapacity", "wafv2:CreateAPIKey", "wafv2:CreateIPSet", "wafv2:CreateRegexPatternSet", "wafv2:CreateRuleGroup", "wafv2:CreateWebACL", "wafv2:DeleteAPIKey", "wafv2:DeleteFirewallManagerRuleGroups", "wafv2:DeleteIPSet", "wafv2:DeleteLoggingConfiguration", "wafv2:DeletePermissionPolicy", "wafv2:DeleteRegexPatternSet", "wafv2:DeleteRuleGroup", "wafv2:DeleteWebACL", "wafv2:DescribeAllManagedProducts", "wafv2:DescribeManagedProductsByVendor", "wafv2:DescribeManagedRuleGroup", "wafv2:DisassociateFirewallManager", "wafv2:DisassociateWebACL", "wafv2:GenerateMobileSdkReleaseUrl", "wafv2:GetDecryptedAPIKey", "wafv2:GetIPSet", "wafv2:GetLoggingConfiguration", "wafv2:GetManagedRuleSet", "wafv2:GetMobileSdkRelease", "wafv2:GetPermissionPolicy", "wafv2:GetRateBasedStatementManagedKeys", "wafv2:GetRegexPatternSet", "wafv2:GetRuleGroup", "wafv2:GetSampledRequests", "wafv2:GetWebACL", "wafv2:GetWebACLForResource", "wafv2:ListAPIKeys", "wafv2:ListAvailableManagedRuleGroupVersions", "wafv2:ListAvailableManagedRuleGroups", "wafv2:ListIPSets", "wafv2:ListLoggingConfigurations", "wafv2:ListManagedRuleSets", "wafv2:ListMobileSdkReleases", "wafv2:ListRegexPatternSets", "wafv2:ListResourcesForWebACL", "wafv2:ListRuleGroups", "wafv2:ListTagsForResource", "wafv2:ListWebACLs", "wafv2:PutFirewallManagerRuleGroups", "wafv2:PutLoggingConfiguration", "wafv2:PutManagedRuleSetVersions", "wafv2:PutPermissionPolicy", "wafv2:TagResource", "wafv2:UntagResource", "wafv2:UpdateIPSet", "wafv2:UpdateManagedRuleSetVersionExpiryDate", "wafv2:UpdateRegexPatternSet", "wafv2:UpdateRuleGroup", "wafv2:UpdateWebACL", "waf-regional:AssociateWebACL", "waf-regional:CreateByteMatchSet", "waf-regional:CreateGeoMatchSet", "waf-regional:CreateIPSet", "waf-regional:CreateRateBasedRule", "waf-regional:CreateRegexMatchSet", "waf-regional:CreateRegexPatternSet", "waf-regional:CreateRule", "waf-regional:CreateRuleGroup", "waf-regional:CreateSizeConstraintSet", "waf-regional:CreateSqlInjectionMatchSet", "waf-regional:CreateWebACL", "waf-regional:CreateWebACLMigrationStack", "waf-regional:CreateXssMatchSet", "waf-regional:DeleteByteMatchSet", "waf-regional:DeleteGeoMatchSet", "waf-regional:DeleteIPSet", "waf-regional:DeleteLoggingConfiguration", "waf-regional:DeletePermissionPolicy", "waf-regional:DeleteRateBasedRule", "waf-regional:DeleteRegexMatchSet", "waf-regional:DeleteRegexPatternSet", "waf-regional:DeleteRule", "waf-regional:DeleteRuleGroup", "waf-regional:DeleteSizeConstraintSet", "waf-regional:DeleteSqlInjectionMatchSet", "waf-regional:DeleteWebACL", "waf-regional:DeleteXssMatchSet", "waf-regional:DisassociateWebACL", "waf-regional:GetByteMatchSet", "waf-regional:GetChangeToken", "waf-regional:GetChangeTokenStatus", "waf-regional:GetGeoMatchSet", "waf-regional:GetIPSet", "waf-regional:GetLoggingConfiguration", "waf-regional:GetPermissionPolicy", "waf-regional:GetRateBasedRule", "waf-regional:GetRateBasedRuleManagedKeys", "waf-regional:GetRegexMatchSet", "waf-regional:GetRegexPatternSet", "waf-regional:GetRule", "waf-regional:GetRuleGroup", "waf-regional:GetSampledRequests", "waf-regional:GetSizeConstraintSet", "waf-regional:GetSqlInjectionMatchSet", "waf-regional:GetWebACL", "waf-regional:GetWebACLForResource", "waf-regional:GetXssMatchSet", "waf-regional:ListActivatedRulesInRuleGroup", "waf-regional:ListByteMatchSets", "waf-regional:ListGeoMatchSets", "waf-regional:ListIPSets", "waf-regional:ListLoggingConfigurations", "waf-regional:ListRateBasedRules", "waf-regional:ListRegexMatchSets", "waf-regional:ListRegexPatternSets", "waf-regional:ListResourcesForWebACL", "waf-regional:ListRuleGroups", "waf-regional:ListRules", "waf-regional:ListSizeConstraintSets", "waf-regional:ListSqlInjectionMatchSets", "waf-regional:ListSubscribedRuleGroups", "waf-regional:ListTagsForResource", "waf-regional:ListWebACLs", "waf-regional:ListXssMatchSets", "waf-regional:PutLoggingConfiguration", "waf-regional:PutPermissionPolicy", "waf-regional:TagResource", "waf-regional:UntagResource", "waf-regional:UpdateByteMatchSet", "waf-regional:UpdateGeoMatchSet", "waf-regional:UpdateIPSet", "waf-regional:UpdateRateBasedRule", "waf-regional:UpdateRegexMatchSet", "waf-regional:UpdateRegexPatternSet", "waf-regional:UpdateRule", "waf-regional:UpdateRuleGroup", "waf-regional:UpdateSizeConstraintSet", "waf-regional:UpdateSqlInjectionMatchSet", "waf-regional:UpdateWebACL", "waf-regional:UpdateXssMatchSet", "elasticloadbalancing:SetWebAcl", "cloudfront:UpdateDistribution", "apigateway:SetWebACL" ], "malformed": false, "name": "AWSShieldDRTAccessPolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-15T17:28:15+00:00", "version": "v6" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/service-role/GreengrassOTAUpdateArtifactAccess", "createdate": "2018-12-18T00:59:43Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:GetObject" ], "malformed": false, "name": "GreengrassOTAUpdateArtifactAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-12-18T00:59:43+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonMachineLearningFullAccess", "createdate": "2015-04-09T17:25:41Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "machinelearning:AddTags", "machinelearning:CreateBatchPrediction", "machinelearning:CreateDataSourceFromRDS", "machinelearning:CreateDataSourceFromRedshift", "machinelearning:CreateDataSourceFromS3", "machinelearning:CreateEvaluation", "machinelearning:CreateMLModel", "machinelearning:CreateRealtimeEndpoint", "machinelearning:DeleteBatchPrediction", "machinelearning:DeleteDataSource", "machinelearning:DeleteEvaluation", "machinelearning:DeleteMLModel", "machinelearning:DeleteRealtimeEndpoint", "machinelearning:DeleteTags", "machinelearning:DescribeBatchPredictions", "machinelearning:DescribeDataSources", "machinelearning:DescribeEvaluations", "machinelearning:DescribeMLModels", "machinelearning:DescribeTags", "machinelearning:GetBatchPrediction", "machinelearning:GetDataSource", "machinelearning:GetEvaluation", "machinelearning:GetMLModel", "machinelearning:Predict", "machinelearning:UpdateBatchPrediction", "machinelearning:UpdateDataSource", "machinelearning:UpdateEvaluation", "machinelearning:UpdateMLModel" ], "malformed": false, "name": "AmazonMachineLearningFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-04-09T17:25:41+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/WAFLoggingServiceRolePolicy", "createdate": "2018-08-24T21:05:47Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "firehose:PutRecord", "firehose:PutRecordBatch" ], "malformed": false, "name": "WAFLoggingServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-08-24T21:05:47+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSIoTConfigAccess", "createdate": "2019-09-27T20:48:00Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iot:AcceptCertificateTransfer", "iot:AddThingToThingGroup", "iot:AssociateTargetsWithJob", "iot:AttachPolicy", "iot:AttachPrincipalPolicy", "iot:AttachThingPrincipal", "iot:CancelCertificateTransfer", "iot:CancelJob", "iot:CancelJobExecution", "iot:ClearDefaultAuthorizer", "iot:CreateAuthorizer", "iot:CreateCertificateFromCsr", "iot:CreateJob", "iot:CreateKeysAndCertificate", "iot:CreateOTAUpdate", "iot:CreatePolicy", "iot:CreatePolicyVersion", "iot:CreateRoleAlias", "iot:CreateStream", "iot:CreateThing", "iot:CreateThingGroup", "iot:CreateThingType", "iot:CreateTopicRule", "iot:DeleteAuthorizer", "iot:DeleteCACertificate", "iot:DeleteCertificate", "iot:DeleteJob", "iot:DeleteJobExecution", "iot:DeleteOTAUpdate", "iot:DeletePolicy", "iot:DeletePolicyVersion", "iot:DeleteRegistrationCode", "iot:DeleteRoleAlias", "iot:DeleteStream", "iot:DeleteThing", "iot:DeleteThingGroup", "iot:DeleteThingType", "iot:DeleteTopicRule", "iot:DeleteV2LoggingLevel", "iot:DeprecateThingType", "iot:DescribeAuthorizer", "iot:DescribeCACertificate", "iot:DescribeCertificate", "iot:DescribeDefaultAuthorizer", "iot:DescribeEndpoint", "iot:DescribeEventConfigurations", "iot:DescribeIndex", "iot:DescribeJob", "iot:DescribeJobExecution", "iot:DescribeRoleAlias", "iot:DescribeStream", "iot:DescribeThing", "iot:DescribeThingGroup", "iot:DescribeThingRegistrationTask", "iot:DescribeThingType", "iot:DetachPolicy", "iot:DetachPrincipalPolicy", "iot:DetachThingPrincipal", "iot:DisableTopicRule", "iot:EnableTopicRule", "iot:GetEffectivePolicies", "iot:GetIndexingConfiguration", "iot:GetJobDocument", "iot:GetLoggingOptions", "iot:GetOTAUpdate", "iot:GetPolicy", "iot:GetPolicyVersion", "iot:GetRegistrationCode", "iot:GetTopicRule", "iot:GetV2LoggingOptions", "iot:ListAttachedPolicies", "iot:ListAuthorizers", "iot:ListCACertificates", "iot:ListCertificates", "iot:ListCertificatesByCA", "iot:ListIndices", "iot:ListJobExecutionsForJob", "iot:ListJobExecutionsForThing", "iot:ListJobs", "iot:ListOTAUpdates", "iot:ListOutgoingCertificates", "iot:ListPolicies", "iot:ListPolicyPrincipals", "iot:ListPolicyVersions", "iot:ListPrincipalPolicies", "iot:ListPrincipalThings", "iot:ListRoleAliases", "iot:ListStreams", "iot:ListTargetsForPolicy", "iot:ListThingGroups", "iot:ListThingGroupsForThing", "iot:ListThingPrincipals", "iot:ListThingRegistrationTaskReports", "iot:ListThingRegistrationTasks", "iot:ListThings", "iot:ListThingsInThingGroup", "iot:ListThingTypes", "iot:ListTopicRules", "iot:ListV2LoggingLevels", "iot:RegisterCACertificate", "iot:RegisterCertificate", "iot:RegisterThing", "iot:RejectCertificateTransfer", "iot:RemoveThingFromThingGroup", "iot:ReplaceTopicRule", "iot:SearchIndex", "iot:SetDefaultAuthorizer", "iot:SetDefaultPolicyVersion", "iot:SetLoggingOptions", "iot:SetV2LoggingLevel", "iot:SetV2LoggingOptions", "iot:StartThingRegistrationTask", "iot:StopThingRegistrationTask", "iot:TestAuthorization", "iot:TestInvokeAuthorizer", "iot:TransferCertificate", "iot:UpdateAuthorizer", "iot:UpdateCACertificate", "iot:UpdateCertificate", "iot:UpdateEventConfigurations", "iot:UpdateIndexingConfiguration", "iot:UpdateRoleAlias", "iot:UpdateStream", "iot:UpdateThing", "iot:UpdateThingGroup", "iot:UpdateThingGroupsForThing", "iot:UpdateAccountAuditConfiguration", "iot:DescribeAccountAuditConfiguration", "iot:DeleteAccountAuditConfiguration", "iot:StartOnDemandAuditTask", "iot:CancelAuditTask", "iot:DescribeAuditTask", "iot:ListAuditTasks", "iot:CreateScheduledAudit", "iot:UpdateScheduledAudit", "iot:DeleteScheduledAudit", "iot:DescribeScheduledAudit", "iot:ListScheduledAudits", "iot:ListAuditFindings", "iot:CreateSecurityProfile", "iot:DescribeSecurityProfile", "iot:UpdateSecurityProfile", "iot:DeleteSecurityProfile", "iot:AttachSecurityProfile", "iot:DetachSecurityProfile", "iot:ListSecurityProfiles", "iot:ListSecurityProfilesForTarget", "iot:ListTargetsForSecurityProfile", "iot:ListActiveViolations", "iot:ListViolationEvents", "iot:ValidateSecurityProfileBehaviors" ], "malformed": false, "name": "AWSIoTConfigAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-09-27T20:48:00+00:00", "version": "v9" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management", "Unknown" ], "arn": "arn:aws:iam::aws:policy/AmazonElasticMapReduceFullAccess", "createdate": "2019-10-11T15:19:30Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudwatch:BatchGetServiceLevelIndicatorReport", "cloudwatch:BatchGetServiceLevelObjectiveBudgetReport", "cloudwatch:CreateServiceLevelObjective", "cloudwatch:DeleteAlarms", "cloudwatch:DeleteAnomalyDetector", "cloudwatch:DeleteDashboards", "cloudwatch:DeleteInsightRules", "cloudwatch:DeleteMetricStream", "cloudwatch:DeleteServiceLevelObjective", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:DisableAlarmActions", "cloudwatch:DisableInsightRules", "cloudwatch:EnableAlarmActions", "cloudwatch:EnableInsightRules", "cloudwatch:EnableTopologyDiscovery", "cloudwatch:GenerateQuery", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:Link", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "cloudwatch:PutAnomalyDetector", "cloudwatch:PutCompositeAlarm", "cloudwatch:PutDashboard", "cloudwatch:PutInsightRule", "cloudwatch:PutManagedInsightRules", "cloudwatch:PutMetricAlarm", "cloudwatch:PutMetricData", "cloudwatch:PutMetricStream", "cloudwatch:SetAlarmState", "cloudwatch:StartMetricStreams", "cloudwatch:StopMetricStreams", "cloudwatch:TagResource", "cloudwatch:UntagResource", "cloudwatch:UpdateServiceLevelObjective", "cloudformation:CreateStack", "cloudformation:DescribeStackEvents", "ec2:AuthorizeSecurityGroupIngress", "ec2:AuthorizeSecurityGroupEgress", "ec2:CancelSpotInstanceRequests", "ec2:CreateRoute", "ec2:CreateSecurityGroup", "ec2:CreateTags", "ec2:DeleteRoute", "ec2:DeleteTags", "ec2:DeleteSecurityGroup", "ec2:DescribeAvailabilityZones", "ec2:DescribeAccountAttributes", "ec2:DescribeInstances", "ec2:DescribeKeyPairs", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcs", "ec2:DescribeRouteTables", "ec2:DescribeNetworkAcls", "ec2:CreateVpcEndpoint", "ec2:ModifyImageAttribute", "ec2:ModifyInstanceAttribute", "ec2:RequestSpotInstances", "ec2:RevokeSecurityGroupEgress", "ec2:RunInstances", "ec2:TerminateInstances", "elasticmapreduce:AddInstanceFleet", "elasticmapreduce:AddInstanceGroups", "elasticmapreduce:AddJobFlowSteps", "elasticmapreduce:AddTags", "elasticmapreduce:AttachEditor", "elasticmapreduce:CancelSteps", "elasticmapreduce:CreateEditor", "elasticmapreduce:CreatePersistentAppUI", "elasticmapreduce:CreateRepository", "elasticmapreduce:CreateSecurityConfiguration", "elasticmapreduce:CreateStudio", "elasticmapreduce:CreateStudioPresignedUrl", "elasticmapreduce:CreateStudioSessionMapping", "elasticmapreduce:DeleteEditor", "elasticmapreduce:DeleteRepository", "elasticmapreduce:DeleteSecurityConfiguration", "elasticmapreduce:DeleteStudio", "elasticmapreduce:DeleteStudioSessionMapping", "elasticmapreduce:DeleteWorkspaceAccess", "elasticmapreduce:DescribeCluster", "elasticmapreduce:DescribeEditor", "elasticmapreduce:DescribeJobFlows", "elasticmapreduce:DescribeNotebookExecution", "elasticmapreduce:DescribePersistentAppUI", "elasticmapreduce:DescribeReleaseLabel", "elasticmapreduce:DescribeRepository", "elasticmapreduce:DescribeSecurityConfiguration", "elasticmapreduce:DescribeStep", "elasticmapreduce:DescribeStudio", "elasticmapreduce:DetachEditor", "elasticmapreduce:GetAutoTerminationPolicy", "elasticmapreduce:GetBlockPublicAccessConfiguration", "elasticmapreduce:GetClusterSessionCredentials", "elasticmapreduce:GetManagedScalingPolicy", "elasticmapreduce:GetOnClusterAppUIPresignedURL", "elasticmapreduce:GetPersistentAppUIPresignedURL", "elasticmapreduce:GetStudioSessionMapping", "elasticmapreduce:LinkRepository", "elasticmapreduce:ListBootstrapActions", "elasticmapreduce:ListClusters", "elasticmapreduce:ListEditors", "elasticmapreduce:ListInstanceFleets", "elasticmapreduce:ListInstanceGroups", "elasticmapreduce:ListInstances", "elasticmapreduce:ListNotebookExecutions", "elasticmapreduce:ListReleaseLabels", "elasticmapreduce:ListRepositories", "elasticmapreduce:ListSecurityConfigurations", "elasticmapreduce:ListSteps", "elasticmapreduce:ListStudioSessionMappings", "elasticmapreduce:ListStudios", "elasticmapreduce:ListSupportedInstanceTypes", "elasticmapreduce:ListWorkspaceAccessIdentities", "elasticmapreduce:ModifyCluster", "elasticmapreduce:ModifyInstanceFleet", "elasticmapreduce:ModifyInstanceGroups", "elasticmapreduce:OpenEditorInConsole", "elasticmapreduce:PutAutoScalingPolicy", "elasticmapreduce:PutAutoTerminationPolicy", "elasticmapreduce:PutBlockPublicAccessConfiguration", "elasticmapreduce:PutManagedScalingPolicy", "elasticmapreduce:PutWorkspaceAccess", "elasticmapreduce:RemoveAutoScalingPolicy", "elasticmapreduce:RemoveAutoTerminationPolicy", "elasticmapreduce:RemoveManagedScalingPolicy", "elasticmapreduce:RemoveTags", "elasticmapreduce:RunJobFlow", "elasticmapreduce:SetKeepJobFlowAliveWhenNoSteps", "elasticmapreduce:SetTerminationProtection", "elasticmapreduce:SetUnhealthyNodeReplacement", "elasticmapreduce:SetVisibleToAllUsers", "elasticmapreduce:StartEditor", "elasticmapreduce:StartNotebookExecution", "elasticmapreduce:StopEditor", "elasticmapreduce:StopNotebookExecution", "elasticmapreduce:TerminateJobFlows", "elasticmapreduce:UnlinkRepository", "elasticmapreduce:UpdateEditor", "elasticmapreduce:UpdateRepository", "elasticmapreduce:UpdateStudio", "elasticmapreduce:UpdateStudioSessionMapping", "elasticmapreduce:ViewEventsFromAllClustersInConsole", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:ListRoles", "iam:PassRole", "kms:ListAliases", "kms:ListGrants", "kms:ListKeyPolicies", "kms:ListKeyRotations", "kms:ListKeys", "kms:ListResourceTags", "kms:ListRetirableGrants", "s3:AbortMultipartUpload", "s3:AssociateAccessGrantsIdentityCenter", "s3:BypassGovernanceRetention", "s3:CreateAccessGrant", "s3:CreateAccessGrantsInstance", "s3:CreateAccessGrantsLocation", "s3:CreateAccessPoint", "s3:CreateAccessPointForObjectLambda", "s3:CreateBucket", "s3:CreateJob", "s3:CreateMultiRegionAccessPoint", "s3:CreateStorageLensGroup", "s3:DeleteAccessGrant", "s3:DeleteAccessGrantsInstance", "s3:DeleteAccessGrantsInstanceResourcePolicy", "s3:DeleteAccessGrantsLocation", "s3:DeleteAccessPoint", "s3:DeleteAccessPointForObjectLambda", "s3:DeleteAccessPointPolicy", "s3:DeleteAccessPointPolicyForObjectLambda", "s3:DeleteBucket", "s3:DeleteBucketPolicy", "s3:DeleteBucketWebsite", "s3:DeleteIntelligentTieringConfiguration", "s3:DeleteJobTagging", "s3:DeleteMultiRegionAccessPoint", "s3:DeleteObject", "s3:DeleteObjectTagging", "s3:DeleteObjectVersion", "s3:DeleteObjectVersionTagging", "s3:DeleteStorageLensConfiguration", "s3:DeleteStorageLensConfigurationTagging", "s3:DeleteStorageLensGroup", "s3:DescribeJob", "s3:DescribeMultiRegionAccessPointOperation", "s3:DissociateAccessGrantsIdentityCenter", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:InitiateReplication", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:ObjectOwnerOverrideToBucketOwner", "s3:PutAccelerateConfiguration", "s3:PutAccessGrantsInstanceResourcePolicy", "s3:PutAccessPointConfigurationForObjectLambda", "s3:PutAccessPointPolicy", "s3:PutAccessPointPolicyForObjectLambda", "s3:PutAccessPointPublicAccessBlock", "s3:PutAccountPublicAccessBlock", "s3:PutAnalyticsConfiguration", "s3:PutBucketAcl", "s3:PutBucketCORS", "s3:PutBucketLogging", "s3:PutBucketNotification", "s3:PutBucketObjectLockConfiguration", "s3:PutBucketOwnershipControls", "s3:PutBucketPolicy", "s3:PutBucketPublicAccessBlock", "s3:PutBucketRequestPayment", "s3:PutBucketTagging", "s3:PutBucketVersioning", "s3:PutBucketWebsite", "s3:PutEncryptionConfiguration", "s3:PutIntelligentTieringConfiguration", "s3:PutInventoryConfiguration", "s3:PutJobTagging", "s3:PutLifecycleConfiguration", "s3:PutMetricsConfiguration", "s3:PutMultiRegionAccessPointPolicy", "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionAcl", "s3:PutObjectVersionTagging", "s3:PutReplicationConfiguration", "s3:PutStorageLensConfiguration", "s3:PutStorageLensConfigurationTagging", "s3:ReplicateDelete", "s3:ReplicateObject", "s3:ReplicateTags", "s3:RestoreObject", "s3:SubmitMultiRegionAccessPointRoutes", "s3:TagResource", "s3:UntagResource", "s3:UpdateAccessGrantsLocation", "s3:UpdateJobPriority", "s3:UpdateJobStatus", "s3:UpdateStorageLensGroup", "sdb:BatchDeleteAttributes", "sdb:BatchPutAttributes", "sdb:CreateDomain", "sdb:DeleteAttributes", "sdb:DeleteDomain", "sdb:DomainMetadata", "sdb:GetAttributes", "sdb:ListDomains", "sdb:PutAttributes", "sdb:Select", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonElasticMapReduceFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": true, "unknown_actions": false, "updatedate": "2019-10-11T15:19:30+00:00", "version": "v7" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSPurchaseOrdersServiceRolePolicy", "createdate": "2023-07-17T18:59:18Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "account:GetAccountInformation", "account:GetContactInformation", "aws-portal:ModifyBilling", "aws-portal:ViewBilling", "consolidatedbilling:GetAccountBillingRole", "invoicing:GetInvoicePDF", "payments:GetPaymentInstrument", "payments:ListPaymentPreferences", "purchase-orders:AddPurchaseOrder", "purchase-orders:DeletePurchaseOrder", "purchase-orders:GetPurchaseOrder", "purchase-orders:ListPurchaseOrderInvoices", "purchase-orders:ListPurchaseOrders", "purchase-orders:ListTagsForResource", "purchase-orders:ModifyPurchaseOrders", "purchase-orders:TagResource", "purchase-orders:UntagResource", "purchase-orders:UpdatePurchaseOrder", "purchase-orders:UpdatePurchaseOrderStatus", "purchase-orders:ViewPurchaseOrders", "tax:ListTaxRegistrations" ], "malformed": false, "name": "AWSPurchaseOrdersServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-07-17T18:59:18+00:00", "version": "v5" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSDeepRacerDefaultMultiUserAccess", "createdate": "2021-10-28T01:27:13Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "deepracer:AddLeaderboardAccessPermission", "deepracer:RemoveLeaderboardAccessPermission", "deepracer:CreateCar", "deepracer:CreateLeaderboard", "deepracer:CreateLeaderboardAccessToken", "deepracer:CreateLeaderboardSubmission", "deepracer:CreateReinforcementLearningModel", "deepracer:PerformLeaderboardOperation", "deepracer:CloneReinforcementLearningModel", "deepracer:GetAccountConfig", "deepracer:GetAlias", "deepracer:GetAssetUrl", "deepracer:GetCar", "deepracer:GetCars", "deepracer:GetEvaluation", "deepracer:GetLatestUserSubmission", "deepracer:GetLeaderboard", "deepracer:GetModel", "deepracer:GetPrivateLeaderboard", "deepracer:GetRankedUserSubmission", "deepracer:GetTrack", "deepracer:GetTrainingJob", "deepracer:ListEvaluations", "deepracer:ListLeaderboardEvaluations", "deepracer:ListLeaderboardSubmissions", "deepracer:ListLeaderboards", "deepracer:ListModels", "deepracer:ListPrivateLeaderboardParticipants", "deepracer:ListPrivateLeaderboards", "deepracer:ListSubscribedPrivateLeaderboards", "deepracer:ListTagsForResource", "deepracer:ListTracks", "deepracer:ListTrainingJobs", "deepracer:EditLeaderboard", "deepracer:StartEvaluation", "deepracer:SetAlias", "deepracer:UpdateCar", "deepracer:DeleteLeaderboard", "deepracer:DeleteModel", "deepracer:StopEvaluation", "deepracer:StopTrainingReinforcementLearningModel", "deepracer:ImportModel", "deepracer:TagResource", "deepracer:UntagResource", "deepracer:GetAccountConfig", "deepracer:GetTrack", "deepracer:ListTracks", "deepracer:TestRewardFunction" ], "malformed": false, "name": "AWSDeepRacerDefaultMultiUserAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-10-28T01:27:13+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforAWSCodeDeployLimited", "createdate": "2022-01-20T21:37:31Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:GetObject", "s3:GetObjectVersion", "s3:ListBucket", "s3:GetObject", "s3:GetObjectVersion" ], "malformed": false, "name": "AmazonEC2RoleforAWSCodeDeployLimited", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-01-20T21:37:31+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/CloudWatchEventsServiceRolePolicy", "createdate": "2017-11-17T00:42:04Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:DescribeAlarms", "ec2:DescribeInstanceStatus", "ec2:DescribeInstances", "ec2:DescribeSnapshots", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:RebootInstances", "ec2:StopInstances", "ec2:TerminateInstances", "ec2:CreateSnapshot" ], "malformed": false, "name": "CloudWatchEventsServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-11-17T00:42:04+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonConnectVoiceIDFullAccess", "createdate": "2021-09-26T19:04:10Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "voiceid:AssociateFraudster", "voiceid:CreateDomain", "voiceid:CreateWatchlist", "voiceid:DeleteDomain", "voiceid:DeleteFraudster", "voiceid:DeleteSpeaker", "voiceid:DeleteWatchlist", "voiceid:DescribeComplianceConsent", "voiceid:DescribeDomain", "voiceid:DescribeFraudster", "voiceid:DescribeFraudsterRegistrationJob", "voiceid:DescribeSpeaker", "voiceid:DescribeSpeakerEnrollmentJob", "voiceid:DescribeWatchlist", "voiceid:DisassociateFraudster", "voiceid:EvaluateSession", "voiceid:ListDomains", "voiceid:ListFraudsterRegistrationJobs", "voiceid:ListFraudsters", "voiceid:ListSpeakerEnrollmentJobs", "voiceid:ListSpeakers", "voiceid:ListTagsForResource", "voiceid:ListWatchlists", "voiceid:OptOutSpeaker", "voiceid:RegisterComplianceConsent", "voiceid:StartFraudsterRegistrationJob", "voiceid:StartSpeakerEnrollmentJob", "voiceid:TagResource", "voiceid:UntagResource", "voiceid:UpdateDomain", "voiceid:UpdateWatchlist" ], "malformed": false, "name": "AmazonConnectVoiceIDFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-09-26T19:04:10+00:00", "version": "v1" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy", "createdate": "2024-03-04T20:20:55Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:AssignPrivateIpAddresses", "ec2:AttachNetworkInterface", "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:DescribeInstances", "ec2:DescribeTags", "ec2:DescribeNetworkInterfaces", "ec2:DescribeInstanceTypes", "ec2:DescribeSubnets", "ec2:DetachNetworkInterface", "ec2:ModifyNetworkInterfaceAttribute", "ec2:UnassignPrivateIpAddresses", "ec2:CreateTags" ], "malformed": false, "name": "AmazonEKS_CNI_Policy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-04T20:20:55+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": null, "createdate": "2015-02-06T18:40:48Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [ "opsworks:AssignInstance", "opsworks:AssignVolume", "opsworks:AssociateElasticIp", "opsworks:AttachElasticLoadBalancer", "opsworks:CloneStack", "opsworks:CreateApp", "opsworks:CreateDeployment", "opsworks:CreateInstance", "opsworks:CreateLayer", "opsworks:CreateStack", "opsworks:CreateUserProfile", "opsworks:DeleteApp", "opsworks:DeleteInstance", "opsworks:DeleteLayer", "opsworks:DeleteStack", "opsworks:DeleteUserProfile", "opsworks:DeregisterEcsCluster", "opsworks:DeregisterElasticIp", "opsworks:DeregisterInstance", "opsworks:DeregisterRdsDbInstance", "opsworks:DeregisterVolume", "opsworks:DescribeAgentVersions", "opsworks:DescribeApps", "opsworks:DescribeCommands", "opsworks:DescribeDeployments", "opsworks:DescribeEcsClusters", "opsworks:DescribeElasticIps", "opsworks:DescribeElasticLoadBalancers", "opsworks:DescribeInstances", "opsworks:DescribeLayers", "opsworks:DescribeLoadBasedAutoScaling", "opsworks:DescribeMyUserProfile", "opsworks:DescribeOperatingSystems", "opsworks:DescribePermissions", "opsworks:DescribeRaidArrays", "opsworks:DescribeRdsDbInstances", "opsworks:DescribeServiceErrors", "opsworks:DescribeStackProvisioningParameters", "opsworks:DescribeStackSummary", "opsworks:DescribeStacks", "opsworks:DescribeTimeBasedAutoScaling", "opsworks:DescribeUserProfiles", "opsworks:DescribeVolumes", "opsworks:DetachElasticLoadBalancer", "opsworks:DisassociateElasticIp", "opsworks:GetHostnameSuggestion", "opsworks:GrantAccess", "opsworks:ListTags", "opsworks:RebootInstance", "opsworks:RegisterEcsCluster", "opsworks:RegisterElasticIp", "opsworks:RegisterInstance", "opsworks:RegisterRdsDbInstance", "opsworks:RegisterVolume", "opsworks:SetLoadBasedAutoScaling", "opsworks:SetPermission", "opsworks:SetTimeBasedAutoScaling", "opsworks:StartInstance", "opsworks:StartStack", "opsworks:StopInstance", "opsworks:StopStack", "opsworks:TagResource", "opsworks:UnassignInstance", "opsworks:UnassignVolume", "opsworks:UntagResource", "opsworks:UpdateApp", "opsworks:UpdateElasticIp", "opsworks:UpdateInstance", "opsworks:UpdateLayer", "opsworks:UpdateMyUserProfile", "opsworks:UpdateRdsDbInstance", "opsworks:UpdateStack", "opsworks:UpdateUserProfile", "opsworks:UpdateVolume", "ec2:DescribeAvailabilityZones", "ec2:DescribeKeyPairs", "ec2:DescribeSecurityGroups", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancers", "iam:GetRolePolicy", "iam:ListInstanceProfiles", "iam:ListRoles", "iam:ListUsers", "iam:PassRole" ], "malformed": false, "name": "AWSOpsWorksFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/CostOptimizationHubAdminAccess", "createdate": "2023-12-19T00:03:51Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cost-optimization-hub:ListEnrollmentStatuses", "cost-optimization-hub:UpdateEnrollmentStatus", "cost-optimization-hub:GetPreferences", "cost-optimization-hub:UpdatePreferences", "cost-optimization-hub:GetRecommendation", "cost-optimization-hub:ListRecommendations", "cost-optimization-hub:ListRecommendationSummaries", "iam:CreateServiceLinkedRole", "organizations:EnableAWSServiceAccess" ], "malformed": false, "name": "CostOptimizationHubAdminAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-19T00:03:51+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForRestores", "createdate": "2023-12-15T22:05:32Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "dynamodb:Scan", "dynamodb:Query", "dynamodb:UpdateItem", "dynamodb:PutItem", "dynamodb:GetItem", "dynamodb:DeleteItem", "dynamodb:BatchWriteItem", "dynamodb:DescribeTable", "dynamodb:RestoreTableFromBackup", "ec2:CreateVolume", "ec2:DeleteVolume", "ec2:DescribeImages", "ec2:DescribeInstances", "ec2:DescribeSnapshots", "ec2:DescribeVolumes", "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DescribeAvailabilityZones", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeInternetGateways", "ec2:DescribeSnapshotTierStatus", "storagegateway:DeleteVolume", "storagegateway:DescribeCachediSCSIVolumes", "storagegateway:DescribeStorediSCSIVolumes", "storagegateway:AddTagsToResource", "storagegateway:DescribeGatewayInformation", "storagegateway:CreateStorediSCSIVolume", "storagegateway:CreateCachediSCSIVolume", "storagegateway:ListVolumes", "rds:DescribeDBInstances", "rds:DescribeDBSnapshots", "rds:ListTagsForResource", "rds:RestoreDBInstanceFromDBSnapshot", "rds:DeleteDBInstance", "rds:AddTagsToResource", "rds:DescribeDBClusters", "rds:RestoreDBClusterFromSnapshot", "rds:DeleteDBCluster", "rds:RestoreDBInstanceToPointInTime", "rds:DescribeDBClusterSnapshots", "rds:RestoreDBClusterToPointInTime", "elasticfilesystem:Restore", "elasticfilesystem:CreateFileSystem", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DeleteFileSystem", "elasticfilesystem:TagResource", "kms:DescribeKey", "kms:Decrypt", "kms:Encrypt", "kms:GenerateDataKey", "kms:ReEncryptTo", "kms:ReEncryptFrom", "kms:GenerateDataKeyWithoutPlaintext", "kms:CreateGrant", "ebs:CompleteSnapshot", "ebs:StartSnapshot", "ebs:PutSnapshotBlock", "rds:CreateDBInstance", "ec2:DeleteSnapshot", "ec2:DeleteTags", "ec2:RestoreSnapshotTier", "ec2:CreateTags", "ec2:RunInstances", "ec2:TerminateInstances", "ec2:CreateTags", "fsx:CreateFileSystemFromBackup", "fsx:DescribeFileSystems", "fsx:TagResource", "fsx:DescribeBackups", "fsx:DeleteFileSystem", "fsx:UntagResource", "fsx:DescribeVolumes", "fsx:CreateVolumeFromBackup", "fsx:TagResource", "fsx:CreateVolumeFromBackup", "fsx:TagResource", "fsx:DeleteVolume", "fsx:UntagResource", "ds:DescribeDirectories", "dynamodb:RestoreTableFromAwsBackup", "backup-gateway:Restore", "cloudformation:CreateChangeSet", "cloudformation:DescribeChangeSet", "cloudformation:TagResource", "redshift:RestoreFromClusterSnapshot", "redshift:RestoreTableFromClusterSnapshot", "redshift:DescribeClusters", "redshift:DescribeTableRestoreStatus", "timestream:StartAwsRestoreJob", "timestream:GetAwsRestoreStatus", "timestream:ListTables", "timestream:ListTagsForResource", "timestream:ListDatabases", "timestream:DescribeTable", "timestream:DescribeDatabase", "timestream:DescribeEndpoints" ], "malformed": false, "name": "AWSBackupServiceRolePolicyForRestores", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-15T22:05:32+00:00", "version": "v20" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonPrometheusFullAccess", "createdate": "2023-11-26T20:16:13Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "aps:CreateAlertManagerAlerts", "aps:CreateAlertManagerDefinition", "aps:CreateLoggingConfiguration", "aps:CreateRuleGroupsNamespace", "aps:CreateScraper", "aps:CreateWorkspace", "aps:DeleteAlertManagerDefinition", "aps:DeleteAlertManagerSilence", "aps:DeleteLoggingConfiguration", "aps:DeleteRuleGroupsNamespace", "aps:DeleteScraper", "aps:DeleteWorkspace", "aps:DescribeAlertManagerDefinition", "aps:DescribeLoggingConfiguration", "aps:DescribeRuleGroupsNamespace", "aps:DescribeScraper", "aps:DescribeWorkspace", "aps:GetAlertManagerSilence", "aps:GetAlertManagerStatus", "aps:GetDefaultScraperConfiguration", "aps:GetLabels", "aps:GetMetricMetadata", "aps:GetSeries", "aps:ListAlertManagerAlertGroups", "aps:ListAlertManagerAlerts", "aps:ListAlertManagerReceivers", "aps:ListAlertManagerSilences", "aps:ListAlerts", "aps:ListRuleGroupsNamespaces", "aps:ListRules", "aps:ListScrapers", "aps:ListTagsForResource", "aps:ListWorkspaces", "aps:PutAlertManagerDefinition", "aps:PutAlertManagerSilences", "aps:PutRuleGroupsNamespace", "aps:QueryMetrics", "aps:RemoteWrite", "aps:TagResource", "aps:UntagResource", "aps:UpdateLoggingConfiguration", "aps:UpdateWorkspaceAlias", "eks:DescribeCluster", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonPrometheusFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-26T20:16:13+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerServiceRolePolicy", "createdate": "2021-07-30T01:43:19Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:CreateServiceLinkedRole", "iam:CreateServiceLinkedRole", "s3:GetBucketLocation", "s3:ListBucket", "s3:ListAllMyBuckets", "s3:PutObject", "sns:Publish", "sns:ListTopics", "ec2:DescribeInstances", "ec2:DescribeImages", "ec2:DescribeHosts", "ssm:ListInventoryEntries", "ssm:GetInventory", "ssm:CreateAssociation", "organizations:ListAWSServiceAccessForOrganization", "organizations:DescribeOrganization", "organizations:ListDelegatedAdministrators", "license-manager:GetServiceSettings", "license-manager:GetLicense", "license-manager:GetLicenseConfiguration", "license-manager:GetLicenseConversionTask", "license-manager:GetLicenseManagerReportGenerator", "license-manager:GetLicenseUsage", "license-manager:UpdateLicenseSpecificationsForResource", "license-manager:ListAssociationsForLicenseConfiguration", "license-manager:ListDistributedGrants", "license-manager:ListFailuresForLicenseConfigurationOperations", "license-manager:ListLicenseConfigurations", "license-manager:ListLicenseConversionTasks", "license-manager:ListLicenseManagerReportGenerators", "license-manager:ListLicenseSpecificationsForResource", "license-manager:ListLicenseVersions", "license-manager:ListLicenses", "license-manager:ListReceivedGrants", "license-manager:ListReceivedGrantsForOrganization", "license-manager:ListReceivedLicenses", "license-manager:ListReceivedLicensesForOrganization", "license-manager:ListResourceInventory", "license-manager:ListTagsForResource", "license-manager:ListTokens", "license-manager:ListUsageForLicenseConfiguration" ], "malformed": false, "name": "AWSLicenseManagerServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-07-30T01:43:19+00:00", "version": "v7" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSLambdaENIManagementAccess", "createdate": "2020-10-01T20:07:26Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateNetworkInterface", "ec2:DescribeNetworkInterfaces", "ec2:DeleteNetworkInterface", "ec2:AssignPrivateIpAddresses", "ec2:UnassignPrivateIpAddresses" ], "malformed": false, "name": "AWSLambdaENIManagementAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-10-01T20:07:26+00:00", "version": "v2" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonRoute53RecoveryReadinessFullAccess", "createdate": "2021-08-18T16:45:07Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "route53-recovery-readiness:CreateCell", "route53-recovery-readiness:CreateCrossAccountAuthorization", "route53-recovery-readiness:CreateReadinessCheck", "route53-recovery-readiness:CreateRecoveryGroup", "route53-recovery-readiness:CreateResourceSet", "route53-recovery-readiness:DeleteCell", "route53-recovery-readiness:DeleteCrossAccountAuthorization", "route53-recovery-readiness:DeleteReadinessCheck", "route53-recovery-readiness:DeleteRecoveryGroup", "route53-recovery-readiness:DeleteResourceSet", "route53-recovery-readiness:GetArchitectureRecommendations", "route53-recovery-readiness:GetCell", "route53-recovery-readiness:GetCellReadinessSummary", "route53-recovery-readiness:GetReadinessCheck", "route53-recovery-readiness:GetReadinessCheckResourceStatus", "route53-recovery-readiness:GetReadinessCheckStatus", "route53-recovery-readiness:GetRecoveryGroup", "route53-recovery-readiness:GetRecoveryGroupReadinessSummary", "route53-recovery-readiness:GetResourceSet", "route53-recovery-readiness:ListCells", "route53-recovery-readiness:ListCrossAccountAuthorizations", "route53-recovery-readiness:ListReadinessChecks", "route53-recovery-readiness:ListRecoveryGroups", "route53-recovery-readiness:ListResourceSets", "route53-recovery-readiness:ListRules", "route53-recovery-readiness:ListTagsForResources", "route53-recovery-readiness:TagResource", "route53-recovery-readiness:UntagResource", "route53-recovery-readiness:UpdateCell", "route53-recovery-readiness:UpdateReadinessCheck", "route53-recovery-readiness:UpdateRecoveryGroup", "route53-recovery-readiness:UpdateResourceSet" ], "malformed": false, "name": "AmazonRoute53RecoveryReadinessFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-08-18T16:45:07+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonKinesisFirehoseFullAccess", "createdate": "2015-10-07T18:45:26Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "firehose:CreateDeliveryStream", "firehose:DeleteDeliveryStream", "firehose:DescribeDeliveryStream", "firehose:ListDeliveryStreams", "firehose:ListTagsForDeliveryStream", "firehose:PutRecord", "firehose:PutRecordBatch", "firehose:StartDeliveryStreamEncryption", "firehose:StopDeliveryStreamEncryption", "firehose:TagDeliveryStream", "firehose:UntagDeliveryStream", "firehose:UpdateDestination" ], "malformed": false, "name": "AmazonKinesisFirehoseFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-10-07T18:45:26+00:00", "version": "v1" }, { "access_levels": [ "List", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSLambdaReplicator", "createdate": "2017-12-08T00:17:54Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "lambda:CreateFunction", "lambda:DeleteFunction", "lambda:DisableReplication", "iam:PassRole", "cloudfront:ListDistributionsByLambdaFunction" ], "malformed": false, "name": "AWSLambdaReplicator", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-12-08T00:17:54+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSFMAdminFullAccess", "createdate": "2022-10-20T23:39:06Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "fms:AssociateAdminAccount", "fms:AssociateThirdPartyFirewall", "fms:BatchAssociateResource", "fms:BatchDisassociateResource", "fms:DeleteAppsList", "fms:DeleteNotificationChannel", "fms:DeletePolicy", "fms:DeleteProtocolsList", "fms:DeleteResourceSet", "fms:DisassociateAdminAccount", "fms:DisassociateThirdPartyFirewall", "fms:GetAdminAccount", "fms:GetAdminScope", "fms:GetAppsList", "fms:GetComplianceDetail", "fms:GetNotificationChannel", "fms:GetPolicy", "fms:GetProtectionStatus", "fms:GetProtocolsList", "fms:GetResourceSet", "fms:GetThirdPartyFirewallAssociationStatus", "fms:GetViolationDetails", "fms:ListAdminAccountsForOrganization", "fms:ListAdminsManagingAccount", "fms:ListAppsLists", "fms:ListComplianceStatus", "fms:ListDiscoveredResources", "fms:ListMemberAccounts", "fms:ListPolicies", "fms:ListProtocolsLists", "fms:ListResourceSetResources", "fms:ListResourceSets", "fms:ListTagsForResource", "fms:ListThirdPartyFirewallFirewallPolicies", "fms:PutAdminAccount", "fms:PutAppsList", "fms:PutNotificationChannel", "fms:PutPolicy", "fms:PutProtocolsList", "fms:PutResourceSet", "fms:TagResource", "fms:UntagResource", "waf:CreateByteMatchSet", "waf:CreateGeoMatchSet", "waf:CreateIPSet", "waf:CreateRateBasedRule", "waf:CreateRegexMatchSet", "waf:CreateRegexPatternSet", "waf:CreateRule", "waf:CreateRuleGroup", "waf:CreateSizeConstraintSet", "waf:CreateSqlInjectionMatchSet", "waf:CreateWebACL", "waf:CreateWebACLMigrationStack", "waf:CreateXssMatchSet", "waf:DeleteByteMatchSet", "waf:DeleteGeoMatchSet", "waf:DeleteIPSet", "waf:DeleteLoggingConfiguration", "waf:DeletePermissionPolicy", "waf:DeleteRateBasedRule", "waf:DeleteRegexMatchSet", "waf:DeleteRegexPatternSet", "waf:DeleteRule", "waf:DeleteRuleGroup", "waf:DeleteSizeConstraintSet", "waf:DeleteSqlInjectionMatchSet", "waf:DeleteWebACL", "waf:DeleteXssMatchSet", "waf:GetByteMatchSet", "waf:GetChangeToken", "waf:GetChangeTokenStatus", "waf:GetGeoMatchSet", "waf:GetIPSet", "waf:GetLoggingConfiguration", "waf:GetPermissionPolicy", "waf:GetRateBasedRule", "waf:GetRateBasedRuleManagedKeys", "waf:GetRegexMatchSet", "waf:GetRegexPatternSet", "waf:GetRule", "waf:GetRuleGroup", "waf:GetSampledRequests", "waf:GetSizeConstraintSet", "waf:GetSqlInjectionMatchSet", "waf:GetWebACL", "waf:GetXssMatchSet", "waf:ListActivatedRulesInRuleGroup", "waf:ListByteMatchSets", "waf:ListGeoMatchSets", "waf:ListIPSets", "waf:ListLoggingConfigurations", "waf:ListRateBasedRules", "waf:ListRegexMatchSets", "waf:ListRegexPatternSets", "waf:ListRuleGroups", "waf:ListRules", "waf:ListSizeConstraintSets", "waf:ListSqlInjectionMatchSets", "waf:ListSubscribedRuleGroups", "waf:ListTagsForResource", "waf:ListWebACLs", "waf:ListXssMatchSets", "waf:PutLoggingConfiguration", "waf:PutPermissionPolicy", "waf:TagResource", "waf:UntagResource", "waf:UpdateByteMatchSet", "waf:UpdateGeoMatchSet", "waf:UpdateIPSet", "waf:UpdateRateBasedRule", "waf:UpdateRegexMatchSet", "waf:UpdateRegexPatternSet", "waf:UpdateRule", "waf:UpdateRuleGroup", "waf:UpdateSizeConstraintSet", "waf:UpdateSqlInjectionMatchSet", "waf:UpdateWebACL", "waf:UpdateXssMatchSet", "waf-regional:AssociateWebACL", "waf-regional:CreateByteMatchSet", "waf-regional:CreateGeoMatchSet", "waf-regional:CreateIPSet", "waf-regional:CreateRateBasedRule", "waf-regional:CreateRegexMatchSet", "waf-regional:CreateRegexPatternSet", "waf-regional:CreateRule", "waf-regional:CreateRuleGroup", "waf-regional:CreateSizeConstraintSet", "waf-regional:CreateSqlInjectionMatchSet", "waf-regional:CreateWebACL", "waf-regional:CreateWebACLMigrationStack", "waf-regional:CreateXssMatchSet", "waf-regional:DeleteByteMatchSet", "waf-regional:DeleteGeoMatchSet", "waf-regional:DeleteIPSet", "waf-regional:DeleteLoggingConfiguration", "waf-regional:DeletePermissionPolicy", "waf-regional:DeleteRateBasedRule", "waf-regional:DeleteRegexMatchSet", "waf-regional:DeleteRegexPatternSet", "waf-regional:DeleteRule", "waf-regional:DeleteRuleGroup", "waf-regional:DeleteSizeConstraintSet", "waf-regional:DeleteSqlInjectionMatchSet", "waf-regional:DeleteWebACL", "waf-regional:DeleteXssMatchSet", "waf-regional:DisassociateWebACL", "waf-regional:GetByteMatchSet", "waf-regional:GetChangeToken", "waf-regional:GetChangeTokenStatus", "waf-regional:GetGeoMatchSet", "waf-regional:GetIPSet", "waf-regional:GetLoggingConfiguration", "waf-regional:GetPermissionPolicy", "waf-regional:GetRateBasedRule", "waf-regional:GetRateBasedRuleManagedKeys", "waf-regional:GetRegexMatchSet", "waf-regional:GetRegexPatternSet", "waf-regional:GetRule", "waf-regional:GetRuleGroup", "waf-regional:GetSampledRequests", "waf-regional:GetSizeConstraintSet", "waf-regional:GetSqlInjectionMatchSet", "waf-regional:GetWebACL", "waf-regional:GetWebACLForResource", "waf-regional:GetXssMatchSet", "waf-regional:ListActivatedRulesInRuleGroup", "waf-regional:ListByteMatchSets", "waf-regional:ListGeoMatchSets", "waf-regional:ListIPSets", "waf-regional:ListLoggingConfigurations", "waf-regional:ListRateBasedRules", "waf-regional:ListRegexMatchSets", "waf-regional:ListRegexPatternSets", "waf-regional:ListResourcesForWebACL", "waf-regional:ListRuleGroups", "waf-regional:ListRules", "waf-regional:ListSizeConstraintSets", "waf-regional:ListSqlInjectionMatchSets", "waf-regional:ListSubscribedRuleGroups", "waf-regional:ListTagsForResource", "waf-regional:ListWebACLs", "waf-regional:ListXssMatchSets", "waf-regional:PutLoggingConfiguration", "waf-regional:PutPermissionPolicy", "waf-regional:TagResource", "waf-regional:UntagResource", "waf-regional:UpdateByteMatchSet", "waf-regional:UpdateGeoMatchSet", "waf-regional:UpdateIPSet", "waf-regional:UpdateRateBasedRule", "waf-regional:UpdateRegexMatchSet", "waf-regional:UpdateRegexPatternSet", "waf-regional:UpdateRule", "waf-regional:UpdateRuleGroup", "waf-regional:UpdateSizeConstraintSet", "waf-regional:UpdateSqlInjectionMatchSet", "waf-regional:UpdateWebACL", "waf-regional:UpdateXssMatchSet", "elasticloadbalancing:SetWebAcl", "firehose:ListDeliveryStreams", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListRoots", "organizations:ListChildren", "organizations:ListAccounts", "organizations:ListAccountsForParent", "organizations:ListOrganizationalUnitsForParent", "shield:GetSubscriptionState", "route53resolver:ListFirewallRuleGroups", "route53resolver:GetFirewallRuleGroup", "wafv2:ListRuleGroups", "wafv2:ListAvailableManagedRuleGroups", "wafv2:CheckCapacity", "wafv2:PutLoggingConfiguration", "wafv2:ListAvailableManagedRuleGroupVersions", "network-firewall:DescribeRuleGroup", "network-firewall:DescribeRuleGroupMetadata", "network-firewall:ListRuleGroups", "ec2:DescribeAvailabilityZones", "ec2:DescribeRegions", "s3:PutBucketPolicy", "s3:GetBucketPolicy", "iam:CreateServiceLinkedRole", "organizations:EnableAWSServiceAccess", "organizations:ListDelegatedAdministrators", "organizations:RegisterDelegatedAdministrator", "organizations:DeregisterDelegatedAdministrator" ], "malformed": false, "name": "AWSFMAdminFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-10-20T23:39:06+00:00", "version": "v2" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/VPCLatticeServicesInvokeAccess", "createdate": "2023-03-30T02:45:07Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "vpc-lattice-svcs:Invoke" ], "malformed": false, "name": "VPCLatticeServicesInvokeAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-30T02:45:07+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSBugBustPlayerAccess", "createdate": "2021-06-24T07:15:00Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "codeguru-reviewer:DescribeCodeReview", "codeguru-reviewer:ListRecommendations", "codeguru-profiler:DescribeProfilingGroup", "bugbust:ListBugs", "bugbust:ListProfilingGroups", "bugbust:JoinEvent", "bugbust:GetEvent", "bugbust:ListEvents", "bugbust:GetJoinEventStatus", "bugbust:ListEventScores", "bugbust:ListEventParticipants", "bugbust:UpdateWorkItem", "bugbust:ListPullRequests" ], "malformed": false, "name": "AWSBugBustPlayerAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-06-24T07:15:00+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonSSMDirectoryServiceAccess", "createdate": "2019-03-15T17:44:38Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ds:CreateComputer", "ds:DescribeDirectories" ], "malformed": false, "name": "AmazonSSMDirectoryServiceAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-03-15T17:44:38+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonHoneycodeTeamAssociationFullAccess", "createdate": "2020-06-24T20:28:27Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "honeycode:ListTeamAssociations", "honeycode:ApproveTeamAssociation", "honeycode:RejectTeamAssociation" ], "malformed": false, "name": "AmazonHoneycodeTeamAssociationFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-06-24T20:28:27+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSOpsWorksCloudWatchLogs", "createdate": "2017-03-30T17:47:19Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogStreams" ], "malformed": false, "name": "AWSOpsWorksCloudWatchLogs", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-03-30T17:47:19+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": null, "createdate": "2019-09-27T21:18:52Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [ "events:PutRule", "events:PutTargets", "events:EnableRule", "events:DisableRule", "events:DeleteRule", "events:RemoveTargets", "events:ListTargetsByRule" ], "malformed": false, "name": "AWSSchemasServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v1" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/OAMFullAccess", "createdate": "2022-11-27T13:38:29Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "oam:CreateLink", "oam:CreateSink", "oam:DeleteLink", "oam:DeleteSink", "oam:GetLink", "oam:GetSink", "oam:GetSinkPolicy", "oam:ListAttachedLinks", "oam:ListLinks", "oam:ListSinks", "oam:ListTagsForResource", "oam:PutSinkPolicy", "oam:TagResource", "oam:UntagResource", "oam:UpdateLink" ], "malformed": false, "name": "OAMFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-27T13:38:29+00:00", "version": "v1" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonMemoryDBReadOnlyAccess", "createdate": "2021-10-08T19:27:28Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "memorydb:DescribeAcls", "memorydb:DescribeClusters", "memorydb:DescribeEngineVersions", "memorydb:DescribeEvents", "memorydb:DescribeParameterGroups", "memorydb:DescribeParameters", "memorydb:DescribeReservedNodes", "memorydb:DescribeReservedNodesOfferings", "memorydb:DescribeServiceUpdates", "memorydb:DescribeSnapshots", "memorydb:DescribeSubnetGroups", "memorydb:DescribeUsers", "memorydb:ListAllowedNodeTypeUpdates", "memorydb:ListTags" ], "malformed": false, "name": "AmazonMemoryDBReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-10-08T19:27:28+00:00", "version": "v1" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSElementalMediaPackageFullAccess", "createdate": "2017-12-29T23:39:52Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "mediapackage:ConfigureLogs", "mediapackage:CreateChannel", "mediapackage:CreateHarvestJob", "mediapackage:CreateOriginEndpoint", "mediapackage:DeleteChannel", "mediapackage:DeleteOriginEndpoint", "mediapackage:DescribeChannel", "mediapackage:DescribeHarvestJob", "mediapackage:DescribeOriginEndpoint", "mediapackage:ListChannels", "mediapackage:ListHarvestJobs", "mediapackage:ListOriginEndpoints", "mediapackage:ListTagsForResource", "mediapackage:RotateChannelCredentials", "mediapackage:RotateIngestEndpointCredentials", "mediapackage:TagResource", "mediapackage:UntagResource", "mediapackage:UpdateChannel", "mediapackage:UpdateOriginEndpoint" ], "malformed": false, "name": "AWSElementalMediaPackageFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-12-29T23:39:52+00:00", "version": "v1" }, { "access_levels": [], "arn": null, "createdate": "2017-10-05T18:10:56Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [], "malformed": false, "name": "AmazonMechanicalTurkCrowdReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": true, "updatedate": null, "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role", "createdate": "2019-07-08T18:19:14Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:CreateBucket", "s3:ListBucket", "s3:DeleteBucket", "s3:GetBucketLocation", "s3:GetObject", "s3:PutObject", "s3:DeleteObject", "s3:GetObjectVersion", "s3:GetBucketPolicy", "s3:PutBucketPolicy", "s3:GetBucketAcl", "s3:PutBucketVersioning", "s3:GetBucketVersioning", "s3:PutLifecycleConfiguration", "s3:GetLifecycleConfiguration", "s3:DeleteBucketPolicy" ], "malformed": false, "name": "AmazonDMSRedshiftS3Role", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-07-08T18:19:14+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSTrustedAdvisorPriorityFullAccess", "createdate": "2022-08-16T16:08:24Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "trustedadvisor:DescribeAccount", "trustedadvisor:DescribeAccountAccess", "trustedadvisor:DescribeOrganization", "trustedadvisor:DescribeRisk", "trustedadvisor:DescribeRiskResources", "trustedadvisor:DescribeRisks", "trustedadvisor:DownloadRisk", "trustedadvisor:UpdateRiskStatus", "trustedadvisor:DescribeNotificationConfigurations", "trustedadvisor:UpdateNotificationConfigurations", "trustedadvisor:DeleteNotificationConfigurationForDelegatedAdmin", "trustedadvisor:SetOrganizationAccess", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListDelegatedAdministrators", "organizations:EnableAWSServiceAccess", "organizations:DisableAWSServiceAccess", "iam:CreateServiceLinkedRole", "organizations:RegisterDelegatedAdministrator", "organizations:DeregisterDelegatedAdministrator" ], "malformed": false, "name": "AWSTrustedAdvisorPriorityFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-08-16T16:08:24+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonSageMakerFeatureStoreAccess", "createdate": "2022-12-05T14:19:58Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:PutObject", "s3:GetBucketAcl", "s3:PutObjectAcl", "s3:GetObject", "glue:GetTable", "glue:UpdateTable" ], "malformed": false, "name": "AmazonSageMakerFeatureStoreAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-12-05T14:19:58+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": null, "createdate": "2019-10-16T00:29:24Z", "credentials_exposure": true, "data_access": true, "deprecated": true, "effective_action_names": [ "cloudformation:CreateStack", "cloudformation:DeleteStack", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:GetResource", "cloudformation:GetResourceRequestStatus", "cloudformation:GetGeneratedTemplate", "cloudformation:GetStackPolicy", "cloudformation:GetTemplate", "cloudformation:GetTemplateSummary", "cloudformation:ListStacks", "cloudformation:SignalResource", "ec2:AllocateAddress", "ec2:AllocateHosts", "ec2:AssignPrivateIpAddresses", "ec2:AssociateAddress", "ec2:AssociateDhcpOptions", "ec2:AssociateSubnetCidrBlock", "ec2:AttachInternetGateway", "ec2:AttachNetworkInterface", "ec2:AttachVolume", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateDhcpOptions", "ec2:CreateEgressOnlyInternetGateway", "ec2:CreateInternetGateway", "ec2:CreateNatGateway", "ec2:CreateNetworkInterface", "ec2:CreateSecurityGroup", "ec2:CreateVolume", "ec2:CreateVpc", "ec2:CreateVpcEndpoint", "ec2:DeleteDhcpOptions", "ec2:DeleteInternetGateway", "ec2:DeleteKeyPair", "ec2:DeleteNatGateway", "ec2:DeleteSecurityGroup", "ec2:DeleteSnapshot", "ec2:DeleteVolume", "ec2:DeleteVpc", "ec2:DetachInternetGateway", "ec2:DetachVolume", "ec2:DisassociateIamInstanceProfile", "ec2:DisassociateRouteTable", "ec2:DisassociateSubnetCidrBlock", "ec2:GetConsoleOutput", "ec2:GetPasswordData", "ec2:ModifyInstanceAttribute", "ec2:ModifySubnetAttribute", "ec2:ModifyVolumeAttribute", "ec2:ModifyVpcAttribute", "ec2:ReleaseAddress", "ec2:ReplaceRoute", "ec2:ReplaceRouteTableAssociation", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:RunInstances", "ec2:StartInstances", "ec2:StopInstances", "ec2:TerminateInstances", "ssm:SendCommand", "iam:CreateInstanceProfile", "iam:DeleteInstanceProfile", "iam:PassRole", "iam:RemoveRoleFromInstanceProfile", "iam:AddRoleToInstanceProfile", "autoscaling:AttachInstances", "autoscaling:CreateAutoScalingGroup", "autoscaling:CreateLaunchConfiguration", "autoscaling:DeleteAutoScalingGroup", "autoscaling:DeleteLaunchConfiguration", "autoscaling:UpdateAutoScalingGroup", "logs:CreateLogStream", "logs:DeleteLogGroup", "logs:DeleteLogStream", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:PutLogEvents", "resource-groups:CreateGroup", "resource-groups:DeleteGroup", "sns:ListSubscriptionsByTopic", "sns:Publish", "ssm:DeleteDocument", "ssm:DeleteParameter", "ssm:DeleteParameters", "ssm:DescribeDocument", "ssm:DescribeDocumentParameters", "ssm:DescribeDocumentPermission", "ssm:GetDocument", "ssm:PutParameter", "logs:DeleteLogStream", "logs:GetLogEvents", "logs:PutLogEvents", "ssm:AddTagsToResource", "ssm:AddTagsToResource", "ssm:DescribeDocument", "ssm:GetDocument", "ssm:ListTagsForResource", "ssm:RemoveTagsFromResource", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "ds:AddIpRoutes", "ds:CreateComputer", "ds:CreateMicrosoftAD", "ds:DeleteDirectory", "ds:DescribeCertificate", "ds:DescribeClientAuthenticationSettings", "ds:DescribeConditionalForwarders", "ds:DescribeDirectories", "ds:DescribeDomainControllers", "ds:DescribeEventTopics", "ds:DescribeLDAPSSettings", "ds:DescribeRegions", "ds:DescribeSettings", "ds:DescribeSharedDirectories", "ds:DescribeSnapshots", "ds:DescribeTrusts", "ds:DescribeUpdateDirectory", "ds:ListAuthorizedApplications", "ec2:AssociateRouteTable", "ec2:AssociateVpcCidrBlock", "ec2:CreateInternetGateway", "ec2:CreateKeyPair", "ec2:CreateNatGateway", "ec2:CreateRoute", "ec2:CreateRouteTable", "ec2:CreateSubnet", "ec2:CreateTags", "ec2:DeleteNetworkAcl", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DeleteRoute", "ec2:DeleteRouteTable", "ec2:DeleteSubnet", "ec2:DeleteTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DescribeAvailabilityZones", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeInstanceStatus", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeKeyPairs", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribeRegions", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DetachNetworkInterface", "ec2:DisassociateAddress", "ec2:DisassociateVpcCidrBlock", "ec2:GetLaunchTemplateData", "ec2:ModifyNetworkInterfaceAttribute", "ec2:ModifyVolume", "iam:GetRole", "iam:GetRolePolicy", "iam:ListAccessKeys", "iam:ListAccountAliases", "iam:ListAttachedGroupPolicies", "iam:ListAttachedRolePolicies", "iam:ListAttachedUserPolicies", "iam:ListCloudFrontPublicKeys", "iam:ListEntitiesForPolicy", "iam:ListGroupPolicies", "iam:ListGroups", "iam:ListGroupsForUser", "iam:ListInstanceProfileTags", "iam:ListInstanceProfiles", "iam:ListInstanceProfilesForRole", "iam:ListMFADeviceTags", "iam:ListMFADevices", "iam:ListOpenIDConnectProviderTags", "iam:ListOpenIDConnectProviders", "iam:ListPolicies", "iam:ListPoliciesGrantingServiceAccess", "iam:ListPolicyTags", "iam:ListPolicyVersions", "iam:ListRolePolicies", "iam:ListRoleTags", "iam:ListRoles", "iam:ListSAMLProviderTags", "iam:ListSAMLProviders", "iam:ListSSHPublicKeys", "iam:ListSTSRegionalEndpointsStatus", "iam:ListServerCertificateTags", "iam:ListServerCertificates", "iam:ListServiceSpecificCredentials", "iam:ListSigningCertificates", "iam:ListUserPolicies", "iam:ListUserTags", "iam:ListUsers", "iam:ListVirtualMFADevices", "logs:CreateLogGroup", "logs:GetLogDelivery", "logs:GetLogRecord", "logs:ListLogDeliveries", "resource-groups:GetAccountSettings", "resource-groups:GetGroup", "resource-groups:GetGroupConfiguration", "resource-groups:GetGroupPolicy", "resource-groups:GetGroupQuery", "resource-groups:GetTags", "resource-groups:ListGroupResources", "resource-groups:ListGroups", "resource-groups:ListResourceTypes", "servicequotas:GetServiceQuota", "servicequotas:ListServiceQuotas", "sns:ListSubscriptions", "sns:ListTopics", "ssm:CreateDocument", "ssm:DescribeAutomationExecutions", "ssm:DescribeAutomationStepExecutions", "ssm:DescribeInstanceInformation", "ssm:DescribeParameters", "ssm:GetAutomationExecution", "ssm:GetCommandInvocation", "ssm:GetParameter", "ssm:GetParameterHistory", "ssm:GetParameters", "ssm:GetParametersByPath", "ssm:ListCommandInvocations", "ssm:ListCommands", "ssm:ListDocumentMetadataHistory", "ssm:ListDocumentVersions", "ssm:ListDocuments", "ssm:ListInstanceAssociations", "ssm:SendAutomationSignal", "ssm:StartAutomationExecution", "ssm:StopAutomationExecution", "tag:GetComplianceSummary", "tag:GetResources", "tag:GetTagKeys", "tag:GetTagValues", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetLogRecord", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeChangeSet", "cloudformation:DescribeChangeSetHooks", "cloudformation:DescribeGeneratedTemplate", "cloudformation:DescribeOrganizationsAccess", "cloudformation:DescribePublisher", "cloudformation:DescribeResourceScan", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:DescribeType", "cloudformation:DescribeTypeRegistration", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonApplicationWizardFullaccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": true, "updatedate": null, "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/NeptuneGraphReadOnlyAccess", "createdate": "2023-11-30T07:32:17Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "neptune-graph:GetEngineStatus", "neptune-graph:GetGraph", "neptune-graph:GetGraphSnapshot", "neptune-graph:GetGraphSummary", "neptune-graph:GetImportTask", "neptune-graph:GetPrivateGraphEndpoint", "neptune-graph:GetQueryStatus", "neptune-graph:GetStatisticsStatus", "neptune-graph:ListGraphSnapshots", "neptune-graph:ListGraphs", "neptune-graph:ListImportTasks", "neptune-graph:ListPrivateGraphEndpoints", "neptune-graph:ListQueries", "neptune-graph:ListTagsForResource", "neptune-graph:ReadDataViaQuery", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcAttribute", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeAvailabilityZones", "kms:ListKeys", "kms:ListAliases", "cloudwatch:GetMetricData", "cloudwatch:ListMetrics", "cloudwatch:GetMetricStatistics", "logs:DescribeLogStreams", "logs:GetLogEvents" ], "malformed": false, "name": "NeptuneGraphReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-30T07:32:17+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSMigrationHubRefactorSpaces-EnvironmentsWithoutBridgesFullAccess", "createdate": "2024-04-11T18:16:48Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "refactor-spaces:CreateApplication", "refactor-spaces:CreateEnvironment", "refactor-spaces:CreateRoute", "refactor-spaces:CreateService", "refactor-spaces:DeleteApplication", "refactor-spaces:DeleteEnvironment", "refactor-spaces:DeleteResourcePolicy", "refactor-spaces:DeleteRoute", "refactor-spaces:DeleteService", "refactor-spaces:GetApplication", "refactor-spaces:GetEnvironment", "refactor-spaces:GetResourcePolicy", "refactor-spaces:GetRoute", "refactor-spaces:GetService", "refactor-spaces:ListApplications", "refactor-spaces:ListEnvironmentVpcs", "refactor-spaces:ListEnvironments", "refactor-spaces:ListRoutes", "refactor-spaces:ListServices", "refactor-spaces:ListTagsForResource", "refactor-spaces:PutResourcePolicy", "refactor-spaces:TagResource", "refactor-spaces:UntagResource", "refactor-spaces:UpdateRoute", "ec2:DescribeSubnets", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcs", "ec2:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeInternetGateways", "ec2:CreateVpcEndpointServiceConfiguration", "ec2:DeleteTags", "ec2:DeleteVpcEndpointServiceConfigurations", "elasticloadbalancing:AddTags", "elasticloadbalancing:CreateLoadBalancer", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:CreateLoadBalancerListeners", "elasticloadbalancing:CreateListener", "elasticloadbalancing:DeleteListener", "elasticloadbalancing:DeleteTargetGroup", "elasticloadbalancing:DeleteLoadBalancer", "elasticloadbalancing:AddTags", "elasticloadbalancing:CreateListener", "elasticloadbalancing:DeleteListener", "elasticloadbalancing:DeleteTargetGroup", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:AddTags", "elasticloadbalancing:CreateTargetGroup", "apigateway:GET", "apigateway:DELETE", "apigateway:PATCH", "apigateway:POST", "apigateway:PUT", "apigateway:UpdateRestApiPolicy", "apigateway:GET", "organizations:DescribeOrganization", "cloudformation:CreateStack", "cloudformation:TagResource", "iam:CreateServiceLinkedRole", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSMigrationHubRefactorSpaces-EnvironmentsWithoutBridgesFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-11T18:16:48+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/CloudWatchAgentAdminPolicy", "createdate": "2024-02-05T20:59:57Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudwatch:PutMetricData", "ec2:DescribeTags", "logs:PutLogEvents", "logs:PutRetentionPolicy", "logs:DescribeLogStreams", "logs:DescribeLogGroups", "logs:CreateLogStream", "logs:CreateLogGroup", "xray:PutTraceSegments", "xray:PutTelemetryRecords", "xray:GetSamplingRules", "xray:GetSamplingTargets", "xray:GetSamplingStatisticSummaries", "ssm:GetParameter", "ssm:PutParameter" ], "malformed": false, "name": "CloudWatchAgentAdminPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-05T20:59:57+00:00", "version": "v2" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSDMSFleetAdvisorServiceRolePolicy", "createdate": "2023-03-06T09:10:42Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:PutMetricData" ], "malformed": false, "name": "AWSDMSFleetAdvisorServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-06T09:10:42+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/CostOptimizationHubServiceRolePolicy", "createdate": "2023-11-26T08:03:59Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:DescribeOrganization", "organizations:ListAccounts", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListParents", "organizations:DescribeOrganizationalUnit", "ce:ListCostAllocationTags" ], "malformed": false, "name": "CostOptimizationHubServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-26T08:03:59+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSThinkboxAWSPortalAdminPolicy", "createdate": "2024-04-12T20:07:12Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ec2:AttachInternetGateway", "ec2:AssociateAddress", "ec2:AssociateRouteTable", "ec2:AllocateAddress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateFleet", "ec2:CreateLaunchTemplate", "ec2:CreateInternetGateway", "ec2:CreateNatGateway", "ec2:CreatePlacementGroup", "ec2:CreateRoute", "ec2:CreateRouteTable", "ec2:CreateSecurityGroup", "ec2:CreateSubnet", "ec2:CreateVpc", "ec2:CreateVpcEndpoint", "ec2:DescribeAvailabilityZones", "ec2:DescribeAddresses", "ec2:DescribeFleets", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeImages", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeLaunchTemplates", "ec2:DescribeRouteTables", "ec2:DescribeNatGateways", "ec2:DescribeTags", "ec2:DescribeKeyPairs", "ec2:DescribePlacementGroups", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeRegions", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSecurityGroups", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeVpcEndpoints", "ec2:GetConsoleOutput", "ec2:ImportKeyPair", "ec2:ReleaseAddress", "ec2:RequestSpotFleet", "ec2:CancelSpotFleetRequests", "ec2:DisassociateAddress", "ec2:DeleteFleets", "ec2:DeleteLaunchTemplate", "ec2:DeleteVpc", "ec2:DeletePlacementGroup", "ec2:DeleteVpcEndpoints", "ec2:DeleteInternetGateway", "ec2:DeleteSecurityGroup", "ec2:RevokeSecurityGroupIngress", "ec2:DeleteRoute", "ec2:DeleteRouteTable", "ec2:DisassociateRouteTable", "ec2:DeleteSubnet", "ec2:DeleteNatGateway", "ec2:DetachInternetGateway", "ec2:ModifyInstanceAttribute", "ec2:ModifyFleet", "ec2:ModifySpotFleetRequest", "ec2:ModifyVpcAttribute", "ec2:RunInstances", "ec2:RunInstances", "ec2:TerminateInstances", "ec2:TerminateInstances", "ec2:TerminateInstances", "ec2:CreateTags", "ec2:CreateTags", "ec2:CreateTags", "ec2:DeleteTags", "iam:GetUser", "iam:GetInstanceProfile", "iam:GetPolicy", "iam:ListEntitiesForPolicy", "iam:ListPolicyVersions", "iam:GetRole", "iam:GetRolePolicy", "iam:PassRole", "iam:CreateServiceLinkedRole", "s3:CreateBucket", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketVersioning", "s3:PutBucketAcl", "s3:PutBucketCORS", "s3:PutBucketVersioning", "s3:GetBucketAcl", "s3:GetObject", "s3:PutBucketLogging", "s3:PutBucketTagging", "s3:PutObject", "s3:ListBucket", "s3:ListBucketVersions", "s3:PutEncryptionConfiguration", "s3:PutLifecycleConfiguration", "s3:DeleteBucket", "s3:DeleteObject", "s3:DeleteBucketPolicy", "s3:DeleteObjectVersion", "s3:PutBucketPolicy", "s3:PutBucketOwnershipControls", "s3:ListAllMyBuckets", "dynamodb:Scan", "cloudformation:CreateStack", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackResources", "cloudformation:DeleteStack", "cloudformation:DeleteChangeSet", "cloudformation:ListStackResources", "cloudformation:CreateChangeSet", "cloudformation:DescribeChangeSet", "cloudformation:ExecuteChangeSet", "cloudformation:UpdateTerminationProtection", "cloudformation:TagResource", "cloudformation:UntagResource", "cloudformation:EstimateTemplateCost", "cloudformation:DescribeStacks", "cloudformation:ListStacks", "logs:DescribeLogStreams", "logs:GetLogEvents", "logs:PutRetentionPolicy", "logs:DeleteRetentionPolicy", "logs:DescribeLogGroups", "logs:CreateLogGroup", "kms:Encrypt", "kms:GenerateDataKey", "secretsmanager:CreateSecret", "secretsmanager:DeleteSecret", "secretsmanager:UpdateSecret", "secretsmanager:DescribeSecret", "secretsmanager:TagResource" ], "malformed": false, "name": "AWSThinkboxAWSPortalAdminPolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-12T20:07:12+00:00", "version": "v8" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerMemberAccountRolePolicy", "createdate": "2019-11-15T22:09:32Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "license-manager:UpdateLicenseSpecificationsForResource", "license-manager:GetLicenseConfiguration", "ssm:ListInventoryEntries", "ssm:GetInventory", "ssm:CreateAssociation", "ssm:CreateResourceDataSync", "ssm:DeleteResourceDataSync", "ssm:ListResourceDataSync", "ssm:ListAssociations", "ram:AcceptResourceShareInvitation", "ram:GetResourceShareInvitations" ], "malformed": false, "name": "AWSLicenseManagerMemberAccountRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-11-15T22:09:32+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonECS_FullAccess", "createdate": "2023-01-04T16:26:05Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "application-autoscaling:DeleteScalingPolicy", "application-autoscaling:DeregisterScalableTarget", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingActivities", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:PutScalingPolicy", "application-autoscaling:RegisterScalableTarget", "appmesh:DescribeVirtualGateway", "appmesh:DescribeVirtualNode", "appmesh:ListMeshes", "appmesh:ListVirtualGateways", "appmesh:ListVirtualNodes", "autoscaling:CreateAutoScalingGroup", "autoscaling:CreateLaunchConfiguration", "autoscaling:DeleteAutoScalingGroup", "autoscaling:DeleteLaunchConfiguration", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "autoscaling:UpdateAutoScalingGroup", "cloudformation:CreateStack", "cloudformation:DeleteStack", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:UpdateStack", "cloudwatch:DeleteAlarms", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricStatistics", "cloudwatch:PutMetricAlarm", "codedeploy:BatchGetApplicationRevisions", "codedeploy:BatchGetApplications", "codedeploy:BatchGetDeploymentGroups", "codedeploy:BatchGetDeployments", "codedeploy:ContinueDeployment", "codedeploy:CreateApplication", "codedeploy:CreateDeployment", "codedeploy:CreateDeploymentGroup", "codedeploy:GetApplication", "codedeploy:GetApplicationRevision", "codedeploy:GetDeployment", "codedeploy:GetDeploymentConfig", "codedeploy:GetDeploymentGroup", "codedeploy:GetDeploymentTarget", "codedeploy:ListApplicationRevisions", "codedeploy:ListApplications", "codedeploy:ListDeploymentConfigs", "codedeploy:ListDeploymentGroups", "codedeploy:ListDeployments", "codedeploy:ListDeploymentTargets", "codedeploy:RegisterApplicationRevision", "codedeploy:StopDeployment", "ec2:AssociateRouteTable", "ec2:AttachInternetGateway", "ec2:AuthorizeSecurityGroupIngress", "ec2:CancelSpotFleetRequests", "ec2:CreateInternetGateway", "ec2:CreateLaunchTemplate", "ec2:CreateRoute", "ec2:CreateRouteTable", "ec2:CreateSecurityGroup", "ec2:CreateSubnet", "ec2:CreateVpc", "ec2:DeleteLaunchTemplate", "ec2:DeleteSubnet", "ec2:DeleteVpc", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:DetachInternetGateway", "ec2:DisassociateRouteTable", "ec2:ModifySubnetAttribute", "ec2:ModifyVpcAttribute", "ec2:RequestSpotFleet", "ec2:RunInstances", "ecs:CreateCapacityProvider", "ecs:CreateCluster", "ecs:CreateService", "ecs:CreateTaskSet", "ecs:DeleteAccountSetting", "ecs:DeleteAttributes", "ecs:DeleteCapacityProvider", "ecs:DeleteCluster", "ecs:DeleteService", "ecs:DeleteTaskDefinitions", "ecs:DeleteTaskSet", "ecs:DeregisterContainerInstance", "ecs:DeregisterTaskDefinition", "ecs:DescribeCapacityProviders", "ecs:DescribeClusters", "ecs:DescribeContainerInstances", "ecs:DescribeServices", "ecs:DescribeTaskDefinition", "ecs:DescribeTaskSets", "ecs:DescribeTasks", "ecs:DiscoverPollEndpoint", "ecs:ExecuteCommand", "ecs:GetTaskProtection", "ecs:ListAccountSettings", "ecs:ListAttributes", "ecs:ListClusters", "ecs:ListContainerInstances", "ecs:ListServices", "ecs:ListServicesByNamespace", "ecs:ListTagsForResource", "ecs:ListTaskDefinitionFamilies", "ecs:ListTaskDefinitions", "ecs:ListTasks", "ecs:Poll", "ecs:PutAccountSetting", "ecs:PutAccountSettingDefault", "ecs:PutAttributes", "ecs:PutClusterCapacityProviders", "ecs:RegisterContainerInstance", "ecs:RegisterTaskDefinition", "ecs:RunTask", "ecs:StartTask", "ecs:StartTelemetrySession", "ecs:StopTask", "ecs:SubmitAttachmentStateChanges", "ecs:SubmitContainerStateChange", "ecs:SubmitTaskStateChange", "ecs:TagResource", "ecs:UntagResource", "ecs:UpdateCapacityProvider", "ecs:UpdateCluster", "ecs:UpdateClusterSettings", "ecs:UpdateContainerAgent", "ecs:UpdateContainerInstancesState", "ecs:UpdateService", "ecs:UpdateServicePrimaryTaskSet", "ecs:UpdateTaskProtection", "ecs:UpdateTaskSet", "elasticfilesystem:DescribeAccessPoints", "elasticfilesystem:DescribeFileSystems", "elasticloadbalancing:CreateListener", "elasticloadbalancing:CreateLoadBalancer", "elasticloadbalancing:CreateRule", "elasticloadbalancing:CreateTargetGroup", "elasticloadbalancing:DeleteListener", "elasticloadbalancing:DeleteLoadBalancer", "elasticloadbalancing:DeleteRule", "elasticloadbalancing:DeleteTargetGroup", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeTargetGroups", "events:DeleteRule", "events:DescribeRule", "events:ListRuleNamesByTarget", "events:ListTargetsByRule", "events:PutRule", "events:PutTargets", "events:RemoveTargets", "fsx:DescribeFileSystems", "iam:ListAttachedRolePolicies", "iam:ListInstanceProfiles", "iam:ListRoles", "lambda:ListFunctions", "logs:CreateLogGroup", "logs:DescribeLogGroups", "logs:FilterLogEvents", "route53:CreateHostedZone", "route53:DeleteHostedZone", "route53:GetHealthCheck", "route53:GetHostedZone", "route53:ListHostedZonesByName", "servicediscovery:CreatePrivateDnsNamespace", "servicediscovery:CreateService", "servicediscovery:DeleteService", "servicediscovery:GetNamespace", "servicediscovery:GetOperation", "servicediscovery:GetService", "servicediscovery:ListNamespaces", "servicediscovery:ListServices", "servicediscovery:UpdateService", "sns:ListTopics", "ssm:GetParameter", "ssm:GetParameters", "ssm:GetParametersByPath", "ec2:DeleteInternetGateway", "ec2:DeleteRoute", "ec2:DeleteRouteTable", "ec2:DeleteSecurityGroup", "iam:PassRole", "iam:PassRole", "iam:PassRole", "iam:CreateServiceLinkedRole", "elasticloadbalancing:AddTags" ], "malformed": false, "name": "AmazonECS_FullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-01-04T16:26:05+00:00", "version": "v20" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSResourceExplorerOrganizationsAccess", "createdate": "2023-11-14T17:01:12Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "resource-explorer-2:AssociateDefaultView", "resource-explorer-2:BatchGetView", "resource-explorer-2:CreateIndex", "resource-explorer-2:CreateView", "resource-explorer-2:DeleteIndex", "resource-explorer-2:DeleteView", "resource-explorer-2:DisassociateDefaultView", "resource-explorer-2:GetAccountLevelServiceConfiguration", "resource-explorer-2:GetDefaultView", "resource-explorer-2:GetIndex", "resource-explorer-2:GetView", "resource-explorer-2:ListIndexes", "resource-explorer-2:ListIndexesForMembers", "resource-explorer-2:ListSupportedResourceTypes", "resource-explorer-2:ListTagsForResource", "resource-explorer-2:ListViews", "resource-explorer-2:Search", "resource-explorer-2:TagResource", "resource-explorer-2:UntagResource", "resource-explorer-2:UpdateIndexType", "resource-explorer-2:UpdateView", "ec2:DescribeRegions", "ram:ListResources", "ram:GetResourceShares", "organizations:ListAccounts", "organizations:ListRoots", "organizations:ListOrganizationalUnitsForParent", "organizations:ListAccountsForParent", "organizations:ListDelegatedAdministrators", "organizations:ListAWSServiceAccessForOrganization", "organizations:DescribeOrganization", "iam:GetRole", "iam:CreateServiceLinkedRole", "organizations:EnableAWSServiceAccess", "organizations:DisableAWSServiceAccess", "organizations:RegisterDelegatedAdministrator", "organizations:DeregisterDelegatedAdministrator" ], "malformed": false, "name": "AWSResourceExplorerOrganizationsAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-14T17:01:12+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSPrivateMarketplaceRequests", "createdate": "2019-10-28T21:44:03Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "aws-marketplace:CreatePrivateMarketplaceRequests", "aws-marketplace:ListPrivateMarketplaceRequests", "aws-marketplace:DescribePrivateMarketplaceRequests" ], "malformed": false, "name": "AWSPrivateMarketplaceRequests", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-10-28T21:44:03+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/job-function/DataScientist", "createdate": "2019-12-03T16:48:34Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "autoscaling:AttachInstances", "autoscaling:AttachLoadBalancerTargetGroups", "autoscaling:AttachLoadBalancers", "autoscaling:AttachTrafficSources", "autoscaling:BatchDeleteScheduledAction", "autoscaling:BatchPutScheduledUpdateGroupAction", "autoscaling:CancelInstanceRefresh", "autoscaling:CompleteLifecycleAction", "autoscaling:CreateAutoScalingGroup", "autoscaling:CreateLaunchConfiguration", "autoscaling:CreateOrUpdateTags", "autoscaling:DeleteAutoScalingGroup", "autoscaling:DeleteLaunchConfiguration", "autoscaling:DeleteLifecycleHook", "autoscaling:DeleteNotificationConfiguration", "autoscaling:DeletePolicy", "autoscaling:DeleteScheduledAction", "autoscaling:DeleteTags", "autoscaling:DeleteWarmPool", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "autoscaling:DetachInstances", "autoscaling:DetachLoadBalancerTargetGroups", "autoscaling:DetachLoadBalancers", "autoscaling:DetachTrafficSources", "autoscaling:DisableMetricsCollection", "autoscaling:EnableMetricsCollection", "autoscaling:EnterStandby", "autoscaling:ExecutePolicy", "autoscaling:ExitStandby", "autoscaling:GetPredictiveScalingForecast", "autoscaling:PutLifecycleHook", "autoscaling:PutNotificationConfiguration", "autoscaling:PutScalingPolicy", "autoscaling:PutScheduledUpdateGroupAction", "autoscaling:PutWarmPool", "autoscaling:RecordLifecycleActionHeartbeat", "autoscaling:ResumeProcesses", "autoscaling:RollbackInstanceRefresh", "autoscaling:SetDesiredCapacity", "autoscaling:SetInstanceHealth", "autoscaling:SetInstanceProtection", "autoscaling:StartInstanceRefresh", "autoscaling:SuspendProcesses", "autoscaling:TerminateInstanceInAutoScalingGroup", "autoscaling:UpdateAutoScalingGroup", "cloudwatch:BatchGetServiceLevelIndicatorReport", "cloudwatch:BatchGetServiceLevelObjectiveBudgetReport", "cloudwatch:CreateServiceLevelObjective", "cloudwatch:DeleteAlarms", "cloudwatch:DeleteAnomalyDetector", "cloudwatch:DeleteDashboards", "cloudwatch:DeleteInsightRules", "cloudwatch:DeleteMetricStream", "cloudwatch:DeleteServiceLevelObjective", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:DisableAlarmActions", "cloudwatch:DisableInsightRules", "cloudwatch:EnableAlarmActions", "cloudwatch:EnableInsightRules", "cloudwatch:EnableTopologyDiscovery", "cloudwatch:GenerateQuery", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:Link", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "cloudwatch:PutAnomalyDetector", "cloudwatch:PutCompositeAlarm", "cloudwatch:PutDashboard", "cloudwatch:PutInsightRule", "cloudwatch:PutManagedInsightRules", "cloudwatch:PutMetricAlarm", "cloudwatch:PutMetricData", "cloudwatch:PutMetricStream", "cloudwatch:SetAlarmState", "cloudwatch:StartMetricStreams", "cloudwatch:StopMetricStreams", "cloudwatch:TagResource", "cloudwatch:UntagResource", "cloudwatch:UpdateServiceLevelObjective", "cloudformation:CreateStack", "cloudformation:DescribeStackEvents", "datapipeline:DescribeObjects", "datapipeline:DescribePipelines", "datapipeline:ListPipelines", "datapipeline:GetPipelineDefinition", "datapipeline:QueryObjects", "dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:ConditionCheckItem", "dynamodb:CreateBackup", "dynamodb:CreateGlobalTable", "dynamodb:CreateTable", "dynamodb:CreateTableReplica", "dynamodb:DeleteBackup", "dynamodb:DeleteItem", "dynamodb:DeleteResourcePolicy", "dynamodb:DeleteTable", "dynamodb:DeleteTableReplica", "dynamodb:DescribeBackup", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeContributorInsights", "dynamodb:DescribeEndpoints", "dynamodb:DescribeExport", "dynamodb:DescribeGlobalTable", "dynamodb:DescribeGlobalTableSettings", "dynamodb:DescribeImport", "dynamodb:DescribeKinesisStreamingDestination", "dynamodb:DescribeLimits", "dynamodb:DescribeReservedCapacity", "dynamodb:DescribeReservedCapacityOfferings", "dynamodb:DescribeStream", "dynamodb:DescribeTable", "dynamodb:DescribeTableReplicaAutoScaling", "dynamodb:DescribeTimeToLive", "dynamodb:DisableKinesisStreamingDestination", "dynamodb:EnableKinesisStreamingDestination", "dynamodb:ExportTableToPointInTime", "dynamodb:GetItem", "dynamodb:GetRecords", "dynamodb:GetResourcePolicy", "dynamodb:GetShardIterator", "dynamodb:ImportTable", "dynamodb:ListBackups", "dynamodb:ListContributorInsights", "dynamodb:ListExports", "dynamodb:ListGlobalTables", "dynamodb:ListImports", "dynamodb:ListStreams", "dynamodb:ListTables", "dynamodb:ListTagsOfResource", "dynamodb:PartiQLDelete", "dynamodb:PartiQLInsert", "dynamodb:PartiQLSelect", "dynamodb:PartiQLUpdate", "dynamodb:PurchaseReservedCapacityOfferings", "dynamodb:PutItem", "dynamodb:PutResourcePolicy", "dynamodb:Query", "dynamodb:RestoreTableFromAwsBackup", "dynamodb:RestoreTableFromBackup", "dynamodb:RestoreTableToPointInTime", "dynamodb:Scan", "dynamodb:StartAwsBackupJob", "dynamodb:TagResource", "dynamodb:UntagResource", "dynamodb:UpdateContinuousBackups", "dynamodb:UpdateContributorInsights", "dynamodb:UpdateGlobalTable", "dynamodb:UpdateGlobalTableSettings", "dynamodb:UpdateGlobalTableVersion", "dynamodb:UpdateItem", "dynamodb:UpdateKinesisStreamingDestination", "dynamodb:UpdateTable", "dynamodb:UpdateTableReplicaAutoScaling", "dynamodb:UpdateTimeToLive", "ec2:CancelSpotInstanceRequests", "ec2:CancelSpotFleetRequests", "ec2:CreateTags", "ec2:DeleteTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:ModifyImageAttribute", "ec2:ModifyInstanceAttribute", "ec2:ModifySpotFleetRequest", "ec2:RequestSpotInstances", "ec2:RequestSpotFleet", "elasticfilesystem:Backup", "elasticfilesystem:ClientMount", "elasticfilesystem:ClientRootAccess", "elasticfilesystem:ClientWrite", "elasticfilesystem:CreateAccessPoint", "elasticfilesystem:CreateFileSystem", "elasticfilesystem:CreateMountTarget", "elasticfilesystem:CreateReplicationConfiguration", "elasticfilesystem:CreateTags", "elasticfilesystem:DeleteAccessPoint", "elasticfilesystem:DeleteFileSystem", "elasticfilesystem:DeleteFileSystemPolicy", "elasticfilesystem:DeleteMountTarget", "elasticfilesystem:DeleteReplicationConfiguration", "elasticfilesystem:DeleteTags", "elasticfilesystem:DescribeAccessPoints", "elasticfilesystem:DescribeAccountPreferences", "elasticfilesystem:DescribeBackupPolicy", "elasticfilesystem:DescribeFileSystemPolicy", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeLifecycleConfiguration", "elasticfilesystem:DescribeMountTargetSecurityGroups", "elasticfilesystem:DescribeMountTargets", "elasticfilesystem:DescribeReplicationConfigurations", "elasticfilesystem:DescribeTags", "elasticfilesystem:ListTagsForResource", "elasticfilesystem:ModifyMountTargetSecurityGroups", "elasticfilesystem:PutAccountPreferences", "elasticfilesystem:PutBackupPolicy", "elasticfilesystem:PutFileSystemPolicy", "elasticfilesystem:PutLifecycleConfiguration", "elasticfilesystem:Restore", "elasticfilesystem:TagResource", "elasticfilesystem:UntagResource", "elasticfilesystem:UpdateFileSystem", "elasticfilesystem:UpdateFileSystemProtection", "elasticmapreduce:AddInstanceFleet", "elasticmapreduce:AddInstanceGroups", "elasticmapreduce:AddJobFlowSteps", "elasticmapreduce:AddTags", "elasticmapreduce:AttachEditor", "elasticmapreduce:CancelSteps", "elasticmapreduce:CreateEditor", "elasticmapreduce:CreatePersistentAppUI", "elasticmapreduce:CreateRepository", "elasticmapreduce:CreateSecurityConfiguration", "elasticmapreduce:CreateStudio", "elasticmapreduce:CreateStudioPresignedUrl", "elasticmapreduce:CreateStudioSessionMapping", "elasticmapreduce:DeleteEditor", "elasticmapreduce:DeleteRepository", "elasticmapreduce:DeleteSecurityConfiguration", "elasticmapreduce:DeleteStudio", "elasticmapreduce:DeleteStudioSessionMapping", "elasticmapreduce:DeleteWorkspaceAccess", "elasticmapreduce:DescribeCluster", "elasticmapreduce:DescribeEditor", "elasticmapreduce:DescribeJobFlows", "elasticmapreduce:DescribeNotebookExecution", "elasticmapreduce:DescribePersistentAppUI", "elasticmapreduce:DescribeReleaseLabel", "elasticmapreduce:DescribeRepository", "elasticmapreduce:DescribeSecurityConfiguration", "elasticmapreduce:DescribeStep", "elasticmapreduce:DescribeStudio", "elasticmapreduce:DetachEditor", "elasticmapreduce:GetAutoTerminationPolicy", "elasticmapreduce:GetBlockPublicAccessConfiguration", "elasticmapreduce:GetClusterSessionCredentials", "elasticmapreduce:GetManagedScalingPolicy", "elasticmapreduce:GetOnClusterAppUIPresignedURL", "elasticmapreduce:GetPersistentAppUIPresignedURL", "elasticmapreduce:GetStudioSessionMapping", "elasticmapreduce:LinkRepository", "elasticmapreduce:ListBootstrapActions", "elasticmapreduce:ListClusters", "elasticmapreduce:ListEditors", "elasticmapreduce:ListInstanceFleets", "elasticmapreduce:ListInstanceGroups", "elasticmapreduce:ListInstances", "elasticmapreduce:ListNotebookExecutions", "elasticmapreduce:ListReleaseLabels", "elasticmapreduce:ListRepositories", "elasticmapreduce:ListSecurityConfigurations", "elasticmapreduce:ListSteps", "elasticmapreduce:ListStudioSessionMappings", "elasticmapreduce:ListStudios", "elasticmapreduce:ListSupportedInstanceTypes", "elasticmapreduce:ListWorkspaceAccessIdentities", "elasticmapreduce:ModifyCluster", "elasticmapreduce:ModifyInstanceFleet", "elasticmapreduce:ModifyInstanceGroups", "elasticmapreduce:OpenEditorInConsole", "elasticmapreduce:PutAutoScalingPolicy", "elasticmapreduce:PutAutoTerminationPolicy", "elasticmapreduce:PutBlockPublicAccessConfiguration", "elasticmapreduce:PutManagedScalingPolicy", "elasticmapreduce:PutWorkspaceAccess", "elasticmapreduce:RemoveAutoScalingPolicy", "elasticmapreduce:RemoveAutoTerminationPolicy", "elasticmapreduce:RemoveManagedScalingPolicy", "elasticmapreduce:RemoveTags", "elasticmapreduce:RunJobFlow", "elasticmapreduce:SetKeepJobFlowAliveWhenNoSteps", "elasticmapreduce:SetTerminationProtection", "elasticmapreduce:SetUnhealthyNodeReplacement", "elasticmapreduce:SetVisibleToAllUsers", "elasticmapreduce:StartEditor", "elasticmapreduce:StartNotebookExecution", "elasticmapreduce:StopEditor", "elasticmapreduce:StopNotebookExecution", "elasticmapreduce:TerminateJobFlows", "elasticmapreduce:UnlinkRepository", "elasticmapreduce:UpdateEditor", "elasticmapreduce:UpdateRepository", "elasticmapreduce:UpdateStudio", "elasticmapreduce:UpdateStudioSessionMapping", "elasticmapreduce:ViewEventsFromAllClustersInConsole", "es:AcceptInboundConnection", "es:AcceptInboundCrossClusterSearchConnection", "es:AddDataSource", "es:AddTags", "es:AssociatePackage", "es:AuthorizeVpcEndpointAccess", "es:CancelDomainConfigChange", "es:CancelElasticsearchServiceSoftwareUpdate", "es:CancelServiceSoftwareUpdate", "es:CreateDomain", "es:CreateElasticsearchDomain", "es:CreateElasticsearchServiceRole", "es:CreateOutboundConnection", "es:CreateOutboundCrossClusterSearchConnection", "es:CreatePackage", "es:CreateServiceRole", "es:CreateVpcEndpoint", "es:DeleteDataSource", "es:DeleteDomain", "es:DeleteElasticsearchDomain", "es:DeleteElasticsearchServiceRole", "es:DeleteInboundConnection", "es:DeleteInboundCrossClusterSearchConnection", "es:DeleteOutboundConnection", "es:DeleteOutboundCrossClusterSearchConnection", "es:DeletePackage", "es:DeleteVpcEndpoint", "es:DescribeDomain", "es:DescribeDomainAutoTunes", "es:DescribeDomainChangeProgress", "es:DescribeDomainConfig", "es:DescribeDomainHealth", "es:DescribeDomainNodes", "es:DescribeDomains", "es:DescribeDryRunProgress", "es:DescribeElasticsearchDomain", "es:DescribeElasticsearchDomainConfig", "es:DescribeElasticsearchDomains", "es:DescribeElasticsearchInstanceTypeLimits", "es:DescribeInboundConnections", "es:DescribeInboundCrossClusterSearchConnections", "es:DescribeInstanceTypeLimits", "es:DescribeOutboundConnections", "es:DescribeOutboundCrossClusterSearchConnections", "es:DescribePackages", "es:DescribeReservedElasticsearchInstanceOfferings", "es:DescribeReservedElasticsearchInstances", "es:DescribeReservedInstanceOfferings", "es:DescribeReservedInstances", "es:DescribeVpcEndpoints", "es:DissociatePackage", "es:ESCrossClusterGet", "es:ESHttpDelete", "es:ESHttpGet", "es:ESHttpHead", "es:ESHttpPatch", "es:ESHttpPost", "es:ESHttpPut", "es:GetCompatibleElasticsearchVersions", "es:GetCompatibleVersions", "es:GetDataSource", "es:GetDomainMaintenanceStatus", "es:GetPackageVersionHistory", "es:GetUpgradeHistory", "es:GetUpgradeStatus", "es:ListDataSources", "es:ListDomainMaintenances", "es:ListDomainNames", "es:ListDomainsForPackage", "es:ListElasticsearchInstanceTypeDetails", "es:ListElasticsearchInstanceTypes", "es:ListElasticsearchVersions", "es:ListInstanceTypeDetails", "es:ListPackagesForDomain", "es:ListScheduledActions", "es:ListTags", "es:ListVersions", "es:ListVpcEndpointAccess", "es:ListVpcEndpoints", "es:ListVpcEndpointsForDomain", "es:PurchaseReservedElasticsearchInstanceOffering", "es:PurchaseReservedInstanceOffering", "es:RejectInboundConnection", "es:RejectInboundCrossClusterSearchConnection", "es:RemoveTags", "es:RevokeVpcEndpointAccess", "es:StartDomainMaintenance", "es:StartElasticsearchServiceSoftwareUpdate", "es:StartServiceSoftwareUpdate", "es:UpdateDataSource", "es:UpdateDomainConfig", "es:UpdateElasticsearchDomainConfig", "es:UpdatePackage", "es:UpdateScheduledAction", "es:UpdateVpcEndpoint", "es:UpgradeDomain", "es:UpgradeElasticsearchDomain", "firehose:CreateDeliveryStream", "firehose:DeleteDeliveryStream", "firehose:DescribeDeliveryStream", "firehose:ListDeliveryStreams", "firehose:ListTagsForDeliveryStream", "firehose:PutRecord", "firehose:PutRecordBatch", "firehose:StartDeliveryStreamEncryption", "firehose:StopDeliveryStreamEncryption", "firehose:TagDeliveryStream", "firehose:UntagDeliveryStream", "firehose:UpdateDestination", "fsx:DescribeFileSystems", "iam:GetInstanceProfile", "iam:GetRole", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:ListRoles", "kinesis:AddTagsToStream", "kinesis:CreateStream", "kinesis:DecreaseStreamRetentionPeriod", "kinesis:DeleteResourcePolicy", "kinesis:DeleteStream", "kinesis:DeregisterStreamConsumer", "kinesis:DescribeLimits", "kinesis:DescribeStream", "kinesis:DescribeStreamConsumer", "kinesis:DescribeStreamSummary", "kinesis:DisableEnhancedMonitoring", "kinesis:EnableEnhancedMonitoring", "kinesis:GetRecords", "kinesis:GetResourcePolicy", "kinesis:GetShardIterator", "kinesis:IncreaseStreamRetentionPeriod", "kinesis:ListShards", "kinesis:ListStreamConsumers", "kinesis:ListStreams", "kinesis:ListTagsForStream", "kinesis:MergeShards", "kinesis:PutRecord", "kinesis:PutRecords", "kinesis:PutResourcePolicy", "kinesis:RegisterStreamConsumer", "kinesis:RemoveTagsFromStream", "kinesis:SplitShard", "kinesis:StartStreamEncryption", "kinesis:StopStreamEncryption", "kinesis:SubscribeToShard", "kinesis:UpdateShardCount", "kinesis:UpdateStreamMode", "kms:ListAliases", "kms:ListGrants", "kms:ListKeyPolicies", "kms:ListKeyRotations", "kms:ListKeys", "kms:ListResourceTags", "kms:ListRetirableGrants", "lambda:CreateAlias", "lambda:CreateCodeSigningConfig", "lambda:CreateEventSourceMapping", "lambda:CreateFunction", "lambda:CreateFunctionUrlConfig", "lambda:DeleteAlias", "lambda:DeleteCodeSigningConfig", "lambda:DeleteEventSourceMapping", "lambda:DeleteFunction", "lambda:DeleteFunctionCodeSigningConfig", "lambda:DeleteFunctionConcurrency", "lambda:DeleteFunctionEventInvokeConfig", "lambda:DeleteFunctionUrlConfig", "lambda:DeleteLayerVersion", "lambda:DeleteProvisionedConcurrencyConfig", "lambda:GetAccountSettings", "lambda:GetAlias", "lambda:GetCodeSigningConfig", "lambda:GetEventSourceMapping", "lambda:GetFunction", "lambda:GetFunctionCodeSigningConfig", "lambda:GetFunctionConcurrency", "lambda:GetFunctionConfiguration", "lambda:GetFunctionEventInvokeConfig", "lambda:GetFunctionUrlConfig", "lambda:GetLayerVersion", "lambda:GetLayerVersionPolicy", "lambda:GetPolicy", "lambda:GetProvisionedConcurrencyConfig", "lambda:GetRuntimeManagementConfig", "lambda:InvokeFunction", "lambda:PublishVersion", "lambda:UpdateAlias", "lambda:UpdateCodeSigningConfig", "lambda:UpdateEventSourceMapping", "lambda:UpdateFunctionCode", "lambda:UpdateFunctionCodeSigningConfig", "lambda:UpdateFunctionConfiguration", "lambda:UpdateFunctionEventInvokeConfig", "lambda:UpdateFunctionUrlConfig", "lambda:ListAliases", "lambda:ListCodeSigningConfigs", "lambda:ListEventSourceMappings", "lambda:ListFunctionEventInvokeConfigs", "lambda:ListFunctionUrlConfigs", "lambda:ListFunctions", "lambda:ListFunctionsByCodeSigningConfig", "lambda:ListLayerVersions", "lambda:ListLayers", "lambda:ListProvisionedConcurrencyConfigs", "lambda:ListTags", "lambda:ListVersionsByFunction", "machinelearning:AddTags", "machinelearning:CreateBatchPrediction", "machinelearning:CreateDataSourceFromRDS", "machinelearning:CreateDataSourceFromRedshift", "machinelearning:CreateDataSourceFromS3", "machinelearning:CreateEvaluation", "machinelearning:CreateMLModel", "machinelearning:CreateRealtimeEndpoint", "machinelearning:DeleteBatchPrediction", "machinelearning:DeleteDataSource", "machinelearning:DeleteEvaluation", "machinelearning:DeleteMLModel", "machinelearning:DeleteRealtimeEndpoint", "machinelearning:DeleteTags", "machinelearning:DescribeBatchPredictions", "machinelearning:DescribeDataSources", "machinelearning:DescribeEvaluations", "machinelearning:DescribeMLModels", "machinelearning:DescribeTags", "machinelearning:GetBatchPrediction", "machinelearning:GetDataSource", "machinelearning:GetEvaluation", "machinelearning:GetMLModel", "machinelearning:Predict", "machinelearning:UpdateBatchPrediction", "machinelearning:UpdateDataSource", "machinelearning:UpdateEvaluation", "machinelearning:UpdateMLModel", "sdb:BatchDeleteAttributes", "sdb:BatchPutAttributes", "sdb:CreateDomain", "sdb:DeleteAttributes", "sdb:DeleteDomain", "sdb:DomainMetadata", "sdb:GetAttributes", "sdb:ListDomains", "sdb:PutAttributes", "sdb:Select", "rds:AddRoleToDBCluster", "rds:AddRoleToDBInstance", "rds:AddSourceIdentifierToSubscription", "rds:AddTagsToResource", "rds:ApplyPendingMaintenanceAction", "rds:AuthorizeDBSecurityGroupIngress", "rds:BacktrackDBCluster", "rds:CancelExportTask", "rds:CopyDBClusterParameterGroup", "rds:CopyDBClusterSnapshot", "rds:CopyDBParameterGroup", "rds:CopyDBSnapshot", "rds:CopyOptionGroup", "rds:CreateBlueGreenDeployment", "rds:CreateCustomDBEngineVersion", "rds:CreateDBCluster", "rds:CreateDBClusterEndpoint", "rds:CreateDBClusterParameterGroup", "rds:CreateDBClusterSnapshot", "rds:CreateDBInstance", "rds:CreateDBInstanceReadReplica", "rds:CreateDBParameterGroup", "rds:CreateDBProxy", "rds:CreateDBProxyEndpoint", "rds:CreateDBSecurityGroup", "rds:CreateDBShardGroup", "rds:CreateDBSnapshot", "rds:CreateDBSubnetGroup", "rds:CreateEventSubscription", "rds:CreateGlobalCluster", "rds:CreateIntegration", "rds:CreateOptionGroup", "rds:CreateTenantDatabase", "rds:CrossRegionCommunication", "rds:DeleteBlueGreenDeployment", "rds:DeleteCustomDBEngineVersion", "rds:DeleteDBCluster", "rds:DeleteDBClusterAutomatedBackup", "rds:DeleteDBClusterEndpoint", "rds:DeleteDBClusterParameterGroup", "rds:DeleteDBClusterSnapshot", "rds:DeleteDBInstance", "rds:DeleteDBInstanceAutomatedBackup", "rds:DeleteDBParameterGroup", "rds:DeleteDBProxy", "rds:DeleteDBProxyEndpoint", "rds:DeleteDBSecurityGroup", "rds:DeleteDBShardGroup", "rds:DeleteDBSnapshot", "rds:DeleteDBSubnetGroup", "rds:DeleteEventSubscription", "rds:DeleteGlobalCluster", "rds:DeleteIntegration", "rds:DeleteOptionGroup", "rds:DeleteTenantDatabase", "rds:DeregisterDBProxyTargets", "rds:DescribeAccountAttributes", "rds:DescribeBlueGreenDeployments", "rds:DescribeCertificates", "rds:DescribeDBClusterAutomatedBackups", "rds:DescribeDBClusterBacktracks", "rds:DescribeDBClusterEndpoints", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBProxies", "rds:DescribeDBProxyEndpoints", "rds:DescribeDBProxyTargetGroups", "rds:DescribeDBProxyTargets", "rds:DescribeDBRecommendations", "rds:DescribeDBSecurityGroups", "rds:DescribeDBShardGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeDbSnapshotTenantDatabases", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeExportTasks", "rds:DescribeGlobalClusters", "rds:DescribeIntegrations", "rds:DescribeOptionGroupOptions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeRecommendationGroups", "rds:DescribeRecommendations", "rds:DescribeReservedDBInstances", "rds:DescribeReservedDBInstancesOfferings", "rds:DescribeSourceRegions", "rds:DescribeTenantDatabases", "rds:DescribeValidDBInstanceModifications", "rds:DisableHttpEndpoint", "rds:DownloadCompleteDBLogFile", "rds:DownloadDBLogFilePortion", "rds:EnableHttpEndpoint", "rds:FailoverDBCluster", "rds:FailoverGlobalCluster", "rds:ListTagsForResource", "rds:ModifyActivityStream", "rds:ModifyCertificates", "rds:ModifyCurrentDBClusterCapacity", "rds:ModifyCustomDBEngineVersion", "rds:ModifyDBCluster", "rds:ModifyDBClusterEndpoint", "rds:ModifyDBClusterParameterGroup", "rds:ModifyDBClusterSnapshotAttribute", "rds:ModifyDBInstance", "rds:ModifyDBParameterGroup", "rds:ModifyDBProxy", "rds:ModifyDBProxyEndpoint", "rds:ModifyDBProxyTargetGroup", "rds:ModifyDBRecommendation", "rds:ModifyDBShardGroup", "rds:ModifyDBSnapshot", "rds:ModifyDBSnapshotAttribute", "rds:ModifyDBSubnetGroup", "rds:ModifyEventSubscription", "rds:ModifyGlobalCluster", "rds:ModifyIntegration", "rds:ModifyOptionGroup", "rds:ModifyRecommendation", "rds:ModifyTenantDatabase", "rds:PromoteReadReplica", "rds:PromoteReadReplicaDBCluster", "rds:PurchaseReservedDBInstancesOffering", "rds:RebootDBCluster", "rds:RebootDBInstance", "rds:RebootDBShardGroup", "rds:RegisterDBProxyTargets", "rds:RemoveFromGlobalCluster", "rds:RemoveRoleFromDBCluster", "rds:RemoveRoleFromDBInstance", "rds:RemoveSourceIdentifierFromSubscription", "rds:RemoveTagsFromResource", "rds:ResetDBClusterParameterGroup", "rds:ResetDBParameterGroup", "rds:RestoreDBClusterFromS3", "rds:RestoreDBClusterFromSnapshot", "rds:RestoreDBClusterToPointInTime", "rds:RestoreDBInstanceFromDBSnapshot", "rds:RestoreDBInstanceFromS3", "rds:RestoreDBInstanceToPointInTime", "rds:RevokeDBSecurityGroupIngress", "rds:StartActivityStream", "rds:StartDBCluster", "rds:StartDBInstance", "rds:StartDBInstanceAutomatedBackupsReplication", "rds:StartExportTask", "rds:StopActivityStream", "rds:StopDBCluster", "rds:StopDBInstance", "rds:StopDBInstanceAutomatedBackupsReplication", "rds:SwitchoverBlueGreenDeployment", "rds:SwitchoverGlobalCluster", "rds:SwitchoverReadReplica", "sns:ListSubscriptions", "sns:ListTopics", "logs:DescribeLogStreams", "logs:GetLogEvents", "redshift:AcceptReservedNodeExchange", "redshift:AddPartner", "redshift:AssociateDataShareConsumer", "redshift:AuthorizeClusterSecurityGroupIngress", "redshift:AuthorizeDataShare", "redshift:AuthorizeEndpointAccess", "redshift:AuthorizeSnapshotAccess", "redshift:BatchDeleteClusterSnapshots", "redshift:BatchModifyClusterSnapshots", "redshift:CancelQuery", "redshift:CancelQuerySession", "redshift:CancelResize", "redshift:CopyClusterSnapshot", "redshift:CreateAuthenticationProfile", "redshift:CreateCluster", "redshift:CreateClusterParameterGroup", "redshift:CreateClusterSecurityGroup", "redshift:CreateClusterSnapshot", "redshift:CreateClusterSubnetGroup", "redshift:CreateClusterUser", "redshift:CreateCustomDomainAssociation", "redshift:CreateEndpointAccess", "redshift:CreateEventSubscription", "redshift:CreateHsmClientCertificate", "redshift:CreateHsmConfiguration", "redshift:CreateQev2IdcApplication", "redshift:CreateRedshiftIdcApplication", "redshift:CreateSavedQuery", "redshift:CreateScheduledAction", "redshift:CreateSnapshotCopyGrant", "redshift:CreateSnapshotSchedule", "redshift:CreateTags", "redshift:CreateUsageLimit", "redshift:DeauthorizeDataShare", "redshift:DeleteAuthenticationProfile", "redshift:DeleteCluster", "redshift:DeleteClusterParameterGroup", "redshift:DeleteClusterSecurityGroup", "redshift:DeleteClusterSnapshot", "redshift:DeleteClusterSubnetGroup", "redshift:DeleteCustomDomainAssociation", "redshift:DeleteEndpointAccess", "redshift:DeleteEventSubscription", "redshift:DeleteHsmClientCertificate", "redshift:DeleteHsmConfiguration", "redshift:DeletePartner", "redshift:DeleteQev2IdcApplication", "redshift:DeleteRedshiftIdcApplication", "redshift:DeleteResourcePolicy", "redshift:DeleteSavedQueries", "redshift:DeleteScheduledAction", "redshift:DeleteSnapshotCopyGrant", "redshift:DeleteSnapshotSchedule", "redshift:DeleteTags", "redshift:DeleteUsageLimit", "redshift:DescribeAccountAttributes", "redshift:DescribeAuthenticationProfiles", "redshift:DescribeClusterDbRevisions", "redshift:DescribeClusterParameterGroups", "redshift:DescribeClusterParameters", "redshift:DescribeClusterSecurityGroups", "redshift:DescribeClusterSnapshots", "redshift:DescribeClusterSubnetGroups", "redshift:DescribeClusterTracks", "redshift:DescribeClusterVersions", "redshift:DescribeClusters", "redshift:DescribeCustomDomainAssociations", "redshift:DescribeDataShares", "redshift:DescribeDataSharesForConsumer", "redshift:DescribeDataSharesForProducer", "redshift:DescribeDefaultClusterParameters", "redshift:DescribeEndpointAccess", "redshift:DescribeEndpointAuthorization", "redshift:DescribeEventCategories", "redshift:DescribeEventSubscriptions", "redshift:DescribeEvents", "redshift:DescribeHsmClientCertificates", "redshift:DescribeHsmConfigurations", "redshift:DescribeInboundIntegrations", "redshift:DescribeLoggingStatus", "redshift:DescribeNodeConfigurationOptions", "redshift:DescribeOrderableClusterOptions", "redshift:DescribePartners", "redshift:DescribeQev2IdcApplications", "redshift:DescribeQuery", "redshift:DescribeRedshiftIdcApplications", "redshift:DescribeReservedNodeExchangeStatus", "redshift:DescribeReservedNodeOfferings", "redshift:DescribeReservedNodes", "redshift:DescribeResize", "redshift:DescribeSavedQueries", "redshift:DescribeScheduledActions", "redshift:DescribeSnapshotCopyGrants", "redshift:DescribeSnapshotSchedules", "redshift:DescribeStorage", "redshift:DescribeTable", "redshift:DescribeTableRestoreStatus", "redshift:DescribeTags", "redshift:DescribeUsageLimits", "redshift:DisableLogging", "redshift:DisableSnapshotCopy", "redshift:DisassociateDataShareConsumer", "redshift:EnableLogging", "redshift:EnableSnapshotCopy", "redshift:ExecuteQuery", "redshift:FailoverPrimaryCompute", "redshift:FetchResults", "redshift:GetClusterCredentials", "redshift:GetClusterCredentialsWithIAM", "redshift:GetReservedNodeExchangeConfigurationOptions", "redshift:GetReservedNodeExchangeOfferings", "redshift:GetResourcePolicy", "redshift:JoinGroup", "redshift:ListDatabases", "redshift:ListRecommendations", "redshift:ListSavedQueries", "redshift:ListSchemas", "redshift:ListTables", "redshift:ModifyAquaConfiguration", "redshift:ModifyAuthenticationProfile", "redshift:ModifyCluster", "redshift:ModifyClusterDbRevision", "redshift:ModifyClusterIamRoles", "redshift:ModifyClusterMaintenance", "redshift:ModifyClusterParameterGroup", "redshift:ModifyClusterSnapshot", "redshift:ModifyClusterSnapshotSchedule", "redshift:ModifyClusterSubnetGroup", "redshift:ModifyCustomDomainAssociation", "redshift:ModifyEndpointAccess", "redshift:ModifyEventSubscription", "redshift:ModifyQev2IdcApplication", "redshift:ModifyRedshiftIdcApplication", "redshift:ModifySavedQuery", "redshift:ModifyScheduledAction", "redshift:ModifySnapshotCopyRetentionPeriod", "redshift:ModifySnapshotSchedule", "redshift:ModifyUsageLimit", "redshift:PauseCluster", "redshift:PurchaseReservedNodeOffering", "redshift:PutResourcePolicy", "redshift:RebootCluster", "redshift:RejectDataShare", "redshift:ResetClusterParameterGroup", "redshift:ResizeCluster", "redshift:RestoreFromClusterSnapshot", "redshift:RestoreTableFromClusterSnapshot", "redshift:ResumeCluster", "redshift:RevokeClusterSecurityGroupIngress", "redshift:RevokeEndpointAccess", "redshift:RevokeSnapshotAccess", "redshift:RotateEncryptionKey", "redshift:UpdatePartnerStatus", "redshift:ViewQueriesFromConsole", "redshift:ViewQueriesInConsole", "s3:CreateBucket", "sns:CreateTopic", "sns:GetDataProtectionPolicy", "sns:GetEndpointAttributes", "sns:GetPlatformApplicationAttributes", "sns:GetSMSAttributes", "sns:GetSMSSandboxAccountStatus", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:ListEndpointsByPlatformApplication", "sns:ListOriginationNumbers", "sns:ListPhoneNumbersOptedOut", "sns:ListPlatformApplications", "sns:ListSMSSandboxPhoneNumbers", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "s3:AbortMultipartUpload", "s3:DeleteObject", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:PutAccelerateConfiguration", "s3:PutBucketCORS", "s3:PutBucketLogging", "s3:PutBucketNotification", "s3:PutBucketTagging", "s3:PutObject", "s3:ReplicateDelete", "s3:ReplicateObject", "s3:ReplicateTags", "s3:RestoreObject", "ec2:RunInstances", "ec2:TerminateInstances", "iam:PassRole", "iam:PassRole", "sagemaker:AddAssociation", "sagemaker:AddTags", "sagemaker:AssociateTrialComponent", "sagemaker:BatchDescribeModelPackage", "sagemaker:BatchGetMetrics", "sagemaker:BatchGetRecord", "sagemaker:BatchPutMetrics", "sagemaker:CreateAction", "sagemaker:CreateAlgorithm", "sagemaker:CreateApp", "sagemaker:CreateAppImageConfig", "sagemaker:CreateArtifact", "sagemaker:CreateAutoMLJob", "sagemaker:CreateAutoMLJobV2", "sagemaker:CreateCluster", "sagemaker:CreateCodeRepository", "sagemaker:CreateCompilationJob", "sagemaker:CreateContext", "sagemaker:CreateDataQualityJobDefinition", "sagemaker:CreateDeviceFleet", "sagemaker:CreateDomain", "sagemaker:CreateEdgeDeploymentPlan", "sagemaker:CreateEdgeDeploymentStage", "sagemaker:CreateEdgePackagingJob", "sagemaker:CreateEndpoint", "sagemaker:CreateEndpointConfig", "sagemaker:CreateExperiment", "sagemaker:CreateFeatureGroup", "sagemaker:CreateFlowDefinition", "sagemaker:CreateHub", "sagemaker:CreateHumanTaskUi", "sagemaker:CreateHyperParameterTuningJob", "sagemaker:CreateImage", "sagemaker:CreateImageVersion", "sagemaker:CreateInferenceComponent", "sagemaker:CreateInferenceExperiment", "sagemaker:CreateInferenceRecommendationsJob", "sagemaker:CreateLabelingJob", "sagemaker:CreateLineageGroupPolicy", "sagemaker:CreateModel", "sagemaker:CreateModelBiasJobDefinition", "sagemaker:CreateModelCard", "sagemaker:CreateModelCardExportJob", "sagemaker:CreateModelExplainabilityJobDefinition", "sagemaker:CreateModelPackage", "sagemaker:CreateModelPackageGroup", "sagemaker:CreateModelQualityJobDefinition", "sagemaker:CreateMonitoringSchedule", "sagemaker:CreateNotebookInstance", "sagemaker:CreateNotebookInstanceLifecycleConfig", "sagemaker:CreatePipeline", "sagemaker:CreatePresignedDomainUrl", "sagemaker:CreatePresignedNotebookInstanceUrl", "sagemaker:CreateProcessingJob", "sagemaker:CreateProject", "sagemaker:CreateSharedModel", "sagemaker:CreateSpace", "sagemaker:CreateStudioLifecycleConfig", "sagemaker:CreateTrainingJob", "sagemaker:CreateTransformJob", "sagemaker:CreateTrial", "sagemaker:CreateTrialComponent", "sagemaker:CreateUserProfile", "sagemaker:CreateWorkforce", "sagemaker:CreateWorkteam", "sagemaker:DeleteAction", "sagemaker:DeleteAlgorithm", "sagemaker:DeleteApp", "sagemaker:DeleteAppImageConfig", "sagemaker:DeleteArtifact", "sagemaker:DeleteAssociation", "sagemaker:DeleteCluster", "sagemaker:DeleteCodeRepository", "sagemaker:DeleteCompilationJob", "sagemaker:DeleteContext", "sagemaker:DeleteDataQualityJobDefinition", "sagemaker:DeleteDeviceFleet", "sagemaker:DeleteDomain", "sagemaker:DeleteEdgeDeploymentPlan", "sagemaker:DeleteEdgeDeploymentStage", "sagemaker:DeleteEndpoint", "sagemaker:DeleteEndpointConfig", "sagemaker:DeleteExperiment", "sagemaker:DeleteFeatureGroup", "sagemaker:DeleteFlowDefinition", "sagemaker:DeleteHub", "sagemaker:DeleteHubContent", "sagemaker:DeleteHumanLoop", "sagemaker:DeleteHumanTaskUi", "sagemaker:DeleteHyperParameterTuningJob", "sagemaker:DeleteImage", "sagemaker:DeleteImageVersion", "sagemaker:DeleteInferenceComponent", "sagemaker:DeleteInferenceExperiment", "sagemaker:DeleteLineageGroupPolicy", "sagemaker:DeleteModel", "sagemaker:DeleteModelBiasJobDefinition", "sagemaker:DeleteModelCard", "sagemaker:DeleteModelExplainabilityJobDefinition", "sagemaker:DeleteModelPackage", "sagemaker:DeleteModelPackageGroup", "sagemaker:DeleteModelPackageGroupPolicy", "sagemaker:DeleteModelQualityJobDefinition", "sagemaker:DeleteMonitoringSchedule", "sagemaker:DeleteNotebookInstance", "sagemaker:DeleteNotebookInstanceLifecycleConfig", "sagemaker:DeletePipeline", "sagemaker:DeleteProject", "sagemaker:DeleteRecord", "sagemaker:DeleteResourcePolicy", "sagemaker:DeleteSpace", "sagemaker:DeleteStudioLifecycleConfig", "sagemaker:DeleteTags", "sagemaker:DeleteTrial", "sagemaker:DeleteTrialComponent", "sagemaker:DeleteUserProfile", "sagemaker:DeleteWorkforce", "sagemaker:DeleteWorkteam", "sagemaker:DeregisterDevices", "sagemaker:DescribeAction", "sagemaker:DescribeAlgorithm", "sagemaker:DescribeApp", "sagemaker:DescribeAppImageConfig", "sagemaker:DescribeArtifact", "sagemaker:DescribeAutoMLJob", "sagemaker:DescribeAutoMLJobV2", "sagemaker:DescribeCluster", "sagemaker:DescribeClusterNode", "sagemaker:DescribeCodeRepository", "sagemaker:DescribeCompilationJob", "sagemaker:DescribeContext", "sagemaker:DescribeDataQualityJobDefinition", "sagemaker:DescribeDevice", "sagemaker:DescribeDeviceFleet", "sagemaker:DescribeDomain", "sagemaker:DescribeEdgeDeploymentPlan", "sagemaker:DescribeEdgePackagingJob", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeExperiment", "sagemaker:DescribeFeatureGroup", "sagemaker:DescribeFeatureMetadata", "sagemaker:DescribeFlowDefinition", "sagemaker:DescribeHub", "sagemaker:DescribeHubContent", "sagemaker:DescribeHumanLoop", "sagemaker:DescribeHumanTaskUi", "sagemaker:DescribeHyperParameterTuningJob", "sagemaker:DescribeImage", "sagemaker:DescribeImageVersion", "sagemaker:DescribeInferenceComponent", "sagemaker:DescribeInferenceExperiment", "sagemaker:DescribeInferenceRecommendationsJob", "sagemaker:DescribeLabelingJob", "sagemaker:DescribeLineageGroup", "sagemaker:DescribeModel", "sagemaker:DescribeModelBiasJobDefinition", "sagemaker:DescribeModelCard", "sagemaker:DescribeModelCardExportJob", "sagemaker:DescribeModelExplainabilityJobDefinition", "sagemaker:DescribeModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:DescribeModelQualityJobDefinition", "sagemaker:DescribeMonitoringSchedule", "sagemaker:DescribeNotebookInstance", "sagemaker:DescribeNotebookInstanceLifecycleConfig", "sagemaker:DescribePipeline", "sagemaker:DescribePipelineDefinitionForExecution", "sagemaker:DescribePipelineExecution", "sagemaker:DescribeProcessingJob", "sagemaker:DescribeProject", "sagemaker:DescribeSharedModel", "sagemaker:DescribeSpace", "sagemaker:DescribeStudioLifecycleConfig", "sagemaker:DescribeSubscribedWorkteam", "sagemaker:DescribeTrainingJob", "sagemaker:DescribeTransformJob", "sagemaker:DescribeTrial", "sagemaker:DescribeTrialComponent", "sagemaker:DescribeUserProfile", "sagemaker:DescribeWorkforce", "sagemaker:DescribeWorkteam", "sagemaker:DisableSagemakerServicecatalogPortfolio", "sagemaker:DisassociateTrialComponent", "sagemaker:EnableSagemakerServicecatalogPortfolio", "sagemaker:GetDeployments", "sagemaker:GetDeviceFleetReport", "sagemaker:GetDeviceRegistration", "sagemaker:GetLineageGroupPolicy", "sagemaker:GetModelPackageGroupPolicy", "sagemaker:GetRecord", "sagemaker:GetResourcePolicy", "sagemaker:GetSagemakerServicecatalogPortfolioStatus", "sagemaker:GetScalingConfigurationRecommendation", "sagemaker:GetSearchSuggestions", "sagemaker:ImportHubContent", "sagemaker:InvokeEndpoint", "sagemaker:InvokeEndpointAsync", "sagemaker:InvokeEndpointWithResponseStream", "sagemaker:ListActions", "sagemaker:ListAlgorithms", "sagemaker:ListAliases", "sagemaker:ListAppImageConfigs", "sagemaker:ListApps", "sagemaker:ListArtifacts", "sagemaker:ListAssociations", "sagemaker:ListAutoMLJobs", "sagemaker:ListCandidatesForAutoMLJob", "sagemaker:ListClusterNodes", "sagemaker:ListClusters", "sagemaker:ListCodeRepositories", "sagemaker:ListCompilationJobs", "sagemaker:ListContexts", "sagemaker:ListDataQualityJobDefinitions", "sagemaker:ListDeviceFleets", "sagemaker:ListDevices", "sagemaker:ListDomains", "sagemaker:ListEdgeDeploymentPlans", "sagemaker:ListEdgePackagingJobs", "sagemaker:ListEndpointConfigs", "sagemaker:ListEndpoints", "sagemaker:ListExperiments", "sagemaker:ListFeatureGroups", "sagemaker:ListFlowDefinitions", "sagemaker:ListHubContentVersions", "sagemaker:ListHubContents", "sagemaker:ListHubs", "sagemaker:ListHumanLoops", "sagemaker:ListHumanTaskUis", "sagemaker:ListHyperParameterTuningJobs", "sagemaker:ListImageVersions", "sagemaker:ListImages", "sagemaker:ListInferenceComponents", "sagemaker:ListInferenceExperiments", "sagemaker:ListInferenceRecommendationsJobSteps", "sagemaker:ListInferenceRecommendationsJobs", "sagemaker:ListLabelingJobs", "sagemaker:ListLabelingJobsForWorkteam", "sagemaker:ListLineageGroups", "sagemaker:ListModelBiasJobDefinitions", "sagemaker:ListModelCardExportJobs", "sagemaker:ListModelCardVersions", "sagemaker:ListModelCards", "sagemaker:ListModelExplainabilityJobDefinitions", "sagemaker:ListModelMetadata", "sagemaker:ListModelPackageGroups", "sagemaker:ListModelPackages", "sagemaker:ListModelQualityJobDefinitions", "sagemaker:ListModels", "sagemaker:ListMonitoringAlertHistory", "sagemaker:ListMonitoringAlerts", "sagemaker:ListMonitoringExecutions", "sagemaker:ListMonitoringSchedules", "sagemaker:ListNotebookInstanceLifecycleConfigs", "sagemaker:ListNotebookInstances", "sagemaker:ListPipelineExecutionSteps", "sagemaker:ListPipelineExecutions", "sagemaker:ListPipelineParametersForExecution", "sagemaker:ListPipelines", "sagemaker:ListProcessingJobs", "sagemaker:ListProjects", "sagemaker:ListResourceCatalogs", "sagemaker:ListSharedModelEvents", "sagemaker:ListSharedModelVersions", "sagemaker:ListSharedModels", "sagemaker:ListSpaces", "sagemaker:ListStageDevices", "sagemaker:ListStudioLifecycleConfigs", "sagemaker:ListSubscribedWorkteams", "sagemaker:ListTags", "sagemaker:ListTrainingJobs", "sagemaker:ListTrainingJobsForHyperParameterTuningJob", "sagemaker:ListTransformJobs", "sagemaker:ListTrialComponents", "sagemaker:ListTrials", "sagemaker:ListUserProfiles", "sagemaker:ListWorkforces", "sagemaker:ListWorkteams", "sagemaker:PutLineageGroupPolicy", "sagemaker:PutModelPackageGroupPolicy", "sagemaker:PutRecord", "sagemaker:PutResourcePolicy", "sagemaker:QueryLineage", "sagemaker:RegisterDevices", "sagemaker:RenderUiTemplate", "sagemaker:RetryPipelineExecution", "sagemaker:Search", "sagemaker:SendHeartbeat", "sagemaker:SendPipelineExecutionStepFailure", "sagemaker:SendPipelineExecutionStepSuccess", "sagemaker:SendSharedModelEvent", "sagemaker:StartEdgeDeploymentStage", "sagemaker:StartHumanLoop", "sagemaker:StartInferenceExperiment", "sagemaker:StartMonitoringSchedule", "sagemaker:StartNotebookInstance", "sagemaker:StartPipelineExecution", "sagemaker:StopAutoMLJob", "sagemaker:StopCompilationJob", "sagemaker:StopEdgeDeploymentStage", "sagemaker:StopEdgePackagingJob", "sagemaker:StopHumanLoop", "sagemaker:StopHyperParameterTuningJob", "sagemaker:StopInferenceExperiment", "sagemaker:StopInferenceRecommendationsJob", "sagemaker:StopLabelingJob", "sagemaker:StopMonitoringSchedule", "sagemaker:StopNotebookInstance", "sagemaker:StopPipelineExecution", "sagemaker:StopProcessingJob", "sagemaker:StopTrainingJob", "sagemaker:StopTransformJob", "sagemaker:UpdateAction", "sagemaker:UpdateAppImageConfig", "sagemaker:UpdateArtifact", "sagemaker:UpdateCluster", "sagemaker:UpdateClusterSoftware", "sagemaker:UpdateCodeRepository", "sagemaker:UpdateContext", "sagemaker:UpdateDeviceFleet", "sagemaker:UpdateDevices", "sagemaker:UpdateDomain", "sagemaker:UpdateEndpoint", "sagemaker:UpdateEndpointWeightsAndCapacities", "sagemaker:UpdateExperiment", "sagemaker:UpdateFeatureGroup", "sagemaker:UpdateFeatureMetadata", "sagemaker:UpdateHub", "sagemaker:UpdateImage", "sagemaker:UpdateImageVersion", "sagemaker:UpdateInferenceComponent", "sagemaker:UpdateInferenceComponentRuntimeConfig", "sagemaker:UpdateInferenceExperiment", "sagemaker:UpdateModelCard", "sagemaker:UpdateModelPackage", "sagemaker:UpdateMonitoringAlert", "sagemaker:UpdateMonitoringSchedule", "sagemaker:UpdateNotebookInstance", "sagemaker:UpdateNotebookInstanceLifecycleConfig", "sagemaker:UpdatePipeline", "sagemaker:UpdatePipelineExecution", "sagemaker:UpdateProject", "sagemaker:UpdateSharedModel", "sagemaker:UpdateSpace", "sagemaker:UpdateTrainingJob", "sagemaker:UpdateTrial", "sagemaker:UpdateTrialComponent", "sagemaker:UpdateUserProfile", "sagemaker:UpdateWorkforce", "sagemaker:UpdateWorkteam", "sagemaker:CreatePresignedDomainUrl", "sagemaker:DescribeDomain", "sagemaker:ListDomains", "sagemaker:DescribeUserProfile", "sagemaker:ListUserProfiles", "sagemaker:CreateApp", "sagemaker:DeleteApp", "sagemaker:DescribeApp", "sagemaker:ListApps", "sagemaker:CreateFlowDefinition", "sagemaker:DeleteFlowDefinition", "sagemaker:DescribeFlowDefinition", "sagemaker:ListFlowDefinitions" ], "malformed": false, "name": "DataScientist", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-12-03T16:48:34+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSSSODirectoryAdministrator", "createdate": "2022-10-20T20:34:07Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "sso-directory:AddMemberToGroup", "sso-directory:CompleteVirtualMfaDeviceRegistration", "sso-directory:CompleteWebAuthnDeviceRegistration", "sso-directory:CreateAlias", "sso-directory:CreateBearerToken", "sso-directory:CreateExternalIdPConfigurationForDirectory", "sso-directory:CreateGroup", "sso-directory:CreateProvisioningTenant", "sso-directory:CreateUser", "sso-directory:DeleteBearerToken", "sso-directory:DeleteExternalIdPCertificate", "sso-directory:DeleteExternalIdPConfigurationForDirectory", "sso-directory:DeleteGroup", "sso-directory:DeleteMfaDeviceForUser", "sso-directory:DeleteProvisioningTenant", "sso-directory:DeleteUser", "sso-directory:DescribeDirectory", "sso-directory:DescribeGroup", "sso-directory:DescribeGroups", "sso-directory:DescribeProvisioningTenant", "sso-directory:DescribeUser", "sso-directory:DescribeUserByUniqueAttribute", "sso-directory:DescribeUsers", "sso-directory:DisableExternalIdPConfigurationForDirectory", "sso-directory:DisableUser", "sso-directory:EnableExternalIdPConfigurationForDirectory", "sso-directory:EnableUser", "sso-directory:GetAWSSPConfigurationForDirectory", "sso-directory:GetUserPoolInfo", "sso-directory:ImportExternalIdPCertificate", "sso-directory:IsMemberInGroup", "sso-directory:ListBearerTokens", "sso-directory:ListExternalIdPCertificates", "sso-directory:ListExternalIdPConfigurationsForDirectory", "sso-directory:ListGroupsForMember", "sso-directory:ListGroupsForUser", "sso-directory:ListMembersInGroup", "sso-directory:ListMfaDevicesForUser", "sso-directory:ListProvisioningTenants", "sso-directory:RemoveMemberFromGroup", "sso-directory:SearchGroups", "sso-directory:SearchUsers", "sso-directory:StartVirtualMfaDeviceRegistration", "sso-directory:StartWebAuthnDeviceRegistration", "sso-directory:UpdateExternalIdPConfigurationForDirectory", "sso-directory:UpdateGroup", "sso-directory:UpdateGroupDisplayName", "sso-directory:UpdateMfaDeviceForUser", "sso-directory:UpdatePassword", "sso-directory:UpdateUser", "sso-directory:UpdateUserName", "sso-directory:VerifyEmail", "identitystore:CreateGroup", "identitystore:CreateGroupMembership", "identitystore:CreateUser", "identitystore:DeleteGroup", "identitystore:DeleteGroupMembership", "identitystore:DeleteUser", "identitystore:DescribeGroup", "identitystore:DescribeGroupMembership", "identitystore:DescribeUser", "identitystore:GetGroupId", "identitystore:GetGroupMembershipId", "identitystore:GetUserId", "identitystore:IsMemberInGroups", "identitystore:ListGroupMemberships", "identitystore:ListGroupMembershipsForMember", "identitystore:ListGroups", "identitystore:ListUsers", "identitystore:UpdateGroup", "identitystore:UpdateUser", "identitystore-auth:BatchDeleteSession", "identitystore-auth:BatchGetSession", "identitystore-auth:ListSessions", "sso:ListDirectoryAssociations" ], "malformed": false, "name": "AWSSSODirectoryAdministrator", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-10-20T20:34:07+00:00", "version": "v4" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/DynamoDBCloudWatchContributorInsightsServiceRolePolicy", "createdate": "2019-11-15T21:13:58Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:DeleteInsightRules", "cloudwatch:PutInsightRule", "cloudwatch:DescribeInsightRules" ], "malformed": false, "name": "DynamoDBCloudWatchContributorInsightsServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-11-15T21:13:58+00:00", "version": "v1" }, { "access_levels": [], "arn": "arn:aws:iam::aws:policy/AWSDenyAll", "createdate": "2023-12-18T16:42:05Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [], "malformed": false, "name": "AWSDenyAll", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-18T16:42:05+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSImportExportReadOnlyAccess", "createdate": "2015-02-06T18:40:42Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "importexport:ListJobs", "importexport:GetStatus" ], "malformed": false, "name": "AWSImportExportReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:40:42+00:00", "version": "v1" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/MemoryDBServiceRolePolicy", "createdate": "2021-08-18T23:48:16Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateTags", "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:ModifyNetworkInterfaceAttribute", "ec2:DeleteNetworkInterface", "ec2:ModifyNetworkInterfaceAttribute", "ec2:DescribeSecurityGroups", "ec2:DescribeNetworkInterfaces", "ec2:DescribeAvailabilityZones", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "cloudwatch:PutMetricData" ], "malformed": false, "name": "MemoryDBServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-08-18T23:48:16+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSProtonSyncServiceRolePolicy", "createdate": "2021-11-23T21:14:36Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "proton:UpdateServiceTemplateVersion", "proton:UpdateServiceTemplate", "proton:UpdateEnvironmentTemplateVersion", "proton:UpdateEnvironmentTemplate", "proton:GetServiceTemplateVersion", "proton:GetServiceTemplate", "proton:GetEnvironmentTemplateVersion", "proton:GetEnvironmentTemplate", "proton:DeleteServiceTemplateVersion", "proton:DeleteEnvironmentTemplateVersion", "proton:CreateServiceTemplateVersion", "proton:CreateServiceTemplate", "proton:CreateEnvironmentTemplateVersion", "proton:CreateEnvironmentTemplate", "proton:ListEnvironmentTemplateVersions", "proton:ListServiceTemplateVersions", "proton:CreateEnvironmentTemplateMajorVersion", "proton:CreateServiceTemplateMajorVersion", "codestar-connections:UseConnection" ], "malformed": false, "name": "AWSProtonSyncServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-11-23T21:14:36+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonHoneycodeFullAccess", "createdate": "2020-06-24T20:28:11Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "honeycode:ApproveTeamAssociation", "honeycode:BatchCreateTableRows", "honeycode:BatchDeleteTableRows", "honeycode:BatchUpdateTableRows", "honeycode:BatchUpsertTableRows", "honeycode:CreateTeam", "honeycode:CreateTenant", "honeycode:DeleteDomains", "honeycode:DeregisterGroups", "honeycode:DescribeTableDataImportJob", "honeycode:DescribeTeam", "honeycode:GetScreenData", "honeycode:InvokeScreenAutomation", "honeycode:ListDomains", "honeycode:ListGroups", "honeycode:ListTableColumns", "honeycode:ListTableRows", "honeycode:ListTables", "honeycode:ListTagsForResource", "honeycode:ListTeamAssociations", "honeycode:ListTenants", "honeycode:QueryTableRows", "honeycode:RegisterDomainForVerification", "honeycode:RegisterGroups", "honeycode:RejectTeamAssociation", "honeycode:RestartDomainVerification", "honeycode:StartTableDataImportJob", "honeycode:TagResource", "honeycode:UntagResource", "honeycode:UpdateTeam" ], "malformed": false, "name": "AmazonHoneycodeFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-06-24T20:28:11+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/KafkaServiceRolePolicy", "createdate": "2023-04-28T00:39:35Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateNetworkInterface", "ec2:DescribeNetworkInterfaces", "ec2:CreateNetworkInterfacePermission", "ec2:AttachNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:DetachNetworkInterface", "ec2:DescribeVpcEndpoints", "acm-pca:GetCertificateAuthorityCertificate", "secretsmanager:ListSecrets", "ec2:ModifyVpcEndpoint", "ec2:DeleteVpcEndpoints", "ec2:ModifyVpcEndpoint", "secretsmanager:GetResourcePolicy", "secretsmanager:PutResourcePolicy", "secretsmanager:DeleteResourcePolicy", "secretsmanager:DescribeSecret" ], "malformed": false, "name": "KafkaServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-28T00:39:35+00:00", "version": "v4" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonMechanicalTurkReadOnly", "createdate": "2019-09-25T21:06:26Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mechanicalturk:GetAccountBalance", "mechanicalturk:GetAssignment", "mechanicalturk:GetFileUploadURL", "mechanicalturk:GetHIT", "mechanicalturk:GetQualificationScore", "mechanicalturk:GetQualificationType", "mechanicalturk:ListAssignmentsForHIT", "mechanicalturk:ListBonusPayments", "mechanicalturk:ListHITs", "mechanicalturk:ListHITsForQualificationType", "mechanicalturk:ListQualificationRequests", "mechanicalturk:ListQualificationTypes", "mechanicalturk:ListReviewPolicyResultsForHIT", "mechanicalturk:ListReviewableHITs", "mechanicalturk:ListWorkerBlocks", "mechanicalturk:ListWorkersWithQualificationType" ], "malformed": false, "name": "AmazonMechanicalTurkReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-09-25T21:06:26+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSBudgetsActionsWithAWSResourceControlAccess", "createdate": "2020-10-15T17:19:12Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "budgets:CreateBudgetAction", "budgets:DeleteBudgetAction", "budgets:DescribeBudgetAction", "budgets:DescribeBudgetActionHistories", "budgets:DescribeBudgetActionsForAccount", "budgets:DescribeBudgetActionsForBudget", "budgets:ExecuteBudgetAction", "budgets:ModifyBudget", "budgets:UpdateBudgetAction", "budgets:ViewBudget", "aws-portal:ViewBilling", "iam:PassRole", "aws-portal:ModifyBilling", "ec2:DescribeInstances", "iam:ListGroups", "iam:ListPolicies", "iam:ListRoles", "iam:ListUsers", "organizations:ListAccounts", "organizations:ListOrganizationalUnitsForParent", "organizations:ListPolicies", "organizations:ListRoots", "rds:DescribeDBInstances", "sns:ListTopics" ], "malformed": false, "name": "AWSBudgetsActionsWithAWSResourceControlAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-10-15T17:19:12+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/CloudTrailServiceRolePolicy", "createdate": "2023-11-27T01:18:10Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudtrail:AddTags", "cloudtrail:CancelQuery", "cloudtrail:CreateChannel", "cloudtrail:CreateEventDataStore", "cloudtrail:CreateServiceLinkedChannel", "cloudtrail:CreateTrail", "cloudtrail:DeleteChannel", "cloudtrail:DeleteEventDataStore", "cloudtrail:DeleteResourcePolicy", "cloudtrail:DeleteServiceLinkedChannel", "cloudtrail:DeleteTrail", "cloudtrail:DeregisterOrganizationDelegatedAdmin", "cloudtrail:DescribeQuery", "cloudtrail:DescribeTrails", "cloudtrail:DisableFederation", "cloudtrail:EnableFederation", "cloudtrail:GetChannel", "cloudtrail:GetEventDataStore", "cloudtrail:GetEventDataStoreData", "cloudtrail:GetEventSelectors", "cloudtrail:GetImport", "cloudtrail:GetInsightSelectors", "cloudtrail:GetQueryResults", "cloudtrail:GetResourcePolicy", "cloudtrail:GetServiceLinkedChannel", "cloudtrail:GetTrail", "cloudtrail:GetTrailStatus", "cloudtrail:ListChannels", "cloudtrail:ListEventDataStores", "cloudtrail:ListImportFailures", "cloudtrail:ListImports", "cloudtrail:ListPublicKeys", "cloudtrail:ListQueries", "cloudtrail:ListServiceLinkedChannels", "cloudtrail:ListTags", "cloudtrail:ListTrails", "cloudtrail:LookupEvents", "cloudtrail:PutEventSelectors", "cloudtrail:PutInsightSelectors", "cloudtrail:PutResourcePolicy", "cloudtrail:RegisterOrganizationDelegatedAdmin", "cloudtrail:RemoveTags", "cloudtrail:RestoreEventDataStore", "cloudtrail:StartEventDataStoreIngestion", "cloudtrail:StartImport", "cloudtrail:StartLogging", "cloudtrail:StartQuery", "cloudtrail:StopEventDataStoreIngestion", "cloudtrail:StopImport", "cloudtrail:StopLogging", "cloudtrail:UpdateChannel", "cloudtrail:UpdateEventDataStore", "cloudtrail:UpdateServiceLinkedChannel", "cloudtrail:UpdateTrail", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListAccounts", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListDelegatedAdministrators", "glue:DeleteTable", "lakeformation:DeregisterResource" ], "malformed": false, "name": "CloudTrailServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-27T01:18:10+00:00", "version": "v3" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/AWSProtonCodeBuildProvisioningBasicAccess", "createdate": "2022-11-09T21:04:16Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:CreateLogStream", "logs:CreateLogGroup", "logs:PutLogEvents", "proton:NotifyResourceDeploymentStatusChange" ], "malformed": false, "name": "AWSProtonCodeBuildProvisioningBasicAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-09T21:04:16+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSCleanRoomsFullAccessNoQuerying", "createdate": "2023-07-31T20:03:50Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cleanrooms:BatchGetCollaborationAnalysisTemplate", "cleanrooms:BatchGetSchema", "cleanrooms:CreateAnalysisTemplate", "cleanrooms:CreateCollaboration", "cleanrooms:CreateConfiguredTable", "cleanrooms:CreateConfiguredTableAnalysisRule", "cleanrooms:CreateConfiguredTableAssociation", "cleanrooms:CreateMembership", "cleanrooms:DeleteAnalysisTemplate", "cleanrooms:DeleteCollaboration", "cleanrooms:DeleteConfiguredTable", "cleanrooms:DeleteConfiguredTableAnalysisRule", "cleanrooms:DeleteConfiguredTableAssociation", "cleanrooms:DeleteMember", "cleanrooms:DeleteMembership", "cleanrooms:GetAnalysisTemplate", "cleanrooms:GetCollaborationAnalysisTemplate", "cleanrooms:GetCollaboration", "cleanrooms:GetConfiguredTable", "cleanrooms:GetConfiguredTableAnalysisRule", "cleanrooms:GetConfiguredTableAssociation", "cleanrooms:GetMembership", "cleanrooms:GetProtectedQuery", "cleanrooms:GetSchema", "cleanrooms:GetSchemaAnalysisRule", "cleanrooms:ListAnalysisTemplates", "cleanrooms:ListCollaborationAnalysisTemplates", "cleanrooms:ListCollaborations", "cleanrooms:ListConfiguredTableAssociations", "cleanrooms:ListConfiguredTables", "cleanrooms:ListMembers", "cleanrooms:ListMemberships", "cleanrooms:ListProtectedQueries", "cleanrooms:ListSchemas", "cleanrooms:UpdateAnalysisTemplate", "cleanrooms:UpdateCollaboration", "cleanrooms:UpdateConfiguredTable", "cleanrooms:UpdateConfiguredTableAnalysisRule", "cleanrooms:UpdateConfiguredTableAssociation", "cleanrooms:UpdateMembership", "cleanrooms:ListTagsForResource", "cleanrooms:UntagResource", "cleanrooms:TagResource", "iam:PassRole", "iam:ListRoles", "iam:GetRole", "iam:ListRolePolicies", "iam:ListAttachedRolePolicies", "iam:ListPolicies", "iam:GetPolicy", "iam:GetPolicyVersion", "glue:GetDatabase", "glue:GetDatabases", "glue:GetTable", "glue:GetTables", "glue:GetPartition", "glue:GetPartitions", "glue:GetSchema", "glue:GetSchemaVersion", "glue:BatchGetPartition", "logs:CreateLogDelivery", "logs:GetLogDelivery", "logs:UpdateLogDelivery", "logs:DeleteLogDelivery", "logs:ListLogDeliveries", "logs:DescribeLogGroups", "logs:CreateLogGroup", "logs:DescribeResourcePolicies", "logs:PutResourcePolicy", "logs:StartQuery", "logs:GetQueryResults" ], "malformed": false, "name": "AWSCleanRoomsFullAccessNoQuerying", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-07-31T20:03:50+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/FMSServiceRolePolicy", "createdate": "2024-04-22T19:12:13Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "waf:UpdateWebACL", "waf:DeleteWebACL", "waf:GetWebACL", "waf:GetRuleGroup", "waf:ListSubscribedRuleGroups", "waf-regional:UpdateWebACL", "waf-regional:DeleteWebACL", "waf-regional:GetWebACL", "waf-regional:GetRuleGroup", "waf-regional:ListSubscribedRuleGroups", "waf-regional:ListResourcesForWebACL", "waf-regional:AssociateWebACL", "waf-regional:DisassociateWebACL", "elasticloadbalancing:SetWebAcl", "apigateway:SetWebACL", "elasticloadbalancing:SetSecurityGroups", "waf:ListTagsForResource", "waf-regional:ListTagsForResource", "wafv2:PutLoggingConfiguration", "wafv2:GetLoggingConfiguration", "wafv2:ListLoggingConfigurations", "wafv2:DeleteLoggingConfiguration", "waf:CreateWebACL", "waf-regional:CreateWebACL", "waf:GetChangeToken", "waf-regional:GetChangeToken", "waf-regional:GetWebACLForResource", "elasticloadbalancing:ApplySecurityGroupsToLoadBalancer", "elasticloadbalancing:DescribeTags", "waf:PutPermissionPolicy", "waf:GetPermissionPolicy", "waf:DeletePermissionPolicy", "waf-regional:PutPermissionPolicy", "waf-regional:GetPermissionPolicy", "waf-regional:DeletePermissionPolicy", "cloudfront:GetDistribution", "cloudfront:UpdateDistribution", "cloudfront:ListDistributionsByWebACLId", "cloudfront:ListDistributions", "cloudfront:ListTagsForResource", "config:DeleteConfigRule", "config:GetComplianceDetailsByConfigRule", "config:PutConfigRule", "config:StartConfigRulesEvaluation", "config:DeleteEvaluationResults", "config:DescribeComplianceByConfigRule", "config:DescribeConfigurationRecorders", "config:DescribeConfigurationRecorderStatus", "config:DescribeConfigRules", "config:DescribeConfigRuleEvaluationStatus", "config:PutConfigurationRecorder", "config:StartConfigurationRecorder", "config:PutDeliveryChannel", "config:DescribeDeliveryChannels", "config:DescribeDeliveryChannelStatus", "config:GetComplianceSummaryByConfigRule", "config:GetDiscoveredResourceCounts", "config:PutEvaluations", "config:SelectResourceConfig", "iam:DeleteServiceLinkedRole", "iam:GetServiceLinkedRoleDeletionStatus", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListAccounts", "organizations:DescribeOrganizationalUnit", "organizations:ListChildren", "organizations:ListRoots", "organizations:ListParents", "organizations:ListOrganizationalUnitsForParent", "organizations:ListAWSServiceAccessForOrganization", "shield:CreateProtection", "shield:DeleteProtection", "shield:DescribeProtection", "shield:ListProtections", "shield:ListAttacks", "shield:CreateSubscription", "shield:DescribeSubscription", "shield:GetSubscriptionState", "shield:DescribeDRTAccess", "shield:DescribeEmergencyContactSettings", "shield:UpdateEmergencyContactSettings", "elasticloadbalancing:DescribeLoadBalancers", "ec2:DescribeAddresses", "shield:EnableApplicationLayerAutomaticResponse", "shield:DisableApplicationLayerAutomaticResponse", "shield:UpdateApplicationLayerAutomaticResponse", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:DeleteSecurityGroup", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:UpdateSecurityGroupRuleDescriptionsEgress", "ec2:UpdateSecurityGroupRuleDescriptionsIngress", "ec2:CreateTags", "ec2:DeleteTags", "ec2:CreateTags", "ec2:CreateSecurityGroup", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroups", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeNetworkInterfaces", "ec2:ModifyNetworkInterfaceAttribute", "ec2:DescribeVpcs", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeInstances", "ec2:AssociateRouteTable", "ec2:CreateSubnet", "ec2:CreateRouteTable", "ec2:DeleteSubnet", "ec2:DisassociateRouteTable", "ec2:ReplaceRouteTableAssociation", "wafv2:TagResource", "wafv2:ListResourcesForWebACL", "wafv2:AssociateWebACL", "wafv2:ListTagsForResource", "wafv2:UntagResource", "wafv2:GetWebACL", "wafv2:DisassociateFirewallManager", "wafv2:DeleteWebACL", "wafv2:DisassociateWebACL", "wafv2:UpdateWebACL", "wafv2:CreateWebACL", "wafv2:DeleteFirewallManagerRuleGroups", "wafv2:PutFirewallManagerRuleGroups", "wafv2:PutPermissionPolicy", "wafv2:GetPermissionPolicy", "wafv2:DeletePermissionPolicy", "wafv2:GetWebACLForResource", "ec2:CreateTags", "ec2:CreateTags", "ec2:CreateTags", "ec2:DeleteRouteTable", "ec2:DescribeInternetGateways", "ec2:DescribeRouteTables", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeVpcEndpoints", "ec2:DescribeAvailabilityZones", "ec2:CreateVpcEndpoint", "ec2:CreateVpcEndpoint", "ec2:DeleteVpcEndpoints", "ram:TagResource", "ram:AssociateResourceShare", "ram:UpdateResourceShare", "ram:DeleteResourceShare", "ram:CreateResourceShare", "ram:GetResourceShareAssociations", "ram:GetResourceShares", "iam:CreateServiceLinkedRole", "iam:GetRole", "network-firewall:TagResource", "network-firewall:AssociateSubnets", "network-firewall:CreateFirewall", "network-firewall:CreateFirewallPolicy", "network-firewall:DisassociateSubnets", "network-firewall:UpdateFirewallDeleteProtection", "network-firewall:UpdateFirewallPolicy", "network-firewall:UpdateFirewallPolicyChangeProtection", "network-firewall:UpdateSubnetChangeProtection", "network-firewall:AssociateFirewallPolicy", "network-firewall:DescribeFirewall", "network-firewall:DescribeFirewallPolicy", "network-firewall:DescribeRuleGroup", "network-firewall:ListFirewallPolicies", "network-firewall:ListFirewalls", "network-firewall:ListRuleGroups", "network-firewall:PutResourcePolicy", "network-firewall:DescribeResourcePolicy", "network-firewall:DeleteResourcePolicy", "network-firewall:DescribeLoggingConfiguration", "network-firewall:UpdateLoggingConfiguration", "network-firewall:DeleteFirewallPolicy", "network-firewall:DeleteFirewall", "logs:ListLogDeliveries", "logs:CreateLogDelivery", "logs:GetLogDelivery", "logs:UpdateLogDelivery", "logs:DeleteLogDelivery", "route53resolver:ListFirewallRuleGroupAssociations", "route53resolver:ListTagsForResource", "route53resolver:ListFirewallRuleGroups", "route53resolver:GetFirewallRuleGroupAssociation", "route53resolver:GetFirewallRuleGroup", "route53resolver:GetFirewallRuleGroupPolicy", "route53resolver:PutFirewallRuleGroupPolicy", "route53resolver:UpdateFirewallRuleGroupAssociation", "route53resolver:DisassociateFirewallRuleGroup", "route53resolver:AssociateFirewallRuleGroup", "route53resolver:TagResource", "ec2:CreateTags", "ec2:CreateTags", "ec2:DeleteTags", "ec2:DeleteNetworkAclEntry", "ec2:CreateNetworkAclEntry", "ec2:ReplaceNetworkAclEntry", "ec2:DeleteNetworkAcl", "ec2:ReplaceNetworkAclAssociation", "ec2:DescribeNetworkAcls", "ec2:CreateNetworkAcl" ], "malformed": false, "name": "FMSServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-22T19:12:13+00:00", "version": "v29" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonECSInfrastructureRolePolicyForServiceConnectTransportLayerSecurity", "createdate": "2024-01-19T20:08:36Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "secretsmanager:CreateSecret", "secretsmanager:TagResource", "secretsmanager:DescribeSecret", "secretsmanager:UpdateSecret", "secretsmanager:GetSecretValue", "secretsmanager:PutSecretValue", "secretsmanager:DeleteSecret", "secretsmanager:RotateSecret", "secretsmanager:UpdateSecretVersionStage", "acm-pca:GetCertificate", "acm-pca:GetCertificateAuthorityCertificate", "acm-pca:DescribeCertificateAuthority", "acm-pca:IssueCertificate" ], "malformed": false, "name": "AmazonECSInfrastructureRolePolicyForServiceConnectTransportLayerSecurity", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-19T20:08:36+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole", "createdate": "2024-01-05T22:38:26Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "ec2:CreateNetworkInterface", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSubnets", "ec2:DeleteNetworkInterface", "ec2:AssignPrivateIpAddresses", "ec2:UnassignPrivateIpAddresses" ], "malformed": false, "name": "AWSLambdaVPCAccessExecutionRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-05T22:38:26+00:00", "version": "v3" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess", "createdate": "2020-03-18T23:32:10Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:DescribeNetworkInterfaces" ], "malformed": false, "name": "AmazonWorkSpacesServiceAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-03-18T23:32:10+00:00", "version": "v2" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AWSIoTWirelessReadOnlyAccess", "createdate": "2020-12-15T15:28:56Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iotwireless:ListDestinations", "iotwireless:ListDeviceProfiles", "iotwireless:ListDevicesForWirelessDeviceImportTask", "iotwireless:ListEventConfigurations", "iotwireless:ListFuotaTasks", "iotwireless:ListMulticastGroups", "iotwireless:ListMulticastGroupsByFuotaTask", "iotwireless:ListNetworkAnalyzerConfigurations", "iotwireless:ListPartnerAccounts", "iotwireless:ListPositionConfigurations", "iotwireless:ListQueuedMessages", "iotwireless:ListServiceProfiles", "iotwireless:ListTagsForResource", "iotwireless:ListWirelessDeviceImportTasks", "iotwireless:ListWirelessDevices", "iotwireless:ListWirelessGatewayTaskDefinitions", "iotwireless:ListWirelessGateways", "iotwireless:GetDestination", "iotwireless:GetDeviceProfile", "iotwireless:GetEventConfigurationByResourceTypes", "iotwireless:GetFuotaTask", "iotwireless:GetLogLevelsByResourceTypes", "iotwireless:GetMetricConfiguration", "iotwireless:GetMetrics", "iotwireless:GetMulticastGroup", "iotwireless:GetMulticastGroupSession", "iotwireless:GetNetworkAnalyzerConfiguration", "iotwireless:GetPartnerAccount", "iotwireless:GetPosition", "iotwireless:GetPositionConfiguration", "iotwireless:GetPositionEstimate", "iotwireless:GetResourceEventConfiguration", "iotwireless:GetResourceLogLevel", "iotwireless:GetResourcePosition", "iotwireless:GetServiceEndpoint", "iotwireless:GetServiceProfile", "iotwireless:GetWirelessDevice", "iotwireless:GetWirelessDeviceImportTask", "iotwireless:GetWirelessDeviceStatistics", "iotwireless:GetWirelessGateway", "iotwireless:GetWirelessGatewayCertificate", "iotwireless:GetWirelessGatewayFirmwareInformation", "iotwireless:GetWirelessGatewayStatistics", "iotwireless:GetWirelessGatewayTask", "iotwireless:GetWirelessGatewayTaskDefinition" ], "malformed": false, "name": "AWSIoTWirelessReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-15T15:28:56+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSRolesAnywhereServicePolicy", "createdate": "2022-07-05T15:26:11Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:PutMetricData", "acm-pca:GetCertificateAuthorityCertificate", "acm-pca:DescribeCertificateAuthority" ], "malformed": false, "name": "AWSRolesAnywhereServicePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-07-05T15:26:11+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonDataZoneRedshiftManageAccessRolePolicy", "createdate": "2023-11-16T22:04:02Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "redshift-data:BatchExecuteStatement", "redshift-data:DescribeTable", "redshift-data:ExecuteStatement", "redshift-data:ListTables", "redshift-data:ListSchemas", "redshift-data:ListDatabases", "secretsmanager:ListSecrets", "redshift-serverless:GetWorkgroup", "redshift-serverless:GetNamespace", "redshift-data:DescribeStatement", "redshift-data:GetStatementResult", "redshift:DescribeClusters", "redshift:AuthorizeDataShare", "redshift:DescribeDataShares", "redshift:AssociateDataShareConsumer" ], "malformed": false, "name": "AmazonDataZoneRedshiftManageAccessRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-16T22:04:02+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSQuickSightTimestreamPolicy", "createdate": "2020-09-30T21:47:03Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "timestream:Select", "timestream:CancelQuery", "timestream:ListTables", "timestream:ListDatabases", "timestream:ListMeasures", "timestream:DescribeTable", "timestream:DescribeDatabase", "timestream:SelectValues", "timestream:DescribeEndpoints" ], "malformed": false, "name": "AWSQuickSightTimestreamPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-09-30T21:47:03+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonEventBridgePipesFullAccess", "createdate": "2022-12-01T17:03:20Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "pipes:CreatePipe", "pipes:DeletePipe", "pipes:DescribePipe", "pipes:ListPipes", "pipes:ListTagsForResource", "pipes:StartPipe", "pipes:StopPipe", "pipes:TagResource", "pipes:UntagResource", "pipes:UpdatePipe", "iam:PassRole" ], "malformed": false, "name": "AmazonEventBridgePipesFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-12-01T17:03:20+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonOpenSearchIngestionReadOnlyAccess", "createdate": "2023-04-26T18:09:52Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "osis:GetPipeline", "osis:GetPipelineChangeProgress", "osis:GetPipelineBlueprint", "osis:ListPipelineBlueprints", "osis:ListPipelines", "osis:ListTagsForResource" ], "malformed": false, "name": "AmazonOpenSearchIngestionReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-26T18:09:52+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSAutoScalingPlansEC2AutoScalingPolicy", "createdate": "2018-08-23T22:46:59Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:GetMetricData", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeScheduledActions", "autoscaling:BatchPutScheduledUpdateGroupAction", "autoscaling:BatchDeleteScheduledAction" ], "malformed": false, "name": "AWSAutoScalingPlansEC2AutoScalingPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-08-23T22:46:59+00:00", "version": "v1" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSIoTWirelessFullAccess", "createdate": "2020-12-15T15:27:57Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iotwireless:AssociateAwsAccountWithPartnerAccount", "iotwireless:AssociateMulticastGroupWithFuotaTask", "iotwireless:AssociateWirelessDeviceWithFuotaTask", "iotwireless:AssociateWirelessDeviceWithMulticastGroup", "iotwireless:AssociateWirelessDeviceWithThing", "iotwireless:AssociateWirelessGatewayWithCertificate", "iotwireless:AssociateWirelessGatewayWithThing", "iotwireless:CancelMulticastGroupSession", "iotwireless:CreateDestination", "iotwireless:CreateDeviceProfile", "iotwireless:CreateFuotaTask", "iotwireless:CreateMulticastGroup", "iotwireless:CreateNetworkAnalyzerConfiguration", "iotwireless:CreateServiceProfile", "iotwireless:CreateWirelessDevice", "iotwireless:CreateWirelessGateway", "iotwireless:CreateWirelessGatewayTask", "iotwireless:CreateWirelessGatewayTaskDefinition", "iotwireless:DeleteDestination", "iotwireless:DeleteDeviceProfile", "iotwireless:DeleteFuotaTask", "iotwireless:DeleteMulticastGroup", "iotwireless:DeleteNetworkAnalyzerConfiguration", "iotwireless:DeleteQueuedMessages", "iotwireless:DeleteServiceProfile", "iotwireless:DeleteWirelessDevice", "iotwireless:DeleteWirelessDeviceImportTask", "iotwireless:DeleteWirelessGateway", "iotwireless:DeleteWirelessGatewayTask", "iotwireless:DeleteWirelessGatewayTaskDefinition", "iotwireless:DeregisterWirelessDevice", "iotwireless:DisassociateAwsAccountFromPartnerAccount", "iotwireless:DisassociateMulticastGroupFromFuotaTask", "iotwireless:DisassociateWirelessDeviceFromFuotaTask", "iotwireless:DisassociateWirelessDeviceFromMulticastGroup", "iotwireless:DisassociateWirelessDeviceFromThing", "iotwireless:DisassociateWirelessGatewayFromCertificate", "iotwireless:DisassociateWirelessGatewayFromThing", "iotwireless:GetDestination", "iotwireless:GetDeviceProfile", "iotwireless:GetEventConfigurationByResourceTypes", "iotwireless:GetFuotaTask", "iotwireless:GetLogLevelsByResourceTypes", "iotwireless:GetMetricConfiguration", "iotwireless:GetMetrics", "iotwireless:GetMulticastGroup", "iotwireless:GetMulticastGroupSession", "iotwireless:GetNetworkAnalyzerConfiguration", "iotwireless:GetPartnerAccount", "iotwireless:GetPosition", "iotwireless:GetPositionConfiguration", "iotwireless:GetPositionEstimate", "iotwireless:GetResourceEventConfiguration", "iotwireless:GetResourceLogLevel", "iotwireless:GetResourcePosition", "iotwireless:GetServiceEndpoint", "iotwireless:GetServiceProfile", "iotwireless:GetWirelessDevice", "iotwireless:GetWirelessDeviceImportTask", "iotwireless:GetWirelessDeviceStatistics", "iotwireless:GetWirelessGateway", "iotwireless:GetWirelessGatewayCertificate", "iotwireless:GetWirelessGatewayFirmwareInformation", "iotwireless:GetWirelessGatewayStatistics", "iotwireless:GetWirelessGatewayTask", "iotwireless:GetWirelessGatewayTaskDefinition", "iotwireless:ListDestinations", "iotwireless:ListDeviceProfiles", "iotwireless:ListDevicesForWirelessDeviceImportTask", "iotwireless:ListEventConfigurations", "iotwireless:ListFuotaTasks", "iotwireless:ListMulticastGroups", "iotwireless:ListMulticastGroupsByFuotaTask", "iotwireless:ListNetworkAnalyzerConfigurations", "iotwireless:ListPartnerAccounts", "iotwireless:ListPositionConfigurations", "iotwireless:ListQueuedMessages", "iotwireless:ListServiceProfiles", "iotwireless:ListTagsForResource", "iotwireless:ListWirelessDeviceImportTasks", "iotwireless:ListWirelessDevices", "iotwireless:ListWirelessGatewayTaskDefinitions", "iotwireless:ListWirelessGateways", "iotwireless:PutPositionConfiguration", "iotwireless:PutResourceLogLevel", "iotwireless:ResetAllResourceLogLevels", "iotwireless:ResetResourceLogLevel", "iotwireless:SendDataToMulticastGroup", "iotwireless:SendDataToWirelessDevice", "iotwireless:StartBulkAssociateWirelessDeviceWithMulticastGroup", "iotwireless:StartBulkDisassociateWirelessDeviceFromMulticastGroup", "iotwireless:StartFuotaTask", "iotwireless:StartMulticastGroupSession", "iotwireless:StartNetworkAnalyzerStream", "iotwireless:StartSingleWirelessDeviceImportTask", "iotwireless:StartWirelessDeviceImportTask", "iotwireless:TagResource", "iotwireless:TestWirelessDevice", "iotwireless:UntagResource", "iotwireless:UpdateDestination", "iotwireless:UpdateEventConfigurationByResourceTypes", "iotwireless:UpdateFuotaTask", "iotwireless:UpdateLogLevelsByResourceTypes", "iotwireless:UpdateMetricConfiguration", "iotwireless:UpdateMulticastGroup", "iotwireless:UpdateNetworkAnalyzerConfiguration", "iotwireless:UpdatePartnerAccount", "iotwireless:UpdatePosition", "iotwireless:UpdateResourceEventConfiguration", "iotwireless:UpdateResourcePosition", "iotwireless:UpdateWirelessDevice", "iotwireless:UpdateWirelessDeviceImportTask", "iotwireless:UpdateWirelessGateway" ], "malformed": false, "name": "AWSIoTWirelessFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-15T15:27:57+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSStorageGatewayReadOnlyAccess", "createdate": "2022-09-06T20:24:17Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "storagegateway:ListAutomaticTapeCreationPolicies", "storagegateway:ListFileShares", "storagegateway:ListFileSystemAssociations", "storagegateway:ListGateways", "storagegateway:ListLocalDisks", "storagegateway:ListTagsForResource", "storagegateway:ListTapePools", "storagegateway:ListTapes", "storagegateway:ListVolumeInitiators", "storagegateway:ListVolumeRecoveryPoints", "storagegateway:ListVolumes", "storagegateway:DescribeAvailabilityMonitorTest", "storagegateway:DescribeBandwidthRateLimit", "storagegateway:DescribeBandwidthRateLimitSchedule", "storagegateway:DescribeCache", "storagegateway:DescribeCachediSCSIVolumes", "storagegateway:DescribeChapCredentials", "storagegateway:DescribeFileSystemAssociations", "storagegateway:DescribeGatewayInformation", "storagegateway:DescribeMaintenanceStartTime", "storagegateway:DescribeNFSFileShares", "storagegateway:DescribeSMBFileShares", "storagegateway:DescribeSMBSettings", "storagegateway:DescribeSnapshotSchedule", "storagegateway:DescribeStorediSCSIVolumes", "storagegateway:DescribeTapeArchives", "storagegateway:DescribeTapeRecoveryPoints", "storagegateway:DescribeTapes", "storagegateway:DescribeUploadBuffer", "storagegateway:DescribeVTLDevices", "storagegateway:DescribeWorkingStorage", "ec2:DescribeSnapshots", "ssm:GetParameters" ], "malformed": false, "name": "AWSStorageGatewayReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-09-06T20:24:17+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonMSKFullAccess", "createdate": "2023-10-18T11:33:13Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "kafka:BatchAssociateScramSecret", "kafka:BatchDisassociateScramSecret", "kafka:CreateCluster", "kafka:CreateClusterV2", "kafka:CreateConfiguration", "kafka:CreateReplicator", "kafka:CreateVpcConnection", "kafka:DeleteCluster", "kafka:DeleteClusterPolicy", "kafka:DeleteConfiguration", "kafka:DeleteReplicator", "kafka:DeleteVpcConnection", "kafka:DescribeCluster", "kafka:DescribeClusterOperation", "kafka:DescribeClusterOperationV2", "kafka:DescribeClusterV2", "kafka:DescribeConfiguration", "kafka:DescribeConfigurationRevision", "kafka:DescribeReplicator", "kafka:DescribeVpcConnection", "kafka:GetBootstrapBrokers", "kafka:GetClusterPolicy", "kafka:GetCompatibleKafkaVersions", "kafka:ListClientVpcConnections", "kafka:ListClusterOperations", "kafka:ListClusterOperationsV2", "kafka:ListClusters", "kafka:ListClustersV2", "kafka:ListConfigurationRevisions", "kafka:ListConfigurations", "kafka:ListKafkaVersions", "kafka:ListNodes", "kafka:ListReplicators", "kafka:ListScramSecrets", "kafka:ListTagsForResource", "kafka:ListVpcConnections", "kafka:PutClusterPolicy", "kafka:RebootBroker", "kafka:RejectClientVpcConnection", "kafka:TagResource", "kafka:UntagResource", "kafka:UpdateBrokerCount", "kafka:UpdateBrokerStorage", "kafka:UpdateBrokerType", "kafka:UpdateClusterConfiguration", "kafka:UpdateClusterKafkaVersion", "kafka:UpdateConfiguration", "kafka:UpdateConnectivity", "kafka:UpdateMonitoring", "kafka:UpdateReplicationInfo", "kafka:UpdateSecurity", "kafka:UpdateStorage", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeSecurityGroups", "ec2:DescribeRouteTables", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcAttribute", "kms:DescribeKey", "kms:CreateGrant", "logs:CreateLogDelivery", "logs:GetLogDelivery", "logs:UpdateLogDelivery", "logs:DeleteLogDelivery", "logs:ListLogDeliveries", "logs:PutResourcePolicy", "logs:DescribeResourcePolicies", "logs:DescribeLogGroups", "s3:GetBucketPolicy", "firehose:TagDeliveryStream", "ec2:CreateVpcEndpoint", "ec2:CreateVpcEndpoint", "ec2:CreateTags", "ec2:DeleteVpcEndpoints", "iam:PassRole", "iam:CreateServiceLinkedRole", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonMSKFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-10-18T11:33:13+00:00", "version": "v7" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonVPCReachabilityAnalyzerPathComponentReadPolicy", "createdate": "2023-05-01T20:38:22Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "network-firewall:DescribeFirewall", "network-firewall:DescribeFirewallPolicy", "network-firewall:DescribeLoggingConfiguration", "network-firewall:DescribeResourcePolicy", "network-firewall:DescribeRuleGroup", "network-firewall:DescribeRuleGroupMetadata", "network-firewall:DescribeTLSInspectionConfiguration", "network-firewall:ListFirewallPolicies", "network-firewall:ListFirewalls", "network-firewall:ListRuleGroups", "network-firewall:ListTLSInspectionConfigurations", "network-firewall:ListTagsForResource" ], "malformed": false, "name": "AmazonVPCReachabilityAnalyzerPathComponentReadPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-05-01T20:38:22+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceCatalogSyncServiceRolePolicy", "createdate": "2022-11-15T21:20:15Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "servicecatalog:ListProvisioningArtifacts", "servicecatalog:DescribeProductAsAdmin", "servicecatalog:DeleteProvisioningArtifact", "servicecatalog:ListServiceActionsForProvisioningArtifact", "servicecatalog:DescribeProvisioningArtifact", "servicecatalog:CreateProvisioningArtifact", "servicecatalog:UpdateProvisioningArtifact", "codestar-connections:UseConnection", "cloudformation:ValidateTemplate" ], "malformed": false, "name": "AWSServiceCatalogSyncServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-15T21:20:15+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSCloudHSMFullAccess", "createdate": "2015-02-06T18:39:51Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudhsm:AddTagsToResource", "cloudhsm:CopyBackupToRegion", "cloudhsm:CreateCluster", "cloudhsm:CreateHapg", "cloudhsm:CreateHsm", "cloudhsm:CreateLunaClient", "cloudhsm:DeleteBackup", "cloudhsm:DeleteCluster", "cloudhsm:DeleteHapg", "cloudhsm:DeleteHsm", "cloudhsm:DeleteLunaClient", "cloudhsm:DescribeBackups", "cloudhsm:DescribeClusters", "cloudhsm:DescribeHapg", "cloudhsm:DescribeHsm", "cloudhsm:DescribeLunaClient", "cloudhsm:GetConfig", "cloudhsm:InitializeCluster", "cloudhsm:ListAvailableZones", "cloudhsm:ListHapgs", "cloudhsm:ListHsms", "cloudhsm:ListLunaClients", "cloudhsm:ListTags", "cloudhsm:ListTagsForResource", "cloudhsm:ModifyBackupAttributes", "cloudhsm:ModifyCluster", "cloudhsm:ModifyHapg", "cloudhsm:ModifyHsm", "cloudhsm:ModifyLunaClient", "cloudhsm:RemoveTagsFromResource", "cloudhsm:RestoreBackup", "cloudhsm:TagResource", "cloudhsm:UntagResource" ], "malformed": false, "name": "AWSCloudHSMFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:39:51+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSPanoramaGreengrassGroupRolePolicy", "createdate": "2021-01-06T19:30:35Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:ListBucket", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetObject", "s3:PutObject", "cloudwatch:PutDashboard", "cloudwatch:PutMetricData", "logs:CreateLogStream", "logs:DescribeLogStreams", "logs:PutLogEvents", "logs:CreateLogGroup", "panorama:CreateApplicationInstance", "panorama:CreateJobForDevices", "panorama:CreateNodeFromTemplateJob", "panorama:CreatePackage", "panorama:CreatePackageImportJob", "panorama:DeleteDevice", "panorama:DeletePackage", "panorama:DeregisterPackageVersion", "panorama:DescribeApplicationInstance", "panorama:DescribeApplicationInstanceDetails", "panorama:DescribeDevice", "panorama:DescribeDeviceJob", "panorama:DescribeNode", "panorama:DescribeNodeFromTemplateJob", "panorama:DescribePackage", "panorama:DescribePackageImportJob", "panorama:DescribePackageVersion", "panorama:DescribeSoftware", "panorama:GetWebSocketURL", "panorama:ListApplicationInstanceDependencies", "panorama:ListApplicationInstanceNodeInstances", "panorama:ListApplicationInstances", "panorama:ListDevices", "panorama:ListDevicesJobs", "panorama:ListNodeFromTemplateJobs", "panorama:ListNodes", "panorama:ListPackageImportJobs", "panorama:ListPackages", "panorama:ListTagsForResource", "panorama:ProvisionDevice", "panorama:RegisterPackageVersion", "panorama:RemoveApplicationInstance", "panorama:SignalApplicationInstanceNodeInstances", "panorama:TagResource", "panorama:UntagResource", "panorama:UpdateDeviceMetadata" ], "malformed": false, "name": "AWSPanoramaGreengrassGroupRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-01-06T19:30:35+00:00", "version": "v2" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/ROSAManageSubscription", "createdate": "2023-08-04T19:59:14Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "aws-marketplace:Subscribe", "aws-marketplace:Unsubscribe", "aws-marketplace:ViewSubscriptions" ], "malformed": false, "name": "ROSAManageSubscription", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-08-04T19:59:14+00:00", "version": "v2" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonForecastFullAccess", "createdate": "2019-01-18T01:52:29Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "forecast:CreateAutoPredictor", "forecast:CreateDataset", "forecast:CreateDatasetGroup", "forecast:CreateDatasetImportJob", "forecast:CreateExplainability", "forecast:CreateExplainabilityExport", "forecast:CreateForecast", "forecast:CreateForecastEndpoint", "forecast:CreateForecastExportJob", "forecast:CreateMonitor", "forecast:CreatePredictor", "forecast:CreatePredictorBacktestExportJob", "forecast:CreateWhatIfAnalysis", "forecast:CreateWhatIfForecast", "forecast:CreateWhatIfForecastExport", "forecast:DeleteDataset", "forecast:DeleteDatasetGroup", "forecast:DeleteDatasetImportJob", "forecast:DeleteExplainability", "forecast:DeleteExplainabilityExport", "forecast:DeleteForecast", "forecast:DeleteForecastEndpoint", "forecast:DeleteForecastExportJob", "forecast:DeleteMonitor", "forecast:DeletePredictor", "forecast:DeletePredictorBacktestExportJob", "forecast:DeleteResourceTree", "forecast:DeleteWhatIfAnalysis", "forecast:DeleteWhatIfForecast", "forecast:DeleteWhatIfForecastExport", "forecast:DescribeAutoPredictor", "forecast:DescribeDataset", "forecast:DescribeDatasetGroup", "forecast:DescribeDatasetImportJob", "forecast:DescribeExplainability", "forecast:DescribeExplainabilityExport", "forecast:DescribeForecast", "forecast:DescribeForecastEndpoint", "forecast:DescribeForecastExportJob", "forecast:DescribeMonitor", "forecast:DescribePredictor", "forecast:DescribePredictorBacktestExportJob", "forecast:DescribeWhatIfAnalysis", "forecast:DescribeWhatIfForecast", "forecast:DescribeWhatIfForecastExport", "forecast:GetAccuracyMetrics", "forecast:GetRecentForecastContext", "forecast:InvokeForecastEndpoint", "forecast:ListDatasetGroups", "forecast:ListDatasetImportJobs", "forecast:ListDatasets", "forecast:ListExplainabilities", "forecast:ListExplainabilityExports", "forecast:ListForecastExportJobs", "forecast:ListForecasts", "forecast:ListMonitorEvaluations", "forecast:ListMonitors", "forecast:ListPredictorBacktestExportJobs", "forecast:ListPredictors", "forecast:ListTagsForResource", "forecast:ListWhatIfAnalyses", "forecast:ListWhatIfForecastExports", "forecast:ListWhatIfForecasts", "forecast:QueryForecast", "forecast:QueryWhatIfForecast", "forecast:ResumeResource", "forecast:StopResource", "forecast:TagResource", "forecast:UntagResource", "forecast:UpdateDatasetGroup", "iam:PassRole" ], "malformed": false, "name": "AmazonForecastFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-01-18T01:52:29+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonRDSPerformanceInsightsFullAccess", "createdate": "2023-10-23T21:14:27Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "pi:DescribeDimensionKeys", "pi:GetDimensionKeyDetails", "pi:GetResourceMetadata", "pi:GetResourceMetrics", "pi:ListAvailableResourceDimensions", "pi:ListAvailableResourceMetrics", "pi:CreatePerformanceAnalysisReport", "pi:GetPerformanceAnalysisReport", "pi:ListPerformanceAnalysisReports", "pi:DeletePerformanceAnalysisReport", "pi:TagResource", "pi:UntagResource", "pi:ListTagsForResource", "rds:DescribeDBInstances", "rds:DescribeDBClusters", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "cloudwatch:GetMetricData" ], "malformed": false, "name": "AmazonRDSPerformanceInsightsFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-10-23T21:14:27+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/CloudFrontReadOnlyAccess", "createdate": "2024-01-04T16:55:27Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "acm:ListCertificates", "cloudfront:DescribeFunction", "cloudfront:DescribeKeyValueStore", "cloudfront:GetCachePolicy", "cloudfront:GetCachePolicyConfig", "cloudfront:GetCloudFrontOriginAccessIdentity", "cloudfront:GetCloudFrontOriginAccessIdentityConfig", "cloudfront:GetContinuousDeploymentPolicy", "cloudfront:GetContinuousDeploymentPolicyConfig", "cloudfront:GetDistribution", "cloudfront:GetDistributionConfig", "cloudfront:GetFieldLevelEncryption", "cloudfront:GetFieldLevelEncryptionConfig", "cloudfront:GetFieldLevelEncryptionProfile", "cloudfront:GetFieldLevelEncryptionProfileConfig", "cloudfront:GetFunction", "cloudfront:GetInvalidation", "cloudfront:GetKeyGroup", "cloudfront:GetKeyGroupConfig", "cloudfront:GetMonitoringSubscription", "cloudfront:GetOriginAccessControl", "cloudfront:GetOriginAccessControlConfig", "cloudfront:GetOriginRequestPolicy", "cloudfront:GetOriginRequestPolicyConfig", "cloudfront:GetPublicKey", "cloudfront:GetPublicKeyConfig", "cloudfront:GetRealtimeLogConfig", "cloudfront:GetResponseHeadersPolicy", "cloudfront:GetResponseHeadersPolicyConfig", "cloudfront:GetSavingsPlan", "cloudfront:GetStreamingDistribution", "cloudfront:GetStreamingDistributionConfig", "cloudfront:ListCachePolicies", "cloudfront:ListCloudFrontOriginAccessIdentities", "cloudfront:ListConflictingAliases", "cloudfront:ListContinuousDeploymentPolicies", "cloudfront:ListDistributions", "cloudfront:ListDistributionsByCachePolicyId", "cloudfront:ListDistributionsByKeyGroup", "cloudfront:ListDistributionsByLambdaFunction", "cloudfront:ListDistributionsByOriginRequestPolicyId", "cloudfront:ListDistributionsByRealtimeLogConfig", "cloudfront:ListDistributionsByResponseHeadersPolicyId", "cloudfront:ListDistributionsByWebACLId", "cloudfront:ListFieldLevelEncryptionConfigs", "cloudfront:ListFieldLevelEncryptionProfiles", "cloudfront:ListFunctions", "cloudfront:ListInvalidations", "cloudfront:ListKeyGroups", "cloudfront:ListKeyValueStores", "cloudfront:ListOriginAccessControls", "cloudfront:ListOriginRequestPolicies", "cloudfront:ListPublicKeys", "cloudfront:ListRateCards", "cloudfront:ListRealtimeLogConfigs", "cloudfront:ListResponseHeadersPolicies", "cloudfront:ListSavingsPlans", "cloudfront:ListStreamingDistributions", "cloudfront:ListTagsForResource", "cloudfront:ListUsages", "cloudfront-keyvaluestore:DescribeKeyValueStore", "cloudfront-keyvaluestore:GetKey", "cloudfront-keyvaluestore:ListKeys", "iam:ListServerCertificates", "route53:ListCidrBlocks", "route53:ListCidrCollections", "route53:ListCidrLocations", "route53:ListGeoLocations", "route53:ListHealthChecks", "route53:ListHostedZones", "route53:ListHostedZonesByName", "route53:ListHostedZonesByVPC", "route53:ListQueryLoggingConfigs", "route53:ListResourceRecordSets", "route53:ListReusableDelegationSets", "route53:ListTagsForResource", "route53:ListTagsForResources", "route53:ListTrafficPolicies", "route53:ListTrafficPolicyInstances", "route53:ListTrafficPolicyInstancesByHostedZone", "route53:ListTrafficPolicyInstancesByPolicy", "route53:ListTrafficPolicyVersions", "route53:ListVPCAssociationAuthorizations", "waf:ListWebACLs", "waf:GetWebACL", "wafv2:ListWebACLs", "wafv2:GetWebACL" ], "malformed": false, "name": "CloudFrontReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-04T16:55:27+00:00", "version": "v6" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSStepFunctionsFullAccess", "createdate": "2017-01-11T21:51:32Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "states:CreateActivity", "states:CreateStateMachine", "states:CreateStateMachineAlias", "states:DeleteActivity", "states:DeleteStateMachine", "states:DeleteStateMachineAlias", "states:DeleteStateMachineVersion", "states:DescribeActivity", "states:DescribeExecution", "states:DescribeMapRun", "states:DescribeStateMachine", "states:DescribeStateMachineAlias", "states:DescribeStateMachineForExecution", "states:GetActivityTask", "states:GetExecutionHistory", "states:InvokeHTTPEndpoint", "states:ListActivities", "states:ListExecutions", "states:ListMapRuns", "states:ListStateMachineAliases", "states:ListStateMachineVersions", "states:ListStateMachines", "states:ListTagsForResource", "states:PublishStateMachineVersion", "states:RedriveExecution", "states:RevealSecrets", "states:SendTaskFailure", "states:SendTaskHeartbeat", "states:SendTaskSuccess", "states:StartExecution", "states:StartSyncExecution", "states:StopExecution", "states:TagResource", "states:TestState", "states:UntagResource", "states:UpdateMapRun", "states:UpdateStateMachine", "states:UpdateStateMachineAlias", "states:ValidateStateMachineDefinition" ], "malformed": false, "name": "AWSStepFunctionsFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-01-11T21:51:32+00:00", "version": "v1" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/Ec2ImageBuilderCrossAccountDistributionAccess", "createdate": "2020-09-30T19:22:54Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateTags", "ec2:DescribeImages", "ec2:CopyImage", "ec2:ModifyImageAttribute" ], "malformed": false, "name": "Ec2ImageBuilderCrossAccountDistributionAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-09-30T19:22:54+00:00", "version": "v1" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSXrayCrossAccountSharingConfiguration", "createdate": "2022-11-27T13:46:35Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "xray:Link", "oam:ListLinks", "oam:DeleteLink", "oam:GetLink", "oam:TagResource", "oam:CreateLink", "oam:UpdateLink" ], "malformed": false, "name": "AWSXrayCrossAccountSharingConfiguration", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-27T13:46:35+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSElasticBeanstalkServiceRolePolicy", "createdate": "2019-06-06T21:59:51Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResources", "cloudformation:DescribeStacks", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribeScalingActivities", "autoscaling:PutNotificationConfiguration", "ec2:DescribeInstanceStatus", "ec2:AssociateAddress", "ec2:DescribeAddresses", "ec2:DescribeInstances", "ec2:DescribeSecurityGroups", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTargetGroups", "lambda:GetFunction", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "sns:Publish", "logs:CreateLogStream", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DeleteLogGroup", "logs:PutLogEvents" ], "malformed": false, "name": "AWSElasticBeanstalkServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-06T21:59:51+00:00", "version": "v6" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy", "createdate": "2022-08-02T19:12:55Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "apigateway:GET", "apigateway:POST", "apigateway:PUT", "apigateway:PATCH", "apigateway:DELETE", "apigateway:POST", "apigateway:PATCH", "cloudformation:CreateStack", "cloudformation:UpdateStack", "cloudformation:DeleteStack", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStacks", "cloudformation:GetTemplateSummary", "cloudformation:ValidateTemplate", "codebuild:CreateProject", "codebuild:DeleteProject", "codebuild:UpdateProject", "codecommit:CreateCommit", "codecommit:CreateRepository", "codecommit:DeleteRepository", "codecommit:GetRepository", "codecommit:TagResource", "codecommit:ListRepositories", "codepipeline:CreatePipeline", "codepipeline:DeletePipeline", "codepipeline:GetPipeline", "codepipeline:GetPipelineState", "codepipeline:StartPipelineExecution", "codepipeline:TagResource", "codepipeline:UpdatePipeline", "cognito-idp:CreateUserPool", "cognito-idp:TagResource", "cognito-idp:CreateGroup", "cognito-idp:CreateUserPoolDomain", "cognito-idp:CreateUserPoolClient", "cognito-idp:DeleteGroup", "cognito-idp:DeleteUserPool", "cognito-idp:DeleteUserPoolClient", "cognito-idp:DeleteUserPoolDomain", "cognito-idp:DescribeUserPool", "cognito-idp:DescribeUserPoolClient", "cognito-idp:UpdateUserPool", "cognito-idp:UpdateUserPoolClient", "ecr:CreateRepository", "ecr:DeleteRepository", "ecr:TagResource", "events:DescribeRule", "events:DeleteRule", "events:DisableRule", "events:EnableRule", "events:PutRule", "events:PutTargets", "events:RemoveTargets", "firehose:CreateDeliveryStream", "firehose:DeleteDeliveryStream", "firehose:DescribeDeliveryStream", "firehose:StartDeliveryStreamEncryption", "firehose:StopDeliveryStreamEncryption", "firehose:UpdateDestination", "glue:CreateDatabase", "glue:DeleteDatabase", "glue:CreateClassifier", "glue:DeleteClassifier", "glue:DeleteCrawler", "glue:DeleteJob", "glue:DeleteTrigger", "glue:DeleteWorkflow", "glue:StopCrawler", "glue:CreateWorkflow", "glue:CreateJob", "glue:CreateCrawler", "glue:GetCrawler", "glue:CreateTrigger", "glue:GetTrigger", "iam:PassRole", "lambda:AddPermission", "lambda:CreateFunction", "lambda:DeleteFunction", "lambda:GetFunction", "lambda:GetFunctionConfiguration", "lambda:InvokeFunction", "lambda:RemovePermission", "lambda:TagResource", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteLogGroup", "logs:DeleteLogStream", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:PutRetentionPolicy", "s3:GetObject", "s3:GetObject", "s3:CreateBucket", "s3:DeleteBucket", "s3:DeleteBucketPolicy", "s3:GetBucketPolicy", "s3:PutBucketAcl", "s3:PutBucketNotification", "s3:PutBucketPolicy", "s3:PutBucketPublicAccessBlock", "s3:PutBucketLogging", "s3:PutEncryptionConfiguration", "s3:PutBucketCORS", "s3:PutBucketTagging", "s3:PutObjectTagging", "sagemaker:CreateEndpoint", "sagemaker:CreateEndpointConfig", "sagemaker:CreateModel", "sagemaker:CreateWorkteam", "sagemaker:DeleteEndpoint", "sagemaker:DeleteEndpointConfig", "sagemaker:DeleteModel", "sagemaker:DeleteWorkteam", "sagemaker:DescribeModel", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeEndpoint", "sagemaker:DescribeWorkteam", "sagemaker:CreateCodeRepository", "sagemaker:DescribeCodeRepository", "sagemaker:UpdateCodeRepository", "sagemaker:DeleteCodeRepository", "sagemaker:AddTags", "sagemaker:CreateImage", "sagemaker:DeleteImage", "sagemaker:DescribeImage", "sagemaker:UpdateImage", "sagemaker:ListTags", "states:CreateStateMachine", "states:DeleteStateMachine", "states:UpdateStateMachine", "codestar-connections:PassConnection" ], "malformed": false, "name": "AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-08-02T19:12:55+00:00", "version": "v7" }, { "access_levels": [ "List", "Read", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSGrafanaWorkspacePermissionManagementV2", "createdate": "2024-01-05T18:39:46Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "grafana:DescribeWorkspace", "grafana:DescribeWorkspaceAuthentication", "grafana:UpdatePermissions", "grafana:ListPermissions", "grafana:ListWorkspaces", "sso:DescribeRegisteredRegions", "sso:GetSharedSsoConfiguration", "sso:ListDirectoryAssociations", "sso:GetManagedApplicationInstance", "sso:ListProfiles", "sso:GetProfile", "sso:ListProfileAssociations", "sso-directory:DescribeUser", "sso-directory:DescribeGroup" ], "malformed": false, "name": "AWSGrafanaWorkspacePermissionManagementV2", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-05T18:39:46+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonMSKReadOnlyAccess", "createdate": "2019-01-14T22:28:45Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "kafka:DescribeCluster", "kafka:DescribeClusterOperation", "kafka:DescribeClusterOperationV2", "kafka:DescribeClusterV2", "kafka:DescribeConfiguration", "kafka:DescribeConfigurationRevision", "kafka:DescribeReplicator", "kafka:DescribeVpcConnection", "kafka:ListClientVpcConnections", "kafka:ListClusterOperations", "kafka:ListClusterOperationsV2", "kafka:ListClusters", "kafka:ListClustersV2", "kafka:ListConfigurationRevisions", "kafka:ListConfigurations", "kafka:ListKafkaVersions", "kafka:ListNodes", "kafka:ListReplicators", "kafka:ListScramSecrets", "kafka:ListTagsForResource", "kafka:ListVpcConnections", "kafka:GetBootstrapBrokers", "kafka:GetClusterPolicy", "kafka:GetCompatibleKafkaVersions", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "kms:DescribeKey" ], "malformed": false, "name": "AmazonMSKReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-01-14T22:28:45+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSResourceExplorerFullAccess", "createdate": "2023-11-14T16:53:46Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "resource-explorer-2:AssociateDefaultView", "resource-explorer-2:BatchGetView", "resource-explorer-2:CreateIndex", "resource-explorer-2:CreateView", "resource-explorer-2:DeleteIndex", "resource-explorer-2:DeleteView", "resource-explorer-2:DisassociateDefaultView", "resource-explorer-2:GetAccountLevelServiceConfiguration", "resource-explorer-2:GetDefaultView", "resource-explorer-2:GetIndex", "resource-explorer-2:GetView", "resource-explorer-2:ListIndexes", "resource-explorer-2:ListIndexesForMembers", "resource-explorer-2:ListSupportedResourceTypes", "resource-explorer-2:ListTagsForResource", "resource-explorer-2:ListViews", "resource-explorer-2:Search", "resource-explorer-2:TagResource", "resource-explorer-2:UntagResource", "resource-explorer-2:UpdateIndexType", "resource-explorer-2:UpdateView", "ec2:DescribeRegions", "ram:ListResources", "ram:GetResourceShares", "organizations:DescribeOrganization", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSResourceExplorerFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-14T16:53:46+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSTrustedAdvisorReportingServiceRolePolicy", "createdate": "2023-02-28T23:23:45Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:DescribeOrganization", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListAccounts", "organizations:ListAccountsForParent", "organizations:ListDelegatedAdministrators", "organizations:ListOrganizationalUnitsForParent", "organizations:ListChildren", "organizations:ListParents", "organizations:DescribeOrganizationalUnit", "organizations:DescribeAccount" ], "malformed": false, "name": "AWSTrustedAdvisorReportingServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-02-28T23:23:45+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSMarketplaceSellerProductsFullAccess", "createdate": "2023-07-18T22:19:58Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "aws-marketplace:ListChangeSets", "aws-marketplace:DescribeChangeSet", "aws-marketplace:StartChangeSet", "aws-marketplace:CancelChangeSet", "aws-marketplace:ListEntities", "aws-marketplace:DescribeEntity", "aws-marketplace:ListTasks", "aws-marketplace:DescribeTask", "aws-marketplace:UpdateTask", "aws-marketplace:CompleteTask", "ec2:DescribeImages", "ec2:DescribeSnapshots", "ec2:ModifyImageAttribute", "ec2:ModifySnapshotAttribute", "iam:GetRole", "iam:PassRole", "vendor-insights:GetDataSource", "vendor-insights:ListDataSources", "vendor-insights:ListSecurityProfiles", "vendor-insights:GetSecurityProfile", "vendor-insights:GetSecurityProfileSnapshot", "vendor-insights:ListSecurityProfileSnapshots", "aws-marketplace:TagResource", "aws-marketplace:UntagResource", "aws-marketplace:ListTagsForResource", "aws-marketplace:GetResourcePolicy", "aws-marketplace:PutResourcePolicy", "aws-marketplace:DeleteResourcePolicy" ], "malformed": false, "name": "AWSMarketplaceSellerProductsFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-07-18T22:19:58+00:00", "version": "v7" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSGlobalAcceleratorSLRPolicy", "createdate": "2023-09-12T16:45:28Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateNetworkInterface", "ec2:DescribeNetworkInterfaces", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeSubnets", "ec2:DescribeRegions", "ec2:ModifyNetworkInterfaceAttribute", "ec2:DeleteNetworkInterface", "ec2:DescribeAddresses", "ec2:DeleteSecurityGroup", "ec2:AssignIpv6Addresses", "ec2:UnassignIpv6Addresses", "ec2:CreateSecurityGroup", "ec2:DescribeSecurityGroups", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeTargetGroups", "ec2:CreateTags" ], "malformed": false, "name": "AWSGlobalAcceleratorSLRPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-09-12T16:45:28+00:00", "version": "v8" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonRedshiftQueryEditor", "createdate": "2021-02-16T19:33:45Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "redshift:GetClusterCredentials", "redshift:ListSchemas", "redshift:ListTables", "redshift:ListDatabases", "redshift:ExecuteQuery", "redshift:FetchResults", "redshift:CancelQuery", "redshift:DescribeClusters", "redshift:DescribeQuery", "redshift:DescribeTable", "redshift:ViewQueriesFromConsole", "redshift:DescribeSavedQueries", "redshift:CreateSavedQuery", "redshift:DeleteSavedQueries", "redshift:ModifySavedQuery", "redshift-data:ExecuteStatement", "redshift-data:ListDatabases", "redshift-data:ListSchemas", "redshift-data:ListTables", "redshift-data:DescribeTable", "redshift-data:GetStatementResult", "redshift-data:CancelStatement", "redshift-data:DescribeStatement", "redshift-data:ListStatements", "secretsmanager:ListSecrets", "secretsmanager:CreateSecret", "secretsmanager:GetSecretValue", "secretsmanager:TagResource" ], "malformed": false, "name": "AmazonRedshiftQueryEditor", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-02-16T19:33:45+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/ComprehendFullAccess", "createdate": "2017-12-05T01:36:24Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "comprehend:BatchDetectDominantLanguage", "comprehend:BatchDetectEntities", "comprehend:BatchDetectKeyPhrases", "comprehend:BatchDetectSentiment", "comprehend:BatchDetectSyntax", "comprehend:BatchDetectTargetedSentiment", "comprehend:ClassifyDocument", "comprehend:ContainsPiiEntities", "comprehend:CreateDataset", "comprehend:CreateDocumentClassifier", "comprehend:CreateEndpoint", "comprehend:CreateEntityRecognizer", "comprehend:CreateFlywheel", "comprehend:DeleteDocumentClassifier", "comprehend:DeleteEndpoint", "comprehend:DeleteEntityRecognizer", "comprehend:DeleteFlywheel", "comprehend:DeleteResourcePolicy", "comprehend:DescribeDataset", "comprehend:DescribeDocumentClassificationJob", "comprehend:DescribeDocumentClassifier", "comprehend:DescribeDominantLanguageDetectionJob", "comprehend:DescribeEndpoint", "comprehend:DescribeEntitiesDetectionJob", "comprehend:DescribeEntityRecognizer", "comprehend:DescribeEventsDetectionJob", "comprehend:DescribeFlywheel", "comprehend:DescribeFlywheelIteration", "comprehend:DescribeKeyPhrasesDetectionJob", "comprehend:DescribePiiEntitiesDetectionJob", "comprehend:DescribeResourcePolicy", "comprehend:DescribeSentimentDetectionJob", "comprehend:DescribeTargetedSentimentDetectionJob", "comprehend:DescribeTopicsDetectionJob", "comprehend:DetectDominantLanguage", "comprehend:DetectEntities", "comprehend:DetectKeyPhrases", "comprehend:DetectPiiEntities", "comprehend:DetectSentiment", "comprehend:DetectSyntax", "comprehend:DetectTargetedSentiment", "comprehend:DetectToxicContent", "comprehend:ImportModel", "comprehend:ListDatasets", "comprehend:ListDocumentClassificationJobs", "comprehend:ListDocumentClassifierSummaries", "comprehend:ListDocumentClassifiers", "comprehend:ListDominantLanguageDetectionJobs", "comprehend:ListEndpoints", "comprehend:ListEntitiesDetectionJobs", "comprehend:ListEntityRecognizerSummaries", "comprehend:ListEntityRecognizers", "comprehend:ListEventsDetectionJobs", "comprehend:ListFlywheelIterationHistory", "comprehend:ListFlywheels", "comprehend:ListKeyPhrasesDetectionJobs", "comprehend:ListPiiEntitiesDetectionJobs", "comprehend:ListSentimentDetectionJobs", "comprehend:ListTagsForResource", "comprehend:ListTargetedSentimentDetectionJobs", "comprehend:ListTopicsDetectionJobs", "comprehend:PutResourcePolicy", "comprehend:StartDocumentClassificationJob", "comprehend:StartDominantLanguageDetectionJob", "comprehend:StartEntitiesDetectionJob", "comprehend:StartEventsDetectionJob", "comprehend:StartFlywheelIteration", "comprehend:StartKeyPhrasesDetectionJob", "comprehend:StartPiiEntitiesDetectionJob", "comprehend:StartSentimentDetectionJob", "comprehend:StartTargetedSentimentDetectionJob", "comprehend:StartTopicsDetectionJob", "comprehend:StopDominantLanguageDetectionJob", "comprehend:StopEntitiesDetectionJob", "comprehend:StopEventsDetectionJob", "comprehend:StopKeyPhrasesDetectionJob", "comprehend:StopPiiEntitiesDetectionJob", "comprehend:StopSentimentDetectionJob", "comprehend:StopTargetedSentimentDetectionJob", "comprehend:StopTrainingDocumentClassifier", "comprehend:StopTrainingEntityRecognizer", "comprehend:TagResource", "comprehend:UntagResource", "comprehend:UpdateEndpoint", "comprehend:UpdateFlywheel", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:GetBucketLocation", "iam:ListRoles", "iam:GetRole" ], "malformed": false, "name": "ComprehendFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-12-05T01:36:24+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy", "createdate": "2023-11-27T00:06:13Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeInstances", "ec2:DescribeInstanceTypes", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcs", "eks:DescribeCluster", "eks-auth:AssumeRoleForPodIdentity" ], "malformed": false, "name": "AmazonEKSWorkerNodePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-27T00:06:13+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceRole", "createdate": "2016-08-11T13:08:01Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:AuthorizeSecurityGroupIngress", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:DeregisterTargets", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:RegisterTargets" ], "malformed": false, "name": "AmazonEC2ContainerServiceRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2016-08-11T13:08:01+00:00", "version": "v2" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSStorageGatewayServiceRolePolicy", "createdate": "2021-02-17T19:03:19Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "fsx:ListTagsForResource" ], "malformed": false, "name": "AWSStorageGatewayServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-02-17T19:03:19+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSCloud9User", "createdate": "2023-10-11T13:24:10Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "cloud9:UpdateUserSettings", "cloud9:GetUserSettings", "iam:GetUser", "iam:ListUsers", "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeRouteTables", "cloud9:CreateEnvironmentEC2", "cloud9:CreateEnvironmentSSH", "cloud9:GetUserPublicKey", "cloud9:DescribeEnvironmentMemberships", "iam:CreateServiceLinkedRole", "ssm:StartSession", "ssm:GetConnectionStatus", "ssm:StartSession" ], "malformed": false, "name": "AWSCloud9User", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-10-11T13:24:10+00:00", "version": "v6" }, { "access_levels": [ "List", "Read" ], "arn": null, "createdate": "2017-08-08T18:57:36Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "cloudformation:DescribeStackEvents", "cloudformation:DescribeStacks", "cloudformation:GetTemplateSummary", "iam:GetGroup", "iam:GetRole", "iam:GetUser", "iam:ListGroups", "iam:ListRoles", "iam:ListUsers", "s3:GetObject", "servicecatalog:DescribeTagOption", "servicecatalog:ListResourcesForTagOption", "servicecatalog:ListTagOptions", "servicecatalog:DescribeProduct", "servicecatalog:DescribeProductView", "servicecatalog:DescribeProvisioningParameters", "servicecatalog:DescribeProvisionedProduct", "servicecatalog:DescribeRecord", "servicecatalog:ListLaunchPaths", "servicecatalog:ListRecordHistory", "servicecatalog:ScanProvisionedProducts", "servicecatalog:SearchProducts", "servicecatalog:DescribeConstraint", "servicecatalog:DescribeProductAsAdmin", "servicecatalog:DescribePortfolio", "servicecatalog:DescribeProvisioningArtifact", "servicecatalog:ListAcceptedPortfolioShares", "servicecatalog:ListConstraintsForPortfolio", "servicecatalog:ListPortfolioAccess", "servicecatalog:ListPortfolios", "servicecatalog:ListPortfoliosForProduct", "servicecatalog:ListPrincipalsForPortfolio", "servicecatalog:ListProvisioningArtifacts", "servicecatalog:SearchProductsAsAdmin" ], "malformed": false, "name": "ServiceCatalogAdminReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": true, "updatedate": null, "version": "v5" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/CloudwatchApplicationInsightsServiceLinkedRolePolicy", "createdate": "2023-05-11T16:34:40Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricData", "cloudwatch:ListMetrics", "cloudwatch:PutMetricAlarm", "cloudwatch:DeleteAlarms", "cloudwatch:PutAnomalyDetector", "cloudwatch:DeleteAnomalyDetector", "cloudwatch:DescribeAnomalyDetectors", "logs:FilterLogEvents", "logs:GetLogEvents", "logs:DescribeLogStreams", "logs:DescribeLogGroups", "events:DescribeRule", "cloudformation:CreateStack", "cloudformation:UpdateStack", "cloudformation:DeleteStack", "cloudformation:DescribeStackResources", "cloudformation:DescribeStacks", "cloudformation:ListStackResources", "cloudformation:ListStacks", "tag:GetResources", "resource-groups:ListGroupResources", "resource-groups:GetGroupQuery", "resource-groups:GetGroup", "resource-groups:CreateGroup", "resource-groups:DeleteGroup", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "autoscaling:DescribeAutoScalingGroups", "ssm:PutParameter", "ssm:DeleteParameter", "ssm:AddTagsToResource", "ssm:RemoveTagsFromResource", "ssm:GetParameters", "ssm:CreateAssociation", "ssm:UpdateAssociation", "ssm:DeleteAssociation", "ssm:DescribeAssociation", "ssm:GetOpsItem", "ssm:CreateOpsItem", "ssm:DescribeOpsItems", "ssm:UpdateOpsItem", "ssm:DescribeInstanceInformation", "ssm:AddTagsToResource", "ssm:ListCommandInvocations", "ssm:GetCommandInvocation", "ssm:SendCommand", "ec2:DescribeInstances", "ec2:DescribeVolumes", "ec2:DescribeVolumeStatus", "ec2:DescribeVpcs", "ec2:DescribeVpcAttribute", "ec2:DescribeNatGateways", "rds:DescribeDBInstances", "rds:DescribeDBClusters", "lambda:ListFunctions", "lambda:GetFunctionConfiguration", "lambda:ListEventSourceMappings", "events:PutRule", "events:PutTargets", "events:RemoveTargets", "events:DeleteRule", "xray:GetServiceGraph", "xray:GetTraceSummaries", "xray:GetTimeSeriesServiceStatistics", "xray:GetTraceGraph", "dynamodb:ListTables", "dynamodb:DescribeTable", "dynamodb:DescribeContributorInsights", "dynamodb:DescribeTimeToLive", "application-autoscaling:DescribeScalableTargets", "s3:ListAllMyBuckets", "s3:GetMetricsConfiguration", "s3:GetReplicationConfiguration", "states:ListStateMachines", "states:DescribeExecution", "states:DescribeStateMachine", "states:GetExecutionHistory", "apigateway:GET", "ecs:DescribeClusters", "ecs:DescribeContainerInstances", "ecs:DescribeServices", "ecs:DescribeTaskDefinition", "ecs:DescribeTasks", "ecs:DescribeTaskSets", "ecs:ListClusters", "ecs:ListContainerInstances", "ecs:ListServices", "ecs:ListTasks", "ecs:UpdateClusterSettings", "eks:DescribeCluster", "eks:DescribeFargateProfile", "eks:DescribeNodegroup", "eks:ListClusters", "eks:ListFargateProfiles", "eks:ListNodegroups", "fsx:DescribeFileSystems", "fsx:DescribeVolumes", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:GetSMSAttributes", "sns:ListSubscriptionsByTopic", "sns:ListTopics", "sqs:ListQueues", "logs:DeleteSubscriptionFilter", "logs:PutSubscriptionFilter", "elasticfilesystem:DescribeFileSystems", "route53:GetHostedZone", "route53:GetHealthCheck", "route53:ListHostedZones", "route53:ListHealthChecks", "route53:ListQueryLoggingConfigs", "route53resolver:ListFirewallRuleGroupAssociations", "route53resolver:GetFirewallRuleGroup", "route53resolver:ListFirewallRuleGroups", "route53resolver:ListResolverEndpoints", "route53resolver:GetResolverQueryLogConfig", "route53resolver:ListResolverQueryLogConfigs", "route53resolver:ListResolverQueryLogConfigAssociations", "route53resolver:GetResolverEndpoint", "route53resolver:GetFirewallRuleGroupAssociation" ], "malformed": false, "name": "CloudwatchApplicationInsightsServiceLinkedRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-05-11T16:34:40+00:00", "version": "v24" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonVPCReachabilityAnalyzerFullAccessPolicy", "createdate": "2023-11-03T19:37:28Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "directconnect:DescribeConnections", "directconnect:DescribeDirectConnectGatewayAssociations", "directconnect:DescribeDirectConnectGatewayAttachments", "directconnect:DescribeDirectConnectGateways", "directconnect:DescribeVirtualGateways", "directconnect:DescribeVirtualInterfaces", "ec2:CreateNetworkInsightsPath", "ec2:DeleteNetworkInsightsAnalysis", "ec2:DeleteNetworkInsightsPath", "ec2:DescribeAvailabilityZones", "ec2:DescribeCustomerGateways", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeManagedPrefixLists", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaces", "ec2:DescribePrefixLists", "ec2:DescribeRegions", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGateways", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:GetManagedPrefixListEntries", "ec2:GetTransitGatewayRouteTablePropagations", "ec2:SearchTransitGatewayRoutes", "ec2:StartNetworkInsightsAnalysis", "ec2:CreateTags", "ec2:DeleteTags", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "globalaccelerator:ListAccelerators", "globalaccelerator:ListCustomRoutingAccelerators", "globalaccelerator:ListCustomRoutingEndpointGroups", "globalaccelerator:ListCustomRoutingListeners", "globalaccelerator:ListCustomRoutingPortMappings", "globalaccelerator:ListEndpointGroups", "globalaccelerator:ListListeners", "network-firewall:DescribeFirewall", "network-firewall:DescribeFirewallPolicy", "network-firewall:DescribeResourcePolicy", "network-firewall:DescribeRuleGroup", "network-firewall:ListFirewallPolicies", "network-firewall:ListFirewalls", "network-firewall:ListRuleGroups", "tiros:CreateQuery", "tiros:ExtendQuery", "tiros:GetQueryAnswer", "tiros:GetQueryExplanation", "tiros:GetQueryExtensionAccounts" ], "malformed": false, "name": "AmazonVPCReachabilityAnalyzerFullAccessPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-03T19:37:28+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/IVSReadOnlyAccess", "createdate": "2024-02-16T18:03:24Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ivs:BatchGetChannel", "ivs:GetChannel", "ivs:GetComposition", "ivs:GetEncoderConfiguration", "ivs:GetParticipant", "ivs:GetPlaybackKeyPair", "ivs:GetPlaybackRestrictionPolicy", "ivs:GetRecordingConfiguration", "ivs:GetStage", "ivs:GetStageSession", "ivs:GetStorageConfiguration", "ivs:GetStream", "ivs:GetStreamSession", "ivs:ListChannels", "ivs:ListCompositions", "ivs:ListEncoderConfigurations", "ivs:ListParticipants", "ivs:ListParticipantEvents", "ivs:ListPlaybackKeyPairs", "ivs:ListPlaybackRestrictionPolicies", "ivs:ListRecordingConfigurations", "ivs:ListStages", "ivs:ListStageSessions", "ivs:ListStorageConfigurations", "ivs:ListStreamKeys", "ivs:ListStreams", "ivs:ListStreamSessions", "ivs:ListTagsForResource" ], "malformed": false, "name": "IVSReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-16T18:03:24+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonRDSReadOnlyAccess", "createdate": "2023-04-14T12:32:09Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "rds:DescribeAccountAttributes", "rds:DescribeBlueGreenDeployments", "rds:DescribeCertificates", "rds:DescribeDBClusterAutomatedBackups", "rds:DescribeDBClusterBacktracks", "rds:DescribeDBClusterEndpoints", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBProxies", "rds:DescribeDBProxyEndpoints", "rds:DescribeDBProxyTargetGroups", "rds:DescribeDBProxyTargets", "rds:DescribeDBRecommendations", "rds:DescribeDBSecurityGroups", "rds:DescribeDBShardGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeDbSnapshotTenantDatabases", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeExportTasks", "rds:DescribeGlobalClusters", "rds:DescribeIntegrations", "rds:DescribeOptionGroupOptions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeRecommendationGroups", "rds:DescribeRecommendations", "rds:DescribeReservedDBInstances", "rds:DescribeReservedDBInstancesOfferings", "rds:DescribeSourceRegions", "rds:DescribeTenantDatabases", "rds:DescribeValidDBInstanceModifications", "rds:ListTagsForResource", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", "ec2:DescribeInternetGateways", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcs", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "cloudwatch:GetMetricData", "logs:DescribeLogStreams", "logs:GetLogEvents", "devops-guru:GetResourceCollection", "devops-guru:SearchInsights", "devops-guru:ListAnomaliesForInsight" ], "malformed": false, "name": "AmazonRDSReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-14T12:32:09+00:00", "version": "v7" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/SplitCostAllocationDataServiceRolePolicy", "createdate": "2024-04-16T16:05:16Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:DescribeOrganization", "organizations:ListAccounts", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListParents", "aps:ListWorkspaces", "aps:QueryMetrics" ], "malformed": false, "name": "SplitCostAllocationDataServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-16T16:05:16+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSChatbotServiceLinkedRolePolicy", "createdate": "2019-11-18T16:39:50Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "sns:ListSubscriptionsByTopic", "sns:ListTopics", "sns:Unsubscribe", "sns:Subscribe", "sns:ListSubscriptions", "logs:PutLogEvents", "logs:CreateLogStream", "logs:DescribeLogStreams", "logs:CreateLogGroup", "logs:DescribeLogGroups" ], "malformed": false, "name": "AWSChatbotServiceLinkedRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-11-18T16:39:50+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/DynamoDBKinesisReplicationServiceRolePolicy", "createdate": "2020-11-12T00:43:25Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "kms:GenerateDataKey", "kinesis:PutRecord", "kinesis:PutRecords", "kinesis:DescribeStream" ], "malformed": false, "name": "DynamoDBKinesisReplicationServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-11-12T00:43:25+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonWorkDocsFullAccess", "createdate": "2020-04-16T23:05:11Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "workdocs:AbortDocumentVersionUpload", "workdocs:ActivateUser", "workdocs:AddNotificationPermissions", "workdocs:AddResourcePermissions", "workdocs:AddUserToGroup", "workdocs:CheckAlias", "workdocs:CreateComment", "workdocs:CreateCustomMetadata", "workdocs:CreateFolder", "workdocs:CreateInstance", "workdocs:CreateLabels", "workdocs:CreateNotificationSubscription", "workdocs:CreateUser", "workdocs:DeactivateUser", "workdocs:DeleteComment", "workdocs:DeleteCustomMetadata", "workdocs:DeleteDocument", "workdocs:DeleteDocumentVersion", "workdocs:DeleteFolder", "workdocs:DeleteFolderContents", "workdocs:DeleteInstance", "workdocs:DeleteLabels", "workdocs:DeleteNotificationPermissions", "workdocs:DeleteNotificationSubscription", "workdocs:DeleteUser", "workdocs:DeregisterDirectory", "workdocs:DescribeActivities", "workdocs:DescribeAvailableDirectories", "workdocs:DescribeComments", "workdocs:DescribeDocumentVersions", "workdocs:DescribeFolderContents", "workdocs:DescribeGroups", "workdocs:DescribeInstanceExports", "workdocs:DescribeInstances", "workdocs:DescribeNotificationPermissions", "workdocs:DescribeNotificationSubscriptions", "workdocs:DescribeResourcePermissions", "workdocs:DescribeRootFolders", "workdocs:DescribeUsers", "workdocs:DownloadDocumentVersion", "workdocs:GetCurrentUser", "workdocs:GetDocument", "workdocs:GetDocumentPath", "workdocs:GetDocumentVersion", "workdocs:GetFolder", "workdocs:GetFolderPath", "workdocs:GetGroup", "workdocs:GetResources", "workdocs:InitiateDocumentVersionUpload", "workdocs:RegisterDirectory", "workdocs:RemoveAllResourcePermissions", "workdocs:RemoveResourcePermission", "workdocs:RestoreDocumentVersions", "workdocs:SearchResources", "workdocs:StartInstanceExport", "workdocs:UpdateDocument", "workdocs:UpdateDocumentVersion", "workdocs:UpdateFolder", "workdocs:UpdateInstanceAlias", "workdocs:UpdateUser", "workdocs:UpdateUserAdministrativeSettings", "ds:DescribeDirectories", "ec2:DescribeVpcs", "ec2:DescribeSubnets" ], "malformed": false, "name": "AmazonWorkDocsFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-04-16T23:05:11+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": null, "createdate": "2020-06-18T18:42:19Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "sso:GetManagedApplicationInstance", "sso:GetProfile", "sso:ListProfiles", "sso:ListProfileAssociations", "sso:AssociateProfile", "sso:ListDirectoryAssociations", "sso-directory:DescribeUsers", "sso-directory:SearchUsers" ], "malformed": false, "name": "AWSServiceRoleForThorInternalDevPolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingDynamoDBTablePolicy", "createdate": "2017-10-20T21:34:57Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "dynamodb:DescribeTable", "dynamodb:UpdateTable", "cloudwatch:PutMetricAlarm", "cloudwatch:DescribeAlarms", "cloudwatch:DeleteAlarms" ], "malformed": false, "name": "AWSApplicationAutoscalingDynamoDBTablePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-10-20T21:34:57+00:00", "version": "v1" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonCloudWatchEvidentlyServiceRolePolicy", "createdate": "2022-09-13T17:25:36Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "appconfig:StartDeployment", "appconfig:TagResource", "appconfig:StopDeployment", "appconfig:ListDeployments" ], "malformed": false, "name": "AmazonCloudWatchEvidentlyServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-09-13T17:25:36+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/ROSAKMSProviderPolicy", "createdate": "2023-04-27T20:10:20Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "kms:Encrypt", "kms:Decrypt", "kms:DescribeKey" ], "malformed": false, "name": "ROSAKMSProviderPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-27T20:10:20+00:00", "version": "v1" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonMobileAnalyticsFinancialReportAccess", "createdate": "2015-02-06T18:40:35Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mobileanalytics:GetReports", "mobileanalytics:GetFinancialReports" ], "malformed": false, "name": "AmazonMobileAnalyticsFinancialReportAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:40:35+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonFreeRTOSFullAccess", "createdate": "2017-11-29T15:32:51Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "freertos:CreateSoftwareConfiguration", "freertos:CreateSubscription", "freertos:DeleteSoftwareConfiguration", "freertos:DescribeHardwarePlatform", "freertos:DescribeSoftwareConfiguration", "freertos:DescribeSubscription", "freertos:GetEmpPatchUrl", "freertos:GetSoftwareURL", "freertos:GetSoftwareURLForConfiguration", "freertos:GetSubscriptionBillingAmount", "freertos:ListFreeRTOSVersions", "freertos:ListHardwarePlatforms", "freertos:ListHardwareVendors", "freertos:ListSoftwareConfigurations", "freertos:ListSoftwarePatches", "freertos:ListSubscriptionEmails", "freertos:ListSubscriptions", "freertos:UpdateEmailRecipients", "freertos:UpdateSoftwareConfiguration", "freertos:VerifyEmail" ], "malformed": false, "name": "AmazonFreeRTOSFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-11-29T15:32:51+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSWellArchitectedDiscoveryServiceRolePolicy", "createdate": "2023-04-26T18:36:40Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "trustedadvisor:DescribeChecks", "trustedadvisor:DescribeCheckItems", "cloudformation:DescribeStacks", "cloudformation:ListStackResources", "resource-groups:ListGroupResources", "tag:GetResources", "servicecatalog:ListAssociatedResources", "servicecatalog:GetApplication", "servicecatalog:CreateAttributeGroup", "servicecatalog:AssociateAttributeGroup", "servicecatalog:DisassociateAttributeGroup", "servicecatalog:UpdateAttributeGroup", "servicecatalog:DeleteAttributeGroup" ], "malformed": false, "name": "AWSWellArchitectedDiscoveryServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-26T18:36:40+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/ComprehendMedicalFullAccess", "createdate": "2018-11-27T17:55:52Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "comprehendmedical:DescribeEntitiesDetectionV2Job", "comprehendmedical:DescribeICD10CMInferenceJob", "comprehendmedical:DescribePHIDetectionJob", "comprehendmedical:DescribeRxNormInferenceJob", "comprehendmedical:DescribeSNOMEDCTInferenceJob", "comprehendmedical:DetectEntitiesV2", "comprehendmedical:DetectPHI", "comprehendmedical:InferICD10CM", "comprehendmedical:InferRxNorm", "comprehendmedical:InferSNOMEDCT", "comprehendmedical:ListEntitiesDetectionV2Jobs", "comprehendmedical:ListICD10CMInferenceJobs", "comprehendmedical:ListPHIDetectionJobs", "comprehendmedical:ListRxNormInferenceJobs", "comprehendmedical:ListSNOMEDCTInferenceJobs", "comprehendmedical:StartEntitiesDetectionV2Job", "comprehendmedical:StartICD10CMInferenceJob", "comprehendmedical:StartPHIDetectionJob", "comprehendmedical:StartRxNormInferenceJob", "comprehendmedical:StartSNOMEDCTInferenceJob", "comprehendmedical:StopEntitiesDetectionV2Job", "comprehendmedical:StopICD10CMInferenceJob", "comprehendmedical:StopPHIDetectionJob", "comprehendmedical:StopRxNormInferenceJob", "comprehendmedical:StopSNOMEDCTInferenceJob" ], "malformed": false, "name": "ComprehendMedicalFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-11-27T17:55:52+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSSupportAccess", "createdate": "2015-02-06T18:41:11Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "support:AddAttachmentsToSet", "support:AddCommunicationToCase", "support:CreateCase", "support:DescribeAttachment", "support:DescribeCaseAttributes", "support:DescribeCases", "support:DescribeCommunication", "support:DescribeCommunications", "support:DescribeCreateCaseOptions", "support:DescribeIssueTypes", "support:DescribeServices", "support:DescribeSeverityLevels", "support:DescribeSupportLevel", "support:DescribeSupportedLanguages", "support:DescribeTrustedAdvisorCheckRefreshStatuses", "support:DescribeTrustedAdvisorCheckResult", "support:DescribeTrustedAdvisorCheckSummaries", "support:DescribeTrustedAdvisorChecks", "support:InitiateCallForCase", "support:InitiateChatForCase", "support:PutCaseAttributes", "support:RateCaseCommunication", "support:RefreshTrustedAdvisorCheck", "support:ResolveCase", "support:SearchForCases" ], "malformed": false, "name": "AWSSupportAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:41:11+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonRoute53RecoveryControlConfigFullAccess", "createdate": "2021-08-18T17:48:35Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "route53-recovery-control-config:CreateCluster", "route53-recovery-control-config:CreateControlPanel", "route53-recovery-control-config:CreateRoutingControl", "route53-recovery-control-config:CreateSafetyRule", "route53-recovery-control-config:DeleteCluster", "route53-recovery-control-config:DeleteControlPanel", "route53-recovery-control-config:DeleteRoutingControl", "route53-recovery-control-config:DeleteSafetyRule", "route53-recovery-control-config:DescribeCluster", "route53-recovery-control-config:DescribeControlPanel", "route53-recovery-control-config:DescribeRoutingControl", "route53-recovery-control-config:DescribeRoutingControlByName", "route53-recovery-control-config:DescribeSafetyRule", "route53-recovery-control-config:GetResourcePolicy", "route53-recovery-control-config:ListAssociatedRoute53HealthChecks", "route53-recovery-control-config:ListClusters", "route53-recovery-control-config:ListControlPanels", "route53-recovery-control-config:ListRoutingControls", "route53-recovery-control-config:ListSafetyRules", "route53-recovery-control-config:ListTagsForResource", "route53-recovery-control-config:TagResource", "route53-recovery-control-config:UntagResource", "route53-recovery-control-config:UpdateControlPanel", "route53-recovery-control-config:UpdateRoutingControl", "route53-recovery-control-config:UpdateSafetyRule" ], "malformed": false, "name": "AmazonRoute53RecoveryControlConfigFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-08-18T17:48:35+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonOpenSearchServiceReadOnlyAccess", "createdate": "2021-09-08T05:38:13Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "es:DescribeDomain", "es:DescribeDomainAutoTunes", "es:DescribeDomainChangeProgress", "es:DescribeDomainConfig", "es:DescribeDomainHealth", "es:DescribeDomainNodes", "es:DescribeDomains", "es:DescribeDryRunProgress", "es:DescribeElasticsearchDomain", "es:DescribeElasticsearchDomainConfig", "es:DescribeElasticsearchDomains", "es:DescribeElasticsearchInstanceTypeLimits", "es:DescribeInboundConnections", "es:DescribeInboundCrossClusterSearchConnections", "es:DescribeInstanceTypeLimits", "es:DescribeOutboundConnections", "es:DescribeOutboundCrossClusterSearchConnections", "es:DescribePackages", "es:DescribeReservedElasticsearchInstanceOfferings", "es:DescribeReservedElasticsearchInstances", "es:DescribeReservedInstanceOfferings", "es:DescribeReservedInstances", "es:DescribeVpcEndpoints", "es:ListDataSources", "es:ListDomainMaintenances", "es:ListDomainNames", "es:ListDomainsForPackage", "es:ListElasticsearchInstanceTypeDetails", "es:ListElasticsearchInstanceTypes", "es:ListElasticsearchVersions", "es:ListInstanceTypeDetails", "es:ListPackagesForDomain", "es:ListScheduledActions", "es:ListTags", "es:ListVersions", "es:ListVpcEndpointAccess", "es:ListVpcEndpoints", "es:ListVpcEndpointsForDomain", "es:GetCompatibleElasticsearchVersions", "es:GetCompatibleVersions", "es:GetDataSource", "es:GetDomainMaintenanceStatus", "es:GetPackageVersionHistory", "es:GetUpgradeHistory", "es:GetUpgradeStatus" ], "malformed": false, "name": "AmazonOpenSearchServiceReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-09-08T05:38:13+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/job-function/DatabaseAdministrator", "createdate": "2019-01-08T00:48:02Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudwatch:DeleteAlarms", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:DisableAlarmActions", "cloudwatch:EnableAlarmActions", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "cloudwatch:PutMetricAlarm", "datapipeline:ActivatePipeline", "datapipeline:CreatePipeline", "datapipeline:DeletePipeline", "datapipeline:DescribeObjects", "datapipeline:DescribePipelines", "datapipeline:GetPipelineDefinition", "datapipeline:ListPipelines", "datapipeline:PutPipelineDefinition", "datapipeline:QueryObjects", "dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:ConditionCheckItem", "dynamodb:CreateBackup", "dynamodb:CreateGlobalTable", "dynamodb:CreateTable", "dynamodb:CreateTableReplica", "dynamodb:DeleteBackup", "dynamodb:DeleteItem", "dynamodb:DeleteResourcePolicy", "dynamodb:DeleteTable", "dynamodb:DeleteTableReplica", "dynamodb:DescribeBackup", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeContributorInsights", "dynamodb:DescribeEndpoints", "dynamodb:DescribeExport", "dynamodb:DescribeGlobalTable", "dynamodb:DescribeGlobalTableSettings", "dynamodb:DescribeImport", "dynamodb:DescribeKinesisStreamingDestination", "dynamodb:DescribeLimits", "dynamodb:DescribeReservedCapacity", "dynamodb:DescribeReservedCapacityOfferings", "dynamodb:DescribeStream", "dynamodb:DescribeTable", "dynamodb:DescribeTableReplicaAutoScaling", "dynamodb:DescribeTimeToLive", "dynamodb:DisableKinesisStreamingDestination", "dynamodb:EnableKinesisStreamingDestination", "dynamodb:ExportTableToPointInTime", "dynamodb:GetItem", "dynamodb:GetRecords", "dynamodb:GetResourcePolicy", "dynamodb:GetShardIterator", "dynamodb:ImportTable", "dynamodb:ListBackups", "dynamodb:ListContributorInsights", "dynamodb:ListExports", "dynamodb:ListGlobalTables", "dynamodb:ListImports", "dynamodb:ListStreams", "dynamodb:ListTables", "dynamodb:ListTagsOfResource", "dynamodb:PartiQLDelete", "dynamodb:PartiQLInsert", "dynamodb:PartiQLSelect", "dynamodb:PartiQLUpdate", "dynamodb:PurchaseReservedCapacityOfferings", "dynamodb:PutItem", "dynamodb:PutResourcePolicy", "dynamodb:Query", "dynamodb:RestoreTableFromAwsBackup", "dynamodb:RestoreTableFromBackup", "dynamodb:RestoreTableToPointInTime", "dynamodb:Scan", "dynamodb:StartAwsBackupJob", "dynamodb:TagResource", "dynamodb:UntagResource", "dynamodb:UpdateContinuousBackups", "dynamodb:UpdateContributorInsights", "dynamodb:UpdateGlobalTable", "dynamodb:UpdateGlobalTableSettings", "dynamodb:UpdateGlobalTableVersion", "dynamodb:UpdateItem", "dynamodb:UpdateKinesisStreamingDestination", "dynamodb:UpdateTable", "dynamodb:UpdateTableReplicaAutoScaling", "dynamodb:UpdateTimeToLive", "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DescribeAvailabilityZones", "ec2:DescribeInternetGateways", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "elasticache:AddTagsToResource", "elasticache:AuthorizeCacheSecurityGroupIngress", "elasticache:BatchApplyUpdateAction", "elasticache:BatchStopUpdateAction", "elasticache:CompleteMigration", "elasticache:Connect", "elasticache:CopyServerlessCacheSnapshot", "elasticache:CopySnapshot", "elasticache:CreateCacheCluster", "elasticache:CreateCacheParameterGroup", "elasticache:CreateCacheSecurityGroup", "elasticache:CreateCacheSubnetGroup", "elasticache:CreateGlobalReplicationGroup", "elasticache:CreateReplicationGroup", "elasticache:CreateServerlessCache", "elasticache:CreateServerlessCacheSnapshot", "elasticache:CreateSnapshot", "elasticache:CreateUser", "elasticache:CreateUserGroup", "elasticache:DecreaseNodeGroupsInGlobalReplicationGroup", "elasticache:DecreaseReplicaCount", "elasticache:DeleteCacheCluster", "elasticache:DeleteCacheParameterGroup", "elasticache:DeleteCacheSecurityGroup", "elasticache:DeleteCacheSubnetGroup", "elasticache:DeleteGlobalReplicationGroup", "elasticache:DeleteReplicationGroup", "elasticache:DeleteServerlessCache", "elasticache:DeleteServerlessCacheSnapshot", "elasticache:DeleteSnapshot", "elasticache:DeleteUser", "elasticache:DeleteUserGroup", "elasticache:DescribeCacheClusters", "elasticache:DescribeCacheEngineVersions", "elasticache:DescribeCacheParameterGroups", "elasticache:DescribeCacheParameters", "elasticache:DescribeCacheSecurityGroups", "elasticache:DescribeCacheSubnetGroups", "elasticache:DescribeEngineDefaultParameters", "elasticache:DescribeEvents", "elasticache:DescribeGlobalReplicationGroups", "elasticache:DescribeReplicationGroups", "elasticache:DescribeReservedCacheNodes", "elasticache:DescribeReservedCacheNodesOfferings", "elasticache:DescribeServerlessCacheSnapshots", "elasticache:DescribeServerlessCaches", "elasticache:DescribeServiceUpdates", "elasticache:DescribeSnapshots", "elasticache:DescribeUpdateActions", "elasticache:DescribeUserGroups", "elasticache:DescribeUsers", "elasticache:DisassociateGlobalReplicationGroup", "elasticache:ExportServerlessCacheSnapshot", "elasticache:FailoverGlobalReplicationGroup", "elasticache:IncreaseNodeGroupsInGlobalReplicationGroup", "elasticache:IncreaseReplicaCount", "elasticache:InterruptClusterAzPower", "elasticache:ListAllowedNodeTypeModifications", "elasticache:ListTagsForResource", "elasticache:ModifyCacheCluster", "elasticache:ModifyCacheParameterGroup", "elasticache:ModifyCacheSubnetGroup", "elasticache:ModifyGlobalReplicationGroup", "elasticache:ModifyReplicationGroup", "elasticache:ModifyReplicationGroupShardConfiguration", "elasticache:ModifyServerlessCache", "elasticache:ModifyUser", "elasticache:ModifyUserGroup", "elasticache:PurchaseReservedCacheNodesOffering", "elasticache:RebalanceSlotsInGlobalReplicationGroup", "elasticache:RebootCacheCluster", "elasticache:RemoveTagsFromResource", "elasticache:ResetCacheParameterGroup", "elasticache:RevokeCacheSecurityGroupIngress", "elasticache:StartMigration", "elasticache:TestFailover", "elasticache:TestMigration", "iam:ListRoles", "iam:GetRole", "kms:ListKeys", "lambda:CreateEventSourceMapping", "lambda:CreateFunction", "lambda:DeleteEventSourceMapping", "lambda:DeleteFunction", "lambda:GetFunctionConfiguration", "lambda:ListEventSourceMappings", "lambda:ListFunctions", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:FilterLogEvents", "logs:GetLogEvents", "logs:CreateDelivery", "logs:CreateExportTask", "logs:CreateLogAnomalyDetector", "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "logs:PutMetricFilter", "rds:AddRoleToDBCluster", "rds:AddRoleToDBInstance", "rds:AddSourceIdentifierToSubscription", "rds:AddTagsToResource", "rds:ApplyPendingMaintenanceAction", "rds:AuthorizeDBSecurityGroupIngress", "rds:BacktrackDBCluster", "rds:CancelExportTask", "rds:CopyDBClusterParameterGroup", "rds:CopyDBClusterSnapshot", "rds:CopyDBParameterGroup", "rds:CopyDBSnapshot", "rds:CopyOptionGroup", "rds:CreateBlueGreenDeployment", "rds:CreateCustomDBEngineVersion", "rds:CreateDBCluster", "rds:CreateDBClusterEndpoint", "rds:CreateDBClusterParameterGroup", "rds:CreateDBClusterSnapshot", "rds:CreateDBInstance", "rds:CreateDBInstanceReadReplica", "rds:CreateDBParameterGroup", "rds:CreateDBProxy", "rds:CreateDBProxyEndpoint", "rds:CreateDBSecurityGroup", "rds:CreateDBShardGroup", "rds:CreateDBSnapshot", "rds:CreateDBSubnetGroup", "rds:CreateEventSubscription", "rds:CreateGlobalCluster", "rds:CreateIntegration", "rds:CreateOptionGroup", "rds:CreateTenantDatabase", "rds:CrossRegionCommunication", "rds:DeleteBlueGreenDeployment", "rds:DeleteCustomDBEngineVersion", "rds:DeleteDBCluster", "rds:DeleteDBClusterAutomatedBackup", "rds:DeleteDBClusterEndpoint", "rds:DeleteDBClusterParameterGroup", "rds:DeleteDBClusterSnapshot", "rds:DeleteDBInstance", "rds:DeleteDBInstanceAutomatedBackup", "rds:DeleteDBParameterGroup", "rds:DeleteDBProxy", "rds:DeleteDBProxyEndpoint", "rds:DeleteDBSecurityGroup", "rds:DeleteDBShardGroup", "rds:DeleteDBSnapshot", "rds:DeleteDBSubnetGroup", "rds:DeleteEventSubscription", "rds:DeleteGlobalCluster", "rds:DeleteIntegration", "rds:DeleteOptionGroup", "rds:DeleteTenantDatabase", "rds:DeregisterDBProxyTargets", "rds:DescribeAccountAttributes", "rds:DescribeBlueGreenDeployments", "rds:DescribeCertificates", "rds:DescribeDBClusterAutomatedBackups", "rds:DescribeDBClusterBacktracks", "rds:DescribeDBClusterEndpoints", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBProxies", "rds:DescribeDBProxyEndpoints", "rds:DescribeDBProxyTargetGroups", "rds:DescribeDBProxyTargets", "rds:DescribeDBRecommendations", "rds:DescribeDBSecurityGroups", "rds:DescribeDBShardGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeDbSnapshotTenantDatabases", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeExportTasks", "rds:DescribeGlobalClusters", "rds:DescribeIntegrations", "rds:DescribeOptionGroupOptions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeRecommendationGroups", "rds:DescribeRecommendations", "rds:DescribeReservedDBInstances", "rds:DescribeReservedDBInstancesOfferings", "rds:DescribeSourceRegions", "rds:DescribeTenantDatabases", "rds:DescribeValidDBInstanceModifications", "rds:DisableHttpEndpoint", "rds:DownloadCompleteDBLogFile", "rds:DownloadDBLogFilePortion", "rds:EnableHttpEndpoint", "rds:FailoverDBCluster", "rds:FailoverGlobalCluster", "rds:ListTagsForResource", "rds:ModifyActivityStream", "rds:ModifyCertificates", "rds:ModifyCurrentDBClusterCapacity", "rds:ModifyCustomDBEngineVersion", "rds:ModifyDBCluster", "rds:ModifyDBClusterEndpoint", "rds:ModifyDBClusterParameterGroup", "rds:ModifyDBClusterSnapshotAttribute", "rds:ModifyDBInstance", "rds:ModifyDBParameterGroup", "rds:ModifyDBProxy", "rds:ModifyDBProxyEndpoint", "rds:ModifyDBProxyTargetGroup", "rds:ModifyDBRecommendation", "rds:ModifyDBShardGroup", "rds:ModifyDBSnapshot", "rds:ModifyDBSnapshotAttribute", "rds:ModifyDBSubnetGroup", "rds:ModifyEventSubscription", "rds:ModifyGlobalCluster", "rds:ModifyIntegration", "rds:ModifyOptionGroup", "rds:ModifyRecommendation", "rds:ModifyTenantDatabase", "rds:PromoteReadReplica", "rds:PromoteReadReplicaDBCluster", "rds:PurchaseReservedDBInstancesOffering", "rds:RebootDBCluster", "rds:RebootDBInstance", "rds:RebootDBShardGroup", "rds:RegisterDBProxyTargets", "rds:RemoveFromGlobalCluster", "rds:RemoveRoleFromDBCluster", "rds:RemoveRoleFromDBInstance", "rds:RemoveSourceIdentifierFromSubscription", "rds:RemoveTagsFromResource", "rds:ResetDBClusterParameterGroup", "rds:ResetDBParameterGroup", "rds:RestoreDBClusterFromS3", "rds:RestoreDBClusterFromSnapshot", "rds:RestoreDBClusterToPointInTime", "rds:RestoreDBInstanceFromDBSnapshot", "rds:RestoreDBInstanceFromS3", "rds:RestoreDBInstanceToPointInTime", "rds:RevokeDBSecurityGroupIngress", "rds:StartActivityStream", "rds:StartDBCluster", "rds:StartDBInstance", "rds:StartDBInstanceAutomatedBackupsReplication", "rds:StartExportTask", "rds:StopActivityStream", "rds:StopDBCluster", "rds:StopDBInstance", "rds:StopDBInstanceAutomatedBackupsReplication", "rds:SwitchoverBlueGreenDeployment", "rds:SwitchoverGlobalCluster", "rds:SwitchoverReadReplica", "redshift:AcceptReservedNodeExchange", "redshift:AddPartner", "redshift:AssociateDataShareConsumer", "redshift:AuthorizeClusterSecurityGroupIngress", "redshift:AuthorizeDataShare", "redshift:AuthorizeEndpointAccess", "redshift:AuthorizeSnapshotAccess", "redshift:BatchDeleteClusterSnapshots", "redshift:BatchModifyClusterSnapshots", "redshift:CancelQuery", "redshift:CancelQuerySession", "redshift:CancelResize", "redshift:CopyClusterSnapshot", "redshift:CreateAuthenticationProfile", "redshift:CreateCluster", "redshift:CreateClusterParameterGroup", "redshift:CreateClusterSecurityGroup", "redshift:CreateClusterSnapshot", "redshift:CreateClusterSubnetGroup", "redshift:CreateClusterUser", "redshift:CreateCustomDomainAssociation", "redshift:CreateEndpointAccess", "redshift:CreateEventSubscription", "redshift:CreateHsmClientCertificate", "redshift:CreateHsmConfiguration", "redshift:CreateQev2IdcApplication", "redshift:CreateRedshiftIdcApplication", "redshift:CreateSavedQuery", "redshift:CreateScheduledAction", "redshift:CreateSnapshotCopyGrant", "redshift:CreateSnapshotSchedule", "redshift:CreateTags", "redshift:CreateUsageLimit", "redshift:DeauthorizeDataShare", "redshift:DeleteAuthenticationProfile", "redshift:DeleteCluster", "redshift:DeleteClusterParameterGroup", "redshift:DeleteClusterSecurityGroup", "redshift:DeleteClusterSnapshot", "redshift:DeleteClusterSubnetGroup", "redshift:DeleteCustomDomainAssociation", "redshift:DeleteEndpointAccess", "redshift:DeleteEventSubscription", "redshift:DeleteHsmClientCertificate", "redshift:DeleteHsmConfiguration", "redshift:DeletePartner", "redshift:DeleteQev2IdcApplication", "redshift:DeleteRedshiftIdcApplication", "redshift:DeleteResourcePolicy", "redshift:DeleteSavedQueries", "redshift:DeleteScheduledAction", "redshift:DeleteSnapshotCopyGrant", "redshift:DeleteSnapshotSchedule", "redshift:DeleteTags", "redshift:DeleteUsageLimit", "redshift:DescribeAccountAttributes", "redshift:DescribeAuthenticationProfiles", "redshift:DescribeClusterDbRevisions", "redshift:DescribeClusterParameterGroups", "redshift:DescribeClusterParameters", "redshift:DescribeClusterSecurityGroups", "redshift:DescribeClusterSnapshots", "redshift:DescribeClusterSubnetGroups", "redshift:DescribeClusterTracks", "redshift:DescribeClusterVersions", "redshift:DescribeClusters", "redshift:DescribeCustomDomainAssociations", "redshift:DescribeDataShares", "redshift:DescribeDataSharesForConsumer", "redshift:DescribeDataSharesForProducer", "redshift:DescribeDefaultClusterParameters", "redshift:DescribeEndpointAccess", "redshift:DescribeEndpointAuthorization", "redshift:DescribeEventCategories", "redshift:DescribeEventSubscriptions", "redshift:DescribeEvents", "redshift:DescribeHsmClientCertificates", "redshift:DescribeHsmConfigurations", "redshift:DescribeInboundIntegrations", "redshift:DescribeLoggingStatus", "redshift:DescribeNodeConfigurationOptions", "redshift:DescribeOrderableClusterOptions", "redshift:DescribePartners", "redshift:DescribeQev2IdcApplications", "redshift:DescribeQuery", "redshift:DescribeRedshiftIdcApplications", "redshift:DescribeReservedNodeExchangeStatus", "redshift:DescribeReservedNodeOfferings", "redshift:DescribeReservedNodes", "redshift:DescribeResize", "redshift:DescribeSavedQueries", "redshift:DescribeScheduledActions", "redshift:DescribeSnapshotCopyGrants", "redshift:DescribeSnapshotSchedules", "redshift:DescribeStorage", "redshift:DescribeTable", "redshift:DescribeTableRestoreStatus", "redshift:DescribeTags", "redshift:DescribeUsageLimits", "redshift:DisableLogging", "redshift:DisableSnapshotCopy", "redshift:DisassociateDataShareConsumer", "redshift:EnableLogging", "redshift:EnableSnapshotCopy", "redshift:ExecuteQuery", "redshift:FailoverPrimaryCompute", "redshift:FetchResults", "redshift:GetClusterCredentials", "redshift:GetClusterCredentialsWithIAM", "redshift:GetReservedNodeExchangeConfigurationOptions", "redshift:GetReservedNodeExchangeOfferings", "redshift:GetResourcePolicy", "redshift:JoinGroup", "redshift:ListDatabases", "redshift:ListRecommendations", "redshift:ListSavedQueries", "redshift:ListSchemas", "redshift:ListTables", "redshift:ModifyAquaConfiguration", "redshift:ModifyAuthenticationProfile", "redshift:ModifyCluster", "redshift:ModifyClusterDbRevision", "redshift:ModifyClusterIamRoles", "redshift:ModifyClusterMaintenance", "redshift:ModifyClusterParameterGroup", "redshift:ModifyClusterSnapshot", "redshift:ModifyClusterSnapshotSchedule", "redshift:ModifyClusterSubnetGroup", "redshift:ModifyCustomDomainAssociation", "redshift:ModifyEndpointAccess", "redshift:ModifyEventSubscription", "redshift:ModifyQev2IdcApplication", "redshift:ModifyRedshiftIdcApplication", "redshift:ModifySavedQuery", "redshift:ModifyScheduledAction", "redshift:ModifySnapshotCopyRetentionPeriod", "redshift:ModifySnapshotSchedule", "redshift:ModifyUsageLimit", "redshift:PauseCluster", "redshift:PurchaseReservedNodeOffering", "redshift:PutResourcePolicy", "redshift:RebootCluster", "redshift:RejectDataShare", "redshift:ResetClusterParameterGroup", "redshift:ResizeCluster", "redshift:RestoreFromClusterSnapshot", "redshift:RestoreTableFromClusterSnapshot", "redshift:ResumeCluster", "redshift:RevokeClusterSecurityGroupIngress", "redshift:RevokeEndpointAccess", "redshift:RevokeSnapshotAccess", "redshift:RotateEncryptionKey", "redshift:UpdatePartnerStatus", "redshift:ViewQueriesFromConsole", "redshift:ViewQueriesInConsole", "s3:CreateBucket", "sns:CreateTopic", "sns:DeleteTopic", "sns:GetDataProtectionPolicy", "sns:GetEndpointAttributes", "sns:GetPlatformApplicationAttributes", "sns:GetSMSAttributes", "sns:GetSMSSandboxAccountStatus", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:ListEndpointsByPlatformApplication", "sns:ListOriginationNumbers", "sns:ListPhoneNumbersOptedOut", "sns:ListPlatformApplications", "sns:ListSMSSandboxPhoneNumbers", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "sns:SetTopicAttributes", "sns:Subscribe", "sns:Unsubscribe", "s3:AbortMultipartUpload", "s3:DeleteObject", "s3:DeleteObjectTagging", "s3:DeleteObjectVersion", "s3:DeleteObjectVersionTagging", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:PutAccelerateConfiguration", "s3:PutBucketTagging", "s3:PutBucketVersioning", "s3:PutBucketWebsite", "s3:PutLifecycleConfiguration", "s3:PutReplicationConfiguration", "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionAcl", "s3:PutObjectVersionTagging", "s3:ReplicateDelete", "s3:ReplicateObject", "s3:ReplicateTags", "s3:RestoreObject", "iam:PassRole" ], "malformed": false, "name": "DatabaseAdministrator", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-01-08T00:48:02+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSCloudMapFullAccess", "createdate": "2020-07-29T19:15:35Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "route53:GetHostedZone", "route53:ListHostedZonesByName", "route53:CreateHostedZone", "route53:DeleteHostedZone", "route53:ChangeResourceRecordSets", "route53:CreateHealthCheck", "route53:GetHealthCheck", "route53:DeleteHealthCheck", "route53:UpdateHealthCheck", "ec2:DescribeVpcs", "ec2:DescribeRegions", "ec2:DescribeInstances", "servicediscovery:CreateHttpNamespace", "servicediscovery:CreatePrivateDnsNamespace", "servicediscovery:CreatePublicDnsNamespace", "servicediscovery:CreateService", "servicediscovery:DeleteNamespace", "servicediscovery:DeleteService", "servicediscovery:DeregisterInstance", "servicediscovery:DiscoverInstances", "servicediscovery:DiscoverInstancesRevision", "servicediscovery:GetInstance", "servicediscovery:GetInstancesHealthStatus", "servicediscovery:GetNamespace", "servicediscovery:GetOperation", "servicediscovery:GetService", "servicediscovery:ListInstances", "servicediscovery:ListNamespaces", "servicediscovery:ListOperations", "servicediscovery:ListServices", "servicediscovery:ListTagsForResource", "servicediscovery:RegisterInstance", "servicediscovery:TagResource", "servicediscovery:UntagResource", "servicediscovery:UpdateHttpNamespace", "servicediscovery:UpdateInstanceCustomHealthStatus", "servicediscovery:UpdatePrivateDnsNamespace", "servicediscovery:UpdatePublicDnsNamespace", "servicediscovery:UpdateService" ], "malformed": false, "name": "AWSCloudMapFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-07-29T19:15:35+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorRDSAccess", "createdate": "2023-11-13T16:23:29Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "rds:FailoverDBCluster", "rds:RebootDBInstance", "rds:DescribeDBClusters", "rds:DescribeDBInstances", "tag:GetResources" ], "malformed": false, "name": "AWSFaultInjectionSimulatorRDSAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-13T16:23:29+00:00", "version": "v2" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingSageMakerEndpointPolicy", "createdate": "2023-11-13T18:52:34Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeInferenceComponent", "sagemaker:UpdateEndpointWeightsAndCapacities", "sagemaker:UpdateInferenceComponentRuntimeConfig", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricData", "cloudwatch:PutMetricAlarm", "cloudwatch:DeleteAlarms" ], "malformed": false, "name": "AWSApplicationAutoscalingSageMakerEndpointPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-13T18:52:34+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonChimeVoiceConnectorServiceLinkedRolePolicy", "createdate": "2023-04-14T21:49:14Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "chime:GetVoiceConnector", "chime:GetVoiceConnectorEmergencyCallingConfiguration", "chime:GetVoiceConnectorGroup", "chime:GetVoiceConnectorLoggingConfiguration", "chime:GetVoiceConnectorOrigination", "chime:GetVoiceConnectorProxy", "chime:GetVoiceConnectorStreamingConfiguration", "chime:GetVoiceConnectorTermination", "chime:GetVoiceConnectorTerminationHealth", "kinesisvideo:GetDataEndpoint", "kinesisvideo:PutMedia", "kinesisvideo:UpdateDataRetention", "kinesisvideo:DescribeStream", "kinesisvideo:CreateStream", "kinesisvideo:ListStreams", "sns:Publish", "sqs:SendMessage", "polly:SynthesizeSpeech", "chime:CreateMediaInsightsPipeline", "chime:GetMediaInsightsPipelineConfiguration" ], "malformed": false, "name": "AmazonChimeVoiceConnectorServiceLinkedRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-14T21:49:14+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonSageMakerCanvasDataPrepFullAccess", "createdate": "2023-12-08T02:53:24Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "sagemaker:ListFeatureGroups", "sagemaker:CreateFeatureGroup", "sagemaker:DescribeFeatureGroup", "sagemaker:CreateProcessingJob", "sagemaker:DescribeProcessingJob", "sagemaker:AddTags", "sagemaker:ListProcessingJobs", "sagemaker:DescribePipeline", "sagemaker:CreatePipeline", "sagemaker:UpdatePipeline", "sagemaker:DeletePipeline", "sagemaker:StartPipelineExecution", "sagemaker:ListPipelineExecutionSteps", "sagemaker:DescribePipelineExecution", "kms:ListAliases", "kms:DescribeKey", "s3:GetObject", "s3:PutObject", "s3:DeleteObject", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:AbortMultipartUpload", "s3:GetObject", "s3:ListBucket", "s3:ListAllMyBuckets", "iam:ListRoles", "iam:GetRole", "iam:PassRole", "events:PutRule", "events:DescribeRule", "events:PutTargets", "events:TagResource", "events:ListTagsForResource", "glue:GetDatabases", "glue:GetTable", "glue:GetTables", "glue:SearchTables", "elasticmapreduce:DescribeCluster", "elasticmapreduce:ListInstanceGroups", "elasticmapreduce:ListClusters", "athena:ListDataCatalogs", "athena:GetQueryExecution", "athena:GetQueryResults", "athena:StartQueryExecution", "athena:StopQueryExecution", "athena:ListDatabases", "athena:ListTableMetadata", "redshift-data:DescribeStatement", "redshift-data:CancelStatement", "redshift-data:GetStatementResult", "redshift-data:ExecuteStatement", "redshift-data:ListSchemas", "redshift-data:ListTables", "redshift:GetClusterCredentials", "secretsmanager:CreateSecret", "secretsmanager:DescribeSecret", "secretsmanager:GetSecretValue", "rds:DescribeDBInstances", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "malformed": false, "name": "AmazonSageMakerCanvasDataPrepFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-08T02:53:24+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSQuickSightIoTAnalyticsAccess", "createdate": "2017-11-29T17:00:54Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iotanalytics:ListDatasets", "iotanalytics:DescribeDataset", "iotanalytics:GetDatasetContent" ], "malformed": false, "name": "AWSQuickSightIoTAnalyticsAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-11-29T17:00:54+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsLambdaServiceRolePolicy", "createdate": "2022-04-04T16:34:43Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ecr:DescribeImages", "ecr:BatchDeleteImage", "ecr:CompleteLayerUpload", "ecr:CreateRepository", "ecr:DeleteRepository", "ecr:InitiateLayerUpload", "ecr:PutImage", "ecr:UploadLayerPart", "events:DeleteRule", "events:DescribeRule", "events:PutRule", "events:PutTargets", "events:RemoveTargets", "s3:CreateBucket", "s3:DeleteBucket", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:PutBucketCORS", "s3:AbortMultipartUpload", "s3:DeleteObject", "s3:GetObject", "s3:GetObjectVersion", "s3:PutObject", "sagemaker:AddAssociation", "sagemaker:AddTags", "sagemaker:AssociateTrialComponent", "sagemaker:BatchDescribeModelPackage", "sagemaker:BatchGetMetrics", "sagemaker:BatchGetRecord", "sagemaker:BatchPutMetrics", "sagemaker:CreateAction", "sagemaker:CreateAlgorithm", "sagemaker:CreateApp", "sagemaker:CreateAppImageConfig", "sagemaker:CreateArtifact", "sagemaker:CreateAutoMLJob", "sagemaker:CreateCodeRepository", "sagemaker:CreateCompilationJob", "sagemaker:CreateContext", "sagemaker:CreateDataQualityJobDefinition", "sagemaker:CreateDeviceFleet", "sagemaker:CreateDomain", "sagemaker:CreateEdgePackagingJob", "sagemaker:CreateEndpoint", "sagemaker:CreateEndpointConfig", "sagemaker:CreateExperiment", "sagemaker:CreateFeatureGroup", "sagemaker:CreateFlowDefinition", "sagemaker:CreateHumanTaskUi", "sagemaker:CreateHyperParameterTuningJob", "sagemaker:CreateImage", "sagemaker:CreateImageVersion", "sagemaker:CreateInferenceRecommendationsJob", "sagemaker:CreateLabelingJob", "sagemaker:CreateLineageGroupPolicy", "sagemaker:CreateModel", "sagemaker:CreateModelBiasJobDefinition", "sagemaker:CreateModelExplainabilityJobDefinition", "sagemaker:CreateModelPackage", "sagemaker:CreateModelPackageGroup", "sagemaker:CreateModelQualityJobDefinition", "sagemaker:CreateMonitoringSchedule", "sagemaker:CreateNotebookInstance", "sagemaker:CreateNotebookInstanceLifecycleConfig", "sagemaker:CreatePipeline", "sagemaker:CreatePresignedDomainUrl", "sagemaker:CreatePresignedNotebookInstanceUrl", "sagemaker:CreateProcessingJob", "sagemaker:CreateProject", "sagemaker:CreateTrainingJob", "sagemaker:CreateTransformJob", "sagemaker:CreateTrial", "sagemaker:CreateTrialComponent", "sagemaker:CreateUserProfile", "sagemaker:CreateWorkforce", "sagemaker:CreateWorkteam", "sagemaker:DeleteAction", "sagemaker:DeleteAlgorithm", "sagemaker:DeleteApp", "sagemaker:DeleteAppImageConfig", "sagemaker:DeleteArtifact", "sagemaker:DeleteAssociation", "sagemaker:DeleteCodeRepository", "sagemaker:DeleteContext", "sagemaker:DeleteDataQualityJobDefinition", "sagemaker:DeleteDeviceFleet", "sagemaker:DeleteDomain", "sagemaker:DeleteEndpoint", "sagemaker:DeleteEndpointConfig", "sagemaker:DeleteExperiment", "sagemaker:DeleteFeatureGroup", "sagemaker:DeleteFlowDefinition", "sagemaker:DeleteHumanLoop", "sagemaker:DeleteHumanTaskUi", "sagemaker:DeleteImage", "sagemaker:DeleteImageVersion", "sagemaker:DeleteLineageGroupPolicy", "sagemaker:DeleteModel", "sagemaker:DeleteModelBiasJobDefinition", "sagemaker:DeleteModelExplainabilityJobDefinition", "sagemaker:DeleteModelPackage", "sagemaker:DeleteModelPackageGroup", "sagemaker:DeleteModelPackageGroupPolicy", "sagemaker:DeleteModelQualityJobDefinition", "sagemaker:DeleteMonitoringSchedule", "sagemaker:DeleteNotebookInstance", "sagemaker:DeleteNotebookInstanceLifecycleConfig", "sagemaker:DeletePipeline", "sagemaker:DeleteProject", "sagemaker:DeleteRecord", "sagemaker:DeleteTags", "sagemaker:DeleteTrial", "sagemaker:DeleteTrialComponent", "sagemaker:DeleteUserProfile", "sagemaker:DeleteWorkforce", "sagemaker:DeleteWorkteam", "sagemaker:DeregisterDevices", "sagemaker:DescribeAction", "sagemaker:DescribeAlgorithm", "sagemaker:DescribeApp", "sagemaker:DescribeAppImageConfig", "sagemaker:DescribeArtifact", "sagemaker:DescribeAutoMLJob", "sagemaker:DescribeCodeRepository", "sagemaker:DescribeCompilationJob", "sagemaker:DescribeContext", "sagemaker:DescribeDataQualityJobDefinition", "sagemaker:DescribeDevice", "sagemaker:DescribeDeviceFleet", "sagemaker:DescribeDomain", "sagemaker:DescribeEdgePackagingJob", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeExperiment", "sagemaker:DescribeFeatureGroup", "sagemaker:DescribeFlowDefinition", "sagemaker:DescribeHumanLoop", "sagemaker:DescribeHumanTaskUi", "sagemaker:DescribeHyperParameterTuningJob", "sagemaker:DescribeImage", "sagemaker:DescribeImageVersion", "sagemaker:DescribeInferenceRecommendationsJob", "sagemaker:DescribeLabelingJob", "sagemaker:DescribeLineageGroup", "sagemaker:DescribeModel", "sagemaker:DescribeModelBiasJobDefinition", "sagemaker:DescribeModelExplainabilityJobDefinition", "sagemaker:DescribeModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:DescribeModelQualityJobDefinition", "sagemaker:DescribeMonitoringSchedule", "sagemaker:DescribeNotebookInstance", "sagemaker:DescribeNotebookInstanceLifecycleConfig", "sagemaker:DescribePipeline", "sagemaker:DescribePipelineDefinitionForExecution", "sagemaker:DescribePipelineExecution", "sagemaker:DescribeProcessingJob", "sagemaker:DescribeProject", "sagemaker:DescribeSubscribedWorkteam", "sagemaker:DescribeTrainingJob", "sagemaker:DescribeTransformJob", "sagemaker:DescribeTrial", "sagemaker:DescribeTrialComponent", "sagemaker:DescribeUserProfile", "sagemaker:DescribeWorkforce", "sagemaker:DescribeWorkteam", "sagemaker:DisableSagemakerServicecatalogPortfolio", "sagemaker:DisassociateTrialComponent", "sagemaker:EnableSagemakerServicecatalogPortfolio", "sagemaker:GetDeviceFleetReport", "sagemaker:GetDeviceRegistration", "sagemaker:GetLineageGroupPolicy", "sagemaker:GetModelPackageGroupPolicy", "sagemaker:GetRecord", "sagemaker:GetSagemakerServicecatalogPortfolioStatus", "sagemaker:GetSearchSuggestions", "sagemaker:InvokeEndpoint", "sagemaker:InvokeEndpointAsync", "sagemaker:ListActions", "sagemaker:ListAlgorithms", "sagemaker:ListAppImageConfigs", "sagemaker:ListApps", "sagemaker:ListArtifacts", "sagemaker:ListAssociations", "sagemaker:ListAutoMLJobs", "sagemaker:ListCandidatesForAutoMLJob", "sagemaker:ListCodeRepositories", "sagemaker:ListCompilationJobs", "sagemaker:ListContexts", "sagemaker:ListDataQualityJobDefinitions", "sagemaker:ListDeviceFleets", "sagemaker:ListDevices", "sagemaker:ListDomains", "sagemaker:ListEdgePackagingJobs", "sagemaker:ListEndpointConfigs", "sagemaker:ListEndpoints", "sagemaker:ListExperiments", "sagemaker:ListFeatureGroups", "sagemaker:ListFlowDefinitions", "sagemaker:ListHumanLoops", "sagemaker:ListHumanTaskUis", "sagemaker:ListHyperParameterTuningJobs", "sagemaker:ListImageVersions", "sagemaker:ListImages", "sagemaker:ListInferenceRecommendationsJobs", "sagemaker:ListLabelingJobs", "sagemaker:ListLabelingJobsForWorkteam", "sagemaker:ListLineageGroups", "sagemaker:ListModelBiasJobDefinitions", "sagemaker:ListModelExplainabilityJobDefinitions", "sagemaker:ListModelMetadata", "sagemaker:ListModelPackageGroups", "sagemaker:ListModelPackages", "sagemaker:ListModelQualityJobDefinitions", "sagemaker:ListModels", "sagemaker:ListMonitoringExecutions", "sagemaker:ListMonitoringSchedules", "sagemaker:ListNotebookInstanceLifecycleConfigs", "sagemaker:ListNotebookInstances", "sagemaker:ListPipelineExecutionSteps", "sagemaker:ListPipelineExecutions", "sagemaker:ListPipelineParametersForExecution", "sagemaker:ListPipelines", "sagemaker:ListProcessingJobs", "sagemaker:ListProjects", "sagemaker:ListSubscribedWorkteams", "sagemaker:ListTags", "sagemaker:ListTrainingJobs", "sagemaker:ListTrainingJobsForHyperParameterTuningJob", "sagemaker:ListTransformJobs", "sagemaker:ListTrialComponents", "sagemaker:ListTrials", "sagemaker:ListUserProfiles", "sagemaker:ListWorkforces", "sagemaker:ListWorkteams", "sagemaker:PutLineageGroupPolicy", "sagemaker:PutModelPackageGroupPolicy", "sagemaker:PutRecord", "sagemaker:QueryLineage", "sagemaker:RegisterDevices", "sagemaker:RenderUiTemplate", "sagemaker:Search", "sagemaker:SendHeartbeat", "sagemaker:SendPipelineExecutionStepFailure", "sagemaker:SendPipelineExecutionStepSuccess", "sagemaker:StartHumanLoop", "sagemaker:StartMonitoringSchedule", "sagemaker:StartNotebookInstance", "sagemaker:StartPipelineExecution", "sagemaker:StopAutoMLJob", "sagemaker:StopCompilationJob", "sagemaker:StopEdgePackagingJob", "sagemaker:StopHumanLoop", "sagemaker:StopHyperParameterTuningJob", "sagemaker:StopInferenceRecommendationsJob", "sagemaker:StopLabelingJob", "sagemaker:StopMonitoringSchedule", "sagemaker:StopNotebookInstance", "sagemaker:StopPipelineExecution", "sagemaker:StopProcessingJob", "sagemaker:StopTrainingJob", "sagemaker:StopTransformJob", "sagemaker:UpdateAction", "sagemaker:UpdateAppImageConfig", "sagemaker:UpdateArtifact", "sagemaker:UpdateCodeRepository", "sagemaker:UpdateContext", "sagemaker:UpdateDeviceFleet", "sagemaker:UpdateDevices", "sagemaker:UpdateDomain", "sagemaker:UpdateEndpoint", "sagemaker:UpdateEndpointWeightsAndCapacities", "sagemaker:UpdateExperiment", "sagemaker:UpdateImage", "sagemaker:UpdateModelPackage", "sagemaker:UpdateMonitoringSchedule", "sagemaker:UpdateNotebookInstance", "sagemaker:UpdateNotebookInstanceLifecycleConfig", "sagemaker:UpdatePipeline", "sagemaker:UpdatePipelineExecution", "sagemaker:UpdateProject", "sagemaker:UpdateTrainingJob", "sagemaker:UpdateTrial", "sagemaker:UpdateTrialComponent", "sagemaker:UpdateUserProfile", "sagemaker:UpdateWorkforce", "sagemaker:UpdateWorkteam", "iam:PassRole", "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteLogDelivery", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeResourcePolicies", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeSubscriptionFilters", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:ListLogDeliveries", "logs:PutLogEvents", "logs:PutResourcePolicy", "logs:UpdateLogDelivery" ], "malformed": false, "name": "AmazonSageMakerServiceCatalogProductsLambdaServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-04-04T16:34:43+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSEntityResolutionConsoleFullAccess", "createdate": "2023-10-16T18:46:10Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "entityresolution:AddPolicyStatement", "entityresolution:CreateIdMappingWorkflow", "entityresolution:CreateIdNamespace", "entityresolution:CreateMatchingWorkflow", "entityresolution:CreateSchemaMapping", "entityresolution:DeleteIdMappingWorkflow", "entityresolution:DeleteIdNamespace", "entityresolution:DeleteMatchingWorkflow", "entityresolution:DeletePolicyStatement", "entityresolution:DeleteSchemaMapping", "entityresolution:GetIdMappingJob", "entityresolution:GetIdMappingWorkflow", "entityresolution:GetIdNamespace", "entityresolution:GetMatchId", "entityresolution:GetMatchingJob", "entityresolution:GetMatchingWorkflow", "entityresolution:GetPolicy", "entityresolution:GetProviderService", "entityresolution:GetSchemaMapping", "entityresolution:ListIdMappingJobs", "entityresolution:ListIdMappingWorkflows", "entityresolution:ListIdNamespaces", "entityresolution:ListMatchingJobs", "entityresolution:ListMatchingWorkflows", "entityresolution:ListProviderServices", "entityresolution:ListSchemaMappings", "entityresolution:ListTagsForResource", "entityresolution:PutPolicy", "entityresolution:StartIdMappingJob", "entityresolution:StartMatchingJob", "entityresolution:TagResource", "entityresolution:UntagResource", "entityresolution:UpdateIdMappingWorkflow", "entityresolution:UpdateIdNamespace", "entityresolution:UpdateMatchingWorkflow", "entityresolution:UpdateSchemaMapping", "entityresolution:UseIdNamespace", "glue:GetSchema", "glue:SearchTables", "glue:GetSchemaByDefinition", "glue:GetSchemaVersion", "glue:GetSchemaVersionsDiff", "glue:GetDatabase", "glue:GetDatabases", "glue:GetTable", "glue:GetTables", "glue:GetTableVersion", "glue:GetTableVersions", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:GetBucketLocation", "s3:ListBucketVersions", "s3:GetBucketVersioning", "tag:GetTagKeys", "tag:GetTagValues", "kms:DescribeKey", "kms:ListAliases", "iam:ListRoles", "iam:PassRole", "events:DeleteRule", "events:PutTargets", "events:PutRule", "dataexchange:GetDataSet" ], "malformed": false, "name": "AWSEntityResolutionConsoleFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-10-16T18:46:10+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSAppFabricFullAccess", "createdate": "2023-06-27T19:51:17Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "appfabric:BatchGetUserAccessTasks", "appfabric:ConnectAppAuthorization", "appfabric:CreateAppAuthorization", "appfabric:CreateAppBundle", "appfabric:CreateIngestion", "appfabric:CreateIngestionDestination", "appfabric:DeleteAppAuthorization", "appfabric:DeleteAppBundle", "appfabric:DeleteIngestion", "appfabric:DeleteIngestionDestination", "appfabric:GetAppAuthorization", "appfabric:GetAppBundle", "appfabric:GetIngestion", "appfabric:GetIngestionDestination", "appfabric:ListAppAuthorizations", "appfabric:ListAppBundles", "appfabric:ListIngestionDestinations", "appfabric:ListIngestions", "appfabric:ListTagsForResource", "appfabric:StartIngestion", "appfabric:StartUserAccessTasks", "appfabric:StopIngestion", "appfabric:TagResource", "appfabric:UntagResource", "appfabric:UpdateAppAuthorization", "appfabric:UpdateIngestionDestination", "kms:ListAliases", "s3:GetBucketLocation", "s3:ListAllMyBuckets", "firehose:DescribeDeliveryStream", "firehose:ListDeliveryStreams", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSAppFabricFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-06-27T19:51:17+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/ElementalAppliancesSoftwareReadOnlyAccess", "createdate": "2020-04-01T22:31:09Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elemental-appliances-software:ListQuotes", "elemental-appliances-software:ListTagsForResource", "elemental-appliances-software:GetAvsCorrectAddress", "elemental-appliances-software:GetBillingAddresses", "elemental-appliances-software:GetDeliveryAddressesV2", "elemental-appliances-software:GetOrder", "elemental-appliances-software:GetOrdersV2", "elemental-appliances-software:GetQuote", "elemental-appliances-software:GetTaxes" ], "malformed": false, "name": "ElementalAppliancesSoftwareReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-04-01T22:31:09+00:00", "version": "v1" }, { "access_levels": [ "List" ], "arn": "arn:aws:iam::aws:policy/AmazonWorkDocsReadOnlyAccess", "createdate": "2020-01-08T23:49:59Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "workdocs:DescribeActivities", "workdocs:DescribeAvailableDirectories", "workdocs:DescribeComments", "workdocs:DescribeDocumentVersions", "workdocs:DescribeFolderContents", "workdocs:DescribeGroups", "workdocs:DescribeInstanceExports", "workdocs:DescribeInstances", "workdocs:DescribeNotificationPermissions", "workdocs:DescribeNotificationSubscriptions", "workdocs:DescribeResourcePermissions", "workdocs:DescribeRootFolders", "workdocs:DescribeUsers", "ds:DescribeDirectories", "ec2:DescribeVpcs", "ec2:DescribeSubnets" ], "malformed": false, "name": "AmazonWorkDocsReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-01-08T23:49:59+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonRoute53DomainsReadOnlyAccess", "createdate": "2015-02-06T18:40:57Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "route53domains:GetContactReachabilityStatus", "route53domains:GetDomainDetail", "route53domains:GetDomainSuggestions", "route53domains:GetOperationDetail", "route53domains:ListDomains", "route53domains:ListOperations", "route53domains:ListPrices", "route53domains:ListTagsForDomain" ], "malformed": false, "name": "AmazonRoute53DomainsReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:40:57+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess", "createdate": "2015-02-06T18:40:17Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "cloudwatch:ListMetrics", "cloudwatch:GetMetricStatistics", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool" ], "malformed": false, "name": "AmazonEC2ReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-14T18:43:53+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSPrivateCAPrivilegedUser", "createdate": "2023-02-14T18:26:02Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "acm-pca:IssueCertificate", "acm-pca:RevokeCertificate", "acm-pca:GetCertificate", "acm-pca:ListPermissions", "acm-pca:ListCertificateAuthorities" ], "malformed": false, "name": "AWSPrivateCAPrivilegedUser", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-02-14T18:26:02+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management", "Unknown" ], "arn": "arn:aws:iam::aws:policy/AWSGlueConsoleFullAccess", "createdate": "2023-07-14T14:37:54Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "glue:BatchCreatePartition", "glue:BatchDeleteConnection", "glue:BatchDeletePartition", "glue:BatchDeleteTable", "glue:BatchDeleteTableVersion", "glue:BatchGetBlueprints", "glue:BatchGetCrawlers", "glue:BatchGetCustomEntityTypes", "glue:BatchGetDevEndpoints", "glue:BatchGetJobs", "glue:BatchGetPartition", "glue:BatchGetStageFiles", "glue:BatchGetTableOptimizer", "glue:BatchGetTriggers", "glue:BatchGetWorkflows", "glue:BatchStopJobRun", "glue:BatchUpdatePartition", "glue:CancelDataQualityRuleRecommendationRun", "glue:CancelDataQualityRulesetEvaluationRun", "glue:CancelMLTaskRun", "glue:CancelStatement", "glue:CheckSchemaVersionValidity", "glue:CreateBlueprint", "glue:CreateClassifier", "glue:CreateConnection", "glue:CreateCrawler", "glue:CreateCustomEntityType", "glue:CreateDataQualityRuleset", "glue:CreateDatabase", "glue:CreateDevEndpoint", "glue:CreateJob", "glue:CreateMLTransform", "glue:CreatePartition", "glue:CreatePartitionIndex", "glue:CreateRegistry", "glue:CreateSchema", "glue:CreateScript", "glue:CreateSecurityConfiguration", "glue:CreateSession", "glue:CreateTable", "glue:CreateTableOptimizer", "glue:CreateTrigger", "glue:CreateUserDefinedFunction", "glue:CreateWorkflow", "glue:DeleteBlueprint", "glue:DeleteClassifier", "glue:DeleteColumnStatisticsForPartition", "glue:DeleteColumnStatisticsForTable", "glue:DeleteConnection", "glue:DeleteCrawler", "glue:DeleteCustomEntityType", "glue:DeleteDataQualityRuleset", "glue:DeleteDatabase", "glue:DeleteDevEndpoint", "glue:DeleteJob", "glue:DeleteMLTransform", "glue:DeletePartition", "glue:DeletePartitionIndex", "glue:DeleteRegistry", "glue:DeleteResourcePolicy", "glue:DeleteSchema", "glue:DeleteSchemaVersions", "glue:DeleteSecurityConfiguration", "glue:DeleteSession", "glue:DeleteTable", "glue:DeleteTableOptimizer", "glue:DeleteTableVersion", "glue:DeleteTrigger", "glue:DeleteUserDefinedFunction", "glue:DeleteWorkflow", "glue:DeregisterDataPreview", "glue:GetBlueprint", "glue:GetBlueprintRun", "glue:GetBlueprintRuns", "glue:GetCatalogImportStatus", "glue:GetClassifier", "glue:GetClassifiers", "glue:GetColumnStatisticsForPartition", "glue:GetColumnStatisticsForTable", "glue:GetColumnStatisticsTaskRun", "glue:GetColumnStatisticsTaskRuns", "glue:GetCompletion", "glue:GetConnection", "glue:GetConnections", "glue:GetCrawler", "glue:GetCrawlerMetrics", "glue:GetCrawlers", "glue:GetCustomEntityType", "glue:GetDataCatalogEncryptionSettings", "glue:GetDataPreviewStatement", "glue:GetDataQualityResult", "glue:GetDataQualityRuleRecommendationRun", "glue:GetDataQualityRuleset", "glue:GetDataQualityRulesetEvaluationRun", "glue:GetDatabase", "glue:GetDatabases", "glue:GetDataflowGraph", "glue:GetDevEndpoint", "glue:GetDevEndpoints", "glue:GetEnvironment", "glue:GetExecutors", "glue:GetExecutorsThreads", "glue:GetJob", "glue:GetJobBookmark", "glue:GetJobRun", "glue:GetJobRuns", "glue:GetJobs", "glue:GetLogParsingStatus", "glue:GetMLTaskRun", "glue:GetMLTaskRuns", "glue:GetMLTransform", "glue:GetMLTransforms", "glue:GetMapping", "glue:GetNotebookInstanceStatus", "glue:GetPartition", "glue:GetPartitionIndexes", "glue:GetPartitionMetadata", "glue:GetPartitions", "glue:GetPlan", "glue:GetQueries", "glue:GetQuery", "glue:GetRegistry", "glue:GetResourcePolicies", "glue:GetResourcePolicy", "glue:GetSchema", "glue:GetSchemaByDefinition", "glue:GetSchemaVersion", "glue:GetSchemaVersionsDiff", "glue:GetSecurityConfiguration", "glue:GetSecurityConfigurations", "glue:GetSession", "glue:GetStage", "glue:GetStageAttempt", "glue:GetStageAttemptTaskList", "glue:GetStageAttemptTaskSummary", "glue:GetStageFiles", "glue:GetStages", "glue:GetStatement", "glue:GetStorage", "glue:GetStorageUnit", "glue:GetTable", "glue:GetTableOptimizer", "glue:GetTableVersion", "glue:GetTableVersions", "glue:GetTables", "glue:GetTags", "glue:GetTrigger", "glue:GetTriggers", "glue:GetUserDefinedFunction", "glue:GetUserDefinedFunctions", "glue:GetWorkflow", "glue:GetWorkflowRun", "glue:GetWorkflowRunProperties", "glue:GetWorkflowRuns", "glue:GlueNotebookAuthorize", "glue:GlueNotebookRefreshCredentials", "glue:ImportCatalogToGlue", "glue:ListBlueprints", "glue:ListColumnStatisticsTaskRuns", "glue:ListCrawlers", "glue:ListCrawls", "glue:ListCustomEntityTypes", "glue:ListDataQualityResults", "glue:ListDataQualityRuleRecommendationRuns", "glue:ListDataQualityRulesetEvaluationRuns", "glue:ListDataQualityRulesets", "glue:ListDevEndpoints", "glue:ListJobs", "glue:ListMLTransforms", "glue:ListRegistries", "glue:ListSchemaVersions", "glue:ListSchemas", "glue:ListSessions", "glue:ListStatements", "glue:ListTableOptimizerRuns", "glue:ListTriggers", "glue:ListWorkflows", "glue:NotifyEvent", "glue:PassConnection", "glue:PublishDataQuality", "glue:PutDataCatalogEncryptionSettings", "glue:PutResourcePolicy", "glue:PutSchemaVersionMetadata", "glue:PutWorkflowRunProperties", "glue:QuerySchemaVersionMetadata", "glue:RegisterSchemaVersion", "glue:RemoveSchemaVersionMetadata", "glue:RequestLogParsing", "glue:ResetJobBookmark", "glue:ResumeWorkflowRun", "glue:RunDataPreviewStatement", "glue:RunStatement", "glue:SearchTables", "glue:SendFeedback", "glue:StartBlueprintRun", "glue:StartColumnStatisticsTaskRun", "glue:StartCompletion", "glue:StartCrawler", "glue:StartCrawlerSchedule", "glue:StartDataQualityRuleRecommendationRun", "glue:StartDataQualityRulesetEvaluationRun", "glue:StartExportLabelsTaskRun", "glue:StartImportLabelsTaskRun", "glue:StartJobRun", "glue:StartMLEvaluationTaskRun", "glue:StartMLLabelingSetGenerationTaskRun", "glue:StartNotebook", "glue:StartTrigger", "glue:StartWorkflowRun", "glue:StopColumnStatisticsTaskRun", "glue:StopCrawler", "glue:StopCrawlerSchedule", "glue:StopSession", "glue:StopTrigger", "glue:StopWorkflowRun", "glue:TagResource", "glue:TerminateNotebook", "glue:TestConnection", "glue:UntagResource", "glue:UpdateBlueprint", "glue:UpdateClassifier", "glue:UpdateColumnStatisticsForPartition", "glue:UpdateColumnStatisticsForTable", "glue:UpdateConnection", "glue:UpdateCrawler", "glue:UpdateCrawlerSchedule", "glue:UpdateDataQualityRuleset", "glue:UpdateDatabase", "glue:UpdateDevEndpoint", "glue:UpdateJob", "glue:UpdateJobFromSourceControl", "glue:UpdateMLTransform", "glue:UpdatePartition", "glue:UpdateRegistry", "glue:UpdateSchema", "glue:UpdateSourceControlFromJob", "glue:UpdateTable", "glue:UpdateTableOptimizer", "glue:UpdateTrigger", "glue:UpdateUserDefinedFunction", "glue:UpdateWorkflow", "glue:UseGlueStudio", "glue:UseMLTransforms", "redshift:DescribeClusters", "redshift:DescribeClusterSubnetGroups", "iam:ListRoles", "iam:ListUsers", "iam:ListGroups", "iam:ListRolePolicies", "iam:GetRole", "iam:GetRolePolicy", "iam:ListAttachedRolePolicies", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeVpcEndpoints", "ec2:DescribeRouteTables", "ec2:DescribeVpcAttribute", "ec2:DescribeKeyPairs", "ec2:DescribeInstances", "ec2:DescribeImages", "rds:DescribeDBInstances", "rds:DescribeDBClusters", "rds:DescribeDBSubnetGroups", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:GetBucketAcl", "s3:GetBucketLocation", "cloudformation:ListStacks", "cloudformation:DescribeStacks", "cloudformation:GetTemplateSummary", "dynamodb:ListTables", "kms:ListAliases", "kms:DescribeKey", "cloudwatch:GetMetricData", "cloudwatch:ListDashboards", "databrew:ListRecipes", "databrew:ListRecipeVersions", "databrew:DescribeRecipe", "s3:GetObject", "s3:PutObject", "tag:GetResources", "s3:CreateBucket", "logs:GetLogEvents", "cloudformation:CreateStack", "cloudformation:DeleteStack", "ec2:RunInstances", "ec2:TerminateInstances", "ec2:CreateTags", "ec2:DeleteTags", "iam:PassRole", "iam:PassRole", "iam:PassRole" ], "malformed": false, "name": "AWSGlueConsoleFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": true, "unknown_actions": false, "updatedate": "2023-07-14T14:37:54+00:00", "version": "v14" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSServiceCatalogAppRegistryFullAccess", "createdate": "2023-12-07T21:50:00Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudformation:UpdateStack", "tag:GetResources", "resource-groups:CreateGroup", "resource-groups:DeleteGroup", "resource-groups:GetGroup", "resource-groups:GetTags", "resource-groups:Tag", "resource-groups:Untag", "resource-groups:GetGroupConfiguration", "resource-groups:AssociateResource", "resource-groups:DisassociateResource", "iam:CreateServiceLinkedRole", "cloudformation:DescribeStacks", "servicecatalog:CreateApplication", "servicecatalog:GetApplication", "servicecatalog:UpdateApplication", "servicecatalog:DeleteApplication", "servicecatalog:ListApplications", "servicecatalog:AssociateResource", "servicecatalog:DisassociateResource", "servicecatalog:GetAssociatedResource", "servicecatalog:ListAssociatedResources", "servicecatalog:AssociateAttributeGroup", "servicecatalog:DisassociateAttributeGroup", "servicecatalog:ListAssociatedAttributeGroups", "servicecatalog:CreateAttributeGroup", "servicecatalog:UpdateAttributeGroup", "servicecatalog:DeleteAttributeGroup", "servicecatalog:GetAttributeGroup", "servicecatalog:ListAttributeGroups", "servicecatalog:SyncResource", "servicecatalog:ListAttributeGroupsForApplication", "servicecatalog:GetConfiguration", "servicecatalog:PutConfiguration", "servicecatalog:ListTagsForResource", "servicecatalog:UntagResource", "servicecatalog:TagResource" ], "malformed": false, "name": "AWSServiceCatalogAppRegistryFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-07T21:50:00+00:00", "version": "v6" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSSSOReadOnly", "createdate": "2022-08-22T17:23:28Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ds:DescribeDirectories", "ds:DescribeTrusts", "iam:ListPolicies", "organizations:DescribeOrganization", "organizations:DescribeAccount", "organizations:ListParents", "organizations:ListChildren", "organizations:ListAccounts", "organizations:ListRoots", "organizations:ListAccountsForParent", "organizations:ListOrganizationalUnitsForParent", "organizations:ListDelegatedAdministrators", "sso:DescribeAccountAssignmentCreationStatus", "sso:DescribeAccountAssignmentDeletionStatus", "sso:DescribeApplication", "sso:DescribeApplicationAssignment", "sso:DescribeApplicationProvider", "sso:DescribeDirectories", "sso:DescribeInstance", "sso:DescribeInstanceAccessControlAttributeConfiguration", "sso:DescribePermissionSet", "sso:DescribePermissionSetProvisioningStatus", "sso:DescribePermissionsPolicies", "sso:DescribeRegisteredRegions", "sso:DescribeTrustedTokenIssuer", "sso:DescribeTrusts", "sso:GetApplicationAccessScope", "sso:GetApplicationAssignmentConfiguration", "sso:GetApplicationAuthenticationMethod", "sso:GetApplicationGrant", "sso:GetApplicationInstance", "sso:GetApplicationTemplate", "sso:GetInlinePolicyForPermissionSet", "sso:GetManagedApplicationInstance", "sso:GetMfaDeviceManagementForDirectory", "sso:GetPermissionSet", "sso:GetPermissionsBoundaryForPermissionSet", "sso:GetPermissionsPolicy", "sso:GetProfile", "sso:GetSSOStatus", "sso:GetSharedSsoConfiguration", "sso:GetSsoConfiguration", "sso:GetTrust", "sso:ListAccountAssignmentCreationStatus", "sso:ListAccountAssignmentDeletionStatus", "sso:ListAccountAssignments", "sso:ListAccountAssignmentsForPrincipal", "sso:ListAccountsForProvisionedPermissionSet", "sso:ListApplicationAccessScopes", "sso:ListApplicationAssignments", "sso:ListApplicationAssignmentsForPrincipal", "sso:ListApplicationAuthenticationMethods", "sso:ListApplicationGrants", "sso:ListApplicationInstanceCertificates", "sso:ListApplicationInstances", "sso:ListApplicationProviders", "sso:ListApplicationTemplates", "sso:ListApplications", "sso:ListCustomerManagedPolicyReferencesInPermissionSet", "sso:ListDirectoryAssociations", "sso:ListInstances", "sso:ListManagedPoliciesInPermissionSet", "sso:ListPermissionSetProvisioningStatus", "sso:ListPermissionSets", "sso:ListPermissionSetsProvisionedToAccount", "sso:ListProfileAssociations", "sso:ListProfiles", "sso:ListTagsForResource", "sso:ListTrustedTokenIssuers", "sso:SearchGroups", "sso:SearchUsers", "sso-directory:DescribeDirectory", "access-analyzer:ValidatePolicy" ], "malformed": false, "name": "AWSSSOReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-08-22T17:23:28+00:00", "version": "v8" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSWAFReadOnlyAccess", "createdate": "2023-06-05T20:55:48Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "waf:GetByteMatchSet", "waf:GetChangeToken", "waf:GetChangeTokenStatus", "waf:GetGeoMatchSet", "waf:GetIPSet", "waf:GetLoggingConfiguration", "waf:GetPermissionPolicy", "waf:GetRateBasedRule", "waf:GetRateBasedRuleManagedKeys", "waf:GetRegexMatchSet", "waf:GetRegexPatternSet", "waf:GetRule", "waf:GetRuleGroup", "waf:GetSampledRequests", "waf:GetSizeConstraintSet", "waf:GetSqlInjectionMatchSet", "waf:GetWebACL", "waf:GetXssMatchSet", "waf:ListActivatedRulesInRuleGroup", "waf:ListByteMatchSets", "waf:ListGeoMatchSets", "waf:ListIPSets", "waf:ListLoggingConfigurations", "waf:ListRateBasedRules", "waf:ListRegexMatchSets", "waf:ListRegexPatternSets", "waf:ListRuleGroups", "waf:ListRules", "waf:ListSizeConstraintSets", "waf:ListSqlInjectionMatchSets", "waf:ListSubscribedRuleGroups", "waf:ListTagsForResource", "waf:ListWebACLs", "waf:ListXssMatchSets", "waf-regional:GetByteMatchSet", "waf-regional:GetChangeToken", "waf-regional:GetChangeTokenStatus", "waf-regional:GetGeoMatchSet", "waf-regional:GetIPSet", "waf-regional:GetLoggingConfiguration", "waf-regional:GetPermissionPolicy", "waf-regional:GetRateBasedRule", "waf-regional:GetRateBasedRuleManagedKeys", "waf-regional:GetRegexMatchSet", "waf-regional:GetRegexPatternSet", "waf-regional:GetRule", "waf-regional:GetRuleGroup", "waf-regional:GetSampledRequests", "waf-regional:GetSizeConstraintSet", "waf-regional:GetSqlInjectionMatchSet", "waf-regional:GetWebACL", "waf-regional:GetWebACLForResource", "waf-regional:GetXssMatchSet", "waf-regional:ListActivatedRulesInRuleGroup", "waf-regional:ListByteMatchSets", "waf-regional:ListGeoMatchSets", "waf-regional:ListIPSets", "waf-regional:ListLoggingConfigurations", "waf-regional:ListRateBasedRules", "waf-regional:ListRegexMatchSets", "waf-regional:ListRegexPatternSets", "waf-regional:ListResourcesForWebACL", "waf-regional:ListRuleGroups", "waf-regional:ListRules", "waf-regional:ListSizeConstraintSets", "waf-regional:ListSqlInjectionMatchSets", "waf-regional:ListSubscribedRuleGroups", "waf-regional:ListTagsForResource", "waf-regional:ListWebACLs", "waf-regional:ListXssMatchSets", "wafv2:GetDecryptedAPIKey", "wafv2:GetIPSet", "wafv2:GetLoggingConfiguration", "wafv2:GetManagedRuleSet", "wafv2:GetMobileSdkRelease", "wafv2:GetPermissionPolicy", "wafv2:GetRateBasedStatementManagedKeys", "wafv2:GetRegexPatternSet", "wafv2:GetRuleGroup", "wafv2:GetSampledRequests", "wafv2:GetWebACL", "wafv2:GetWebACLForResource", "wafv2:ListAPIKeys", "wafv2:ListAvailableManagedRuleGroupVersions", "wafv2:ListAvailableManagedRuleGroups", "wafv2:ListIPSets", "wafv2:ListLoggingConfigurations", "wafv2:ListManagedRuleSets", "wafv2:ListMobileSdkReleases", "wafv2:ListRegexPatternSets", "wafv2:ListResourcesForWebACL", "wafv2:ListRuleGroups", "wafv2:ListTagsForResource", "wafv2:ListWebACLs", "wafv2:DescribeAllManagedProducts", "wafv2:DescribeManagedProductsByVendor", "wafv2:DescribeManagedRuleGroup", "wafv2:CheckCapacity", "cognito-idp:ListResourcesForWebACL", "cognito-idp:GetWebACLForResource", "apprunner:DescribeWebAclForService", "apprunner:ListServices", "apprunner:ListAssociatedServicesForWebAcl", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:GetVerifiedAccessInstanceWebAcl" ], "malformed": false, "name": "AWSWAFReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-06-05T20:55:48+00:00", "version": "v8" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSThinkboxDeadlineResourceTrackerAccessPolicy", "createdate": "2020-05-27T19:25:05Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "dynamodb:ListStreams", "dynamodb:BatchWriteItem", "dynamodb:DeleteItem", "dynamodb:DescribeStream", "dynamodb:DescribeTable", "dynamodb:GetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:PutItem", "dynamodb:Scan", "dynamodb:UpdateItem", "dynamodb:UpdateTable", "ec2:CancelSpotFleetRequests", "ec2:DeleteFleets", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeInstances", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequests", "ec2:RebootInstances", "ec2:TerminateInstances", "events:PutEvents", "lambda:InvokeFunction", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "sqs:DeleteMessage", "sqs:GetQueueAttributes", "sqs:ReceiveMessage" ], "malformed": false, "name": "AWSThinkboxDeadlineResourceTrackerAccessPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-05-27T19:25:05+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonS3OutpostsReadOnlyAccess", "createdate": "2020-10-02T18:55:58Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "s3-outposts:GetAccessPoint", "s3-outposts:GetAccessPointPolicy", "s3-outposts:GetBucket", "s3-outposts:GetBucketPolicy", "s3-outposts:GetBucketTagging", "s3-outposts:GetBucketVersioning", "s3-outposts:GetLifecycleConfiguration", "s3-outposts:GetObject", "s3-outposts:GetObjectTagging", "s3-outposts:GetObjectVersion", "s3-outposts:GetObjectVersionForReplication", "s3-outposts:GetObjectVersionTagging", "s3-outposts:GetReplicationConfiguration", "s3-outposts:ListAccessPoints", "s3-outposts:ListBucket", "s3-outposts:ListBucketMultipartUploads", "s3-outposts:ListBucketVersions", "s3-outposts:ListEndpoints", "s3-outposts:ListMultipartUploadParts", "s3-outposts:ListOutpostsWithS3", "s3-outposts:ListRegionalBuckets", "s3-outposts:ListSharedEndpoints", "datasync:ListTasks", "datasync:ListLocations", "datasync:DescribeTask", "datasync:DescribeLocationAzureBlob", "datasync:DescribeLocationEfs", "datasync:DescribeLocationFsxLustre", "datasync:DescribeLocationFsxOntap", "datasync:DescribeLocationFsxOpenZfs", "datasync:DescribeLocationFsxWindows", "datasync:DescribeLocationHdfs", "datasync:DescribeLocationNfs", "datasync:DescribeLocationObjectStorage", "datasync:DescribeLocationS3", "datasync:DescribeLocationSmb", "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "ec2:DescribeNetworkInterfaces", "outposts:ListOutposts", "outposts:GetOutpost" ], "malformed": false, "name": "AmazonS3OutpostsReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-10-02T18:55:58+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSIoTSiteWiseConsoleFullAccess", "createdate": "2019-05-31T21:37:49Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iotsitewise:AssociateAssets", "iotsitewise:AssociateTimeSeriesToAssetProperty", "iotsitewise:BatchAssociateProjectAssets", "iotsitewise:BatchDisassociateProjectAssets", "iotsitewise:BatchGetAssetPropertyAggregates", "iotsitewise:BatchGetAssetPropertyValue", "iotsitewise:BatchGetAssetPropertyValueHistory", "iotsitewise:BatchPutAssetPropertyValue", "iotsitewise:CreateAccessPolicy", "iotsitewise:CreateAsset", "iotsitewise:CreateAssetModel", "iotsitewise:CreateAssetModelCompositeModel", "iotsitewise:CreateBulkImportJob", "iotsitewise:CreateDashboard", "iotsitewise:CreateGateway", "iotsitewise:CreatePortal", "iotsitewise:CreateProject", "iotsitewise:DeleteAccessPolicy", "iotsitewise:DeleteAsset", "iotsitewise:DeleteAssetModel", "iotsitewise:DeleteAssetModelCompositeModel", "iotsitewise:DeleteDashboard", "iotsitewise:DeleteGateway", "iotsitewise:DeletePortal", "iotsitewise:DeleteProject", "iotsitewise:DeleteTimeSeries", "iotsitewise:DescribeAccessPolicy", "iotsitewise:DescribeAction", "iotsitewise:DescribeAsset", "iotsitewise:DescribeAssetCompositeModel", "iotsitewise:DescribeAssetModel", "iotsitewise:DescribeAssetModelCompositeModel", "iotsitewise:DescribeAssetProperty", "iotsitewise:DescribeBulkImportJob", "iotsitewise:DescribeDashboard", "iotsitewise:DescribeDefaultEncryptionConfiguration", "iotsitewise:DescribeGateway", "iotsitewise:DescribeGatewayCapabilityConfiguration", "iotsitewise:DescribeLoggingOptions", "iotsitewise:DescribePortal", "iotsitewise:DescribeProject", "iotsitewise:DescribeStorageConfiguration", "iotsitewise:DescribeTimeSeries", "iotsitewise:DisassociateAssets", "iotsitewise:DisassociateTimeSeriesFromAssetProperty", "iotsitewise:EnableSiteWiseIntegration", "iotsitewise:ExecuteAction", "iotsitewise:ExecuteQuery", "iotsitewise:GetAssetPropertyAggregates", "iotsitewise:GetAssetPropertyValue", "iotsitewise:GetAssetPropertyValueHistory", "iotsitewise:GetInterpolatedAssetPropertyValues", "iotsitewise:ListAccessPolicies", "iotsitewise:ListActions", "iotsitewise:ListAssetModelCompositeModels", "iotsitewise:ListAssetModelProperties", "iotsitewise:ListAssetModels", "iotsitewise:ListAssetProperties", "iotsitewise:ListAssetRelationships", "iotsitewise:ListAssets", "iotsitewise:ListAssociatedAssets", "iotsitewise:ListBulkImportJobs", "iotsitewise:ListCompositionRelationships", "iotsitewise:ListDashboards", "iotsitewise:ListGateways", "iotsitewise:ListPortals", "iotsitewise:ListProjectAssets", "iotsitewise:ListProjects", "iotsitewise:ListTagsForResource", "iotsitewise:ListTimeSeries", "iotsitewise:PutDefaultEncryptionConfiguration", "iotsitewise:PutLoggingOptions", "iotsitewise:PutStorageConfiguration", "iotsitewise:TagResource", "iotsitewise:UntagResource", "iotsitewise:UpdateAccessPolicy", "iotsitewise:UpdateAsset", "iotsitewise:UpdateAssetModel", "iotsitewise:UpdateAssetModelCompositeModel", "iotsitewise:UpdateAssetModelPropertyRouting", "iotsitewise:UpdateAssetProperty", "iotsitewise:UpdateDashboard", "iotsitewise:UpdateGateway", "iotsitewise:UpdateGatewayCapabilityConfiguration", "iotsitewise:UpdatePortal", "iotsitewise:UpdateProject", "iotanalytics:ListChannels", "iotanalytics:ListDatasetContents", "iotanalytics:ListDatasets", "iotanalytics:ListDatastores", "iotanalytics:ListPipelines", "iotanalytics:ListTagsForResource", "iotanalytics:DescribeChannel", "iotanalytics:DescribeDataset", "iotanalytics:DescribeDatastore", "iotanalytics:DescribeLoggingOptions", "iotanalytics:DescribePipeline", "iotanalytics:CreateChannel", "iotanalytics:CreateDataset", "iotanalytics:CreateDatasetContent", "iotanalytics:CreateDatastore", "iotanalytics:CreatePipeline", "iot:DescribeEndpoint", "iot:GetThingShadow", "greengrass:GetGroup", "greengrass:GetGroupVersion", "greengrass:GetCoreDefinitionVersion", "greengrass:ListGroups", "secretsmanager:ListSecrets", "secretsmanager:CreateSecret", "secretsmanager:UpdateSecret", "tag:GetResources", "iam:CreateServiceLinkedRole", "iam:PassRole" ], "malformed": false, "name": "AWSIoTSiteWiseConsoleFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-05-31T21:37:49+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/CostOptimizationHubReadOnlyAccess", "createdate": "2023-12-13T18:04:15Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cost-optimization-hub:ListEnrollmentStatuses", "cost-optimization-hub:GetPreferences", "cost-optimization-hub:GetRecommendation", "cost-optimization-hub:ListRecommendations", "cost-optimization-hub:ListRecommendationSummaries" ], "malformed": false, "name": "CostOptimizationHubReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-13T18:04:15+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSCodeBuildAdminAccess", "createdate": "2023-07-31T23:06:23Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "codebuild:BatchDeleteBuilds", "codebuild:BatchGetBuildBatches", "codebuild:BatchGetBuilds", "codebuild:BatchGetFleets", "codebuild:BatchGetProjects", "codebuild:BatchGetReportGroups", "codebuild:BatchGetReports", "codebuild:BatchPutCodeCoverages", "codebuild:BatchPutTestCases", "codebuild:CreateFleet", "codebuild:CreateProject", "codebuild:CreateReport", "codebuild:CreateReportGroup", "codebuild:CreateWebhook", "codebuild:DeleteBuildBatch", "codebuild:DeleteFleet", "codebuild:DeleteOAuthToken", "codebuild:DeleteProject", "codebuild:DeleteReport", "codebuild:DeleteReportGroup", "codebuild:DeleteResourcePolicy", "codebuild:DeleteSourceCredentials", "codebuild:DeleteWebhook", "codebuild:DescribeCodeCoverages", "codebuild:DescribeTestCases", "codebuild:GetReportGroupTrend", "codebuild:GetResourcePolicy", "codebuild:ImportSourceCredentials", "codebuild:InvalidateProjectCache", "codebuild:ListBuildBatches", "codebuild:ListBuildBatchesForProject", "codebuild:ListBuilds", "codebuild:ListBuildsForProject", "codebuild:ListConnectedOAuthAccounts", "codebuild:ListCuratedEnvironmentImages", "codebuild:ListFleets", "codebuild:ListProjects", "codebuild:ListReportGroups", "codebuild:ListReports", "codebuild:ListReportsForReportGroup", "codebuild:ListRepositories", "codebuild:ListSharedProjects", "codebuild:ListSharedReportGroups", "codebuild:ListSourceCredentials", "codebuild:PersistOAuthToken", "codebuild:PutResourcePolicy", "codebuild:RetryBuild", "codebuild:RetryBuildBatch", "codebuild:StartBuild", "codebuild:StartBuildBatch", "codebuild:StopBuild", "codebuild:StopBuildBatch", "codebuild:UpdateFleet", "codebuild:UpdateProject", "codebuild:UpdateProjectVisibility", "codebuild:UpdateReport", "codebuild:UpdateReportGroup", "codebuild:UpdateWebhook", "codecommit:GetBranch", "codecommit:GetCommit", "codecommit:GetRepository", "codecommit:ListBranches", "codecommit:ListRepositories", "cloudwatch:GetMetricStatistics", "ec2:DescribeVpcs", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ecr:DescribeRepositories", "ecr:ListImages", "elasticfilesystem:DescribeFileSystems", "events:DeleteRule", "events:DescribeRule", "events:DisableRule", "events:EnableRule", "events:ListTargetsByRule", "events:ListRuleNamesByTarget", "events:PutRule", "events:PutTargets", "events:RemoveTargets", "logs:GetLogEvents", "s3:GetBucketLocation", "s3:ListAllMyBuckets", "logs:DeleteLogGroup", "ssm:PutParameter", "ssm:StartSession", "codestar-connections:CreateConnection", "codestar-connections:DeleteConnection", "codestar-connections:UpdateConnectionInstallation", "codestar-connections:TagResource", "codestar-connections:UntagResource", "codestar-connections:ListConnections", "codestar-connections:ListInstallationTargets", "codestar-connections:ListTagsForResource", "codestar-connections:GetConnection", "codestar-connections:GetIndividualAccessToken", "codestar-connections:GetInstallationUrl", "codestar-connections:PassConnection", "codestar-connections:StartOAuthHandshake", "codestar-connections:UseConnection", "codestar-notifications:CreateNotificationRule", "codestar-notifications:DescribeNotificationRule", "codestar-notifications:UpdateNotificationRule", "codestar-notifications:DeleteNotificationRule", "codestar-notifications:Subscribe", "codestar-notifications:Unsubscribe", "codestar-notifications:ListNotificationRules", "codestar-notifications:ListEventTypes", "codestar-notifications:ListTargets", "codestar-notifications:ListTagsForResource", "sns:CreateTopic", "sns:SetTopicAttributes", "sns:ListTopics", "sns:GetTopicAttributes", "chatbot:DescribeSlackChannelConfigurations", "chatbot:ListMicrosoftTeamsChannelConfigurations" ], "malformed": false, "name": "AWSCodeBuildAdminAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-07-31T23:06:23+00:00", "version": "v13" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonHoneycodeServiceRolePolicy", "createdate": "2020-11-18T18:03:08Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "sso:GetManagedApplicationInstance" ], "malformed": false, "name": "AmazonHoneycodeServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-11-18T18:03:08+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonRedshiftFullAccess", "createdate": "2022-07-07T23:31:13Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "redshift:AcceptReservedNodeExchange", "redshift:AddPartner", "redshift:AssociateDataShareConsumer", "redshift:AuthorizeClusterSecurityGroupIngress", "redshift:AuthorizeDataShare", "redshift:AuthorizeEndpointAccess", "redshift:AuthorizeSnapshotAccess", "redshift:BatchDeleteClusterSnapshots", "redshift:BatchModifyClusterSnapshots", "redshift:CancelQuery", "redshift:CancelQuerySession", "redshift:CancelResize", "redshift:CopyClusterSnapshot", "redshift:CreateAuthenticationProfile", "redshift:CreateCluster", "redshift:CreateClusterParameterGroup", "redshift:CreateClusterSecurityGroup", "redshift:CreateClusterSnapshot", "redshift:CreateClusterSubnetGroup", "redshift:CreateClusterUser", "redshift:CreateCustomDomainAssociation", "redshift:CreateEndpointAccess", "redshift:CreateEventSubscription", "redshift:CreateHsmClientCertificate", "redshift:CreateHsmConfiguration", "redshift:CreateQev2IdcApplication", "redshift:CreateRedshiftIdcApplication", "redshift:CreateSavedQuery", "redshift:CreateScheduledAction", "redshift:CreateSnapshotCopyGrant", "redshift:CreateSnapshotSchedule", "redshift:CreateTags", "redshift:CreateUsageLimit", "redshift:DeauthorizeDataShare", "redshift:DeleteAuthenticationProfile", "redshift:DeleteCluster", "redshift:DeleteClusterParameterGroup", "redshift:DeleteClusterSecurityGroup", "redshift:DeleteClusterSnapshot", "redshift:DeleteClusterSubnetGroup", "redshift:DeleteCustomDomainAssociation", "redshift:DeleteEndpointAccess", "redshift:DeleteEventSubscription", "redshift:DeleteHsmClientCertificate", "redshift:DeleteHsmConfiguration", "redshift:DeletePartner", "redshift:DeleteQev2IdcApplication", "redshift:DeleteRedshiftIdcApplication", "redshift:DeleteResourcePolicy", "redshift:DeleteSavedQueries", "redshift:DeleteScheduledAction", "redshift:DeleteSnapshotCopyGrant", "redshift:DeleteSnapshotSchedule", "redshift:DeleteTags", "redshift:DeleteUsageLimit", "redshift:DescribeAccountAttributes", "redshift:DescribeAuthenticationProfiles", "redshift:DescribeClusterDbRevisions", "redshift:DescribeClusterParameterGroups", "redshift:DescribeClusterParameters", "redshift:DescribeClusterSecurityGroups", "redshift:DescribeClusterSnapshots", "redshift:DescribeClusterSubnetGroups", "redshift:DescribeClusterTracks", "redshift:DescribeClusterVersions", "redshift:DescribeClusters", "redshift:DescribeCustomDomainAssociations", "redshift:DescribeDataShares", "redshift:DescribeDataSharesForConsumer", "redshift:DescribeDataSharesForProducer", "redshift:DescribeDefaultClusterParameters", "redshift:DescribeEndpointAccess", "redshift:DescribeEndpointAuthorization", "redshift:DescribeEventCategories", "redshift:DescribeEventSubscriptions", "redshift:DescribeEvents", "redshift:DescribeHsmClientCertificates", "redshift:DescribeHsmConfigurations", "redshift:DescribeInboundIntegrations", "redshift:DescribeLoggingStatus", "redshift:DescribeNodeConfigurationOptions", "redshift:DescribeOrderableClusterOptions", "redshift:DescribePartners", "redshift:DescribeQev2IdcApplications", "redshift:DescribeQuery", "redshift:DescribeRedshiftIdcApplications", "redshift:DescribeReservedNodeExchangeStatus", "redshift:DescribeReservedNodeOfferings", "redshift:DescribeReservedNodes", "redshift:DescribeResize", "redshift:DescribeSavedQueries", "redshift:DescribeScheduledActions", "redshift:DescribeSnapshotCopyGrants", "redshift:DescribeSnapshotSchedules", "redshift:DescribeStorage", "redshift:DescribeTable", "redshift:DescribeTableRestoreStatus", "redshift:DescribeTags", "redshift:DescribeUsageLimits", "redshift:DisableLogging", "redshift:DisableSnapshotCopy", "redshift:DisassociateDataShareConsumer", "redshift:EnableLogging", "redshift:EnableSnapshotCopy", "redshift:ExecuteQuery", "redshift:FailoverPrimaryCompute", "redshift:FetchResults", "redshift:GetClusterCredentials", "redshift:GetClusterCredentialsWithIAM", "redshift:GetReservedNodeExchangeConfigurationOptions", "redshift:GetReservedNodeExchangeOfferings", "redshift:GetResourcePolicy", "redshift:JoinGroup", "redshift:ListDatabases", "redshift:ListRecommendations", "redshift:ListSavedQueries", "redshift:ListSchemas", "redshift:ListTables", "redshift:ModifyAquaConfiguration", "redshift:ModifyAuthenticationProfile", "redshift:ModifyCluster", "redshift:ModifyClusterDbRevision", "redshift:ModifyClusterIamRoles", "redshift:ModifyClusterMaintenance", "redshift:ModifyClusterParameterGroup", "redshift:ModifyClusterSnapshot", "redshift:ModifyClusterSnapshotSchedule", "redshift:ModifyClusterSubnetGroup", "redshift:ModifyCustomDomainAssociation", "redshift:ModifyEndpointAccess", "redshift:ModifyEventSubscription", "redshift:ModifyQev2IdcApplication", "redshift:ModifyRedshiftIdcApplication", "redshift:ModifySavedQuery", "redshift:ModifyScheduledAction", "redshift:ModifySnapshotCopyRetentionPeriod", "redshift:ModifySnapshotSchedule", "redshift:ModifyUsageLimit", "redshift:PauseCluster", "redshift:PurchaseReservedNodeOffering", "redshift:PutResourcePolicy", "redshift:RebootCluster", "redshift:RejectDataShare", "redshift:ResetClusterParameterGroup", "redshift:ResizeCluster", "redshift:RestoreFromClusterSnapshot", "redshift:RestoreTableFromClusterSnapshot", "redshift:ResumeCluster", "redshift:RevokeClusterSecurityGroupIngress", "redshift:RevokeEndpointAccess", "redshift:RevokeSnapshotAccess", "redshift:RotateEncryptionKey", "redshift:UpdatePartnerStatus", "redshift:ViewQueriesFromConsole", "redshift:ViewQueriesInConsole", "redshift-serverless:ConvertRecoveryPointToSnapshot", "redshift-serverless:CreateCustomDomainAssociation", "redshift-serverless:CreateEndpointAccess", "redshift-serverless:CreateNamespace", "redshift-serverless:CreateScheduledAction", "redshift-serverless:CreateSnapshot", "redshift-serverless:CreateSnapshotCopyConfiguration", "redshift-serverless:CreateUsageLimit", "redshift-serverless:CreateWorkgroup", "redshift-serverless:DeleteCustomDomainAssociation", "redshift-serverless:DeleteEndpointAccess", "redshift-serverless:DeleteNamespace", "redshift-serverless:DeleteResourcePolicy", "redshift-serverless:DeleteScheduledAction", "redshift-serverless:DeleteSnapshot", "redshift-serverless:DeleteSnapshotCopyConfiguration", "redshift-serverless:DeleteUsageLimit", "redshift-serverless:DeleteWorkgroup", "redshift-serverless:DescribeOneTimeCredit", "redshift-serverless:GetCredentials", "redshift-serverless:GetCustomDomainAssociation", "redshift-serverless:GetEndpointAccess", "redshift-serverless:GetNamespace", "redshift-serverless:GetRecoveryPoint", "redshift-serverless:GetResourcePolicy", "redshift-serverless:GetScheduledAction", "redshift-serverless:GetSnapshot", "redshift-serverless:GetTableRestoreStatus", "redshift-serverless:GetUsageLimit", "redshift-serverless:GetWorkgroup", "redshift-serverless:ListCustomDomainAssociations", "redshift-serverless:ListEndpointAccess", "redshift-serverless:ListNamespaces", "redshift-serverless:ListRecoveryPoints", "redshift-serverless:ListScheduledActions", "redshift-serverless:ListSnapshotCopyConfigurations", "redshift-serverless:ListSnapshots", "redshift-serverless:ListTableRestoreStatus", "redshift-serverless:ListTagsForResource", "redshift-serverless:ListUsageLimits", "redshift-serverless:ListWorkgroups", "redshift-serverless:PutResourcePolicy", "redshift-serverless:RestoreFromRecoveryPoint", "redshift-serverless:RestoreFromSnapshot", "redshift-serverless:RestoreTableFromRecoveryPoint", "redshift-serverless:RestoreTableFromSnapshot", "redshift-serverless:TagResource", "redshift-serverless:UntagResource", "redshift-serverless:UpdateCustomDomainAssociation", "redshift-serverless:UpdateEndpointAccess", "redshift-serverless:UpdateNamespace", "redshift-serverless:UpdateScheduledAction", "redshift-serverless:UpdateSnapshot", "redshift-serverless:UpdateSnapshotCopyConfiguration", "redshift-serverless:UpdateUsageLimit", "redshift-serverless:UpdateWorkgroup", "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DescribeAvailabilityZones", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeInternetGateways", "sns:CreateTopic", "sns:GetDataProtectionPolicy", "sns:GetEndpointAttributes", "sns:GetPlatformApplicationAttributes", "sns:GetSMSAttributes", "sns:GetSMSSandboxAccountStatus", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:ListEndpointsByPlatformApplication", "sns:ListOriginationNumbers", "sns:ListPhoneNumbersOptedOut", "sns:ListPlatformApplications", "sns:ListSMSSandboxPhoneNumbers", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "cloudwatch:PutMetricAlarm", "cloudwatch:EnableAlarmActions", "cloudwatch:DisableAlarmActions", "tag:GetResources", "tag:UntagResources", "tag:GetTagValues", "tag:GetTagKeys", "tag:TagResources", "iam:CreateServiceLinkedRole", "redshift-data:ExecuteStatement", "redshift-data:CancelStatement", "redshift-data:ListStatements", "redshift-data:GetStatementResult", "redshift-data:DescribeStatement", "redshift-data:ListDatabases", "redshift-data:ListSchemas", "redshift-data:ListTables", "redshift-data:DescribeTable", "secretsmanager:ListSecrets", "secretsmanager:CreateSecret", "secretsmanager:GetSecretValue", "secretsmanager:TagResource" ], "malformed": false, "name": "AmazonRedshiftFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-07-07T23:31:13+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AdministratorAccess-Amplify", "createdate": "2024-04-04T20:35:31Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudformation:CreateChangeSet", "cloudformation:CreateStack", "cloudformation:DeleteStack", "cloudformation:DescribeChangeSet", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResources", "cloudformation:DescribeStacks", "cloudformation:ExecuteChangeSet", "cloudformation:GetTemplate", "cloudformation:UpdateStack", "cloudformation:ListStacks", "cloudformation:ListStackResources", "cloudformation:DeleteStackSet", "cloudformation:DescribeStackSet", "cloudformation:UpdateStackSet", "cloudformation:TagResource", "cloudformation:UntagResource", "iam:ListRoleTags", "iam:TagRole", "iam:AttachRolePolicy", "iam:CreatePolicy", "iam:DeletePolicy", "iam:DeleteRole", "iam:DeleteRolePolicy", "iam:DetachRolePolicy", "iam:PutRolePolicy", "iam:UntagRole", "iam:UpdateRole", "iam:GetRole", "iam:GetPolicy", "iam:GetRolePolicy", "iam:PassRole", "iam:ListPolicyVersions", "iam:CreatePolicyVersion", "iam:DeletePolicyVersion", "iam:CreateRole", "iam:ListRolePolicies", "iam:PutRolePermissionsBoundary", "iam:DeleteRolePermissionsBoundary", "appsync:CreateApiKey", "appsync:CreateDataSource", "appsync:CreateFunction", "appsync:CreateResolver", "appsync:CreateType", "appsync:DeleteApiKey", "appsync:DeleteDataSource", "appsync:DeleteFunction", "appsync:DeleteResolver", "appsync:DeleteType", "appsync:GetDataSource", "appsync:GetFunction", "appsync:GetIntrospectionSchema", "appsync:GetResolver", "appsync:GetSchemaCreationStatus", "appsync:GetType", "appsync:GraphQL", "appsync:ListApiKeys", "appsync:ListDataSources", "appsync:ListFunctions", "appsync:ListGraphqlApis", "appsync:ListResolvers", "appsync:ListResolversByFunction", "appsync:ListTypes", "appsync:StartSchemaCreation", "appsync:UntagResource", "appsync:UpdateApiKey", "appsync:UpdateDataSource", "appsync:UpdateFunction", "appsync:UpdateResolver", "appsync:UpdateType", "appsync:TagResource", "appsync:CreateGraphqlApi", "appsync:DeleteGraphqlApi", "appsync:GetGraphqlApi", "appsync:ListTagsForResource", "appsync:UpdateGraphqlApi", "apigateway:DELETE", "apigateway:GET", "apigateway:PATCH", "apigateway:POST", "apigateway:PUT", "cognito-idp:CreateUserPool", "cognito-identity:CreateIdentityPool", "cognito-identity:DeleteIdentityPool", "cognito-identity:DescribeIdentity", "cognito-identity:DescribeIdentityPool", "cognito-identity:SetIdentityPoolRoles", "cognito-identity:GetIdentityPoolRoles", "cognito-identity:UpdateIdentityPool", "cognito-idp:CreateUserPoolClient", "cognito-idp:DeleteUserPool", "cognito-idp:DeleteUserPoolClient", "cognito-idp:DescribeUserPool", "cognito-idp:DescribeUserPoolClient", "cognito-idp:ListTagsForResource", "cognito-idp:ListUserPoolClients", "cognito-idp:UpdateUserPoolClient", "cognito-idp:CreateGroup", "cognito-idp:DeleteGroup", "cognito-identity:TagResource", "cognito-idp:TagResource", "cognito-idp:UpdateUserPool", "cognito-idp:SetUserPoolMfaConfig", "lambda:AddPermission", "lambda:CreateFunction", "lambda:DeleteFunction", "lambda:GetFunction", "lambda:GetFunctionConfiguration", "lambda:InvokeAsync", "lambda:InvokeFunction", "lambda:RemovePermission", "lambda:UpdateFunctionCode", "lambda:UpdateFunctionConfiguration", "lambda:ListTags", "lambda:TagResource", "lambda:UntagResource", "lambda:AddLayerVersionPermission", "lambda:CreateEventSourceMapping", "lambda:DeleteEventSourceMapping", "lambda:DeleteLayerVersion", "lambda:GetEventSourceMapping", "lambda:GetLayerVersion", "lambda:ListEventSourceMappings", "lambda:ListLayerVersions", "lambda:PublishLayerVersion", "lambda:RemoveLayerVersionPermission", "lambda:UpdateEventSourceMapping", "dynamodb:CreateTable", "dynamodb:DeleteItem", "dynamodb:DeleteTable", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeTable", "dynamodb:DescribeTimeToLive", "dynamodb:ListStreams", "dynamodb:PutItem", "dynamodb:TagResource", "dynamodb:ListTagsOfResource", "dynamodb:UntagResource", "dynamodb:UpdateContinuousBackups", "dynamodb:UpdateItem", "dynamodb:UpdateTable", "dynamodb:UpdateTimeToLive", "s3:CreateBucket", "s3:ListBucket", "s3:PutBucketAcl", "s3:PutBucketCORS", "s3:PutBucketNotification", "s3:PutBucketPolicy", "s3:PutBucketWebsite", "s3:PutObjectAcl", "cloudfront:CreateCloudFrontOriginAccessIdentity", "cloudfront:CreateDistribution", "cloudfront:DeleteCloudFrontOriginAccessIdentity", "cloudfront:DeleteDistribution", "cloudfront:GetCloudFrontOriginAccessIdentity", "cloudfront:GetCloudFrontOriginAccessIdentityConfig", "cloudfront:GetDistribution", "cloudfront:GetDistributionConfig", "cloudfront:TagResource", "cloudfront:UntagResource", "cloudfront:UpdateCloudFrontOriginAccessIdentity", "cloudfront:UpdateDistribution", "events:DeleteRule", "events:DescribeRule", "events:ListRuleNamesByTarget", "events:PutRule", "events:PutTargets", "events:RemoveTargets", "mobiletargeting:GetApp", "kinesis:AddTagsToStream", "kinesis:CreateStream", "kinesis:DeleteStream", "kinesis:DescribeStream", "kinesis:DescribeStreamSummary", "kinesis:ListTagsForStream", "kinesis:PutRecords", "es:AddTags", "es:CreateElasticsearchDomain", "es:DeleteElasticsearchDomain", "es:DescribeElasticsearchDomain", "es:UpdateElasticsearchDomainConfig", "s3:PutEncryptionConfiguration", "s3:PutBucketPublicAccessBlock", "appsync:GetIntrospectionSchema", "appsync:GraphQL", "appsync:UpdateApiKey", "appsync:ListApiKeys", "amplify:CreateApp", "amplify:CreateBackendEnvironment", "amplify:CreateBranch", "amplify:CreateDeployment", "amplify:CreateDomainAssociation", "amplify:CreateWebHook", "amplify:DeleteApp", "amplify:DeleteBackendEnvironment", "amplify:DeleteBranch", "amplify:DeleteDomainAssociation", "amplify:DeleteJob", "amplify:DeleteWebHook", "amplify:GenerateAccessLogs", "amplify:GetApp", "amplify:GetArtifactUrl", "amplify:GetBackendEnvironment", "amplify:GetBranch", "amplify:GetDomainAssociation", "amplify:GetJob", "amplify:GetWebHook", "amplify:ListApps", "amplify:ListArtifacts", "amplify:ListBackendEnvironments", "amplify:ListBranches", "amplify:ListDomainAssociations", "amplify:ListJobs", "amplify:ListTagsForResource", "amplify:ListWebHooks", "amplify:StartDeployment", "amplify:StartJob", "amplify:StopJob", "amplify:TagResource", "amplify:UntagResource", "amplify:UpdateApp", "amplify:UpdateBranch", "amplify:UpdateDomainAssociation", "amplify:UpdateWebHook", "amplifybackend:CloneBackend", "amplifybackend:CreateBackend", "amplifybackend:CreateBackendAPI", "amplifybackend:CreateBackendAuth", "amplifybackend:CreateBackendConfig", "amplifybackend:CreateBackendStorage", "amplifybackend:CreateToken", "amplifybackend:DeleteBackend", "amplifybackend:DeleteBackendAPI", "amplifybackend:DeleteBackendAuth", "amplifybackend:DeleteBackendStorage", "amplifybackend:DeleteToken", "amplifybackend:GenerateBackendAPIModels", "amplifybackend:GetBackend", "amplifybackend:GetBackendAPI", "amplifybackend:GetBackendAPIModels", "amplifybackend:GetBackendAuth", "amplifybackend:GetBackendJob", "amplifybackend:GetBackendStorage", "amplifybackend:GetToken", "amplifybackend:ImportBackendAuth", "amplifybackend:ImportBackendStorage", "amplifybackend:ListBackendJobs", "amplifybackend:ListS3Buckets", "amplifybackend:RemoveAllBackends", "amplifybackend:RemoveBackendConfig", "amplifybackend:UpdateBackendAPI", "amplifybackend:UpdateBackendAuth", "amplifybackend:UpdateBackendConfig", "amplifybackend:UpdateBackendJob", "amplifybackend:UpdateBackendStorage", "amplifyuibuilder:CreateComponent", "amplifyuibuilder:CreateForm", "amplifyuibuilder:CreateTheme", "amplifyuibuilder:DeleteComponent", "amplifyuibuilder:DeleteForm", "amplifyuibuilder:DeleteTheme", "amplifyuibuilder:ExchangeCodeForToken", "amplifyuibuilder:ExportComponents", "amplifyuibuilder:ExportForms", "amplifyuibuilder:ExportThemes", "amplifyuibuilder:GetCodegenJob", "amplifyuibuilder:GetComponent", "amplifyuibuilder:GetForm", "amplifyuibuilder:GetMetadata", "amplifyuibuilder:GetTheme", "amplifyuibuilder:ListCodegenJobs", "amplifyuibuilder:ListComponents", "amplifyuibuilder:ListForms", "amplifyuibuilder:ListTagsForResource", "amplifyuibuilder:ListThemes", "amplifyuibuilder:PutMetadataFlag", "amplifyuibuilder:RefreshToken", "amplifyuibuilder:ResetMetadataFlag", "amplifyuibuilder:StartCodegenJob", "amplifyuibuilder:TagResource", "amplifyuibuilder:UntagResource", "amplifyuibuilder:UpdateComponent", "amplifyuibuilder:UpdateForm", "amplifyuibuilder:UpdateTheme", "sts:AssumeRole", "mobiletargeting:CreateApp", "mobiletargeting:CreateCampaign", "mobiletargeting:CreateEmailTemplate", "mobiletargeting:CreateExportJob", "mobiletargeting:CreateImportJob", "mobiletargeting:CreateInAppTemplate", "mobiletargeting:CreateJourney", "mobiletargeting:CreatePushTemplate", "mobiletargeting:CreateRecommenderConfiguration", "mobiletargeting:CreateSegment", "mobiletargeting:CreateSmsTemplate", "mobiletargeting:CreateVoiceTemplate", "mobiletargeting:DeleteAdmChannel", "mobiletargeting:DeleteApnsChannel", "mobiletargeting:DeleteApnsSandboxChannel", "mobiletargeting:DeleteApnsVoipChannel", "mobiletargeting:DeleteApnsVoipSandboxChannel", "mobiletargeting:DeleteApp", "mobiletargeting:DeleteBaiduChannel", "mobiletargeting:DeleteCampaign", "mobiletargeting:DeleteEmailChannel", "mobiletargeting:DeleteEmailTemplate", "mobiletargeting:DeleteEndpoint", "mobiletargeting:DeleteEventStream", "mobiletargeting:DeleteGcmChannel", "mobiletargeting:DeleteInAppTemplate", "mobiletargeting:DeleteJourney", "mobiletargeting:DeletePushTemplate", "mobiletargeting:DeleteRecommenderConfiguration", "mobiletargeting:DeleteSegment", "mobiletargeting:DeleteSmsChannel", "mobiletargeting:DeleteSmsTemplate", "mobiletargeting:DeleteUserEndpoints", "mobiletargeting:DeleteVoiceChannel", "mobiletargeting:DeleteVoiceTemplate", "mobiletargeting:GetAdmChannel", "mobiletargeting:GetApnsChannel", "mobiletargeting:GetApnsSandboxChannel", "mobiletargeting:GetApnsVoipChannel", "mobiletargeting:GetApnsVoipSandboxChannel", "mobiletargeting:GetApp", "mobiletargeting:GetApplicationDateRangeKpi", "mobiletargeting:GetApplicationSettings", "mobiletargeting:GetApps", "mobiletargeting:GetBaiduChannel", "mobiletargeting:GetCampaign", "mobiletargeting:GetCampaignActivities", "mobiletargeting:GetCampaignDateRangeKpi", "mobiletargeting:GetCampaignVersion", "mobiletargeting:GetCampaignVersions", "mobiletargeting:GetCampaigns", "mobiletargeting:GetChannels", "mobiletargeting:GetEmailChannel", "mobiletargeting:GetEmailTemplate", "mobiletargeting:GetEndpoint", "mobiletargeting:GetEventStream", "mobiletargeting:GetExportJob", "mobiletargeting:GetExportJobs", "mobiletargeting:GetGcmChannel", "mobiletargeting:GetImportJob", "mobiletargeting:GetImportJobs", "mobiletargeting:GetInAppMessages", "mobiletargeting:GetInAppTemplate", "mobiletargeting:GetJourney", "mobiletargeting:GetJourneyDateRangeKpi", "mobiletargeting:GetJourneyExecutionActivityMetrics", "mobiletargeting:GetJourneyExecutionMetrics", "mobiletargeting:GetJourneyRunExecutionActivityMetrics", "mobiletargeting:GetJourneyRunExecutionMetrics", "mobiletargeting:GetJourneyRuns", "mobiletargeting:GetPushTemplate", "mobiletargeting:GetRecommenderConfiguration", "mobiletargeting:GetRecommenderConfigurations", "mobiletargeting:GetReports", "mobiletargeting:GetSegment", "mobiletargeting:GetSegmentExportJobs", "mobiletargeting:GetSegmentImportJobs", "mobiletargeting:GetSegmentVersion", "mobiletargeting:GetSegmentVersions", "mobiletargeting:GetSegments", "mobiletargeting:GetSmsChannel", "mobiletargeting:GetSmsTemplate", "mobiletargeting:GetUserEndpoints", "mobiletargeting:GetVoiceChannel", "mobiletargeting:GetVoiceTemplate", "mobiletargeting:ListJourneys", "mobiletargeting:ListTagsForResource", "mobiletargeting:ListTemplateVersions", "mobiletargeting:ListTemplates", "mobiletargeting:PhoneNumberValidate", "mobiletargeting:PutEventStream", "mobiletargeting:PutEvents", "mobiletargeting:RemoveAttributes", "mobiletargeting:SendMessages", "mobiletargeting:SendOTPMessage", "mobiletargeting:SendUsersMessages", "mobiletargeting:TagResource", "mobiletargeting:UntagResource", "mobiletargeting:UpdateAdmChannel", "mobiletargeting:UpdateApnsChannel", "mobiletargeting:UpdateApnsSandboxChannel", "mobiletargeting:UpdateApnsVoipChannel", "mobiletargeting:UpdateApnsVoipSandboxChannel", "mobiletargeting:UpdateApplicationSettings", "mobiletargeting:UpdateBaiduChannel", "mobiletargeting:UpdateCampaign", "mobiletargeting:UpdateEmailChannel", "mobiletargeting:UpdateEmailTemplate", "mobiletargeting:UpdateEndpoint", "mobiletargeting:UpdateEndpointsBatch", "mobiletargeting:UpdateGcmChannel", "mobiletargeting:UpdateInAppTemplate", "mobiletargeting:UpdateJourney", "mobiletargeting:UpdateJourneyState", "mobiletargeting:UpdatePushTemplate", "mobiletargeting:UpdateRecommenderConfiguration", "mobiletargeting:UpdateSegment", "mobiletargeting:UpdateSmsChannel", "mobiletargeting:UpdateSmsTemplate", "mobiletargeting:UpdateTemplateActiveVersion", "mobiletargeting:UpdateVoiceChannel", "mobiletargeting:UpdateVoiceTemplate", "mobiletargeting:VerifyOTPMessage", "cognito-idp:AdminAddUserToGroup", "cognito-idp:AdminCreateUser", "cognito-idp:CreateGroup", "cognito-idp:DeleteGroup", "cognito-idp:DeleteUser", "cognito-idp:ListUsers", "cognito-idp:AdminGetUser", "cognito-idp:ListUsersInGroup", "cognito-idp:AdminDisableUser", "cognito-idp:AdminRemoveUserFromGroup", "cognito-idp:AdminResetUserPassword", "cognito-idp:AdminListGroupsForUser", "cognito-idp:ListGroups", "cognito-idp:AdminListUserAuthEvents", "cognito-idp:AdminDeleteUser", "cognito-idp:AdminConfirmSignUp", "cognito-idp:AdminEnableUser", "cognito-idp:AdminUpdateUserAttributes", "cognito-idp:DescribeIdentityProvider", "cognito-idp:DescribeUserPool", "cognito-idp:DeleteUserPool", "cognito-idp:DescribeUserPoolClient", "cognito-idp:CreateUserPool", "cognito-idp:CreateUserPoolClient", "cognito-idp:UpdateUserPool", "cognito-idp:AdminSetUserPassword", "cognito-idp:ListUserPools", "cognito-idp:ListUserPoolClients", "cognito-idp:ListIdentityProviders", "cognito-idp:GetUserPoolMfaConfig", "cognito-identity:GetIdentityPoolRoles", "cognito-identity:SetIdentityPoolRoles", "cognito-identity:CreateIdentityPool", "cognito-identity:DeleteIdentityPool", "cognito-identity:ListIdentityPools", "cognito-identity:DescribeIdentityPool", "dynamodb:DescribeTable", "dynamodb:ListTables", "lambda:GetFunction", "lambda:CreateFunction", "lambda:AddPermission", "lambda:DeleteFunction", "lambda:DeleteLayerVersion", "lambda:InvokeFunction", "lambda:ListLayerVersions", "iam:PutRolePolicy", "iam:CreatePolicy", "iam:AttachRolePolicy", "iam:ListPolicyVersions", "iam:ListAttachedRolePolicies", "iam:CreateRole", "iam:PassRole", "iam:ListRolePolicies", "iam:DeleteRolePolicy", "iam:CreatePolicyVersion", "iam:DeletePolicyVersion", "iam:DeleteRole", "iam:DetachRolePolicy", "cloudformation:ListStacks", "cloudformation:DescribeStacks", "sns:CreateSMSSandboxPhoneNumber", "sns:GetSMSSandboxAccountStatus", "sns:VerifySMSSandboxPhoneNumber", "sns:DeleteSMSSandboxPhoneNumber", "sns:ListSMSSandboxPhoneNumbers", "sns:ListOriginationNumbers", "rekognition:DescribeCollection", "logs:DescribeLogStreams", "logs:GetLogEvents", "lex:GetBot", "lex:GetBuiltinIntent", "lex:GetBuiltinIntents", "lex:GetBuiltinSlotTypes", "cloudformation:GetTemplateSummary", "codecommit:GitPull", "cloudfront:GetCloudFrontOriginAccessIdentity", "cloudfront:GetCloudFrontOriginAccessIdentityConfig", "polly:DescribeVoices", "ssm:PutParameter", "ssm:DeleteParameter", "ssm:GetParametersByPath", "ssm:GetParameters", "ssm:GetParameter", "ssm:DeleteParameters", "geo:AssociateTrackerConsumer", "geo:BatchDeleteDevicePositionHistory", "geo:BatchDeleteGeofence", "geo:BatchEvaluateGeofences", "geo:BatchGetDevicePosition", "geo:BatchPutGeofence", "geo:BatchUpdateDevicePosition", "geo:CalculateRoute", "geo:CalculateRouteMatrix", "geo:CreateGeofenceCollection", "geo:CreateKey", "geo:CreateMap", "geo:CreatePlaceIndex", "geo:CreateRouteCalculator", "geo:CreateTracker", "geo:DeleteGeofenceCollection", "geo:DeleteKey", "geo:DeleteMap", "geo:DeletePlaceIndex", "geo:DeleteRouteCalculator", "geo:DeleteTracker", "geo:DescribeGeofenceCollection", "geo:DescribeKey", "geo:DescribeMap", "geo:DescribePlaceIndex", "geo:DescribeRouteCalculator", "geo:DescribeTracker", "geo:DisassociateTrackerConsumer", "geo:GetDevicePosition", "geo:GetDevicePositionHistory", "geo:GetGeofence", "geo:GetMapGlyphs", "geo:GetMapSprites", "geo:GetMapStyleDescriptor", "geo:GetMapTile", "geo:GetPlace", "geo:ListDevicePositions", "geo:ListGeofenceCollections", "geo:ListGeofences", "geo:ListKeys", "geo:ListMaps", "geo:ListPlaceIndexes", "geo:ListRouteCalculators", "geo:ListTagsForResource", "geo:ListTrackerConsumers", "geo:ListTrackers", "geo:PutGeofence", "geo:SearchPlaceIndexForPosition", "geo:SearchPlaceIndexForSuggestions", "geo:SearchPlaceIndexForText", "geo:TagResource", "geo:UntagResource", "geo:UpdateGeofenceCollection", "geo:UpdateKey", "geo:UpdateMap", "geo:UpdatePlaceIndex", "geo:UpdateRouteCalculator", "geo:UpdateTracker", "ecr:DescribeRepositories", "s3:CreateBucket", "s3:DeleteBucket", "s3:DeleteBucketPolicy", "s3:DeleteBucketWebsite", "s3:DeleteObject", "s3:DeleteObjectVersion", "s3:GetBucketLocation", "s3:GetObject", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketVersions", "s3:PutBucketAcl", "s3:PutBucketCORS", "s3:PutBucketNotification", "s3:PutBucketPolicy", "s3:PutBucketVersioning", "s3:PutBucketWebsite", "s3:PutEncryptionConfiguration", "s3:PutLifecycleConfiguration", "s3:PutObject", "s3:PutObjectAcl", "cloudfront:CreateCloudFrontOriginAccessIdentity", "cloudfront:CreateDistribution", "cloudfront:CreateInvalidation", "cloudfront:GetDistribution", "cloudfront:GetDistributionConfig", "cloudfront:ListCloudFrontOriginAccessIdentities", "cloudfront:ListDistributions", "cloudfront:ListDistributionsByLambdaFunction", "cloudfront:ListDistributionsByWebACLId", "cloudfront:ListFieldLevelEncryptionConfigs", "cloudfront:ListFieldLevelEncryptionProfiles", "cloudfront:ListInvalidations", "cloudfront:ListPublicKeys", "cloudfront:ListStreamingDistributions", "cloudfront:UpdateDistribution", "cloudfront:TagResource", "cloudfront:UntagResource", "cloudfront:ListTagsForResource", "cloudfront:DeleteDistribution", "iam:AttachRolePolicy", "iam:CreateRole", "iam:CreateServiceLinkedRole", "iam:GetRole", "iam:PutRolePolicy", "iam:PassRole", "lambda:CreateFunction", "lambda:EnableReplication", "lambda:DeleteFunction", "lambda:GetFunction", "lambda:GetFunctionConfiguration", "lambda:PublishVersion", "lambda:UpdateFunctionCode", "lambda:UpdateFunctionConfiguration", "lambda:ListTags", "lambda:TagResource", "lambda:UntagResource", "route53:ChangeResourceRecordSets", "route53:ListHostedZonesByName", "route53:ListResourceRecordSets", "s3:CreateBucket", "s3:GetAccelerateConfiguration", "s3:GetObject", "s3:ListBucket", "s3:PutAccelerateConfiguration", "s3:PutBucketPolicy", "s3:PutObject", "s3:PutBucketTagging", "s3:GetBucketTagging", "lambda:ListEventSourceMappings", "lambda:CreateEventSourceMapping", "iam:UpdateAssumeRolePolicy", "iam:DeleteRolePolicy", "sqs:CreateQueue", "sqs:DeleteQueue", "sqs:GetQueueAttributes", "sqs:SetQueueAttributes", "amplify:GetApp", "amplify:GetBranch", "amplify:UpdateApp", "amplify:UpdateBranch", "logs:DescribeLogGroups", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "malformed": false, "name": "AdministratorAccess-Amplify", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-04T20:35:31+00:00", "version": "v12" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSStepFunctionsReadOnlyAccess", "createdate": "2024-04-16T22:09:29Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "states:ListStateMachines", "states:ListActivities", "states:DescribeStateMachine", "states:DescribeStateMachineForExecution", "states:ListExecutions", "states:DescribeExecution", "states:GetExecutionHistory", "states:DescribeActivity", "states:ListTagsForResource", "states:DescribeMapRun", "states:ListMapRuns", "states:DescribeStateMachineAlias", "states:ListStateMachineAliases", "states:ListStateMachineVersions" ], "malformed": false, "name": "AWSStepFunctionsReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-16T22:09:29+00:00", "version": "v3" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSVpcLatticeServiceRolePolicy", "createdate": "2022-11-30T20:47:10Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:PutMetricData" ], "malformed": false, "name": "AWSVpcLatticeServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-30T20:47:10+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSApplicationMigrationAgentPolicy_v2", "createdate": "2022-06-06T14:14:38Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mgn:SendAgentMetricsForMgn", "mgn:SendAgentLogsForMgn", "mgn:UpdateAgentSourcePropertiesForMgn", "mgn:UpdateAgentReplicationInfoForMgn", "mgn:UpdateAgentConversionInfoForMgn", "mgn:GetAgentCommandForMgn", "mgn:GetAgentConfirmedResumeInfoForMgn", "mgn:GetAgentRuntimeConfigurationForMgn", "mgn:UpdateAgentBacklogForMgn", "mgn:GetAgentReplicationInfoForMgn", "mgn:IssueClientCertificateForMgn" ], "malformed": false, "name": "AWSApplicationMigrationAgentPolicy_v2", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-06-06T14:14:38+00:00", "version": "v1" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSApplicationMigrationServiceEc2InstancePolicy", "createdate": "2024-01-03T14:19:47Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mgn:SendClientLogsForMgn", "mgn:RegisterAgentForMgn", "mgn:GetAgentInstallationAssetsForMgn", "mgn:SendAgentMetricsForMgn", "mgn:SendAgentLogsForMgn", "mgn:UpdateAgentSourcePropertiesForMgn", "mgn:UpdateAgentReplicationInfoForMgn", "mgn:UpdateAgentConversionInfoForMgn", "mgn:GetAgentCommandForMgn", "mgn:GetAgentConfirmedResumeInfoForMgn", "mgn:GetAgentRuntimeConfigurationForMgn", "mgn:UpdateAgentBacklogForMgn", "mgn:GetAgentReplicationInfoForMgn", "mgn:TagResource" ], "malformed": false, "name": "AWSApplicationMigrationServiceEc2InstancePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-03T14:19:47+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonKinesisAnalyticsFullAccess", "createdate": "2016-09-21T19:01:14Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "kinesisanalytics:AddApplicationInput", "kinesisanalytics:AddApplicationOutput", "kinesisanalytics:AddApplicationReferenceDataSource", "kinesisanalytics:CreateApplication", "kinesisanalytics:DeleteApplication", "kinesisanalytics:DeleteApplicationOutput", "kinesisanalytics:DeleteApplicationReferenceDataSource", "kinesisanalytics:DescribeApplication", "kinesisanalytics:DiscoverInputSchema", "kinesisanalytics:GetApplicationState", "kinesisanalytics:ListApplications", "kinesisanalytics:ListTagsForResource", "kinesisanalytics:StartApplication", "kinesisanalytics:StopApplication", "kinesisanalytics:TagResource", "kinesisanalytics:UntagResource", "kinesisanalytics:UpdateApplication", "kinesisanalytics:AddApplicationCloudWatchLoggingOption", "kinesisanalytics:AddApplicationInputProcessingConfiguration", "kinesisanalytics:AddApplicationVpcConfiguration", "kinesisanalytics:CreateApplicationPresignedUrl", "kinesisanalytics:CreateApplicationSnapshot", "kinesisanalytics:DeleteApplicationCloudWatchLoggingOption", "kinesisanalytics:DeleteApplicationInputProcessingConfiguration", "kinesisanalytics:DeleteApplicationSnapshot", "kinesisanalytics:DeleteApplicationVpcConfiguration", "kinesisanalytics:DescribeApplicationSnapshot", "kinesisanalytics:DescribeApplicationVersion", "kinesisanalytics:ListApplicationSnapshots", "kinesisanalytics:ListApplicationVersions", "kinesisanalytics:RollbackApplication", "kinesisanalytics:UpdateApplicationMaintenanceConfiguration", "kinesis:CreateStream", "kinesis:DeleteStream", "kinesis:DescribeStream", "kinesis:ListStreams", "kinesis:PutRecord", "kinesis:PutRecords", "firehose:DescribeDeliveryStream", "firehose:ListDeliveryStreams", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "logs:GetLogEvents", "iam:ListPolicyVersions", "iam:ListRoles", "iam:PassRole" ], "malformed": false, "name": "AmazonKinesisAnalyticsFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2016-09-21T19:01:14+00:00", "version": "v1" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonTextractFullAccess", "createdate": "2018-11-28T19:07:42Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "textract:AnalyzeDocument", "textract:AnalyzeExpense", "textract:AnalyzeID", "textract:CreateAdapter", "textract:CreateAdapterVersion", "textract:DeleteAdapter", "textract:DeleteAdapterVersion", "textract:DetectDocumentText", "textract:GetAdapter", "textract:GetAdapterVersion", "textract:GetDocumentAnalysis", "textract:GetDocumentTextDetection", "textract:GetExpenseAnalysis", "textract:GetLendingAnalysis", "textract:GetLendingAnalysisSummary", "textract:ListAdapterVersions", "textract:ListAdapters", "textract:ListTagsForResource", "textract:StartDocumentAnalysis", "textract:StartDocumentTextDetection", "textract:StartExpenseAnalysis", "textract:StartLendingAnalysis", "textract:TagResource", "textract:UntagResource", "textract:UpdateAdapter" ], "malformed": false, "name": "AmazonTextractFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-11-28T19:07:42+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSIoTSiteWiseMonitorPortalAccess", "createdate": "2020-05-19T20:01:21Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iotsitewise:CreateProject", "iotsitewise:DescribeProject", "iotsitewise:UpdateProject", "iotsitewise:DeleteProject", "iotsitewise:ListProjects", "iotsitewise:BatchAssociateProjectAssets", "iotsitewise:BatchDisassociateProjectAssets", "iotsitewise:ListProjectAssets", "iotsitewise:CreateDashboard", "iotsitewise:DescribeDashboard", "iotsitewise:UpdateDashboard", "iotsitewise:DeleteDashboard", "iotsitewise:ListDashboards", "iotsitewise:CreateAccessPolicy", "iotsitewise:DescribeAccessPolicy", "iotsitewise:UpdateAccessPolicy", "iotsitewise:DeleteAccessPolicy", "iotsitewise:ListAccessPolicies", "iotsitewise:DescribeAsset", "iotsitewise:ListAssets", "iotsitewise:ListAssociatedAssets", "iotsitewise:DescribeAssetProperty", "iotsitewise:GetAssetPropertyValue", "iotsitewise:GetAssetPropertyValueHistory", "iotsitewise:GetAssetPropertyAggregates", "sso-directory:DescribeUsers" ], "malformed": false, "name": "AWSIoTSiteWiseMonitorPortalAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-05-19T20:01:21+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonInspector2FullAccess", "createdate": "2023-08-03T19:28:59Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "inspector2:AssociateMember", "inspector2:BatchGetAccountStatus", "inspector2:BatchGetCodeSnippet", "inspector2:BatchGetFindingDetails", "inspector2:BatchGetFreeTrialInfo", "inspector2:BatchGetMemberEc2DeepInspectionStatus", "inspector2:BatchUpdateMemberEc2DeepInspectionStatus", "inspector2:CancelFindingsReport", "inspector2:CancelSbomExport", "inspector2:CreateCisScanConfiguration", "inspector2:CreateFilter", "inspector2:CreateFindingsReport", "inspector2:CreateSbomExport", "inspector2:DeleteCisScanConfiguration", "inspector2:DeleteFilter", "inspector2:DescribeOrganizationConfiguration", "inspector2:Disable", "inspector2:DisableDelegatedAdminAccount", "inspector2:DisassociateMember", "inspector2:Enable", "inspector2:EnableDelegatedAdminAccount", "inspector2:GetCisScanReport", "inspector2:GetCisScanResultDetails", "inspector2:GetConfiguration", "inspector2:GetDelegatedAdminAccount", "inspector2:GetEc2DeepInspectionConfiguration", "inspector2:GetEncryptionKey", "inspector2:GetFindingsReportStatus", "inspector2:GetMember", "inspector2:GetSbomExport", "inspector2:ListAccountPermissions", "inspector2:ListCisScanConfigurations", "inspector2:ListCisScanResultsAggregatedByChecks", "inspector2:ListCisScanResultsAggregatedByTargetResource", "inspector2:ListCisScans", "inspector2:ListCoverage", "inspector2:ListCoverageStatistics", "inspector2:ListDelegatedAdminAccounts", "inspector2:ListFilters", "inspector2:ListFindingAggregations", "inspector2:ListFindings", "inspector2:ListMembers", "inspector2:ListTagsForResource", "inspector2:ListUsageTotals", "inspector2:ResetEncryptionKey", "inspector2:SearchVulnerabilities", "inspector2:SendCisSessionHealth", "inspector2:SendCisSessionTelemetry", "inspector2:StartCisSession", "inspector2:StopCisSession", "inspector2:TagResource", "inspector2:UntagResource", "inspector2:UpdateCisScanConfiguration", "inspector2:UpdateConfiguration", "inspector2:UpdateEc2DeepInspectionConfiguration", "inspector2:UpdateEncryptionKey", "inspector2:UpdateFilter", "inspector2:UpdateOrgEc2DeepInspectionConfiguration", "inspector2:UpdateOrganizationConfiguration", "codeguru-security:BatchGetFindings", "codeguru-security:GetAccountConfiguration", "iam:CreateServiceLinkedRole", "organizations:EnableAWSServiceAccess", "organizations:RegisterDelegatedAdministrator", "organizations:ListDelegatedAdministrators", "organizations:ListAWSServiceAccessForOrganization", "organizations:DescribeOrganizationalUnit", "organizations:DescribeAccount", "organizations:DescribeOrganization" ], "malformed": false, "name": "AmazonInspector2FullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-08-03T19:28:59+00:00", "version": "v3" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/EC2FleetTimeShiftableServiceRolePolicy", "createdate": "2019-12-23T19:47:15Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeImages", "ec2:DescribeSubnets", "ec2:DescribeInstances", "ec2:RunInstances", "ec2:CreateFleet", "iam:PassRole", "ec2:CreateTags", "ec2:TerminateInstances" ], "malformed": false, "name": "EC2FleetTimeShiftableServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-12-23T19:47:15+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceCatalogAppRegistryServiceRolePolicy", "createdate": "2022-10-26T16:05:52Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudformation:DescribeStacks", "resource-groups:CreateGroup", "resource-groups:Tag", "resource-groups:DeleteGroup", "resource-groups:UpdateGroup", "resource-groups:GetTags", "resource-groups:Tag", "resource-groups:Untag", "resource-groups:GetGroup", "resource-groups:GetGroupConfiguration" ], "malformed": false, "name": "AWSServiceCatalogAppRegistryServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-10-26T16:05:52+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonHealthLakeFullAccess", "createdate": "2021-02-17T01:07:05Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "healthlake:CreateFHIRDatastore", "healthlake:CreateResource", "healthlake:DeleteFHIRDatastore", "healthlake:DeleteResource", "healthlake:DescribeFHIRDatastore", "healthlake:DescribeFHIRExportJob", "healthlake:DescribeFHIRImportJob", "healthlake:GetCapabilities", "healthlake:ListFHIRDatastores", "healthlake:ListFHIRExportJobs", "healthlake:ListFHIRImportJobs", "healthlake:ListTagsForResource", "healthlake:ReadResource", "healthlake:SearchWithGet", "healthlake:SearchWithPost", "healthlake:StartFHIRExportJob", "healthlake:StartFHIRImportJob", "healthlake:TagResource", "healthlake:UntagResource", "healthlake:UpdateResource", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:GetBucketLocation", "iam:ListRoles", "iam:PassRole" ], "malformed": false, "name": "AmazonHealthLakeFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-02-17T01:07:05+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSIoTAnalyticsReadOnlyAccess", "createdate": "2018-06-18T21:37:49Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iotanalytics:DescribeChannel", "iotanalytics:DescribeDataset", "iotanalytics:DescribeDatastore", "iotanalytics:DescribeLoggingOptions", "iotanalytics:DescribePipeline", "iotanalytics:ListChannels", "iotanalytics:ListDatasetContents", "iotanalytics:ListDatasets", "iotanalytics:ListDatastores", "iotanalytics:ListPipelines", "iotanalytics:ListTagsForResource", "iotanalytics:GetDatasetContent", "iotanalytics:SampleChannelData" ], "malformed": false, "name": "AWSIoTAnalyticsReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-06-18T21:37:49+00:00", "version": "v1" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonPrometheusQueryAccess", "createdate": "2020-12-19T01:02:58Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "aps:GetLabels", "aps:GetMetricMetadata", "aps:GetSeries", "aps:QueryMetrics" ], "malformed": false, "name": "AmazonPrometheusQueryAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-19T01:02:58+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSDataSyncFullAccess", "createdate": "2024-02-16T17:19:28Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "datasync:AddStorageSystem", "datasync:CancelTaskExecution", "datasync:CreateAgent", "datasync:CreateLocationAzureBlob", "datasync:CreateLocationEfs", "datasync:CreateLocationFsxLustre", "datasync:CreateLocationFsxOntap", "datasync:CreateLocationFsxOpenZfs", "datasync:CreateLocationFsxWindows", "datasync:CreateLocationHdfs", "datasync:CreateLocationNfs", "datasync:CreateLocationObjectStorage", "datasync:CreateLocationS3", "datasync:CreateLocationSmb", "datasync:CreateTask", "datasync:DeleteAgent", "datasync:DeleteLocation", "datasync:DeleteTask", "datasync:DescribeAgent", "datasync:DescribeDiscoveryJob", "datasync:DescribeLocationAzureBlob", "datasync:DescribeLocationEfs", "datasync:DescribeLocationFsxLustre", "datasync:DescribeLocationFsxOntap", "datasync:DescribeLocationFsxOpenZfs", "datasync:DescribeLocationFsxWindows", "datasync:DescribeLocationHdfs", "datasync:DescribeLocationNfs", "datasync:DescribeLocationObjectStorage", "datasync:DescribeLocationS3", "datasync:DescribeLocationSmb", "datasync:DescribeStorageSystem", "datasync:DescribeStorageSystemResourceMetrics", "datasync:DescribeStorageSystemResources", "datasync:DescribeTask", "datasync:DescribeTaskExecution", "datasync:GenerateRecommendations", "datasync:ListAgents", "datasync:ListDiscoveryJobs", "datasync:ListLocations", "datasync:ListStorageSystems", "datasync:ListTagsForResource", "datasync:ListTaskExecutions", "datasync:ListTasks", "datasync:RemoveStorageSystem", "datasync:StartDiscoveryJob", "datasync:StartTaskExecution", "datasync:StopDiscoveryJob", "datasync:TagResource", "datasync:UntagResource", "datasync:UpdateAgent", "datasync:UpdateDiscoveryJob", "datasync:UpdateLocationAzureBlob", "datasync:UpdateLocationHdfs", "datasync:UpdateLocationNfs", "datasync:UpdateLocationObjectStorage", "datasync:UpdateLocationSmb", "datasync:UpdateStorageSystem", "datasync:UpdateTask", "datasync:UpdateTaskExecution", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterface", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcEndpoints", "ec2:ModifyNetworkInterfaceAttribute", "fsx:DescribeFileSystems", "fsx:DescribeStorageVirtualMachines", "elasticfilesystem:DescribeAccessPoints", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeMountTargets", "iam:GetRole", "iam:ListRoles", "logs:CreateLogGroup", "logs:DescribeLogGroups", "logs:DescribeResourcePolicies", "outposts:ListOutposts", "s3:GetBucketLocation", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketVersions", "s3-outposts:ListAccessPoints", "s3-outposts:ListRegionalBuckets", "iam:PassRole" ], "malformed": false, "name": "AWSDataSyncFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-16T17:19:28+00:00", "version": "v5" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForCloudWatchMetrics_DbPerfInsightsServiceRolePolicy", "createdate": "2023-09-07T09:32:32Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "pi:GetResourceMetrics" ], "malformed": false, "name": "AWSServiceRoleForCloudWatchMetrics_DbPerfInsightsServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-09-07T09:32:32+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonGrafanaCloudWatchAccess", "createdate": "2023-03-24T22:41:53Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:ListMetrics", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricData", "cloudwatch:GetInsightRuleReport", "logs:DescribeLogGroups", "logs:GetLogGroupFields", "logs:StartQuery", "logs:StopQuery", "logs:GetQueryResults", "logs:GetLogEvents", "ec2:DescribeTags", "ec2:DescribeInstances", "ec2:DescribeRegions", "tag:GetResources", "oam:ListSinks", "oam:ListAttachedLinks" ], "malformed": false, "name": "AmazonGrafanaCloudWatchAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-24T22:41:53+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": null, "createdate": "2023-07-13T18:01:12Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [ "kms:DescribeKey", "kms:ListAliases", "glue:GetConnections", "glue:GetDatabase", "redshift:DescribeClusters", "ec2:DescribeSubnets", "secretsmanager:ListSecrets", "iam:ListRoles", "sso:DescribeRegisteredRegions", "glue:CreateConnection", "secretsmanager:CreateSecret", "iam:GetPolicy", "iam:PassRole" ], "malformed": false, "name": "AmazonDataZonePreviewConsoleFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": true, "updatedate": null, "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/ROSAIngressOperatorPolicy", "createdate": "2023-04-20T22:37:08Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elasticloadbalancing:DescribeLoadBalancers", "route53:ListHostedZones", "tag:GetResources", "route53:ChangeResourceRecordSets" ], "malformed": false, "name": "ROSAIngressOperatorPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-20T22:37:08+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSApplicationMigrationSSMAccess", "createdate": "2023-03-20T10:57:51Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ssm:GetCommandInvocation", "ssm:DescribeInstanceInformation", "ssm:SendCommand", "ssm:DescribeDocument", "ssm:StartAutomationExecution", "ssm:SendCommand", "ssm:ListDocuments", "ssm:ListDocumentVersions", "ssm:GetDocument" ], "malformed": false, "name": "AWSApplicationMigrationSSMAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-20T10:57:51+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonElasticFileSystemReadOnlyAccess", "createdate": "2022-01-10T18:53:37Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:GetMetricData", "ec2:DescribeAvailabilityZones", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcs", "elasticfilesystem:DescribeAccountPreferences", "elasticfilesystem:DescribeBackupPolicy", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeFileSystemPolicy", "elasticfilesystem:DescribeLifecycleConfiguration", "elasticfilesystem:DescribeMountTargets", "elasticfilesystem:DescribeMountTargetSecurityGroups", "elasticfilesystem:DescribeTags", "elasticfilesystem:DescribeAccessPoints", "elasticfilesystem:DescribeReplicationConfigurations", "elasticfilesystem:ListTagsForResource", "kms:ListAliases" ], "malformed": false, "name": "AmazonElasticFileSystemReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-01-10T18:53:37+00:00", "version": "v7" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSLambdaRole", "createdate": "2015-02-06T18:41:28Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "lambda:InvokeFunction" ], "malformed": false, "name": "AWSLambdaRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:41:28+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonKinesisVideoStreamsReadOnlyAccess", "createdate": "2017-12-01T23:14:32Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "kinesisvideo:DescribeEdgeConfiguration", "kinesisvideo:DescribeImageGenerationConfiguration", "kinesisvideo:DescribeMappedResourceConfiguration", "kinesisvideo:DescribeMediaStorageConfiguration", "kinesisvideo:DescribeNotificationConfiguration", "kinesisvideo:DescribeSignalingChannel", "kinesisvideo:DescribeStream", "kinesisvideo:GetClip", "kinesisvideo:GetDASHStreamingSessionURL", "kinesisvideo:GetDataEndpoint", "kinesisvideo:GetHLSStreamingSessionURL", "kinesisvideo:GetIceServerConfig", "kinesisvideo:GetImages", "kinesisvideo:GetMedia", "kinesisvideo:GetMediaForFragmentList", "kinesisvideo:GetSignalingChannelEndpoint", "kinesisvideo:ListEdgeAgentConfigurations", "kinesisvideo:ListFragments", "kinesisvideo:ListSignalingChannels", "kinesisvideo:ListStreams", "kinesisvideo:ListTagsForResource", "kinesisvideo:ListTagsForStream" ], "malformed": false, "name": "AmazonKinesisVideoStreamsReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-12-01T23:14:32+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsFirehoseServiceRolePolicy", "createdate": "2022-02-22T09:54:35Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "firehose:PutRecord", "firehose:PutRecordBatch" ], "malformed": false, "name": "AmazonSageMakerServiceCatalogProductsFirehoseServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-02-22T09:54:35+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonSageMakerNotebooksServiceRolePolicy", "createdate": "2023-03-09T18:20:35Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elasticfilesystem:CreateAccessPoint", "elasticfilesystem:DeleteAccessPoint", "elasticfilesystem:CreateFileSystem", "elasticfilesystem:CreateMountTarget", "elasticfilesystem:DeleteFileSystem", "elasticfilesystem:DeleteMountTarget", "elasticfilesystem:DescribeAccessPoints", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeMountTargets", "elasticfilesystem:TagResource", "ec2:CreateTags", "ec2:CreateNetworkInterface", "ec2:CreateSecurityGroup", "ec2:DeleteNetworkInterface", "ec2:DescribeDhcpOptions", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:ModifyNetworkInterfaceAttribute", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterfacePermission", "ec2:DeleteSecurityGroup", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "sso:CreateManagedApplicationInstance", "sso:DeleteManagedApplicationInstance", "sso:GetManagedApplicationInstance", "sagemaker:CreateUserProfile", "sagemaker:DescribeUserProfile" ], "malformed": false, "name": "AmazonSageMakerNotebooksServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-09T18:20:35+00:00", "version": "v7" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonKendraReadOnlyAccess", "createdate": "2021-05-27T17:01:20Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "kendra:DescribeAccessControlConfiguration", "kendra:DescribeDataSource", "kendra:DescribeExperience", "kendra:DescribeFaq", "kendra:DescribeFeaturedResultsSet", "kendra:DescribeIndex", "kendra:DescribePrincipalMapping", "kendra:DescribeQuerySuggestionsBlockList", "kendra:DescribeQuerySuggestionsConfig", "kendra:DescribeThesaurus", "kendra:ListAccessControlConfigurations", "kendra:ListDataSourceSyncJobs", "kendra:ListDataSources", "kendra:ListEntityPersonas", "kendra:ListExperienceEntities", "kendra:ListExperiences", "kendra:ListFaqs", "kendra:ListFeaturedResultsSets", "kendra:ListGroupsOlderThanOrderingId", "kendra:ListIndices", "kendra:ListQuerySuggestionsBlockLists", "kendra:ListTagsForResource", "kendra:ListThesauri", "kendra:Query", "kendra:GetQuerySuggestions" ], "malformed": false, "name": "AmazonKendraReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-05-27T17:01:20+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSTrustedAdvisorServiceRolePolicy", "createdate": "2024-01-18T16:25:15Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeLaunchConfigurations", "ce:GetReservationPurchaseRecommendation", "ce:GetSavingsPlansPurchaseRecommendation", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeStacks", "cloudformation:ListStacks", "cloudfront:ListDistributions", "cloudtrail:DescribeTrails", "cloudtrail:GetTrailStatus", "cloudtrail:GetTrail", "cloudtrail:ListTrails", "cloudtrail:GetEventSelectors", "cloudwatch:GetMetricStatistics", "dynamodb:DescribeLimits", "dynamodb:DescribeTable", "dynamodb:ListTables", "ec2:DescribeAddresses", "ec2:DescribeReservedInstances", "ec2:DescribeInstances", "ec2:DescribeVpcs", "ec2:DescribeInternetGateways", "ec2:DescribeImages", "ec2:DescribeVolumes", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeRegions", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeSnapshots", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:DescribeLaunchTemplateVersions", "ecs:DescribeTaskDefinition", "ecs:ListTaskDefinitions", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTargetGroups", "iam:GenerateCredentialReport", "iam:GetAccountPasswordPolicy", "iam:GetAccountSummary", "iam:GetCredentialReport", "iam:GetServerCertificate", "iam:ListServerCertificates", "kinesis:DescribeLimits", "kafka:ListClustersV2", "kafka:ListNodes", "outposts:ListAssets", "outposts:GetOutpost", "outposts:ListOutposts", "rds:DescribeAccountAttributes", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstances", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBSecurityGroups", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeEngineDefaultParameters", "rds:DescribeEvents", "rds:DescribeOptionGroupOptions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribeReservedDBInstances", "rds:DescribeReservedDBInstancesOfferings", "rds:ListTagsForResource", "redshift:DescribeClusters", "redshift:DescribeReservedNodeOfferings", "redshift:DescribeReservedNodes", "route53:GetAccountLimit", "route53:GetHealthCheck", "route53:GetHostedZone", "route53:ListHealthChecks", "route53:ListHostedZones", "route53:ListHostedZonesByName", "route53:ListResourceRecordSets", "route53resolver:ListResolverEndpoints", "route53resolver:ListResolverEndpointIpAddresses", "s3:GetAccountPublicAccessBlock", "s3:GetBucketAcl", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketVersioning", "s3:GetBucketPublicAccessBlock", "s3:GetLifecycleConfiguration", "s3:ListBucket", "s3:ListAllMyBuckets", "ses:GetSendQuota", "sqs:ListQueues" ], "malformed": false, "name": "AWSTrustedAdvisorServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-18T16:25:15+00:00", "version": "v12" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/ServerMigrationServiceLaunchRole", "createdate": "2020-10-15T17:29:00Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:ModifyInstanceAttribute", "ec2:StopInstances", "ec2:StartInstances", "ec2:TerminateInstances", "ec2:CreateTags", "ec2:DisassociateIamInstanceProfile", "ec2:AssociateIamInstanceProfile", "ec2:ReplaceIamInstanceProfileAssociation", "iam:PassRole", "ec2:RunInstances", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "applicationinsights:DescribeApplication", "applicationinsights:DescribeComponent", "applicationinsights:DescribeComponentConfiguration", "applicationinsights:DescribeComponentConfigurationRecommendation", "applicationinsights:DescribeLogPattern", "applicationinsights:DescribeObservation", "applicationinsights:DescribeProblem", "applicationinsights:DescribeProblemObservations", "applicationinsights:DescribeWorkload", "applicationinsights:ListApplications", "applicationinsights:ListComponents", "applicationinsights:ListConfigurationHistory", "applicationinsights:ListLogPatternSets", "applicationinsights:ListLogPatterns", "applicationinsights:ListProblems", "applicationinsights:ListTagsForResource", "applicationinsights:ListWorkloads", "cloudformation:ListStackResources", "cloudformation:DescribeStacks", "applicationinsights:CreateApplication", "applicationinsights:CreateComponent", "applicationinsights:UpdateApplication", "applicationinsights:DeleteApplication", "applicationinsights:UpdateComponentConfiguration", "applicationinsights:DeleteComponent", "resource-groups:CreateGroup", "resource-groups:GetGroup", "resource-groups:UpdateGroup", "resource-groups:DeleteGroup", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "ServerMigrationServiceLaunchRole", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-10-15T17:29:00+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForAmazonEKSNodegroup", "createdate": "2024-01-04T20:37:13Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:RevokeSecurityGroupIngress", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:DescribeInstances", "ec2:RevokeSecurityGroupEgress", "ec2:DeleteSecurityGroup", "ec2:RevokeSecurityGroupIngress", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:DescribeInstances", "ec2:RevokeSecurityGroupEgress", "ec2:DeleteSecurityGroup", "ec2:DeleteLaunchTemplate", "ec2:CreateLaunchTemplateVersion", "autoscaling:UpdateAutoScalingGroup", "autoscaling:DeleteAutoScalingGroup", "autoscaling:TerminateInstanceInAutoScalingGroup", "autoscaling:CompleteLifecycleAction", "autoscaling:PutLifecycleHook", "autoscaling:PutNotificationConfiguration", "autoscaling:EnableMetricsCollection", "iam:CreateServiceLinkedRole", "autoscaling:CreateOrUpdateTags", "autoscaling:CreateAutoScalingGroup", "iam:PassRole", "iam:PassRole", "iam:GetRole", "ec2:CreateLaunchTemplate", "ec2:DescribeInstances", "iam:GetInstanceProfile", "ec2:DescribeLaunchTemplates", "autoscaling:DescribeAutoScalingGroups", "ec2:CreateSecurityGroup", "ec2:DescribeLaunchTemplateVersions", "ec2:RunInstances", "ec2:DescribeSecurityGroups", "ec2:GetConsoleOutput", "ec2:DescribeRouteTables", "ec2:DescribeSubnets", "iam:CreateInstanceProfile", "iam:DeleteInstanceProfile", "iam:RemoveRoleFromInstanceProfile", "iam:AddRoleToInstanceProfile", "ec2:CreateTags", "ec2:DeleteTags" ], "malformed": false, "name": "AWSServiceRoleForAmazonEKSNodegroup", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-04T20:37:13+00:00", "version": "v7" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/DynamoDBReplicationServiceRolePolicy", "createdate": "2024-01-08T20:10:36Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "dynamodb:GetItem", "dynamodb:PutItem", "dynamodb:UpdateItem", "dynamodb:DeleteItem", "dynamodb:DescribeTable", "dynamodb:UpdateTable", "dynamodb:Scan", "dynamodb:DescribeStream", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:DescribeTimeToLive", "dynamodb:UpdateTimeToLive", "dynamodb:DescribeLimits", "dynamodb:GetResourcePolicy", "application-autoscaling:RegisterScalableTarget", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:PutScalingPolicy", "application-autoscaling:DescribeScalingPolicies", "account:ListRegions", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "DynamoDBReplicationServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-08T20:10:36+00:00", "version": "v8" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonRedshiftQueryEditorV2ReadSharing", "createdate": "2024-02-21T17:27:40Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "redshift:DescribeClusters", "redshift-serverless:ListNamespaces", "redshift-serverless:ListWorkgroups", "secretsmanager:CreateSecret", "secretsmanager:GetSecretValue", "secretsmanager:DeleteSecret", "secretsmanager:TagResource", "tag:GetResources", "sqlworkbench:CreateFolder", "sqlworkbench:PutTab", "sqlworkbench:BatchDeleteFolder", "sqlworkbench:DeleteTab", "sqlworkbench:GenerateSession", "sqlworkbench:GetAccountInfo", "sqlworkbench:GetAccountSettings", "sqlworkbench:GetUserInfo", "sqlworkbench:GetUserWorkspaceSettings", "sqlworkbench:PutUserWorkspaceSettings", "sqlworkbench:ListConnections", "sqlworkbench:ListFiles", "sqlworkbench:ListTabs", "sqlworkbench:UpdateFolder", "sqlworkbench:ListRedshiftClusters", "sqlworkbench:DriverExecute", "sqlworkbench:ListTaggedResources", "sqlworkbench:ListQueryExecutionHistory", "sqlworkbench:GetQueryExecutionHistory", "sqlworkbench:ListNotebooks", "sqlworkbench:GetSchemaInference", "sqlworkbench:GetAutocompletionMetadata", "sqlworkbench:GetAutocompletionResource", "sqlworkbench:CreateConnection", "sqlworkbench:CreateSavedQuery", "sqlworkbench:CreateChart", "sqlworkbench:CreateNotebook", "sqlworkbench:DuplicateNotebook", "sqlworkbench:CreateNotebookFromVersion", "sqlworkbench:ImportNotebook", "sqlworkbench:DeleteChart", "sqlworkbench:DeleteConnection", "sqlworkbench:DeleteSavedQuery", "sqlworkbench:GetChart", "sqlworkbench:GetConnection", "sqlworkbench:GetSavedQuery", "sqlworkbench:ListSavedQueryVersions", "sqlworkbench:UpdateChart", "sqlworkbench:UpdateConnection", "sqlworkbench:UpdateSavedQuery", "sqlworkbench:AssociateConnectionWithTab", "sqlworkbench:AssociateQueryWithTab", "sqlworkbench:AssociateConnectionWithChart", "sqlworkbench:AssociateNotebookWithTab", "sqlworkbench:UpdateFileFolder", "sqlworkbench:ListTagsForResource", "sqlworkbench:GetNotebook", "sqlworkbench:UpdateNotebook", "sqlworkbench:DeleteNotebook", "sqlworkbench:DuplicateNotebook", "sqlworkbench:CreateNotebookCell", "sqlworkbench:DeleteNotebookCell", "sqlworkbench:UpdateNotebookCellContent", "sqlworkbench:UpdateNotebookCellLayout", "sqlworkbench:BatchGetNotebookCell", "sqlworkbench:ListNotebookVersions", "sqlworkbench:CreateNotebookVersion", "sqlworkbench:GetNotebookVersion", "sqlworkbench:DeleteNotebookVersion", "sqlworkbench:RestoreNotebookVersion", "sqlworkbench:CreateNotebookFromVersion", "sqlworkbench:ExportNotebook", "sqlworkbench:ImportNotebook", "sqlworkbench:TagResource", "sqlworkbench:GetChart", "sqlworkbench:GetConnection", "sqlworkbench:GetSavedQuery", "sqlworkbench:ListSavedQueryVersions", "sqlworkbench:ListTagsForResource", "sqlworkbench:AssociateQueryWithTab", "sqlworkbench:AssociateNotebookWithTab", "sqlworkbench:GetNotebook", "sqlworkbench:DuplicateNotebook", "sqlworkbench:BatchGetNotebookCell", "sqlworkbench:ListNotebookVersions", "sqlworkbench:GetNotebookVersion", "sqlworkbench:CreateNotebookFromVersion", "sqlworkbench:ExportNotebook", "sqlworkbench:TagResource", "sqlworkbench:UntagResource" ], "malformed": false, "name": "AmazonRedshiftQueryEditorV2ReadSharing", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-21T17:27:40+00:00", "version": "v9" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSApplicationMigrationReadOnlyAccess", "createdate": "2023-03-20T08:58:08Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mgn:DescribeJobLogItems", "mgn:DescribeJobs", "mgn:DescribeSourceServers", "mgn:DescribeReplicationConfigurationTemplates", "mgn:GetLaunchConfiguration", "mgn:DescribeVcenterClients", "mgn:GetReplicationConfiguration", "mgn:DescribeLaunchConfigurationTemplates", "mgn:ListSourceServerActions", "mgn:ListTemplateActions", "mgn:ListApplications", "mgn:ListWaves", "mgn:ListExports", "mgn:ListImports", "mgn:ListImportErrors", "mgn:ListExportErrors", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "servicequotas:GetServiceQuota" ], "malformed": false, "name": "AWSApplicationMigrationReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-20T08:58:08+00:00", "version": "v5" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSKeyManagementServiceMultiRegionKeysServiceRolePolicy", "createdate": "2021-06-16T15:37:37Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "kms:SynchronizeMultiRegionKey" ], "malformed": false, "name": "AWSKeyManagementServiceMultiRegionKeysServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-06-16T15:37:37+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryPowerUser", "createdate": "2019-12-10T20:48:08Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "ecr:GetAuthorizationToken", "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:GetRepositoryPolicy", "ecr:DescribeRepositories", "ecr:ListImages", "ecr:DescribeImages", "ecr:BatchGetImage", "ecr:GetLifecyclePolicy", "ecr:GetLifecyclePolicyPreview", "ecr:ListTagsForResource", "ecr:DescribeImageScanFindings", "ecr:InitiateLayerUpload", "ecr:UploadLayerPart", "ecr:CompleteLayerUpload", "ecr:PutImage" ], "malformed": false, "name": "AmazonEC2ContainerRegistryPowerUser", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-12-10T20:48:08+00:00", "version": "v3" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy", "createdate": "2019-11-22T04:34:29Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "ecr:GetAuthorizationToken", "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage" ], "malformed": false, "name": "AmazonEKSFargatePodExecutionRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-11-22T04:34:29+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/EC2InstanceConnect", "createdate": "2019-06-27T18:53:34Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeInstances", "ec2-instance-connect:SendSSHPublicKey" ], "malformed": false, "name": "EC2InstanceConnect", "privesc": true, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-27T18:53:34+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonEventBridgeReadOnlyAccess", "createdate": "2022-12-01T17:02:48Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "events:DescribeRule", "events:DescribeEventBus", "events:DescribeEventSource", "events:ListEventBuses", "events:ListEventSources", "events:ListRuleNamesByTarget", "events:ListRules", "events:ListTargetsByRule", "events:TestEventPattern", "events:DescribeArchive", "events:ListArchives", "events:DescribeReplay", "events:ListReplays", "events:DescribeConnection", "events:ListConnections", "events:DescribeApiDestination", "events:ListApiDestinations", "events:DescribeEndpoint", "events:ListEndpoints", "schemas:DescribeCodeBinding", "schemas:DescribeDiscoverer", "schemas:DescribeRegistry", "schemas:DescribeSchema", "schemas:ExportSchema", "schemas:GetCodeBindingSource", "schemas:GetDiscoveredSchema", "schemas:GetResourcePolicy", "schemas:ListDiscoverers", "schemas:ListRegistries", "schemas:ListSchemas", "schemas:ListSchemaVersions", "schemas:ListTagsForResource", "schemas:SearchSchemas", "scheduler:GetSchedule", "scheduler:GetScheduleGroup", "scheduler:ListSchedules", "scheduler:ListScheduleGroups", "scheduler:ListTagsForResource", "pipes:DescribePipe", "pipes:ListPipes", "pipes:ListTagsForResource" ], "malformed": false, "name": "AmazonEventBridgeReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-12-01T17:02:48+00:00", "version": "v6" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonBedrockFullAccess", "createdate": "2023-12-06T15:47:17Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "bedrock:ApplyGuardrail", "bedrock:AssociateAgentKnowledgeBase", "bedrock:AssociateThirdPartyKnowledgeBase", "bedrock:CreateAgent", "bedrock:CreateAgentActionGroup", "bedrock:CreateAgentAlias", "bedrock:CreateDataSource", "bedrock:CreateEvaluationJob", "bedrock:CreateFoundationModelAgreement", "bedrock:CreateGuardrail", "bedrock:CreateGuardrailVersion", "bedrock:CreateKnowledgeBase", "bedrock:CreateModelCustomizationJob", "bedrock:CreateModelEvaluationJob", "bedrock:CreateModelInvocationJob", "bedrock:CreateProvisionedModelThroughput", "bedrock:DeleteAgent", "bedrock:DeleteAgentActionGroup", "bedrock:DeleteAgentAlias", "bedrock:DeleteAgentVersion", "bedrock:DeleteCustomModel", "bedrock:DeleteDataSource", "bedrock:DeleteFoundationModelAgreement", "bedrock:DeleteGuardrail", "bedrock:DeleteKnowledgeBase", "bedrock:DeleteModelInvocationLoggingConfiguration", "bedrock:DeleteProvisionedModelThroughput", "bedrock:DetectGeneratedContent", "bedrock:DisassociateAgentKnowledgeBase", "bedrock:GetAgent", "bedrock:GetAgentActionGroup", "bedrock:GetAgentAlias", "bedrock:GetAgentKnowledgeBase", "bedrock:GetAgentVersion", "bedrock:GetCustomModel", "bedrock:GetDataSource", "bedrock:GetEvaluationJob", "bedrock:GetFoundationModel", "bedrock:GetFoundationModelAvailability", "bedrock:GetGuardrail", "bedrock:GetIngestionJob", "bedrock:GetKnowledgeBase", "bedrock:GetModelCustomizationJob", "bedrock:GetModelEvaluationJob", "bedrock:GetModelInvocationJob", "bedrock:GetModelInvocationLoggingConfiguration", "bedrock:GetProvisionedModelThroughput", "bedrock:GetUseCaseForModelAccess", "bedrock:InvokeAgent", "bedrock:InvokeModel", "bedrock:InvokeModelWithResponseStream", "bedrock:ListAgentActionGroups", "bedrock:ListAgentAliases", "bedrock:ListAgentKnowledgeBases", "bedrock:ListAgentVersions", "bedrock:ListAgents", "bedrock:ListCustomModels", "bedrock:ListDataSources", "bedrock:ListEvaluationJobs", "bedrock:ListFoundationModelAgreementOffers", "bedrock:ListFoundationModels", "bedrock:ListGuardrails", "bedrock:ListIngestionJobs", "bedrock:ListKnowledgeBases", "bedrock:ListModelCustomizationJobs", "bedrock:ListModelEvaluationJobs", "bedrock:ListModelInvocationJobs", "bedrock:ListProvisionedModelThroughputs", "bedrock:ListTagsForResource", "bedrock:PrepareAgent", "bedrock:PutFoundationModelEntitlement", "bedrock:PutModelInvocationLoggingConfiguration", "bedrock:PutUseCaseForModelAccess", "bedrock:Retrieve", "bedrock:RetrieveAndGenerate", "bedrock:StartIngestionJob", "bedrock:StopEvaluationJob", "bedrock:StopModelCustomizationJob", "bedrock:StopModelInvocationJob", "bedrock:TagResource", "bedrock:UntagResource", "bedrock:UpdateAgent", "bedrock:UpdateAgentActionGroup", "bedrock:UpdateAgentAlias", "bedrock:UpdateAgentKnowledgeBase", "bedrock:UpdateDataSource", "bedrock:UpdateGuardrail", "bedrock:UpdateKnowledgeBase", "bedrock:UpdateProvisionedModelThroughput", "kms:DescribeKey", "iam:ListRoles", "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "iam:PassRole" ], "malformed": false, "name": "AmazonBedrockFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-06T15:47:17+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonManagedBlockchainReadOnlyAccess", "createdate": "2019-04-30T18:17:31Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "managedblockchain:GET", "managedblockchain:GetAccessor", "managedblockchain:GetMember", "managedblockchain:GetNetwork", "managedblockchain:GetNode", "managedblockchain:GetProposal", "managedblockchain:ListAccessors", "managedblockchain:ListInvitations", "managedblockchain:ListMembers", "managedblockchain:ListNetworks", "managedblockchain:ListNodes", "managedblockchain:ListProposalVotes", "managedblockchain:ListProposals", "managedblockchain:ListTagsForResource" ], "malformed": false, "name": "AmazonManagedBlockchainReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-04-30T18:17:31+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSConfigRemediationServiceRolePolicy", "createdate": "2019-06-18T21:21:35Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ssm:GetDocument", "ssm:DescribeDocument", "ssm:StartAutomationExecution", "iam:PassRole" ], "malformed": false, "name": "AWSConfigRemediationServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-18T21:21:35+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSCloudHSMReadOnlyAccess", "createdate": "2015-02-06T18:39:52Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudhsm:GetConfig", "cloudhsm:ListAvailableZones", "cloudhsm:ListHapgs", "cloudhsm:ListHsms", "cloudhsm:ListLunaClients", "cloudhsm:ListTags", "cloudhsm:ListTagsForResource", "cloudhsm:DescribeBackups", "cloudhsm:DescribeClusters", "cloudhsm:DescribeHapg", "cloudhsm:DescribeHsm", "cloudhsm:DescribeLunaClient" ], "malformed": false, "name": "AWSCloudHSMReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:39:52+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": null, "createdate": "2019-09-27T18:41:21Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "cloudtrail:DescribeTrails", "cloudtrail:GetEventSelectors", "cloudtrail:GetTrailStatus", "cloudtrail:ListTags", "cloudtrail:LookupEvents", "iam:ListAccountAliases", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:ListBucket", "s3:ListAllMyBuckets", "cloudtrail:CreateTrail", "cloudtrail:StartLogging", "cloudtrail:StopLogging", "cloudtrail:UpdateTrail", "cloudtrail:DeleteTrail", "cloudtrail:PutEventSelectors", "s3:CreateBucket", "s3:DeleteBucket", "s3:DeleteBucketPolicy", "s3:DeleteBucketWebsite", "s3:DeleteObject", "s3:DeleteObjectTagging", "s3:DeleteObjectVersion", "s3:DeleteObjectVersionTagging", "s3:PutBucketPolicy" ], "malformed": false, "name": "AmazonMacieSetupRole", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSBackupServiceRolePolicyForS3Restore", "createdate": "2023-02-07T00:06:00Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:CreateBucket", "s3:ListBucketVersions", "s3:ListBucket", "s3:GetBucketVersioning", "s3:GetBucketLocation", "s3:PutBucketVersioning", "s3:PutBucketOwnershipControls", "s3:GetBucketOwnershipControls", "s3:GetObject", "s3:GetObjectVersion", "s3:DeleteObject", "s3:PutObjectVersionAcl", "s3:GetObjectVersionAcl", "s3:GetObjectTagging", "s3:PutObjectTagging", "s3:GetObjectAcl", "s3:PutObjectAcl", "s3:ListMultipartUploadParts", "s3:PutObject", "kms:DescribeKey", "kms:GenerateDataKey", "kms:Decrypt" ], "malformed": false, "name": "AWSBackupServiceRolePolicyForS3Restore", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-02-07T00:06:00+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/CloudWatchSyntheticsReadOnlyAccess", "createdate": "2020-03-06T19:26:01Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "synthetics:DescribeCanaries", "synthetics:DescribeCanariesLastRun", "synthetics:DescribeRuntimeVersions", "synthetics:GetCanary", "synthetics:GetCanaryRuns", "synthetics:GetGroup", "synthetics:ListAssociatedGroups", "synthetics:ListGroupResources", "synthetics:ListGroups", "synthetics:ListTagsForResource" ], "malformed": false, "name": "CloudWatchSyntheticsReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-03-06T19:26:01+00:00", "version": "v2" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/AWSCloud9SSMInstanceProfile", "createdate": "2020-05-14T11:40:49Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ssmmessages:CreateControlChannel", "ssmmessages:CreateDataChannel", "ssmmessages:OpenControlChannel", "ssmmessages:OpenDataChannel", "ssm:UpdateInstanceInformation" ], "malformed": false, "name": "AWSCloud9SSMInstanceProfile", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-05-14T11:40:49+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSProtonReadOnlyAccess", "createdate": "2022-11-18T18:28:24Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "codepipeline:ListPipelineExecutions", "codepipeline:ListPipelines", "codepipeline:GetPipeline", "codepipeline:GetPipelineState", "codepipeline:GetPipelineExecution", "proton:GetAccountRoles", "proton:GetAccountSettings", "proton:GetEnvironment", "proton:GetEnvironmentAccountConnection", "proton:GetEnvironmentTemplate", "proton:GetEnvironmentTemplateMajorVersion", "proton:GetEnvironmentTemplateMinorVersion", "proton:GetEnvironmentTemplateVersion", "proton:GetRepository", "proton:GetRepositorySyncStatus", "proton:GetResourcesSummary", "proton:GetService", "proton:GetServiceInstance", "proton:GetServiceTemplate", "proton:GetServiceTemplateMajorVersion", "proton:GetServiceTemplateMinorVersion", "proton:GetServiceTemplateVersion", "proton:GetTemplateSyncConfig", "proton:GetTemplateSyncStatus", "proton:ListEnvironmentAccountConnections", "proton:ListEnvironmentOutputs", "proton:ListEnvironmentProvisionedResources", "proton:ListEnvironments", "proton:ListEnvironmentTemplateMajorVersions", "proton:ListEnvironmentTemplateMinorVersions", "proton:ListEnvironmentTemplates", "proton:ListEnvironmentTemplateVersions", "proton:ListRepositories", "proton:ListRepositorySyncDefinitions", "proton:ListServiceInstanceOutputs", "proton:ListServiceInstanceProvisionedResources", "proton:ListServiceInstances", "proton:ListServicePipelineOutputs", "proton:ListServicePipelineProvisionedResources", "proton:ListServices", "proton:ListServiceTemplateMajorVersions", "proton:ListServiceTemplateMinorVersions", "proton:ListServiceTemplates", "proton:ListServiceTemplateVersions", "proton:ListTagsForResource" ], "malformed": false, "name": "AWSProtonReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-18T18:28:24+00:00", "version": "v3" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/IAMSelfManageServiceSpecificCredentials", "createdate": "2016-12-22T17:25:18Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:CreateServiceSpecificCredential", "iam:ListServiceSpecificCredentials", "iam:UpdateServiceSpecificCredential", "iam:DeleteServiceSpecificCredential", "iam:ResetServiceSpecificCredential" ], "malformed": false, "name": "IAMSelfManageServiceSpecificCredentials", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2016-12-22T17:25:18+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryFailbackPolicy", "createdate": "2023-11-27T12:56:46Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "drs:SendClientMetricsForDrs", "drs:SendClientLogsForDrs", "drs:GetChannelCommandsForDrs", "drs:SendChannelCommandResultForDrs", "drs:DescribeReplicationServerAssociationsForDrs", "drs:DescribeRecoveryInstances", "drs:GetFailbackCommandForDrs", "drs:UpdateFailbackClientLastSeenForDrs", "drs:NotifyAgentAuthenticationForDrs", "drs:UpdateAgentReplicationProcessStateForDrs", "drs:NotifyAgentReplicationProgressForDrs", "drs:NotifyAgentConnectedForDrs", "drs:NotifyAgentDisconnectedForDrs", "drs:NotifyConsistencyAttainedForDrs", "drs:GetFailbackLaunchRequestedForDrs", "drs:IssueAgentCertificateForDrs" ], "malformed": false, "name": "AWSElasticDisasterRecoveryFailbackPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-27T12:56:46+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSPrivateCAAuditor", "createdate": "2023-02-14T18:33:44Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "acm-pca:CreateCertificateAuthorityAuditReport", "acm-pca:DescribeCertificateAuthority", "acm-pca:DescribeCertificateAuthorityAuditReport", "acm-pca:GetCertificateAuthorityCsr", "acm-pca:GetCertificateAuthorityCertificate", "acm-pca:GetCertificate", "acm-pca:GetPolicy", "acm-pca:ListPermissions", "acm-pca:ListTags", "acm-pca:ListCertificateAuthorities" ], "malformed": false, "name": "AWSPrivateCAAuditor", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-02-14T18:33:44+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/IAMUserChangePassword", "createdate": "2016-11-15T23:18:55Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:ChangePassword", "iam:GetAccountPasswordPolicy" ], "malformed": false, "name": "IAMUserChangePassword", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2016-11-15T23:18:55+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonRedshiftQueryEditorV2ReadWriteSharing", "createdate": "2024-02-21T17:30:28Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "redshift:DescribeClusters", "redshift-serverless:ListNamespaces", "redshift-serverless:ListWorkgroups", "secretsmanager:CreateSecret", "secretsmanager:GetSecretValue", "secretsmanager:DeleteSecret", "secretsmanager:TagResource", "tag:GetResources", "sqlworkbench:CreateFolder", "sqlworkbench:PutTab", "sqlworkbench:BatchDeleteFolder", "sqlworkbench:DeleteTab", "sqlworkbench:GenerateSession", "sqlworkbench:GetAccountInfo", "sqlworkbench:GetAccountSettings", "sqlworkbench:GetUserInfo", "sqlworkbench:GetUserWorkspaceSettings", "sqlworkbench:PutUserWorkspaceSettings", "sqlworkbench:ListConnections", "sqlworkbench:ListFiles", "sqlworkbench:ListTabs", "sqlworkbench:UpdateFolder", "sqlworkbench:ListRedshiftClusters", "sqlworkbench:DriverExecute", "sqlworkbench:ListTaggedResources", "sqlworkbench:ListQueryExecutionHistory", "sqlworkbench:GetQueryExecutionHistory", "sqlworkbench:ListNotebooks", "sqlworkbench:GetSchemaInference", "sqlworkbench:GetAutocompletionMetadata", "sqlworkbench:GetAutocompletionResource", "sqlworkbench:CreateConnection", "sqlworkbench:CreateSavedQuery", "sqlworkbench:CreateChart", "sqlworkbench:CreateNotebook", "sqlworkbench:DuplicateNotebook", "sqlworkbench:CreateNotebookFromVersion", "sqlworkbench:ImportNotebook", "sqlworkbench:DeleteChart", "sqlworkbench:DeleteConnection", "sqlworkbench:DeleteSavedQuery", "sqlworkbench:GetChart", "sqlworkbench:GetConnection", "sqlworkbench:GetSavedQuery", "sqlworkbench:ListSavedQueryVersions", "sqlworkbench:UpdateChart", "sqlworkbench:UpdateConnection", "sqlworkbench:UpdateSavedQuery", "sqlworkbench:AssociateConnectionWithTab", "sqlworkbench:AssociateQueryWithTab", "sqlworkbench:AssociateConnectionWithChart", "sqlworkbench:AssociateNotebookWithTab", "sqlworkbench:UpdateFileFolder", "sqlworkbench:ListTagsForResource", "sqlworkbench:GetNotebook", "sqlworkbench:UpdateNotebook", "sqlworkbench:DeleteNotebook", "sqlworkbench:DuplicateNotebook", "sqlworkbench:CreateNotebookCell", "sqlworkbench:DeleteNotebookCell", "sqlworkbench:UpdateNotebookCellContent", "sqlworkbench:UpdateNotebookCellLayout", "sqlworkbench:BatchGetNotebookCell", "sqlworkbench:ListNotebookVersions", "sqlworkbench:CreateNotebookVersion", "sqlworkbench:GetNotebookVersion", "sqlworkbench:DeleteNotebookVersion", "sqlworkbench:RestoreNotebookVersion", "sqlworkbench:CreateNotebookFromVersion", "sqlworkbench:ExportNotebook", "sqlworkbench:ImportNotebook", "sqlworkbench:TagResource", "sqlworkbench:GetChart", "sqlworkbench:GetConnection", "sqlworkbench:GetSavedQuery", "sqlworkbench:ListSavedQueryVersions", "sqlworkbench:ListTagsForResource", "sqlworkbench:UpdateChart", "sqlworkbench:UpdateConnection", "sqlworkbench:UpdateSavedQuery", "sqlworkbench:AssociateConnectionWithTab", "sqlworkbench:AssociateQueryWithTab", "sqlworkbench:AssociateConnectionWithChart", "sqlworkbench:AssociateNotebookWithTab", "sqlworkbench:GetNotebook", "sqlworkbench:DuplicateNotebook", "sqlworkbench:BatchGetNotebookCell", "sqlworkbench:ListNotebookVersions", "sqlworkbench:GetNotebookVersion", "sqlworkbench:CreateNotebookFromVersion", "sqlworkbench:ExportNotebook", "sqlworkbench:TagResource", "sqlworkbench:UntagResource" ], "malformed": false, "name": "AmazonRedshiftQueryEditorV2ReadWriteSharing", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-21T17:30:28+00:00", "version": "v9" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSMigrationHubRefactorSpacesFullAccess", "createdate": "2024-04-11T17:45:46Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "refactor-spaces:CreateApplication", "refactor-spaces:CreateEnvironment", "refactor-spaces:CreateRoute", "refactor-spaces:CreateService", "refactor-spaces:DeleteApplication", "refactor-spaces:DeleteEnvironment", "refactor-spaces:DeleteResourcePolicy", "refactor-spaces:DeleteRoute", "refactor-spaces:DeleteService", "refactor-spaces:GetApplication", "refactor-spaces:GetEnvironment", "refactor-spaces:GetResourcePolicy", "refactor-spaces:GetRoute", "refactor-spaces:GetService", "refactor-spaces:ListApplications", "refactor-spaces:ListEnvironmentVpcs", "refactor-spaces:ListEnvironments", "refactor-spaces:ListRoutes", "refactor-spaces:ListServices", "refactor-spaces:ListTagsForResource", "refactor-spaces:PutResourcePolicy", "refactor-spaces:TagResource", "refactor-spaces:UntagResource", "refactor-spaces:UpdateRoute", "ec2:DescribeNetworkInterfaces", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcs", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTags", "ec2:DescribeAccountAttributes", "ec2:DescribeInternetGateways", "ec2:CreateTransitGateway", "ec2:CreateSecurityGroup", "ec2:CreateTransitGatewayVpcAttachment", "ec2:CreateTransitGateway", "ec2:CreateSecurityGroup", "ec2:CreateTransitGatewayVpcAttachment", "ec2:CreateVpcEndpointServiceConfiguration", "ec2:DeleteTransitGateway", "ec2:AuthorizeSecurityGroupIngress", "ec2:RevokeSecurityGroupIngress", "ec2:DeleteSecurityGroup", "ec2:DeleteTransitGatewayVpcAttachment", "ec2:CreateRoute", "ec2:DeleteRoute", "ec2:DeleteTags", "ec2:DeleteVpcEndpointServiceConfigurations", "elasticloadbalancing:AddTags", "elasticloadbalancing:CreateLoadBalancer", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:CreateLoadBalancerListeners", "elasticloadbalancing:CreateListener", "elasticloadbalancing:DeleteListener", "elasticloadbalancing:DeleteTargetGroup", "elasticloadbalancing:DeleteLoadBalancer", "elasticloadbalancing:AddTags", "elasticloadbalancing:CreateListener", "elasticloadbalancing:DeleteListener", "elasticloadbalancing:DeleteTargetGroup", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:AddTags", "elasticloadbalancing:CreateTargetGroup", "apigateway:GET", "apigateway:DELETE", "apigateway:PATCH", "apigateway:POST", "apigateway:PUT", "apigateway:UpdateRestApiPolicy", "apigateway:GET", "organizations:DescribeOrganization", "cloudformation:CreateStack", "cloudformation:TagResource", "iam:CreateServiceLinkedRole", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSMigrationHubRefactorSpacesFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-11T17:45:46+00:00", "version": "v6" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/TranslateReadOnly", "createdate": "2023-05-24T17:19:30Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "translate:TranslateText", "translate:TranslateDocument", "translate:GetTerminology", "translate:ListTerminologies", "translate:ListTextTranslationJobs", "translate:DescribeTextTranslationJob", "translate:GetParallelData", "translate:ListParallelData", "comprehend:DetectDominantLanguage", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics" ], "malformed": false, "name": "TranslateReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-05-24T17:19:30+00:00", "version": "v7" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSWAFConsoleReadOnlyAccess", "createdate": "2023-06-05T20:56:51Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "apigateway:GET", "cloudfront:ListDistributions", "cloudfront:ListDistributionsByWebACLId", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "ec2:DescribeRegions", "elasticloadbalancing:DescribeLoadBalancers", "appsync:ListGraphqlApis", "waf-regional:GetByteMatchSet", "waf-regional:GetChangeToken", "waf-regional:GetChangeTokenStatus", "waf-regional:GetGeoMatchSet", "waf-regional:GetIPSet", "waf-regional:GetLoggingConfiguration", "waf-regional:GetPermissionPolicy", "waf-regional:GetRateBasedRule", "waf-regional:GetRateBasedRuleManagedKeys", "waf-regional:GetRegexMatchSet", "waf-regional:GetRegexPatternSet", "waf-regional:GetRule", "waf-regional:GetRuleGroup", "waf-regional:GetSampledRequests", "waf-regional:GetSizeConstraintSet", "waf-regional:GetSqlInjectionMatchSet", "waf-regional:GetWebACL", "waf-regional:GetWebACLForResource", "waf-regional:GetXssMatchSet", "waf-regional:ListActivatedRulesInRuleGroup", "waf-regional:ListByteMatchSets", "waf-regional:ListGeoMatchSets", "waf-regional:ListIPSets", "waf-regional:ListLoggingConfigurations", "waf-regional:ListRateBasedRules", "waf-regional:ListRegexMatchSets", "waf-regional:ListRegexPatternSets", "waf-regional:ListResourcesForWebACL", "waf-regional:ListRuleGroups", "waf-regional:ListRules", "waf-regional:ListSizeConstraintSets", "waf-regional:ListSqlInjectionMatchSets", "waf-regional:ListSubscribedRuleGroups", "waf-regional:ListTagsForResource", "waf-regional:ListWebACLs", "waf-regional:ListXssMatchSets", "waf:GetByteMatchSet", "waf:GetChangeToken", "waf:GetChangeTokenStatus", "waf:GetGeoMatchSet", "waf:GetIPSet", "waf:GetLoggingConfiguration", "waf:GetPermissionPolicy", "waf:GetRateBasedRule", "waf:GetRateBasedRuleManagedKeys", "waf:GetRegexMatchSet", "waf:GetRegexPatternSet", "waf:GetRule", "waf:GetRuleGroup", "waf:GetSampledRequests", "waf:GetSizeConstraintSet", "waf:GetSqlInjectionMatchSet", "waf:GetWebACL", "waf:GetXssMatchSet", "waf:ListActivatedRulesInRuleGroup", "waf:ListByteMatchSets", "waf:ListGeoMatchSets", "waf:ListIPSets", "waf:ListLoggingConfigurations", "waf:ListRateBasedRules", "waf:ListRegexMatchSets", "waf:ListRegexPatternSets", "waf:ListRuleGroups", "waf:ListRules", "waf:ListSizeConstraintSets", "waf:ListSqlInjectionMatchSets", "waf:ListSubscribedRuleGroups", "waf:ListTagsForResource", "waf:ListWebACLs", "waf:ListXssMatchSets", "wafv2:DescribeAllManagedProducts", "wafv2:DescribeManagedProductsByVendor", "wafv2:DescribeManagedRuleGroup", "wafv2:GetDecryptedAPIKey", "wafv2:GetIPSet", "wafv2:GetLoggingConfiguration", "wafv2:GetManagedRuleSet", "wafv2:GetMobileSdkRelease", "wafv2:GetPermissionPolicy", "wafv2:GetRateBasedStatementManagedKeys", "wafv2:GetRegexPatternSet", "wafv2:GetRuleGroup", "wafv2:GetSampledRequests", "wafv2:GetWebACL", "wafv2:GetWebACLForResource", "wafv2:ListAPIKeys", "wafv2:ListAvailableManagedRuleGroupVersions", "wafv2:ListAvailableManagedRuleGroups", "wafv2:ListIPSets", "wafv2:ListLoggingConfigurations", "wafv2:ListManagedRuleSets", "wafv2:ListMobileSdkReleases", "wafv2:ListRegexPatternSets", "wafv2:ListResourcesForWebACL", "wafv2:ListRuleGroups", "wafv2:ListTagsForResource", "wafv2:ListWebACLs", "wafv2:CheckCapacity", "cognito-idp:ListUserPools", "cognito-idp:ListResourcesForWebACL", "cognito-idp:GetWebACLForResource", "apprunner:DescribeWebAclForService", "apprunner:ListServices", "apprunner:ListAssociatedServicesForWebAcl", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:GetVerifiedAccessInstanceWebAcl", "ec2:DescribeVerifiedAccessInstances" ], "malformed": false, "name": "AWSWAFConsoleReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-06-05T20:56:51+00:00", "version": "v7" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderEnableIoTLoggingMitigationAction", "createdate": "2019-08-07T17:04:07Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iot:SetV2LoggingOptions", "iam:PassRole" ], "malformed": false, "name": "AWSIoTDeviceDefenderEnableIoTLoggingMitigationAction", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-08-07T17:04:07+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSWAFFullAccess", "createdate": "2023-06-05T20:55:25Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "waf:CreateByteMatchSet", "waf:CreateGeoMatchSet", "waf:CreateIPSet", "waf:CreateRateBasedRule", "waf:CreateRegexMatchSet", "waf:CreateRegexPatternSet", "waf:CreateRule", "waf:CreateRuleGroup", "waf:CreateSizeConstraintSet", "waf:CreateSqlInjectionMatchSet", "waf:CreateWebACL", "waf:CreateWebACLMigrationStack", "waf:CreateXssMatchSet", "waf:DeleteByteMatchSet", "waf:DeleteGeoMatchSet", "waf:DeleteIPSet", "waf:DeleteLoggingConfiguration", "waf:DeletePermissionPolicy", "waf:DeleteRateBasedRule", "waf:DeleteRegexMatchSet", "waf:DeleteRegexPatternSet", "waf:DeleteRule", "waf:DeleteRuleGroup", "waf:DeleteSizeConstraintSet", "waf:DeleteSqlInjectionMatchSet", "waf:DeleteWebACL", "waf:DeleteXssMatchSet", "waf:GetByteMatchSet", "waf:GetChangeToken", "waf:GetChangeTokenStatus", "waf:GetGeoMatchSet", "waf:GetIPSet", "waf:GetLoggingConfiguration", "waf:GetPermissionPolicy", "waf:GetRateBasedRule", "waf:GetRateBasedRuleManagedKeys", "waf:GetRegexMatchSet", "waf:GetRegexPatternSet", "waf:GetRule", "waf:GetRuleGroup", "waf:GetSampledRequests", "waf:GetSizeConstraintSet", "waf:GetSqlInjectionMatchSet", "waf:GetWebACL", "waf:GetXssMatchSet", "waf:ListActivatedRulesInRuleGroup", "waf:ListByteMatchSets", "waf:ListGeoMatchSets", "waf:ListIPSets", "waf:ListLoggingConfigurations", "waf:ListRateBasedRules", "waf:ListRegexMatchSets", "waf:ListRegexPatternSets", "waf:ListRuleGroups", "waf:ListRules", "waf:ListSizeConstraintSets", "waf:ListSqlInjectionMatchSets", "waf:ListSubscribedRuleGroups", "waf:ListTagsForResource", "waf:ListWebACLs", "waf:ListXssMatchSets", "waf:PutLoggingConfiguration", "waf:PutPermissionPolicy", "waf:TagResource", "waf:UntagResource", "waf:UpdateByteMatchSet", "waf:UpdateGeoMatchSet", "waf:UpdateIPSet", "waf:UpdateRateBasedRule", "waf:UpdateRegexMatchSet", "waf:UpdateRegexPatternSet", "waf:UpdateRule", "waf:UpdateRuleGroup", "waf:UpdateSizeConstraintSet", "waf:UpdateSqlInjectionMatchSet", "waf:UpdateWebACL", "waf:UpdateXssMatchSet", "waf-regional:AssociateWebACL", "waf-regional:CreateByteMatchSet", "waf-regional:CreateGeoMatchSet", "waf-regional:CreateIPSet", "waf-regional:CreateRateBasedRule", "waf-regional:CreateRegexMatchSet", "waf-regional:CreateRegexPatternSet", "waf-regional:CreateRule", "waf-regional:CreateRuleGroup", "waf-regional:CreateSizeConstraintSet", "waf-regional:CreateSqlInjectionMatchSet", "waf-regional:CreateWebACL", "waf-regional:CreateWebACLMigrationStack", "waf-regional:CreateXssMatchSet", "waf-regional:DeleteByteMatchSet", "waf-regional:DeleteGeoMatchSet", "waf-regional:DeleteIPSet", "waf-regional:DeleteLoggingConfiguration", "waf-regional:DeletePermissionPolicy", "waf-regional:DeleteRateBasedRule", "waf-regional:DeleteRegexMatchSet", "waf-regional:DeleteRegexPatternSet", "waf-regional:DeleteRule", "waf-regional:DeleteRuleGroup", "waf-regional:DeleteSizeConstraintSet", "waf-regional:DeleteSqlInjectionMatchSet", "waf-regional:DeleteWebACL", "waf-regional:DeleteXssMatchSet", "waf-regional:DisassociateWebACL", "waf-regional:GetByteMatchSet", "waf-regional:GetChangeToken", "waf-regional:GetChangeTokenStatus", "waf-regional:GetGeoMatchSet", "waf-regional:GetIPSet", "waf-regional:GetLoggingConfiguration", "waf-regional:GetPermissionPolicy", "waf-regional:GetRateBasedRule", "waf-regional:GetRateBasedRuleManagedKeys", "waf-regional:GetRegexMatchSet", "waf-regional:GetRegexPatternSet", "waf-regional:GetRule", "waf-regional:GetRuleGroup", "waf-regional:GetSampledRequests", "waf-regional:GetSizeConstraintSet", "waf-regional:GetSqlInjectionMatchSet", "waf-regional:GetWebACL", "waf-regional:GetWebACLForResource", "waf-regional:GetXssMatchSet", "waf-regional:ListActivatedRulesInRuleGroup", "waf-regional:ListByteMatchSets", "waf-regional:ListGeoMatchSets", "waf-regional:ListIPSets", "waf-regional:ListLoggingConfigurations", "waf-regional:ListRateBasedRules", "waf-regional:ListRegexMatchSets", "waf-regional:ListRegexPatternSets", "waf-regional:ListResourcesForWebACL", "waf-regional:ListRuleGroups", "waf-regional:ListRules", "waf-regional:ListSizeConstraintSets", "waf-regional:ListSqlInjectionMatchSets", "waf-regional:ListSubscribedRuleGroups", "waf-regional:ListTagsForResource", "waf-regional:ListWebACLs", "waf-regional:ListXssMatchSets", "waf-regional:PutLoggingConfiguration", "waf-regional:PutPermissionPolicy", "waf-regional:TagResource", "waf-regional:UntagResource", "waf-regional:UpdateByteMatchSet", "waf-regional:UpdateGeoMatchSet", "waf-regional:UpdateIPSet", "waf-regional:UpdateRateBasedRule", "waf-regional:UpdateRegexMatchSet", "waf-regional:UpdateRegexPatternSet", "waf-regional:UpdateRule", "waf-regional:UpdateRuleGroup", "waf-regional:UpdateSizeConstraintSet", "waf-regional:UpdateSqlInjectionMatchSet", "waf-regional:UpdateWebACL", "waf-regional:UpdateXssMatchSet", "wafv2:AssociateWebACL", "wafv2:CheckCapacity", "wafv2:CreateAPIKey", "wafv2:CreateIPSet", "wafv2:CreateRegexPatternSet", "wafv2:CreateRuleGroup", "wafv2:CreateWebACL", "wafv2:DeleteAPIKey", "wafv2:DeleteFirewallManagerRuleGroups", "wafv2:DeleteIPSet", "wafv2:DeleteLoggingConfiguration", "wafv2:DeletePermissionPolicy", "wafv2:DeleteRegexPatternSet", "wafv2:DeleteRuleGroup", "wafv2:DeleteWebACL", "wafv2:DescribeAllManagedProducts", "wafv2:DescribeManagedProductsByVendor", "wafv2:DescribeManagedRuleGroup", "wafv2:DisassociateFirewallManager", "wafv2:DisassociateWebACL", "wafv2:GenerateMobileSdkReleaseUrl", "wafv2:GetDecryptedAPIKey", "wafv2:GetIPSet", "wafv2:GetLoggingConfiguration", "wafv2:GetManagedRuleSet", "wafv2:GetMobileSdkRelease", "wafv2:GetPermissionPolicy", "wafv2:GetRateBasedStatementManagedKeys", "wafv2:GetRegexPatternSet", "wafv2:GetRuleGroup", "wafv2:GetSampledRequests", "wafv2:GetWebACL", "wafv2:GetWebACLForResource", "wafv2:ListAPIKeys", "wafv2:ListAvailableManagedRuleGroupVersions", "wafv2:ListAvailableManagedRuleGroups", "wafv2:ListIPSets", "wafv2:ListLoggingConfigurations", "wafv2:ListManagedRuleSets", "wafv2:ListMobileSdkReleases", "wafv2:ListRegexPatternSets", "wafv2:ListResourcesForWebACL", "wafv2:ListRuleGroups", "wafv2:ListTagsForResource", "wafv2:ListWebACLs", "wafv2:PutFirewallManagerRuleGroups", "wafv2:PutLoggingConfiguration", "wafv2:PutManagedRuleSetVersions", "wafv2:PutPermissionPolicy", "wafv2:TagResource", "wafv2:UntagResource", "wafv2:UpdateIPSet", "wafv2:UpdateManagedRuleSetVersionExpiryDate", "wafv2:UpdateRegexPatternSet", "wafv2:UpdateRuleGroup", "wafv2:UpdateWebACL", "elasticloadbalancing:SetWebAcl", "apigateway:SetWebACL", "appsync:SetWebACL", "logs:DescribeResourcePolicies", "logs:DescribeLogGroups", "cognito-idp:AssociateWebACL", "cognito-idp:DisassociateWebACL", "cognito-idp:ListResourcesForWebACL", "cognito-idp:GetWebACLForResource", "apprunner:AssociateWebAcl", "apprunner:DisassociateWebAcl", "apprunner:DescribeWebAclForService", "apprunner:ListServices", "apprunner:ListAssociatedServicesForWebAcl", "ec2:AssociateVerifiedAccessInstanceWebAcl", "ec2:DisassociateVerifiedAccessInstanceWebAcl", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:GetVerifiedAccessInstanceWebAcl", "logs:CreateLogDelivery", "logs:DeleteLogDelivery", "s3:PutBucketPolicy", "s3:GetBucketPolicy", "logs:PutResourcePolicy" ], "malformed": false, "name": "AWSWAFFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-06-05T20:55:25+00:00", "version": "v11" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonFSxServiceRolePolicy", "createdate": "2024-01-10T20:53:47Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ds:AuthorizeApplication", "ds:GetAuthorizedApplicationDetails", "ds:UnauthorizeApplication", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterface", "ec2:DescribeAddresses", "ec2:DescribeDhcpOptions", "ec2:DescribeNetworkInterfaces", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DisassociateAddress", "ec2:GetSecurityGroupsForVpc", "route53:AssociateVPCWithHostedZone", "cloudwatch:PutMetricData", "ec2:CreateTags", "ec2:AssignPrivateIpAddresses", "ec2:ModifyNetworkInterfaceAttribute", "ec2:UnassignPrivateIpAddresses", "ec2:CreateRoute", "ec2:ReplaceRoute", "ec2:DeleteRoute", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:PutLogEvents", "firehose:DescribeDeliveryStream", "firehose:PutRecord", "firehose:PutRecordBatch" ], "malformed": false, "name": "AmazonFSxServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-10T20:53:47+00:00", "version": "v7" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonOpenSearchDashboardsServiceRolePolicy", "createdate": "2023-12-22T19:38:16Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:PutMetricData" ], "malformed": false, "name": "AmazonOpenSearchDashboardsServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-22T19:38:16+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSGroundStationAgentInstancePolicy", "createdate": "2023-03-29T15:23:12Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "groundstation:RegisterAgent", "groundstation:UpdateAgentStatus", "groundstation:GetAgentConfiguration" ], "malformed": false, "name": "AWSGroundStationAgentInstancePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-29T15:23:12+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonDevOpsGuruConsoleFullAccess", "createdate": "2022-08-25T18:18:53Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "devops-guru:AddNotificationChannel", "devops-guru:DeleteInsight", "devops-guru:DescribeAccountHealth", "devops-guru:DescribeAccountOverview", "devops-guru:DescribeAnomaly", "devops-guru:DescribeEventSourcesConfig", "devops-guru:DescribeFeedback", "devops-guru:DescribeInsight", "devops-guru:DescribeOrganizationHealth", "devops-guru:DescribeOrganizationOverview", "devops-guru:DescribeOrganizationResourceCollectionHealth", "devops-guru:DescribeResourceCollectionHealth", "devops-guru:DescribeServiceIntegration", "devops-guru:GetCostEstimation", "devops-guru:GetResourceCollection", "devops-guru:ListAnomaliesForInsight", "devops-guru:ListAnomalousLogGroups", "devops-guru:ListEvents", "devops-guru:ListInsights", "devops-guru:ListMonitoredResources", "devops-guru:ListNotificationChannels", "devops-guru:ListOrganizationInsights", "devops-guru:ListRecommendations", "devops-guru:PutFeedback", "devops-guru:RemoveNotificationChannel", "devops-guru:SearchInsights", "devops-guru:SearchOrganizationInsights", "devops-guru:StartCostEstimation", "devops-guru:UpdateEventSourcesConfig", "devops-guru:UpdateResourceCollection", "devops-guru:UpdateServiceIntegration", "cloudformation:DescribeStacks", "cloudformation:ListStacks", "cloudwatch:GetMetricData", "sns:ListTopics", "sns:CreateTopic", "sns:GetTopicAttributes", "sns:SetTopicAttributes", "sns:Publish", "iam:CreateServiceLinkedRole", "iam:DeleteServiceLinkedRole", "iam:GetServiceLinkedRoleDeletionStatus", "rds:DescribeDBInstances", "pi:GetResourceMetrics", "pi:DescribeDimensionKeys", "logs:FilterLogEvents" ], "malformed": false, "name": "AmazonDevOpsGuruConsoleFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-08-25T18:18:53+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryConsoleFullAccess", "createdate": "2023-10-16T12:24:20Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "drs:AssociateFailbackClientToRecoveryInstanceForDrs", "drs:AssociateSourceNetworkStack", "drs:BatchCreateVolumeSnapshotGroupForDrs", "drs:BatchDeleteSnapshotRequestForDrs", "drs:CreateConvertedSnapshotForDrs", "drs:CreateExtendedSourceServer", "drs:CreateLaunchConfigurationTemplate", "drs:CreateRecoveryInstanceForDrs", "drs:CreateReplicationConfigurationTemplate", "drs:CreateSourceNetwork", "drs:CreateSourceServerForDrs", "drs:DeleteJob", "drs:DeleteLaunchAction", "drs:DeleteLaunchConfigurationTemplate", "drs:DeleteRecoveryInstance", "drs:DeleteReplicationConfigurationTemplate", "drs:DeleteSourceNetwork", "drs:DeleteSourceServer", "drs:DescribeJobLogItems", "drs:DescribeJobs", "drs:DescribeLaunchConfigurationTemplates", "drs:DescribeRecoveryInstances", "drs:DescribeRecoverySnapshots", "drs:DescribeReplicationConfigurationTemplates", "drs:DescribeReplicationServerAssociationsForDrs", "drs:DescribeSnapshotRequestsForDrs", "drs:DescribeSourceNetworks", "drs:DescribeSourceServers", "drs:DisconnectRecoveryInstance", "drs:DisconnectSourceServer", "drs:ExportSourceNetworkCfnTemplate", "drs:GetAgentCommandForDrs", "drs:GetAgentConfirmedResumeInfoForDrs", "drs:GetAgentInstallationAssetsForDrs", "drs:GetAgentReplicationInfoForDrs", "drs:GetAgentRuntimeConfigurationForDrs", "drs:GetAgentSnapshotCreditsForDrs", "drs:GetChannelCommandsForDrs", "drs:GetFailbackCommandForDrs", "drs:GetFailbackLaunchRequestedForDrs", "drs:GetFailbackReplicationConfiguration", "drs:GetLaunchConfiguration", "drs:GetReplicationConfiguration", "drs:GetSuggestedFailbackClientDeviceMappingForDrs", "drs:InitializeService", "drs:IssueAgentCertificateForDrs", "drs:ListExtensibleSourceServers", "drs:ListLaunchActions", "drs:ListStagingAccounts", "drs:ListTagsForResource", "drs:NotifyAgentAuthenticationForDrs", "drs:NotifyAgentConnectedForDrs", "drs:NotifyAgentDisconnectedForDrs", "drs:NotifyAgentReplicationProgressForDrs", "drs:NotifyConsistencyAttainedForDrs", "drs:NotifyReplicationServerAuthenticationForDrs", "drs:NotifyVolumeEventForDrs", "drs:PutLaunchAction", "drs:RetryDataReplication", "drs:ReverseReplication", "drs:SendAgentLogsForDrs", "drs:SendAgentMetricsForDrs", "drs:SendChannelCommandResultForDrs", "drs:SendClientLogsForDrs", "drs:SendClientMetricsForDrs", "drs:SendVolumeStatsForDrs", "drs:StartFailbackLaunch", "drs:StartRecovery", "drs:StartReplication", "drs:StartSourceNetworkRecovery", "drs:StartSourceNetworkReplication", "drs:StopFailback", "drs:StopReplication", "drs:StopSourceNetworkReplication", "drs:TagResource", "drs:TerminateRecoveryInstances", "drs:UntagResource", "drs:UpdateAgentBacklogForDrs", "drs:UpdateAgentConversionInfoForDrs", "drs:UpdateAgentReplicationInfoForDrs", "drs:UpdateAgentReplicationProcessStateForDrs", "drs:UpdateAgentSourcePropertiesForDrs", "drs:UpdateFailbackClientDeviceMappingForDrs", "drs:UpdateFailbackClientLastSeenForDrs", "drs:UpdateFailbackReplicationConfiguration", "drs:UpdateLaunchConfiguration", "drs:UpdateLaunchConfigurationTemplate", "drs:UpdateReplicationCertificateForDrs", "drs:UpdateReplicationConfiguration", "drs:UpdateReplicationConfigurationTemplate", "kms:ListAliases", "kms:DescribeKey", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", "ec2:DescribeImages", "ec2:DescribeInstances", "ec2:DescribeInstanceTypes", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshots", "ec2:DescribeSubnets", "ec2:DescribeVolumes", "ec2:GetEbsEncryptionByDefault", "ec2:GetEbsDefaultKmsKeyId", "ec2:DescribeKeyPairs", "ec2:DescribeCapacityReservations", "ec2:DescribeHosts", "license-manager:ListLicenseConfigurations", "resource-groups:ListGroups", "elasticloadbalancing:DescribeLoadBalancers", "iam:ListInstanceProfiles", "iam:ListRoles", "iam:PassRole", "ec2:DeleteSnapshot", "ec2:CreateLaunchTemplateVersion", "ec2:ModifyLaunchTemplate", "ec2:DeleteLaunchTemplateVersions", "ec2:CreateTags", "ec2:DeleteTags", "ec2:CreateLaunchTemplate", "ec2:DeleteVolume", "ec2:StartInstances", "ec2:StopInstances", "ec2:TerminateInstances", "ec2:ModifyInstanceAttribute", "ec2:GetConsoleOutput", "ec2:GetConsoleScreenshot", "ec2:RevokeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:AuthorizeSecurityGroupEgress", "ec2:CreateVolume", "ec2:CreateSecurityGroup", "ec2:CreateSecurityGroup", "ec2:CreateSnapshot", "ec2:CreateSnapshot", "ec2:DetachVolume", "ec2:AttachVolume", "ec2:DetachVolume", "ec2:AttachVolume", "ec2:StartInstances", "ec2:GetConsoleOutput", "ec2:GetConsoleScreenshot", "ec2:AttachVolume", "ec2:DetachVolume", "ec2:RunInstances", "ec2:RunInstances", "ec2:CreateTags", "ec2:CreateTags", "cloudformation:DescribeStacks", "cloudformation:ListStacks", "s3:GetBucketLocation", "s3:ListAllMyBuckets" ], "malformed": false, "name": "AWSElasticDisasterRecoveryConsoleFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-10-16T12:24:20+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSHealthFullAccess", "createdate": "2020-11-16T18:11:34Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:EnableAWSServiceAccess", "organizations:DisableAWSServiceAccess", "health:DescribeAffectedAccountsForOrganization", "health:DescribeAffectedEntities", "health:DescribeAffectedEntitiesForOrganization", "health:DescribeEntityAggregates", "health:DescribeEntityAggregatesForOrganization", "health:DescribeEventAggregates", "health:DescribeEventDetails", "health:DescribeEventDetailsForOrganization", "health:DescribeEventTypes", "health:DescribeEvents", "health:DescribeEventsForOrganization", "health:DescribeHealthServiceStatusForOrganization", "health:DisableHealthServiceAccessForOrganization", "health:EnableHealthServiceAccessForOrganization", "organizations:ListAccounts", "organizations:ListParents", "organizations:DescribeAccount", "organizations:ListDelegatedAdministrators", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSHealthFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-11-16T18:11:34+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Unknown" ], "arn": "arn:aws:iam::aws:policy/AmazonConnect_FullAccess", "createdate": "2023-03-07T14:49:25Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "connect:ActivateEvaluationForm", "connect:AssociateAnalyticsDataSet", "connect:AssociateApprovedOrigin", "connect:AssociateBot", "connect:AssociateCustomerProfilesDomain", "connect:AssociateDefaultVocabulary", "connect:AssociateFlow", "connect:AssociateInstanceStorageConfig", "connect:AssociateLambdaFunction", "connect:AssociateLexBot", "connect:AssociatePhoneNumberContactFlow", "connect:AssociateQueueQuickConnects", "connect:AssociateRoutingProfileQueues", "connect:AssociateSecurityKey", "connect:AssociateTrafficDistributionGroupUser", "connect:AssociateUserProficiencies", "connect:BatchAssociateAnalyticsDataSet", "connect:BatchDisassociateAnalyticsDataSet", "connect:BatchGetFlowAssociation", "connect:BatchPutContact", "connect:ClaimPhoneNumber", "connect:CreateAgentStatus", "connect:CreateContactFlow", "connect:CreateContactFlowModule", "connect:CreateEvaluationForm", "connect:CreateHoursOfOperation", "connect:CreateInstance", "connect:CreateIntegrationAssociation", "connect:CreateParticipant", "connect:CreatePersistentContactAssociation", "connect:CreatePredefinedAttribute", "connect:CreatePrompt", "connect:CreateQueue", "connect:CreateQuickConnect", "connect:CreateRoutingProfile", "connect:CreateRule", "connect:CreateSecurityProfile", "connect:CreateTaskTemplate", "connect:CreateTrafficDistributionGroup", "connect:CreateUseCase", "connect:CreateUser", "connect:CreateUserHierarchyGroup", "connect:CreateView", "connect:CreateViewVersion", "connect:CreateVocabulary", "connect:DeactivateEvaluationForm", "connect:DeleteContactEvaluation", "connect:DeleteContactFlow", "connect:DeleteContactFlowModule", "connect:DeleteEvaluationForm", "connect:DeleteHoursOfOperation", "connect:DeleteInstance", "connect:DeleteIntegrationAssociation", "connect:DeletePredefinedAttribute", "connect:DeletePrompt", "connect:DeleteQueue", "connect:DeleteQuickConnect", "connect:DeleteRoutingProfile", "connect:DeleteRule", "connect:DeleteSecurityProfile", "connect:DeleteTaskTemplate", "connect:DeleteTrafficDistributionGroup", "connect:DeleteUseCase", "connect:DeleteUser", "connect:DeleteUserHierarchyGroup", "connect:DeleteView", "connect:DeleteViewVersion", "connect:DeleteVocabulary", "connect:DescribeAgentStatus", "connect:DescribeContact", "connect:DescribeContactEvaluation", "connect:DescribeContactFlow", "connect:DescribeContactFlowModule", "connect:DescribeEvaluationForm", "connect:DescribeForecastingPlanningSchedulingIntegration", "connect:DescribeHoursOfOperation", "connect:DescribeInstance", "connect:DescribeInstanceAttribute", "connect:DescribeInstanceStorageConfig", "connect:DescribePhoneNumber", "connect:DescribePredefinedAttribute", "connect:DescribePrompt", "connect:DescribeQueue", "connect:DescribeQuickConnect", "connect:DescribeRoutingProfile", "connect:DescribeRule", "connect:DescribeSecurityProfile", "connect:DescribeTrafficDistributionGroup", "connect:DescribeUser", "connect:DescribeUserHierarchyGroup", "connect:DescribeUserHierarchyStructure", "connect:DescribeView", "connect:DescribeVocabulary", "connect:DisassociateAnalyticsDataSet", "connect:DisassociateApprovedOrigin", "connect:DisassociateBot", "connect:DisassociateCustomerProfilesDomain", "connect:DisassociateFlow", "connect:DisassociateInstanceStorageConfig", "connect:DisassociateLambdaFunction", "connect:DisassociateLexBot", "connect:DisassociatePhoneNumberContactFlow", "connect:DisassociateQueueQuickConnects", "connect:DisassociateRoutingProfileQueues", "connect:DisassociateSecurityKey", "connect:DisassociateTrafficDistributionGroupUser", "connect:DisassociateUserProficiencies", "connect:DismissUserContact", "connect:GetContactAttributes", "connect:GetCurrentMetricData", "connect:GetCurrentUserData", "connect:GetFederationToken", "connect:GetFederationTokens", "connect:GetFlowAssociation", "connect:GetMetricData", "connect:GetMetricDataV2", "connect:GetPromptFile", "connect:GetTaskTemplate", "connect:GetTrafficDistribution", "connect:ImportPhoneNumber", "connect:ListAgentStatuses", "connect:ListAnalyticsDataAssociations", "connect:ListApprovedOrigins", "connect:ListBots", "connect:ListContactEvaluations", "connect:ListContactFlowModules", "connect:ListContactFlows", "connect:ListContactReferences", "connect:ListDefaultVocabularies", "connect:ListEvaluationFormVersions", "connect:ListEvaluationForms", "connect:ListFlowAssociations", "connect:ListHoursOfOperations", "connect:ListInstanceAttributes", "connect:ListInstanceStorageConfigs", "connect:ListInstances", "connect:ListIntegrationAssociations", "connect:ListLambdaFunctions", "connect:ListLexBots", "connect:ListPhoneNumbers", "connect:ListPhoneNumbersV2", "connect:ListPredefinedAttributes", "connect:ListPrompts", "connect:ListQueueQuickConnects", "connect:ListQueues", "connect:ListQuickConnects", "connect:ListRealtimeContactAnalysisSegments", "connect:ListRealtimeContactAnalysisSegmentsV2", "connect:ListRoutingProfileQueues", "connect:ListRoutingProfiles", "connect:ListRules", "connect:ListSecurityKeys", "connect:ListSecurityProfileApplications", "connect:ListSecurityProfilePermissions", "connect:ListSecurityProfiles", "connect:ListTagsForResource", "connect:ListTaskTemplates", "connect:ListTrafficDistributionGroupUsers", "connect:ListTrafficDistributionGroups", "connect:ListUseCases", "connect:ListUserHierarchyGroups", "connect:ListUserProficiencies", "connect:ListUsers", "connect:ListViewVersions", "connect:ListViews", "connect:MonitorContact", "connect:PauseContact", "connect:PutUserStatus", "connect:ReleasePhoneNumber", "connect:ReplicateInstance", "connect:ResumeContact", "connect:ResumeContactRecording", "connect:SearchAvailablePhoneNumbers", "connect:SearchContacts", "connect:SearchHoursOfOperations", "connect:SearchPredefinedAttributes", "connect:SearchPrompts", "connect:SearchQueues", "connect:SearchQuickConnects", "connect:SearchResourceTags", "connect:SearchRoutingProfiles", "connect:SearchSecurityProfiles", "connect:SearchUsers", "connect:SearchVocabularies", "connect:SendChatIntegrationEvent", "connect:StartChatContact", "connect:StartContactEvaluation", "connect:StartContactRecording", "connect:StartContactStreaming", "connect:StartForecastingPlanningSchedulingIntegration", "connect:StartOutboundVoiceContact", "connect:StartTaskContact", "connect:StartWebRTCContact", "connect:StopContact", "connect:StopContactRecording", "connect:StopContactStreaming", "connect:StopForecastingPlanningSchedulingIntegration", "connect:SubmitContactEvaluation", "connect:SuspendContactRecording", "connect:TagContact", "connect:TagResource", "connect:TransferContact", "connect:UntagContact", "connect:UntagResource", "connect:UpdateAgentStatus", "connect:UpdateContact", "connect:UpdateContactAttributes", "connect:UpdateContactEvaluation", "connect:UpdateContactFlowContent", "connect:UpdateContactFlowMetadata", "connect:UpdateContactFlowModuleContent", "connect:UpdateContactFlowModuleMetadata", "connect:UpdateContactFlowName", "connect:UpdateContactRoutingData", "connect:UpdateContactSchedule", "connect:UpdateEvaluationForm", "connect:UpdateHoursOfOperation", "connect:UpdateInstanceAttribute", "connect:UpdateInstanceStorageConfig", "connect:UpdateParticipantRoleConfig", "connect:UpdatePhoneNumber", "connect:UpdatePhoneNumberMetadata", "connect:UpdatePredefinedAttribute", "connect:UpdatePrompt", "connect:UpdateQueueHoursOfOperation", "connect:UpdateQueueMaxContacts", "connect:UpdateQueueName", "connect:UpdateQueueOutboundCallerConfig", "connect:UpdateQueueStatus", "connect:UpdateQuickConnectConfig", "connect:UpdateQuickConnectName", "connect:UpdateRoutingProfileAgentAvailabilityTimer", "connect:UpdateRoutingProfileConcurrency", "connect:UpdateRoutingProfileDefaultOutboundQueue", "connect:UpdateRoutingProfileName", "connect:UpdateRoutingProfileQueues", "connect:UpdateRule", "connect:UpdateSecurityProfile", "connect:UpdateTaskTemplate", "connect:UpdateTrafficDistribution", "connect:UpdateUserHierarchy", "connect:UpdateUserHierarchyGroupName", "connect:UpdateUserHierarchyStructure", "connect:UpdateUserIdentityInfo", "connect:UpdateUserPhoneConfig", "connect:UpdateUserProficiencies", "connect:UpdateUserRoutingProfile", "connect:UpdateUserSecurityProfiles", "connect:UpdateViewContent", "connect:UpdateViewMetadata", "ds:CreateAlias", "ds:AuthorizeApplication", "ds:CreateIdentityPoolDirectory", "ds:DeleteDirectory", "ds:DescribeDirectories", "ds:UnauthorizeApplication", "firehose:DescribeDeliveryStream", "firehose:ListDeliveryStreams", "kinesis:DescribeStream", "kinesis:ListStreams", "kms:DescribeKey", "kms:ListAliases", "lex:GetBots", "lex:ListBots", "lex:ListBotAliases", "logs:CreateLogGroup", "s3:GetBucketLocation", "s3:ListAllMyBuckets", "lambda:ListFunctions", "ds:CheckAlias", "profile:ListAccountIntegrations", "profile:GetDomain", "profile:ListDomains", "profile:GetProfileObjectType", "profile:ListProfileObjectTypeTemplates", "profile:AddProfileKey", "profile:CreateDomain", "profile:CreateProfile", "profile:DeleteDomain", "profile:DeleteIntegration", "profile:DeleteProfile", "profile:DeleteProfileKey", "profile:DeleteProfileObject", "profile:DeleteProfileObjectType", "profile:GetIntegration", "profile:GetMatches", "profile:GetProfileObjectType", "profile:ListIntegrations", "profile:ListProfileObjects", "profile:ListProfileObjectTypes", "profile:ListTagsForResource", "profile:MergeProfiles", "profile:PutIntegration", "profile:PutProfileObject", "profile:PutProfileObjectType", "profile:SearchProfiles", "profile:TagResource", "profile:UntagResource", "profile:UpdateDomain", "profile:UpdateProfile", "s3:CreateBucket", "s3:GetBucketAcl", "servicequotas:GetServiceQuota", "iam:CreateServiceLinkedRole", "iam:DeleteServiceLinkedRole", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonConnect_FullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": true, "unknown_actions": false, "updatedate": "2023-03-07T14:49:25+00:00", "version": "v4" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonLookoutMetricsReadOnlyAccess", "createdate": "2022-01-04T18:19:27Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "lookoutmetrics:DescribeMetricSet", "lookoutmetrics:ListMetricSets", "lookoutmetrics:DescribeAnomalyDetector", "lookoutmetrics:ListAnomalyDetectors", "lookoutmetrics:DescribeAnomalyDetectionExecutions", "lookoutmetrics:DescribeAlert", "lookoutmetrics:ListAlerts", "lookoutmetrics:ListTagsForResource", "lookoutmetrics:ListAnomalyGroupSummaries", "lookoutmetrics:ListAnomalyGroupTimeSeries", "lookoutmetrics:ListAnomalyGroupRelatedMetrics", "lookoutmetrics:GetAnomalyGroup", "lookoutmetrics:GetDataQualityMetrics", "lookoutmetrics:GetSampleData", "lookoutmetrics:GetFeedback" ], "malformed": false, "name": "AmazonLookoutMetricsReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-01-04T18:19:27+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonHoneycodeWorkbookFullAccess", "createdate": "2020-12-01T17:30:06Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "honeycode:GetScreenData", "honeycode:InvokeScreenAutomation", "honeycode:BatchCreateTableRows", "honeycode:BatchDeleteTableRows", "honeycode:BatchUpdateTableRows", "honeycode:BatchUpsertTableRows", "honeycode:DescribeTableDataImportJob", "honeycode:ListTableColumns", "honeycode:ListTableRows", "honeycode:ListTables", "honeycode:QueryTableRows", "honeycode:StartTableDataImportJob" ], "malformed": false, "name": "AmazonHoneycodeWorkbookFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-01T17:30:06+00:00", "version": "v2" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/OAMReadOnlyAccess", "createdate": "2022-11-27T13:29:39Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "oam:GetLink", "oam:GetSink", "oam:GetSinkPolicy", "oam:ListAttachedLinks", "oam:ListLinks", "oam:ListSinks", "oam:ListTagsForResource" ], "malformed": false, "name": "OAMReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-27T13:29:39+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonSSMAutomationRole", "createdate": "2017-07-24T23:29:12Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "lambda:InvokeFunction", "ec2:CreateImage", "ec2:CopyImage", "ec2:DeregisterImage", "ec2:DescribeImages", "ec2:DeleteSnapshot", "ec2:StartInstances", "ec2:RunInstances", "ec2:StopInstances", "ec2:TerminateInstances", "ec2:DescribeInstanceStatus", "ec2:CreateTags", "ec2:DeleteTags", "ec2:DescribeTags", "cloudformation:CreateStack", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStacks", "cloudformation:UpdateStack", "cloudformation:DeleteStack", "ssm:AddTagsToResource", "ssm:AssociateOpsItemRelatedItem", "ssm:CancelCommand", "ssm:CancelMaintenanceWindowExecution", "ssm:CreateActivation", "ssm:CreateAssociation", "ssm:CreateAssociationBatch", "ssm:CreateDocument", "ssm:CreateMaintenanceWindow", "ssm:CreateOpsItem", "ssm:CreateOpsMetadata", "ssm:CreatePatchBaseline", "ssm:CreateResourceDataSync", "ssm:DeleteActivation", "ssm:DeleteAssociation", "ssm:DeleteDocument", "ssm:DeleteInventory", "ssm:DeleteMaintenanceWindow", "ssm:DeleteOpsItem", "ssm:DeleteOpsMetadata", "ssm:DeleteParameter", "ssm:DeleteParameters", "ssm:DeletePatchBaseline", "ssm:DeleteResourceDataSync", "ssm:DeleteResourcePolicy", "ssm:DeregisterManagedInstance", "ssm:DeregisterPatchBaselineForPatchGroup", "ssm:DeregisterTargetFromMaintenanceWindow", "ssm:DeregisterTaskFromMaintenanceWindow", "ssm:DescribeActivations", "ssm:DescribeAssociation", "ssm:DescribeAssociationExecutionTargets", "ssm:DescribeAssociationExecutions", "ssm:DescribeAutomationExecutions", "ssm:DescribeAutomationStepExecutions", "ssm:DescribeAvailablePatches", "ssm:DescribeDocument", "ssm:DescribeDocumentParameters", "ssm:DescribeDocumentPermission", "ssm:DescribeEffectiveInstanceAssociations", "ssm:DescribeEffectivePatchesForPatchBaseline", "ssm:DescribeInstanceAssociationsStatus", "ssm:DescribeInstanceInformation", "ssm:DescribeInstancePatchStates", "ssm:DescribeInstancePatchStatesForPatchGroup", "ssm:DescribeInstancePatches", "ssm:DescribeInstanceProperties", "ssm:DescribeInventoryDeletions", "ssm:DescribeMaintenanceWindowExecutionTaskInvocations", "ssm:DescribeMaintenanceWindowExecutionTasks", "ssm:DescribeMaintenanceWindowExecutions", "ssm:DescribeMaintenanceWindowSchedule", "ssm:DescribeMaintenanceWindowTargets", "ssm:DescribeMaintenanceWindowTasks", "ssm:DescribeMaintenanceWindows", "ssm:DescribeMaintenanceWindowsForTarget", "ssm:DescribeOpsItems", "ssm:DescribeParameters", "ssm:DescribePatchBaselines", "ssm:DescribePatchGroupState", "ssm:DescribePatchGroups", "ssm:DescribePatchProperties", "ssm:DescribeSessions", "ssm:DisassociateOpsItemRelatedItem", "ssm:GetAutomationExecution", "ssm:GetCalendar", "ssm:GetCalendarState", "ssm:GetCommandInvocation", "ssm:GetConnectionStatus", "ssm:GetDefaultPatchBaseline", "ssm:GetDeployablePatchSnapshotForInstance", "ssm:GetDocument", "ssm:GetInventory", "ssm:GetInventorySchema", "ssm:GetMaintenanceWindow", "ssm:GetMaintenanceWindowExecution", "ssm:GetMaintenanceWindowExecutionTask", "ssm:GetMaintenanceWindowExecutionTaskInvocation", "ssm:GetMaintenanceWindowTask", "ssm:GetManifest", "ssm:GetOpsItem", "ssm:GetOpsMetadata", "ssm:GetOpsSummary", "ssm:GetParameter", "ssm:GetParameterHistory", "ssm:GetParameters", "ssm:GetParametersByPath", "ssm:GetPatchBaseline", "ssm:GetPatchBaselineForPatchGroup", "ssm:GetResourcePolicies", "ssm:GetServiceSetting", "ssm:LabelParameterVersion", "ssm:ListAssociationVersions", "ssm:ListAssociations", "ssm:ListCommandInvocations", "ssm:ListCommands", "ssm:ListComplianceItems", "ssm:ListComplianceSummaries", "ssm:ListDocumentMetadataHistory", "ssm:ListDocumentVersions", "ssm:ListDocuments", "ssm:ListInstanceAssociations", "ssm:ListInventoryEntries", "ssm:ListOpsItemEvents", "ssm:ListOpsItemRelatedItems", "ssm:ListOpsMetadata", "ssm:ListResourceComplianceSummaries", "ssm:ListResourceDataSync", "ssm:ListTagsForResource", "ssm:ModifyDocumentPermission", "ssm:PutCalendar", "ssm:PutComplianceItems", "ssm:PutConfigurePackageResult", "ssm:PutInventory", "ssm:PutParameter", "ssm:PutResourcePolicy", "ssm:RegisterDefaultPatchBaseline", "ssm:RegisterManagedInstance", "ssm:RegisterPatchBaselineForPatchGroup", "ssm:RegisterTargetWithMaintenanceWindow", "ssm:RegisterTaskWithMaintenanceWindow", "ssm:RemoveTagsFromResource", "ssm:ResetServiceSetting", "ssm:ResumeSession", "ssm:SendAutomationSignal", "ssm:SendCommand", "ssm:StartAssociationsOnce", "ssm:StartAutomationExecution", "ssm:StartChangeRequestExecution", "ssm:StartSession", "ssm:StopAutomationExecution", "ssm:TerminateSession", "ssm:UnlabelParameterVersion", "ssm:UpdateAssociation", "ssm:UpdateAssociationStatus", "ssm:UpdateDocument", "ssm:UpdateDocumentDefaultVersion", "ssm:UpdateDocumentMetadata", "ssm:UpdateInstanceAssociationStatus", "ssm:UpdateInstanceInformation", "ssm:UpdateMaintenanceWindow", "ssm:UpdateMaintenanceWindowTarget", "ssm:UpdateMaintenanceWindowTask", "ssm:UpdateManagedInstanceRole", "ssm:UpdateOpsItem", "ssm:UpdateOpsMetadata", "ssm:UpdatePatchBaseline", "ssm:UpdateResourceDataSync", "ssm:UpdateServiceSetting", "sns:Publish" ], "malformed": false, "name": "AmazonSSMAutomationRole", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-07-24T23:29:12+00:00", "version": "v5" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/ROSAControlPlaneOperatorPolicy", "createdate": "2023-06-30T21:12:32Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcs", "ec2:DescribeSecurityGroups", "route53:ListHostedZones", "ec2:CreateSecurityGroup", "ec2:DeleteSecurityGroup", "ec2:AuthorizeSecurityGroupIngress", "ec2:AuthorizeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:RevokeSecurityGroupEgress", "ec2:CreateSecurityGroup", "route53:ListResourceRecordSets", "route53:ChangeResourceRecordSets", "ec2:CreateVpcEndpoint", "ec2:CreateVpcEndpoint", "ec2:CreateVpcEndpoint", "ec2:ModifyVpcEndpoint", "ec2:DeleteVpcEndpoints", "ec2:ModifyVpcEndpoint", "ec2:CreateTags" ], "malformed": false, "name": "ROSAControlPlaneOperatorPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-06-30T21:12:32+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AlexaForBusinessPolyDelegatedAccessPolicy", "createdate": "2019-10-16T19:48:45Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "a4b:DisassociateDeviceFromRoom", "a4b:DeleteDevice", "a4b:UpdateDevice", "a4b:GetDevice", "a4b:RegisterAVSDevice", "a4b:SearchDevices", "a4b:AssociateDeviceWithRoom", "a4b:GetRoom", "a4b:SearchRooms", "a4b:CreateRoom", "a4b:GetProfile", "a4b:SearchSkillGroups", "a4b:DisassociateSkillGroupFromRoom", "a4b:AssociateSkillGroupWithRoom", "a4b:GetSkillGroup", "a4b:SearchProfiles", "a4b:GetAddressBook", "a4b:UpdateRoom" ], "malformed": false, "name": "AlexaForBusinessPolyDelegatedAccessPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-10-16T19:48:45+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonCognitoDeveloperAuthenticatedIdentities", "createdate": "2015-03-24T17:22:23Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "cognito-identity:GetOpenIdTokenForDeveloperIdentity", "cognito-identity:LookupDeveloperIdentity", "cognito-identity:MergeDeveloperIdentities", "cognito-identity:UnlinkDeveloperIdentity" ], "malformed": false, "name": "AmazonCognitoDeveloperAuthenticatedIdentities", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-03-24T17:22:23+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSLambda_FullAccess", "createdate": "2020-11-17T21:14:08Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudformation:DescribeStacks", "cloudformation:ListStackResources", "cloudwatch:ListMetrics", "cloudwatch:GetMetricData", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "kms:ListAliases", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:GetRole", "iam:GetRolePolicy", "iam:ListAttachedRolePolicies", "iam:ListRolePolicies", "iam:ListRoles", "lambda:AddLayerVersionPermission", "lambda:AddPermission", "lambda:CreateAlias", "lambda:CreateCodeSigningConfig", "lambda:CreateEventSourceMapping", "lambda:CreateFunction", "lambda:CreateFunctionUrlConfig", "lambda:DeleteAlias", "lambda:DeleteCodeSigningConfig", "lambda:DeleteEventSourceMapping", "lambda:DeleteFunction", "lambda:DeleteFunctionCodeSigningConfig", "lambda:DeleteFunctionConcurrency", "lambda:DeleteFunctionEventInvokeConfig", "lambda:DeleteFunctionUrlConfig", "lambda:DeleteLayerVersion", "lambda:DeleteProvisionedConcurrencyConfig", "lambda:DisableReplication", "lambda:EnableReplication", "lambda:GetAccountSettings", "lambda:GetAlias", "lambda:GetCodeSigningConfig", "lambda:GetEventSourceMapping", "lambda:GetFunction", "lambda:GetFunctionCodeSigningConfig", "lambda:GetFunctionConcurrency", "lambda:GetFunctionConfiguration", "lambda:GetFunctionEventInvokeConfig", "lambda:GetFunctionUrlConfig", "lambda:GetLayerVersion", "lambda:GetLayerVersionPolicy", "lambda:GetPolicy", "lambda:GetProvisionedConcurrencyConfig", "lambda:GetRuntimeManagementConfig", "lambda:InvokeAsync", "lambda:InvokeFunction", "lambda:InvokeFunctionUrl", "lambda:ListAliases", "lambda:ListCodeSigningConfigs", "lambda:ListEventSourceMappings", "lambda:ListFunctionEventInvokeConfigs", "lambda:ListFunctionUrlConfigs", "lambda:ListFunctions", "lambda:ListFunctionsByCodeSigningConfig", "lambda:ListLayerVersions", "lambda:ListLayers", "lambda:ListProvisionedConcurrencyConfigs", "lambda:ListTags", "lambda:ListVersionsByFunction", "lambda:PublishLayerVersion", "lambda:PublishVersion", "lambda:PutFunctionCodeSigningConfig", "lambda:PutFunctionConcurrency", "lambda:PutFunctionEventInvokeConfig", "lambda:PutProvisionedConcurrencyConfig", "lambda:PutRuntimeManagementConfig", "lambda:RemoveLayerVersionPermission", "lambda:RemovePermission", "lambda:TagResource", "lambda:UntagResource", "lambda:UpdateAlias", "lambda:UpdateCodeSigningConfig", "lambda:UpdateEventSourceMapping", "lambda:UpdateFunctionCode", "lambda:UpdateFunctionCodeSigningConfig", "lambda:UpdateFunctionConfiguration", "lambda:UpdateFunctionEventInvokeConfig", "lambda:UpdateFunctionUrlConfig", "logs:DescribeLogGroups", "states:DescribeStateMachine", "states:ListStateMachines", "tag:GetResources", "xray:GetTraceSummaries", "xray:BatchGetTraces", "iam:PassRole", "logs:DescribeLogStreams", "logs:GetLogEvents", "logs:FilterLogEvents" ], "malformed": false, "name": "AWSLambda_FullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-11-17T21:14:08+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSDeepRacerCloudFormationAccessPolicy", "createdate": "2019-06-14T17:02:04Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudformation:CancelResourceRequest", "cloudformation:CreateResource", "cloudformation:DeleteResource", "cloudformation:GetResource", "cloudformation:GetResourceRequestStatus", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:UpdateResource", "cloudformation:ActivateOrganizationsAccess", "cloudformation:ActivateType", "cloudformation:BatchDescribeTypeConfigurations", "cloudformation:CancelUpdateStack", "cloudformation:ContinueUpdateRollback", "cloudformation:CreateChangeSet", "cloudformation:CreateGeneratedTemplate", "cloudformation:CreateStack", "cloudformation:CreateStackInstances", "cloudformation:CreateStackSet", "cloudformation:CreateUploadBucket", "cloudformation:DeactivateOrganizationsAccess", "cloudformation:DeactivateType", "cloudformation:DeleteChangeSet", "cloudformation:DeleteGeneratedTemplate", "cloudformation:DeleteStack", "cloudformation:DeleteStackInstances", "cloudformation:DeleteStackSet", "cloudformation:DeregisterType", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeChangeSet", "cloudformation:DescribeChangeSetHooks", "cloudformation:DescribeGeneratedTemplate", "cloudformation:DescribeOrganizationsAccess", "cloudformation:DescribePublisher", "cloudformation:DescribeResourceScan", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:DescribeType", "cloudformation:DescribeTypeRegistration", "cloudformation:DetectStackDrift", "cloudformation:DetectStackResourceDrift", "cloudformation:DetectStackSetDrift", "cloudformation:EstimateTemplateCost", "cloudformation:ExecuteChangeSet", "cloudformation:GetGeneratedTemplate", "cloudformation:GetStackPolicy", "cloudformation:GetTemplate", "cloudformation:GetTemplateSummary", "cloudformation:ImportStacksToStackSet", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "cloudformation:PublishType", "cloudformation:RecordHandlerProgress", "cloudformation:RegisterPublisher", "cloudformation:RegisterType", "cloudformation:RollbackStack", "cloudformation:SetStackPolicy", "cloudformation:SetTypeConfiguration", "cloudformation:SetTypeDefaultVersion", "cloudformation:SignalResource", "cloudformation:StartResourceScan", "cloudformation:StopStackSetOperation", "cloudformation:TagResource", "cloudformation:TestType", "cloudformation:UntagResource", "cloudformation:UpdateGeneratedTemplate", "cloudformation:UpdateStack", "cloudformation:UpdateStackInstances", "cloudformation:UpdateStackSet", "cloudformation:UpdateTerminationProtection", "cloudformation:ValidateTemplate", "ec2:AllocateAddress", "ec2:AttachInternetGateway", "ec2:AssociateRouteTable", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateInternetGateway", "ec2:CreateNatGateway", "ec2:CreateNetworkAcl", "ec2:CreateNetworkAclEntry", "ec2:CreateRoute", "ec2:CreateRouteTable", "ec2:CreateSecurityGroup", "ec2:CreateSubnet", "ec2:CreateTags", "ec2:CreateVpc", "ec2:CreateVpcEndpoint", "ec2:DeleteInternetGateway", "ec2:DeleteNatGateway", "ec2:DeleteNetworkAcl", "ec2:DeleteNetworkAclEntry", "ec2:DeleteRoute", "ec2:DeleteRouteTable", "ec2:DeleteSecurityGroup", "ec2:DeleteSubnet", "ec2:DeleteTags", "ec2:DeleteVpc", "ec2:DeleteVpcEndpoints", "ec2:DescribeAddresses", "ec2:DescribeInternetGateways", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcs", "ec2:DetachInternetGateway", "ec2:DisassociateRouteTable", "ec2:ModifySubnetAttribute", "ec2:ModifyVpcAttribute", "ec2:ReleaseAddress", "ec2:ReplaceNetworkAclAssociation", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "iam:PassRole", "lambda:CreateFunction", "lambda:GetFunction", "lambda:DeleteFunction", "lambda:TagResource", "lambda:UpdateFunctionCode", "s3:PutBucketPolicy", "s3:CreateBucket", "s3:ListBucket", "s3:GetBucketAcl", "s3:DeleteBucket", "robomaker:CreateSimulationApplication", "robomaker:CreateSimulationApplicationVersion", "robomaker:DeleteSimulationApplication", "robomaker:DescribeSimulationApplication", "robomaker:ListSimulationApplications", "robomaker:TagResource", "robomaker:UpdateSimulationApplication" ], "malformed": false, "name": "AWSDeepRacerCloudFormationAccessPolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-14T17:02:04+00:00", "version": "v2" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/ROSAAmazonEBSCSIDriverOperatorPolicy", "createdate": "2023-04-20T22:36:00Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeInstances", "ec2:DescribeSnapshots", "ec2:DescribeTags", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:AttachVolume", "ec2:DetachVolume", "ec2:DeleteVolume", "ec2:ModifyVolume", "ec2:CreateVolume", "ec2:CreateSnapshot", "ec2:CreateSnapshot", "ec2:DeleteSnapshot", "ec2:CreateTags" ], "malformed": false, "name": "ROSAAmazonEBSCSIDriverOperatorPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-20T22:36:00+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerLinuxSubscriptionsServiceRolePolicy", "createdate": "2022-12-20T18:54:54Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeInstances", "ec2:DescribeRegions", "organizations:DescribeOrganization", "organizations:ListAccounts", "organizations:DescribeAccount", "organizations:ListChildren", "organizations:ListParents", "organizations:ListAccountsForParent", "organizations:ListRoots", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListDelegatedAdministrators" ], "malformed": false, "name": "AWSLicenseManagerLinuxSubscriptionsServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-12-20T18:54:54+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/ApplicationDiscoveryServiceContinuousExportServiceRolePolicy", "createdate": "2018-08-13T22:31:21Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "glue:CreateDatabase", "glue:UpdateDatabase", "glue:CreateTable", "glue:UpdateTable", "firehose:CreateDeliveryStream", "firehose:DescribeDeliveryStream", "logs:CreateLogGroup", "firehose:DeleteDeliveryStream", "firehose:PutRecord", "firehose:PutRecordBatch", "firehose:UpdateDestination", "s3:CreateBucket", "s3:ListBucket", "s3:PutBucketLogging", "s3:PutEncryptionConfiguration", "s3:GetObject", "logs:CreateLogStream", "logs:PutRetentionPolicy", "iam:PassRole", "iam:PassRole" ], "malformed": false, "name": "ApplicationDiscoveryServiceContinuousExportServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-08-13T22:31:21+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonEMRFullAccessPolicy_v2", "createdate": "2023-07-28T14:04:57Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elasticmapreduce:RunJobFlow", "elasticmapreduce:AddInstanceFleet", "elasticmapreduce:AddInstanceGroups", "elasticmapreduce:AddJobFlowSteps", "elasticmapreduce:AddTags", "elasticmapreduce:CancelSteps", "elasticmapreduce:CreateEditor", "elasticmapreduce:CreateSecurityConfiguration", "elasticmapreduce:DeleteEditor", "elasticmapreduce:DeleteSecurityConfiguration", "elasticmapreduce:DescribeCluster", "elasticmapreduce:DescribeEditor", "elasticmapreduce:DescribeJobFlows", "elasticmapreduce:DescribeSecurityConfiguration", "elasticmapreduce:DescribeStep", "elasticmapreduce:DescribeReleaseLabel", "elasticmapreduce:GetBlockPublicAccessConfiguration", "elasticmapreduce:GetManagedScalingPolicy", "elasticmapreduce:GetAutoTerminationPolicy", "elasticmapreduce:ListBootstrapActions", "elasticmapreduce:ListClusters", "elasticmapreduce:ListEditors", "elasticmapreduce:ListInstanceFleets", "elasticmapreduce:ListInstanceGroups", "elasticmapreduce:ListInstances", "elasticmapreduce:ListSecurityConfigurations", "elasticmapreduce:ListSteps", "elasticmapreduce:ListSupportedInstanceTypes", "elasticmapreduce:ModifyCluster", "elasticmapreduce:ModifyInstanceFleet", "elasticmapreduce:ModifyInstanceGroups", "elasticmapreduce:OpenEditorInConsole", "elasticmapreduce:PutAutoScalingPolicy", "elasticmapreduce:PutBlockPublicAccessConfiguration", "elasticmapreduce:PutManagedScalingPolicy", "elasticmapreduce:RemoveAutoScalingPolicy", "elasticmapreduce:RemoveManagedScalingPolicy", "elasticmapreduce:RemoveTags", "elasticmapreduce:SetTerminationProtection", "elasticmapreduce:StartEditor", "elasticmapreduce:StopEditor", "elasticmapreduce:TerminateJobFlows", "elasticmapreduce:ViewEventsFromAllClustersInConsole", "cloudwatch:GetMetricStatistics", "iam:PassRole", "iam:PassRole", "iam:PassRole", "iam:CreateServiceLinkedRole", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", "ec2:DescribeImages", "ec2:DescribeKeyPairs", "ec2:DescribeNatGateways", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeVpcEndpoints", "s3:ListAllMyBuckets", "iam:ListRoles" ], "malformed": false, "name": "AmazonEMRFullAccessPolicy_v2", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-07-28T14:04:57+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonElasticFileSystemFullAccess", "createdate": "2023-11-28T16:53:28Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:GetMetricData", "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:DescribeAvailabilityZones", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcs", "ec2:ModifyNetworkInterfaceAttribute", "elasticfilesystem:CreateFileSystem", "elasticfilesystem:CreateMountTarget", "elasticfilesystem:CreateTags", "elasticfilesystem:CreateAccessPoint", "elasticfilesystem:CreateReplicationConfiguration", "elasticfilesystem:DeleteFileSystem", "elasticfilesystem:DeleteMountTarget", "elasticfilesystem:DeleteTags", "elasticfilesystem:DeleteAccessPoint", "elasticfilesystem:DeleteFileSystemPolicy", "elasticfilesystem:DeleteReplicationConfiguration", "elasticfilesystem:DescribeAccountPreferences", "elasticfilesystem:DescribeBackupPolicy", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeFileSystemPolicy", "elasticfilesystem:DescribeLifecycleConfiguration", "elasticfilesystem:DescribeMountTargets", "elasticfilesystem:DescribeMountTargetSecurityGroups", "elasticfilesystem:DescribeTags", "elasticfilesystem:DescribeAccessPoints", "elasticfilesystem:DescribeReplicationConfigurations", "elasticfilesystem:ModifyMountTargetSecurityGroups", "elasticfilesystem:PutAccountPreferences", "elasticfilesystem:PutBackupPolicy", "elasticfilesystem:PutLifecycleConfiguration", "elasticfilesystem:PutFileSystemPolicy", "elasticfilesystem:UpdateFileSystem", "elasticfilesystem:UpdateFileSystemProtection", "elasticfilesystem:TagResource", "elasticfilesystem:UntagResource", "elasticfilesystem:ListTagsForResource", "elasticfilesystem:Backup", "elasticfilesystem:Restore", "kms:DescribeKey", "kms:ListAliases", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonElasticFileSystemFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-28T16:53:28+00:00", "version": "v9" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonKendraFullAccess", "createdate": "2019-12-03T16:15:37Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "iam:PassRole", "iam:ListRoles", "ec2:DescribeSecurityGroups", "ec2:DescribeVpcs", "ec2:DescribeSubnets", "kms:ListKeys", "kms:ListAliases", "kms:DescribeKey", "s3:ListAllMyBuckets", "s3:GetBucketLocation", "secretsmanager:ListSecrets", "cloudwatch:GetMetricData", "secretsmanager:CreateSecret", "secretsmanager:DescribeSecret", "kendra:AssociateEntitiesToExperience", "kendra:AssociatePersonasToEntities", "kendra:BatchDeleteDocument", "kendra:BatchDeleteFeaturedResultsSet", "kendra:BatchGetDocumentStatus", "kendra:BatchPutDocument", "kendra:ClearQuerySuggestions", "kendra:CreateAccessControlConfiguration", "kendra:CreateDataSource", "kendra:CreateExperience", "kendra:CreateFaq", "kendra:CreateFeaturedResultsSet", "kendra:CreateIndex", "kendra:CreateQuerySuggestionsBlockList", "kendra:CreateThesaurus", "kendra:DeleteAccessControlConfiguration", "kendra:DeleteDataSource", "kendra:DeleteExperience", "kendra:DeleteFaq", "kendra:DeleteIndex", "kendra:DeletePrincipalMapping", "kendra:DeleteQuerySuggestionsBlockList", "kendra:DeleteThesaurus", "kendra:DescribeAccessControlConfiguration", "kendra:DescribeDataSource", "kendra:DescribeExperience", "kendra:DescribeFaq", "kendra:DescribeFeaturedResultsSet", "kendra:DescribeIndex", "kendra:DescribePrincipalMapping", "kendra:DescribeQuerySuggestionsBlockList", "kendra:DescribeQuerySuggestionsConfig", "kendra:DescribeThesaurus", "kendra:DisassociateEntitiesFromExperience", "kendra:DisassociatePersonasFromEntities", "kendra:GetQuerySuggestions", "kendra:GetSnapshots", "kendra:ListAccessControlConfigurations", "kendra:ListDataSourceSyncJobs", "kendra:ListDataSources", "kendra:ListEntityPersonas", "kendra:ListExperienceEntities", "kendra:ListExperiences", "kendra:ListFaqs", "kendra:ListFeaturedResultsSets", "kendra:ListGroupsOlderThanOrderingId", "kendra:ListIndices", "kendra:ListQuerySuggestionsBlockLists", "kendra:ListTagsForResource", "kendra:ListThesauri", "kendra:PutPrincipalMapping", "kendra:Query", "kendra:Retrieve", "kendra:StartDataSourceSyncJob", "kendra:StopDataSourceSyncJob", "kendra:SubmitFeedback", "kendra:TagResource", "kendra:UntagResource", "kendra:UpdateAccessControlConfiguration", "kendra:UpdateDataSource", "kendra:UpdateExperience", "kendra:UpdateFeaturedResultsSet", "kendra:UpdateIndex", "kendra:UpdateQuerySuggestionsBlockList", "kendra:UpdateQuerySuggestionsConfig", "kendra:UpdateThesaurus" ], "malformed": false, "name": "AmazonKendraFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-12-03T16:15:37+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonEKSConnectorServiceRolePolicy", "createdate": "2021-09-04T20:31:08Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ssm:CreateActivation", "ssm:DescribeInstanceInformation", "ssm:DeleteActivation", "ssm:StartSession", "ssm:DeregisterManagedInstance", "iam:PassRole", "events:PutRule", "events:PutTargets" ], "malformed": false, "name": "AmazonEKSConnectorServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-09-04T20:31:08+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonElasticMapReducePlacementGroupPolicy", "createdate": "2020-09-29T00:37:08Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DeletePlacementGroup", "ec2:DescribePlacementGroups", "ec2:CreatePlacementGroup" ], "malformed": false, "name": "AmazonElasticMapReducePlacementGroupPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-09-29T00:37:08+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonChimeSDKMediaPipelinesServiceLinkedRolePolicy", "createdate": "2023-12-08T19:14:31Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudwatch:PutMetricData", "kinesisvideo:GetDataEndpoint", "kinesisvideo:PutMedia", "kinesisvideo:UpdateDataRetention", "kinesisvideo:DescribeStream", "kinesisvideo:CreateStream", "kinesisvideo:ListStreams", "chime:GetMeeting", "chime:CreateAttendee", "chime:DeleteAttendee" ], "malformed": false, "name": "AmazonChimeSDKMediaPipelinesServiceLinkedRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-08T19:14:31+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSDataPipeline_FullAccess", "createdate": "2017-08-17T18:48:39Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "dynamodb:DescribeTable", "rds:DescribeDBInstances", "rds:DescribeDBSecurityGroups", "redshift:DescribeClusters", "redshift:DescribeClusterSecurityGroups", "sns:ListTopics", "sns:Subscribe", "iam:ListRoles", "iam:GetRolePolicy", "iam:GetInstanceProfile", "iam:ListInstanceProfiles", "datapipeline:ActivatePipeline", "datapipeline:AddTags", "datapipeline:CreatePipeline", "datapipeline:DeactivatePipeline", "datapipeline:DeletePipeline", "datapipeline:DescribeObjects", "datapipeline:DescribePipelines", "datapipeline:EvaluateExpression", "datapipeline:GetAccountLimits", "datapipeline:GetPipelineDefinition", "datapipeline:ListPipelines", "datapipeline:PollForTask", "datapipeline:PutAccountLimits", "datapipeline:PutPipelineDefinition", "datapipeline:QueryObjects", "datapipeline:RemoveTags", "datapipeline:ReportTaskProgress", "datapipeline:ReportTaskRunnerHeartbeat", "datapipeline:SetStatus", "datapipeline:SetTaskStatus", "datapipeline:ValidatePipelineDefinition", "iam:PassRole" ], "malformed": false, "name": "AWSDataPipeline_FullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-08-17T18:48:39+00:00", "version": "v2" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingAppStreamFleetPolicy", "createdate": "2017-10-20T19:04:06Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "appstream:UpdateFleet", "appstream:DescribeFleets", "cloudwatch:PutMetricAlarm", "cloudwatch:DescribeAlarms", "cloudwatch:DeleteAlarms" ], "malformed": false, "name": "AWSApplicationAutoscalingAppStreamFleetPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-10-20T19:04:06+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceRole", "createdate": "2020-06-24T22:24:20Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CancelSpotInstanceRequests", "ec2:CreateFleet", "ec2:CreateLaunchTemplate", "ec2:CreateNetworkInterface", "ec2:CreateSecurityGroup", "ec2:CreateTags", "ec2:DeleteLaunchTemplate", "ec2:DeleteNetworkInterface", "ec2:DeleteSecurityGroup", "ec2:DeleteTags", "ec2:DescribeAvailabilityZones", "ec2:DescribeAccountAttributes", "ec2:DescribeDhcpOptions", "ec2:DescribeImages", "ec2:DescribeInstanceStatus", "ec2:DescribeInstances", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplates", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInterfaces", "ec2:DescribePrefixLists", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcs", "ec2:DetachNetworkInterface", "ec2:ModifyImageAttribute", "ec2:ModifyInstanceAttribute", "ec2:RequestSpotInstances", "ec2:RevokeSecurityGroupEgress", "ec2:RunInstances", "ec2:TerminateInstances", "ec2:DeleteVolume", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DetachVolume", "iam:GetRole", "iam:GetRolePolicy", "iam:ListInstanceProfiles", "iam:ListRolePolicies", "iam:PassRole", "s3:CreateBucket", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "sdb:BatchPutAttributes", "sdb:Select", "sqs:CreateQueue", "sqs:DeleteMessage", "sqs:DeleteQueue", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "sqs:PurgeQueue", "sqs:ReceiveMessage", "cloudwatch:PutMetricAlarm", "cloudwatch:DescribeAlarms", "cloudwatch:DeleteAlarms", "application-autoscaling:RegisterScalableTarget", "application-autoscaling:DeregisterScalableTarget", "application-autoscaling:PutScalingPolicy", "application-autoscaling:DeleteScalingPolicy", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingActivities", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:DescribeScheduledActions", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonElasticMapReduceRole", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-06-24T22:24:20+00:00", "version": "v10" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonRedshiftQueryEditorV2FullAccess", "createdate": "2024-02-21T17:20:52Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "redshift:DescribeClusters", "redshift-serverless:ListNamespaces", "redshift-serverless:ListWorkgroups", "kms:DescribeKey", "kms:ListAliases", "secretsmanager:CreateSecret", "secretsmanager:GetSecretValue", "secretsmanager:DeleteSecret", "secretsmanager:TagResource", "tag:GetResources", "sqlworkbench:AssociateConnectionWithChart", "sqlworkbench:AssociateConnectionWithTab", "sqlworkbench:AssociateNotebookWithTab", "sqlworkbench:AssociateQueryWithTab", "sqlworkbench:BatchDeleteFolder", "sqlworkbench:BatchGetNotebookCell", "sqlworkbench:CreateAccount", "sqlworkbench:CreateChart", "sqlworkbench:CreateConnection", "sqlworkbench:CreateFolder", "sqlworkbench:CreateNotebook", "sqlworkbench:CreateNotebookCell", "sqlworkbench:CreateNotebookFromVersion", "sqlworkbench:CreateNotebookVersion", "sqlworkbench:CreateSavedQuery", "sqlworkbench:DeleteChart", "sqlworkbench:DeleteConnection", "sqlworkbench:DeleteNotebook", "sqlworkbench:DeleteNotebookCell", "sqlworkbench:DeleteNotebookVersion", "sqlworkbench:DeleteSavedQuery", "sqlworkbench:DeleteTab", "sqlworkbench:DriverExecute", "sqlworkbench:DuplicateNotebook", "sqlworkbench:ExportNotebook", "sqlworkbench:GenerateSession", "sqlworkbench:GetAccountInfo", "sqlworkbench:GetAccountSettings", "sqlworkbench:GetAutocompletionMetadata", "sqlworkbench:GetAutocompletionResource", "sqlworkbench:GetChart", "sqlworkbench:GetConnection", "sqlworkbench:GetNotebook", "sqlworkbench:GetNotebookVersion", "sqlworkbench:GetQSqlRecommendations", "sqlworkbench:GetQueryExecutionHistory", "sqlworkbench:GetSavedQuery", "sqlworkbench:GetSchemaInference", "sqlworkbench:GetUserInfo", "sqlworkbench:GetUserWorkspaceSettings", "sqlworkbench:ImportNotebook", "sqlworkbench:ListConnections", "sqlworkbench:ListDatabases", "sqlworkbench:ListFiles", "sqlworkbench:ListNotebookVersions", "sqlworkbench:ListNotebooks", "sqlworkbench:ListQueryExecutionHistory", "sqlworkbench:ListRedshiftClusters", "sqlworkbench:ListSampleDatabases", "sqlworkbench:ListSavedQueryVersions", "sqlworkbench:ListTabs", "sqlworkbench:ListTaggedResources", "sqlworkbench:ListTagsForResource", "sqlworkbench:PutTab", "sqlworkbench:PutUserWorkspaceSettings", "sqlworkbench:RestoreNotebookVersion", "sqlworkbench:TagResource", "sqlworkbench:UntagResource", "sqlworkbench:UpdateAccountConnectionSettings", "sqlworkbench:UpdateAccountExportSettings", "sqlworkbench:UpdateAccountGeneralSettings", "sqlworkbench:UpdateAccountQSqlSettings", "sqlworkbench:UpdateChart", "sqlworkbench:UpdateConnection", "sqlworkbench:UpdateFileFolder", "sqlworkbench:UpdateFolder", "sqlworkbench:UpdateNotebook", "sqlworkbench:UpdateNotebookCellContent", "sqlworkbench:UpdateNotebookCellLayout", "sqlworkbench:UpdateSavedQuery" ], "malformed": false, "name": "AmazonRedshiftQueryEditorV2FullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-21T17:20:52+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSVendorInsightsVendorFullAccess", "createdate": "2023-10-19T01:41:01Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "aws-marketplace:DescribeEntity", "aws-marketplace:ListEntities", "vendor-insights:CreateDataSource", "vendor-insights:UpdateDataSource", "vendor-insights:DeleteDataSource", "vendor-insights:GetDataSource", "vendor-insights:ListDataSources", "vendor-insights:CreateSecurityProfile", "vendor-insights:ListSecurityProfiles", "vendor-insights:GetSecurityProfile", "vendor-insights:AssociateDataSource", "vendor-insights:DisassociateDataSource", "vendor-insights:UpdateSecurityProfile", "vendor-insights:ActivateSecurityProfile", "vendor-insights:DeactivateSecurityProfile", "vendor-insights:UpdateSecurityProfileSnapshotCreationConfiguration", "vendor-insights:UpdateSecurityProfileSnapshotReleaseConfiguration", "vendor-insights:ListSecurityProfileSnapshots", "vendor-insights:GetSecurityProfileSnapshot", "vendor-insights:TagResource", "vendor-insights:UntagResource", "vendor-insights:ListTagsForResource", "aws-marketplace:AcceptAgreementApprovalRequest", "aws-marketplace:RejectAgreementApprovalRequest", "aws-marketplace:GetAgreementApprovalRequest", "aws-marketplace:ListAgreementApprovalRequests", "aws-marketplace:CancelAgreement", "aws-marketplace:SearchAgreements", "artifact:GetReport", "artifact:GetReportMetadata", "artifact:GetTermForReport", "artifact:ListReports" ], "malformed": false, "name": "AWSVendorInsightsVendorFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-10-19T01:41:01+00:00", "version": "v3" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingCassandraTablePolicy", "createdate": "2020-03-18T22:49:23Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cassandra:Select", "cassandra:Alter", "cloudwatch:PutMetricAlarm", "cloudwatch:DescribeAlarms", "cloudwatch:DeleteAlarms" ], "malformed": false, "name": "AWSApplicationAutoscalingCassandraTablePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-03-18T22:49:23+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management", "Unknown" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonConnectServiceLinkedRolePolicy", "createdate": "2023-11-28T16:05:08Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "connect:ActivateEvaluationForm", "connect:AssociateAnalyticsDataSet", "connect:AssociateApprovedOrigin", "connect:AssociateBot", "connect:AssociateCustomerProfilesDomain", "connect:AssociateDefaultVocabulary", "connect:AssociateFlow", "connect:AssociateInstanceStorageConfig", "connect:AssociateLambdaFunction", "connect:AssociateLexBot", "connect:AssociatePhoneNumberContactFlow", "connect:AssociateQueueQuickConnects", "connect:AssociateRoutingProfileQueues", "connect:AssociateSecurityKey", "connect:AssociateTrafficDistributionGroupUser", "connect:AssociateUserProficiencies", "connect:BatchAssociateAnalyticsDataSet", "connect:BatchDisassociateAnalyticsDataSet", "connect:BatchGetFlowAssociation", "connect:BatchPutContact", "connect:ClaimPhoneNumber", "connect:CreateAgentStatus", "connect:CreateContactFlow", "connect:CreateContactFlowModule", "connect:CreateEvaluationForm", "connect:CreateHoursOfOperation", "connect:CreateInstance", "connect:CreateIntegrationAssociation", "connect:CreateParticipant", "connect:CreatePersistentContactAssociation", "connect:CreatePredefinedAttribute", "connect:CreatePrompt", "connect:CreateQueue", "connect:CreateQuickConnect", "connect:CreateRoutingProfile", "connect:CreateRule", "connect:CreateSecurityProfile", "connect:CreateTaskTemplate", "connect:CreateTrafficDistributionGroup", "connect:CreateUseCase", "connect:CreateUser", "connect:CreateUserHierarchyGroup", "connect:CreateView", "connect:CreateViewVersion", "connect:CreateVocabulary", "connect:DeactivateEvaluationForm", "connect:DeleteContactEvaluation", "connect:DeleteContactFlow", "connect:DeleteContactFlowModule", "connect:DeleteEvaluationForm", "connect:DeleteHoursOfOperation", "connect:DeleteInstance", "connect:DeleteIntegrationAssociation", "connect:DeletePredefinedAttribute", "connect:DeletePrompt", "connect:DeleteQueue", "connect:DeleteQuickConnect", "connect:DeleteRoutingProfile", "connect:DeleteRule", "connect:DeleteSecurityProfile", "connect:DeleteTaskTemplate", "connect:DeleteTrafficDistributionGroup", "connect:DeleteUseCase", "connect:DeleteUser", "connect:DeleteUserHierarchyGroup", "connect:DeleteView", "connect:DeleteViewVersion", "connect:DeleteVocabulary", "connect:DescribeAgentStatus", "connect:DescribeContact", "connect:DescribeContactEvaluation", "connect:DescribeContactFlow", "connect:DescribeContactFlowModule", "connect:DescribeEvaluationForm", "connect:DescribeForecastingPlanningSchedulingIntegration", "connect:DescribeHoursOfOperation", "connect:DescribeInstance", "connect:DescribeInstanceAttribute", "connect:DescribeInstanceStorageConfig", "connect:DescribePhoneNumber", "connect:DescribePredefinedAttribute", "connect:DescribePrompt", "connect:DescribeQueue", "connect:DescribeQuickConnect", "connect:DescribeRoutingProfile", "connect:DescribeRule", "connect:DescribeSecurityProfile", "connect:DescribeTrafficDistributionGroup", "connect:DescribeUser", "connect:DescribeUserHierarchyGroup", "connect:DescribeUserHierarchyStructure", "connect:DescribeView", "connect:DescribeVocabulary", "connect:DisassociateAnalyticsDataSet", "connect:DisassociateApprovedOrigin", "connect:DisassociateBot", "connect:DisassociateCustomerProfilesDomain", "connect:DisassociateFlow", "connect:DisassociateInstanceStorageConfig", "connect:DisassociateLambdaFunction", "connect:DisassociateLexBot", "connect:DisassociatePhoneNumberContactFlow", "connect:DisassociateQueueQuickConnects", "connect:DisassociateRoutingProfileQueues", "connect:DisassociateSecurityKey", "connect:DisassociateTrafficDistributionGroupUser", "connect:DisassociateUserProficiencies", "connect:DismissUserContact", "connect:GetContactAttributes", "connect:GetCurrentMetricData", "connect:GetCurrentUserData", "connect:GetFederationToken", "connect:GetFederationTokens", "connect:GetFlowAssociation", "connect:GetMetricData", "connect:GetMetricDataV2", "connect:GetPromptFile", "connect:GetTaskTemplate", "connect:GetTrafficDistribution", "connect:ImportPhoneNumber", "connect:ListAgentStatuses", "connect:ListAnalyticsDataAssociations", "connect:ListApprovedOrigins", "connect:ListBots", "connect:ListContactEvaluations", "connect:ListContactFlowModules", "connect:ListContactFlows", "connect:ListContactReferences", "connect:ListDefaultVocabularies", "connect:ListEvaluationFormVersions", "connect:ListEvaluationForms", "connect:ListFlowAssociations", "connect:ListHoursOfOperations", "connect:ListInstanceAttributes", "connect:ListInstanceStorageConfigs", "connect:ListInstances", "connect:ListIntegrationAssociations", "connect:ListLambdaFunctions", "connect:ListLexBots", "connect:ListPhoneNumbers", "connect:ListPhoneNumbersV2", "connect:ListPredefinedAttributes", "connect:ListPrompts", "connect:ListQueueQuickConnects", "connect:ListQueues", "connect:ListQuickConnects", "connect:ListRealtimeContactAnalysisSegments", "connect:ListRealtimeContactAnalysisSegmentsV2", "connect:ListRoutingProfileQueues", "connect:ListRoutingProfiles", "connect:ListRules", "connect:ListSecurityKeys", "connect:ListSecurityProfileApplications", "connect:ListSecurityProfilePermissions", "connect:ListSecurityProfiles", "connect:ListTagsForResource", "connect:ListTaskTemplates", "connect:ListTrafficDistributionGroupUsers", "connect:ListTrafficDistributionGroups", "connect:ListUseCases", "connect:ListUserHierarchyGroups", "connect:ListUserProficiencies", "connect:ListUsers", "connect:ListViewVersions", "connect:ListViews", "connect:MonitorContact", "connect:PauseContact", "connect:PutUserStatus", "connect:ReleasePhoneNumber", "connect:ReplicateInstance", "connect:ResumeContact", "connect:ResumeContactRecording", "connect:SearchAvailablePhoneNumbers", "connect:SearchContacts", "connect:SearchHoursOfOperations", "connect:SearchPredefinedAttributes", "connect:SearchPrompts", "connect:SearchQueues", "connect:SearchQuickConnects", "connect:SearchResourceTags", "connect:SearchRoutingProfiles", "connect:SearchSecurityProfiles", "connect:SearchUsers", "connect:SearchVocabularies", "connect:SendChatIntegrationEvent", "connect:StartChatContact", "connect:StartContactEvaluation", "connect:StartContactRecording", "connect:StartContactStreaming", "connect:StartForecastingPlanningSchedulingIntegration", "connect:StartOutboundVoiceContact", "connect:StartTaskContact", "connect:StartWebRTCContact", "connect:StopContact", "connect:StopContactRecording", "connect:StopContactStreaming", "connect:StopForecastingPlanningSchedulingIntegration", "connect:SubmitContactEvaluation", "connect:SuspendContactRecording", "connect:TagContact", "connect:TagResource", "connect:TransferContact", "connect:UntagContact", "connect:UntagResource", "connect:UpdateAgentStatus", "connect:UpdateContact", "connect:UpdateContactAttributes", "connect:UpdateContactEvaluation", "connect:UpdateContactFlowContent", "connect:UpdateContactFlowMetadata", "connect:UpdateContactFlowModuleContent", "connect:UpdateContactFlowModuleMetadata", "connect:UpdateContactFlowName", "connect:UpdateContactRoutingData", "connect:UpdateContactSchedule", "connect:UpdateEvaluationForm", "connect:UpdateHoursOfOperation", "connect:UpdateInstanceAttribute", "connect:UpdateInstanceStorageConfig", "connect:UpdateParticipantRoleConfig", "connect:UpdatePhoneNumber", "connect:UpdatePhoneNumberMetadata", "connect:UpdatePredefinedAttribute", "connect:UpdatePrompt", "connect:UpdateQueueHoursOfOperation", "connect:UpdateQueueMaxContacts", "connect:UpdateQueueName", "connect:UpdateQueueOutboundCallerConfig", "connect:UpdateQueueStatus", "connect:UpdateQuickConnectConfig", "connect:UpdateQuickConnectName", "connect:UpdateRoutingProfileAgentAvailabilityTimer", "connect:UpdateRoutingProfileConcurrency", "connect:UpdateRoutingProfileDefaultOutboundQueue", "connect:UpdateRoutingProfileName", "connect:UpdateRoutingProfileQueues", "connect:UpdateRule", "connect:UpdateSecurityProfile", "connect:UpdateTaskTemplate", "connect:UpdateTrafficDistribution", "connect:UpdateUserHierarchy", "connect:UpdateUserHierarchyGroupName", "connect:UpdateUserHierarchyStructure", "connect:UpdateUserIdentityInfo", "connect:UpdateUserPhoneConfig", "connect:UpdateUserProficiencies", "connect:UpdateUserRoutingProfile", "connect:UpdateUserSecurityProfiles", "connect:UpdateViewContent", "connect:UpdateViewMetadata", "iam:DeleteRole", "s3:GetObject", "s3:GetObjectAcl", "s3:PutObject", "s3:PutObjectAcl", "s3:DeleteObject", "s3:GetBucketLocation", "s3:GetBucketAcl", "logs:CreateLogStream", "logs:DescribeLogStreams", "logs:PutLogEvents", "lex:ListBots", "lex:ListBotAliases", "profile:SearchProfiles", "profile:CreateProfile", "profile:UpdateProfile", "profile:AddProfileKey", "profile:ListProfileObjectTypes", "profile:ListCalculatedAttributeDefinitions", "profile:ListCalculatedAttributesForProfile", "profile:GetDomain", "profile:ListIntegrations", "profile:ListProfileObjects", "profile:GetProfileObjectType", "profile:ListAccountIntegrations", "profile:ListProfileObjectTypeTemplates", "profile:GetProfileObjectTypeTemplate", "wisdom:CreateContent", "wisdom:DeleteContent", "wisdom:CreateKnowledgeBase", "wisdom:GetAssistant", "wisdom:GetKnowledgeBase", "wisdom:GetContent", "wisdom:GetRecommendations", "wisdom:GetSession", "wisdom:NotifyRecommendationsReceived", "wisdom:QueryAssistant", "wisdom:StartContentUpload", "wisdom:UpdateContent", "wisdom:UntagResource", "wisdom:TagResource", "wisdom:CreateSession", "wisdom:CreateQuickResponse", "wisdom:GetQuickResponse", "wisdom:SearchQuickResponses", "wisdom:StartImportJob", "wisdom:GetImportJob", "wisdom:ListImportJobs", "wisdom:ListQuickResponses", "wisdom:UpdateQuickResponse", "wisdom:DeleteQuickResponse", "wisdom:PutFeedback", "wisdom:ListAssistants", "wisdom:ListKnowledgeBases", "profile:GetCalculatedAttributeForProfile", "profile:CreateCalculatedAttributeDefinition", "profile:DeleteCalculatedAttributeDefinition", "profile:GetCalculatedAttributeDefinition", "profile:UpdateCalculatedAttributeDefinition", "cloudwatch:PutMetricData", "sms-voice:SendTextMessage", "sms-voice:DescribePhoneNumbers" ], "malformed": false, "name": "AmazonConnectServiceLinkedRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": true, "unknown_actions": false, "updatedate": "2023-11-28T16:05:08+00:00", "version": "v14" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonRDSPreviewServiceRolePolicy", "createdate": "2023-10-04T19:01:52Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "rds:CrossRegionCommunication", "ec2:AllocateAddress", "ec2:AssociateAddress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateCoipPoolPermission", "ec2:CreateLocalGatewayRouteTablePermission", "ec2:CreateNetworkInterface", "ec2:CreateSecurityGroup", "ec2:DeleteCoipPoolPermission", "ec2:DeleteLocalGatewayRouteTablePermission", "ec2:DeleteNetworkInterface", "ec2:DeleteSecurityGroup", "ec2:DescribeAddresses", "ec2:DescribeAvailabilityZones", "ec2:DescribeCoipPools", "ec2:DescribeInternetGateways", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGateways", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcs", "ec2:DisassociateAddress", "ec2:ModifyNetworkInterfaceAttribute", "ec2:ReleaseAddress", "ec2:RevokeSecurityGroupIngress", "sns:Publish", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogStreams", "cloudwatch:PutMetricData", "secretsmanager:GetRandomPassword", "secretsmanager:DeleteSecret", "secretsmanager:DescribeSecret", "secretsmanager:PutSecretValue", "secretsmanager:RotateSecret", "secretsmanager:UpdateSecret", "secretsmanager:UpdateSecretVersionStage", "secretsmanager:ListSecretVersionIds", "secretsmanager:TagResource" ], "malformed": false, "name": "AmazonRDSPreviewServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-10-04T19:01:52+00:00", "version": "v8" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceEditorsRole", "createdate": "2023-02-09T22:39:29Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateSecurityGroup", "ec2:DescribeSecurityGroups", "ec2:RevokeSecurityGroupEgress", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DescribeNetworkInterfaces", "ec2:ModifyNetworkInterfaceAttribute", "ec2:DescribeTags", "ec2:DescribeInstances", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "elasticmapreduce:ListInstances", "elasticmapreduce:DescribeCluster", "elasticmapreduce:ListSteps", "ec2:CreateTags" ], "malformed": false, "name": "AmazonElasticMapReduceEditorsRole", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-02-09T22:39:29+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSCloudFormationReadOnlyAccess", "createdate": "2019-11-13T17:40:07Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudformation:DescribeAccountLimits", "cloudformation:DescribeChangeSet", "cloudformation:DescribeChangeSetHooks", "cloudformation:DescribeGeneratedTemplate", "cloudformation:DescribeOrganizationsAccess", "cloudformation:DescribePublisher", "cloudformation:DescribeResourceScan", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:DescribeType", "cloudformation:DescribeTypeRegistration", "cloudformation:EstimateTemplateCost", "cloudformation:GetResource", "cloudformation:GetResourceRequestStatus", "cloudformation:GetGeneratedTemplate", "cloudformation:GetStackPolicy", "cloudformation:GetTemplate", "cloudformation:GetTemplateSummary", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "cloudformation:ValidateTemplate", "cloudformation:DetectStackDrift", "cloudformation:DetectStackResourceDrift", "cloudformation:DetectStackSetDrift" ], "malformed": false, "name": "AWSCloudFormationReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-11-13T17:40:07+00:00", "version": "v4" }, { "access_levels": [ "List" ], "arn": "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess", "createdate": "2015-02-06T18:40:21Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elasticache:DescribeCacheClusters", "elasticache:DescribeCacheEngineVersions", "elasticache:DescribeCacheParameterGroups", "elasticache:DescribeCacheParameters", "elasticache:DescribeCacheSecurityGroups", "elasticache:DescribeCacheSubnetGroups", "elasticache:DescribeEngineDefaultParameters", "elasticache:DescribeEvents", "elasticache:DescribeGlobalReplicationGroups", "elasticache:DescribeReplicationGroups", "elasticache:DescribeReservedCacheNodes", "elasticache:DescribeReservedCacheNodesOfferings", "elasticache:DescribeServerlessCacheSnapshots", "elasticache:DescribeServerlessCaches", "elasticache:DescribeServiceUpdates", "elasticache:DescribeSnapshots", "elasticache:DescribeUpdateActions", "elasticache:DescribeUserGroups", "elasticache:DescribeUsers" ], "malformed": false, "name": "AmazonElastiCacheReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:40:21+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/IAMAccessAnalyzerReadOnlyAccess", "createdate": "2023-11-27T02:24:16Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "access-analyzer:CheckAccessNotGranted", "access-analyzer:CheckNoNewAccess", "access-analyzer:GetAccessPreview", "access-analyzer:GetAnalyzedResource", "access-analyzer:GetAnalyzer", "access-analyzer:GetArchiveRule", "access-analyzer:GetFinding", "access-analyzer:GetFindingsStatistics", "access-analyzer:GetGeneratedPolicy", "access-analyzer:ListAccessPreviewFindings", "access-analyzer:ListAccessPreviews", "access-analyzer:ListAnalyzedResources", "access-analyzer:ListAnalyzers", "access-analyzer:ListArchiveRules", "access-analyzer:ListFindings", "access-analyzer:ListPolicyGenerations", "access-analyzer:ListTagsForResource", "access-analyzer:ValidatePolicy" ], "malformed": false, "name": "IAMAccessAnalyzerReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-27T02:24:16+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonElastiCacheFullAccess", "createdate": "2023-11-28T03:49:56Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elasticache:AddTagsToResource", "elasticache:AuthorizeCacheSecurityGroupIngress", "elasticache:BatchApplyUpdateAction", "elasticache:BatchStopUpdateAction", "elasticache:CompleteMigration", "elasticache:Connect", "elasticache:CopyServerlessCacheSnapshot", "elasticache:CopySnapshot", "elasticache:CreateCacheCluster", "elasticache:CreateCacheParameterGroup", "elasticache:CreateCacheSecurityGroup", "elasticache:CreateCacheSubnetGroup", "elasticache:CreateGlobalReplicationGroup", "elasticache:CreateReplicationGroup", "elasticache:CreateServerlessCache", "elasticache:CreateServerlessCacheSnapshot", "elasticache:CreateSnapshot", "elasticache:CreateUser", "elasticache:CreateUserGroup", "elasticache:DecreaseNodeGroupsInGlobalReplicationGroup", "elasticache:DecreaseReplicaCount", "elasticache:DeleteCacheCluster", "elasticache:DeleteCacheParameterGroup", "elasticache:DeleteCacheSecurityGroup", "elasticache:DeleteCacheSubnetGroup", "elasticache:DeleteGlobalReplicationGroup", "elasticache:DeleteReplicationGroup", "elasticache:DeleteServerlessCache", "elasticache:DeleteServerlessCacheSnapshot", "elasticache:DeleteSnapshot", "elasticache:DeleteUser", "elasticache:DeleteUserGroup", "elasticache:DescribeCacheClusters", "elasticache:DescribeCacheEngineVersions", "elasticache:DescribeCacheParameterGroups", "elasticache:DescribeCacheParameters", "elasticache:DescribeCacheSecurityGroups", "elasticache:DescribeCacheSubnetGroups", "elasticache:DescribeEngineDefaultParameters", "elasticache:DescribeEvents", "elasticache:DescribeGlobalReplicationGroups", "elasticache:DescribeReplicationGroups", "elasticache:DescribeReservedCacheNodes", "elasticache:DescribeReservedCacheNodesOfferings", "elasticache:DescribeServerlessCacheSnapshots", "elasticache:DescribeServerlessCaches", "elasticache:DescribeServiceUpdates", "elasticache:DescribeSnapshots", "elasticache:DescribeUpdateActions", "elasticache:DescribeUserGroups", "elasticache:DescribeUsers", "elasticache:DisassociateGlobalReplicationGroup", "elasticache:ExportServerlessCacheSnapshot", "elasticache:FailoverGlobalReplicationGroup", "elasticache:IncreaseNodeGroupsInGlobalReplicationGroup", "elasticache:IncreaseReplicaCount", "elasticache:InterruptClusterAzPower", "elasticache:ListAllowedNodeTypeModifications", "elasticache:ListTagsForResource", "elasticache:ModifyCacheCluster", "elasticache:ModifyCacheParameterGroup", "elasticache:ModifyCacheSubnetGroup", "elasticache:ModifyGlobalReplicationGroup", "elasticache:ModifyReplicationGroup", "elasticache:ModifyReplicationGroupShardConfiguration", "elasticache:ModifyServerlessCache", "elasticache:ModifyUser", "elasticache:ModifyUserGroup", "elasticache:PurchaseReservedCacheNodesOffering", "elasticache:RebalanceSlotsInGlobalReplicationGroup", "elasticache:RebootCacheCluster", "elasticache:RemoveTagsFromResource", "elasticache:ResetCacheParameterGroup", "elasticache:RevokeCacheSecurityGroupIngress", "elasticache:StartMigration", "elasticache:TestFailover", "elasticache:TestMigration", "iam:CreateServiceLinkedRole", "ec2:CreateVpcEndpoint", "ec2:CreateVpcEndpoint", "ec2:CreateTags", "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "kms:DescribeKey", "kms:ListAliases", "kms:ListKeys", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricData", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScheduledActions", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:DescribeScalingActivities", "logs:DescribeLogGroups", "firehose:ListDeliveryStreams", "s3:ListAllMyBuckets", "outposts:ListOutposts", "sns:ListTopics" ], "malformed": false, "name": "AmazonElastiCacheFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-28T03:49:56+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingEC2SpotFleetRequestPolicy", "createdate": "2017-10-25T18:23:27Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeSpotFleetRequests", "ec2:ModifySpotFleetRequest", "cloudwatch:PutMetricAlarm", "cloudwatch:DescribeAlarms", "cloudwatch:DeleteAlarms" ], "malformed": false, "name": "AWSApplicationAutoscalingEC2SpotFleetRequestPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-10-25T18:23:27+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations", "createdate": "2020-11-24T20:19:13Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:ListAccounts", "organizations:DescribeOrganization", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListDelegatedAdministrators" ], "malformed": false, "name": "AWSConfigRoleForOrganizations", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-11-24T20:19:13+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonInspectorServiceRolePolicy", "createdate": "2020-09-11T17:12:02Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "directconnect:DescribeConnections", "directconnect:DescribeDirectConnectGateways", "directconnect:DescribeDirectConnectGatewayAssociations", "directconnect:DescribeDirectConnectGatewayAttachments", "directconnect:DescribeVirtualGateways", "directconnect:DescribeVirtualInterfaces", "directconnect:DescribeTags", "ec2:DescribeAvailabilityZones", "ec2:DescribeCustomerGateways", "ec2:DescribeInstances", "ec2:DescribeTags", "ec2:DescribeInternetGateways", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInterfaces", "ec2:DescribePrefixLists", "ec2:DescribeRegions", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:DescribeManagedPrefixLists", "ec2:GetManagedPrefixListEntries", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeTransitGateways", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGatewayRouteTables", "ec2:SearchTransitGatewayRoutes", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:GetTransitGatewayRouteTablePropagations", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth" ], "malformed": false, "name": "AmazonInspectorServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-09-11T17:12:02+00:00", "version": "v5" }, { "access_levels": [ "Read", "Tagging" ], "arn": "arn:aws:iam::aws:policy/ElementalActivationsFullAccess", "createdate": "2020-06-04T21:00:13Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elemental-activations:CompleteAccountRegistration", "elemental-activations:CompleteFileUpload", "elemental-activations:DownloadSoftware", "elemental-activations:GenerateLicenses", "elemental-activations:GetActivation", "elemental-activations:ListTagsForResource", "elemental-activations:StartAccountRegistration", "elemental-activations:StartFileUpload", "elemental-activations:TagResource", "elemental-activations:UntagResource" ], "malformed": false, "name": "ElementalActivationsFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-06-04T21:00:13+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/ROSACloudNetworkConfigOperatorPolicy", "createdate": "2023-04-20T22:34:36Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeInstances", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTypes", "ec2:DescribeSubnets", "ec2:DescribeNetworkInterfaces", "ec2:UnassignPrivateIpAddresses", "ec2:AssignPrivateIpAddresses", "ec2:UnassignIpv6Addresses", "ec2:AssignIpv6Addresses" ], "malformed": false, "name": "ROSACloudNetworkConfigOperatorPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-20T22:34:36+00:00", "version": "v1" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonMQServiceRolePolicy", "createdate": "2020-11-04T16:07:17Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeVpcEndpoints", "ec2:CreateVpcEndpoint", "ec2:CreateVpcEndpoint", "ec2:CreateTags", "ec2:DeleteVpcEndpoints", "logs:PutLogEvents", "logs:DescribeLogStreams", "logs:DescribeLogGroups", "logs:CreateLogStream", "logs:CreateLogGroup" ], "malformed": false, "name": "AmazonMQServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-11-04T16:07:17+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForNeptuneGraphPolicy", "createdate": "2023-11-29T14:03:36Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:PutMetricData", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogStreams" ], "malformed": false, "name": "AWSServiceRoleForNeptuneGraphPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-29T14:03:36+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonLexReadOnly", "createdate": "2023-01-31T19:31:41Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "lex:GetBot", "lex:GetBotAlias", "lex:GetBotAliases", "lex:GetBots", "lex:GetBotChannelAssociation", "lex:GetBotChannelAssociations", "lex:GetBotVersions", "lex:GetBuiltinIntent", "lex:GetBuiltinIntents", "lex:GetBuiltinSlotTypes", "lex:GetIntent", "lex:GetIntents", "lex:GetIntentVersions", "lex:GetSlotType", "lex:GetSlotTypes", "lex:GetSlotTypeVersions", "lex:GetUtterancesView", "lex:DescribeBot", "lex:DescribeBotAlias", "lex:DescribeBotChannel", "lex:DescribeBotLocale", "lex:DescribeBotRecommendation", "lex:DescribeBotVersion", "lex:DescribeExport", "lex:DescribeImport", "lex:DescribeIntent", "lex:DescribeResourcePolicy", "lex:DescribeSlot", "lex:DescribeSlotType", "lex:ListBots", "lex:ListBotLocales", "lex:ListBotAliases", "lex:ListBotChannels", "lex:ListBotRecommendations", "lex:ListBotVersions", "lex:ListBuiltInIntents", "lex:ListBuiltInSlotTypes", "lex:ListExports", "lex:ListImports", "lex:ListIntents", "lex:ListRecommendedIntents", "lex:ListSlots", "lex:ListSlotTypes", "lex:ListTagsForResource", "lex:SearchAssociatedTranscripts", "lex:ListCustomVocabularyItems" ], "malformed": false, "name": "AmazonLexReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-01-31T19:31:41+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonCodeGuruReviewerServiceRolePolicy", "createdate": "2020-11-27T15:09:46Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "codecommit:GetRepository", "codecommit:GetBranch", "codecommit:DescribePullRequestEvents", "codecommit:GetCommentsForPullRequest", "codecommit:GetDifferences", "codecommit:GetPullRequest", "codecommit:ListPullRequests", "codecommit:PostCommentForPullRequest", "codecommit:GitPull", "codecommit:UntagResource", "codestar-connections:UseConnection", "events:DeleteRule", "events:RemoveTargets", "s3:GetObject" ], "malformed": false, "name": "AmazonCodeGuruReviewerServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-11-27T15:09:46+00:00", "version": "v4" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSSecurityHubReadOnlyAccess", "createdate": "2024-02-22T23:45:59Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "securityhub:GetAdhocInsightResults", "securityhub:GetAdministratorAccount", "securityhub:GetConfigurationPolicy", "securityhub:GetConfigurationPolicyAssociation", "securityhub:GetControlFindingSummary", "securityhub:GetEnabledStandards", "securityhub:GetFindingAggregator", "securityhub:GetFindingHistory", "securityhub:GetFindings", "securityhub:GetFreeTrialEndDate", "securityhub:GetFreeTrialUsage", "securityhub:GetInsightFindingTrend", "securityhub:GetInsightResults", "securityhub:GetInsights", "securityhub:GetInvitationsCount", "securityhub:GetMasterAccount", "securityhub:GetMembers", "securityhub:GetSecurityControlDefinition", "securityhub:GetUsage", "securityhub:ListAutomationRules", "securityhub:ListConfigurationPolicies", "securityhub:ListConfigurationPolicyAssociations", "securityhub:ListControlEvaluationSummaries", "securityhub:ListEnabledProductsForImport", "securityhub:ListFindingAggregators", "securityhub:ListInvitations", "securityhub:ListMembers", "securityhub:ListOrganizationAdminAccounts", "securityhub:ListSecurityControlDefinitions", "securityhub:ListStandardsControlAssociations", "securityhub:ListTagsForResource", "securityhub:BatchGetAutomationRules", "securityhub:BatchGetConfigurationPolicyAssociations", "securityhub:BatchGetControlEvaluations", "securityhub:BatchGetSecurityControls", "securityhub:BatchGetStandardsControlAssociations", "securityhub:DescribeActionTargets", "securityhub:DescribeHub", "securityhub:DescribeOrganizationConfiguration", "securityhub:DescribeProducts", "securityhub:DescribeStandards", "securityhub:DescribeStandardsControls" ], "malformed": false, "name": "AWSSecurityHubReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-22T23:45:59+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/TranslateFullAccess", "createdate": "2020-01-08T21:22:27Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "translate:CreateParallelData", "translate:DeleteParallelData", "translate:DeleteTerminology", "translate:DescribeTextTranslationJob", "translate:GetParallelData", "translate:GetTerminology", "translate:ImportTerminology", "translate:ListLanguages", "translate:ListParallelData", "translate:ListTagsForResource", "translate:ListTerminologies", "translate:ListTextTranslationJobs", "translate:StartTextTranslationJob", "translate:StopTextTranslationJob", "translate:TagResource", "translate:TranslateDocument", "translate:TranslateText", "translate:UntagResource", "translate:UpdateParallelData", "comprehend:DetectDominantLanguage", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:GetBucketLocation", "iam:ListRoles", "iam:GetRole" ], "malformed": false, "name": "TranslateFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-01-08T21:22:27+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSGrafanaAccountAdministrator", "createdate": "2022-02-15T22:36:18Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:ListRoles", "iam:GetRole", "grafana:AssociateLicense", "grafana:CreateWorkspace", "grafana:CreateWorkspaceApiKey", "grafana:DeleteWorkspace", "grafana:DeleteWorkspaceApiKey", "grafana:DescribeWorkspace", "grafana:DescribeWorkspaceAuthentication", "grafana:DescribeWorkspaceConfiguration", "grafana:DisassociateLicense", "grafana:ListPermissions", "grafana:ListTagsForResource", "grafana:ListVersions", "grafana:ListWorkspaces", "grafana:TagResource", "grafana:UntagResource", "grafana:UpdatePermissions", "grafana:UpdateWorkspace", "grafana:UpdateWorkspaceAuthentication", "grafana:UpdateWorkspaceConfiguration", "iam:PassRole" ], "malformed": false, "name": "AWSGrafanaAccountAdministrator", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-02-15T22:36:18+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSCodePipeline_FullAccess", "createdate": "2024-03-14T17:06:23Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "codepipeline:AcknowledgeJob", "codepipeline:AcknowledgeThirdPartyJob", "codepipeline:CreateCustomActionType", "codepipeline:CreatePipeline", "codepipeline:DeleteCustomActionType", "codepipeline:DeletePipeline", "codepipeline:DeleteWebhook", "codepipeline:DeregisterWebhookWithThirdParty", "codepipeline:DisableStageTransition", "codepipeline:EnableStageTransition", "codepipeline:GetActionType", "codepipeline:GetJobDetails", "codepipeline:GetPipeline", "codepipeline:GetPipelineExecution", "codepipeline:GetPipelineState", "codepipeline:GetThirdPartyJobDetails", "codepipeline:ListActionExecutions", "codepipeline:ListActionTypes", "codepipeline:ListPipelineExecutions", "codepipeline:ListPipelines", "codepipeline:ListTagsForResource", "codepipeline:ListWebhooks", "codepipeline:PollForJobs", "codepipeline:PollForThirdPartyJobs", "codepipeline:PutActionRevision", "codepipeline:PutApprovalResult", "codepipeline:PutJobFailureResult", "codepipeline:PutJobSuccessResult", "codepipeline:PutThirdPartyJobFailureResult", "codepipeline:PutThirdPartyJobSuccessResult", "codepipeline:PutWebhook", "codepipeline:RegisterWebhookWithThirdParty", "codepipeline:RetryStageExecution", "codepipeline:StartPipelineExecution", "codepipeline:StopPipelineExecution", "codepipeline:TagResource", "codepipeline:UntagResource", "codepipeline:UpdateActionType", "codepipeline:UpdatePipeline", "cloudformation:DescribeStacks", "cloudformation:ListStacks", "cloudformation:ListChangeSets", "cloudtrail:DescribeTrails", "codebuild:BatchGetProjects", "codebuild:CreateProject", "codebuild:ListCuratedEnvironmentImages", "codebuild:ListProjects", "codecommit:ListBranches", "codecommit:GetReferences", "codecommit:ListRepositories", "codedeploy:BatchGetDeploymentGroups", "codedeploy:ListApplications", "codedeploy:ListDeploymentGroups", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ecr:DescribeRepositories", "ecr:ListImages", "ecs:ListClusters", "ecs:ListServices", "elasticbeanstalk:DescribeApplications", "elasticbeanstalk:DescribeEnvironments", "iam:ListRoles", "iam:GetRole", "lambda:ListFunctions", "events:ListRules", "events:ListTargetsByRule", "events:DescribeRule", "opsworks:DescribeApps", "opsworks:DescribeLayers", "opsworks:DescribeStacks", "s3:ListAllMyBuckets", "sns:ListTopics", "codestar-notifications:ListNotificationRules", "codestar-notifications:ListTargets", "codestar-notifications:ListTagsForResource", "codestar-notifications:ListEventTypes", "states:ListStateMachines", "s3:GetObject", "s3:ListBucket", "s3:GetBucketPolicy", "s3:GetBucketVersioning", "s3:GetObjectVersion", "s3:CreateBucket", "s3:PutBucketPolicy", "cloudtrail:PutEventSelectors", "cloudtrail:CreateTrail", "cloudtrail:GetEventSelectors", "cloudtrail:StartLogging", "iam:PassRole", "iam:PassRole", "events:PutRule", "events:PutTargets", "events:DeleteRule", "events:DisableRule", "events:RemoveTargets", "codestar-notifications:CreateNotificationRule", "codestar-notifications:DescribeNotificationRule", "codestar-notifications:UpdateNotificationRule", "codestar-notifications:DeleteNotificationRule", "codestar-notifications:Subscribe", "codestar-notifications:Unsubscribe", "sns:CreateTopic", "sns:SetTopicAttributes", "chatbot:DescribeSlackChannelConfigurations", "chatbot:ListMicrosoftTeamsChannelConfigurations" ], "malformed": false, "name": "AWSCodePipeline_FullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-14T17:06:23+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonDataZoneDomainExecutionRolePolicy", "createdate": "2024-04-01T19:25:31Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "datazone:ListTimeSeriesDataPoints", "datazone:GetTimeSeriesDataPoint", "datazone:DeleteTimeSeriesDataPoints", "datazone:AcceptPredictions", "datazone:AcceptSubscriptionRequest", "datazone:CancelSubscription", "datazone:CreateAsset", "datazone:CreateAssetRevision", "datazone:CreateAssetType", "datazone:CreateDataSource", "datazone:CreateEnvironment", "datazone:CreateEnvironmentBlueprint", "datazone:CreateEnvironmentProfile", "datazone:CreateFormType", "datazone:CreateGlossary", "datazone:CreateGlossaryTerm", "datazone:CreateListingChangeSet", "datazone:CreateProject", "datazone:CreateProjectMembership", "datazone:CreateSubscriptionGrant", "datazone:CreateSubscriptionRequest", "datazone:DeleteAsset", "datazone:DeleteAssetType", "datazone:DeleteDataSource", "datazone:DeleteEnvironment", "datazone:DeleteEnvironmentBlueprint", "datazone:DeleteEnvironmentProfile", "datazone:DeleteFormType", "datazone:DeleteGlossary", "datazone:DeleteGlossaryTerm", "datazone:DeleteListing", "datazone:DeleteProject", "datazone:DeleteProjectMembership", "datazone:DeleteSubscriptionGrant", "datazone:DeleteSubscriptionRequest", "datazone:DeleteSubscriptionTarget", "datazone:GetAsset", "datazone:GetAssetType", "datazone:GetDataSource", "datazone:GetDataSourceRun", "datazone:GetDomain", "datazone:GetEnvironment", "datazone:GetEnvironmentActionLink", "datazone:GetEnvironmentBlueprint", "datazone:GetEnvironmentCredentials", "datazone:GetEnvironmentProfile", "datazone:GetFormType", "datazone:GetGlossary", "datazone:GetGlossaryTerm", "datazone:GetGroupProfile", "datazone:GetListing", "datazone:GetProject", "datazone:GetSubscription", "datazone:GetSubscriptionEligibility", "datazone:GetSubscriptionGrant", "datazone:GetSubscriptionRequestDetails", "datazone:GetSubscriptionTarget", "datazone:GetUserProfile", "datazone:ListAccountEnvironments", "datazone:ListAssetRevisions", "datazone:ListDataSourceRunActivities", "datazone:ListDataSourceRuns", "datazone:ListDataSources", "datazone:ListEnvironmentBlueprintConfigurations", "datazone:ListEnvironmentBlueprintConfigurationSummaries", "datazone:ListEnvironmentBlueprints", "datazone:ListEnvironmentProfiles", "datazone:ListEnvironments", "datazone:ListGroupsForUser", "datazone:ListNotifications", "datazone:ListProjectMemberships", "datazone:ListProjects", "datazone:ListSubscriptionGrants", "datazone:ListSubscriptionRequests", "datazone:ListSubscriptionTargets", "datazone:ListSubscriptions", "datazone:ListWarehouseMetadata", "datazone:RejectPredictions", "datazone:RejectSubscriptionRequest", "datazone:RevokeSubscription", "datazone:Search", "datazone:SearchGroupProfiles", "datazone:SearchListings", "datazone:SearchTypes", "datazone:SearchUserProfiles", "datazone:StartDataSourceRun", "datazone:UpdateDataSource", "datazone:UpdateEnvironment", "datazone:UpdateEnvironmentBlueprint", "datazone:UpdateEnvironmentDeploymentStatus", "datazone:UpdateEnvironmentProfile", "datazone:UpdateGlossary", "datazone:UpdateGlossaryTerm", "datazone:UpdateProject", "datazone:UpdateSubscriptionGrantStatus", "datazone:UpdateSubscriptionRequest", "datazone:StartMetadataGenerationRun", "datazone:GetMetadataGenerationRun", "datazone:CancelMetadataGenerationRun", "datazone:ListMetadataGenerationRuns", "ram:GetResourceShareAssociations" ], "malformed": false, "name": "AmazonDataZoneDomainExecutionRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-01T19:25:31+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonAppStreamServiceAccess", "createdate": "2020-06-26T16:33:54Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeAvailabilityZones", "ec2:CreateNetworkInterface", "ec2:DescribeNetworkInterfaces", "ec2:DeleteNetworkInterface", "ec2:DescribeSubnets", "ec2:AssociateAddress", "ec2:DisassociateAddress", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeVpcEndpoints", "s3:ListAllMyBuckets", "ds:DescribeDirectories", "s3:CreateBucket", "s3:ListBucket", "s3:GetObject", "s3:PutObject", "s3:DeleteObject", "s3:GetObjectVersion", "s3:DeleteObjectVersion", "s3:GetBucketPolicy", "s3:PutBucketPolicy", "s3:PutEncryptionConfiguration" ], "malformed": false, "name": "AmazonAppStreamServiceAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-06-26T16:33:54+00:00", "version": "v8" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonMacieServiceRolePolicy", "createdate": "2022-05-19T19:16:56Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "iam:ListAccountAliases", "organizations:DescribeAccount", "organizations:ListAccounts", "s3:GetAccountPublicAccessBlock", "s3:ListAllMyBuckets", "s3:GetBucketAcl", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetEncryptionConfiguration", "s3:GetLifecycleConfiguration", "s3:GetReplicationConfiguration", "s3:ListBucket", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectTagging", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogStreams" ], "malformed": false, "name": "AmazonMacieServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-05-19T19:16:56+00:00", "version": "v6" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSMarketplaceSellerProductsReadOnly", "createdate": "2022-11-19T00:08:42Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "aws-marketplace:ListChangeSets", "aws-marketplace:DescribeChangeSet", "aws-marketplace:ListEntities", "aws-marketplace:DescribeEntity", "aws-marketplace:ListTasks", "aws-marketplace:DescribeTask", "ec2:DescribeImages", "ec2:DescribeSnapshots", "aws-marketplace:ListTagsForResource" ], "malformed": false, "name": "AWSMarketplaceSellerProductsReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-19T00:08:42+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSCodeCommitReadOnly", "createdate": "2021-08-18T18:18:01Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "codecommit:BatchGetCommits", "codecommit:BatchGetPullRequests", "codecommit:BatchGetRepositories", "codecommit:BatchDescribeMergeConflicts", "codecommit:DescribeMergeConflicts", "codecommit:DescribePullRequestEvents", "codecommit:EvaluatePullRequestApprovalRules", "codecommit:GetApprovalRuleTemplate", "codecommit:GetBlob", "codecommit:GetBranch", "codecommit:GetComment", "codecommit:GetCommentReactions", "codecommit:GetCommentsForComparedCommit", "codecommit:GetCommentsForPullRequest", "codecommit:GetCommit", "codecommit:GetCommitHistory", "codecommit:GetCommitsFromMergeBase", "codecommit:GetDifferences", "codecommit:GetFile", "codecommit:GetFolder", "codecommit:GetMergeCommit", "codecommit:GetMergeConflicts", "codecommit:GetMergeOptions", "codecommit:GetObjectIdentifier", "codecommit:GetPullRequest", "codecommit:GetPullRequestApprovalStates", "codecommit:GetPullRequestOverrideState", "codecommit:GetReferences", "codecommit:GetRepository", "codecommit:GetRepositoryTriggers", "codecommit:GetTree", "codecommit:GetUploadArchiveStatus", "codecommit:ListApprovalRuleTemplates", "codecommit:ListAssociatedApprovalRuleTemplatesForRepository", "codecommit:ListBranches", "codecommit:ListFileCommitHistory", "codecommit:ListPullRequests", "codecommit:ListRepositories", "codecommit:ListRepositoriesForApprovalRuleTemplate", "codecommit:ListTagsForResource", "codecommit:GitPull", "events:DescribeRule", "events:ListTargetsByRule", "sns:ListTopics", "sns:ListSubscriptionsByTopic", "sns:GetTopicAttributes", "lambda:ListFunctions", "iam:ListUsers", "iam:ListSSHPublicKeys", "iam:ListServiceSpecificCredentials", "iam:ListAccessKeys", "iam:GetSSHPublicKey", "codestar-connections:ListConnections", "codestar-connections:GetConnection", "codestar-notifications:DescribeNotificationRule", "codestar-notifications:ListNotificationRules", "codestar-notifications:ListEventTypes", "codestar-notifications:ListTargets", "codeguru-reviewer:DescribeRepositoryAssociation", "codeguru-reviewer:ListRepositoryAssociations", "codeguru-reviewer:DescribeCodeReview", "codeguru-reviewer:ListCodeReviews" ], "malformed": false, "name": "AWSCodeCommitReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-08-18T18:18:01+00:00", "version": "v11" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingKafkaClusterPolicy", "createdate": "2020-08-24T18:36:01Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "kafka:DescribeCluster", "kafka:DescribeClusterOperation", "kafka:UpdateBrokerStorage", "cloudwatch:PutMetricAlarm", "cloudwatch:DescribeAlarms", "cloudwatch:DeleteAlarms" ], "malformed": false, "name": "AWSApplicationAutoscalingKafkaClusterPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-08-24T18:36:01+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonElasticContainerRegistryPublicPowerUser", "createdate": "2020-12-01T16:16:54Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "ecr-public:GetAuthorizationToken", "sts:GetServiceBearerToken", "ecr-public:BatchCheckLayerAvailability", "ecr-public:GetRepositoryPolicy", "ecr-public:DescribeRepositories", "ecr-public:DescribeRegistries", "ecr-public:DescribeImages", "ecr-public:DescribeImageTags", "ecr-public:GetRepositoryCatalogData", "ecr-public:GetRegistryCatalogData", "ecr-public:InitiateLayerUpload", "ecr-public:UploadLayerPart", "ecr-public:CompleteLayerUpload", "ecr-public:PutImage" ], "malformed": false, "name": "AmazonElasticContainerRegistryPublicPowerUser", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-01T16:16:54+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/CloudWatchEventsFullAccess", "createdate": "2022-12-01T17:05:05Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "events:ActivateEventSource", "events:CancelReplay", "events:CreateApiDestination", "events:CreateArchive", "events:CreateConnection", "events:CreateEndpoint", "events:CreateEventBus", "events:CreatePartnerEventSource", "events:DeactivateEventSource", "events:DeauthorizeConnection", "events:DeleteApiDestination", "events:DeleteArchive", "events:DeleteConnection", "events:DeleteEndpoint", "events:DeleteEventBus", "events:DeletePartnerEventSource", "events:DeleteRule", "events:DescribeApiDestination", "events:DescribeArchive", "events:DescribeConnection", "events:DescribeEndpoint", "events:DescribeEventBus", "events:DescribeEventSource", "events:DescribePartnerEventSource", "events:DescribeReplay", "events:DescribeRule", "events:DisableRule", "events:EnableRule", "events:InvokeApiDestination", "events:ListApiDestinations", "events:ListArchives", "events:ListConnections", "events:ListEndpoints", "events:ListEventBuses", "events:ListEventSources", "events:ListPartnerEventSourceAccounts", "events:ListPartnerEventSources", "events:ListReplays", "events:ListRuleNamesByTarget", "events:ListRules", "events:ListTagsForResource", "events:ListTargetsByRule", "events:PutEvents", "events:PutPartnerEvents", "events:PutPermission", "events:PutRule", "events:PutTargets", "events:RemovePermission", "events:RemoveTargets", "events:RetrieveConnectionCredentials", "events:StartReplay", "events:TagResource", "events:TestEventPattern", "events:UntagResource", "events:UpdateApiDestination", "events:UpdateArchive", "events:UpdateConnection", "events:UpdateEndpoint", "schemas:CreateDiscoverer", "schemas:CreateRegistry", "schemas:CreateSchema", "schemas:DeleteDiscoverer", "schemas:DeleteRegistry", "schemas:DeleteResourcePolicy", "schemas:DeleteSchema", "schemas:DeleteSchemaVersion", "schemas:DescribeCodeBinding", "schemas:DescribeDiscoverer", "schemas:DescribeRegistry", "schemas:DescribeSchema", "schemas:ExportSchema", "schemas:GetCodeBindingSource", "schemas:GetDiscoveredSchema", "schemas:GetResourcePolicy", "schemas:ListDiscoverers", "schemas:ListRegistries", "schemas:ListSchemaVersions", "schemas:ListSchemas", "schemas:ListTagsForResource", "schemas:PutCodeBinding", "schemas:PutResourcePolicy", "schemas:SearchSchemas", "schemas:StartDiscoverer", "schemas:StopDiscoverer", "schemas:TagResource", "schemas:UntagResource", "schemas:UpdateDiscoverer", "schemas:UpdateRegistry", "schemas:UpdateSchema", "scheduler:CreateSchedule", "scheduler:CreateScheduleGroup", "scheduler:DeleteSchedule", "scheduler:DeleteScheduleGroup", "scheduler:GetSchedule", "scheduler:GetScheduleGroup", "scheduler:ListScheduleGroups", "scheduler:ListSchedules", "scheduler:ListTagsForResource", "scheduler:TagResource", "scheduler:UntagResource", "scheduler:UpdateSchedule", "pipes:CreatePipe", "pipes:DeletePipe", "pipes:DescribePipe", "pipes:ListPipes", "pipes:ListTagsForResource", "pipes:StartPipe", "pipes:StopPipe", "pipes:TagResource", "pipes:UntagResource", "pipes:UpdatePipe", "iam:CreateServiceLinkedRole", "iam:CreateServiceLinkedRole", "secretsmanager:CreateSecret", "secretsmanager:UpdateSecret", "secretsmanager:DeleteSecret", "secretsmanager:GetSecretValue", "secretsmanager:PutSecretValue", "iam:PassRole", "iam:PassRole", "iam:PassRole" ], "malformed": false, "name": "CloudWatchEventsFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-12-01T17:05:05+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSIoTDataAccess", "createdate": "2021-06-23T21:34:47Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iot:Connect", "iot:Publish", "iot:Subscribe", "iot:Receive", "iot:GetThingShadow", "iot:UpdateThingShadow", "iot:DeleteThingShadow", "iot:ListNamedShadowsForThing" ], "malformed": false, "name": "AWSIoTDataAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-06-23T21:34:47+00:00", "version": "v3" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSApplicationMigrationMGHAccess", "createdate": "2021-04-07T07:10:01Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mgh:AssociateCreatedArtifact", "mgh:CreateProgressUpdateStream", "mgh:DisassociateCreatedArtifact", "mgh:GetHomeRegion", "mgh:ImportMigrationTask", "mgh:NotifyMigrationTaskState", "mgh:PutResourceAttributes" ], "malformed": false, "name": "AWSApplicationMigrationMGHAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-04-07T07:10:01+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup", "createdate": "2023-12-15T22:04:27Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "dynamodb:DescribeTable", "dynamodb:CreateBackup", "dynamodb:DescribeBackup", "dynamodb:DeleteBackup", "rds:AddTagsToResource", "rds:ListTagsForResource", "rds:DescribeDBSnapshots", "rds:CreateDBSnapshot", "rds:CopyDBSnapshot", "rds:DescribeDBInstances", "rds:CreateDBClusterSnapshot", "rds:DescribeDBClusters", "rds:DescribeDBClusterSnapshots", "rds:CopyDBClusterSnapshot", "rds:DescribeDBClusterAutomatedBackups", "rds:ModifyDBInstance", "rds:ModifyDBCluster", "rds:DeleteDBClusterAutomatedBackup", "rds:DeleteDBSnapshot", "rds:ModifyDBSnapshotAttribute", "rds:DeleteDBClusterSnapshot", "rds:ModifyDBClusterSnapshotAttribute", "storagegateway:CreateSnapshot", "storagegateway:ListTagsForResource", "ec2:CopySnapshot", "ec2:CopyImage", "ec2:CreateTags", "ec2:DeleteSnapshot", "ec2:CreateImage", "ec2:DeregisterImage", "ec2:DescribeSnapshots", "ec2:DescribeTags", "ec2:DescribeImages", "ec2:DescribeInstances", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeNetworkInterfaces", "ec2:DescribeElasticGpus", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSnapshotTierStatus", "ec2:CreateTags", "ec2:ModifySnapshotAttribute", "ec2:ModifyImageAttribute", "ec2:ModifySnapshotTier", "backup:DescribeBackupVault", "backup:CopyIntoBackupVault", "backup:CopyFromBackupVault", "elasticfilesystem:Backup", "elasticfilesystem:DescribeTags", "ec2:CreateSnapshot", "ec2:DeleteSnapshot", "ec2:DescribeVolumes", "ec2:DescribeSnapshots", "kms:Decrypt", "kms:GenerateDataKey", "kms:DescribeKey", "kms:CreateGrant", "kms:GenerateDataKeyWithoutPlaintext", "tag:GetResources", "ssm:CancelCommand", "ssm:GetCommandInvocation", "ssm:SendCommand", "fsx:DescribeBackups", "fsx:CreateBackup", "fsx:DescribeFileSystems", "fsx:DescribeVolumes", "fsx:ListTagsForResource", "fsx:DeleteBackup", "fsx:ListTagsForResource", "fsx:ManageBackupPrincipalAssociations", "fsx:CopyBackup", "fsx:TagResource", "dynamodb:StartAwsBackupJob", "dynamodb:ListTagsOfResource", "backup-gateway:Backup", "backup-gateway:ListTagsForResource", "cloudformation:ListStacks", "cloudformation:GetTemplate", "cloudformation:DescribeStacks", "cloudformation:ListStackResources", "redshift:CreateClusterSnapshot", "redshift:DescribeClusterSnapshots", "redshift:DescribeTags", "redshift:DeleteClusterSnapshot", "redshift:DescribeClusters", "redshift:CreateTags", "timestream:StartAwsBackupJob", "timestream:GetAwsBackupStatus", "timestream:ListTables", "timestream:ListDatabases", "timestream:ListTagsForResource", "timestream:DescribeTable", "timestream:DescribeDatabase", "timestream:DescribeEndpoints", "ssm-sap:GetOperation", "ssm-sap:ListDatabases", "ssm-sap:BackupDatabase", "ssm-sap:UpdateHANABackupSettings", "ssm-sap:GetDatabase", "ssm-sap:ListTagsForResource" ], "malformed": false, "name": "AWSBackupServiceRolePolicyForBackup", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-15T22:04:27+00:00", "version": "v18" }, { "access_levels": [ "List", "Read", "Write" ], "arn": null, "createdate": "2020-07-23T19:03:40Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "acm:DescribeCertificate", "acm:ListCertificates", "acm:ListTagsForCertificate", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingPolicies", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribePolicies", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "backup:ListBackupPlans", "backup:ListBackupSelections", "backup:GetBackupSelection", "cloudfront:ListTagsForResource", "cloudformation:DescribeType", "cloudformation:ListTypes", "cloudtrail:DescribeTrails", "cloudtrail:GetEventSelectors", "cloudtrail:GetTrailStatus", "cloudtrail:ListTags", "cloudwatch:DescribeAlarms", "codepipeline:GetPipeline", "codepipeline:GetPipelineState", "codepipeline:ListPipelines", "config:BatchGetAggregateResourceConfig", "config:BatchGetResourceConfig", "config:DescribeAggregateComplianceByConfigRules", "config:DescribeAggregateComplianceByConformancePacks", "config:DescribeAggregationAuthorizations", "config:DescribeComplianceByConfigRule", "config:DescribeComplianceByResource", "config:DescribeConfigRuleEvaluationStatus", "config:DescribeConfigRules", "config:DescribeConfigurationAggregatorSourcesStatus", "config:DescribeConfigurationAggregators", "config:DescribeConfigurationRecorderStatus", "config:DescribeConfigurationRecorders", "config:DescribeConformancePackCompliance", "config:DescribeConformancePackStatus", "config:DescribeConformancePacks", "config:DescribeDeliveryChannelStatus", "config:DescribeDeliveryChannels", "config:DescribeOrganizationConfigRuleStatuses", "config:DescribeOrganizationConfigRules", "config:DescribeOrganizationConformancePackStatuses", "config:DescribeOrganizationConformancePacks", "config:DescribePendingAggregationRequests", "config:DescribeRemediationConfigurations", "config:DescribeRemediationExceptions", "config:DescribeRemediationExecutionStatus", "config:DescribeRetentionConfigurations", "config:GetAggregateComplianceDetailsByConfigRule", "config:GetAggregateConfigRuleComplianceSummary", "config:GetAggregateConformancePackComplianceSummary", "config:GetAggregateDiscoveredResourceCounts", "config:GetAggregateResourceConfig", "config:GetComplianceDetailsByConfigRule", "config:GetComplianceDetailsByResource", "config:GetComplianceSummaryByConfigRule", "config:GetComplianceSummaryByResourceType", "config:GetConformancePackComplianceDetails", "config:GetConformancePackComplianceSummary", "config:GetCustomRulePolicy", "config:GetDiscoveredResourceCounts", "config:GetOrganizationConfigRuleDetailedStatus", "config:GetOrganizationConformancePackDetailedStatus", "config:GetOrganizationCustomRulePolicy", "config:GetResourceConfigHistory", "config:GetResourceEvaluationSummary", "config:GetStoredQuery", "config:ListAggregateDiscoveredResources", "config:ListConformancePackComplianceScores", "config:ListDiscoveredResources", "config:ListResourceEvaluations", "config:ListStoredQueries", "config:ListTagsForResource", "config:PutAggregationAuthorization", "config:PutConfigRule", "config:PutConfigurationAggregator", "config:PutConfigurationRecorder", "config:PutConformancePack", "config:PutDeliveryChannel", "config:PutEvaluations", "config:PutExternalEvaluation", "config:PutOrganizationConfigRule", "config:PutOrganizationConformancePack", "config:PutRemediationConfigurations", "config:PutRemediationExceptions", "config:PutResourceConfig", "config:PutRetentionConfiguration", "config:PutStoredQuery", "config:SelectAggregateResourceConfig", "config:SelectResourceConfig", "dax:DescribeClusters", "dms:DescribeReplicationInstances", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeLimits", "dynamodb:DescribeTable", "dynamodb:ListTables", "dynamodb:ListTagsOfResource", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:GetEbsEncryptionByDefault", "eks:DescribeCluster", "eks:ListClusters", "elasticache:DescribeCacheClusters", "elasticache:DescribeReplicationGroups", "elasticfilesystem:DescribeFileSystems", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeTags", "elasticmapreduce:DescribeCluster", "elasticmapreduce:DescribeSecurityConfiguration", "elasticmapreduce:GetBlockPublicAccessConfiguration", "elasticmapreduce:ListClusters", "elasticmapreduce:ListInstances", "es:DescribeElasticsearchDomain", "es:DescribeElasticsearchDomains", "es:ListDomainNames", "es:ListTags", "guardduty:GetDetector", "guardduty:GetFindings", "guardduty:GetMasterAccount", "guardduty:ListDetectors", "guardduty:ListFindings", "iam:GenerateCredentialReport", "iam:GetAccountAuthorizationDetails", "iam:GetAccountPasswordPolicy", "iam:GetAccountSummary", "iam:GetCredentialReport", "iam:GetGroup", "iam:GetGroupPolicy", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:GetRole", "iam:GetRolePolicy", "iam:GetUser", "iam:GetUserPolicy", "iam:ListAttachedGroupPolicies", "iam:ListAttachedRolePolicies", "iam:ListAttachedUserPolicies", "iam:ListEntitiesForPolicy", "iam:ListGroupPolicies", "iam:ListGroupsForUser", "iam:ListInstanceProfilesForRole", "iam:ListPolicyVersions", "iam:ListRolePolicies", "iam:ListUserPolicies", "iam:ListVirtualMFADevices", "kms:DescribeKey", "kms:GetKeyPolicy", "kms:GetKeyRotationStatus", "kms:ListKeys", "kms:ListResourceTags", "lambda:GetAlias", "lambda:GetFunction", "lambda:GetPolicy", "lambda:ListAliases", "lambda:ListFunctions", "logs:DescribeLogGroups", "organizations:DescribeOrganization", "rds:DescribeDBClusters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBInstances", "rds:DescribeDBSecurityGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeEventSubscriptions", "rds:ListTagsForResource", "redshift:DescribeClusterParameterGroups", "redshift:DescribeClusterParameters", "redshift:DescribeClusterSecurityGroups", "redshift:DescribeClusterSnapshots", "redshift:DescribeClusterSubnetGroups", "redshift:DescribeClusters", "redshift:DescribeEventSubscriptions", "redshift:DescribeLoggingStatus", "s3:GetAccelerateConfiguration", "s3:GetAccountPublicAccessBlock", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketPolicy", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetEncryptionConfiguration", "s3:GetLifecycleConfiguration", "s3:GetReplicationConfiguration", "s3:ListAllMyBuckets", "s3:ListBucket", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeNotebookInstance", "sagemaker:ListEndpointConfigs", "sagemaker:ListNotebookInstances", "secretsmanager:ListSecrets", "secretsmanager:ListSecretVersionIds", "securityhub:DescribeHub", "shield:DescribeDRTAccess", "shield:DescribeProtection", "shield:DescribeSubscription", "sns:GetTopicAttributes", "sns:ListSubscriptions", "sns:ListTagsForResource", "sns:ListTopics", "sqs:GetQueueAttributes", "sqs:ListQueues", "sqs:ListQueueTags", "ssm:DescribeAutomationExecutions", "ssm:DescribeDocument", "ssm:GetAutomationExecution", "ssm:GetDocument", "storagegateway:ListGateways", "storagegateway:ListVolumes", "support:DescribeCases", "waf:GetLoggingConfiguration", "waf:GetWebACL", "wafv2:GetLoggingConfiguration", "waf-regional:GetLoggingConfiguration", "waf-regional:GetWebACL", "waf-regional:GetWebACLForResource" ], "malformed": false, "name": "AWS_Config_Role", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/LightsailExportAccess", "createdate": "2022-01-15T01:45:33Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:DeleteServiceLinkedRole", "iam:GetServiceLinkedRoleDeletionStatus", "ec2:CopySnapshot", "ec2:DescribeSnapshots", "ec2:CopyImage", "ec2:DescribeImages", "s3:GetAccountPublicAccessBlock" ], "malformed": false, "name": "LightsailExportAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-01-15T01:45:33+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSGlueServiceNotebookRole", "createdate": "2023-10-09T15:59:41Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "glue:CreateDatabase", "glue:CreatePartition", "glue:CreateTable", "glue:DeleteDatabase", "glue:DeletePartition", "glue:DeleteTable", "glue:GetDatabase", "glue:GetDatabases", "glue:GetPartition", "glue:GetPartitions", "glue:GetTable", "glue:GetTableVersions", "glue:GetTables", "glue:UpdateDatabase", "glue:UpdatePartition", "glue:UpdateTable", "glue:CreateConnection", "glue:CreateJob", "glue:DeleteConnection", "glue:DeleteJob", "glue:GetConnection", "glue:GetConnections", "glue:GetDevEndpoint", "glue:GetDevEndpoints", "glue:GetJob", "glue:GetJobs", "glue:UpdateJob", "glue:BatchDeleteConnection", "glue:UpdateConnection", "glue:GetUserDefinedFunction", "glue:UpdateUserDefinedFunction", "glue:GetUserDefinedFunctions", "glue:DeleteUserDefinedFunction", "glue:CreateUserDefinedFunction", "glue:BatchGetPartition", "glue:BatchDeletePartition", "glue:BatchCreatePartition", "glue:BatchDeleteTable", "glue:UpdateDevEndpoint", "s3:GetBucketLocation", "s3:ListBucket", "s3:ListAllMyBuckets", "s3:GetBucketAcl", "codewhisperer:GenerateRecommendations", "s3:GetObject", "s3:PutObject", "s3:DeleteObject", "ec2:CreateTags", "ec2:DeleteTags" ], "malformed": false, "name": "AWSGlueServiceNotebookRole", "privesc": true, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-10-09T15:59:41+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSPanoramaFullAccess", "createdate": "2022-01-12T21:21:04Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "panorama:CreateApplicationInstance", "panorama:CreateJobForDevices", "panorama:CreateNodeFromTemplateJob", "panorama:CreatePackage", "panorama:CreatePackageImportJob", "panorama:DeleteDevice", "panorama:DeletePackage", "panorama:DeregisterPackageVersion", "panorama:DescribeApplicationInstance", "panorama:DescribeApplicationInstanceDetails", "panorama:DescribeDevice", "panorama:DescribeDeviceJob", "panorama:DescribeNode", "panorama:DescribeNodeFromTemplateJob", "panorama:DescribePackage", "panorama:DescribePackageImportJob", "panorama:DescribePackageVersion", "panorama:DescribeSoftware", "panorama:GetWebSocketURL", "panorama:ListApplicationInstanceDependencies", "panorama:ListApplicationInstanceNodeInstances", "panorama:ListApplicationInstances", "panorama:ListDevices", "panorama:ListDevicesJobs", "panorama:ListNodeFromTemplateJobs", "panorama:ListNodes", "panorama:ListPackageImportJobs", "panorama:ListPackages", "panorama:ListTagsForResource", "panorama:ProvisionDevice", "panorama:RegisterPackageVersion", "panorama:RemoveApplicationInstance", "panorama:SignalApplicationInstanceNodeInstances", "panorama:TagResource", "panorama:UntagResource", "panorama:UpdateDeviceMetadata", "s3:PutObject", "s3:PutObjectAcl", "s3:DeleteObject", "s3:GetObject", "s3:ListBucket", "secretsmanager:GetSecretValue", "secretsmanager:DescribeSecret", "secretsmanager:ListSecretVersionIds", "secretsmanager:PutSecretValue", "secretsmanager:UpdateSecret", "iam:PassRole", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:GetDataProtectionPolicy", "logs:GetDelivery", "logs:GetDeliveryDestination", "logs:GetDeliveryDestinationPolicy", "logs:GetDeliverySource", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetLogRecord", "logs:GetQueryResults", "logs:ListAnomalies", "logs:ListLogAnomalyDetectors", "logs:ListLogDeliveries", "logs:ListTagsForResource", "logs:ListTagsLogGroup", "logs:StartQuery", "logs:StopQuery", "logs:TestMetricFilter", "logs:FilterLogEvents", "logs:DescribeLogGroups", "cloudwatch:ListMetrics", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "iam:ListRoles", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSPanoramaFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-01-12T21:21:04+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/CloudWatchFullAccessV2", "createdate": "2023-12-05T19:36:00Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "application-autoscaling:DescribeScalingPolicies", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribePolicies", "cloudwatch:BatchGetServiceLevelIndicatorReport", "cloudwatch:BatchGetServiceLevelObjectiveBudgetReport", "cloudwatch:CreateServiceLevelObjective", "cloudwatch:DeleteAlarms", "cloudwatch:DeleteAnomalyDetector", "cloudwatch:DeleteDashboards", "cloudwatch:DeleteInsightRules", "cloudwatch:DeleteMetricStream", "cloudwatch:DeleteServiceLevelObjective", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:DisableAlarmActions", "cloudwatch:DisableInsightRules", "cloudwatch:EnableAlarmActions", "cloudwatch:EnableInsightRules", "cloudwatch:EnableTopologyDiscovery", "cloudwatch:GenerateQuery", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:Link", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "cloudwatch:PutAnomalyDetector", "cloudwatch:PutCompositeAlarm", "cloudwatch:PutDashboard", "cloudwatch:PutInsightRule", "cloudwatch:PutManagedInsightRules", "cloudwatch:PutMetricAlarm", "cloudwatch:PutMetricData", "cloudwatch:PutMetricStream", "cloudwatch:SetAlarmState", "cloudwatch:StartMetricStreams", "cloudwatch:StopMetricStreams", "cloudwatch:TagResource", "cloudwatch:UntagResource", "cloudwatch:UpdateServiceLevelObjective", "logs:AssociateKmsKey", "logs:CancelExportTask", "logs:CreateDelivery", "logs:CreateExportTask", "logs:CreateLogAnomalyDetector", "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteAccountPolicy", "logs:DeleteDataProtectionPolicy", "logs:DeleteDelivery", "logs:DeleteDeliveryDestination", "logs:DeleteDeliveryDestinationPolicy", "logs:DeleteDeliverySource", "logs:DeleteDestination", "logs:DeleteLogAnomalyDetector", "logs:DeleteLogDelivery", "logs:DeleteLogGroup", "logs:DeleteLogStream", "logs:DeleteMetricFilter", "logs:DeleteQueryDefinition", "logs:DeleteResourcePolicy", "logs:DeleteRetentionPolicy", "logs:DeleteSubscriptionFilter", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:DisassociateKmsKey", "logs:FilterLogEvents", "logs:GetDataProtectionPolicy", "logs:GetDelivery", "logs:GetDeliveryDestination", "logs:GetDeliveryDestinationPolicy", "logs:GetDeliverySource", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetLogRecord", "logs:GetQueryResults", "logs:Link", "logs:ListAnomalies", "logs:ListLogAnomalyDetectors", "logs:ListLogDeliveries", "logs:ListTagsForResource", "logs:ListTagsLogGroup", "logs:PutAccountPolicy", "logs:PutDataProtectionPolicy", "logs:PutDeliveryDestination", "logs:PutDeliveryDestinationPolicy", "logs:PutDeliverySource", "logs:PutDestination", "logs:PutDestinationPolicy", "logs:PutLogEvents", "logs:PutMetricFilter", "logs:PutQueryDefinition", "logs:PutResourcePolicy", "logs:PutRetentionPolicy", "logs:PutSubscriptionFilter", "logs:StartLiveTail", "logs:StartQuery", "logs:StopLiveTail", "logs:StopQuery", "logs:TagLogGroup", "logs:TagResource", "logs:TestMetricFilter", "logs:Unmask", "logs:UntagLogGroup", "logs:UntagResource", "logs:UpdateAnomaly", "logs:UpdateLogAnomalyDetector", "logs:UpdateLogDelivery", "sns:CreateTopic", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTopics", "sns:Subscribe", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:GetRole", "oam:ListSinks", "rum:BatchCreateRumMetricDefinitions", "rum:BatchDeleteRumMetricDefinitions", "rum:BatchGetRumMetricDefinitions", "rum:CreateAppMonitor", "rum:DeleteAppMonitor", "rum:DeleteRumMetricsDestination", "rum:GetAppMonitor", "rum:GetAppMonitorData", "rum:ListAppMonitors", "rum:ListRumMetricsDestinations", "rum:ListTagsForResource", "rum:PutRumEvents", "rum:PutRumMetricsDestination", "rum:TagResource", "rum:UntagResource", "rum:UpdateAppMonitor", "rum:UpdateRumMetricDefinition", "synthetics:AssociateResource", "synthetics:CreateCanary", "synthetics:CreateGroup", "synthetics:DeleteCanary", "synthetics:DeleteGroup", "synthetics:DescribeCanaries", "synthetics:DescribeCanariesLastRun", "synthetics:DescribeRuntimeVersions", "synthetics:DisassociateResource", "synthetics:GetCanary", "synthetics:GetCanaryRuns", "synthetics:GetGroup", "synthetics:ListAssociatedGroups", "synthetics:ListGroupResources", "synthetics:ListGroups", "synthetics:ListTagsForResource", "synthetics:StartCanary", "synthetics:StopCanary", "synthetics:TagResource", "synthetics:UntagResource", "synthetics:UpdateCanary", "xray:BatchGetTraceSummaryById", "xray:BatchGetTraces", "xray:CreateGroup", "xray:CreateSamplingRule", "xray:DeleteGroup", "xray:DeleteResourcePolicy", "xray:DeleteSamplingRule", "xray:GetDistinctTraceGraphs", "xray:GetEncryptionConfig", "xray:GetGroup", "xray:GetGroups", "xray:GetInsight", "xray:GetInsightEvents", "xray:GetInsightImpactGraph", "xray:GetInsightSummaries", "xray:GetSamplingRules", "xray:GetSamplingStatisticSummaries", "xray:GetSamplingTargets", "xray:GetServiceGraph", "xray:GetTimeSeriesServiceStatistics", "xray:GetTraceGraph", "xray:GetTraceSummaries", "xray:Link", "xray:ListResourcePolicies", "xray:ListTagsForResource", "xray:PutEncryptionConfig", "xray:PutResourcePolicy", "xray:PutTelemetryRecords", "xray:PutTraceSegments", "xray:TagResource", "xray:UntagResource", "xray:UpdateGroup", "xray:UpdateSamplingRule", "iam:CreateServiceLinkedRole", "iam:CreateServiceLinkedRole", "oam:ListAttachedLinks" ], "malformed": false, "name": "CloudWatchFullAccessV2", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-05T19:36:00+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonSageMakerCanvasFullAccess", "createdate": "2024-01-24T22:01:20Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "sagemaker:DescribeDomain", "sagemaker:DescribeUserProfile", "sagemaker:ListTags", "sagemaker:ListModelPackages", "sagemaker:ListModelPackageGroups", "sagemaker:ListEndpoints", "sagemaker:CreateModelPackageGroup", "sagemaker:CreateModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:DescribeModelPackage", "sagemaker:CreateCompilationJob", "sagemaker:CreateEndpoint", "sagemaker:CreateEndpointConfig", "sagemaker:CreateModel", "sagemaker:CreateProcessingJob", "sagemaker:CreateAutoMLJob", "sagemaker:CreateAutoMLJobV2", "sagemaker:DeleteEndpoint", "sagemaker:DescribeCompilationJob", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeModel", "sagemaker:DescribeProcessingJob", "sagemaker:DescribeAutoMLJob", "sagemaker:DescribeAutoMLJobV2", "sagemaker:ListCandidatesForAutoMLJob", "sagemaker:AddTags", "sagemaker:DeleteApp", "sagemaker:DeleteEndpointConfig", "sagemaker:DeleteModel", "sagemaker:InvokeEndpoint", "sagemaker:UpdateEndpointWeightsAndCapacities", "sagemaker:InvokeEndpointAsync", "ec2:CreateVpcEndpoint", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcEndpointServices", "ecr:BatchGetImage", "ecr:GetDownloadUrlForLayer", "ecr:GetAuthorizationToken", "iam:GetRole", "iam:PassRole", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "s3:GetObject", "s3:PutObject", "s3:DeleteObject", "s3:CreateBucket", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetObject", "s3:ListBucket", "s3:ListAllMyBuckets", "glue:SearchTables", "secretsmanager:DescribeSecret", "secretsmanager:GetSecretValue", "secretsmanager:CreateSecret", "secretsmanager:PutResourcePolicy", "secretsmanager:DescribeSecret", "secretsmanager:GetSecretValue", "redshift-data:ExecuteStatement", "redshift-data:DescribeStatement", "redshift-data:CancelStatement", "redshift-data:GetStatementResult", "redshift-data:ListSchemas", "redshift-data:ListTables", "redshift-data:DescribeTable", "redshift:GetClusterCredentials", "forecast:CreateExplainabilityExport", "forecast:CreateExplainability", "forecast:CreateForecastEndpoint", "forecast:CreateAutoPredictor", "forecast:CreateDatasetImportJob", "forecast:CreateDatasetGroup", "forecast:CreateDataset", "forecast:CreateForecast", "forecast:CreateForecastExportJob", "forecast:CreatePredictorBacktestExportJob", "forecast:CreatePredictor", "forecast:DescribeExplainabilityExport", "forecast:DescribeExplainability", "forecast:DescribeAutoPredictor", "forecast:DescribeForecastEndpoint", "forecast:DescribeDatasetImportJob", "forecast:DescribeDataset", "forecast:DescribeForecast", "forecast:DescribeForecastExportJob", "forecast:DescribePredictorBacktestExportJob", "forecast:GetAccuracyMetrics", "forecast:InvokeForecastEndpoint", "forecast:GetRecentForecastContext", "forecast:DescribePredictor", "forecast:TagResource", "forecast:DeleteResourceTree", "rds:DescribeDBInstances", "iam:PassRole", "application-autoscaling:PutScalingPolicy", "application-autoscaling:RegisterScalableTarget", "cloudwatch:DescribeAlarms", "sagemaker:DescribeEndpointConfig", "cloudwatch:PutMetricAlarm", "cloudwatch:DeleteAlarms", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonSageMakerCanvasFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-24T22:01:20+00:00", "version": "v9" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonSESReadOnlyAccess", "createdate": "2015-02-06T18:41:03Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ses:GetAccount", "ses:GetBlacklistReports", "ses:GetConfigurationSet", "ses:GetConfigurationSetEventDestinations", "ses:GetDedicatedIp", "ses:GetDedicatedIps", "ses:GetDeliverabilityDashboardOptions", "ses:GetDeliverabilityTestReport", "ses:GetDomainDeliverabilityCampaign", "ses:GetDomainStatisticsReport", "ses:GetEmailIdentity", "ses:GetAccountSendingEnabled", "ses:GetCustomVerificationEmailTemplate", "ses:GetIdentityDkimAttributes", "ses:GetIdentityMailFromDomainAttributes", "ses:GetIdentityNotificationAttributes", "ses:GetIdentityPolicies", "ses:GetIdentityVerificationAttributes", "ses:GetSendQuota", "ses:GetSendStatistics", "ses:GetTemplate", "ses:GetContact", "ses:GetContactList", "ses:GetDedicatedIpPool", "ses:GetEmailIdentityPolicies", "ses:GetEmailTemplate", "ses:GetExportJob", "ses:GetImportJob", "ses:GetMessageInsights", "ses:GetSuppressedDestination", "ses:ListConfigurationSets", "ses:ListDedicatedIpPools", "ses:ListDeliverabilityTestReports", "ses:ListDomainDeliverabilityCampaigns", "ses:ListEmailIdentities", "ses:ListTagsForResource", "ses:ListCustomVerificationEmailTemplates", "ses:ListIdentities", "ses:ListIdentityPolicies", "ses:ListReceiptFilters", "ses:ListReceiptRuleSets", "ses:ListTemplates", "ses:ListVerifiedEmailAddresses", "ses:ListContactLists", "ses:ListContacts", "ses:ListEmailTemplates", "ses:ListExportJobs", "ses:ListImportJobs", "ses:ListRecommendations", "ses:ListSuppressedDestinations" ], "malformed": false, "name": "AmazonSESReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:41:03+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSDirectoryServiceReadOnlyAccess", "createdate": "2018-09-25T21:54:01Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ds:CheckAlias", "ds:DescribeCertificate", "ds:DescribeClientAuthenticationSettings", "ds:DescribeConditionalForwarders", "ds:DescribeDirectories", "ds:DescribeDomainControllers", "ds:DescribeEventTopics", "ds:DescribeLDAPSSettings", "ds:DescribeRegions", "ds:DescribeSettings", "ds:DescribeSharedDirectories", "ds:DescribeSnapshots", "ds:DescribeTrusts", "ds:DescribeUpdateDirectory", "ds:GetAuthorizedApplicationDetails", "ds:GetDirectoryLimits", "ds:GetSnapshotLimits", "ds:ListAuthorizedApplications", "ds:ListCertificates", "ds:ListIpRoutes", "ds:ListLogSubscriptions", "ds:ListSchemaExtensions", "ds:ListTagsForResource", "ds:VerifyTrust", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "sns:ListTopics", "sns:GetTopicAttributes", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListAWSServiceAccessForOrganization" ], "malformed": false, "name": "AWSDirectoryServiceReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-09-25T21:54:01+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AlexaForBusinessFullAccess", "createdate": "2020-07-01T21:01:55Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "a4b:ApproveSkill", "a4b:AssociateContactWithAddressBook", "a4b:AssociateDeviceWithNetworkProfile", "a4b:AssociateDeviceWithRoom", "a4b:AssociateSkillGroupWithRoom", "a4b:AssociateSkillWithSkillGroup", "a4b:AssociateSkillWithUsers", "a4b:CompleteRegistration", "a4b:CreateAddressBook", "a4b:CreateBusinessReportSchedule", "a4b:CreateConferenceProvider", "a4b:CreateContact", "a4b:CreateGatewayGroup", "a4b:CreateNetworkProfile", "a4b:CreateProfile", "a4b:CreateRoom", "a4b:CreateSkillGroup", "a4b:CreateUser", "a4b:DeleteAddressBook", "a4b:DeleteBusinessReportSchedule", "a4b:DeleteConferenceProvider", "a4b:DeleteContact", "a4b:DeleteDevice", "a4b:DeleteDeviceUsageData", "a4b:DeleteGatewayGroup", "a4b:DeleteNetworkProfile", "a4b:DeleteProfile", "a4b:DeleteRoom", "a4b:DeleteRoomSkillParameter", "a4b:DeleteSkillAuthorization", "a4b:DeleteSkillGroup", "a4b:DeleteUser", "a4b:DisassociateContactFromAddressBook", "a4b:DisassociateDeviceFromRoom", "a4b:DisassociateSkillFromSkillGroup", "a4b:DisassociateSkillFromUsers", "a4b:DisassociateSkillGroupFromRoom", "a4b:ForgetSmartHomeAppliances", "a4b:GetAddressBook", "a4b:GetConferencePreference", "a4b:GetConferenceProvider", "a4b:GetContact", "a4b:GetDevice", "a4b:GetGateway", "a4b:GetGatewayGroup", "a4b:GetInvitationConfiguration", "a4b:GetNetworkProfile", "a4b:GetProfile", "a4b:GetRoom", "a4b:GetRoomSkillParameter", "a4b:GetSkillGroup", "a4b:ListBusinessReportSchedules", "a4b:ListConferenceProviders", "a4b:ListDeviceEvents", "a4b:ListGatewayGroups", "a4b:ListGateways", "a4b:ListSkills", "a4b:ListSkillsStoreCategories", "a4b:ListSkillsStoreSkillsByCategory", "a4b:ListSmartHomeAppliances", "a4b:ListTags", "a4b:PutConferencePreference", "a4b:PutDeviceSetupEvents", "a4b:PutInvitationConfiguration", "a4b:PutRoomSkillParameter", "a4b:PutSkillAuthorization", "a4b:RegisterAVSDevice", "a4b:RegisterDevice", "a4b:RejectSkill", "a4b:ResolveRoom", "a4b:RevokeInvitation", "a4b:SearchAddressBooks", "a4b:SearchContacts", "a4b:SearchDevices", "a4b:SearchNetworkProfiles", "a4b:SearchProfiles", "a4b:SearchRooms", "a4b:SearchSkillGroups", "a4b:SearchUsers", "a4b:SendAnnouncement", "a4b:SendInvitation", "a4b:StartDeviceSync", "a4b:StartSmartHomeApplianceDiscovery", "a4b:TagResource", "a4b:UntagResource", "a4b:UpdateAddressBook", "a4b:UpdateBusinessReportSchedule", "a4b:UpdateConferenceProvider", "a4b:UpdateContact", "a4b:UpdateDevice", "a4b:UpdateGateway", "a4b:UpdateGatewayGroup", "a4b:UpdateNetworkProfile", "a4b:UpdateProfile", "a4b:UpdateRoom", "a4b:UpdateSkillGroup", "kms:DescribeKey", "iam:CreateServiceLinkedRole", "iam:DeleteServiceLinkedRole", "iam:GetServiceLinkedRoleDeletionStatus", "secretsmanager:GetSecretValue", "secretsmanager:DeleteSecret", "secretsmanager:UpdateSecret", "secretsmanager:CreateSecret" ], "malformed": false, "name": "AlexaForBusinessFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-07-01T21:01:55+00:00", "version": "v5" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/LexChannelPolicy", "createdate": "2017-02-17T23:23:24Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "lex:PostText" ], "malformed": false, "name": "LexChannelPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-02-17T23:23:24+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": null, "createdate": "2020-08-01T03:40:03Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "cloudformation:CreateChangeSet", "cloudformation:CreateStack", "cloudformation:DeleteStack", "cloudformation:ExecuteChangeSet", "cloudformation:DeleteChangeSet", "cloudformation:DescribeChangeSet", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackResources", "cloudformation:GetTemplate", "cloudformation:DescribeStacks", "cloudformation:ValidateTemplate", "cloudformation:DescribeStackResource", "s3:ListAllMyBuckets", "s3:CreateBucket", "s3:DeleteBucket", "s3:DeleteObject", "s3:GetBucketAcl", "s3:GetBucketLocation", "s3:GetObject", "s3:ListBucket", "s3:PutObject", "s3:PutObjectAcl", "s3:PutLifecycleConfiguration", "s3:ListAllMyBuckets", "sms:CreateReplicationJob", "sms:DeleteReplicationJob", "sms:GetReplicationJobs", "sms:GetReplicationRuns", "sms:GetServers", "sms:ImportServerCatalog", "sms:StartOnDemandReplicationRun", "sms:UpdateReplicationJob", "ssm:SendCommand", "ssm:CancelCommand", "ssm:GetCommandInvocation", "ec2:ModifySnapshotAttribute", "ec2:CopySnapshot", "ec2:CopyImage", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:DeleteSnapshot", "ec2:DeregisterImage", "ec2:CreateTags", "ec2:DeleteTags", "ec2:ImportImage", "ec2:DescribeImportImageTasks", "ec2:GetEbsEncryptionByDefault", "iam:GetRole", "iam:PassRole", "iam:GetInstanceProfile" ], "malformed": false, "name": "ServerMigrationServiceRole", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v7" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AWS_ConfigRole", "createdate": "2024-02-22T21:19:24Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "access-analyzer:GetAnalyzer", "access-analyzer:GetArchiveRule", "access-analyzer:ListAnalyzers", "access-analyzer:ListArchiveRules", "access-analyzer:ListTagsForResource", "account:GetAlternateContact", "acm-pca:DescribeCertificateAuthority", "acm-pca:GetCertificateAuthorityCertificate", "acm-pca:GetCertificateAuthorityCsr", "acm-pca:ListCertificateAuthorities", "acm-pca:ListTags", "acm:DescribeCertificate", "acm:ListCertificates", "acm:ListTagsForCertificate", "airflow:GetEnvironment", "airflow:ListEnvironments", "airflow:ListTagsForResource", "amplify:GetApp", "amplify:GetBranch", "amplify:ListApps", "amplify:ListBranches", "amplifyuibuilder:ExportThemes", "amplifyuibuilder:GetTheme", "amplifyuibuilder:ListThemes", "apigateway:GET", "app-integrations:GetEventIntegration", "app-integrations:ListEventIntegrationAssociations", "app-integrations:ListEventIntegrations", "appconfig:GetApplication", "appconfig:GetConfigurationProfile", "appconfig:GetDeployment", "appconfig:GetDeploymentStrategy", "appconfig:GetEnvironment", "appconfig:GetExtensionAssociation", "appconfig:GetHostedConfigurationVersion", "appconfig:ListApplications", "appconfig:ListConfigurationProfiles", "appconfig:ListDeployments", "appconfig:ListDeploymentStrategies", "appconfig:ListEnvironments", "appconfig:ListExtensionAssociations", "appconfig:ListHostedConfigurationVersions", "appconfig:ListTagsForResource", "appflow:DescribeConnectorProfiles", "appflow:DescribeFlow", "appflow:ListFlows", "appflow:ListTagsForResource", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingPolicies", "appmesh:DescribeGatewayRoute", "appmesh:DescribeMesh", "appmesh:DescribeRoute", "appmesh:DescribeVirtualGateway", "appmesh:DescribeVirtualNode", "appmesh:DescribeVirtualRouter", "appmesh:DescribeVirtualService", "appmesh:ListGatewayRoutes", "appmesh:ListMeshes", "appmesh:ListRoutes", "appmesh:ListTagsForResource", "appmesh:ListVirtualGateways", "appmesh:ListVirtualNodes", "appmesh:ListVirtualRouters", "appmesh:ListVirtualServices", "apprunner:DescribeService", "apprunner:DescribeVpcConnector", "apprunner:ListServices", "apprunner:ListTagsForResource", "apprunner:ListVpcConnectors", "appstream:DescribeApplications", "appstream:DescribeDirectoryConfigs", "appstream:DescribeFleets", "appstream:DescribeStacks", "appstream:ListTagsForResource", "appsync:GetApiCache", "appsync:GetGraphqlApi", "appsync:ListGraphqlApis", "aps:DescribeAlertManagerDefinition", "aps:DescribeLoggingConfiguration", "aps:DescribeRuleGroupsNamespace", "aps:DescribeWorkspace", "aps:ListRuleGroupsNamespaces", "aps:ListTagsForResource", "aps:ListWorkspaces", "athena:GetDataCatalog", "athena:GetPreparedStatement", "athena:GetWorkGroup", "athena:ListDataCatalogs", "athena:ListPreparedStatements", "athena:ListTagsForResource", "athena:ListWorkGroups", "auditmanager:GetAccountStatus", "auditmanager:GetAssessment", "auditmanager:ListAssessments", "autoscaling-plans:DescribeScalingPlanResources", "autoscaling-plans:DescribeScalingPlans", "autoscaling-plans:GetScalingPlanResourceForecastData", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribePolicies", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeWarmPool", "backup-gateway:ListTagsForResource", "backup-gateway:ListVirtualMachines", "backup:DescribeBackupVault", "backup:DescribeFramework", "backup:DescribeProtectedResource", "backup:DescribeRecoveryPoint", "backup:DescribeReportPlan", "backup:GetBackupPlan", "backup:GetBackupSelection", "backup:GetBackupVaultAccessPolicy", "backup:GetBackupVaultNotifications", "backup:ListBackupPlans", "backup:ListBackupSelections", "backup:ListBackupVaults", "backup:ListFrameworks", "backup:ListRecoveryPointsByBackupVault", "backup:ListReportPlans", "backup:ListTags", "batch:DescribeComputeEnvironments", "batch:DescribeJobQueues", "batch:DescribeSchedulingPolicies", "batch:ListSchedulingPolicies", "batch:ListTagsForResource", "billingconductor:ListAccountAssociations", "billingconductor:ListBillingGroups", "billingconductor:ListCustomLineItems", "billingconductor:ListPricingPlans", "billingconductor:ListPricingRules", "billingconductor:ListPricingRulesAssociatedToPricingPlan", "billingconductor:ListTagsForResource", "budgets:DescribeBudgetAction", "budgets:DescribeBudgetActionsForAccount", "budgets:DescribeBudgetActionsForBudget", "budgets:ViewBudget", "cassandra:Select", "ce:GetAnomalyMonitors", "ce:GetAnomalySubscriptions", "cloud9:DescribeEnvironmentMemberships", "cloud9:DescribeEnvironments", "cloud9:ListEnvironments", "cloud9:ListTagsForResource", "cloudformation:DescribeType", "cloudformation:GetResource", "cloudformation:ListResources", "cloudformation:ListStackResources", "cloudformation:ListStacks", "cloudformation:ListTypes", "cloudfront:GetFunction", "cloudfront:GetOriginAccessControl", "cloudfront:GetResponseHeadersPolicy", "cloudfront:ListDistributions", "cloudfront:ListFunctions", "cloudfront:ListOriginAccessControls", "cloudfront:ListResponseHeadersPolicies", "cloudfront:ListTagsForResource", "cloudtrail:DescribeTrails", "cloudtrail:GetEventDataStore", "cloudtrail:GetEventSelectors", "cloudtrail:GetTrailStatus", "cloudtrail:ListEventDataStores", "cloudtrail:ListTags", "cloudtrail:ListTrails", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:GetDashboard", "cloudwatch:GetMetricStream", "cloudwatch:ListDashboards", "cloudwatch:ListMetricStreams", "cloudwatch:ListTagsForResource", "codeartifact:DescribeRepository", "codeartifact:GetRepositoryPermissionsPolicy", "codeartifact:ListDomains", "codeartifact:ListPackages", "codeartifact:ListPackageVersions", "codeartifact:ListRepositories", "codeartifact:ListTagsForResource", "codebuild:BatchGetReportGroups", "codebuild:ListReportGroups", "codecommit:GetRepository", "codecommit:GetRepositoryTriggers", "codecommit:ListRepositories", "codecommit:ListTagsForResource", "codedeploy:GetDeploymentConfig", "codeguru-profiler:DescribeProfilingGroup", "codeguru-profiler:GetNotificationConfiguration", "codeguru-profiler:GetPolicy", "codeguru-profiler:ListProfilingGroups", "codeguru-reviewer:DescribeRepositoryAssociation", "codeguru-reviewer:ListRepositoryAssociations", "codepipeline:GetPipeline", "codepipeline:GetPipelineState", "codepipeline:ListPipelines", "cognito-identity:DescribeIdentityPool", "cognito-identity:GetIdentityPoolRoles", "cognito-identity:GetPrincipalTagAttributeMap", "cognito-identity:ListIdentityPools", "cognito-identity:ListTagsForResource", "cognito-idp:DescribeIdentityProvider", "cognito-idp:DescribeResourceServer", "cognito-idp:DescribeUserPool", "cognito-idp:DescribeUserPoolClient", "cognito-idp:DescribeUserPoolDomain", "cognito-idp:GetGroup", "cognito-idp:GetUserPoolMfaConfig", "cognito-idp:ListGroups", "cognito-idp:ListIdentityProviders", "cognito-idp:ListResourceServers", "cognito-idp:ListTagsForResource", "cognito-idp:ListUserPoolClients", "cognito-idp:ListUserPools", "config:BatchGetAggregateResourceConfig", "config:BatchGetResourceConfig", "config:DescribeAggregateComplianceByConfigRules", "config:DescribeAggregateComplianceByConformancePacks", "config:DescribeAggregationAuthorizations", "config:DescribeComplianceByConfigRule", "config:DescribeComplianceByResource", "config:DescribeConfigRuleEvaluationStatus", "config:DescribeConfigRules", "config:DescribeConfigurationAggregatorSourcesStatus", "config:DescribeConfigurationAggregators", "config:DescribeConfigurationRecorderStatus", "config:DescribeConfigurationRecorders", "config:DescribeConformancePackCompliance", "config:DescribeConformancePackStatus", "config:DescribeConformancePacks", "config:DescribeDeliveryChannelStatus", "config:DescribeDeliveryChannels", "config:DescribeOrganizationConfigRuleStatuses", "config:DescribeOrganizationConfigRules", "config:DescribeOrganizationConformancePackStatuses", "config:DescribeOrganizationConformancePacks", "config:DescribePendingAggregationRequests", "config:DescribeRemediationConfigurations", "config:DescribeRemediationExceptions", "config:DescribeRemediationExecutionStatus", "config:DescribeRetentionConfigurations", "config:GetAggregateComplianceDetailsByConfigRule", "config:GetAggregateConfigRuleComplianceSummary", "config:GetAggregateConformancePackComplianceSummary", "config:GetAggregateDiscoveredResourceCounts", "config:GetAggregateResourceConfig", "config:GetComplianceDetailsByConfigRule", "config:GetComplianceDetailsByResource", "config:GetComplianceSummaryByConfigRule", "config:GetComplianceSummaryByResourceType", "config:GetConformancePackComplianceDetails", "config:GetConformancePackComplianceSummary", "config:GetCustomRulePolicy", "config:GetDiscoveredResourceCounts", "config:GetOrganizationConfigRuleDetailedStatus", "config:GetOrganizationConformancePackDetailedStatus", "config:GetOrganizationCustomRulePolicy", "config:GetResourceConfigHistory", "config:GetResourceEvaluationSummary", "config:GetStoredQuery", "config:ListAggregateDiscoveredResources", "config:ListConformancePackComplianceScores", "config:ListDiscoveredResources", "config:ListResourceEvaluations", "config:ListStoredQueries", "config:ListTagsForResource", "config:PutAggregationAuthorization", "config:PutConfigRule", "config:PutConfigurationAggregator", "config:PutConfigurationRecorder", "config:PutConformancePack", "config:PutDeliveryChannel", "config:PutEvaluations", "config:PutExternalEvaluation", "config:PutOrganizationConfigRule", "config:PutOrganizationConformancePack", "config:PutRemediationConfigurations", "config:PutRemediationExceptions", "config:PutResourceConfig", "config:PutRetentionConfiguration", "config:PutStoredQuery", "config:SelectAggregateResourceConfig", "config:SelectResourceConfig", "connect:DescribeEvaluationForm", "connect:DescribeInstance", "connect:DescribeInstanceStorageConfig", "connect:DescribePhoneNumber", "connect:DescribePrompt", "connect:DescribeQuickConnect", "connect:DescribeRule", "connect:DescribeUser", "connect:GetTaskTemplate", "connect:ListApprovedOrigins", "connect:ListEvaluationForms", "connect:ListInstanceAttributes", "connect:ListInstances", "connect:ListInstanceStorageConfigs", "connect:ListIntegrationAssociations", "connect:ListPhoneNumbers", "connect:ListPhoneNumbersV2", "connect:ListPrompts", "connect:ListQuickConnects", "connect:ListRules", "connect:ListSecurityKeys", "connect:ListTagsForResource", "connect:ListTaskTemplates", "connect:ListUsers", "connect:SearchAvailablePhoneNumbers", "databrew:DescribeDataset", "databrew:DescribeJob", "databrew:DescribeProject", "databrew:DescribeRecipe", "databrew:DescribeRuleset", "databrew:DescribeSchedule", "databrew:ListDatasets", "databrew:ListJobs", "databrew:ListProjects", "databrew:ListRecipes", "databrew:ListRecipeVersions", "databrew:ListRulesets", "databrew:ListSchedules", "datasync:DescribeAgent", "datasync:DescribeLocationEfs", "datasync:DescribeLocationFsxLustre", "datasync:DescribeLocationFsxWindows", "datasync:DescribeLocationHdfs", "datasync:DescribeLocationNfs", "datasync:DescribeLocationObjectStorage", "datasync:DescribeLocationS3", "datasync:DescribeLocationSmb", "datasync:DescribeTask", "datasync:ListAgents", "datasync:ListLocations", "datasync:ListTagsForResource", "datasync:ListTasks", "dax:DescribeClusters", "dax:DescribeParameterGroups", "dax:DescribeParameters", "dax:DescribeSubnetGroups", "dax:ListTags", "detective:ListGraphs", "detective:ListTagsForResource", "devicefarm:GetInstanceProfile", "devicefarm:GetNetworkProfile", "devicefarm:GetProject", "devicefarm:GetTestGridProject", "devicefarm:ListInstanceProfiles", "devicefarm:ListNetworkProfiles", "devicefarm:ListProjects", "devicefarm:ListTagsForResource", "devicefarm:ListTestGridProjects", "devops-guru:GetResourceCollection", "dms:DescribeCertificates", "dms:DescribeEndpoints", "dms:DescribeEventSubscriptions", "dms:DescribeReplicationInstances", "dms:DescribeReplicationSubnetGroups", "dms:DescribeReplicationTaskAssessmentRuns", "dms:DescribeReplicationTasks", "dms:ListTagsForResource", "ds:DescribeDirectories", "ds:DescribeDomainControllers", "ds:DescribeEventTopics", "ds:ListLogSubscriptions", "ds:ListTagsForResource", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeGlobalTable", "dynamodb:DescribeGlobalTableSettings", "dynamodb:DescribeLimits", "dynamodb:DescribeTable", "dynamodb:DescribeTableReplicaAutoScaling", "dynamodb:DescribeTimeToLive", "dynamodb:ListTables", "dynamodb:ListTagsOfResource", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeDhcpOptions", "ec2:DescribeFleets", "ec2:DescribeNetworkAcls", "ec2:DescribePlacementGroups", "ec2:DescribeRouteTables", "ec2:DescribeSpotFleetRequests", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumes", "ec2:GetEbsEncryptionByDefault", "ec2:GetInstanceTypesFromInstanceRequirements", "ec2:GetIpamPoolAllocations", "ec2:GetIpamPoolCidrs", "ec2:GetManagedPrefixListEntries", "ec2:GetNetworkInsightsAccessScopeAnalysisFindings", "ec2:GetNetworkInsightsAccessScopeContent", "ecr-public:DescribeRepositories", "ecr-public:GetRepositoryCatalogData", "ecr-public:GetRepositoryPolicy", "ecr-public:ListTagsForResource", "ecr:BatchGetRepositoryScanningConfiguration", "ecr:DescribePullThroughCacheRules", "ecr:DescribeRegistry", "ecr:DescribeRepositories", "ecr:GetLifecyclePolicy", "ecr:GetRegistryPolicy", "ecr:GetRepositoryPolicy", "ecr:ListTagsForResource", "ecs:DescribeCapacityProviders", "ecs:DescribeClusters", "ecs:DescribeServices", "ecs:DescribeTaskDefinition", "ecs:DescribeTaskSets", "ecs:ListClusters", "ecs:ListServices", "ecs:ListTagsForResource", "ecs:ListTaskDefinitionFamilies", "ecs:ListTaskDefinitions", "eks:DescribeAddon", "eks:DescribeCluster", "eks:DescribeFargateProfile", "eks:DescribeIdentityProviderConfig", "eks:DescribeNodegroup", "eks:ListAddons", "eks:ListClusters", "eks:ListFargateProfiles", "eks:ListIdentityProviderConfigs", "eks:ListNodegroups", "eks:ListTagsForResource", "elasticache:DescribeCacheClusters", "elasticache:DescribeCacheParameterGroups", "elasticache:DescribeCacheParameters", "elasticache:DescribeCacheSecurityGroups", "elasticache:DescribeCacheSubnetGroups", "elasticache:DescribeGlobalReplicationGroups", "elasticache:DescribeReplicationGroups", "elasticache:DescribeSnapshots", "elasticache:DescribeUserGroups", "elasticache:DescribeUsers", "elasticache:ListTagsForResource", "elasticbeanstalk:DescribeConfigurationSettings", "elasticbeanstalk:DescribeEnvironments", "elasticfilesystem:DescribeAccessPoints", "elasticfilesystem:DescribeBackupPolicy", "elasticfilesystem:DescribeFileSystemPolicy", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeLifecycleConfiguration", "elasticfilesystem:DescribeMountTargets", "elasticfilesystem:DescribeMountTargetSecurityGroups", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticmapreduce:DescribeCluster", "elasticmapreduce:DescribeSecurityConfiguration", "elasticmapreduce:DescribeStep", "elasticmapreduce:DescribeStudio", "elasticmapreduce:GetBlockPublicAccessConfiguration", "elasticmapreduce:GetManagedScalingPolicy", "elasticmapreduce:GetStudioSessionMapping", "elasticmapreduce:ListClusters", "elasticmapreduce:ListInstanceFleets", "elasticmapreduce:ListInstanceGroups", "elasticmapreduce:ListInstances", "elasticmapreduce:ListSecurityConfigurations", "elasticmapreduce:ListSteps", "elasticmapreduce:ListStudios", "elasticmapreduce:ListStudioSessionMappings", "emr-containers:DescribeVirtualCluster", "emr-containers:ListVirtualClusters", "emr-serverless:GetApplication", "emr-serverless:ListApplications", "es:DescribeDomain", "es:DescribeDomains", "es:DescribeElasticsearchDomain", "es:DescribeElasticsearchDomains", "es:GetCompatibleElasticsearchVersions", "es:GetCompatibleVersions", "es:ListDomainNames", "es:ListTags", "events:DescribeApiDestination", "events:DescribeArchive", "events:DescribeConnection", "events:DescribeEndpoint", "events:DescribeEventBus", "events:DescribeRule", "events:ListApiDestinations", "events:ListArchives", "events:ListConnections", "events:ListEndpoints", "events:ListEventBuses", "events:ListRules", "events:ListTagsForResource", "events:ListTargetsByRule", "evidently:GetLaunch", "evidently:GetProject", "evidently:GetSegment", "evidently:ListLaunches", "evidently:ListProjects", "evidently:ListSegments", "evidently:ListTagsForResource", "finspace:GetEnvironment", "finspace:ListEnvironments", "firehose:DescribeDeliveryStream", "firehose:ListDeliveryStreams", "firehose:ListTagsForDeliveryStream", "fis:GetExperimentTemplate", "fis:ListExperimentTemplates", "fms:GetNotificationChannel", "fms:GetPolicy", "fms:ListPolicies", "fms:ListTagsForResource", "forecast:DescribeDataset", "forecast:DescribeDatasetGroup", "forecast:ListDatasetGroups", "forecast:ListDatasets", "forecast:ListTagsForResource", "frauddetector:GetDetectors", "frauddetector:GetDetectorVersion", "frauddetector:GetEntityTypes", "frauddetector:GetEventTypes", "frauddetector:GetExternalModels", "frauddetector:GetLabels", "frauddetector:GetModels", "frauddetector:GetOutcomes", "frauddetector:GetRules", "frauddetector:GetVariables", "frauddetector:ListTagsForResource", "fsx:DescribeBackups", "fsx:DescribeDataRepositoryAssociations", "fsx:DescribeFileSystems", "fsx:DescribeSnapshots", "fsx:DescribeStorageVirtualMachines", "fsx:DescribeVolumes", "fsx:ListTagsForResource", "gamelift:DescribeAlias", "gamelift:DescribeBuild", "gamelift:DescribeFleetAttributes", "gamelift:DescribeFleetCapacity", "gamelift:DescribeFleetLocationAttributes", "gamelift:DescribeFleetLocationCapacity", "gamelift:DescribeFleetPortSettings", "gamelift:DescribeGameServerGroup", "gamelift:DescribeGameSessionQueues", "gamelift:DescribeMatchmakingConfigurations", "gamelift:DescribeMatchmakingRuleSets", "gamelift:DescribeRuntimeConfiguration", "gamelift:DescribeScript", "gamelift:DescribeVpcPeeringAuthorizations", "gamelift:DescribeVpcPeeringConnections", "gamelift:ListAliases", "gamelift:ListBuilds", "gamelift:ListFleets", "gamelift:ListGameServerGroups", "gamelift:ListScripts", "gamelift:ListTagsForResource", "geo:DescribeGeofenceCollection", "geo:DescribeMap", "geo:DescribePlaceIndex", "geo:DescribeRouteCalculator", "geo:DescribeTracker", "geo:ListGeofenceCollections", "geo:ListMaps", "geo:ListPlaceIndexes", "geo:ListRouteCalculators", "geo:ListTrackerConsumers", "geo:ListTrackers", "globalaccelerator:DescribeAccelerator", "globalaccelerator:DescribeEndpointGroup", "globalaccelerator:DescribeListener", "globalaccelerator:ListAccelerators", "globalaccelerator:ListEndpointGroups", "globalaccelerator:ListListeners", "globalaccelerator:ListTagsForResource", "glue:BatchGetDevEndpoints", "glue:BatchGetJobs", "glue:BatchGetWorkflows", "glue:GetClassifier", "glue:GetClassifiers", "glue:GetCrawler", "glue:GetCrawlers", "glue:GetDatabase", "glue:GetDatabases", "glue:GetDevEndpoint", "glue:GetDevEndpoints", "glue:GetJob", "glue:GetJobs", "glue:GetMLTransform", "glue:GetMLTransforms", "glue:GetPartition", "glue:GetPartitions", "glue:GetSecurityConfiguration", "glue:GetSecurityConfigurations", "glue:GetTable", "glue:GetTags", "glue:GetWorkflow", "glue:ListCrawlers", "glue:ListDevEndpoints", "glue:ListJobs", "glue:ListMLTransforms", "glue:ListWorkflows", "grafana:DescribeWorkspace", "grafana:DescribeWorkspaceAuthentication", "grafana:DescribeWorkspaceConfiguration", "grafana:ListWorkspaces", "greengrass:DescribeComponent", "greengrass:GetComponent", "greengrass:ListComponents", "greengrass:ListComponentVersions", "groundstation:GetConfig", "groundstation:GetDataflowEndpointGroup", "groundstation:GetMissionProfile", "groundstation:ListConfigs", "groundstation:ListDataflowEndpointGroups", "groundstation:ListMissionProfiles", "groundstation:ListTagsForResource", "guardduty:DescribePublishingDestination", "guardduty:GetAdministratorAccount", "guardduty:GetDetector", "guardduty:GetFilter", "guardduty:GetFindings", "guardduty:GetIPSet", "guardduty:GetMasterAccount", "guardduty:GetMemberDetectors", "guardduty:GetMembers", "guardduty:GetThreatIntelSet", "guardduty:ListDetectors", "guardduty:ListFilters", "guardduty:ListFindings", "guardduty:ListIPSets", "guardduty:ListMembers", "guardduty:ListOrganizationAdminAccounts", "guardduty:ListPublishingDestinations", "guardduty:ListTagsForResource", "guardduty:ListThreatIntelSets", "healthlake:DescribeFHIRDatastore", "healthlake:ListFHIRDatastores", "healthlake:ListTagsForResource", "iam:GenerateCredentialReport", "iam:GetAccountAuthorizationDetails", "iam:GetAccountPasswordPolicy", "iam:GetAccountSummary", "iam:GetCredentialReport", "iam:GetGroup", "iam:GetGroupPolicy", "iam:GetInstanceProfile", "iam:GetOpenIDConnectProvider", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:GetRole", "iam:GetRolePolicy", "iam:GetSAMLProvider", "iam:GetServerCertificate", "iam:GetUser", "iam:GetUserPolicy", "iam:ListAccessKeys", "iam:ListAttachedGroupPolicies", "iam:ListAttachedRolePolicies", "iam:ListAttachedUserPolicies", "iam:ListEntitiesForPolicy", "iam:ListGroupPolicies", "iam:ListGroups", "iam:ListGroupsForUser", "iam:ListInstanceProfiles", "iam:ListInstanceProfilesForRole", "iam:ListInstanceProfileTags", "iam:ListMFADevices", "iam:ListMFADeviceTags", "iam:ListOpenIDConnectProviders", "iam:ListPolicyVersions", "iam:ListRolePolicies", "iam:ListRoles", "iam:ListSAMLProviders", "iam:ListServerCertificates", "iam:ListUserPolicies", "iam:ListUsers", "iam:ListVirtualMFADevices", "imagebuilder:GetComponent", "imagebuilder:GetContainerRecipe", "imagebuilder:GetDistributionConfiguration", "imagebuilder:GetImage", "imagebuilder:GetImagePipeline", "imagebuilder:GetImageRecipe", "imagebuilder:GetInfrastructureConfiguration", "imagebuilder:ListComponentBuildVersions", "imagebuilder:ListComponents", "imagebuilder:ListContainerRecipes", "imagebuilder:ListDistributionConfigurations", "imagebuilder:ListImageBuildVersions", "imagebuilder:ListImagePipelines", "imagebuilder:ListImageRecipes", "imagebuilder:ListImages", "imagebuilder:ListInfrastructureConfigurations", "inspector2:BatchGetAccountStatus", "inspector2:GetDelegatedAdminAccount", "inspector2:ListFilters", "inspector2:ListMembers", "iot:DescribeAccountAuditConfiguration", "iot:DescribeAuthorizer", "iot:DescribeCACertificate", "iot:DescribeCertificate", "iot:DescribeCustomMetric", "iot:DescribeDimension", "iot:DescribeDomainConfiguration", "iot:DescribeFleetMetric", "iot:DescribeJobTemplate", "iot:DescribeMitigationAction", "iot:DescribeProvisioningTemplate", "iot:DescribeRoleAlias", "iot:DescribeScheduledAudit", "iot:DescribeSecurityProfile", "iot:GetPolicy", "iot:GetTopicRule", "iot:GetTopicRuleDestination", "iot:ListAuthorizers", "iot:ListCACertificates", "iot:ListCertificates", "iot:ListCustomMetrics", "iot:ListDimensions", "iot:ListDomainConfigurations", "iot:ListFleetMetrics", "iot:ListJobTemplates", "iot:ListMitigationActions", "iot:ListPolicies", "iot:ListProvisioningTemplates", "iot:ListRoleAliases", "iot:ListScheduledAudits", "iot:ListSecurityProfiles", "iot:ListSecurityProfilesForTarget", "iot:ListTagsForResource", "iot:ListTargetsForSecurityProfile", "iot:ListTopicRuleDestinations", "iot:ListTopicRules", "iot:ListV2LoggingLevels", "iot:ValidateSecurityProfileBehaviors", "iotanalytics:DescribeChannel", "iotanalytics:DescribeDataset", "iotanalytics:DescribeDatastore", "iotanalytics:DescribePipeline", "iotanalytics:ListChannels", "iotanalytics:ListDatasets", "iotanalytics:ListDatastores", "iotanalytics:ListPipelines", "iotanalytics:ListTagsForResource", "iotevents:DescribeAlarmModel", "iotevents:DescribeDetectorModel", "iotevents:DescribeInput", "iotevents:ListAlarmModels", "iotevents:ListDetectorModels", "iotevents:ListInputs", "iotevents:ListTagsForResource", "iotsitewise:DescribeAccessPolicy", "iotsitewise:DescribeAsset", "iotsitewise:DescribeAssetModel", "iotsitewise:DescribeDashboard", "iotsitewise:DescribeGateway", "iotsitewise:DescribePortal", "iotsitewise:DescribeProject", "iotsitewise:ListAccessPolicies", "iotsitewise:ListAssetModels", "iotsitewise:ListAssets", "iotsitewise:ListDashboards", "iotsitewise:ListGateways", "iotsitewise:ListPortals", "iotsitewise:ListProjectAssets", "iotsitewise:ListProjects", "iotsitewise:ListTagsForResource", "iottwinmaker:GetComponentType", "iottwinmaker:GetEntity", "iottwinmaker:GetScene", "iottwinmaker:GetSyncJob", "iottwinmaker:GetWorkspace", "iottwinmaker:ListComponentTypes", "iottwinmaker:ListEntities", "iottwinmaker:ListScenes", "iottwinmaker:ListSyncJobs", "iottwinmaker:ListTagsForResource", "iottwinmaker:ListWorkspaces", "iotwireless:GetFuotaTask", "iotwireless:GetMulticastGroup", "iotwireless:GetServiceProfile", "iotwireless:GetWirelessDevice", "iotwireless:GetWirelessGatewayTaskDefinition", "iotwireless:ListFuotaTasks", "iotwireless:ListMulticastGroups", "iotwireless:ListServiceProfiles", "iotwireless:ListTagsForResource", "iotwireless:ListWirelessDevices", "iotwireless:ListWirelessGatewayTaskDefinitions", "ivs:GetChannel", "ivs:GetPlaybackKeyPair", "ivs:GetRecordingConfiguration", "ivs:GetStreamKey", "ivs:ListChannels", "ivs:ListPlaybackKeyPairs", "ivs:ListRecordingConfigurations", "ivs:ListStreamKeys", "ivs:ListTagsForResource", "kafka:DescribeCluster", "kafka:DescribeClusterV2", "kafka:DescribeConfiguration", "kafka:DescribeConfigurationRevision", "kafka:DescribeVpcConnection", "kafka:GetClusterPolicy", "kafka:ListClusters", "kafka:ListClustersV2", "kafka:ListConfigurations", "kafka:ListScramSecrets", "kafka:ListTagsForResource", "kafka:ListVpcConnections", "kafkaconnect:DescribeConnector", "kafkaconnect:ListConnectors", "kendra:DescribeIndex", "kendra:ListIndices", "kendra:ListTagsForResource", "kinesis:DescribeStreamConsumer", "kinesis:DescribeStreamSummary", "kinesis:ListStreamConsumers", "kinesis:ListStreams", "kinesis:ListTagsForStream", "kinesisanalytics:DescribeApplication", "kinesisanalytics:ListApplications", "kinesisanalytics:ListTagsForResource", "kinesisvideo:DescribeSignalingChannel", "kinesisvideo:DescribeStream", "kinesisvideo:ListSignalingChannels", "kinesisvideo:ListStreams", "kinesisvideo:ListTagsForResource", "kinesisvideo:ListTagsForStream", "kms:DescribeKey", "kms:GetKeyPolicy", "kms:GetKeyRotationStatus", "kms:ListAliases", "kms:ListKeys", "kms:ListResourceTags", "lakeformation:DescribeResource", "lakeformation:GetDataLakeSettings", "lakeformation:ListPermissions", "lakeformation:ListResources", "lambda:GetAlias", "lambda:GetCodeSigningConfig", "lambda:GetFunction", "lambda:GetFunctionCodeSigningConfig", "lambda:GetLayerVersion", "lambda:GetPolicy", "lambda:ListAliases", "lambda:ListCodeSigningConfigs", "lambda:ListFunctions", "lambda:ListLayers", "lambda:ListLayerVersions", "lambda:ListTags", "lambda:ListVersionsByFunction", "lex:DescribeBot", "lex:DescribeBotAlias", "lex:DescribeBotVersion", "lex:DescribeResourcePolicy", "lex:ListBotAliases", "lex:ListBotLocales", "lex:ListBots", "lex:ListBotVersions", "lex:ListTagsForResource", "license-manager:GetGrant", "license-manager:GetLicense", "license-manager:ListDistributedGrants", "license-manager:ListLicenses", "license-manager:ListReceivedGrants", "lightsail:GetAlarms", "lightsail:GetBuckets", "lightsail:GetCertificates", "lightsail:GetContainerServices", "lightsail:GetDisk", "lightsail:GetDisks", "lightsail:GetDistributions", "lightsail:GetInstance", "lightsail:GetInstances", "lightsail:GetKeyPair", "lightsail:GetLoadBalancer", "lightsail:GetLoadBalancers", "lightsail:GetLoadBalancerTlsCertificates", "lightsail:GetRelationalDatabase", "lightsail:GetRelationalDatabaseParameters", "lightsail:GetRelationalDatabases", "lightsail:GetStaticIp", "lightsail:GetStaticIps", "logs:DescribeDestinations", "logs:DescribeLogGroups", "logs:DescribeMetricFilters", "logs:GetDataProtectionPolicy", "logs:GetLogDelivery", "logs:ListLogDeliveries", "logs:ListTagsLogGroup", "lookoutequipment:DescribeInferenceScheduler", "lookoutequipment:ListTagsForResource", "lookoutmetrics:DescribeAlert", "lookoutmetrics:DescribeAnomalyDetector", "lookoutmetrics:ListAlerts", "lookoutmetrics:ListAnomalyDetectors", "lookoutmetrics:ListMetricSets", "lookoutmetrics:ListTagsForResource", "lookoutvision:DescribeProject", "lookoutvision:ListProjects", "m2:GetEnvironment", "m2:ListEnvironments", "m2:ListTagsForResource", "macie2:DescribeOrganizationConfiguration", "macie2:GetAutomatedDiscoveryConfiguration", "macie2:GetClassificationExportConfiguration", "macie2:GetCustomDataIdentifier", "macie2:GetFindingsPublicationConfiguration", "macie2:GetMacieSession", "macie2:ListCustomDataIdentifiers", "macie2:ListTagsForResource", "managedblockchain:GetMember", "managedblockchain:GetNetwork", "managedblockchain:GetNode", "managedblockchain:ListInvitations", "managedblockchain:ListMembers", "managedblockchain:ListNodes", "mediaconnect:DescribeFlow", "mediaconnect:ListFlows", "mediaconnect:ListTagsForResource", "mediapackage-vod:DescribePackagingConfiguration", "mediapackage-vod:DescribePackagingGroup", "mediapackage-vod:ListPackagingConfigurations", "mediapackage-vod:ListPackagingGroups", "mediapackage-vod:ListTagsForResource", "mediatailor:GetPlaybackConfiguration", "mediatailor:ListPlaybackConfigurations", "memorydb:DescribeAcls", "memorydb:DescribeClusters", "memorydb:DescribeParameterGroups", "memorydb:DescribeParameters", "memorydb:DescribeSubnetGroups", "memorydb:DescribeUsers", "memorydb:ListTags", "mobiletargeting:GetApp", "mobiletargeting:GetApplicationSettings", "mobiletargeting:GetApps", "mobiletargeting:GetCampaign", "mobiletargeting:GetCampaigns", "mobiletargeting:GetEmailChannel", "mobiletargeting:GetEmailTemplate", "mobiletargeting:GetEventStream", "mobiletargeting:GetInAppTemplate", "mobiletargeting:GetSegment", "mobiletargeting:GetSegments", "mobiletargeting:ListTagsForResource", "mobiletargeting:ListTemplates", "mq:DescribeBroker", "mq:ListBrokers", "network-firewall:DescribeLoggingConfiguration", "network-firewall:ListFirewalls", "networkmanager:DescribeGlobalNetworks", "networkmanager:GetConnectPeer", "networkmanager:GetCustomerGatewayAssociations", "networkmanager:GetDevices", "networkmanager:GetLinkAssociations", "networkmanager:GetLinks", "networkmanager:GetSites", "networkmanager:GetTransitGatewayRegistrations", "networkmanager:ListConnectPeers", "networkmanager:ListTagsForResource", "nimble:GetLaunchProfile", "nimble:GetLaunchProfileDetails", "nimble:GetStreamingImage", "nimble:GetStudio", "nimble:GetStudioComponent", "nimble:ListLaunchProfiles", "nimble:ListStreamingImages", "nimble:ListStudioComponents", "nimble:ListStudios", "opsworks:DescribeInstances", "opsworks:DescribeLayers", "opsworks:DescribeTimeBasedAutoScaling", "opsworks:DescribeVolumes", "opsworks:ListTags", "organizations:DescribeAccount", "organizations:DescribeEffectivePolicy", "organizations:DescribeOrganization", "organizations:DescribeOrganizationalUnit", "organizations:DescribePolicy", "organizations:DescribeResourcePolicy", "organizations:ListAccounts", "organizations:ListAccountsForParent", "organizations:ListDelegatedAdministrators", "organizations:ListOrganizationalUnitsForParent", "organizations:ListParents", "organizations:ListPolicies", "organizations:ListPoliciesForTarget", "organizations:ListRoots", "organizations:ListTagsForResource", "organizations:ListTargetsForPolicy", "panorama:DescribeApplicationInstance", "panorama:DescribeApplicationInstanceDetails", "panorama:DescribePackage", "panorama:DescribePackageVersion", "panorama:ListApplicationInstances", "panorama:ListNodes", "panorama:ListPackages", "personalize:DescribeDataset", "personalize:DescribeDatasetGroup", "personalize:DescribeSchema", "personalize:DescribeSolution", "personalize:ListDatasetGroups", "personalize:ListDatasetImportJobs", "personalize:ListDatasets", "personalize:ListSchemas", "personalize:ListSolutions", "personalize:ListTagsForResource", "profile:GetDomain", "profile:GetIntegration", "profile:GetProfileObjectType", "profile:ListDomains", "profile:ListIntegrations", "profile:ListProfileObjectTypes", "profile:ListTagsForResource", "quicksight:DescribeAccountSubscription", "quicksight:DescribeAnalysis", "quicksight:DescribeAnalysisPermissions", "quicksight:DescribeDashboard", "quicksight:DescribeDashboardPermissions", "quicksight:DescribeDataSet", "quicksight:DescribeDataSetPermissions", "quicksight:DescribeDataSetRefreshProperties", "quicksight:DescribeDataSource", "quicksight:DescribeDataSourcePermissions", "quicksight:DescribeTemplate", "quicksight:DescribeTemplatePermissions", "quicksight:DescribeTheme", "quicksight:DescribeThemePermissions", "quicksight:ListAnalyses", "quicksight:ListDashboards", "quicksight:ListDataSets", "quicksight:ListDataSources", "quicksight:ListTagsForResource", "quicksight:ListTemplates", "quicksight:ListThemes", "ram:GetPermission", "ram:GetResourceShareAssociations", "ram:GetResourceShares", "ram:ListPermissionAssociations", "ram:ListPermissions", "ram:ListPermissionVersions", "ram:ListResources", "ram:ListResourceSharePermissions", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstances", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBProxies", "rds:DescribeDBProxyEndpoints", "rds:DescribeDBSecurityGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEventSubscriptions", "rds:DescribeGlobalClusters", "rds:DescribeOptionGroups", "rds:ListTagsForResource", "redshift-serverless:GetNamespace", "redshift-serverless:GetWorkgroup", "redshift-serverless:ListNamespaces", "redshift-serverless:ListTagsForResource", "redshift-serverless:ListWorkgroups", "redshift:DescribeClusterParameterGroups", "redshift:DescribeClusterParameters", "redshift:DescribeClusters", "redshift:DescribeClusterSecurityGroups", "redshift:DescribeClusterSnapshots", "redshift:DescribeClusterSubnetGroups", "redshift:DescribeEndpointAccess", "redshift:DescribeEndpointAuthorization", "redshift:DescribeEventSubscriptions", "redshift:DescribeLoggingStatus", "redshift:DescribeScheduledActions", "refactor-spaces:GetEnvironment", "refactor-spaces:GetService", "refactor-spaces:ListApplications", "refactor-spaces:ListEnvironments", "refactor-spaces:ListServices", "rekognition:DescribeStreamProcessor", "rekognition:ListStreamProcessors", "rekognition:ListTagsForResource", "resiliencehub:DescribeApp", "resiliencehub:DescribeAppVersionTemplate", "resiliencehub:DescribeResiliencyPolicy", "resiliencehub:ListApps", "resiliencehub:ListAppVersionResourceMappings", "resiliencehub:ListResiliencyPolicies", "resiliencehub:ListTagsForResource", "resource-explorer-2:GetIndex", "resource-explorer-2:ListIndexes", "resource-explorer-2:ListTagsForResource", "resource-groups:GetGroup", "resource-groups:GetGroupConfiguration", "resource-groups:GetGroupQuery", "resource-groups:GetTags", "resource-groups:ListGroupResources", "resource-groups:ListGroups", "robomaker:DescribeRobotApplication", "robomaker:DescribeSimulationApplication", "robomaker:ListRobotApplications", "robomaker:ListSimulationApplications", "route53-recovery-control-config:DescribeCluster", "route53-recovery-control-config:DescribeControlPanel", "route53-recovery-control-config:DescribeRoutingControl", "route53-recovery-control-config:DescribeSafetyRule", "route53-recovery-control-config:ListClusters", "route53-recovery-control-config:ListControlPanels", "route53-recovery-control-config:ListRoutingControls", "route53-recovery-control-config:ListSafetyRules", "route53-recovery-control-config:ListTagsForResource", "route53-recovery-readiness:GetCell", "route53-recovery-readiness:GetReadinessCheck", "route53-recovery-readiness:GetRecoveryGroup", "route53-recovery-readiness:GetResourceSet", "route53-recovery-readiness:ListCells", "route53-recovery-readiness:ListReadinessChecks", "route53-recovery-readiness:ListRecoveryGroups", "route53-recovery-readiness:ListResourceSets", "route53:GetChange", "route53:GetDNSSEC", "route53:GetHealthCheck", "route53:GetHostedZone", "route53:ListCidrBlocks", "route53:ListCidrCollections", "route53:ListCidrLocations", "route53:ListHealthChecks", "route53:ListHostedZones", "route53:ListHostedZonesByName", "route53:ListQueryLoggingConfigs", "route53:ListResourceRecordSets", "route53:ListTagsForResource", "route53resolver:GetFirewallDomainList", "route53resolver:GetFirewallRuleGroup", "route53resolver:GetFirewallRuleGroupAssociation", "route53resolver:GetResolverDnssecConfig", "route53resolver:GetResolverEndpoint", "route53resolver:GetResolverQueryLogConfig", "route53resolver:GetResolverQueryLogConfigAssociation", "route53resolver:GetResolverRule", "route53resolver:GetResolverRuleAssociation", "route53resolver:ListFirewallDomainLists", "route53resolver:ListFirewallDomains", "route53resolver:ListFirewallRuleGroupAssociations", "route53resolver:ListFirewallRuleGroups", "route53resolver:ListFirewallRules", "route53resolver:ListResolverDnssecConfigs", "route53resolver:ListResolverEndpointIpAddresses", "route53resolver:ListResolverEndpoints", "route53resolver:ListResolverQueryLogConfigAssociations", "route53resolver:ListResolverQueryLogConfigs", "route53resolver:ListResolverRuleAssociations", "route53resolver:ListResolverRules", "route53resolver:ListTagsForResource", "rum:GetAppMonitor", "rum:GetAppMonitorData", "rum:ListAppMonitors", "rum:ListTagsForResource", "s3-outposts:GetAccessPoint", "s3-outposts:GetAccessPointPolicy", "s3-outposts:GetBucket", "s3-outposts:GetBucketPolicy", "s3-outposts:GetBucketTagging", "s3-outposts:GetLifecycleConfiguration", "s3-outposts:ListAccessPoints", "s3-outposts:ListEndpoints", "s3-outposts:ListRegionalBuckets", "s3:GetAccelerateConfiguration", "s3:GetAccessPoint", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetEncryptionConfiguration", "s3:GetLifecycleConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListMultiRegionAccessPoints", "s3:ListStorageLensConfigurations", "s3express:GetBucketPolicy", "s3express:ListAllMyDirectoryBuckets", "sagemaker:DescribeAppImageConfig", "sagemaker:DescribeCodeRepository", "sagemaker:DescribeDataQualityJobDefinition", "sagemaker:DescribeDeviceFleet", "sagemaker:DescribeDomain", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeFeatureGroup", "sagemaker:DescribeImage", "sagemaker:DescribeImageVersion", "sagemaker:DescribeInferenceExperiment", "sagemaker:DescribeModel", "sagemaker:DescribeModelBiasJobDefinition", "sagemaker:DescribeModelExplainabilityJobDefinition", "sagemaker:DescribeModelQualityJobDefinition", "sagemaker:DescribeMonitoringSchedule", "sagemaker:DescribeNotebookInstance", "sagemaker:DescribeNotebookInstanceLifecycleConfig", "sagemaker:DescribePipeline", "sagemaker:DescribeProject", "sagemaker:DescribeWorkteam", "sagemaker:ListAppImageConfigs", "sagemaker:ListCodeRepositories", "sagemaker:ListDataQualityJobDefinitions", "sagemaker:ListDeviceFleets", "sagemaker:ListDomains", "sagemaker:ListEndpointConfigs", "sagemaker:ListEndpoints", "sagemaker:ListFeatureGroups", "sagemaker:ListImages", "sagemaker:ListImageVersions", "sagemaker:ListInferenceExperiments", "sagemaker:ListModelBiasJobDefinitions", "sagemaker:ListModelExplainabilityJobDefinitions", "sagemaker:ListModelQualityJobDefinitions", "sagemaker:ListModels", "sagemaker:ListMonitoringSchedules", "sagemaker:ListNotebookInstanceLifecycleConfigs", "sagemaker:ListNotebookInstances", "sagemaker:ListPipelines", "sagemaker:ListProjects", "sagemaker:ListTags", "sagemaker:ListWorkteams", "schemas:DescribeDiscoverer", "schemas:DescribeRegistry", "schemas:DescribeSchema", "schemas:GetResourcePolicy", "schemas:ListDiscoverers", "schemas:ListRegistries", "schemas:ListSchemas", "sdb:GetAttributes", "sdb:ListDomains", "secretsmanager:ListSecrets", "secretsmanager:ListSecretVersionIds", "securityhub:DescribeHub", "servicecatalog:DescribePortfolioShares", "servicediscovery:GetInstance", "servicediscovery:GetNamespace", "servicediscovery:GetService", "servicediscovery:ListInstances", "servicediscovery:ListNamespaces", "servicediscovery:ListServices", "servicediscovery:ListTagsForResource", "ses:DescribeReceiptRule", "ses:DescribeReceiptRuleSet", "ses:GetConfigurationSet", "ses:GetConfigurationSetEventDestinations", "ses:GetContactList", "ses:GetEmailTemplate", "ses:GetTemplate", "ses:ListConfigurationSets", "ses:ListContactLists", "ses:ListEmailTemplates", "ses:ListReceiptFilters", "ses:ListReceiptRuleSets", "ses:ListTemplates", "shield:DescribeDRTAccess", "shield:DescribeProtection", "shield:DescribeSubscription", "signer:GetSigningProfile", "signer:ListProfilePermissions", "signer:ListSigningProfiles", "sns:GetDataProtectionPolicy", "sns:GetSMSSandboxAccountStatus", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "sqs:GetQueueAttributes", "sqs:ListQueues", "sqs:ListQueueTags", "ssm:DescribeAutomationExecutions", "ssm:DescribeDocument", "ssm:DescribeDocumentPermission", "ssm:DescribeParameters", "ssm:GetAutomationExecution", "ssm:GetDocument", "ssm:ListDocuments", "ssm:ListTagsForResource", "sso:DescribeInstanceAccessControlAttributeConfiguration", "sso:DescribePermissionSet", "sso:GetInlinePolicyForPermissionSet", "sso:ListManagedPoliciesInPermissionSet", "sso:ListPermissionSets", "sso:ListTagsForResource", "states:DescribeActivity", "states:DescribeStateMachine", "states:ListActivities", "states:ListStateMachines", "states:ListTagsForResource", "storagegateway:ListGateways", "storagegateway:ListTagsForResource", "storagegateway:ListVolumes", "sts:GetCallerIdentity", "support:DescribeCases", "synthetics:DescribeCanaries", "synthetics:DescribeCanariesLastRun", "synthetics:DescribeRuntimeVersions", "synthetics:GetCanary", "synthetics:GetCanaryRuns", "synthetics:GetGroup", "synthetics:ListAssociatedGroups", "synthetics:ListGroupResources", "synthetics:ListGroups", "synthetics:ListTagsForResource", "tag:GetResources", "timestream:DescribeDatabase", "timestream:DescribeEndpoints", "timestream:DescribeTable", "timestream:ListDatabases", "timestream:ListTables", "timestream:ListTagsForResource", "transfer:DescribeAgreement", "transfer:DescribeCertificate", "transfer:DescribeConnector", "transfer:DescribeProfile", "transfer:DescribeServer", "transfer:DescribeUser", "transfer:DescribeWorkflow", "transfer:ListAgreements", "transfer:ListCertificates", "transfer:ListConnectors", "transfer:ListProfiles", "transfer:ListServers", "transfer:ListTagsForResource", "transfer:ListUsers", "transfer:ListWorkflows", "voiceid:DescribeDomain", "voiceid:ListTagsForResource", "waf-regional:GetLoggingConfiguration", "waf-regional:GetWebACL", "waf-regional:GetWebACLForResource", "waf-regional:ListLoggingConfigurations", "waf:GetLoggingConfiguration", "waf:GetWebACL", "wafv2:GetLoggingConfiguration", "wafv2:GetRuleGroup", "wafv2:ListRuleGroups", "wafv2:ListTagsForResource", "workspaces:DescribeConnectionAliases", "workspaces:DescribeTags", "workspaces:DescribeWorkspaces", "logs:CreateLogStream", "logs:CreateLogGroup", "logs:PutLogEvents" ], "malformed": false, "name": "AWS_ConfigRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-22T21:19:24+00:00", "version": "v30" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSApplicationDiscoveryAgentAccess", "createdate": "2020-02-24T22:26:45Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "arsenal:RegisterOnPremisesAgent", "mgh:GetHomeRegion" ], "malformed": false, "name": "AWSApplicationDiscoveryAgentAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-02-24T22:26:45+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonRDSCustomPreviewServiceRolePolicy", "createdate": "2023-09-20T17:48:39Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeInstances", "ec2:DescribeInstanceAttribute", "ec2:DescribeRegions", "ec2:DescribeSnapshots", "ec2:DescribeNetworkInterfaces", "ec2:DescribeVolumes", "ec2:DescribeInstanceStatus", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeImages", "ec2:DescribeVpcs", "ec2:RegisterImage", "ec2:DeregisterImage", "ec2:DescribeTags", "ec2:DescribeSecurityGroups", "ec2:DescribeVolumesModifications", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "ec2:SearchTransitGatewayMulticastGroups", "ec2:GetTransitGatewayMulticastDomainAssociations", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGateways", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribePlacementGroups", "ec2:DescribeRouteTables", "ec2:DisassociateIamInstanceProfile", "ec2:AssociateIamInstanceProfile", "ec2:ReplaceIamInstanceProfileAssociation", "ec2:TerminateInstances", "ec2:StartInstances", "ec2:StopInstances", "ec2:RebootInstances", "ec2:AllocateAddress", "ec2:AssociateAddress", "ec2:DisassociateAddress", "ec2:ReleaseAddress", "ec2:AssignPrivateIpAddresses", "ec2:RunInstances", "ec2:RunInstances", "ec2:RunInstances", "ec2:RunInstances", "ec2:DeleteKeyPair", "ec2:CreateKeyPair", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:CreateTags", "ec2:CreateTags", "ec2:DetachVolume", "ec2:AttachVolume", "ec2:CreateVolume", "ec2:ModifyVolumeAttribute", "ec2:DeleteVolume", "ec2:ModifyVolume", "ec2:CreateVolume", "ec2:DeleteSnapshot", "ec2:CopySnapshot", "ec2:CreateSnapshots", "ec2:CreateSnapshots", "iam:ListInstanceProfiles", "iam:GetInstanceProfile", "iam:GetRole", "iam:ListRolePolicies", "iam:GetRolePolicy", "iam:ListAttachedRolePolicies", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:PassRole", "cloudtrail:GetTrailStatus", "cloudwatch:EnableAlarmActions", "cloudwatch:DeleteAlarms", "cloudwatch:PutMetricAlarm", "cloudwatch:TagResource", "cloudwatch:DescribeAlarms", "ssm:SendCommand", "ssm:SendCommand", "ssm:GetCommandInvocation", "ssm:GetConnectionStatus", "ssm:DescribeInstanceInformation", "ssm:PutParameter", "ssm:AddTagsToResource", "ssm:DeleteParameter", "events:PutRule", "events:TagResource", "events:PutTargets", "events:DescribeRule", "events:EnableRule", "events:ListTargetsByRule", "events:DeleteRule", "events:RemoveTargets", "events:DisableRule", "events:PutRule", "events:PutTargets", "events:EnableRule", "events:DeleteRule", "events:RemoveTargets", "events:DisableRule", "events:DescribeRule", "events:ListTargetsByRule", "secretsmanager:TagResource", "secretsmanager:CreateSecret", "secretsmanager:TagResource", "secretsmanager:DescribeSecret", "secretsmanager:DeleteSecret", "secretsmanager:PutSecretValue", "servicequotas:GetServiceQuota" ], "malformed": false, "name": "AmazonRDSCustomPreviewServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-09-20T17:48:39+00:00", "version": "v6" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AWSSupportPlansReadOnlyAccess", "createdate": "2022-09-27T18:08:29Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "supportplans:GetSupportPlan", "supportplans:GetSupportPlanUpdateStatus" ], "malformed": false, "name": "AWSSupportPlansReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-09-27T18:08:29+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSMigrationHubRefactorSpacesServiceRolePolicy", "createdate": "2023-07-20T15:57:53Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeNetworkInterfaces", "ec2:DescribeRouteTables", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeTransitGatewayVpcAttachments", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeTargetGroups", "ram:GetResourceShareAssociations", "ec2:AuthorizeSecurityGroupIngress", "ec2:RevokeSecurityGroupIngress", "ec2:DeleteSecurityGroup", "ec2:DeleteTransitGatewayVpcAttachment", "ec2:CreateRoute", "ec2:DeleteRoute", "ec2:DeleteTags", "ram:DeleteResourceShare", "ram:AssociateResourceShare", "ram:DisassociateResourceShare", "ec2:DeleteVpcEndpointServiceConfigurations", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:CreateLoadBalancerListeners", "elasticloadbalancing:CreateListener", "elasticloadbalancing:DeleteListener", "elasticloadbalancing:DeleteTargetGroup", "apigateway:PUT", "apigateway:POST", "apigateway:GET", "apigateway:PATCH", "apigateway:DELETE", "apigateway:GET", "elasticloadbalancing:DeleteLoadBalancer", "elasticloadbalancing:AddTags", "elasticloadbalancing:CreateListener", "elasticloadbalancing:DeleteListener", "elasticloadbalancing:DeleteTargetGroup", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:DeregisterTargets", "elasticloadbalancing:AddTags", "elasticloadbalancing:CreateTargetGroup" ], "malformed": false, "name": "AWSMigrationHubRefactorSpacesServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-07-20T15:57:53+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": null, "createdate": "2020-01-16T21:47:47Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [ "ec2:RevokeSecurityGroupIngress", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:DescribeInstances", "ec2:RevokeSecurityGroupEgress", "ec2:DeleteSecurityGroup", "ec2:RevokeSecurityGroupIngress", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:DescribeInstances", "ec2:RevokeSecurityGroupEgress", "ec2:DeleteSecurityGroup", "ec2:DeleteLaunchTemplate", "ec2:CreateLaunchTemplateVersion", "autoscaling:UpdateAutoScalingGroup", "autoscaling:DeleteAutoScalingGroup", "autoscaling:TerminateInstanceInAutoScalingGroup", "autoscaling:CompleteLifecycleAction", "autoscaling:PutLifecycleHook", "autoscaling:PutNotificationConfiguration", "iam:CreateServiceLinkedRole", "autoscaling:CreateOrUpdateTags", "autoscaling:CreateAutoScalingGroup", "iam:PassRole", "iam:PassRole", "iam:PassRole", "iam:GetRole", "ec2:CreateLaunchTemplate", "ec2:DescribeInstances", "iam:GetInstanceProfile", "ec2:DescribeLaunchTemplates", "autoscaling:DescribeAutoScalingGroups", "ec2:CreateSecurityGroup", "ec2:DescribeLaunchTemplateVersions", "ec2:RunInstances", "ec2:DescribeSecurityGroups", "ec2:GetConsoleOutput", "ec2:DescribeSubnets", "iam:CreateInstanceProfile", "iam:DeleteInstanceProfile", "iam:RemoveRoleFromInstanceProfile", "iam:AddRoleToInstanceProfile", "ec2:CreateTags", "ec2:DeleteTags" ], "malformed": false, "name": "AWSServiceRoleForGammaInternalAmazonEKSNodegroup", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AutoScalingServiceRolePolicy", "createdate": "2024-02-29T17:48:58Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ec2:AttachClassicLinkVpc", "ec2:CancelSpotInstanceRequests", "ec2:CreateFleet", "ec2:CreateTags", "ec2:DeleteTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:DetachClassicLinkVpc", "ec2:GetInstanceTypesFromInstanceRequirements", "ec2:GetSecurityGroupsForVpc", "ec2:ModifyInstanceAttribute", "ec2:RequestSpotInstances", "ec2:RunInstances", "ec2:StartInstances", "ec2:StopInstances", "ec2:TerminateInstances", "iam:PassRole", "iam:CreateServiceLinkedRole", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:DeregisterTargets", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "cloudwatch:DeleteAlarms", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricData", "cloudwatch:PutMetricAlarm", "sns:Publish", "events:PutRule", "events:PutTargets", "events:RemoveTargets", "events:DeleteRule", "events:DescribeRule", "ssm:GetParameters", "vpc-lattice:DeregisterTargets", "vpc-lattice:GetTargetGroup", "vpc-lattice:ListTargets", "vpc-lattice:ListTargetGroups", "vpc-lattice:RegisterTargets" ], "malformed": false, "name": "AutoScalingServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-29T17:48:58+00:00", "version": "v8" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonSageMakerMechanicalTurkAccess", "createdate": "2019-12-03T16:19:36Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "sagemaker:CreateFlowDefinition", "sagemaker:DeleteFlowDefinition", "sagemaker:DescribeFlowDefinition", "sagemaker:ListFlowDefinitions" ], "malformed": false, "name": "AmazonSageMakerMechanicalTurkAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-12-03T16:19:36+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonCodeGuruReviewerFullAccess", "createdate": "2020-08-29T04:16:08Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "codeguru-reviewer:AssociateRepository", "codeguru-reviewer:CreateCodeReview", "codeguru-reviewer:CreateConnectionToken", "codeguru-reviewer:DescribeCodeReview", "codeguru-reviewer:DescribeRecommendationFeedback", "codeguru-reviewer:DescribeRepositoryAssociation", "codeguru-reviewer:DisassociateRepository", "codeguru-reviewer:GetMetricsData", "codeguru-reviewer:ListCodeReviews", "codeguru-reviewer:ListRecommendationFeedback", "codeguru-reviewer:ListRecommendations", "codeguru-reviewer:ListRepositoryAssociations", "codeguru-reviewer:ListTagsForResource", "codeguru-reviewer:ListThirdPartyRepositories", "codeguru-reviewer:PutRecommendationFeedback", "codeguru-reviewer:TagResource", "codeguru-reviewer:UnTagResource", "codeguru:GetCodeGuruFreeTrialSummary", "iam:CreateServiceLinkedRole", "iam:DeleteServiceLinkedRole", "iam:GetServiceLinkedRoleDeletionStatus", "codecommit:ListRepositories", "codecommit:TagResource", "codecommit:UntagResource", "codestar-connections:TagResource", "codestar-connections:UntagResource", "codestar-connections:ListTagsForResource", "codestar-connections:UseConnection", "codestar-connections:ListConnections", "codestar-connections:PassConnection", "events:PutRule", "events:PutTargets", "events:DeleteRule", "events:RemoveTargets" ], "malformed": false, "name": "AmazonCodeGuruReviewerFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-08-29T04:16:08+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": null, "createdate": "2015-04-09T17:05:26Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateSecurityGroup", "ec2:DescribeInternetGateways", "ec2:DescribeSecurityGroups", "ec2:RevokeSecurityGroupIngress", "redshift:AuthorizeClusterSecurityGroupIngress", "redshift:CreateClusterSecurityGroup", "redshift:DescribeClusters", "redshift:DescribeClusterSecurityGroups", "redshift:ModifyCluster", "redshift:RevokeClusterSecurityGroupIngress", "s3:GetBucketLocation", "s3:GetBucketPolicy", "s3:GetObject", "s3:PutBucketPolicy", "s3:PutObject" ], "malformed": false, "name": "AmazonMachineLearningRoleforRedshiftDataSource", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSApplicationMigrationReplicationServerPolicy", "createdate": "2021-04-07T07:21:57Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mgn:SendClientMetricsForMgn", "mgn:SendClientLogsForMgn", "mgn:GetChannelCommandsForMgn", "mgn:SendChannelCommandResultForMgn", "mgn:GetAgentSnapshotCreditsForMgn", "mgn:DescribeReplicationServerAssociationsForMgn", "mgn:DescribeSnapshotRequestsForMgn", "mgn:BatchDeleteSnapshotRequestForMgn", "mgn:NotifyAgentAuthenticationForMgn", "mgn:BatchCreateVolumeSnapshotGroupForMgn", "mgn:UpdateAgentReplicationProcessStateForMgn", "mgn:NotifyAgentReplicationProgressForMgn", "mgn:NotifyAgentConnectedForMgn", "mgn:NotifyAgentDisconnectedForMgn", "ec2:DescribeInstances", "ec2:DescribeSnapshots", "ec2:CreateSnapshot", "ec2:CreateSnapshot", "ec2:CreateTags" ], "malformed": false, "name": "AWSApplicationMigrationReplicationServerPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-04-07T07:21:57+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/IAMFullAccess", "createdate": "2019-06-21T19:40:00Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:AddClientIDToOpenIDConnectProvider", "iam:AddRoleToInstanceProfile", "iam:AddUserToGroup", "iam:AttachGroupPolicy", "iam:AttachRolePolicy", "iam:AttachUserPolicy", "iam:ChangePassword", "iam:CreateAccessKey", "iam:CreateAccountAlias", "iam:CreateGroup", "iam:CreateInstanceProfile", "iam:CreateLoginProfile", "iam:CreateOpenIDConnectProvider", "iam:CreatePolicy", "iam:CreatePolicyVersion", "iam:CreateRole", "iam:CreateSAMLProvider", "iam:CreateServiceLinkedRole", "iam:CreateServiceSpecificCredential", "iam:CreateUser", "iam:CreateVirtualMFADevice", "iam:DeactivateMFADevice", "iam:DeleteAccessKey", "iam:DeleteAccountAlias", "iam:DeleteAccountPasswordPolicy", "iam:DeleteCloudFrontPublicKey", "iam:DeleteGroup", "iam:DeleteGroupPolicy", "iam:DeleteInstanceProfile", "iam:DeleteLoginProfile", "iam:DeleteOpenIDConnectProvider", "iam:DeletePolicy", "iam:DeletePolicyVersion", "iam:DeleteRole", "iam:DeleteRolePermissionsBoundary", "iam:DeleteRolePolicy", "iam:DeleteSAMLProvider", "iam:DeleteSSHPublicKey", "iam:DeleteServerCertificate", "iam:DeleteServiceLinkedRole", "iam:DeleteServiceSpecificCredential", "iam:DeleteSigningCertificate", "iam:DeleteUser", "iam:DeleteUserPermissionsBoundary", "iam:DeleteUserPolicy", "iam:DeleteVirtualMFADevice", "iam:DetachGroupPolicy", "iam:DetachRolePolicy", "iam:DetachUserPolicy", "iam:EnableMFADevice", "iam:GenerateCredentialReport", "iam:GenerateOrganizationsAccessReport", "iam:GenerateServiceLastAccessedDetails", "iam:GetAccessKeyLastUsed", "iam:GetAccountAuthorizationDetails", "iam:GetAccountEmailAddress", "iam:GetAccountName", "iam:GetAccountPasswordPolicy", "iam:GetAccountSummary", "iam:GetCloudFrontPublicKey", "iam:GetContextKeysForCustomPolicy", "iam:GetContextKeysForPrincipalPolicy", "iam:GetCredentialReport", "iam:GetGroup", "iam:GetGroupPolicy", "iam:GetInstanceProfile", "iam:GetLoginProfile", "iam:GetMFADevice", "iam:GetOpenIDConnectProvider", "iam:GetOrganizationsAccessReport", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:GetRole", "iam:GetRolePolicy", "iam:GetSAMLProvider", "iam:GetSSHPublicKey", "iam:GetServerCertificate", "iam:GetServiceLastAccessedDetails", "iam:GetServiceLastAccessedDetailsWithEntities", "iam:GetServiceLinkedRoleDeletionStatus", "iam:GetUser", "iam:GetUserPolicy", "iam:ListAccessKeys", "iam:ListAccountAliases", "iam:ListAttachedGroupPolicies", "iam:ListAttachedRolePolicies", "iam:ListAttachedUserPolicies", "iam:ListCloudFrontPublicKeys", "iam:ListEntitiesForPolicy", "iam:ListGroupPolicies", "iam:ListGroups", "iam:ListGroupsForUser", "iam:ListInstanceProfileTags", "iam:ListInstanceProfiles", "iam:ListInstanceProfilesForRole", "iam:ListMFADeviceTags", "iam:ListMFADevices", "iam:ListOpenIDConnectProviderTags", "iam:ListOpenIDConnectProviders", "iam:ListPolicies", "iam:ListPoliciesGrantingServiceAccess", "iam:ListPolicyTags", "iam:ListPolicyVersions", "iam:ListRolePolicies", "iam:ListRoleTags", "iam:ListRoles", "iam:ListSAMLProviderTags", "iam:ListSAMLProviders", "iam:ListSSHPublicKeys", "iam:ListSTSRegionalEndpointsStatus", "iam:ListServerCertificateTags", "iam:ListServerCertificates", "iam:ListServiceSpecificCredentials", "iam:ListSigningCertificates", "iam:ListUserPolicies", "iam:ListUserTags", "iam:ListUsers", "iam:ListVirtualMFADevices", "iam:PassRole", "iam:PutGroupPolicy", "iam:PutRolePermissionsBoundary", "iam:PutRolePolicy", "iam:PutUserPermissionsBoundary", "iam:PutUserPolicy", "iam:RemoveClientIDFromOpenIDConnectProvider", "iam:RemoveRoleFromInstanceProfile", "iam:RemoveUserFromGroup", "iam:ResetServiceSpecificCredential", "iam:ResyncMFADevice", "iam:SetDefaultPolicyVersion", "iam:SetSTSRegionalEndpointStatus", "iam:SetSecurityTokenServicePreferences", "iam:SimulateCustomPolicy", "iam:SimulatePrincipalPolicy", "iam:TagInstanceProfile", "iam:TagMFADevice", "iam:TagOpenIDConnectProvider", "iam:TagPolicy", "iam:TagRole", "iam:TagSAMLProvider", "iam:TagServerCertificate", "iam:TagUser", "iam:UntagInstanceProfile", "iam:UntagMFADevice", "iam:UntagOpenIDConnectProvider", "iam:UntagPolicy", "iam:UntagRole", "iam:UntagSAMLProvider", "iam:UntagServerCertificate", "iam:UntagUser", "iam:UpdateAccessKey", "iam:UpdateAccountEmailAddress", "iam:UpdateAccountName", "iam:UpdateAccountPasswordPolicy", "iam:UpdateAssumeRolePolicy", "iam:UpdateCloudFrontPublicKey", "iam:UpdateGroup", "iam:UpdateLoginProfile", "iam:UpdateOpenIDConnectProviderThumbprint", "iam:UpdateRole", "iam:UpdateRoleDescription", "iam:UpdateSAMLProvider", "iam:UpdateSSHPublicKey", "iam:UpdateServerCertificate", "iam:UpdateServiceSpecificCredential", "iam:UpdateSigningCertificate", "iam:UpdateUser", "iam:UploadCloudFrontPublicKey", "iam:UploadSSHPublicKey", "iam:UploadServerCertificate", "iam:UploadSigningCertificate", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:DescribeOrganizationalUnit", "organizations:DescribePolicy", "organizations:ListChildren", "organizations:ListParents", "organizations:ListPoliciesForTarget", "organizations:ListRoots", "organizations:ListPolicies", "organizations:ListTargetsForPolicy" ], "malformed": false, "name": "IAMFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-21T19:40:00+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore", "createdate": "2019-05-23T16:54:21Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ssm:DescribeAssociation", "ssm:GetDeployablePatchSnapshotForInstance", "ssm:GetDocument", "ssm:DescribeDocument", "ssm:GetManifest", "ssm:GetParameter", "ssm:GetParameters", "ssm:ListAssociations", "ssm:ListInstanceAssociations", "ssm:PutInventory", "ssm:PutComplianceItems", "ssm:PutConfigurePackageResult", "ssm:UpdateAssociationStatus", "ssm:UpdateInstanceAssociationStatus", "ssm:UpdateInstanceInformation", "ssmmessages:CreateControlChannel", "ssmmessages:CreateDataChannel", "ssmmessages:OpenControlChannel", "ssmmessages:OpenDataChannel", "ec2messages:AcknowledgeMessage", "ec2messages:DeleteMessage", "ec2messages:FailMessage", "ec2messages:GetEndpoint", "ec2messages:GetMessages", "ec2messages:SendReply" ], "malformed": false, "name": "AmazonSSMManagedInstanceCore", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-05-23T16:54:21+00:00", "version": "v2" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSOutpostsAuthorizeServerPolicy", "createdate": "2023-01-04T19:23:22Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "outposts:StartConnection", "outposts:GetConnection" ], "malformed": false, "name": "AWSOutpostsAuthorizeServerPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-01-04T19:23:22+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonQLDBConsoleFullAccess", "createdate": "2022-11-04T17:01:10Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "qldb:CreateLedger", "qldb:UpdateLedger", "qldb:UpdateLedgerPermissionsMode", "qldb:DeleteLedger", "qldb:ListLedgers", "qldb:DescribeLedger", "qldb:ExportJournalToS3", "qldb:ListJournalS3Exports", "qldb:ListJournalS3ExportsForLedger", "qldb:DescribeJournalS3Export", "qldb:CancelJournalKinesisStream", "qldb:DescribeJournalKinesisStream", "qldb:ListJournalKinesisStreamsForLedger", "qldb:StreamJournalToKinesis", "qldb:GetBlock", "qldb:GetDigest", "qldb:GetRevision", "qldb:TagResource", "qldb:UntagResource", "qldb:ListTagsForResource", "qldb:SendCommand", "qldb:ExecuteStatement", "qldb:ShowCatalog", "qldb:InsertSampleData", "qldb:PartiQLCreateTable", "qldb:PartiQLCreateIndex", "qldb:PartiQLDropTable", "qldb:PartiQLDropIndex", "qldb:PartiQLUndropTable", "qldb:PartiQLDelete", "qldb:PartiQLInsert", "qldb:PartiQLUpdate", "qldb:PartiQLSelect", "qldb:PartiQLHistoryFunction", "qldb:PartiQLRedact", "dbqms:CreateFavoriteQuery", "dbqms:CreateQueryHistory", "dbqms:CreateTab", "dbqms:DeleteFavoriteQueries", "dbqms:DeleteQueryHistory", "dbqms:DeleteTab", "dbqms:DescribeFavoriteQueries", "dbqms:DescribeQueryHistory", "dbqms:DescribeTabs", "dbqms:GetQueryString", "dbqms:UpdateFavoriteQuery", "dbqms:UpdateQueryHistory", "dbqms:UpdateTab", "kinesis:ListStreams", "kinesis:DescribeStream", "iam:PassRole" ], "malformed": false, "name": "AmazonQLDBConsoleFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-04T17:01:10+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSDataLifecycleManagerServiceRole", "createdate": "2022-09-19T17:34:08Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateSnapshot", "ec2:CreateSnapshots", "ec2:DeleteSnapshot", "ec2:DescribeInstances", "ec2:DescribeVolumes", "ec2:DescribeSnapshots", "ec2:EnableFastSnapshotRestores", "ec2:DescribeFastSnapshotRestores", "ec2:DisableFastSnapshotRestores", "ec2:CopySnapshot", "ec2:ModifySnapshotAttribute", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:ModifySnapshotTier", "ec2:CreateTags", "events:PutRule", "events:DeleteRule", "events:DescribeRule", "events:EnableRule", "events:DisableRule", "events:ListTargetsByRule", "events:PutTargets", "events:RemoveTargets" ], "malformed": false, "name": "AWSDataLifecycleManagerServiceRole", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-09-19T17:34:08+00:00", "version": "v7" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonCognitoUnauthenticatedIdentities", "createdate": "2023-02-01T22:36:27Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "rum:PutRumEvents" ], "malformed": false, "name": "AmazonCognitoUnauthenticatedIdentities", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-02-01T22:36:27+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonRoute53DomainsFullAccess", "createdate": "2015-02-06T18:40:56Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "route53:CreateHostedZone", "route53domains:AcceptDomainTransferFromAnotherAwsAccount", "route53domains:AssociateDelegationSignerToDomain", "route53domains:CancelDomainTransferToAnotherAwsAccount", "route53domains:CheckDomainAvailability", "route53domains:CheckDomainTransferability", "route53domains:DeleteDomain", "route53domains:DeleteTagsForDomain", "route53domains:DisableDomainAutoRenew", "route53domains:DisableDomainTransferLock", "route53domains:DisassociateDelegationSignerFromDomain", "route53domains:EnableDomainAutoRenew", "route53domains:EnableDomainTransferLock", "route53domains:GetContactReachabilityStatus", "route53domains:GetDomainDetail", "route53domains:GetDomainSuggestions", "route53domains:GetOperationDetail", "route53domains:ListDomains", "route53domains:ListOperations", "route53domains:ListPrices", "route53domains:ListTagsForDomain", "route53domains:PushDomain", "route53domains:RegisterDomain", "route53domains:RejectDomainTransferFromAnotherAwsAccount", "route53domains:RenewDomain", "route53domains:ResendContactReachabilityEmail", "route53domains:ResendOperationAuthorization", "route53domains:RetrieveDomainAuthCode", "route53domains:TransferDomain", "route53domains:TransferDomainToAnotherAwsAccount", "route53domains:UpdateDomainContact", "route53domains:UpdateDomainContactPrivacy", "route53domains:UpdateDomainNameservers", "route53domains:UpdateTagsForDomain", "route53domains:ViewBilling" ], "malformed": false, "name": "AmazonRoute53DomainsFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:40:56+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AppRunnerServiceRolePolicy", "createdate": "2021-05-14T19:15:04Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:CreateLogGroup", "logs:PutRetentionPolicy", "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogStreams", "events:PutRule", "events:PutTargets", "events:DeleteRule", "events:RemoveTargets", "events:DescribeRule", "events:EnableRule", "events:DisableRule" ], "malformed": false, "name": "AppRunnerServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-05-14T19:15:04+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonDetectiveFullAccess", "createdate": "2023-05-17T19:39:57Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "detective:AcceptInvitation", "detective:BatchGetGraphMemberDatasources", "detective:BatchGetMembershipDatasources", "detective:CreateGraph", "detective:CreateMembers", "detective:DeleteGraph", "detective:DeleteMembers", "detective:DescribeOrganizationConfiguration", "detective:DisableOrganizationAdminAccount", "detective:DisassociateMembership", "detective:EnableOrganizationAdminAccount", "detective:GetFreeTrialEligibility", "detective:GetGraphIngestState", "detective:GetInvestigation", "detective:GetMembers", "detective:GetPricingInformation", "detective:GetUsageInformation", "detective:InvokeAssistant", "detective:ListDatasourcePackages", "detective:ListGraphs", "detective:ListHighDegreeEntities", "detective:ListIndicators", "detective:ListInvestigations", "detective:ListInvitations", "detective:ListMembers", "detective:ListOrganizationAdminAccount", "detective:ListTagsForResource", "detective:RejectInvitation", "detective:SearchGraph", "detective:StartInvestigation", "detective:StartMonitoringMember", "detective:TagResource", "detective:UntagResource", "detective:UpdateDatasourcePackages", "detective:UpdateInvestigationState", "detective:UpdateOrganizationConfiguration", "organizations:DescribeOrganization", "organizations:ListAccounts", "guardduty:ArchiveFindings", "guardduty:GetFindings", "guardduty:ListDetectors", "securityhub:GetFindings" ], "malformed": false, "name": "AmazonDetectiveFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-05-17T19:39:57+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/ClientVPNServiceRolePolicy", "createdate": "2020-08-12T19:39:34Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:DescribeSecurityGroups", "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeInternetGateways", "ec2:ModifyNetworkInterfaceAttribute", "ec2:DeleteNetworkInterface", "ec2:DescribeAccountAttributes", "ds:AuthorizeApplication", "ds:DescribeDirectories", "ds:GetDirectoryLimits", "ds:UnauthorizeApplication", "logs:DescribeLogStreams", "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogGroups", "acm:GetCertificate", "acm:DescribeCertificate", "iam:GetSAMLProvider", "lambda:GetFunctionConfiguration" ], "malformed": false, "name": "ClientVPNServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-08-12T19:39:34+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSRefactoringToolkitFullAccess", "createdate": "2024-03-25T18:43:14Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "a2c:GetContainerizationJobDetails", "a2c:GetDeploymentJobDetails", "a2c:StartContainerizationJob", "a2c:StartDeploymentJob", "cloudformation:CreateChangeSet", "cloudformation:CreateStack", "cloudformation:DescribeChangeSet", "cloudformation:DescribeStackEvents", "cloudformation:ExecuteChangeSet", "cloudformation:UpdateStack", "cloudformation:TagResource", "cloudformation:UntagResource", "codebuild:CreateProject", "codebuild:UpdateProject", "codebuild:StartBuild", "ec2:CreateSecurityGroup", "ec2:CreateInternetGateway", "ec2:CreateKeyPair", "ec2:CreateRoute", "ec2:CreateRouteTable", "ec2:CreateSubnet", "ec2:CreateTags", "ec2:CreateVpc", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateInternetGateway", "ec2:CreateKeyPair", "ec2:CreateRoute", "ec2:CreateRouteTable", "ec2:CreateSubnet", "ec2:CreateTags", "ec2:CreateVpc", "ec2:AuthorizeSecurityGroupIngress", "ec2:AssociateRouteTable", "ec2:AttachInternetGateway", "ec2:AuthorizeSecurityGroupIngress", "ec2:DeleteTags", "ec2:ModifySubnetAttribute", "ec2:ModifyVpcAttribute", "ec2:RevokeSecurityGroupIngress", "ec2:CreateSubnet", "ec2:CreateRoute", "ec2:CreateRouteTable", "ec2:AssociateRouteTable", "ec2:AttachInternetGateway", "ec2:AuthorizeSecurityGroupIngress", "ec2:DeleteTags", "ec2:ModifySubnetAttribute", "ec2:ModifyVpcAttribute", "ec2:RevokeSecurityGroupIngress", "ec2:CreateSubnet", "ec2:CreateRoute", "ec2:CreateRouteTable", "ecr:CreateRepository", "ecr:TagResource", "ecr:CreateRepository", "ecr:TagResource", "ecr:GetLifecyclePolicy", "ecr:GetRepositoryPolicy", "ecr:ListImages", "ecr:ListTagsForResource", "ecr:TagResource", "ecr:UntagResource", "ecr:GetLifecyclePolicy", "ecr:GetRepositoryPolicy", "ecr:ListImages", "ecr:ListTagsForResource", "ecr:TagResource", "ecr:UntagResource", "ecs:CreateCluster", "ecs:CreateService", "ecs:RegisterTaskDefinition", "ecs:TagResource", "ecs:CreateCluster", "ecs:CreateService", "ecs:RegisterTaskDefinition", "ecs:TagResource", "ecs:UpdateService", "ecs:TagResource", "ecs:UntagResource", "ecs:UpdateService", "ecs:TagResource", "ecs:UntagResource", "ecs:DescribeTaskDefinition", "ecs:ExecuteCommand", "ecs:ExecuteCommand", "iam:CreateServiceLinkedRole", "logs:CreateLogGroup", "logs:TagResource", "logs:CreateLogGroup", "logs:TagResource", "logs:GetLogEvents", "logs:GetLogEvents", "ssm:AddTagsToResource", "ssm:GetParameters", "ssm:PutParameter", "ssm:RemoveTagsFromResource", "ssm:DescribeSessions", "ssmmessages:CreateControlChannel", "ssmmessages:CreateDataChannel", "ssmmessages:OpenControlChannel", "ssmmessages:OpenDataChannel", "s3:DeleteObject", "s3:GetObject", "s3:PutObject", "s3:ListBucket", "cloudformation:DescribeStacks", "cloudformation:ListStacks", "clouddirectory:ListDirectories", "codebuild:BatchGetProjects", "codebuild:BatchGetBuilds", "ds:DescribeDirectories", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", "ec2:DescribeImages", "ec2:DescribeInternetGateways", "ec2:DescribeKeyPairs", "ec2:DescribeNetworkInterfaces", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeRegions", "ecr:DescribeImages", "ecr:DescribeRepositories", "ecs:DescribeClusters", "ecs:DescribeServices", "ecs:DescribeTasks", "ecs:ListTagsForResource", "ecs:ListTasks", "iam:ListRoles", "s3:GetBucketLocation", "s3:GetBucketVersioning", "s3:ListAllMyBuckets", "secretsmanager:ListSecrets", "iam:GetRole", "s3:GetObject", "application-transformation:StartPortingCompatibilityAssessment", "application-transformation:GetPortingCompatibilityAssessment", "application-transformation:StartPortingRecommendationAssessment", "application-transformation:GetPortingRecommendationAssessment", "application-transformation:PutLogData", "application-transformation:PutMetricData", "application-transformation:StartContainerization", "application-transformation:GetContainerization", "application-transformation:StartDeployment", "application-transformation:GetDeployment", "kms:Decrypt", "kms:Encrypt", "kms:DescribeKey", "kms:GenerateDataKey", "ecr:InitiateLayerUpload", "ecr:PutImage", "ecr:UploadLayerPart", "ecr:CompleteLayerUpload", "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:GetAuthorizationToken", "kms:CreateGrant" ], "malformed": false, "name": "AWSRefactoringToolkitFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-25T18:43:14+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/IAMAccessAnalyzerFullAccess", "createdate": "2019-12-02T17:12:40Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "access-analyzer:ApplyArchiveRule", "access-analyzer:CancelPolicyGeneration", "access-analyzer:CheckAccessNotGranted", "access-analyzer:CheckNoNewAccess", "access-analyzer:CreateAccessPreview", "access-analyzer:CreateAnalyzer", "access-analyzer:CreateArchiveRule", "access-analyzer:DeleteAnalyzer", "access-analyzer:DeleteArchiveRule", "access-analyzer:GetAccessPreview", "access-analyzer:GetAnalyzedResource", "access-analyzer:GetAnalyzer", "access-analyzer:GetArchiveRule", "access-analyzer:GetFinding", "access-analyzer:GetFindingsStatistics", "access-analyzer:GetGeneratedPolicy", "access-analyzer:ListAccessPreviewFindings", "access-analyzer:ListAccessPreviews", "access-analyzer:ListAnalyzedResources", "access-analyzer:ListAnalyzers", "access-analyzer:ListArchiveRules", "access-analyzer:ListFindings", "access-analyzer:ListPolicyGenerations", "access-analyzer:ListTagsForResource", "access-analyzer:StartPolicyGeneration", "access-analyzer:StartResourceScan", "access-analyzer:TagResource", "access-analyzer:UntagResource", "access-analyzer:UpdateArchiveRule", "access-analyzer:UpdateFindings", "access-analyzer:ValidatePolicy", "iam:CreateServiceLinkedRole", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:DescribeOrganizationalUnit", "organizations:ListAccounts", "organizations:ListAccountsForParent", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListChildren", "organizations:ListDelegatedAdministrators", "organizations:ListOrganizationalUnitsForParent", "organizations:ListParents", "organizations:ListRoots" ], "malformed": false, "name": "IAMAccessAnalyzerFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-12-02T17:12:40+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSThinkboxAssetServerPolicy", "createdate": "2020-05-27T19:18:53Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:GetLogEvents", "s3:GetObject", "s3:PutObject", "s3:ListBucket" ], "malformed": false, "name": "AWSThinkboxAssetServerPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-05-27T19:18:53+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSDeepRacerFullAccess", "createdate": "2020-10-05T22:03:10Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:ListAllMyBuckets", "s3:DeleteObject", "s3:DeleteObjectVersion", "s3:GetBucketPolicy", "s3:PutBucketPolicy", "s3:ListBucket", "s3:GetBucketAcl", "s3:GetObject", "s3:GetObjectVersion", "s3:GetObjectAcl", "s3:GetBucketLocation" ], "malformed": false, "name": "AWSDeepRacerFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-10-05T22:03:10+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/CloudHSMServiceRolePolicy", "createdate": "2017-11-06T19:12:46Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogStreams" ], "malformed": false, "name": "CloudHSMServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-11-06T19:12:46+00:00", "version": "v1" }, { "access_levels": [ "List", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonVPCCrossAccountNetworkInterfaceOperations", "createdate": "2023-09-25T15:12:17Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeRouteTables", "ec2:CreateRoute", "ec2:DeleteRoute", "ec2:ReplaceRoute", "ec2:DescribeNetworkInterfaces", "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterfacePermission", "ec2:DescribeNetworkInterfacePermissions", "ec2:ModifyNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeAvailabilityZones", "ec2:DescribeRegions", "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:AssignPrivateIpAddresses", "ec2:UnassignPrivateIpAddresses", "ec2:AssignIpv6Addresses", "ec2:UnassignIpv6Addresses" ], "malformed": false, "name": "AmazonVPCCrossAccountNetworkInterfaceOperations", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-09-25T15:12:17+00:00", "version": "v5" }, { "access_levels": [ "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonEKSVPCResourceController", "createdate": "2020-08-12T00:55:34Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateNetworkInterfacePermission", "ec2:CreateNetworkInterface", "ec2:DetachNetworkInterface", "ec2:ModifyNetworkInterfaceAttribute", "ec2:DeleteNetworkInterface", "ec2:AttachNetworkInterface", "ec2:UnassignPrivateIpAddresses", "ec2:AssignPrivateIpAddresses" ], "malformed": false, "name": "AmazonEKSVPCResourceController", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-08-12T00:55:34+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSThinkboxDeadlineSpotEventPluginWorkerPolicy", "createdate": "2020-12-07T23:31:31Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeInstances", "ec2:DescribeTags", "ec2:TerminateInstances", "ec2:TerminateInstances", "sqs:GetQueueUrl", "sqs:SendMessage" ], "malformed": false, "name": "AWSThinkboxDeadlineSpotEventPluginWorkerPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-07T23:31:31+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSDeviceFarmFullAccess", "createdate": "2015-07-13T16:37:38Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "devicefarm:CreateDevicePool", "devicefarm:CreateInstanceProfile", "devicefarm:CreateNetworkProfile", "devicefarm:CreateProject", "devicefarm:CreateRemoteAccessSession", "devicefarm:CreateTestGridProject", "devicefarm:CreateTestGridUrl", "devicefarm:CreateUpload", "devicefarm:CreateVPCEConfiguration", "devicefarm:DeleteDevicePool", "devicefarm:DeleteInstanceProfile", "devicefarm:DeleteNetworkProfile", "devicefarm:DeleteProject", "devicefarm:DeleteRemoteAccessSession", "devicefarm:DeleteRun", "devicefarm:DeleteTestGridProject", "devicefarm:DeleteUpload", "devicefarm:DeleteVPCEConfiguration", "devicefarm:GetAccountSettings", "devicefarm:GetDevice", "devicefarm:GetDeviceInstance", "devicefarm:GetDevicePool", "devicefarm:GetDevicePoolCompatibility", "devicefarm:GetInstanceProfile", "devicefarm:GetJob", "devicefarm:GetNetworkProfile", "devicefarm:GetOfferingStatus", "devicefarm:GetProject", "devicefarm:GetRemoteAccessSession", "devicefarm:GetRun", "devicefarm:GetSuite", "devicefarm:GetTest", "devicefarm:GetTestGridProject", "devicefarm:GetTestGridSession", "devicefarm:GetUpload", "devicefarm:GetVPCEConfiguration", "devicefarm:InstallToRemoteAccessSession", "devicefarm:ListArtifacts", "devicefarm:ListDeviceInstances", "devicefarm:ListDevicePools", "devicefarm:ListDevices", "devicefarm:ListInstanceProfiles", "devicefarm:ListJobs", "devicefarm:ListNetworkProfiles", "devicefarm:ListOfferingPromotions", "devicefarm:ListOfferingTransactions", "devicefarm:ListOfferings", "devicefarm:ListProjects", "devicefarm:ListRemoteAccessSessions", "devicefarm:ListRuns", "devicefarm:ListSamples", "devicefarm:ListSuites", "devicefarm:ListTagsForResource", "devicefarm:ListTestGridProjects", "devicefarm:ListTestGridSessionActions", "devicefarm:ListTestGridSessionArtifacts", "devicefarm:ListTestGridSessions", "devicefarm:ListTests", "devicefarm:ListUniqueProblems", "devicefarm:ListUploads", "devicefarm:ListVPCEConfigurations", "devicefarm:PurchaseOffering", "devicefarm:RenewOffering", "devicefarm:ScheduleRun", "devicefarm:StopJob", "devicefarm:StopRemoteAccessSession", "devicefarm:StopRun", "devicefarm:TagResource", "devicefarm:UntagResource", "devicefarm:UpdateDeviceInstance", "devicefarm:UpdateDevicePool", "devicefarm:UpdateInstanceProfile", "devicefarm:UpdateNetworkProfile", "devicefarm:UpdateProject", "devicefarm:UpdateTestGridProject", "devicefarm:UpdateUpload", "devicefarm:UpdateVPCEConfiguration" ], "malformed": false, "name": "AWSDeviceFarmFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-07-13T16:37:38+00:00", "version": "v1" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AWSAppMeshPreviewEnvoyAccess", "createdate": "2019-08-05T23:32:39Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "appmesh-preview:StreamAggregatedResources" ], "malformed": false, "name": "AWSAppMeshPreviewEnvoyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-08-05T23:32:39+00:00", "version": "v1" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonMSKConnectReadOnlyAccess", "createdate": "2021-10-18T09:16:26Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "kafkaconnect:ListConnectors", "kafkaconnect:ListCustomPlugins", "kafkaconnect:ListWorkerConfigurations", "kafkaconnect:DescribeConnector", "kafkaconnect:DescribeCustomPlugin", "kafkaconnect:DescribeWorkerConfiguration" ], "malformed": false, "name": "AmazonMSKConnectReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-10-18T09:16:26+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonCloudDirectoryReadOnlyAccess", "createdate": "2017-02-28T23:42:06Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "clouddirectory:ListAppliedSchemaArns", "clouddirectory:ListAttachedIndices", "clouddirectory:ListDevelopmentSchemaArns", "clouddirectory:ListDirectories", "clouddirectory:ListFacetAttributes", "clouddirectory:ListFacetNames", "clouddirectory:ListIncomingTypedLinks", "clouddirectory:ListIndex", "clouddirectory:ListManagedSchemaArns", "clouddirectory:ListObjectAttributes", "clouddirectory:ListObjectChildren", "clouddirectory:ListObjectParentPaths", "clouddirectory:ListObjectParents", "clouddirectory:ListObjectPolicies", "clouddirectory:ListOutgoingTypedLinks", "clouddirectory:ListPolicyAttachments", "clouddirectory:ListPublishedSchemaArns", "clouddirectory:ListTagsForResource", "clouddirectory:ListTypedLinkFacetAttributes", "clouddirectory:ListTypedLinkFacetNames", "clouddirectory:GetAppliedSchemaVersion", "clouddirectory:GetDirectory", "clouddirectory:GetFacet", "clouddirectory:GetLinkAttributes", "clouddirectory:GetObjectAttributes", "clouddirectory:GetObjectInformation", "clouddirectory:GetSchemaAsJson", "clouddirectory:GetTypedLinkFacetInformation", "clouddirectory:LookupPolicy", "clouddirectory:BatchRead" ], "malformed": false, "name": "AmazonCloudDirectoryReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-02-28T23:42:06+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSIoTLogging", "createdate": "2015-10-08T15:17:25Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "logs:PutMetricFilter", "logs:PutRetentionPolicy", "logs:GetLogEvents", "logs:DeleteLogStream" ], "malformed": false, "name": "AWSIoTLogging", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-10-08T15:17:25+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/IVSRecordToS3", "createdate": "2020-12-05T00:10:43Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "s3:PutObject" ], "malformed": false, "name": "IVSRecordToS3", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-05T00:10:43+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/CloudWatchApplicationSignalsServiceRolePolicy", "createdate": "2024-04-18T22:52:11Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "xray:GetServiceGraph", "logs:StartQuery", "logs:GetQueryResults", "cloudwatch:ListMetrics", "cloudwatch:GetMetricData", "tag:GetResources" ], "malformed": false, "name": "CloudWatchApplicationSignalsServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-18T22:52:11+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSAuditManagerAdministratorAccess", "createdate": "2022-04-30T00:02:56Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "auditmanager:AssociateAssessmentReportEvidenceFolder", "auditmanager:BatchAssociateAssessmentReportEvidence", "auditmanager:BatchCreateDelegationByAssessment", "auditmanager:BatchDeleteDelegationByAssessment", "auditmanager:BatchDisassociateAssessmentReportEvidence", "auditmanager:BatchImportEvidenceToAssessmentControl", "auditmanager:CreateAssessment", "auditmanager:CreateAssessmentFramework", "auditmanager:CreateAssessmentReport", "auditmanager:CreateControl", "auditmanager:DeleteAssessment", "auditmanager:DeleteAssessmentFramework", "auditmanager:DeleteAssessmentFrameworkShare", "auditmanager:DeleteAssessmentReport", "auditmanager:DeleteControl", "auditmanager:DeregisterAccount", "auditmanager:DeregisterOrganizationAdminAccount", "auditmanager:DisassociateAssessmentReportEvidenceFolder", "auditmanager:GetAccountStatus", "auditmanager:GetAssessment", "auditmanager:GetAssessmentFramework", "auditmanager:GetAssessmentReportUrl", "auditmanager:GetChangeLogs", "auditmanager:GetControl", "auditmanager:GetDelegations", "auditmanager:GetEvidence", "auditmanager:GetEvidenceByEvidenceFolder", "auditmanager:GetEvidenceFileUploadUrl", "auditmanager:GetEvidenceFolder", "auditmanager:GetEvidenceFoldersByAssessment", "auditmanager:GetEvidenceFoldersByAssessmentControl", "auditmanager:GetInsights", "auditmanager:GetInsightsByAssessment", "auditmanager:GetOrganizationAdminAccount", "auditmanager:GetServicesInScope", "auditmanager:GetSettings", "auditmanager:ListAssessmentControlInsightsByControlDomain", "auditmanager:ListAssessmentFrameworkShareRequests", "auditmanager:ListAssessmentFrameworks", "auditmanager:ListAssessmentReports", "auditmanager:ListAssessments", "auditmanager:ListControlDomainInsights", "auditmanager:ListControlDomainInsightsByAssessment", "auditmanager:ListControlInsightsByControlDomain", "auditmanager:ListControls", "auditmanager:ListKeywordsForDataSource", "auditmanager:ListNotifications", "auditmanager:ListTagsForResource", "auditmanager:RegisterAccount", "auditmanager:RegisterOrganizationAdminAccount", "auditmanager:StartAssessmentFrameworkShare", "auditmanager:TagResource", "auditmanager:UntagResource", "auditmanager:UpdateAssessment", "auditmanager:UpdateAssessmentControl", "auditmanager:UpdateAssessmentControlSetStatus", "auditmanager:UpdateAssessmentFramework", "auditmanager:UpdateAssessmentFrameworkShare", "auditmanager:UpdateAssessmentStatus", "auditmanager:UpdateControl", "auditmanager:UpdateSettings", "auditmanager:ValidateAssessmentReportIntegrity", "organizations:ListAccountsForParent", "organizations:ListAccounts", "organizations:DescribeOrganization", "organizations:DescribeOrganizationalUnit", "organizations:DescribeAccount", "organizations:ListParents", "organizations:ListChildren", "organizations:RegisterDelegatedAdministrator", "organizations:DeregisterDelegatedAdministrator", "organizations:EnableAWSServiceAccess", "iam:GetUser", "iam:ListUsers", "iam:ListRoles", "iam:CreateServiceLinkedRole", "iam:DeleteServiceLinkedRole", "iam:UpdateRoleDescription", "iam:GetServiceLinkedRoleDeletionStatus", "s3:ListAllMyBuckets", "kms:DescribeKey", "kms:ListKeys", "kms:ListAliases", "kms:CreateGrant", "sns:ListTopics", "events:PutRule", "events:DeleteRule", "events:DescribeRule", "events:EnableRule", "events:DisableRule", "events:ListTargetsByRule", "events:PutTargets", "events:RemoveTargets", "tag:GetResources" ], "malformed": false, "name": "AWSAuditManagerAdministratorAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-04-30T00:02:56+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSSupplyChainFederationAdminAccess", "createdate": "2023-11-01T18:50:13Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "scn:AssignAdminPermissionsToUser", "scn:CreateBillOfMaterialsImportJob", "scn:CreateInstance", "scn:CreateSSOApplication", "scn:DeleteInstance", "scn:DeleteSSOApplication", "scn:DescribeInstance", "scn:GetBillOfMaterialsImportJob", "scn:ListAdminUsers", "scn:ListInstances", "scn:ListTagsForResource", "scn:RemoveAdminPermissionsForUser", "scn:SendDataIntegrationEvent", "scn:TagResource", "scn:UntagResource", "scn:UpdateInstance", "chime:BatchCreateChannelMembership", "chime:CreateAppInstanceUser", "chime:CreateChannel", "chime:CreateChannelMembership", "chime:CreateChannelModerator", "chime:Connect", "chime:DeleteChannelMembership", "chime:DeleteChannelModerator", "chime:DescribeChannelMembershipForAppInstanceUser", "chime:GetChannelMembershipPreferences", "chime:ListChannelMemberships", "chime:ListChannelMembershipsForAppInstanceUser", "chime:ListChannelMessages", "chime:ListChannelModerators", "chime:TagResource", "chime:PutChannelMembershipPreferences", "chime:SendChannelMessage", "chime:UpdateChannelReadMarker", "chime:UpdateAppInstanceUser", "chime:DescribeChannel", "chime:GetMessagingSessionEndpoint", "sso:GetManagedApplicationInstance", "sso:ListDirectoryAssociations", "sso:AssociateProfile", "sso:DisassociateProfile", "sso:ListProfiles", "sso:GetProfile", "sso:ListProfileAssociations", "appflow:CreateConnectorProfile", "appflow:UseConnectorProfile", "appflow:DeleteConnectorProfile", "appflow:UpdateConnectorProfile", "appflow:CreateFlow", "appflow:DeleteFlow", "appflow:DescribeFlow", "appflow:DescribeFlowExecutionRecords", "appflow:ListFlows", "appflow:StartFlow", "appflow:StopFlow", "appflow:UpdateFlow", "appflow:TagResource", "appflow:UntagResource", "s3:ListAllMyBuckets", "s3:GetBucketLocation", "s3:GetBucketPolicy", "s3:ListBucket", "s3:GetObject", "s3:PutObject", "secretsmanager:CreateSecret", "secretsmanager:PutResourcePolicy", "kms:ListKeys", "kms:ListAliases", "kms:DescribeKey", "kms:ListGrants", "kms:CreateGrant" ], "malformed": false, "name": "AWSSupplyChainFederationAdminAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-01T18:50:13+00:00", "version": "v3" }, { "access_levels": [ "List" ], "arn": "arn:aws:iam::aws:policy/AmazonHoneycodeTeamAssociationReadOnlyAccess", "createdate": "2020-06-24T20:27:46Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "honeycode:ListTeamAssociations" ], "malformed": false, "name": "AmazonHoneycodeTeamAssociationReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-06-24T20:27:46+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonRedshiftReadOnlyAccess", "createdate": "2024-02-08T00:24:13Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "redshift:DescribeAccountAttributes", "redshift:DescribeAuthenticationProfiles", "redshift:DescribeClusterDbRevisions", "redshift:DescribeClusterParameterGroups", "redshift:DescribeClusterParameters", "redshift:DescribeClusterSecurityGroups", "redshift:DescribeClusterSnapshots", "redshift:DescribeClusterSubnetGroups", "redshift:DescribeClusterTracks", "redshift:DescribeClusterVersions", "redshift:DescribeClusters", "redshift:DescribeCustomDomainAssociations", "redshift:DescribeDataShares", "redshift:DescribeDataSharesForConsumer", "redshift:DescribeDataSharesForProducer", "redshift:DescribeDefaultClusterParameters", "redshift:DescribeEndpointAccess", "redshift:DescribeEndpointAuthorization", "redshift:DescribeEventCategories", "redshift:DescribeEventSubscriptions", "redshift:DescribeEvents", "redshift:DescribeHsmClientCertificates", "redshift:DescribeHsmConfigurations", "redshift:DescribeInboundIntegrations", "redshift:DescribeLoggingStatus", "redshift:DescribeNodeConfigurationOptions", "redshift:DescribeOrderableClusterOptions", "redshift:DescribePartners", "redshift:DescribeQev2IdcApplications", "redshift:DescribeQuery", "redshift:DescribeRedshiftIdcApplications", "redshift:DescribeReservedNodeExchangeStatus", "redshift:DescribeReservedNodeOfferings", "redshift:DescribeReservedNodes", "redshift:DescribeResize", "redshift:DescribeSavedQueries", "redshift:DescribeScheduledActions", "redshift:DescribeSnapshotCopyGrants", "redshift:DescribeSnapshotSchedules", "redshift:DescribeStorage", "redshift:DescribeTable", "redshift:DescribeTableRestoreStatus", "redshift:DescribeTags", "redshift:DescribeUsageLimits", "redshift:ListRecommendations", "redshift:ViewQueriesInConsole", "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DescribeAvailabilityZones", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeInternetGateways", "sns:GetDataProtectionPolicy", "sns:GetEndpointAttributes", "sns:GetPlatformApplicationAttributes", "sns:GetSMSAttributes", "sns:GetSMSSandboxAccountStatus", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:ListEndpointsByPlatformApplication", "sns:ListOriginationNumbers", "sns:ListPhoneNumbersOptedOut", "sns:ListPlatformApplications", "sns:ListSMSSandboxPhoneNumbers", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap" ], "malformed": false, "name": "AmazonRedshiftReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-08T00:24:13+00:00", "version": "v2" }, { "access_levels": [ "List", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSIQPermissionServiceRolePolicy", "createdate": "2019-08-22T19:36:29Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:DeleteRole", "iam:ListAttachedRolePolicies", "iam:AttachRolePolicy", "iam:DetachRolePolicy" ], "malformed": false, "name": "AWSIQPermissionServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-08-22T19:36:29+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/ROSAKubeControllerPolicy", "createdate": "2023-10-16T18:17:05Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeAvailabilityZones", "ec2:DescribeInstances", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeLoadBalancerPolicies", "kms:DescribeKey", "elasticloadbalancing:AddTags", "elasticloadbalancing:ConfigureHealthCheck", "elasticloadbalancing:CreateLoadBalancerPolicy", "elasticloadbalancing:DeleteLoadBalancer", "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:ModifyLoadBalancerAttributes", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer", "elasticloadbalancing:CreateTargetGroup", "elasticloadbalancing:DeleteListener", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:ModifyTargetGroup", "elasticloadbalancing:DeleteTargetGroup", "elasticloadbalancing:ApplySecurityGroupsToLoadBalancer", "elasticloadbalancing:CreateLoadBalancerListeners", "elasticloadbalancing:DeleteLoadBalancerListeners", "elasticloadbalancing:AttachLoadBalancerToSubnets", "elasticloadbalancing:DetachLoadBalancerFromSubnets", "elasticloadbalancing:ModifyListener", "elasticloadbalancing:SetLoadBalancerPoliciesOfListener", "elasticloadbalancing:CreateListener", "ec2:CreateSecurityGroup", "ec2:CreateSecurityGroup", "elasticloadbalancing:CreateLoadBalancer", "ec2:AuthorizeSecurityGroupIngress", "ec2:RevokeSecurityGroupIngress", "ec2:DeleteSecurityGroup", "ec2:CreateTags" ], "malformed": false, "name": "ROSAKubeControllerPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-10-16T18:17:05+00:00", "version": "v3" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerPartnerServiceCatalogProductsLambdaServiceRolePolicy", "createdate": "2023-08-01T15:05:51Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "secretsmanager:GetSecretValue" ], "malformed": false, "name": "AmazonSageMakerPartnerServiceCatalogProductsLambdaServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-08-01T15:05:51+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonOpenSearchServerlessServiceRolePolicy", "createdate": "2022-11-24T19:50:12Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:PutMetricData" ], "malformed": false, "name": "AmazonOpenSearchServerlessServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-24T19:50:12+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSLakeFormationCrossAccountManager", "createdate": "2024-03-22T18:51:56Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ram:CreateResourceShare", "ram:UpdateResourceShare", "ram:DeleteResourceShare", "ram:AssociateResourceShare", "ram:DisassociateResourceShare", "ram:GetResourceShares", "ram:AssociateResourceSharePermission", "glue:PutResourcePolicy", "glue:DeleteResourcePolicy", "organizations:DescribeOrganization", "organizations:DescribeAccount", "ram:GetPermission", "ram:GetResourcePolicies", "ram:GetResourceShareAssociations", "ram:GetResourceShareInvitations", "ram:GetResourceShares", "ram:ListPendingInvitationResources", "ram:ListPermissionAssociations", "ram:ListPermissionVersions", "ram:ListPermissions", "ram:ListPrincipals", "ram:ListReplacePermissionAssociationsWork", "ram:ListResourceSharePermissions", "ram:ListResourceTypes", "ram:ListResources", "organizations:ListRoots", "organizations:ListAccountsForParent", "organizations:ListOrganizationalUnitsForParent" ], "malformed": false, "name": "AWSLakeFormationCrossAccountManager", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-22T18:51:56+00:00", "version": "v6" }, { "access_levels": [], "arn": "arn:aws:iam::aws:policy/AWSCompromisedKeyQuarantine", "createdate": "2020-08-11T18:04:13Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [], "malformed": false, "name": "AWSCompromisedKeyQuarantine", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-08-11T18:04:13+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonSSMReadOnlyAccess", "createdate": "2015-05-29T17:44:19Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ssm:DescribeActivations", "ssm:DescribeAssociation", "ssm:DescribeAssociationExecutionTargets", "ssm:DescribeAssociationExecutions", "ssm:DescribeAutomationExecutions", "ssm:DescribeAutomationStepExecutions", "ssm:DescribeAvailablePatches", "ssm:DescribeDocument", "ssm:DescribeDocumentParameters", "ssm:DescribeDocumentPermission", "ssm:DescribeEffectiveInstanceAssociations", "ssm:DescribeEffectivePatchesForPatchBaseline", "ssm:DescribeInstanceAssociationsStatus", "ssm:DescribeInstanceInformation", "ssm:DescribeInstancePatchStates", "ssm:DescribeInstancePatchStatesForPatchGroup", "ssm:DescribeInstancePatches", "ssm:DescribeInstanceProperties", "ssm:DescribeInventoryDeletions", "ssm:DescribeMaintenanceWindowExecutionTaskInvocations", "ssm:DescribeMaintenanceWindowExecutionTasks", "ssm:DescribeMaintenanceWindowExecutions", "ssm:DescribeMaintenanceWindowSchedule", "ssm:DescribeMaintenanceWindowTargets", "ssm:DescribeMaintenanceWindowTasks", "ssm:DescribeMaintenanceWindows", "ssm:DescribeMaintenanceWindowsForTarget", "ssm:DescribeOpsItems", "ssm:DescribeParameters", "ssm:DescribePatchBaselines", "ssm:DescribePatchGroupState", "ssm:DescribePatchGroups", "ssm:DescribePatchProperties", "ssm:DescribeSessions", "ssm:GetAutomationExecution", "ssm:GetCalendar", "ssm:GetCalendarState", "ssm:GetCommandInvocation", "ssm:GetConnectionStatus", "ssm:GetDefaultPatchBaseline", "ssm:GetDeployablePatchSnapshotForInstance", "ssm:GetDocument", "ssm:GetInventory", "ssm:GetInventorySchema", "ssm:GetMaintenanceWindow", "ssm:GetMaintenanceWindowExecution", "ssm:GetMaintenanceWindowExecutionTask", "ssm:GetMaintenanceWindowExecutionTaskInvocation", "ssm:GetMaintenanceWindowTask", "ssm:GetManifest", "ssm:GetOpsItem", "ssm:GetOpsMetadata", "ssm:GetOpsSummary", "ssm:GetParameter", "ssm:GetParameterHistory", "ssm:GetParameters", "ssm:GetParametersByPath", "ssm:GetPatchBaseline", "ssm:GetPatchBaselineForPatchGroup", "ssm:GetResourcePolicies", "ssm:GetServiceSetting", "ssm:ListAssociationVersions", "ssm:ListAssociations", "ssm:ListCommandInvocations", "ssm:ListCommands", "ssm:ListComplianceItems", "ssm:ListComplianceSummaries", "ssm:ListDocumentMetadataHistory", "ssm:ListDocumentVersions", "ssm:ListDocuments", "ssm:ListInstanceAssociations", "ssm:ListInventoryEntries", "ssm:ListOpsItemEvents", "ssm:ListOpsItemRelatedItems", "ssm:ListOpsMetadata", "ssm:ListResourceComplianceSummaries", "ssm:ListResourceDataSync", "ssm:ListTagsForResource" ], "malformed": false, "name": "AmazonSSMReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-05-29T17:44:19+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonWorkSpacesWebReadOnly", "createdate": "2022-11-02T20:20:44Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "workspaces-web:GetBrowserSettings", "workspaces-web:GetIdentityProvider", "workspaces-web:GetNetworkSettings", "workspaces-web:GetPortal", "workspaces-web:GetPortalServiceProviderMetadata", "workspaces-web:GetTrustStore", "workspaces-web:GetTrustStoreCertificate", "workspaces-web:GetUserSettings", "workspaces-web:GetUserAccessLoggingSettings", "workspaces-web:ListBrowserSettings", "workspaces-web:ListIdentityProviders", "workspaces-web:ListNetworkSettings", "workspaces-web:ListPortals", "workspaces-web:ListTagsForResource", "workspaces-web:ListTrustStoreCertificates", "workspaces-web:ListTrustStores", "workspaces-web:ListUserSettings", "workspaces-web:ListUserAccessLoggingSettings", "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "kinesis:ListStreams" ], "malformed": false, "name": "AmazonWorkSpacesWebReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-02T20:20:44+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonGuardDutyServiceRolePolicy", "createdate": "2024-03-27T00:58:20Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeInstances", "ec2:DescribeImages", "ec2:DescribeVpcEndpoints", "ec2:DescribeSubnets", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeTransitGatewayAttachments", "organizations:ListAccounts", "organizations:DescribeAccount", "organizations:DescribeOrganization", "s3:GetBucketPublicAccessBlock", "s3:GetEncryptionConfiguration", "s3:GetBucketTagging", "s3:GetAccountPublicAccessBlock", "s3:ListAllMyBuckets", "s3:GetBucketAcl", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "lambda:GetFunctionConfiguration", "lambda:ListTags", "eks:ListClusters", "eks:DescribeCluster", "ec2:DescribeVpcEndpointServices", "ec2:DescribeSecurityGroups", "ecs:ListClusters", "ecs:DescribeClusters", "iam:CreateServiceLinkedRole", "ec2:CreateVpcEndpoint", "ec2:ModifyVpcEndpoint", "ec2:DeleteVpcEndpoints", "ec2:CreateVpcEndpoint", "ec2:ModifyVpcEndpoint", "ec2:CreateTags", "ec2:AuthorizeSecurityGroupIngress", "ec2:AuthorizeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:RevokeSecurityGroupEgress", "ec2:DeleteSecurityGroup", "ec2:CreateSecurityGroup", "ec2:CreateSecurityGroup", "ec2:CreateTags", "eks:CreateAddon", "eks:DeleteAddon", "eks:UpdateAddon", "eks:DescribeAddon", "eks:TagResource", "ecs:PutAccountSettingDefault", "ssm:DescribeAssociation", "ssm:DeleteAssociation", "ssm:UpdateAssociation", "ssm:CreateAssociation", "ssm:StartAssociationsOnce", "ssm:AddTagsToResource", "ssm:CreateAssociation", "ssm:UpdateAssociation", "ssm:SendCommand", "ssm:GetCommandInvocation" ], "malformed": false, "name": "AmazonGuardDutyServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-27T00:58:20+00:00", "version": "v9" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonSecurityLakePermissionsBoundary", "createdate": "2022-11-29T14:11:12Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:GetObject", "s3:GetObjectVersion", "s3:ListBucket", "s3:ListBucketVersions", "s3:PutObject", "s3:GetBucketLocation", "kms:Decrypt", "kms:GenerateDataKey", "sqs:ReceiveMessage", "sqs:ChangeMessageVisibility", "sqs:DeleteMessage", "sqs:GetQueueUrl", "sqs:SendMessage", "sqs:GetQueueAttributes", "sqs:ListQueues" ], "malformed": true, "name": "AmazonSecurityLakePermissionsBoundary", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-29T14:11:12+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonMachineLearningRealTimePredictionOnlyAccess", "createdate": "2015-04-09T17:44:06Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "machinelearning:Predict" ], "malformed": false, "name": "AmazonMachineLearningRealTimePredictionOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-04-09T17:44:06+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSMarketplaceProcurementSystemAdminFullAccess", "createdate": "2019-06-25T13:07:47Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "aws-marketplace:PutProcurementSystemConfiguration", "aws-marketplace:DescribeProcurementSystemConfiguration", "organizations:DescribeAccount", "organizations:DescribeCreateAccountStatus", "organizations:DescribeEffectivePolicy", "organizations:DescribeHandshake", "organizations:DescribeOrganization", "organizations:DescribeOrganizationalUnit", "organizations:DescribePolicy", "organizations:DescribeResourcePolicy", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListAccounts", "organizations:ListAccountsForParent", "organizations:ListChildren", "organizations:ListCreateAccountStatus", "organizations:ListDelegatedAdministrators", "organizations:ListDelegatedServicesForAccount", "organizations:ListHandshakesForAccount", "organizations:ListHandshakesForOrganization", "organizations:ListOrganizationalUnitsForParent", "organizations:ListParents", "organizations:ListPolicies", "organizations:ListPoliciesForTarget", "organizations:ListRoots", "organizations:ListTagsForResource", "organizations:ListTargetsForPolicy" ], "malformed": false, "name": "AWSMarketplaceProcurementSystemAdminFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-25T13:07:47+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/Route53RecoveryReadinessServiceRolePolicy", "createdate": "2023-02-14T18:08:46Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "dynamodb:DescribeReservedCapacity", "dynamodb:DescribeReservedCapacityOfferings", "dynamodb:DescribeTable", "dynamodb:DescribeTimeToLive", "iam:CreateServiceLinkedRole", "lambda:GetFunctionConcurrency", "lambda:GetFunctionConfiguration", "lambda:GetProvisionedConcurrencyConfig", "lambda:ListProvisionedConcurrencyConfigs", "lambda:ListAliases", "lambda:ListVersionsByFunction", "rds:DescribeDBClusters", "rds:DescribeDBInstances", "route53:ListResourceRecordSets", "route53:GetHealthCheck", "route53:GetHealthCheckStatus", "servicequotas:RequestServiceQuotaIncrease", "sns:GetTopicAttributes", "sns:ListSubscriptionsByTopic", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "apigateway:GET", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingPolicies", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "cloudwatch:GetMetricData", "cloudwatch:DescribeAlarms", "dynamodb:DescribeLimits", "dynamodb:ListGlobalTables", "dynamodb:ListTables", "ec2:DescribeAvailabilityZones", "ec2:DescribeCustomerGateways", "ec2:DescribeInstances", "ec2:DescribeSubnets", "ec2:DescribeVolumes", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:GetEbsEncryptionByDefault", "ec2:GetEbsDefaultKmsKeyId", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "kafka:DescribeCluster", "kafka:DescribeConfigurationRevision", "lambda:ListEventSourceMappings", "lambda:ListFunctions", "rds:DescribeAccountAttributes", "route53:GetHostedZone", "servicequotas:ListAWSDefaultServiceQuotas", "servicequotas:ListRequestedServiceQuotaChangeHistory", "servicequotas:ListServiceQuotas", "servicequotas:ListServices", "sns:GetEndpointAttributes", "sns:GetSubscriptionAttributes" ], "malformed": false, "name": "Route53RecoveryReadinessServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-02-14T18:08:46+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/SecretsManagerReadWrite", "createdate": "2024-02-22T18:12:06Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "secretsmanager:BatchGetSecretValue", "secretsmanager:CancelRotateSecret", "secretsmanager:CreateSecret", "secretsmanager:DeleteResourcePolicy", "secretsmanager:DeleteSecret", "secretsmanager:DescribeSecret", "secretsmanager:GetRandomPassword", "secretsmanager:GetResourcePolicy", "secretsmanager:GetSecretValue", "secretsmanager:ListSecretVersionIds", "secretsmanager:ListSecrets", "secretsmanager:PutResourcePolicy", "secretsmanager:PutSecretValue", "secretsmanager:RemoveRegionsFromReplication", "secretsmanager:ReplicateSecretToRegions", "secretsmanager:RestoreSecret", "secretsmanager:RotateSecret", "secretsmanager:StopReplicationToReplica", "secretsmanager:TagResource", "secretsmanager:UntagResource", "secretsmanager:UpdateSecret", "secretsmanager:UpdateSecretVersionStage", "secretsmanager:ValidateResourcePolicy", "cloudformation:CreateChangeSet", "cloudformation:DescribeChangeSet", "cloudformation:DescribeStackResource", "cloudformation:DescribeStacks", "cloudformation:ExecuteChangeSet", "docdb-elastic:GetCluster", "docdb-elastic:ListClusters", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "kms:DescribeKey", "kms:ListAliases", "kms:ListKeys", "lambda:ListFunctions", "rds:DescribeDBClusters", "rds:DescribeDBInstances", "redshift:DescribeClusters", "redshift-serverless:ListWorkgroups", "redshift-serverless:GetNamespace", "tag:GetResources", "lambda:AddPermission", "lambda:CreateFunction", "lambda:GetFunction", "lambda:InvokeFunction", "lambda:UpdateFunctionConfiguration", "serverlessrepo:CreateCloudFormationChangeSet", "serverlessrepo:GetApplication", "s3:GetObject" ], "malformed": false, "name": "SecretsManagerReadWrite", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-22T18:12:06+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonElasticsearchServiceRolePolicy", "createdate": "2023-10-23T06:58:31Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:DescribeNetworkInterfaces", "ec2:ModifyNetworkInterfaceAttribute", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "elasticloadbalancing:AddListenerCertificates", "elasticloadbalancing:RemoveListenerCertificates", "acm:DescribeCertificate", "cloudwatch:PutMetricData", "ec2:CreateVpcEndpoint", "ec2:ModifyVpcEndpoint", "ec2:CreateVpcEndpoint", "ec2:ModifyVpcEndpoint", "ec2:DeleteVpcEndpoints", "ec2:DescribeVpcEndpoints", "ec2:AssignIpv6Addresses", "ec2:UnassignIpv6Addresses", "ec2:CreateTags" ], "malformed": false, "name": "AmazonElasticsearchServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-10-23T06:58:31+00:00", "version": "v7" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonDataZoneFullAccess", "createdate": "2024-03-12T16:34:41Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "datazone:AcceptPredictions", "datazone:AcceptSubscriptionRequest", "datazone:AddPolicyGrant", "datazone:CancelMetadataGenerationRun", "datazone:CancelSubscription", "datazone:CreateAsset", "datazone:CreateAssetRevision", "datazone:CreateAssetType", "datazone:CreateDataSource", "datazone:CreateDomain", "datazone:CreateEnvironment", "datazone:CreateEnvironmentBlueprint", "datazone:CreateEnvironmentProfile", "datazone:CreateFormType", "datazone:CreateGlossary", "datazone:CreateGlossaryTerm", "datazone:CreateGroupProfile", "datazone:CreateListingChangeSet", "datazone:CreateProject", "datazone:CreateProjectMembership", "datazone:CreateSubscriptionGrant", "datazone:CreateSubscriptionRequest", "datazone:CreateSubscriptionTarget", "datazone:CreateUserProfile", "datazone:DeleteAsset", "datazone:DeleteAssetType", "datazone:DeleteDataSource", "datazone:DeleteDomain", "datazone:DeleteDomainSharingPolicy", "datazone:DeleteEnvironment", "datazone:DeleteEnvironmentBlueprint", "datazone:DeleteEnvironmentBlueprintConfiguration", "datazone:DeleteEnvironmentProfile", "datazone:DeleteFormType", "datazone:DeleteGlossary", "datazone:DeleteGlossaryTerm", "datazone:DeleteListing", "datazone:DeleteProject", "datazone:DeleteProjectMembership", "datazone:DeleteSubscriptionGrant", "datazone:DeleteSubscriptionRequest", "datazone:DeleteSubscriptionTarget", "datazone:DeleteTimeSeriesDataPoints", "datazone:GetAsset", "datazone:GetAssetType", "datazone:GetDataSource", "datazone:GetDataSourceRun", "datazone:GetDomain", "datazone:GetDomainSharingPolicy", "datazone:GetEnvironment", "datazone:GetEnvironmentActionLink", "datazone:GetEnvironmentBlueprint", "datazone:GetEnvironmentBlueprintConfiguration", "datazone:GetEnvironmentCredentials", "datazone:GetEnvironmentProfile", "datazone:GetFormType", "datazone:GetGlossary", "datazone:GetGlossaryTerm", "datazone:GetGroupProfile", "datazone:GetIamPortalLoginUrl", "datazone:GetListing", "datazone:GetMetadataGenerationRun", "datazone:GetProject", "datazone:GetSubscription", "datazone:GetSubscriptionEligibility", "datazone:GetSubscriptionGrant", "datazone:GetSubscriptionRequestDetails", "datazone:GetSubscriptionTarget", "datazone:GetTimeSeriesDataPoint", "datazone:GetUserProfile", "datazone:ListAccountEnvironments", "datazone:ListAssetRevisions", "datazone:ListDataSourceRunActivities", "datazone:ListDataSourceRuns", "datazone:ListDataSources", "datazone:ListDomains", "datazone:ListEnvironmentBlueprintConfigurationSummaries", "datazone:ListEnvironmentBlueprintConfigurations", "datazone:ListEnvironmentBlueprints", "datazone:ListEnvironmentProfiles", "datazone:ListEnvironments", "datazone:ListGroupsForUser", "datazone:ListMetadataGenerationRuns", "datazone:ListNotifications", "datazone:ListPolicyGrants", "datazone:ListProjectMemberships", "datazone:ListProjects", "datazone:ListSubscriptionGrants", "datazone:ListSubscriptionRequests", "datazone:ListSubscriptionTargets", "datazone:ListSubscriptions", "datazone:ListTagsForResource", "datazone:ListTimeSeriesDataPoints", "datazone:ListWarehouseMetadata", "datazone:PostTimeSeriesDataPoints", "datazone:ProvisionDomain", "datazone:PutDomainSharingPolicy", "datazone:PutEnvironmentBlueprintConfiguration", "datazone:RefreshToken", "datazone:RejectPredictions", "datazone:RejectSubscriptionRequest", "datazone:RemovePolicyGrant", "datazone:RevokeSubscription", "datazone:Search", "datazone:SearchGroupProfiles", "datazone:SearchListings", "datazone:SearchTypes", "datazone:SearchUserProfiles", "datazone:SsoLogin", "datazone:SsoLogout", "datazone:StartDataSourceRun", "datazone:StartMetadataGenerationRun", "datazone:StopMetadataGenerationRun", "datazone:TagResource", "datazone:UntagResource", "datazone:UpdateDataSource", "datazone:UpdateDataSourceRunActivities", "datazone:UpdateDomain", "datazone:UpdateEnvironment", "datazone:UpdateEnvironmentBlueprint", "datazone:UpdateEnvironmentConfiguration", "datazone:UpdateEnvironmentDeploymentStatus", "datazone:UpdateEnvironmentProfile", "datazone:UpdateGlossary", "datazone:UpdateGlossaryTerm", "datazone:UpdateGroupProfile", "datazone:UpdateProject", "datazone:UpdateSubscriptionGrantStatus", "datazone:UpdateSubscriptionRequest", "datazone:UpdateSubscriptionTarget", "datazone:UpdateUserProfile", "datazone:ValidatePassRole", "kms:DescribeKey", "kms:ListAliases", "iam:ListRoles", "sso:DescribeRegisteredRegions", "s3:ListAllMyBuckets", "redshift:DescribeClusters", "redshift-serverless:ListWorkgroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "secretsmanager:ListSecrets", "s3:ListBucket", "s3:GetBucketLocation", "s3:CreateBucket", "ram:CreateResourceShare", "ram:DeleteResourceShare", "ram:AssociateResourceShare", "ram:DisassociateResourceShare", "ram:RejectResourceShareInvitation", "ram:GetResourceShares", "ram:GetResourceShareInvitations", "ram:GetResourceShareAssociations", "iam:PassRole", "secretsmanager:TagResource", "secretsmanager:CreateSecret" ], "malformed": false, "name": "AmazonDataZoneFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-12T16:34:41+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/NeptuneConsoleFullAccess", "createdate": "2023-11-30T07:32:44Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "rds:CreateDBCluster", "rds:CreateDBInstance", "rds:AddRoleToDBCluster", "rds:AddSourceIdentifierToSubscription", "rds:AddTagsToResource", "rds:ApplyPendingMaintenanceAction", "rds:CopyDBClusterParameterGroup", "rds:CopyDBClusterSnapshot", "rds:CopyDBParameterGroup", "rds:CreateDBClusterParameterGroup", "rds:CreateDBClusterSnapshot", "rds:CreateDBParameterGroup", "rds:CreateDBSubnetGroup", "rds:CreateEventSubscription", "rds:DeleteDBCluster", "rds:DeleteDBClusterParameterGroup", "rds:DeleteDBClusterSnapshot", "rds:DeleteDBInstance", "rds:DeleteDBParameterGroup", "rds:DeleteDBSubnetGroup", "rds:DeleteEventSubscription", "rds:DescribeAccountAttributes", "rds:DescribeCertificates", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBSecurityGroups", "rds:DescribeDBSubnetGroups", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeValidDBInstanceModifications", "rds:DownloadDBLogFilePortion", "rds:FailoverDBCluster", "rds:ListTagsForResource", "rds:ModifyDBCluster", "rds:ModifyDBClusterParameterGroup", "rds:ModifyDBClusterSnapshotAttribute", "rds:ModifyDBInstance", "rds:ModifyDBParameterGroup", "rds:ModifyDBSubnetGroup", "rds:ModifyEventSubscription", "rds:PromoteReadReplicaDBCluster", "rds:RebootDBInstance", "rds:RemoveRoleFromDBCluster", "rds:RemoveSourceIdentifierFromSubscription", "rds:RemoveTagsFromResource", "rds:ResetDBClusterParameterGroup", "rds:ResetDBParameterGroup", "rds:RestoreDBClusterFromSnapshot", "rds:RestoreDBClusterToPointInTime", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "ec2:AllocateAddress", "ec2:AssignIpv6Addresses", "ec2:AssignPrivateIpAddresses", "ec2:AssociateAddress", "ec2:AssociateRouteTable", "ec2:AssociateSubnetCidrBlock", "ec2:AssociateVpcCidrBlock", "ec2:AttachInternetGateway", "ec2:AttachNetworkInterface", "ec2:CreateCustomerGateway", "ec2:CreateDefaultSubnet", "ec2:CreateDefaultVpc", "ec2:CreateInternetGateway", "ec2:CreateNatGateway", "ec2:CreateNetworkInterface", "ec2:CreateRoute", "ec2:CreateRouteTable", "ec2:CreateSecurityGroup", "ec2:CreateSubnet", "ec2:CreateVpc", "ec2:CreateVpcEndpoint", "ec2:CreateVpcEndpoint", "ec2:DescribeAccountAttributes", "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DescribeAvailabilityZones", "ec2:DescribeAvailabilityZones", "ec2:DescribeCustomerGateways", "ec2:DescribeInstances", "ec2:DescribeNatGateways", "ec2:DescribeNetworkInterfaces", "ec2:DescribePrefixLists", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroups", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcs", "ec2:DescribeVpcs", "ec2:ModifyNetworkInterfaceAttribute", "ec2:ModifySubnetAttribute", "ec2:ModifyVpcAttribute", "ec2:ModifyVpcEndpoint", "iam:ListRoles", "kms:ListAliases", "kms:ListKeyPolicies", "kms:ListKeys", "kms:ListRetirableGrants", "logs:DescribeLogStreams", "logs:GetLogEvents", "sns:ListSubscriptions", "sns:ListTopics", "sns:Publish", "iam:PassRole", "iam:CreateServiceLinkedRole", "neptune-graph:CreateGraph", "neptune-graph:DeleteGraph", "neptune-graph:GetGraph", "neptune-graph:ListGraphs", "neptune-graph:UpdateGraph", "neptune-graph:ResetGraph", "neptune-graph:CreateGraphSnapshot", "neptune-graph:DeleteGraphSnapshot", "neptune-graph:GetGraphSnapshot", "neptune-graph:ListGraphSnapshots", "neptune-graph:RestoreGraphFromSnapshot", "neptune-graph:CreatePrivateGraphEndpoint", "neptune-graph:GetPrivateGraphEndpoint", "neptune-graph:ListPrivateGraphEndpoints", "neptune-graph:DeletePrivateGraphEndpoint", "neptune-graph:CreateGraphUsingImportTask", "neptune-graph:GetImportTask", "neptune-graph:ListImportTasks", "neptune-graph:CancelImportTask", "iam:PassRole", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "NeptuneConsoleFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-30T07:32:44+00:00", "version": "v5" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/Ec2InstanceConnectEndpoint", "createdate": "2023-01-24T20:19:21Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeNetworkInterfaces", "ec2:DescribeAvailabilityZones", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterface", "ec2:ModifyNetworkInterfaceAttribute", "ec2:CreateTags", "ec2:DeleteNetworkInterface" ], "malformed": false, "name": "Ec2InstanceConnectEndpoint", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-01-24T20:19:21+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AwsGlueDataBrewFullAccessPolicy", "createdate": "2022-02-04T18:28:33Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "databrew:CreateDataset", "databrew:DescribeDataset", "databrew:ListDatasets", "databrew:UpdateDataset", "databrew:DeleteDataset", "databrew:CreateProject", "databrew:DescribeProject", "databrew:ListProjects", "databrew:StartProjectSession", "databrew:SendProjectSessionAction", "databrew:UpdateProject", "databrew:DeleteProject", "databrew:CreateRecipe", "databrew:DescribeRecipe", "databrew:ListRecipes", "databrew:ListRecipeVersions", "databrew:PublishRecipe", "databrew:UpdateRecipe", "databrew:BatchDeleteRecipeVersion", "databrew:DeleteRecipeVersion", "databrew:CreateRecipeJob", "databrew:CreateProfileJob", "databrew:DescribeJob", "databrew:DescribeJobRun", "databrew:ListJobRuns", "databrew:ListJobs", "databrew:StartJobRun", "databrew:StopJobRun", "databrew:UpdateProfileJob", "databrew:UpdateRecipeJob", "databrew:DeleteJob", "databrew:CreateSchedule", "databrew:DescribeSchedule", "databrew:ListSchedules", "databrew:UpdateSchedule", "databrew:DeleteSchedule", "databrew:CreateRuleset", "databrew:DeleteRuleset", "databrew:DescribeRuleset", "databrew:ListRulesets", "databrew:UpdateRuleset", "databrew:ListTagsForResource", "databrew:TagResource", "databrew:UntagResource", "appflow:DescribeFlow", "appflow:DescribeFlowExecutionRecords", "appflow:ListFlows", "glue:GetConnection", "glue:GetConnections", "glue:GetDatabases", "glue:GetPartitions", "glue:GetTable", "glue:GetTables", "glue:GetDataCatalogEncryptionSettings", "dataexchange:ListDataSets", "dataexchange:ListDataSetRevisions", "dataexchange:ListRevisionAssets", "dataexchange:CreateJob", "dataexchange:StartJob", "dataexchange:GetJob", "ec2:DescribeSecurityGroups", "ec2:DescribeVpcs", "ec2:DescribeSubnets", "kms:DescribeKey", "kms:ListKeys", "kms:ListAliases", "redshift:DescribeClusters", "redshift:DescribeClusterSubnetGroups", "redshift-data:DescribeStatement", "redshift-data:ListDatabases", "redshift-data:ListSchemas", "redshift-data:ListTables", "s3:ListAllMyBuckets", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetEncryptionConfiguration", "s3:GetLifecycleConfiguration", "secretsmanager:ListSecrets", "secretsmanager:DescribeSecret", "sts:GetCallerIdentity", "cloudtrail:LookupEvents", "iam:ListRoles", "iam:GetRole", "glue:CreateConnection", "glue:GetDatabases", "glue:CreateTable", "s3:ListBucket", "s3:GetObject", "kms:GenerateDataKey", "secretsmanager:CreateSecret", "kms:GenerateRandom", "secretsmanager:GetSecretValue", "secretsmanager:CreateSecret", "iam:PassRole" ], "malformed": false, "name": "AwsGlueDataBrewFullAccessPolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-02-04T18:28:33+00:00", "version": "v8" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSAppMeshFullAccess", "createdate": "2021-01-07T19:54:08Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "appmesh:CreateGatewayRoute", "appmesh:CreateMesh", "appmesh:CreateRoute", "appmesh:CreateVirtualGateway", "appmesh:CreateVirtualNode", "appmesh:CreateVirtualRouter", "appmesh:CreateVirtualService", "appmesh:DeleteGatewayRoute", "appmesh:DeleteMesh", "appmesh:DeleteMeshPolicy", "appmesh:DeleteRoute", "appmesh:DeleteVirtualGateway", "appmesh:DeleteVirtualNode", "appmesh:DeleteVirtualRouter", "appmesh:DeleteVirtualService", "appmesh:DescribeGatewayRoute", "appmesh:DescribeMesh", "appmesh:DescribeRoute", "appmesh:DescribeVirtualGateway", "appmesh:DescribeVirtualNode", "appmesh:DescribeVirtualRouter", "appmesh:DescribeVirtualService", "appmesh:GetMeshPolicy", "appmesh:ListGatewayRoutes", "appmesh:ListMeshes", "appmesh:ListRoutes", "appmesh:ListTagsForResource", "appmesh:ListVirtualGateways", "appmesh:ListVirtualNodes", "appmesh:ListVirtualRouters", "appmesh:ListVirtualServices", "appmesh:PutMeshPolicy", "appmesh:StreamAggregatedResources", "appmesh:TagResource", "appmesh:UntagResource", "appmesh:UpdateGatewayRoute", "appmesh:UpdateMesh", "appmesh:UpdateRoute", "appmesh:UpdateVirtualGateway", "appmesh:UpdateVirtualNode", "appmesh:UpdateVirtualRouter", "appmesh:UpdateVirtualService", "iam:CreateServiceLinkedRole", "cloudformation:CreateStack", "cloudformation:DeleteStack", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:UpdateStack", "acm:ListCertificates", "acm:DescribeCertificate", "acm-pca:DescribeCertificateAuthority", "acm-pca:ListCertificateAuthorities", "servicediscovery:ListNamespaces", "servicediscovery:ListServices", "servicediscovery:ListInstances" ], "malformed": false, "name": "AWSAppMeshFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-01-07T19:54:08+00:00", "version": "v6" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSLambdaKinesisExecutionRole", "createdate": "2018-11-19T20:09:24Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "kinesis:DescribeStream", "kinesis:DescribeStreamSummary", "kinesis:GetRecords", "kinesis:GetShardIterator", "kinesis:ListShards", "kinesis:ListStreams", "kinesis:SubscribeToShard", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "malformed": false, "name": "AWSLambdaKinesisExecutionRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-11-19T20:09:24+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole", "createdate": "2023-12-05T18:49:44Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeAccountAttributes", "ec2:DescribeInstances", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceAttribute", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "ec2:DescribeKeyPairs", "ec2:DescribeImages", "ec2:DescribeImageAttribute", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeVpcClassicLink", "ec2:DescribeLaunchTemplateVersions", "ec2:CreateLaunchTemplate", "ec2:DeleteLaunchTemplate", "ec2:RequestSpotFleet", "ec2:CancelSpotFleetRequests", "ec2:ModifySpotFleetRequest", "ec2:TerminateInstances", "ec2:RunInstances", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeScalingActivities", "autoscaling:CreateLaunchConfiguration", "autoscaling:CreateAutoScalingGroup", "autoscaling:UpdateAutoScalingGroup", "autoscaling:SetDesiredCapacity", "autoscaling:DeleteLaunchConfiguration", "autoscaling:DeleteAutoScalingGroup", "autoscaling:CreateOrUpdateTags", "autoscaling:SuspendProcesses", "autoscaling:PutNotificationConfiguration", "autoscaling:TerminateInstanceInAutoScalingGroup", "ecs:DescribeClusters", "ecs:DescribeContainerInstances", "ecs:DescribeTaskDefinition", "ecs:DescribeTasks", "ecs:ListAccountSettings", "ecs:ListClusters", "ecs:ListContainerInstances", "ecs:ListTaskDefinitionFamilies", "ecs:ListTaskDefinitions", "ecs:ListTasks", "ecs:CreateCluster", "ecs:DeleteCluster", "ecs:RegisterTaskDefinition", "ecs:DeregisterTaskDefinition", "ecs:RunTask", "ecs:StartTask", "ecs:StopTask", "ecs:UpdateContainerAgent", "ecs:DeregisterContainerInstance", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogGroups", "iam:GetInstanceProfile", "iam:GetRole", "ecs:TagResource", "iam:PassRole", "iam:CreateServiceLinkedRole", "ec2:CreateTags" ], "malformed": false, "name": "AWSBatchServiceRole", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-05T18:49:44+00:00", "version": "v13" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSElasticBeanstalkCustomPlatformforEC2Role", "createdate": "2017-02-21T22:50:30Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "ec2:AttachVolume", "ec2:AuthorizeSecurityGroupIngress", "ec2:CopyImage", "ec2:CreateImage", "ec2:CreateKeyPair", "ec2:CreateSecurityGroup", "ec2:CreateSnapshot", "ec2:CreateTags", "ec2:CreateVolume", "ec2:DeleteKeyPair", "ec2:DeleteSecurityGroup", "ec2:DeleteSnapshot", "ec2:DeleteVolume", "ec2:DeregisterImage", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeInstances", "ec2:DescribeRegions", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshots", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeVolumes", "ec2:DetachVolume", "ec2:GetPasswordData", "ec2:ModifyImageAttribute", "ec2:ModifyInstanceAttribute", "ec2:ModifySnapshotAttribute", "ec2:RegisterImage", "ec2:RunInstances", "ec2:StopInstances", "ec2:TerminateInstances", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:PutObject", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogStreams" ], "malformed": false, "name": "AWSElasticBeanstalkCustomPlatformforEC2Role", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-02-21T22:50:30+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": null, "createdate": "2019-12-19T23:15:52Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "apigateway:GET", "apigateway:POST", "cloudfront:GetDistribution", "devicefarm:CreateProject", "devicefarm:ListJobs", "devicefarm:ListRuns", "devicefarm:GetProject", "devicefarm:GetRun", "devicefarm:ListArtifacts", "devicefarm:ListProjects", "devicefarm:ScheduleRun", "dynamodb:DescribeTable", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "iam:ListSAMLProviders", "lambda:ListFunctions", "sns:ListTopics", "lex:GetIntent", "lex:GetIntents", "lex:GetSlotType", "lex:GetSlotTypes", "lex:GetBot", "lex:GetBots", "lex:GetBotAlias", "lex:GetBotAliases", "s3:GetObject", "s3:PutObject", "s3:ListBucket" ], "malformed": false, "name": "AWSMobileHub_FullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": true, "updatedate": null, "version": "v14" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/KeyspacesReplicationServiceRolePolicy", "createdate": "2023-05-02T16:15:49Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cassandra:Select", "cassandra:SelectMultiRegionResource", "cassandra:Modify", "cassandra:ModifyMultiRegionResource" ], "malformed": false, "name": "KeyspacesReplicationServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-05-02T16:15:49+00:00", "version": "v1" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSCloudHSMRole", "createdate": "2015-02-06T18:41:23Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateNetworkInterface", "ec2:CreateTags", "ec2:DeleteNetworkInterface", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DetachNetworkInterface" ], "malformed": false, "name": "AWSCloudHSMRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:41:23+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSElementalMediaLiveReadOnly", "createdate": "2020-07-08T16:38:07Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "medialive:ListChannels", "medialive:ListCloudWatchAlarmTemplateGroups", "medialive:ListCloudWatchAlarmTemplates", "medialive:ListEventBridgeRuleTemplateGroups", "medialive:ListEventBridgeRuleTemplates", "medialive:ListInputDeviceTransfers", "medialive:ListInputDevices", "medialive:ListInputSecurityGroups", "medialive:ListInputs", "medialive:ListMultiplexPrograms", "medialive:ListMultiplexes", "medialive:ListOfferings", "medialive:ListReservations", "medialive:ListSignalMaps", "medialive:ListTagsForResource", "medialive:DescribeAccountConfiguration", "medialive:DescribeChannel", "medialive:DescribeInput", "medialive:DescribeInputDevice", "medialive:DescribeInputDeviceThumbnail", "medialive:DescribeInputSecurityGroup", "medialive:DescribeMultiplex", "medialive:DescribeMultiplexProgram", "medialive:DescribeOffering", "medialive:DescribeReservation", "medialive:DescribeSchedule", "medialive:DescribeThumbnails" ], "malformed": false, "name": "AWSElementalMediaLiveReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-07-08T16:38:07+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/SimpleWorkflowFullAccess", "createdate": "2015-02-06T18:41:04Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "swf:CancelTimer", "swf:CancelWorkflowExecution", "swf:CompleteWorkflowExecution", "swf:ContinueAsNewWorkflowExecution", "swf:CountClosedWorkflowExecutions", "swf:CountOpenWorkflowExecutions", "swf:CountPendingActivityTasks", "swf:CountPendingDecisionTasks", "swf:DeprecateActivityType", "swf:DeprecateDomain", "swf:DeprecateWorkflowType", "swf:DescribeActivityType", "swf:DescribeDomain", "swf:DescribeWorkflowExecution", "swf:DescribeWorkflowType", "swf:FailWorkflowExecution", "swf:GetWorkflowExecutionHistory", "swf:ListActivityTypes", "swf:ListClosedWorkflowExecutions", "swf:ListDomains", "swf:ListOpenWorkflowExecutions", "swf:ListTagsForResource", "swf:ListWorkflowTypes", "swf:PollForActivityTask", "swf:PollForDecisionTask", "swf:RecordActivityTaskHeartbeat", "swf:RecordMarker", "swf:RegisterActivityType", "swf:RegisterDomain", "swf:RegisterWorkflowType", "swf:RequestCancelActivityTask", "swf:RequestCancelExternalWorkflowExecution", "swf:RequestCancelWorkflowExecution", "swf:RespondActivityTaskCanceled", "swf:RespondActivityTaskCompleted", "swf:RespondActivityTaskFailed", "swf:RespondDecisionTaskCompleted", "swf:ScheduleActivityTask", "swf:SignalExternalWorkflowExecution", "swf:SignalWorkflowExecution", "swf:StartChildWorkflowExecution", "swf:StartTimer", "swf:StartWorkflowExecution", "swf:TagResource", "swf:TerminateWorkflowExecution", "swf:UndeprecateActivityType", "swf:UndeprecateDomain", "swf:UndeprecateWorkflowType", "swf:UntagResource" ], "malformed": false, "name": "SimpleWorkflowFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:41:04+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonNimbleStudio-LaunchProfileWorker", "createdate": "2021-04-28T04:47:02Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeNetworkInterfaces", "ec2:DescribeSecurityGroups", "fsx:DescribeFileSystems", "ds:DescribeDirectories" ], "malformed": false, "name": "AmazonNimbleStudio-LaunchProfileWorker", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-04-28T04:47:02+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSProtonFullAccess", "createdate": "2022-06-20T12:36:26Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "proton:AcceptEnvironmentAccountConnection", "proton:CancelComponentDeployment", "proton:CancelEnvironmentDeployment", "proton:CancelServiceInstanceDeployment", "proton:CancelServicePipelineDeployment", "proton:CreateComponent", "proton:CreateEnvironment", "proton:CreateEnvironmentAccountConnection", "proton:CreateEnvironmentTemplate", "proton:CreateEnvironmentTemplateMajorVersion", "proton:CreateEnvironmentTemplateMinorVersion", "proton:CreateEnvironmentTemplateVersion", "proton:CreateRepository", "proton:CreateService", "proton:CreateServiceInstance", "proton:CreateServiceSyncConfig", "proton:CreateServiceTemplate", "proton:CreateServiceTemplateMajorVersion", "proton:CreateServiceTemplateMinorVersion", "proton:CreateServiceTemplateVersion", "proton:CreateTemplateSyncConfig", "proton:DeleteAccountRoles", "proton:DeleteComponent", "proton:DeleteDeployment", "proton:DeleteEnvironment", "proton:DeleteEnvironmentAccountConnection", "proton:DeleteEnvironmentTemplate", "proton:DeleteEnvironmentTemplateMajorVersion", "proton:DeleteEnvironmentTemplateMinorVersion", "proton:DeleteEnvironmentTemplateVersion", "proton:DeleteRepository", "proton:DeleteService", "proton:DeleteServiceSyncConfig", "proton:DeleteServiceTemplate", "proton:DeleteServiceTemplateMajorVersion", "proton:DeleteServiceTemplateMinorVersion", "proton:DeleteServiceTemplateVersion", "proton:DeleteTemplateSyncConfig", "proton:GetAccountRoles", "proton:GetAccountSettings", "proton:GetComponent", "proton:GetDeployment", "proton:GetEnvironment", "proton:GetEnvironmentAccountConnection", "proton:GetEnvironmentTemplate", "proton:GetEnvironmentTemplateMajorVersion", "proton:GetEnvironmentTemplateMinorVersion", "proton:GetEnvironmentTemplateVersion", "proton:GetRepository", "proton:GetRepositorySyncStatus", "proton:GetResourceTemplateVersionStatusCounts", "proton:GetResourcesSummary", "proton:GetService", "proton:GetServiceInstance", "proton:GetServiceInstanceSyncStatus", "proton:GetServiceSyncBlockerSummary", "proton:GetServiceSyncConfig", "proton:GetServiceTemplate", "proton:GetServiceTemplateMajorVersion", "proton:GetServiceTemplateMinorVersion", "proton:GetServiceTemplateVersion", "proton:GetTemplateSyncConfig", "proton:GetTemplateSyncStatus", "proton:ListComponentOutputs", "proton:ListComponentProvisionedResources", "proton:ListComponents", "proton:ListDeployments", "proton:ListEnvironmentAccountConnections", "proton:ListEnvironmentOutputs", "proton:ListEnvironmentProvisionedResources", "proton:ListEnvironmentTemplateMajorVersions", "proton:ListEnvironmentTemplateMinorVersions", "proton:ListEnvironmentTemplateVersions", "proton:ListEnvironmentTemplates", "proton:ListEnvironments", "proton:ListRepositories", "proton:ListRepositorySyncDefinitions", "proton:ListServiceInstanceOutputs", "proton:ListServiceInstanceProvisionedResources", "proton:ListServiceInstances", "proton:ListServicePipelineOutputs", "proton:ListServicePipelineProvisionedResources", "proton:ListServiceTemplateMajorVersions", "proton:ListServiceTemplateMinorVersions", "proton:ListServiceTemplateVersions", "proton:ListServiceTemplates", "proton:ListServices", "proton:ListTagsForResource", "proton:NotifyResourceDeploymentStatusChange", "proton:RejectEnvironmentAccountConnection", "proton:TagResource", "proton:UntagResource", "proton:UpdateAccountRoles", "proton:UpdateAccountSettings", "proton:UpdateComponent", "proton:UpdateEnvironment", "proton:UpdateEnvironmentAccountConnection", "proton:UpdateEnvironmentTemplate", "proton:UpdateEnvironmentTemplateMajorVersion", "proton:UpdateEnvironmentTemplateMinorVersion", "proton:UpdateEnvironmentTemplateVersion", "proton:UpdateService", "proton:UpdateServiceInstance", "proton:UpdateServicePipeline", "proton:UpdateServiceSyncBlocker", "proton:UpdateServiceSyncConfig", "proton:UpdateServiceTemplate", "proton:UpdateServiceTemplateMajorVersion", "proton:UpdateServiceTemplateMinorVersion", "proton:UpdateServiceTemplateVersion", "proton:UpdateTemplateSyncConfig", "codestar-connections:ListConnections", "kms:ListAliases", "kms:DescribeKey", "kms:CreateGrant", "iam:PassRole", "iam:CreateServiceLinkedRole", "codestar-connections:PassConnection" ], "malformed": false, "name": "AWSProtonFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-06-20T12:36:26+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSMarketplaceRead-only", "createdate": "2023-01-19T23:30:25Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "aws-marketplace:ViewSubscriptions", "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DescribeImages", "ec2:DescribeInstances", "ec2:DescribeKeyPairs", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "aws-marketplace:ListBuilds", "aws-marketplace:DescribeBuilds", "iam:ListRoles", "iam:ListInstanceProfiles", "sns:GetTopicAttributes", "sns:ListTopics", "aws-marketplace:ListPrivateMarketplaceRequests", "aws-marketplace:DescribePrivateMarketplaceRequests", "aws-marketplace:ListPrivateListings" ], "malformed": false, "name": "AWSMarketplaceRead-only", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-01-19T23:30:25+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSDataPipeline_PowerUser", "createdate": "2017-08-17T18:49:42Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "dynamodb:DescribeTable", "rds:DescribeDBInstances", "rds:DescribeDBSecurityGroups", "redshift:DescribeClusters", "redshift:DescribeClusterSecurityGroups", "sns:ListTopics", "iam:ListRoles", "iam:GetRolePolicy", "iam:GetInstanceProfile", "iam:ListInstanceProfiles", "datapipeline:ActivatePipeline", "datapipeline:AddTags", "datapipeline:CreatePipeline", "datapipeline:DeactivatePipeline", "datapipeline:DeletePipeline", "datapipeline:DescribeObjects", "datapipeline:DescribePipelines", "datapipeline:EvaluateExpression", "datapipeline:GetAccountLimits", "datapipeline:GetPipelineDefinition", "datapipeline:ListPipelines", "datapipeline:PollForTask", "datapipeline:PutAccountLimits", "datapipeline:PutPipelineDefinition", "datapipeline:QueryObjects", "datapipeline:RemoveTags", "datapipeline:ReportTaskProgress", "datapipeline:ReportTaskRunnerHeartbeat", "datapipeline:SetStatus", "datapipeline:SetTaskStatus", "datapipeline:ValidatePipelineDefinition", "iam:PassRole" ], "malformed": false, "name": "AWSDataPipeline_PowerUser", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-08-17T18:49:42+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": null, "createdate": "2020-12-04T16:00:56Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "ec2:CreateRoute", "ec2:DeleteRoute", "ec2:CreateTags", "ssm:GetParameter", "ssm:GetDocument", "ssm:SendCommand", "ssm:SendCommand", "ssm:ListCommands", "ec2:DescribeVpcs", "ec2:DescribeRouteTables", "ec2:DescribeInstances", "ec2:DescribeTags", "ec2:DescribeInstanceAttribute", "ec2:ModifyInstanceAttribute", "s3:ListBucket", "s3:ListBucketVersions", "s3:GetObject", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:PutObject", "s3:PutObjectTagging", "s3:DeleteObject", "s3:DeleteObjectVersion", "s3:DeleteBucket" ], "malformed": false, "name": "AmazonLambdaRolePolicyForLaunchWizardSAP", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v5" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonMachineLearningBatchPredictionsAccess", "createdate": "2015-04-09T17:12:19Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "machinelearning:CreateBatchPrediction", "machinelearning:DeleteBatchPrediction", "machinelearning:DescribeBatchPredictions", "machinelearning:GetBatchPrediction", "machinelearning:UpdateBatchPrediction" ], "malformed": false, "name": "AmazonMachineLearningBatchPredictionsAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-04-09T17:12:19+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSNetworkManagerReadOnlyAccess", "createdate": "2019-12-03T17:35:05Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "networkmanager:DescribeGlobalNetworks", "networkmanager:GetConnectAttachment", "networkmanager:GetConnectPeer", "networkmanager:GetConnectPeerAssociations", "networkmanager:GetConnections", "networkmanager:GetCoreNetwork", "networkmanager:GetCoreNetworkChangeEvents", "networkmanager:GetCoreNetworkChangeSet", "networkmanager:GetCoreNetworkPolicy", "networkmanager:GetCustomerGatewayAssociations", "networkmanager:GetDevices", "networkmanager:GetLinkAssociations", "networkmanager:GetLinks", "networkmanager:GetNetworkResourceCounts", "networkmanager:GetNetworkResourceRelationships", "networkmanager:GetNetworkResources", "networkmanager:GetNetworkRoutes", "networkmanager:GetNetworkTelemetry", "networkmanager:GetResourcePolicy", "networkmanager:GetRouteAnalysis", "networkmanager:GetSiteToSiteVpnAttachment", "networkmanager:GetSites", "networkmanager:GetTransitGatewayConnectPeerAssociations", "networkmanager:GetTransitGatewayPeering", "networkmanager:GetTransitGatewayRegistrations", "networkmanager:GetTransitGatewayRouteTableAttachment", "networkmanager:GetVpcAttachment", "networkmanager:ListAttachments", "networkmanager:ListConnectPeers", "networkmanager:ListCoreNetworkPolicyVersions", "networkmanager:ListCoreNetworks", "networkmanager:ListOrganizationServiceAccessStatus", "networkmanager:ListPeerings", "networkmanager:ListTagsForResource" ], "malformed": false, "name": "AWSNetworkManagerReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-12-03T17:35:05+00:00", "version": "v1" }, { "access_levels": [ "Read", "Tagging" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSBackupGatewayServiceRolePolicyForVirtualMachineMetadataSync", "createdate": "2022-12-15T19:43:11Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "backup-gateway:ListTagsForResource", "backup-gateway:TagResource", "backup-gateway:UntagResource" ], "malformed": false, "name": "AWSBackupGatewayServiceRolePolicyForVirtualMachineMetadataSync", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-12-15T19:43:11+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSLicenseManagerConsumptionPolicy", "createdate": "2021-08-11T23:18:08Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "license-manager:CheckoutLicense", "license-manager:CheckInLicense", "license-manager:ExtendLicenseConsumption", "license-manager:GetLicense" ], "malformed": false, "name": "AWSLicenseManagerConsumptionPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-08-11T23:18:08+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonEventBridgeSchedulerReadOnlyAccess", "createdate": "2022-11-10T18:50:12Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "scheduler:ListSchedules", "scheduler:ListScheduleGroups", "scheduler:GetSchedule", "scheduler:GetScheduleGroup", "scheduler:ListTagsForResource" ], "malformed": false, "name": "AmazonEventBridgeSchedulerReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-10T18:50:12+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management", "Unknown" ], "arn": "arn:aws:iam::aws:policy/PowerUserAccess", "createdate": "2023-07-06T22:04:00Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "a2c:GetContainerizationJobDetails", "a2c:GetDeploymentJobDetails", "a2c:StartContainerizationJob", "a2c:StartDeploymentJob", "a4b:ApproveSkill", "a4b:AssociateContactWithAddressBook", "a4b:AssociateDeviceWithNetworkProfile", "a4b:AssociateDeviceWithRoom", "a4b:AssociateSkillGroupWithRoom", "a4b:AssociateSkillWithSkillGroup", "a4b:AssociateSkillWithUsers", "a4b:CompleteRegistration", "a4b:CreateAddressBook", "a4b:CreateBusinessReportSchedule", "a4b:CreateConferenceProvider", "a4b:CreateContact", "a4b:CreateGatewayGroup", "a4b:CreateNetworkProfile", "a4b:CreateProfile", "a4b:CreateRoom", "a4b:CreateSkillGroup", "a4b:CreateUser", "a4b:DeleteAddressBook", "a4b:DeleteBusinessReportSchedule", "a4b:DeleteConferenceProvider", "a4b:DeleteContact", "a4b:DeleteDevice", "a4b:DeleteDeviceUsageData", "a4b:DeleteGatewayGroup", "a4b:DeleteNetworkProfile", "a4b:DeleteProfile", "a4b:DeleteRoom", "a4b:DeleteRoomSkillParameter", "a4b:DeleteSkillAuthorization", "a4b:DeleteSkillGroup", "a4b:DeleteUser", "a4b:DisassociateContactFromAddressBook", "a4b:DisassociateDeviceFromRoom", "a4b:DisassociateSkillFromSkillGroup", "a4b:DisassociateSkillFromUsers", "a4b:DisassociateSkillGroupFromRoom", "a4b:ForgetSmartHomeAppliances", "a4b:GetAddressBook", "a4b:GetConferencePreference", "a4b:GetConferenceProvider", "a4b:GetContact", "a4b:GetDevice", "a4b:GetGateway", "a4b:GetGatewayGroup", "a4b:GetInvitationConfiguration", "a4b:GetNetworkProfile", "a4b:GetProfile", "a4b:GetRoom", "a4b:GetRoomSkillParameter", "a4b:GetSkillGroup", "a4b:ListBusinessReportSchedules", "a4b:ListConferenceProviders", "a4b:ListDeviceEvents", "a4b:ListGatewayGroups", "a4b:ListGateways", "a4b:ListSkills", "a4b:ListSkillsStoreCategories", "a4b:ListSkillsStoreSkillsByCategory", "a4b:ListSmartHomeAppliances", "a4b:ListTags", "a4b:PutConferencePreference", "a4b:PutDeviceSetupEvents", "a4b:PutInvitationConfiguration", "a4b:PutRoomSkillParameter", "a4b:PutSkillAuthorization", "a4b:RegisterAVSDevice", "a4b:RegisterDevice", "a4b:RejectSkill", "a4b:ResolveRoom", "a4b:RevokeInvitation", "a4b:SearchAddressBooks", "a4b:SearchContacts", "a4b:SearchDevices", "a4b:SearchNetworkProfiles", "a4b:SearchProfiles", "a4b:SearchRooms", "a4b:SearchSkillGroups", "a4b:SearchUsers", "a4b:SendAnnouncement", "a4b:SendInvitation", "a4b:StartDeviceSync", "a4b:StartSmartHomeApplianceDiscovery", "a4b:TagResource", "a4b:UntagResource", "a4b:UpdateAddressBook", "a4b:UpdateBusinessReportSchedule", "a4b:UpdateConferenceProvider", "a4b:UpdateContact", "a4b:UpdateDevice", "a4b:UpdateGateway", "a4b:UpdateGatewayGroup", "a4b:UpdateNetworkProfile", "a4b:UpdateProfile", "a4b:UpdateRoom", "a4b:UpdateSkillGroup", "access-analyzer:ApplyArchiveRule", "access-analyzer:CancelPolicyGeneration", "access-analyzer:CheckAccessNotGranted", "access-analyzer:CheckNoNewAccess", "access-analyzer:CreateAccessPreview", "access-analyzer:CreateAnalyzer", "access-analyzer:CreateArchiveRule", "access-analyzer:DeleteAnalyzer", "access-analyzer:DeleteArchiveRule", "access-analyzer:GetAccessPreview", "access-analyzer:GetAnalyzedResource", "access-analyzer:GetAnalyzer", "access-analyzer:GetArchiveRule", "access-analyzer:GetFinding", "access-analyzer:GetFindingsStatistics", "access-analyzer:GetGeneratedPolicy", "access-analyzer:ListAccessPreviewFindings", "access-analyzer:ListAccessPreviews", "access-analyzer:ListAnalyzedResources", "access-analyzer:ListAnalyzers", "access-analyzer:ListArchiveRules", "access-analyzer:ListFindings", "access-analyzer:ListPolicyGenerations", "access-analyzer:ListTagsForResource", "access-analyzer:StartPolicyGeneration", "access-analyzer:StartResourceScan", "access-analyzer:TagResource", "access-analyzer:UntagResource", "access-analyzer:UpdateArchiveRule", "access-analyzer:UpdateFindings", "access-analyzer:ValidatePolicy", "acm:AddTagsToCertificate", "acm:DeleteCertificate", "acm:DescribeCertificate", "acm:ExportCertificate", "acm:GetAccountConfiguration", "acm:GetCertificate", "acm:ImportCertificate", "acm:ListCertificates", "acm:ListTagsForCertificate", "acm:PutAccountConfiguration", "acm:RemoveTagsFromCertificate", "acm:RenewCertificate", "acm:RequestCertificate", "acm:ResendValidationEmail", "acm:UpdateCertificateOptions", "acm-pca:CreateCertificateAuthority", "acm-pca:CreateCertificateAuthorityAuditReport", "acm-pca:CreatePermission", "acm-pca:DeleteCertificateAuthority", "acm-pca:DeletePermission", "acm-pca:DeletePolicy", "acm-pca:DescribeCertificateAuthority", "acm-pca:DescribeCertificateAuthorityAuditReport", "acm-pca:GetCertificate", "acm-pca:GetCertificateAuthorityCertificate", "acm-pca:GetCertificateAuthorityCsr", "acm-pca:GetPolicy", "acm-pca:ImportCertificateAuthorityCertificate", "acm-pca:IssueCertificate", "acm-pca:ListCertificateAuthorities", "acm-pca:ListPermissions", "acm-pca:ListTags", "acm-pca:PutPolicy", "acm-pca:RestoreCertificateAuthority", "acm-pca:RevokeCertificate", "acm-pca:TagCertificateAuthority", "acm-pca:UntagCertificateAuthority", "acm-pca:UpdateCertificateAuthority", "activate:CreateForm", "activate:GetAccountContact", "activate:GetContentInfo", "activate:GetCosts", "activate:GetCredits", "activate:GetMemberInfo", "activate:GetProgram", "activate:PutMemberInfo", "airflow:CreateCliToken", "airflow:CreateEnvironment", "airflow:CreateWebLoginToken", "airflow:DeleteEnvironment", "airflow:GetEnvironment", "airflow:ListEnvironments", "airflow:ListTagsForResource", "airflow:PublishMetrics", "airflow:TagResource", "airflow:UntagResource", "airflow:UpdateEnvironment", "amplify:CreateApp", "amplify:CreateBackendEnvironment", "amplify:CreateBranch", "amplify:CreateDeployment", "amplify:CreateDomainAssociation", "amplify:CreateWebHook", "amplify:DeleteApp", "amplify:DeleteBackendEnvironment", "amplify:DeleteBranch", "amplify:DeleteDomainAssociation", "amplify:DeleteJob", "amplify:DeleteWebHook", "amplify:GenerateAccessLogs", "amplify:GetApp", "amplify:GetArtifactUrl", "amplify:GetBackendEnvironment", "amplify:GetBranch", "amplify:GetDomainAssociation", "amplify:GetJob", "amplify:GetWebHook", "amplify:ListApps", "amplify:ListArtifacts", "amplify:ListBackendEnvironments", "amplify:ListBranches", "amplify:ListDomainAssociations", "amplify:ListJobs", "amplify:ListTagsForResource", "amplify:ListWebHooks", "amplify:StartDeployment", "amplify:StartJob", "amplify:StopJob", "amplify:TagResource", "amplify:UntagResource", "amplify:UpdateApp", "amplify:UpdateBranch", "amplify:UpdateDomainAssociation", "amplify:UpdateWebHook", "amplifybackend:CloneBackend", "amplifybackend:CreateBackend", "amplifybackend:CreateBackendAPI", "amplifybackend:CreateBackendAuth", "amplifybackend:CreateBackendConfig", "amplifybackend:CreateBackendStorage", "amplifybackend:CreateToken", "amplifybackend:DeleteBackend", "amplifybackend:DeleteBackendAPI", "amplifybackend:DeleteBackendAuth", "amplifybackend:DeleteBackendStorage", "amplifybackend:DeleteToken", "amplifybackend:GenerateBackendAPIModels", "amplifybackend:GetBackend", "amplifybackend:GetBackendAPI", "amplifybackend:GetBackendAPIModels", "amplifybackend:GetBackendAuth", "amplifybackend:GetBackendJob", "amplifybackend:GetBackendStorage", "amplifybackend:GetToken", "amplifybackend:ImportBackendAuth", "amplifybackend:ImportBackendStorage", "amplifybackend:ListBackendJobs", "amplifybackend:ListS3Buckets", "amplifybackend:RemoveAllBackends", "amplifybackend:RemoveBackendConfig", "amplifybackend:UpdateBackendAPI", "amplifybackend:UpdateBackendAuth", "amplifybackend:UpdateBackendConfig", "amplifybackend:UpdateBackendJob", "amplifybackend:UpdateBackendStorage", "amplifyuibuilder:CreateComponent", "amplifyuibuilder:CreateForm", "amplifyuibuilder:CreateTheme", "amplifyuibuilder:DeleteComponent", "amplifyuibuilder:DeleteForm", "amplifyuibuilder:DeleteTheme", "amplifyuibuilder:ExchangeCodeForToken", "amplifyuibuilder:ExportComponents", "amplifyuibuilder:ExportForms", "amplifyuibuilder:ExportThemes", "amplifyuibuilder:GetCodegenJob", "amplifyuibuilder:GetComponent", "amplifyuibuilder:GetForm", "amplifyuibuilder:GetMetadata", "amplifyuibuilder:GetTheme", "amplifyuibuilder:ListCodegenJobs", "amplifyuibuilder:ListComponents", "amplifyuibuilder:ListForms", "amplifyuibuilder:ListTagsForResource", "amplifyuibuilder:ListThemes", "amplifyuibuilder:PutMetadataFlag", "amplifyuibuilder:RefreshToken", "amplifyuibuilder:ResetMetadataFlag", "amplifyuibuilder:StartCodegenJob", "amplifyuibuilder:TagResource", "amplifyuibuilder:UntagResource", "amplifyuibuilder:UpdateComponent", "amplifyuibuilder:UpdateForm", "amplifyuibuilder:UpdateTheme", "aoss:APIAccessAll", "aoss:BatchGetCollection", "aoss:BatchGetEffectiveLifecyclePolicy", "aoss:BatchGetLifecyclePolicy", "aoss:BatchGetVpcEndpoint", "aoss:CreateAccessPolicy", "aoss:CreateCollection", "aoss:CreateLifecyclePolicy", "aoss:CreateSecurityConfig", "aoss:CreateSecurityPolicy", "aoss:CreateVpcEndpoint", "aoss:DashboardsAccessAll", "aoss:DeleteAccessPolicy", "aoss:DeleteCollection", "aoss:DeleteLifecyclePolicy", "aoss:DeleteSecurityConfig", "aoss:DeleteSecurityPolicy", "aoss:DeleteVpcEndpoint", "aoss:GetAccessPolicy", "aoss:GetAccountSettings", "aoss:GetPoliciesStats", "aoss:GetSecurityConfig", "aoss:GetSecurityPolicy", "aoss:ListAccessPolicies", "aoss:ListCollections", "aoss:ListLifecyclePolicies", "aoss:ListSecurityConfigs", "aoss:ListSecurityPolicies", "aoss:ListTagsForResource", "aoss:ListVpcEndpoints", "aoss:TagResource", "aoss:UntagResource", "aoss:UpdateAccessPolicy", "aoss:UpdateAccountSettings", "aoss:UpdateCollection", "aoss:UpdateLifecyclePolicy", "aoss:UpdateSecurityConfig", "aoss:UpdateSecurityPolicy", "aoss:UpdateVpcEndpoint", "apigateway:DELETE", "apigateway:GET", "apigateway:PATCH", "apigateway:POST", "apigateway:PUT", "apigateway:AddCertificateToDomain", "apigateway:RemoveCertificateFromDomain", "apigateway:SetWebACL", "apigateway:UpdateRestApiPolicy", "app-integrations:CreateApplication", "app-integrations:CreateApplicationAssociation", "app-integrations:CreateDataIntegration", "app-integrations:CreateDataIntegrationAssociation", "app-integrations:CreateEventIntegration", "app-integrations:CreateEventIntegrationAssociation", "app-integrations:DeleteApplication", "app-integrations:DeleteApplicationAssociation", "app-integrations:DeleteDataIntegration", "app-integrations:DeleteDataIntegrationAssociation", "app-integrations:DeleteEventIntegration", "app-integrations:DeleteEventIntegrationAssociation", "app-integrations:GetApplication", "app-integrations:GetDataIntegration", "app-integrations:GetEventIntegration", "app-integrations:ListApplicationAssociations", "app-integrations:ListApplications", "app-integrations:ListDataIntegrationAssociations", "app-integrations:ListDataIntegrations", "app-integrations:ListEventIntegrationAssociations", "app-integrations:ListEventIntegrations", "app-integrations:ListTagsForResource", "app-integrations:TagResource", "app-integrations:UntagResource", "app-integrations:UpdateApplication", "app-integrations:UpdateDataIntegration", "app-integrations:UpdateEventIntegration", "appconfig:CreateApplication", "appconfig:CreateConfigurationProfile", "appconfig:CreateDeploymentStrategy", "appconfig:CreateEnvironment", "appconfig:CreateExtension", "appconfig:CreateExtensionAssociation", "appconfig:CreateHostedConfigurationVersion", "appconfig:DeleteApplication", "appconfig:DeleteConfigurationProfile", "appconfig:DeleteDeploymentStrategy", "appconfig:DeleteEnvironment", "appconfig:DeleteExtension", "appconfig:DeleteExtensionAssociation", "appconfig:DeleteHostedConfigurationVersion", "appconfig:GetApplication", "appconfig:GetConfiguration", "appconfig:GetConfigurationProfile", "appconfig:GetDeployment", "appconfig:GetDeploymentStrategy", "appconfig:GetEnvironment", "appconfig:GetExtension", "appconfig:GetExtensionAssociation", "appconfig:GetHostedConfigurationVersion", "appconfig:GetLatestConfiguration", "appconfig:ListApplications", "appconfig:ListConfigurationProfiles", "appconfig:ListDeploymentStrategies", "appconfig:ListDeployments", "appconfig:ListEnvironments", "appconfig:ListExtensionAssociations", "appconfig:ListExtensions", "appconfig:ListHostedConfigurationVersions", "appconfig:ListTagsForResource", "appconfig:StartConfigurationSession", "appconfig:StartDeployment", "appconfig:StopDeployment", "appconfig:TagResource", "appconfig:UntagResource", "appconfig:UpdateApplication", "appconfig:UpdateConfigurationProfile", "appconfig:UpdateDeploymentStrategy", "appconfig:UpdateEnvironment", "appconfig:UpdateExtension", "appconfig:UpdateExtensionAssociation", "appconfig:ValidateConfiguration", "appfabric:BatchGetUserAccessTasks", "appfabric:ConnectAppAuthorization", "appfabric:CreateAppAuthorization", "appfabric:CreateAppBundle", "appfabric:CreateIngestion", "appfabric:CreateIngestionDestination", "appfabric:DeleteAppAuthorization", "appfabric:DeleteAppBundle", "appfabric:DeleteIngestion", "appfabric:DeleteIngestionDestination", "appfabric:GetAppAuthorization", "appfabric:GetAppBundle", "appfabric:GetIngestion", "appfabric:GetIngestionDestination", "appfabric:ListAppAuthorizations", "appfabric:ListAppBundles", "appfabric:ListIngestionDestinations", "appfabric:ListIngestions", "appfabric:ListTagsForResource", "appfabric:StartIngestion", "appfabric:StartUserAccessTasks", "appfabric:StopIngestion", "appfabric:TagResource", "appfabric:UntagResource", "appfabric:UpdateAppAuthorization", "appfabric:UpdateIngestionDestination", "appflow:CancelFlowExecutions", "appflow:CreateConnectorProfile", "appflow:CreateFlow", "appflow:DeleteConnectorProfile", "appflow:DeleteFlow", "appflow:DescribeConnector", "appflow:DescribeConnectorEntity", "appflow:DescribeConnectorFields", "appflow:DescribeConnectorProfiles", "appflow:DescribeConnectors", "appflow:DescribeFlow", "appflow:DescribeFlowExecution", "appflow:DescribeFlowExecutionRecords", "appflow:DescribeFlows", "appflow:ListConnectorEntities", "appflow:ListConnectorFields", "appflow:ListConnectors", "appflow:ListFlows", "appflow:ListTagsForResource", "appflow:RegisterConnector", "appflow:ResetConnectorMetadataCache", "appflow:RunFlow", "appflow:StartFlow", "appflow:StopFlow", "appflow:TagResource", "appflow:UnRegisterConnector", "appflow:UntagResource", "appflow:UpdateConnectorProfile", "appflow:UpdateConnectorRegistration", "appflow:UpdateFlow", "appflow:UseConnectorProfile", "application-autoscaling:DeleteScalingPolicy", "application-autoscaling:DeleteScheduledAction", "application-autoscaling:DeregisterScalableTarget", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingActivities", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:DescribeScheduledActions", "application-autoscaling:ListTagsForResource", "application-autoscaling:PutScalingPolicy", "application-autoscaling:PutScheduledAction", "application-autoscaling:RegisterScalableTarget", "application-autoscaling:TagResource", "application-autoscaling:UntagResource", "application-cost-profiler:DeleteReportDefinition", "application-cost-profiler:GetReportDefinition", "application-cost-profiler:ImportApplicationUsage", "application-cost-profiler:ListReportDefinitions", "application-cost-profiler:PutReportDefinition", "application-cost-profiler:UpdateReportDefinition", "application-transformation:GetContainerization", "application-transformation:GetDeployment", "application-transformation:GetGroupingAssessment", "application-transformation:GetPortingCompatibilityAssessment", "application-transformation:GetPortingRecommendationAssessment", "application-transformation:GetRuntimeAssessment", "application-transformation:PutLogData", "application-transformation:PutMetricData", "application-transformation:StartContainerization", "application-transformation:StartDeployment", "application-transformation:StartGroupingAssessment", "application-transformation:StartPortingCompatibilityAssessment", "application-transformation:StartPortingRecommendationAssessment", "application-transformation:StartRuntimeAssessment", "applicationinsights:AddWorkload", "applicationinsights:CreateApplication", "applicationinsights:CreateComponent", "applicationinsights:CreateLogPattern", "applicationinsights:DeleteApplication", "applicationinsights:DeleteComponent", "applicationinsights:DeleteLogPattern", "applicationinsights:DescribeApplication", "applicationinsights:DescribeComponent", "applicationinsights:DescribeComponentConfiguration", "applicationinsights:DescribeComponentConfigurationRecommendation", "applicationinsights:DescribeLogPattern", "applicationinsights:DescribeObservation", "applicationinsights:DescribeProblem", "applicationinsights:DescribeProblemObservations", "applicationinsights:DescribeWorkload", "applicationinsights:Link", "applicationinsights:ListApplications", "applicationinsights:ListComponents", "applicationinsights:ListConfigurationHistory", "applicationinsights:ListLogPatternSets", "applicationinsights:ListLogPatterns", "applicationinsights:ListProblems", "applicationinsights:ListTagsForResource", "applicationinsights:ListWorkloads", "applicationinsights:RemoveWorkload", "applicationinsights:TagResource", "applicationinsights:UntagResource", "applicationinsights:UpdateApplication", "applicationinsights:UpdateComponent", "applicationinsights:UpdateComponentConfiguration", "applicationinsights:UpdateLogPattern", "applicationinsights:UpdateProblem", "applicationinsights:UpdateWorkload", "appmesh:CreateGatewayRoute", "appmesh:CreateMesh", "appmesh:CreateRoute", "appmesh:CreateVirtualGateway", "appmesh:CreateVirtualNode", "appmesh:CreateVirtualRouter", "appmesh:CreateVirtualService", "appmesh:DeleteGatewayRoute", "appmesh:DeleteMesh", "appmesh:DeleteMeshPolicy", "appmesh:DeleteRoute", "appmesh:DeleteVirtualGateway", "appmesh:DeleteVirtualNode", "appmesh:DeleteVirtualRouter", "appmesh:DeleteVirtualService", "appmesh:DescribeGatewayRoute", "appmesh:DescribeMesh", "appmesh:DescribeRoute", "appmesh:DescribeVirtualGateway", "appmesh:DescribeVirtualNode", "appmesh:DescribeVirtualRouter", "appmesh:DescribeVirtualService", "appmesh:GetMeshPolicy", "appmesh:ListGatewayRoutes", "appmesh:ListMeshes", "appmesh:ListRoutes", "appmesh:ListTagsForResource", "appmesh:ListVirtualGateways", "appmesh:ListVirtualNodes", "appmesh:ListVirtualRouters", "appmesh:ListVirtualServices", "appmesh:PutMeshPolicy", "appmesh:StreamAggregatedResources", "appmesh:TagResource", "appmesh:UntagResource", "appmesh:UpdateGatewayRoute", "appmesh:UpdateMesh", "appmesh:UpdateRoute", "appmesh:UpdateVirtualGateway", "appmesh:UpdateVirtualNode", "appmesh:UpdateVirtualRouter", "appmesh:UpdateVirtualService", "appmesh-preview:CreateGatewayRoute", "appmesh-preview:CreateMesh", "appmesh-preview:CreateRoute", "appmesh-preview:CreateVirtualGateway", "appmesh-preview:CreateVirtualNode", "appmesh-preview:CreateVirtualRouter", "appmesh-preview:CreateVirtualService", "appmesh-preview:DeleteGatewayRoute", "appmesh-preview:DeleteMesh", "appmesh-preview:DeleteMeshPolicy", "appmesh-preview:DeleteRoute", "appmesh-preview:DeleteVirtualGateway", "appmesh-preview:DeleteVirtualNode", "appmesh-preview:DeleteVirtualRouter", "appmesh-preview:DeleteVirtualService", "appmesh-preview:DescribeGatewayRoute", "appmesh-preview:DescribeMesh", "appmesh-preview:DescribeRoute", "appmesh-preview:DescribeVirtualGateway", "appmesh-preview:DescribeVirtualNode", "appmesh-preview:DescribeVirtualRouter", "appmesh-preview:DescribeVirtualService", "appmesh-preview:GetMeshPolicy", "appmesh-preview:ListGatewayRoutes", "appmesh-preview:ListMeshes", "appmesh-preview:ListRoutes", "appmesh-preview:ListVirtualGateways", "appmesh-preview:ListVirtualNodes", "appmesh-preview:ListVirtualRouters", "appmesh-preview:ListVirtualServices", "appmesh-preview:PutMeshPolicy", "appmesh-preview:StreamAggregatedResources", "appmesh-preview:UpdateGatewayRoute", "appmesh-preview:UpdateMesh", "appmesh-preview:UpdateRoute", "appmesh-preview:UpdateVirtualGateway", "appmesh-preview:UpdateVirtualNode", "appmesh-preview:UpdateVirtualRouter", "appmesh-preview:UpdateVirtualService", "apprunner:AssociateCustomDomain", "apprunner:AssociateWebAcl", "apprunner:CreateAutoScalingConfiguration", "apprunner:CreateConnection", "apprunner:CreateObservabilityConfiguration", "apprunner:CreateService", "apprunner:CreateVpcConnector", "apprunner:CreateVpcIngressConnection", "apprunner:DeleteAutoScalingConfiguration", "apprunner:DeleteConnection", "apprunner:DeleteObservabilityConfiguration", "apprunner:DeleteService", "apprunner:DeleteVpcConnector", "apprunner:DeleteVpcIngressConnection", "apprunner:DescribeAutoScalingConfiguration", "apprunner:DescribeCustomDomains", "apprunner:DescribeObservabilityConfiguration", "apprunner:DescribeOperation", "apprunner:DescribeService", "apprunner:DescribeVpcConnector", "apprunner:DescribeVpcIngressConnection", "apprunner:DescribeWebAclForService", "apprunner:DisassociateCustomDomain", "apprunner:DisassociateWebAcl", "apprunner:ListAssociatedServicesForWebAcl", "apprunner:ListAutoScalingConfigurations", "apprunner:ListConnections", "apprunner:ListObservabilityConfigurations", "apprunner:ListOperations", "apprunner:ListServices", "apprunner:ListServicesForAutoScalingConfiguration", "apprunner:ListTagsForResource", "apprunner:ListVpcConnectors", "apprunner:ListVpcIngressConnections", "apprunner:PauseService", "apprunner:ResumeService", "apprunner:StartDeployment", "apprunner:TagResource", "apprunner:UntagResource", "apprunner:UpdateDefaultAutoScalingConfiguration", "apprunner:UpdateService", "apprunner:UpdateVpcIngressConnection", "appstream:AssociateAppBlockBuilderAppBlock", "appstream:AssociateApplicationFleet", "appstream:AssociateApplicationToEntitlement", "appstream:AssociateFleet", "appstream:BatchAssociateUserStack", "appstream:BatchDisassociateUserStack", "appstream:CopyImage", "appstream:CreateAppBlock", "appstream:CreateAppBlockBuilder", "appstream:CreateAppBlockBuilderStreamingURL", "appstream:CreateApplication", "appstream:CreateDirectoryConfig", "appstream:CreateEntitlement", "appstream:CreateFleet", "appstream:CreateImageBuilder", "appstream:CreateImageBuilderStreamingURL", "appstream:CreateStack", "appstream:CreateStreamingURL", "appstream:CreateUpdatedImage", "appstream:CreateUsageReportSubscription", "appstream:CreateUser", "appstream:DeleteAppBlock", "appstream:DeleteAppBlockBuilder", "appstream:DeleteApplication", "appstream:DeleteDirectoryConfig", "appstream:DeleteEntitlement", "appstream:DeleteFleet", "appstream:DeleteImage", "appstream:DeleteImageBuilder", "appstream:DeleteImagePermissions", "appstream:DeleteStack", "appstream:DeleteUsageReportSubscription", "appstream:DeleteUser", "appstream:DescribeAppBlockBuilderAppBlockAssociations", "appstream:DescribeAppBlockBuilders", "appstream:DescribeAppBlocks", "appstream:DescribeApplicationFleetAssociations", "appstream:DescribeApplications", "appstream:DescribeDirectoryConfigs", "appstream:DescribeEntitlements", "appstream:DescribeFleets", "appstream:DescribeImageBuilders", "appstream:DescribeImagePermissions", "appstream:DescribeImages", "appstream:DescribeSessions", "appstream:DescribeStacks", "appstream:DescribeUsageReportSubscriptions", "appstream:DescribeUserStackAssociations", "appstream:DescribeUsers", "appstream:DisableUser", "appstream:DisassociateAppBlockBuilderAppBlock", "appstream:DisassociateApplicationFleet", "appstream:DisassociateApplicationFromEntitlement", "appstream:DisassociateFleet", "appstream:EnableUser", "appstream:ExpireSession", "appstream:ListAssociatedFleets", "appstream:ListAssociatedStacks", "appstream:ListEntitledApplications", "appstream:ListTagsForResource", "appstream:StartAppBlockBuilder", "appstream:StartFleet", "appstream:StartImageBuilder", "appstream:StopAppBlockBuilder", "appstream:StopFleet", "appstream:StopImageBuilder", "appstream:Stream", "appstream:TagResource", "appstream:UntagResource", "appstream:UpdateAppBlockBuilder", "appstream:UpdateApplication", "appstream:UpdateDirectoryConfig", "appstream:UpdateEntitlement", "appstream:UpdateFleet", "appstream:UpdateImagePermissions", "appstream:UpdateStack", "appsync:AssociateApi", "appsync:AssociateMergedGraphqlApi", "appsync:AssociateSourceGraphqlApi", "appsync:CreateApiCache", "appsync:CreateApiKey", "appsync:CreateDataSource", "appsync:CreateDomainName", "appsync:CreateFunction", "appsync:CreateGraphqlApi", "appsync:CreateResolver", "appsync:CreateType", "appsync:DeleteApiCache", "appsync:DeleteApiKey", "appsync:DeleteDataSource", "appsync:DeleteDomainName", "appsync:DeleteFunction", "appsync:DeleteGraphqlApi", "appsync:DeleteResolver", "appsync:DeleteResourcePolicy", "appsync:DeleteType", "appsync:DisassociateApi", "appsync:DisassociateMergedGraphqlApi", "appsync:DisassociateSourceGraphqlApi", "appsync:EvaluateCode", "appsync:EvaluateMappingTemplate", "appsync:FlushApiCache", "appsync:GetApiAssociation", "appsync:GetApiCache", "appsync:GetDataSource", "appsync:GetDataSourceIntrospection", "appsync:GetDomainName", "appsync:GetFunction", "appsync:GetGraphqlApi", "appsync:GetGraphqlApiEnvironmentVariables", "appsync:GetIntrospectionSchema", "appsync:GetResolver", "appsync:GetResourcePolicy", "appsync:GetSchemaCreationStatus", "appsync:GetSourceApiAssociation", "appsync:GetType", "appsync:GraphQL", "appsync:ListApiKeys", "appsync:ListDataSources", "appsync:ListDomainNames", "appsync:ListFunctions", "appsync:ListGraphqlApis", "appsync:ListResolvers", "appsync:ListResolversByFunction", "appsync:ListSourceApiAssociations", "appsync:ListTagsForResource", "appsync:ListTypes", "appsync:ListTypesByAssociation", "appsync:PutGraphqlApiEnvironmentVariables", "appsync:PutResourcePolicy", "appsync:SetWebACL", "appsync:SourceGraphQL", "appsync:StartDataSourceIntrospection", "appsync:StartSchemaCreation", "appsync:StartSchemaMerge", "appsync:TagResource", "appsync:UntagResource", "appsync:UpdateApiCache", "appsync:UpdateApiKey", "appsync:UpdateDataSource", "appsync:UpdateDomainName", "appsync:UpdateFunction", "appsync:UpdateGraphqlApi", "appsync:UpdateResolver", "appsync:UpdateSourceApiAssociation", "appsync:UpdateType", "aps:CreateAlertManagerAlerts", "aps:CreateAlertManagerDefinition", "aps:CreateLoggingConfiguration", "aps:CreateRuleGroupsNamespace", "aps:CreateScraper", "aps:CreateWorkspace", "aps:DeleteAlertManagerDefinition", "aps:DeleteAlertManagerSilence", "aps:DeleteLoggingConfiguration", "aps:DeleteRuleGroupsNamespace", "aps:DeleteScraper", "aps:DeleteWorkspace", "aps:DescribeAlertManagerDefinition", "aps:DescribeLoggingConfiguration", "aps:DescribeRuleGroupsNamespace", "aps:DescribeScraper", "aps:DescribeWorkspace", "aps:GetAlertManagerSilence", "aps:GetAlertManagerStatus", "aps:GetDefaultScraperConfiguration", "aps:GetLabels", "aps:GetMetricMetadata", "aps:GetSeries", "aps:ListAlertManagerAlertGroups", "aps:ListAlertManagerAlerts", "aps:ListAlertManagerReceivers", "aps:ListAlertManagerSilences", "aps:ListAlerts", "aps:ListRuleGroupsNamespaces", "aps:ListRules", "aps:ListScrapers", "aps:ListTagsForResource", "aps:ListWorkspaces", "aps:PutAlertManagerDefinition", "aps:PutAlertManagerSilences", "aps:PutRuleGroupsNamespace", "aps:QueryMetrics", "aps:RemoteWrite", "aps:TagResource", "aps:UntagResource", "aps:UpdateLoggingConfiguration", "aps:UpdateWorkspaceAlias", "arc-zonal-shift:CancelZonalShift", "arc-zonal-shift:CreatePracticeRunConfiguration", "arc-zonal-shift:DeletePracticeRunConfiguration", "arc-zonal-shift:GetManagedResource", "arc-zonal-shift:ListAutoshifts", "arc-zonal-shift:ListManagedResources", "arc-zonal-shift:ListZonalShifts", "arc-zonal-shift:StartZonalShift", "arc-zonal-shift:UpdatePracticeRunConfiguration", "arc-zonal-shift:UpdateZonalAutoshiftConfiguration", "arc-zonal-shift:UpdateZonalShift", "arsenal:RegisterOnPremisesAgent", "artifact:AcceptAgreement", "artifact:DownloadAgreement", "artifact:Get", "artifact:GetAccountSettings", "artifact:GetReport", "artifact:GetReportMetadata", "artifact:GetTermForReport", "artifact:ListReports", "artifact:PutAccountSettings", "artifact:TerminateAgreement", "athena:BatchGetNamedQuery", "athena:BatchGetPreparedStatement", "athena:BatchGetQueryExecution", "athena:CancelCapacityReservation", "athena:CancelQueryExecution", "athena:CreateCapacityReservation", "athena:CreateDataCatalog", "athena:CreateNamedQuery", "athena:CreateNotebook", "athena:CreatePreparedStatement", "athena:CreatePresignedNotebookUrl", "athena:CreateWorkGroup", "athena:DeleteCapacityReservation", "athena:DeleteDataCatalog", "athena:DeleteNamedQuery", "athena:DeleteNotebook", "athena:DeletePreparedStatement", "athena:DeleteWorkGroup", "athena:ExportNotebook", "athena:GetCalculationExecution", "athena:GetCalculationExecutionCode", "athena:GetCalculationExecutionStatus", "athena:GetCapacityAssignmentConfiguration", "athena:GetCapacityReservation", "athena:GetCatalogs", "athena:GetDataCatalog", "athena:GetDatabase", "athena:GetExecutionEngine", "athena:GetExecutionEngines", "athena:GetNamedQuery", "athena:GetNamespace", "athena:GetNamespaces", "athena:GetNotebookMetadata", "athena:GetPreparedStatement", "athena:GetQueryExecution", "athena:GetQueryExecutions", "athena:GetQueryResults", "athena:GetQueryResultsStream", "athena:GetQueryRuntimeStatistics", "athena:GetSession", "athena:GetSessionStatus", "athena:GetTable", "athena:GetTableMetadata", "athena:GetTables", "athena:GetWorkGroup", "athena:ImportNotebook", "athena:ListApplicationDPUSizes", "athena:ListCalculationExecutions", "athena:ListCapacityReservations", "athena:ListDataCatalogs", "athena:ListDatabases", "athena:ListEngineVersions", "athena:ListExecutors", "athena:ListNamedQueries", "athena:ListNotebookMetadata", "athena:ListNotebookSessions", "athena:ListPreparedStatements", "athena:ListQueryExecutions", "athena:ListSessions", "athena:ListTableMetadata", "athena:ListTagsForResource", "athena:ListWorkGroups", "athena:PutCapacityAssignmentConfiguration", "athena:RunQuery", "athena:StartCalculationExecution", "athena:StartQueryExecution", "athena:StartSession", "athena:StopCalculationExecution", "athena:StopQueryExecution", "athena:TagResource", "athena:TerminateSession", "athena:UntagResource", "athena:UpdateCapacityReservation", "athena:UpdateDataCatalog", "athena:UpdateNamedQuery", "athena:UpdateNotebook", "athena:UpdateNotebookMetadata", "athena:UpdatePreparedStatement", "athena:UpdateWorkGroup", "auditmanager:AssociateAssessmentReportEvidenceFolder", "auditmanager:BatchAssociateAssessmentReportEvidence", "auditmanager:BatchCreateDelegationByAssessment", "auditmanager:BatchDeleteDelegationByAssessment", "auditmanager:BatchDisassociateAssessmentReportEvidence", "auditmanager:BatchImportEvidenceToAssessmentControl", "auditmanager:CreateAssessment", "auditmanager:CreateAssessmentFramework", "auditmanager:CreateAssessmentReport", "auditmanager:CreateControl", "auditmanager:DeleteAssessment", "auditmanager:DeleteAssessmentFramework", "auditmanager:DeleteAssessmentFrameworkShare", "auditmanager:DeleteAssessmentReport", "auditmanager:DeleteControl", "auditmanager:DeregisterAccount", "auditmanager:DeregisterOrganizationAdminAccount", "auditmanager:DisassociateAssessmentReportEvidenceFolder", "auditmanager:GetAccountStatus", "auditmanager:GetAssessment", "auditmanager:GetAssessmentFramework", "auditmanager:GetAssessmentReportUrl", "auditmanager:GetChangeLogs", "auditmanager:GetControl", "auditmanager:GetDelegations", "auditmanager:GetEvidence", "auditmanager:GetEvidenceByEvidenceFolder", "auditmanager:GetEvidenceFileUploadUrl", "auditmanager:GetEvidenceFolder", "auditmanager:GetEvidenceFoldersByAssessment", "auditmanager:GetEvidenceFoldersByAssessmentControl", "auditmanager:GetInsights", "auditmanager:GetInsightsByAssessment", "auditmanager:GetOrganizationAdminAccount", "auditmanager:GetServicesInScope", "auditmanager:GetSettings", "auditmanager:ListAssessmentControlInsightsByControlDomain", "auditmanager:ListAssessmentFrameworkShareRequests", "auditmanager:ListAssessmentFrameworks", "auditmanager:ListAssessmentReports", "auditmanager:ListAssessments", "auditmanager:ListControlDomainInsights", "auditmanager:ListControlDomainInsightsByAssessment", "auditmanager:ListControlInsightsByControlDomain", "auditmanager:ListControls", "auditmanager:ListKeywordsForDataSource", "auditmanager:ListNotifications", "auditmanager:ListTagsForResource", "auditmanager:RegisterAccount", "auditmanager:RegisterOrganizationAdminAccount", "auditmanager:StartAssessmentFrameworkShare", "auditmanager:TagResource", "auditmanager:UntagResource", "auditmanager:UpdateAssessment", "auditmanager:UpdateAssessmentControl", "auditmanager:UpdateAssessmentControlSetStatus", "auditmanager:UpdateAssessmentFramework", "auditmanager:UpdateAssessmentFrameworkShare", "auditmanager:UpdateAssessmentStatus", "auditmanager:UpdateControl", "auditmanager:UpdateSettings", "auditmanager:ValidateAssessmentReportIntegrity", "autoscaling:AttachInstances", "autoscaling:AttachLoadBalancerTargetGroups", "autoscaling:AttachLoadBalancers", "autoscaling:AttachTrafficSources", "autoscaling:BatchDeleteScheduledAction", "autoscaling:BatchPutScheduledUpdateGroupAction", "autoscaling:CancelInstanceRefresh", "autoscaling:CompleteLifecycleAction", "autoscaling:CreateAutoScalingGroup", "autoscaling:CreateLaunchConfiguration", "autoscaling:CreateOrUpdateTags", "autoscaling:DeleteAutoScalingGroup", "autoscaling:DeleteLaunchConfiguration", "autoscaling:DeleteLifecycleHook", "autoscaling:DeleteNotificationConfiguration", "autoscaling:DeletePolicy", "autoscaling:DeleteScheduledAction", "autoscaling:DeleteTags", "autoscaling:DeleteWarmPool", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "autoscaling:DetachInstances", "autoscaling:DetachLoadBalancerTargetGroups", "autoscaling:DetachLoadBalancers", "autoscaling:DetachTrafficSources", "autoscaling:DisableMetricsCollection", "autoscaling:EnableMetricsCollection", "autoscaling:EnterStandby", "autoscaling:ExecutePolicy", "autoscaling:ExitStandby", "autoscaling:GetPredictiveScalingForecast", "autoscaling:PutLifecycleHook", "autoscaling:PutNotificationConfiguration", "autoscaling:PutScalingPolicy", "autoscaling:PutScheduledUpdateGroupAction", "autoscaling:PutWarmPool", "autoscaling:RecordLifecycleActionHeartbeat", "autoscaling:ResumeProcesses", "autoscaling:RollbackInstanceRefresh", "autoscaling:SetDesiredCapacity", "autoscaling:SetInstanceHealth", "autoscaling:SetInstanceProtection", "autoscaling:StartInstanceRefresh", "autoscaling:SuspendProcesses", "autoscaling:TerminateInstanceInAutoScalingGroup", "autoscaling:UpdateAutoScalingGroup", "autoscaling-plans:CreateScalingPlan", "autoscaling-plans:DeleteScalingPlan", "autoscaling-plans:DescribeScalingPlanResources", "autoscaling-plans:DescribeScalingPlans", "autoscaling-plans:GetScalingPlanResourceForecastData", "autoscaling-plans:UpdateScalingPlan", "aws-marketplace:AssociateProductsWithPrivateMarketplace", "aws-marketplace:CreatePrivateMarketplaceRequests", "aws-marketplace:DescribePrivateMarketplaceRequests", "aws-marketplace:DisassociateProductsFromPrivateMarketplace", "aws-marketplace:ListPrivateMarketplaceRequests", "aws-marketplace:GetSellerDashboard", "aws-marketplace:AcceptAgreementApprovalRequest", "aws-marketplace:AcceptAgreementRequest", "aws-marketplace:CancelAgreement", "aws-marketplace:CancelAgreementRequest", "aws-marketplace:CreateAgreementRequest", "aws-marketplace:DescribeAgreement", "aws-marketplace:GetAgreementApprovalRequest", "aws-marketplace:GetAgreementRequest", "aws-marketplace:GetAgreementTerms", "aws-marketplace:ListAgreementApprovalRequests", "aws-marketplace:ListAgreementRequests", "aws-marketplace:ListEntitlementDetails", "aws-marketplace:RejectAgreementApprovalRequest", "aws-marketplace:SearchAgreements", "aws-marketplace:Subscribe", "aws-marketplace:Unsubscribe", "aws-marketplace:UpdateAgreementApprovalRequest", "aws-marketplace:ViewSubscriptions", "aws-marketplace:ListTagsForResource", "aws-marketplace:PutDeploymentParameter", "aws-marketplace:TagResource", "aws-marketplace:UntagResource", "aws-marketplace:CancelChangeSet", "aws-marketplace:CompleteTask", "aws-marketplace:DeleteResourcePolicy", "aws-marketplace:DescribeAssessment", "aws-marketplace:DescribeChangeSet", "aws-marketplace:DescribeEntity", "aws-marketplace:DescribeTask", "aws-marketplace:GetResourcePolicy", "aws-marketplace:ListAssessments", "aws-marketplace:ListChangeSets", "aws-marketplace:ListEntities", "aws-marketplace:ListTasks", "aws-marketplace:PutResourcePolicy", "aws-marketplace:StartChangeSet", "aws-marketplace:UpdateTask", "aws-marketplace:BatchMeterUsage", "aws-marketplace:MeterUsage", "aws-marketplace:RegisterUsage", "aws-marketplace:ResolveCustomer", "aws-marketplace:DescribeProcurementSystemConfiguration", "aws-marketplace:PutProcurementSystemConfiguration", "aws-marketplace:DescribeBuilds", "aws-marketplace:ListBuilds", "aws-marketplace:StartBuild", "aws-marketplace:ListPrivateListings", "aws-marketplace:GetEntitlements", "aws-marketplace-management:GetAdditionalSellerNotificationRecipients", "aws-marketplace-management:GetBankAccountVerificationDetails", "aws-marketplace-management:GetSecondaryUserVerificationDetails", "aws-marketplace-management:GetSellerVerificationDetails", "aws-marketplace-management:PutAdditionalSellerNotificationRecipients", "aws-marketplace-management:PutBankAccountVerificationDetails", "aws-marketplace-management:PutSecondaryUserVerificationDetails", "aws-marketplace-management:PutSellerVerificationDetails", "aws-marketplace-management:uploadFiles", "aws-marketplace-management:viewMarketing", "aws-marketplace-management:viewReports", "aws-marketplace-management:viewSettings", "aws-marketplace-management:viewSupport", "aws-portal:GetConsoleActionSetEnforced", "aws-portal:ModifyAccount", "aws-portal:ModifyBilling", "aws-portal:ModifyPaymentMethods", "aws-portal:UpdateConsoleActionSetEnforced", "aws-portal:ViewAccount", "aws-portal:ViewBilling", "aws-portal:ViewPaymentMethods", "aws-portal:ViewUsage", "awsconnector:GetConnectorHealth", "awsconnector:RegisterConnector", "awsconnector:ValidateConnectorId", "b2bi:CreateCapability", "b2bi:CreatePartnership", "b2bi:CreateProfile", "b2bi:CreateTransformer", "b2bi:DeleteCapability", "b2bi:DeletePartnership", "b2bi:DeleteProfile", "b2bi:DeleteTransformer", "b2bi:GetCapability", "b2bi:GetPartnership", "b2bi:GetProfile", "b2bi:GetTransformer", "b2bi:GetTransformerJob", "b2bi:ListCapabilities", "b2bi:ListPartnerships", "b2bi:ListProfiles", "b2bi:ListTagsForResource", "b2bi:ListTransformers", "b2bi:StartTransformerJob", "b2bi:TagResource", "b2bi:TestMapping", "b2bi:TestParsing", "b2bi:UntagResource", "b2bi:UpdateCapability", "b2bi:UpdatePartnership", "b2bi:UpdateProfile", "b2bi:UpdateTransformer", "backup:CancelLegalHold", "backup:CopyFromBackupVault", "backup:CopyIntoBackupVault", "backup:CreateBackupPlan", "backup:CreateBackupSelection", "backup:CreateBackupVault", "backup:CreateFramework", "backup:CreateLegalHold", "backup:CreateLogicallyAirGappedBackupVault", "backup:CreateReportPlan", "backup:CreateRestoreTestingPlan", "backup:CreateRestoreTestingSelection", "backup:DeleteBackupPlan", "backup:DeleteBackupSelection", "backup:DeleteBackupVault", "backup:DeleteBackupVaultAccessPolicy", "backup:DeleteBackupVaultLockConfiguration", "backup:DeleteBackupVaultNotifications", "backup:DeleteBackupVaultSharingPolicy", "backup:DeleteFramework", "backup:DeleteRecoveryPoint", "backup:DeleteReportPlan", "backup:DeleteRestoreTestingPlan", "backup:DeleteRestoreTestingSelection", "backup:DescribeBackupJob", "backup:DescribeBackupVault", "backup:DescribeCopyJob", "backup:DescribeFramework", "backup:DescribeGlobalSettings", "backup:DescribeProtectedResource", "backup:DescribeRecoveryPoint", "backup:DescribeRegionSettings", "backup:DescribeReportJob", "backup:DescribeReportPlan", "backup:DescribeRestoreJob", "backup:DisassociateRecoveryPoint", "backup:DisassociateRecoveryPointFromParent", "backup:ExportBackupPlanTemplate", "backup:GetBackupPlan", "backup:GetBackupPlanFromJSON", "backup:GetBackupPlanFromTemplate", "backup:GetBackupSelection", "backup:GetBackupVaultAccessPolicy", "backup:GetBackupVaultNotifications", "backup:GetBackupVaultSharingPolicy", "backup:GetLegalHold", "backup:GetRecoveryPointRestoreMetadata", "backup:GetRestoreJobMetadata", "backup:GetRestoreTestingInferredMetadata", "backup:GetRestoreTestingPlan", "backup:GetRestoreTestingSelection", "backup:GetSupportedResourceTypes", "backup:ListBackupJobSummaries", "backup:ListBackupJobs", "backup:ListBackupPlanTemplates", "backup:ListBackupPlanVersions", "backup:ListBackupPlans", "backup:ListBackupSelections", "backup:ListBackupVaults", "backup:ListCopyJobSummaries", "backup:ListCopyJobs", "backup:ListFrameworks", "backup:ListLegalHolds", "backup:ListProtectedResources", "backup:ListProtectedResourcesByBackupVault", "backup:ListRecoveryPointsByBackupVault", "backup:ListRecoveryPointsByLegalHold", "backup:ListRecoveryPointsByResource", "backup:ListReportJobs", "backup:ListReportPlans", "backup:ListRestoreJobSummaries", "backup:ListRestoreJobs", "backup:ListRestoreJobsByProtectedResource", "backup:ListRestoreTestingPlans", "backup:ListRestoreTestingSelections", "backup:ListTags", "backup:PutBackupVaultAccessPolicy", "backup:PutBackupVaultLockConfiguration", "backup:PutBackupVaultNotifications", "backup:PutBackupVaultSharingPolicy", "backup:PutRestoreValidationResult", "backup:StartBackupJob", "backup:StartCopyJob", "backup:StartReportJob", "backup:StartRestoreJob", "backup:StopBackupJob", "backup:TagResource", "backup:UntagResource", "backup:UpdateBackupPlan", "backup:UpdateFramework", "backup:UpdateGlobalSettings", "backup:UpdateRecoveryPointLifecycle", "backup:UpdateRegionSettings", "backup:UpdateReportPlan", "backup:UpdateRestoreTestingPlan", "backup:UpdateRestoreTestingSelection", "backup-gateway:AssociateGatewayToServer", "backup-gateway:Backup", "backup-gateway:CreateGateway", "backup-gateway:DeleteGateway", "backup-gateway:DeleteHypervisor", "backup-gateway:DisassociateGatewayFromServer", "backup-gateway:GetBandwidthRateLimitSchedule", "backup-gateway:GetGateway", "backup-gateway:GetHypervisor", "backup-gateway:GetHypervisorPropertyMappings", "backup-gateway:GetVirtualMachine", "backup-gateway:ImportHypervisorConfiguration", "backup-gateway:ListGateways", "backup-gateway:ListHypervisors", "backup-gateway:ListTagsForResource", "backup-gateway:ListVirtualMachines", "backup-gateway:PutBandwidthRateLimitSchedule", "backup-gateway:PutHypervisorPropertyMappings", "backup-gateway:PutMaintenanceStartTime", "backup-gateway:Restore", "backup-gateway:StartVirtualMachinesMetadataSync", "backup-gateway:TagResource", "backup-gateway:TestHypervisorConfiguration", "backup-gateway:UntagResource", "backup-gateway:UpdateGatewayInformation", "backup-gateway:UpdateGatewaySoftwareNow", "backup-gateway:UpdateHypervisor", "backup-storage:CommitBackupJob", "backup-storage:DeleteObjects", "backup-storage:DescribeBackupJob", "backup-storage:GetBaseBackup", "backup-storage:GetChunk", "backup-storage:GetIncrementalBaseBackup", "backup-storage:GetObjectMetadata", "backup-storage:ListChunks", "backup-storage:ListObjects", "backup-storage:MountCapsule", "backup-storage:NotifyObjectComplete", "backup-storage:PutChunk", "backup-storage:PutObject", "backup-storage:StartObject", "backup-storage:UpdateObjectComplete", "batch:CancelJob", "batch:CreateComputeEnvironment", "batch:CreateJobQueue", "batch:CreateSchedulingPolicy", "batch:DeleteComputeEnvironment", "batch:DeleteJobQueue", "batch:DeleteSchedulingPolicy", "batch:DeregisterJobDefinition", "batch:DescribeComputeEnvironments", "batch:DescribeJobDefinitions", "batch:DescribeJobQueues", "batch:DescribeJobs", "batch:DescribeSchedulingPolicies", "batch:ListJobs", "batch:ListSchedulingPolicies", "batch:ListTagsForResource", "batch:RegisterJobDefinition", "batch:SubmitJob", "batch:TagResource", "batch:TerminateJob", "batch:UntagResource", "batch:UpdateComputeEnvironment", "batch:UpdateJobQueue", "batch:UpdateSchedulingPolicy", "bcm-data-exports:CreateExport", "bcm-data-exports:DeleteExport", "bcm-data-exports:GetExecution", "bcm-data-exports:GetExport", "bcm-data-exports:GetTable", "bcm-data-exports:ListExecutions", "bcm-data-exports:ListExports", "bcm-data-exports:ListTables", "bcm-data-exports:ListTagsForResource", "bcm-data-exports:TagResource", "bcm-data-exports:UntagResource", "bcm-data-exports:UpdateExport", "bedrock:ApplyGuardrail", "bedrock:AssociateAgentKnowledgeBase", "bedrock:AssociateThirdPartyKnowledgeBase", "bedrock:CreateAgent", "bedrock:CreateAgentActionGroup", "bedrock:CreateAgentAlias", "bedrock:CreateDataSource", "bedrock:CreateEvaluationJob", "bedrock:CreateFoundationModelAgreement", "bedrock:CreateGuardrail", "bedrock:CreateGuardrailVersion", "bedrock:CreateKnowledgeBase", "bedrock:CreateModelCustomizationJob", "bedrock:CreateModelEvaluationJob", "bedrock:CreateModelInvocationJob", "bedrock:CreateProvisionedModelThroughput", "bedrock:DeleteAgent", "bedrock:DeleteAgentActionGroup", "bedrock:DeleteAgentAlias", "bedrock:DeleteAgentVersion", "bedrock:DeleteCustomModel", "bedrock:DeleteDataSource", "bedrock:DeleteFoundationModelAgreement", "bedrock:DeleteGuardrail", "bedrock:DeleteKnowledgeBase", "bedrock:DeleteModelInvocationLoggingConfiguration", "bedrock:DeleteProvisionedModelThroughput", "bedrock:DetectGeneratedContent", "bedrock:DisassociateAgentKnowledgeBase", "bedrock:GetAgent", "bedrock:GetAgentActionGroup", "bedrock:GetAgentAlias", "bedrock:GetAgentKnowledgeBase", "bedrock:GetAgentVersion", "bedrock:GetCustomModel", "bedrock:GetDataSource", "bedrock:GetEvaluationJob", "bedrock:GetFoundationModel", "bedrock:GetFoundationModelAvailability", "bedrock:GetGuardrail", "bedrock:GetIngestionJob", "bedrock:GetKnowledgeBase", "bedrock:GetModelCustomizationJob", "bedrock:GetModelEvaluationJob", "bedrock:GetModelInvocationJob", "bedrock:GetModelInvocationLoggingConfiguration", "bedrock:GetProvisionedModelThroughput", "bedrock:GetUseCaseForModelAccess", "bedrock:InvokeAgent", "bedrock:InvokeModel", "bedrock:InvokeModelWithResponseStream", "bedrock:ListAgentActionGroups", "bedrock:ListAgentAliases", "bedrock:ListAgentKnowledgeBases", "bedrock:ListAgentVersions", "bedrock:ListAgents", "bedrock:ListCustomModels", "bedrock:ListDataSources", "bedrock:ListEvaluationJobs", "bedrock:ListFoundationModelAgreementOffers", "bedrock:ListFoundationModels", "bedrock:ListGuardrails", "bedrock:ListIngestionJobs", "bedrock:ListKnowledgeBases", "bedrock:ListModelCustomizationJobs", "bedrock:ListModelEvaluationJobs", "bedrock:ListModelInvocationJobs", "bedrock:ListProvisionedModelThroughputs", "bedrock:ListTagsForResource", "bedrock:PrepareAgent", "bedrock:PutFoundationModelEntitlement", "bedrock:PutModelInvocationLoggingConfiguration", "bedrock:PutUseCaseForModelAccess", "bedrock:Retrieve", "bedrock:RetrieveAndGenerate", "bedrock:StartIngestionJob", "bedrock:StopEvaluationJob", "bedrock:StopModelCustomizationJob", "bedrock:StopModelInvocationJob", "bedrock:TagResource", "bedrock:UntagResource", "bedrock:UpdateAgent", "bedrock:UpdateAgentActionGroup", "bedrock:UpdateAgentAlias", "bedrock:UpdateAgentKnowledgeBase", "bedrock:UpdateDataSource", "bedrock:UpdateGuardrail", "bedrock:UpdateKnowledgeBase", "bedrock:UpdateProvisionedModelThroughput", "billing:GetBillingData", "billing:GetBillingDetails", "billing:GetBillingNotifications", "billing:GetBillingPreferences", "billing:GetContractInformation", "billing:GetCredits", "billing:GetIAMAccessPreference", "billing:GetSellerOfRecord", "billing:ListBillingViews", "billing:PutContractInformation", "billing:RedeemCredits", "billing:UpdateBillingPreferences", "billing:UpdateIAMAccessPreference", "billingconductor:AssociateAccounts", "billingconductor:AssociatePricingRules", "billingconductor:BatchAssociateResourcesToCustomLineItem", "billingconductor:BatchDisassociateResourcesFromCustomLineItem", "billingconductor:CreateBillingGroup", "billingconductor:CreateCustomLineItem", "billingconductor:CreatePricingPlan", "billingconductor:CreatePricingRule", "billingconductor:DeleteBillingGroup", "billingconductor:DeleteCustomLineItem", "billingconductor:DeletePricingPlan", "billingconductor:DeletePricingRule", "billingconductor:DisassociateAccounts", "billingconductor:DisassociatePricingRules", "billingconductor:GetBillingGroupCostReport", "billingconductor:ListAccountAssociations", "billingconductor:ListBillingGroupCostReports", "billingconductor:ListBillingGroups", "billingconductor:ListCustomLineItemVersions", "billingconductor:ListCustomLineItems", "billingconductor:ListPricingPlans", "billingconductor:ListPricingPlansAssociatedWithPricingRule", "billingconductor:ListPricingRules", "billingconductor:ListPricingRulesAssociatedToPricingPlan", "billingconductor:ListResourcesAssociatedToCustomLineItem", "billingconductor:ListTagsForResource", "billingconductor:TagResource", "billingconductor:UntagResource", "billingconductor:UpdateBillingGroup", "billingconductor:UpdateCustomLineItem", "billingconductor:UpdatePricingPlan", "billingconductor:UpdatePricingRule", "braket:AcceptUserAgreement", "braket:AccessBraketFeature", "braket:CancelJob", "braket:CancelQuantumTask", "braket:CreateJob", "braket:CreateQuantumTask", "braket:GetDevice", "braket:GetJob", "braket:GetQuantumTask", "braket:GetServiceLinkedRoleStatus", "braket:GetUserAgreementStatus", "braket:ListTagsForResource", "braket:SearchDevices", "braket:SearchJobs", "braket:SearchQuantumTasks", "braket:TagResource", "braket:UntagResource", "budgets:CreateBudgetAction", "budgets:DeleteBudgetAction", "budgets:DescribeBudgetAction", "budgets:DescribeBudgetActionHistories", "budgets:DescribeBudgetActionsForAccount", "budgets:DescribeBudgetActionsForBudget", "budgets:ExecuteBudgetAction", "budgets:ModifyBudget", "budgets:UpdateBudgetAction", "budgets:ViewBudget", "bugbust:CreateEvent", "bugbust:EvaluateProfilingGroups", "bugbust:GetEvent", "bugbust:GetJoinEventStatus", "bugbust:JoinEvent", "bugbust:ListBugs", "bugbust:ListEventParticipants", "bugbust:ListEventScores", "bugbust:ListEvents", "bugbust:ListProfilingGroups", "bugbust:ListPullRequests", "bugbust:ListTagsForResource", "bugbust:TagResource", "bugbust:UntagResource", "bugbust:UpdateEvent", "bugbust:UpdateWorkItem", "bugbust:UpdateWorkItemAdmin", "cases:BatchGetField", "cases:BatchPutFieldOptions", "cases:CreateCase", "cases:CreateDomain", "cases:CreateField", "cases:CreateLayout", "cases:CreateRelatedItem", "cases:CreateTemplate", "cases:DeleteDomain", "cases:DeleteField", "cases:DeleteLayout", "cases:DeleteTemplate", "cases:GetCase", "cases:GetCaseAuditEvents", "cases:GetCaseEventConfiguration", "cases:GetDomain", "cases:GetLayout", "cases:GetTemplate", "cases:ListCasesForContact", "cases:ListDomains", "cases:ListFieldOptions", "cases:ListFields", "cases:ListLayouts", "cases:ListTagsForResource", "cases:ListTemplates", "cases:PutCaseEventConfiguration", "cases:SearchCases", "cases:SearchRelatedItems", "cases:TagResource", "cases:UntagResource", "cases:UpdateCase", "cases:UpdateField", "cases:UpdateLayout", "cases:UpdateTemplate", "cassandra:Alter", "cassandra:AlterMultiRegionResource", "cassandra:Create", "cassandra:CreateMultiRegionResource", "cassandra:Drop", "cassandra:DropMultiRegionResource", "cassandra:Modify", "cassandra:ModifyMultiRegionResource", "cassandra:Restore", "cassandra:RestoreMultiRegionTable", "cassandra:Select", "cassandra:SelectMultiRegionResource", "cassandra:TagMultiRegionResource", "cassandra:TagResource", "cassandra:UnTagMultiRegionResource", "cassandra:UntagResource", "cassandra:UpdatePartitioner", "ce:CreateAnomalyMonitor", "ce:CreateAnomalySubscription", "ce:CreateCostCategoryDefinition", "ce:CreateNotificationSubscription", "ce:CreateReport", "ce:DeleteAnomalyMonitor", "ce:DeleteAnomalySubscription", "ce:DeleteCostCategoryDefinition", "ce:DeleteNotificationSubscription", "ce:DeleteReport", "ce:DescribeCostCategoryDefinition", "ce:DescribeNotificationSubscription", "ce:DescribeReport", "ce:GetAnomalies", "ce:GetAnomalyMonitors", "ce:GetAnomalySubscriptions", "ce:GetApproximateUsageRecords", "ce:GetConsoleActionSetEnforced", "ce:GetCostAndUsage", "ce:GetCostAndUsageWithResources", "ce:GetCostCategories", "ce:GetCostForecast", "ce:GetDimensionValues", "ce:GetPreferences", "ce:GetReservationCoverage", "ce:GetReservationPurchaseRecommendation", "ce:GetReservationUtilization", "ce:GetRightsizingRecommendation", "ce:GetSavingsPlanPurchaseRecommendationDetails", "ce:GetSavingsPlansCoverage", "ce:GetSavingsPlansPurchaseRecommendation", "ce:GetSavingsPlansUtilization", "ce:GetSavingsPlansUtilizationDetails", "ce:GetTags", "ce:GetUsageForecast", "ce:ListCostAllocationTagBackfillHistory", "ce:ListCostAllocationTags", "ce:ListCostCategoryDefinitions", "ce:ListSavingsPlansPurchaseRecommendationGeneration", "ce:ListTagsForResource", "ce:ProvideAnomalyFeedback", "ce:StartCostAllocationTagBackfill", "ce:StartSavingsPlansPurchaseRecommendationGeneration", "ce:TagResource", "ce:UntagResource", "ce:UpdateAnomalyMonitor", "ce:UpdateAnomalySubscription", "ce:UpdateConsoleActionSetEnforced", "ce:UpdateCostAllocationTagsStatus", "ce:UpdateCostCategoryDefinition", "ce:UpdateNotificationSubscription", "ce:UpdatePreferences", "ce:UpdateReport", "chatbot:CreateChimeWebhookConfiguration", "chatbot:CreateMicrosoftTeamsChannelConfiguration", "chatbot:CreateSlackChannelConfiguration", "chatbot:DeleteChimeWebhookConfiguration", "chatbot:DeleteMicrosoftTeamsChannelConfiguration", "chatbot:DeleteMicrosoftTeamsConfiguredTeam", "chatbot:DeleteMicrosoftTeamsUserIdentity", "chatbot:DeleteSlackChannelConfiguration", "chatbot:DeleteSlackUserIdentity", "chatbot:DeleteSlackWorkspaceAuthorization", "chatbot:DescribeChimeWebhookConfigurations", "chatbot:DescribeSlackChannelConfigurations", "chatbot:DescribeSlackChannels", "chatbot:DescribeSlackUserIdentities", "chatbot:DescribeSlackWorkspaces", "chatbot:GetAccountPreferences", "chatbot:GetMicrosoftTeamsChannelConfiguration", "chatbot:GetMicrosoftTeamsOauthParameters", "chatbot:GetSlackOauthParameters", "chatbot:ListMicrosoftTeamsChannelConfigurations", "chatbot:ListMicrosoftTeamsConfiguredTeams", "chatbot:ListMicrosoftTeamsUserIdentities", "chatbot:RedeemMicrosoftTeamsOauthCode", "chatbot:RedeemSlackOauthCode", "chatbot:UpdateAccountPreferences", "chatbot:UpdateChimeWebhookConfiguration", "chatbot:UpdateMicrosoftTeamsChannelConfiguration", "chatbot:UpdateSlackChannelConfiguration", "chime:AcceptDelegate", "chime:ActivateUsers", "chime:AddDomain", "chime:AddOrUpdateGroups", "chime:AssociateChannelFlow", "chime:AssociatePhoneNumberWithUser", "chime:AssociatePhoneNumbersWithVoiceConnector", "chime:AssociatePhoneNumbersWithVoiceConnectorGroup", "chime:AssociateSigninDelegateGroupsWithAccount", "chime:AuthorizeDirectory", "chime:BatchCreateAttendee", "chime:BatchCreateChannelMembership", "chime:BatchCreateRoomMembership", "chime:BatchDeletePhoneNumber", "chime:BatchSuspendUser", "chime:BatchUnsuspendUser", "chime:BatchUpdateAttendeeCapabilitiesExcept", "chime:BatchUpdatePhoneNumber", "chime:BatchUpdateUser", "chime:ChannelFlowCallback", "chime:Connect", "chime:ConnectDirectory", "chime:CreateAccount", "chime:CreateApiKey", "chime:CreateAppInstance", "chime:CreateAppInstanceAdmin", "chime:CreateAppInstanceBot", "chime:CreateAppInstanceUser", "chime:CreateAttendee", "chime:CreateBot", "chime:CreateCDRBucket", "chime:CreateChannel", "chime:CreateChannelBan", "chime:CreateChannelFlow", "chime:CreateChannelMembership", "chime:CreateChannelModerator", "chime:CreateMediaCapturePipeline", "chime:CreateMediaConcatenationPipeline", "chime:CreateMediaInsightsPipeline", "chime:CreateMediaInsightsPipelineConfiguration", "chime:CreateMediaLiveConnectorPipeline", "chime:CreateMediaPipelineKinesisVideoStreamPool", "chime:CreateMediaStreamPipeline", "chime:CreateMeeting", "chime:CreateMeetingDialOut", "chime:CreateMeetingWithAttendees", "chime:CreatePhoneNumberOrder", "chime:CreateProxySession", "chime:CreateRoom", "chime:CreateRoomMembership", "chime:CreateSipMediaApplication", "chime:CreateSipMediaApplicationCall", "chime:CreateSipRule", "chime:CreateUser", "chime:CreateVoiceConnector", "chime:CreateVoiceConnectorGroup", "chime:CreateVoiceProfile", "chime:CreateVoiceProfileDomain", "chime:DeleteAccount", "chime:DeleteAccountOpenIdConfig", "chime:DeleteApiKey", "chime:DeleteAppInstance", "chime:DeleteAppInstanceAdmin", "chime:DeleteAppInstanceBot", "chime:DeleteAppInstanceStreamingConfigurations", "chime:DeleteAppInstanceUser", "chime:DeleteAttendee", "chime:DeleteCDRBucket", "chime:DeleteChannel", "chime:DeleteChannelBan", "chime:DeleteChannelFlow", "chime:DeleteChannelMembership", "chime:DeleteChannelMessage", "chime:DeleteChannelModerator", "chime:DeleteDelegate", "chime:DeleteDomain", "chime:DeleteEventsConfiguration", "chime:DeleteGroups", "chime:DeleteMediaCapturePipeline", "chime:DeleteMediaInsightsPipelineConfiguration", "chime:DeleteMediaPipeline", "chime:DeleteMediaPipelineKinesisVideoStreamPool", "chime:DeleteMeeting", "chime:DeleteMessagingStreamingConfigurations", "chime:DeletePhoneNumber", "chime:DeleteProxySession", "chime:DeleteRoom", "chime:DeleteRoomMembership", "chime:DeleteSipMediaApplication", "chime:DeleteSipRule", "chime:DeleteVoiceConnector", "chime:DeleteVoiceConnectorEmergencyCallingConfiguration", "chime:DeleteVoiceConnectorGroup", "chime:DeleteVoiceConnectorOrigination", "chime:DeleteVoiceConnectorProxy", "chime:DeleteVoiceConnectorStreamingConfiguration", "chime:DeleteVoiceConnectorTermination", "chime:DeleteVoiceConnectorTerminationCredentials", "chime:DeleteVoiceProfile", "chime:DeleteVoiceProfileDomain", "chime:DeregisterAppInstanceUserEndpoint", "chime:DescribeAppInstance", "chime:DescribeAppInstanceAdmin", "chime:DescribeAppInstanceBot", "chime:DescribeAppInstanceUser", "chime:DescribeAppInstanceUserEndpoint", "chime:DescribeChannel", "chime:DescribeChannelBan", "chime:DescribeChannelFlow", "chime:DescribeChannelMembership", "chime:DescribeChannelMembershipForAppInstanceUser", "chime:DescribeChannelModeratedByAppInstanceUser", "chime:DescribeChannelModerator", "chime:DisassociateChannelFlow", "chime:DisassociatePhoneNumberFromUser", "chime:DisassociatePhoneNumbersFromVoiceConnector", "chime:DisassociatePhoneNumbersFromVoiceConnectorGroup", "chime:DisassociateSigninDelegateGroupsFromAccount", "chime:DisconnectDirectory", "chime:GetAccount", "chime:GetAccountResource", "chime:GetAccountSettings", "chime:GetAccountWithOpenIdConfig", "chime:GetAppInstanceRetentionSettings", "chime:GetAppInstanceStreamingConfigurations", "chime:GetAttendee", "chime:GetBot", "chime:GetCDRBucket", "chime:GetChannelMembershipPreferences", "chime:GetChannelMessage", "chime:GetChannelMessageStatus", "chime:GetDomain", "chime:GetEventsConfiguration", "chime:GetGlobalSettings", "chime:GetMediaCapturePipeline", "chime:GetMediaInsightsPipelineConfiguration", "chime:GetMediaPipeline", "chime:GetMediaPipelineKinesisVideoStreamPool", "chime:GetMeeting", "chime:GetMeetingDetail", "chime:GetMessagingSessionEndpoint", "chime:GetMessagingStreamingConfigurations", "chime:GetPhoneNumber", "chime:GetPhoneNumberOrder", "chime:GetPhoneNumberSettings", "chime:GetProxySession", "chime:GetRetentionSettings", "chime:GetRoom", "chime:GetSipMediaApplication", "chime:GetSipMediaApplicationAlexaSkillConfiguration", "chime:GetSipMediaApplicationLoggingConfiguration", "chime:GetSipRule", "chime:GetSpeakerSearchTask", "chime:GetTelephonyLimits", "chime:GetUser", "chime:GetUserActivityReportData", "chime:GetUserByEmail", "chime:GetUserSettings", "chime:GetVoiceConnector", "chime:GetVoiceConnectorEmergencyCallingConfiguration", "chime:GetVoiceConnectorGroup", "chime:GetVoiceConnectorLoggingConfiguration", "chime:GetVoiceConnectorOrigination", "chime:GetVoiceConnectorProxy", "chime:GetVoiceConnectorStreamingConfiguration", "chime:GetVoiceConnectorTermination", "chime:GetVoiceConnectorTerminationHealth", "chime:GetVoiceProfile", "chime:GetVoiceProfileDomain", "chime:GetVoiceToneAnalysisTask", "chime:InviteDelegate", "chime:InviteUsers", "chime:InviteUsersFromProvider", "chime:ListAccountUsageReportData", "chime:ListAccounts", "chime:ListApiKeys", "chime:ListAppInstanceAdmins", "chime:ListAppInstanceBots", "chime:ListAppInstanceUserEndpoints", "chime:ListAppInstanceUsers", "chime:ListAppInstances", "chime:ListAttendeeTags", "chime:ListAttendees", "chime:ListAvailableVoiceConnectorRegions", "chime:ListBots", "chime:ListCDRBucket", "chime:ListCallingRegions", "chime:ListChannelBans", "chime:ListChannelFlows", "chime:ListChannelMemberships", "chime:ListChannelMembershipsForAppInstanceUser", "chime:ListChannelMessages", "chime:ListChannelModerators", "chime:ListChannels", "chime:ListChannelsAssociatedWithChannelFlow", "chime:ListChannelsModeratedByAppInstanceUser", "chime:ListDelegates", "chime:ListDirectories", "chime:ListDomains", "chime:ListGroups", "chime:ListMediaCapturePipelines", "chime:ListMediaInsightsPipelineConfigurations", "chime:ListMediaPipelineKinesisVideoStreamPools", "chime:ListMediaPipelines", "chime:ListMeetingEvents", "chime:ListMeetingTags", "chime:ListMeetings", "chime:ListMeetingsReportData", "chime:ListPhoneNumberOrders", "chime:ListPhoneNumbers", "chime:ListProxySessions", "chime:ListRoomMemberships", "chime:ListRooms", "chime:ListSipMediaApplications", "chime:ListSipRules", "chime:ListSubChannels", "chime:ListSupportedPhoneNumberCountries", "chime:ListTagsForResource", "chime:ListUsers", "chime:ListVoiceConnectorGroups", "chime:ListVoiceConnectorTerminationCredentials", "chime:ListVoiceConnectors", "chime:ListVoiceProfileDomains", "chime:ListVoiceProfiles", "chime:LogoutUser", "chime:PutAppInstanceRetentionSettings", "chime:PutAppInstanceStreamingConfigurations", "chime:PutAppInstanceUserExpirationSettings", "chime:PutChannelExpirationSettings", "chime:PutChannelMembershipPreferences", "chime:PutEventsConfiguration", "chime:PutMessagingStreamingConfigurations", "chime:PutRetentionSettings", "chime:PutSipMediaApplicationAlexaSkillConfiguration", "chime:PutSipMediaApplicationLoggingConfiguration", "chime:PutVoiceConnectorEmergencyCallingConfiguration", "chime:PutVoiceConnectorLoggingConfiguration", "chime:PutVoiceConnectorOrigination", "chime:PutVoiceConnectorProxy", "chime:PutVoiceConnectorStreamingConfiguration", "chime:PutVoiceConnectorTermination", "chime:PutVoiceConnectorTerminationCredentials", "chime:RedactChannelMessage", "chime:RedactConversationMessage", "chime:RedactRoomMessage", "chime:RegenerateSecurityToken", "chime:RegisterAppInstanceUserEndpoint", "chime:RenameAccount", "chime:RenewDelegate", "chime:ResetAccountResource", "chime:ResetPersonalPIN", "chime:RestorePhoneNumber", "chime:RetrieveDataExports", "chime:SearchAvailablePhoneNumbers", "chime:SearchChannels", "chime:SendChannelMessage", "chime:StartDataExport", "chime:StartMeetingTranscription", "chime:StartSpeakerSearchTask", "chime:StartVoiceToneAnalysisTask", "chime:StopMeetingTranscription", "chime:StopSpeakerSearchTask", "chime:StopVoiceToneAnalysisTask", "chime:SubmitSupportRequest", "chime:SuspendUsers", "chime:TagAttendee", "chime:TagMeeting", "chime:TagResource", "chime:UnauthorizeDirectory", "chime:UntagAttendee", "chime:UntagMeeting", "chime:UntagResource", "chime:UpdateAccount", "chime:UpdateAccountOpenIdConfig", "chime:UpdateAccountResource", "chime:UpdateAccountSettings", "chime:UpdateAppInstance", "chime:UpdateAppInstanceBot", "chime:UpdateAppInstanceUser", "chime:UpdateAppInstanceUserEndpoint", "chime:UpdateAttendeeCapabilities", "chime:UpdateBot", "chime:UpdateCDRSettings", "chime:UpdateChannel", "chime:UpdateChannelFlow", "chime:UpdateChannelMessage", "chime:UpdateChannelReadMarker", "chime:UpdateGlobalSettings", "chime:UpdateMediaInsightsPipelineConfiguration", "chime:UpdateMediaInsightsPipelineStatus", "chime:UpdateMediaPipelineKinesisVideoStreamPool", "chime:UpdatePhoneNumber", "chime:UpdatePhoneNumberSettings", "chime:UpdateProxySession", "chime:UpdateRoom", "chime:UpdateRoomMembership", "chime:UpdateSipMediaApplication", "chime:UpdateSipMediaApplicationCall", "chime:UpdateSipRule", "chime:UpdateSupportedLicenses", "chime:UpdateUser", "chime:UpdateUserLicenses", "chime:UpdateUserSettings", "chime:UpdateVoiceConnector", "chime:UpdateVoiceConnectorGroup", "chime:UpdateVoiceProfile", "chime:UpdateVoiceProfileDomain", "chime:ValidateAccountResource", "chime:ValidateE911Address", "cleanrooms:BatchGetCollaborationAnalysisTemplate", "cleanrooms:BatchGetSchema", "cleanrooms:BatchGetSchemaAnalysisRule", "cleanrooms:CreateAnalysisTemplate", "cleanrooms:CreateCollaboration", "cleanrooms:CreateConfiguredAudienceModelAssociation", "cleanrooms:CreateConfiguredTable", "cleanrooms:CreateConfiguredTableAnalysisRule", "cleanrooms:CreateConfiguredTableAssociation", "cleanrooms:CreateMembership", "cleanrooms:CreatePrivacyBudgetTemplate", "cleanrooms:DeleteAnalysisTemplate", "cleanrooms:DeleteCollaboration", "cleanrooms:DeleteConfiguredAudienceModelAssociation", "cleanrooms:DeleteConfiguredTable", "cleanrooms:DeleteConfiguredTableAnalysisRule", "cleanrooms:DeleteConfiguredTableAssociation", "cleanrooms:DeleteMember", "cleanrooms:DeleteMembership", "cleanrooms:DeletePrivacyBudgetTemplate", "cleanrooms:GetAnalysisTemplate", "cleanrooms:GetCollaboration", "cleanrooms:GetCollaborationAnalysisTemplate", "cleanrooms:GetCollaborationConfiguredAudienceModelAssociation", "cleanrooms:GetCollaborationPrivacyBudgetTemplate", "cleanrooms:GetConfiguredAudienceModelAssociation", "cleanrooms:GetConfiguredTable", "cleanrooms:GetConfiguredTableAnalysisRule", "cleanrooms:GetConfiguredTableAssociation", "cleanrooms:GetMembership", "cleanrooms:GetPrivacyBudgetTemplate", "cleanrooms:GetProtectedQuery", "cleanrooms:GetSchema", "cleanrooms:GetSchemaAnalysisRule", "cleanrooms:ListAnalysisTemplates", "cleanrooms:ListCollaborationAnalysisTemplates", "cleanrooms:ListCollaborationConfiguredAudienceModelAssociations", "cleanrooms:ListCollaborationPrivacyBudgetTemplates", "cleanrooms:ListCollaborationPrivacyBudgets", "cleanrooms:ListCollaborations", "cleanrooms:ListConfiguredAudienceModelAssociations", "cleanrooms:ListConfiguredTableAssociations", "cleanrooms:ListConfiguredTables", "cleanrooms:ListMembers", "cleanrooms:ListMemberships", "cleanrooms:ListPrivacyBudgetTemplates", "cleanrooms:ListPrivacyBudgets", "cleanrooms:ListProtectedQueries", "cleanrooms:ListSchemas", "cleanrooms:ListTagsForResource", "cleanrooms:PreviewPrivacyImpact", "cleanrooms:StartProtectedQuery", "cleanrooms:TagResource", "cleanrooms:UntagResource", "cleanrooms:UpdateAnalysisTemplate", "cleanrooms:UpdateCollaboration", "cleanrooms:UpdateConfiguredAudienceModelAssociation", "cleanrooms:UpdateConfiguredTable", "cleanrooms:UpdateConfiguredTableAnalysisRule", "cleanrooms:UpdateConfiguredTableAssociation", "cleanrooms:UpdateMembership", "cleanrooms:UpdatePrivacyBudgetTemplate", "cleanrooms:UpdateProtectedQuery", "cleanrooms-ml:CreateAudienceModel", "cleanrooms-ml:CreateConfiguredAudienceModel", "cleanrooms-ml:CreateTrainingDataset", "cleanrooms-ml:DeleteAudienceGenerationJob", "cleanrooms-ml:DeleteAudienceModel", "cleanrooms-ml:DeleteConfiguredAudienceModel", "cleanrooms-ml:DeleteConfiguredAudienceModelPolicy", "cleanrooms-ml:DeleteTrainingDataset", "cleanrooms-ml:GetAudienceGenerationJob", "cleanrooms-ml:GetAudienceModel", "cleanrooms-ml:GetConfiguredAudienceModel", "cleanrooms-ml:GetConfiguredAudienceModelPolicy", "cleanrooms-ml:GetTrainingDataset", "cleanrooms-ml:ListAudienceExportJobs", "cleanrooms-ml:ListAudienceGenerationJobs", "cleanrooms-ml:ListAudienceModels", "cleanrooms-ml:ListConfiguredAudienceModels", "cleanrooms-ml:ListTagsForResource", "cleanrooms-ml:ListTrainingDatasets", "cleanrooms-ml:PutConfiguredAudienceModelPolicy", "cleanrooms-ml:StartAudienceExportJob", "cleanrooms-ml:StartAudienceGenerationJob", "cleanrooms-ml:TagResource", "cleanrooms-ml:UnTagResource", "cleanrooms-ml:UpdateConfiguredAudienceModel", "cloud9:ActivateEC2Remote", "cloud9:CreateEnvironmentEC2", "cloud9:CreateEnvironmentMembership", "cloud9:CreateEnvironmentSSH", "cloud9:CreateEnvironmentToken", "cloud9:DeleteEnvironment", "cloud9:DeleteEnvironmentMembership", "cloud9:DescribeEC2Remote", "cloud9:DescribeEnvironmentMemberships", "cloud9:DescribeEnvironmentStatus", "cloud9:DescribeEnvironments", "cloud9:DescribeSSHRemote", "cloud9:GetEnvironmentConfig", "cloud9:GetEnvironmentSettings", "cloud9:GetMembershipSettings", "cloud9:GetMigrationExperiences", "cloud9:GetUserPublicKey", "cloud9:GetUserSettings", "cloud9:ListEnvironments", "cloud9:ListTagsForResource", "cloud9:ModifyTemporaryCredentialsOnEnvironmentEC2", "cloud9:TagResource", "cloud9:UntagResource", "cloud9:UpdateEnvironment", "cloud9:UpdateEnvironmentMembership", "cloud9:UpdateEnvironmentSettings", "cloud9:UpdateMembershipSettings", "cloud9:UpdateSSHRemote", "cloud9:UpdateUserSettings", "cloud9:ValidateEnvironmentName", "clouddirectory:AddFacetToObject", "clouddirectory:ApplySchema", "clouddirectory:AttachObject", "clouddirectory:AttachPolicy", "clouddirectory:AttachToIndex", "clouddirectory:AttachTypedLink", "clouddirectory:BatchRead", "clouddirectory:BatchWrite", "clouddirectory:CreateDirectory", "clouddirectory:CreateFacet", "clouddirectory:CreateIndex", "clouddirectory:CreateObject", "clouddirectory:CreateSchema", "clouddirectory:CreateTypedLinkFacet", "clouddirectory:DeleteDirectory", "clouddirectory:DeleteFacet", "clouddirectory:DeleteObject", "clouddirectory:DeleteSchema", "clouddirectory:DeleteTypedLinkFacet", "clouddirectory:DetachFromIndex", "clouddirectory:DetachObject", "clouddirectory:DetachPolicy", "clouddirectory:DetachTypedLink", "clouddirectory:DisableDirectory", "clouddirectory:EnableDirectory", "clouddirectory:GetAppliedSchemaVersion", "clouddirectory:GetDirectory", "clouddirectory:GetFacet", "clouddirectory:GetLinkAttributes", "clouddirectory:GetObjectAttributes", "clouddirectory:GetObjectInformation", "clouddirectory:GetSchemaAsJson", "clouddirectory:GetTypedLinkFacetInformation", "clouddirectory:ListAppliedSchemaArns", "clouddirectory:ListAttachedIndices", "clouddirectory:ListDevelopmentSchemaArns", "clouddirectory:ListDirectories", "clouddirectory:ListFacetAttributes", "clouddirectory:ListFacetNames", "clouddirectory:ListIncomingTypedLinks", "clouddirectory:ListIndex", "clouddirectory:ListManagedSchemaArns", "clouddirectory:ListObjectAttributes", "clouddirectory:ListObjectChildren", "clouddirectory:ListObjectParentPaths", "clouddirectory:ListObjectParents", "clouddirectory:ListObjectPolicies", "clouddirectory:ListOutgoingTypedLinks", "clouddirectory:ListPolicyAttachments", "clouddirectory:ListPublishedSchemaArns", "clouddirectory:ListTagsForResource", "clouddirectory:ListTypedLinkFacetAttributes", "clouddirectory:ListTypedLinkFacetNames", "clouddirectory:LookupPolicy", "clouddirectory:PublishSchema", "clouddirectory:PutSchemaFromJson", "clouddirectory:RemoveFacetFromObject", "clouddirectory:TagResource", "clouddirectory:UntagResource", "clouddirectory:UpdateFacet", "clouddirectory:UpdateLinkAttributes", "clouddirectory:UpdateObjectAttributes", "clouddirectory:UpdateSchema", "clouddirectory:UpdateTypedLinkFacet", "clouddirectory:UpgradeAppliedSchema", "clouddirectory:UpgradePublishedSchema", "cloudformation:CancelResourceRequest", "cloudformation:CreateResource", "cloudformation:DeleteResource", "cloudformation:GetResource", "cloudformation:GetResourceRequestStatus", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:UpdateResource", "cloudformation:ActivateOrganizationsAccess", "cloudformation:ActivateType", "cloudformation:BatchDescribeTypeConfigurations", "cloudformation:CancelUpdateStack", "cloudformation:ContinueUpdateRollback", "cloudformation:CreateChangeSet", "cloudformation:CreateGeneratedTemplate", "cloudformation:CreateStack", "cloudformation:CreateStackInstances", "cloudformation:CreateStackSet", "cloudformation:CreateUploadBucket", "cloudformation:DeactivateOrganizationsAccess", "cloudformation:DeactivateType", "cloudformation:DeleteChangeSet", "cloudformation:DeleteGeneratedTemplate", "cloudformation:DeleteStack", "cloudformation:DeleteStackInstances", "cloudformation:DeleteStackSet", "cloudformation:DeregisterType", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeChangeSet", "cloudformation:DescribeChangeSetHooks", "cloudformation:DescribeGeneratedTemplate", "cloudformation:DescribeOrganizationsAccess", "cloudformation:DescribePublisher", "cloudformation:DescribeResourceScan", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:DescribeType", "cloudformation:DescribeTypeRegistration", "cloudformation:DetectStackDrift", "cloudformation:DetectStackResourceDrift", "cloudformation:DetectStackSetDrift", "cloudformation:EstimateTemplateCost", "cloudformation:ExecuteChangeSet", "cloudformation:GetGeneratedTemplate", "cloudformation:GetStackPolicy", "cloudformation:GetTemplate", "cloudformation:GetTemplateSummary", "cloudformation:ImportStacksToStackSet", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "cloudformation:PublishType", "cloudformation:RecordHandlerProgress", "cloudformation:RegisterPublisher", "cloudformation:RegisterType", "cloudformation:RollbackStack", "cloudformation:SetStackPolicy", "cloudformation:SetTypeConfiguration", "cloudformation:SetTypeDefaultVersion", "cloudformation:SignalResource", "cloudformation:StartResourceScan", "cloudformation:StopStackSetOperation", "cloudformation:TagResource", "cloudformation:TestType", "cloudformation:UntagResource", "cloudformation:UpdateGeneratedTemplate", "cloudformation:UpdateStack", "cloudformation:UpdateStackInstances", "cloudformation:UpdateStackSet", "cloudformation:UpdateTerminationProtection", "cloudformation:ValidateTemplate", "cloudfront:AssociateAlias", "cloudfront:CopyDistribution", "cloudfront:CreateCachePolicy", "cloudfront:CreateCloudFrontOriginAccessIdentity", "cloudfront:CreateContinuousDeploymentPolicy", "cloudfront:CreateDistribution", "cloudfront:CreateFieldLevelEncryptionConfig", "cloudfront:CreateFieldLevelEncryptionProfile", "cloudfront:CreateFunction", "cloudfront:CreateInvalidation", "cloudfront:CreateKeyGroup", "cloudfront:CreateKeyValueStore", "cloudfront:CreateMonitoringSubscription", "cloudfront:CreateOriginAccessControl", "cloudfront:CreateOriginRequestPolicy", "cloudfront:CreatePublicKey", "cloudfront:CreateRealtimeLogConfig", "cloudfront:CreateResponseHeadersPolicy", "cloudfront:CreateSavingsPlan", "cloudfront:CreateStreamingDistribution", "cloudfront:CreateStreamingDistributionWithTags", "cloudfront:DeleteCachePolicy", "cloudfront:DeleteCloudFrontOriginAccessIdentity", "cloudfront:DeleteContinuousDeploymentPolicy", "cloudfront:DeleteDistribution", "cloudfront:DeleteFieldLevelEncryptionConfig", "cloudfront:DeleteFieldLevelEncryptionProfile", "cloudfront:DeleteFunction", "cloudfront:DeleteKeyGroup", "cloudfront:DeleteKeyValueStore", "cloudfront:DeleteMonitoringSubscription", "cloudfront:DeleteOriginAccessControl", "cloudfront:DeleteOriginRequestPolicy", "cloudfront:DeletePublicKey", "cloudfront:DeleteRealtimeLogConfig", "cloudfront:DeleteResponseHeadersPolicy", "cloudfront:DeleteStreamingDistribution", "cloudfront:DescribeFunction", "cloudfront:DescribeKeyValueStore", "cloudfront:GetCachePolicy", "cloudfront:GetCachePolicyConfig", "cloudfront:GetCloudFrontOriginAccessIdentity", "cloudfront:GetCloudFrontOriginAccessIdentityConfig", "cloudfront:GetContinuousDeploymentPolicy", "cloudfront:GetContinuousDeploymentPolicyConfig", "cloudfront:GetDistribution", "cloudfront:GetDistributionConfig", "cloudfront:GetFieldLevelEncryption", "cloudfront:GetFieldLevelEncryptionConfig", "cloudfront:GetFieldLevelEncryptionProfile", "cloudfront:GetFieldLevelEncryptionProfileConfig", "cloudfront:GetFunction", "cloudfront:GetInvalidation", "cloudfront:GetKeyGroup", "cloudfront:GetKeyGroupConfig", "cloudfront:GetMonitoringSubscription", "cloudfront:GetOriginAccessControl", "cloudfront:GetOriginAccessControlConfig", "cloudfront:GetOriginRequestPolicy", "cloudfront:GetOriginRequestPolicyConfig", "cloudfront:GetPublicKey", "cloudfront:GetPublicKeyConfig", "cloudfront:GetRealtimeLogConfig", "cloudfront:GetResponseHeadersPolicy", "cloudfront:GetResponseHeadersPolicyConfig", "cloudfront:GetSavingsPlan", "cloudfront:GetStreamingDistribution", "cloudfront:GetStreamingDistributionConfig", "cloudfront:ListCachePolicies", "cloudfront:ListCloudFrontOriginAccessIdentities", "cloudfront:ListConflictingAliases", "cloudfront:ListContinuousDeploymentPolicies", "cloudfront:ListDistributions", "cloudfront:ListDistributionsByCachePolicyId", "cloudfront:ListDistributionsByKeyGroup", "cloudfront:ListDistributionsByLambdaFunction", "cloudfront:ListDistributionsByOriginRequestPolicyId", "cloudfront:ListDistributionsByRealtimeLogConfig", "cloudfront:ListDistributionsByResponseHeadersPolicyId", "cloudfront:ListDistributionsByWebACLId", "cloudfront:ListFieldLevelEncryptionConfigs", "cloudfront:ListFieldLevelEncryptionProfiles", "cloudfront:ListFunctions", "cloudfront:ListInvalidations", "cloudfront:ListKeyGroups", "cloudfront:ListKeyValueStores", "cloudfront:ListOriginAccessControls", "cloudfront:ListOriginRequestPolicies", "cloudfront:ListPublicKeys", "cloudfront:ListRateCards", "cloudfront:ListRealtimeLogConfigs", "cloudfront:ListResponseHeadersPolicies", "cloudfront:ListSavingsPlans", "cloudfront:ListStreamingDistributions", "cloudfront:ListTagsForResource", "cloudfront:ListUsages", "cloudfront:PublishFunction", "cloudfront:TagResource", "cloudfront:TestFunction", "cloudfront:UntagResource", "cloudfront:UpdateCachePolicy", "cloudfront:UpdateCloudFrontOriginAccessIdentity", "cloudfront:UpdateContinuousDeploymentPolicy", "cloudfront:UpdateDistribution", "cloudfront:UpdateFieldLevelEncryptionConfig", "cloudfront:UpdateFieldLevelEncryptionProfile", "cloudfront:UpdateFunction", "cloudfront:UpdateKeyGroup", "cloudfront:UpdateKeyValueStore", "cloudfront:UpdateOriginAccessControl", "cloudfront:UpdateOriginRequestPolicy", "cloudfront:UpdatePublicKey", "cloudfront:UpdateRealtimeLogConfig", "cloudfront:UpdateResponseHeadersPolicy", "cloudfront:UpdateSavingsPlan", "cloudfront:UpdateStreamingDistribution", "cloudfront-keyvaluestore:DeleteKey", "cloudfront-keyvaluestore:DescribeKeyValueStore", "cloudfront-keyvaluestore:GetKey", "cloudfront-keyvaluestore:ListKeys", "cloudfront-keyvaluestore:PutKey", "cloudfront-keyvaluestore:UpdateKeys", "cloudhsm:AddTagsToResource", "cloudhsm:CopyBackupToRegion", "cloudhsm:CreateCluster", "cloudhsm:CreateHapg", "cloudhsm:CreateHsm", "cloudhsm:CreateLunaClient", "cloudhsm:DeleteBackup", "cloudhsm:DeleteCluster", "cloudhsm:DeleteHapg", "cloudhsm:DeleteHsm", "cloudhsm:DeleteLunaClient", "cloudhsm:DescribeBackups", "cloudhsm:DescribeClusters", "cloudhsm:DescribeHapg", "cloudhsm:DescribeHsm", "cloudhsm:DescribeLunaClient", "cloudhsm:GetConfig", "cloudhsm:InitializeCluster", "cloudhsm:ListAvailableZones", "cloudhsm:ListHapgs", "cloudhsm:ListHsms", "cloudhsm:ListLunaClients", "cloudhsm:ListTags", "cloudhsm:ListTagsForResource", "cloudhsm:ModifyBackupAttributes", "cloudhsm:ModifyCluster", "cloudhsm:ModifyHapg", "cloudhsm:ModifyHsm", "cloudhsm:ModifyLunaClient", "cloudhsm:RemoveTagsFromResource", "cloudhsm:RestoreBackup", "cloudhsm:TagResource", "cloudhsm:UntagResource", "cloudsearch:AddTags", "cloudsearch:BuildSuggesters", "cloudsearch:CreateDomain", "cloudsearch:DefineAnalysisScheme", "cloudsearch:DefineExpression", "cloudsearch:DefineIndexField", "cloudsearch:DefineSuggester", "cloudsearch:DeleteAnalysisScheme", "cloudsearch:DeleteDomain", "cloudsearch:DeleteExpression", "cloudsearch:DeleteIndexField", "cloudsearch:DeleteSuggester", "cloudsearch:DescribeAnalysisSchemes", "cloudsearch:DescribeAvailabilityOptions", "cloudsearch:DescribeDomainEndpointOptions", "cloudsearch:DescribeDomains", "cloudsearch:DescribeExpressions", "cloudsearch:DescribeIndexFields", "cloudsearch:DescribeScalingParameters", "cloudsearch:DescribeServiceAccessPolicies", "cloudsearch:DescribeSuggesters", "cloudsearch:IndexDocuments", "cloudsearch:ListDomainNames", "cloudsearch:ListTags", "cloudsearch:RemoveTags", "cloudsearch:UpdateAvailabilityOptions", "cloudsearch:UpdateDomainEndpointOptions", "cloudsearch:UpdateScalingParameters", "cloudsearch:UpdateServiceAccessPolicies", "cloudsearch:document", "cloudsearch:search", "cloudsearch:suggest", "cloudshell:CreateEnvironment", "cloudshell:CreateSession", "cloudshell:DeleteEnvironment", "cloudshell:GetEnvironmentStatus", "cloudshell:GetFileDownloadUrls", "cloudshell:GetFileUploadUrls", "cloudshell:PutCredentials", "cloudshell:StartEnvironment", "cloudshell:StopEnvironment", "cloudtrail:AddTags", "cloudtrail:CancelQuery", "cloudtrail:CreateChannel", "cloudtrail:CreateEventDataStore", "cloudtrail:CreateServiceLinkedChannel", "cloudtrail:CreateTrail", "cloudtrail:DeleteChannel", "cloudtrail:DeleteEventDataStore", "cloudtrail:DeleteResourcePolicy", "cloudtrail:DeleteServiceLinkedChannel", "cloudtrail:DeleteTrail", "cloudtrail:DeregisterOrganizationDelegatedAdmin", "cloudtrail:DescribeQuery", "cloudtrail:DescribeTrails", "cloudtrail:DisableFederation", "cloudtrail:EnableFederation", "cloudtrail:GetChannel", "cloudtrail:GetEventDataStore", "cloudtrail:GetEventDataStoreData", "cloudtrail:GetEventSelectors", "cloudtrail:GetImport", "cloudtrail:GetInsightSelectors", "cloudtrail:GetQueryResults", "cloudtrail:GetResourcePolicy", "cloudtrail:GetServiceLinkedChannel", "cloudtrail:GetTrail", "cloudtrail:GetTrailStatus", "cloudtrail:ListChannels", "cloudtrail:ListEventDataStores", "cloudtrail:ListImportFailures", "cloudtrail:ListImports", "cloudtrail:ListPublicKeys", "cloudtrail:ListQueries", "cloudtrail:ListServiceLinkedChannels", "cloudtrail:ListTags", "cloudtrail:ListTrails", "cloudtrail:LookupEvents", "cloudtrail:PutEventSelectors", "cloudtrail:PutInsightSelectors", "cloudtrail:PutResourcePolicy", "cloudtrail:RegisterOrganizationDelegatedAdmin", "cloudtrail:RemoveTags", "cloudtrail:RestoreEventDataStore", "cloudtrail:StartEventDataStoreIngestion", "cloudtrail:StartImport", "cloudtrail:StartLogging", "cloudtrail:StartQuery", "cloudtrail:StopEventDataStoreIngestion", "cloudtrail:StopImport", "cloudtrail:StopLogging", "cloudtrail:UpdateChannel", "cloudtrail:UpdateEventDataStore", "cloudtrail:UpdateServiceLinkedChannel", "cloudtrail:UpdateTrail", "cloudtrail-data:PutAuditEvents", "cloudwatch:BatchGetServiceLevelIndicatorReport", "cloudwatch:BatchGetServiceLevelObjectiveBudgetReport", "cloudwatch:CreateServiceLevelObjective", "cloudwatch:DeleteAlarms", "cloudwatch:DeleteAnomalyDetector", "cloudwatch:DeleteDashboards", "cloudwatch:DeleteInsightRules", "cloudwatch:DeleteMetricStream", "cloudwatch:DeleteServiceLevelObjective", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:DisableAlarmActions", "cloudwatch:DisableInsightRules", "cloudwatch:EnableAlarmActions", "cloudwatch:EnableInsightRules", "cloudwatch:EnableTopologyDiscovery", "cloudwatch:GenerateQuery", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:Link", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "cloudwatch:PutAnomalyDetector", "cloudwatch:PutCompositeAlarm", "cloudwatch:PutDashboard", "cloudwatch:PutInsightRule", "cloudwatch:PutManagedInsightRules", "cloudwatch:PutMetricAlarm", "cloudwatch:PutMetricData", "cloudwatch:PutMetricStream", "cloudwatch:SetAlarmState", "cloudwatch:StartMetricStreams", "cloudwatch:StopMetricStreams", "cloudwatch:TagResource", "cloudwatch:UntagResource", "cloudwatch:UpdateServiceLevelObjective", "codeartifact:AssociateExternalConnection", "codeartifact:AssociateWithDownstreamRepository", "codeartifact:CopyPackageVersions", "codeartifact:CreateDomain", "codeartifact:CreatePackageGroup", "codeartifact:CreateRepository", "codeartifact:DeleteDomain", "codeartifact:DeleteDomainPermissionsPolicy", "codeartifact:DeletePackage", "codeartifact:DeletePackageGroup", "codeartifact:DeletePackageVersions", "codeartifact:DeleteRepository", "codeartifact:DeleteRepositoryPermissionsPolicy", "codeartifact:DescribeDomain", "codeartifact:DescribePackage", "codeartifact:DescribePackageGroup", "codeartifact:DescribePackageVersion", "codeartifact:DescribeRepository", "codeartifact:DisassociateExternalConnection", "codeartifact:DisposePackageVersions", "codeartifact:GetAssociatedPackageGroup", "codeartifact:GetAuthorizationToken", "codeartifact:GetDomainPermissionsPolicy", "codeartifact:GetPackageVersionAsset", "codeartifact:GetPackageVersionReadme", "codeartifact:GetRepositoryEndpoint", "codeartifact:GetRepositoryPermissionsPolicy", "codeartifact:ListAllowedRepositoriesForGroup", "codeartifact:ListAssociatedPackages", "codeartifact:ListDomains", "codeartifact:ListPackageGroups", "codeartifact:ListPackageVersionAssets", "codeartifact:ListPackageVersionDependencies", "codeartifact:ListPackageVersions", "codeartifact:ListPackages", "codeartifact:ListRepositories", "codeartifact:ListRepositoriesInDomain", "codeartifact:ListSubPackageGroups", "codeartifact:ListTagsForResource", "codeartifact:PublishPackageVersion", "codeartifact:PutDomainPermissionsPolicy", "codeartifact:PutPackageMetadata", "codeartifact:PutPackageOriginConfiguration", "codeartifact:PutRepositoryPermissionsPolicy", "codeartifact:ReadFromRepository", "codeartifact:TagResource", "codeartifact:UntagResource", "codeartifact:UpdatePackageGroup", "codeartifact:UpdatePackageGroupOriginConfiguration", "codeartifact:UpdatePackageVersionsStatus", "codeartifact:UpdateRepository", "codebuild:BatchDeleteBuilds", "codebuild:BatchGetBuildBatches", "codebuild:BatchGetBuilds", "codebuild:BatchGetFleets", "codebuild:BatchGetProjects", "codebuild:BatchGetReportGroups", "codebuild:BatchGetReports", "codebuild:BatchPutCodeCoverages", "codebuild:BatchPutTestCases", "codebuild:CreateFleet", "codebuild:CreateProject", "codebuild:CreateReport", "codebuild:CreateReportGroup", "codebuild:CreateWebhook", "codebuild:DeleteBuildBatch", "codebuild:DeleteFleet", "codebuild:DeleteOAuthToken", "codebuild:DeleteProject", "codebuild:DeleteReport", "codebuild:DeleteReportGroup", "codebuild:DeleteResourcePolicy", "codebuild:DeleteSourceCredentials", "codebuild:DeleteWebhook", "codebuild:DescribeCodeCoverages", "codebuild:DescribeTestCases", "codebuild:GetReportGroupTrend", "codebuild:GetResourcePolicy", "codebuild:ImportSourceCredentials", "codebuild:InvalidateProjectCache", "codebuild:ListBuildBatches", "codebuild:ListBuildBatchesForProject", "codebuild:ListBuilds", "codebuild:ListBuildsForProject", "codebuild:ListConnectedOAuthAccounts", "codebuild:ListCuratedEnvironmentImages", "codebuild:ListFleets", "codebuild:ListProjects", "codebuild:ListReportGroups", "codebuild:ListReports", "codebuild:ListReportsForReportGroup", "codebuild:ListRepositories", "codebuild:ListSharedProjects", "codebuild:ListSharedReportGroups", "codebuild:ListSourceCredentials", "codebuild:PersistOAuthToken", "codebuild:PutResourcePolicy", "codebuild:RetryBuild", "codebuild:RetryBuildBatch", "codebuild:StartBuild", "codebuild:StartBuildBatch", "codebuild:StopBuild", "codebuild:StopBuildBatch", "codebuild:UpdateFleet", "codebuild:UpdateProject", "codebuild:UpdateProjectVisibility", "codebuild:UpdateReport", "codebuild:UpdateReportGroup", "codebuild:UpdateWebhook", "codecatalyst:AcceptConnection", "codecatalyst:AssociateIamRoleToConnection", "codecatalyst:AssociateIdentityCenterApplicationToSpace", "codecatalyst:AssociateIdentityToIdentityCenterApplication", "codecatalyst:BatchAssociateIdentitiesToIdentityCenterApplication", "codecatalyst:BatchDisassociateIdentitiesFromIdentityCenterApplication", "codecatalyst:CreateIdentityCenterApplication", "codecatalyst:CreateSpace", "codecatalyst:CreateSpaceAdminRoleAssignment", "codecatalyst:DeleteConnection", "codecatalyst:DeleteIdentityCenterApplication", "codecatalyst:DisassociateIamRoleFromConnection", "codecatalyst:DisassociateIdentityCenterApplicationFromSpace", "codecatalyst:DisassociateIdentityFromIdentityCenterApplication", "codecatalyst:GetBillingAuthorization", "codecatalyst:GetConnection", "codecatalyst:GetIdentityCenterApplication", "codecatalyst:GetPendingConnection", "codecatalyst:ListConnections", "codecatalyst:ListIamRolesForConnection", "codecatalyst:ListIdentityCenterApplications", "codecatalyst:ListIdentityCenterApplicationsForSpace", "codecatalyst:ListSpacesForIdentityCenterApplication", "codecatalyst:ListTagsForResource", "codecatalyst:PutBillingAuthorization", "codecatalyst:RejectConnection", "codecatalyst:SynchronizeIdentityCenterApplication", "codecatalyst:TagResource", "codecatalyst:UntagResource", "codecatalyst:UpdateIdentityCenterApplication", "codecommit:AssociateApprovalRuleTemplateWithRepository", "codecommit:BatchAssociateApprovalRuleTemplateWithRepositories", "codecommit:BatchDescribeMergeConflicts", "codecommit:BatchDisassociateApprovalRuleTemplateFromRepositories", "codecommit:BatchGetCommits", "codecommit:BatchGetPullRequests", "codecommit:BatchGetRepositories", "codecommit:CancelUploadArchive", "codecommit:CreateApprovalRuleTemplate", "codecommit:CreateBranch", "codecommit:CreateCommit", "codecommit:CreatePullRequest", "codecommit:CreatePullRequestApprovalRule", "codecommit:CreateRepository", "codecommit:CreateUnreferencedMergeCommit", "codecommit:DeleteApprovalRuleTemplate", "codecommit:DeleteBranch", "codecommit:DeleteCommentContent", "codecommit:DeleteFile", "codecommit:DeletePullRequestApprovalRule", "codecommit:DeleteRepository", "codecommit:DescribeMergeConflicts", "codecommit:DescribePullRequestEvents", "codecommit:DisassociateApprovalRuleTemplateFromRepository", "codecommit:EvaluatePullRequestApprovalRules", "codecommit:GetApprovalRuleTemplate", "codecommit:GetBlob", "codecommit:GetBranch", "codecommit:GetComment", "codecommit:GetCommentReactions", "codecommit:GetCommentsForComparedCommit", "codecommit:GetCommentsForPullRequest", "codecommit:GetCommit", "codecommit:GetCommitHistory", "codecommit:GetCommitsFromMergeBase", "codecommit:GetDifferences", "codecommit:GetFile", "codecommit:GetFolder", "codecommit:GetMergeCommit", "codecommit:GetMergeConflicts", "codecommit:GetMergeOptions", "codecommit:GetObjectIdentifier", "codecommit:GetPullRequest", "codecommit:GetPullRequestApprovalStates", "codecommit:GetPullRequestOverrideState", "codecommit:GetReferences", "codecommit:GetRepository", "codecommit:GetRepositoryTriggers", "codecommit:GetTree", "codecommit:GetUploadArchiveStatus", "codecommit:GitPull", "codecommit:GitPush", "codecommit:ListApprovalRuleTemplates", "codecommit:ListAssociatedApprovalRuleTemplatesForRepository", "codecommit:ListBranches", "codecommit:ListFileCommitHistory", "codecommit:ListPullRequests", "codecommit:ListRepositories", "codecommit:ListRepositoriesForApprovalRuleTemplate", "codecommit:ListTagsForResource", "codecommit:MergeBranchesByFastForward", "codecommit:MergeBranchesBySquash", "codecommit:MergeBranchesByThreeWay", "codecommit:MergePullRequestByFastForward", "codecommit:MergePullRequestBySquash", "codecommit:MergePullRequestByThreeWay", "codecommit:OverridePullRequestApprovalRules", "codecommit:PostCommentForComparedCommit", "codecommit:PostCommentForPullRequest", "codecommit:PostCommentReply", "codecommit:PutCommentReaction", "codecommit:PutFile", "codecommit:PutRepositoryTriggers", "codecommit:TagResource", "codecommit:TestRepositoryTriggers", "codecommit:UntagResource", "codecommit:UpdateApprovalRuleTemplateContent", "codecommit:UpdateApprovalRuleTemplateDescription", "codecommit:UpdateApprovalRuleTemplateName", "codecommit:UpdateComment", "codecommit:UpdateDefaultBranch", "codecommit:UpdatePullRequestApprovalRuleContent", "codecommit:UpdatePullRequestApprovalState", "codecommit:UpdatePullRequestDescription", "codecommit:UpdatePullRequestStatus", "codecommit:UpdatePullRequestTitle", "codecommit:UpdateRepositoryDescription", "codecommit:UpdateRepositoryEncryptionKey", "codecommit:UpdateRepositoryName", "codecommit:UploadArchive", "codeconnections:CreateConnection", "codeconnections:CreateHost", "codeconnections:CreateRepositoryLink", "codeconnections:CreateSyncConfiguration", "codeconnections:DeleteConnection", "codeconnections:DeleteHost", "codeconnections:DeleteRepositoryLink", "codeconnections:DeleteSyncConfiguration", "codeconnections:GetConnection", "codeconnections:GetHost", "codeconnections:GetIndividualAccessToken", "codeconnections:GetInstallationUrl", "codeconnections:GetRepositoryLink", "codeconnections:GetRepositorySyncStatus", "codeconnections:GetResourceSyncStatus", "codeconnections:GetSyncBlockerSummary", "codeconnections:GetSyncConfiguration", "codeconnections:ListConnections", "codeconnections:ListHosts", "codeconnections:ListInstallationTargets", "codeconnections:ListRepositoryLinks", "codeconnections:ListRepositorySyncDefinitions", "codeconnections:ListSyncConfigurations", "codeconnections:ListTagsForResource", "codeconnections:PassConnection", "codeconnections:PassRepository", "codeconnections:RegisterAppCode", "codeconnections:StartAppRegistrationHandshake", "codeconnections:StartOAuthHandshake", "codeconnections:TagResource", "codeconnections:UntagResource", "codeconnections:UpdateConnectionInstallation", "codeconnections:UpdateHost", "codeconnections:UpdateRepositoryLink", "codeconnections:UpdateSyncBlocker", "codeconnections:UpdateSyncConfiguration", "codeconnections:UseConnection", "codedeploy:AddTagsToOnPremisesInstances", "codedeploy:BatchGetApplicationRevisions", "codedeploy:BatchGetApplications", "codedeploy:BatchGetDeploymentGroups", "codedeploy:BatchGetDeploymentInstances", "codedeploy:BatchGetDeploymentTargets", "codedeploy:BatchGetDeployments", "codedeploy:BatchGetOnPremisesInstances", "codedeploy:ContinueDeployment", "codedeploy:CreateApplication", "codedeploy:CreateCloudFormationDeployment", "codedeploy:CreateDeployment", "codedeploy:CreateDeploymentConfig", "codedeploy:CreateDeploymentGroup", "codedeploy:DeleteApplication", "codedeploy:DeleteDeploymentConfig", "codedeploy:DeleteDeploymentGroup", "codedeploy:DeleteGitHubAccountToken", "codedeploy:DeleteResourcesByExternalId", "codedeploy:DeregisterOnPremisesInstance", "codedeploy:GetApplication", "codedeploy:GetApplicationRevision", "codedeploy:GetDeployment", "codedeploy:GetDeploymentConfig", "codedeploy:GetDeploymentGroup", "codedeploy:GetDeploymentInstance", "codedeploy:GetDeploymentTarget", "codedeploy:GetOnPremisesInstance", "codedeploy:ListApplicationRevisions", "codedeploy:ListApplications", "codedeploy:ListDeploymentConfigs", "codedeploy:ListDeploymentGroups", "codedeploy:ListDeploymentInstances", "codedeploy:ListDeploymentTargets", "codedeploy:ListDeployments", "codedeploy:ListGitHubAccountTokenNames", "codedeploy:ListOnPremisesInstances", "codedeploy:ListTagsForResource", "codedeploy:PutLifecycleEventHookExecutionStatus", "codedeploy:RegisterApplicationRevision", "codedeploy:RegisterOnPremisesInstance", "codedeploy:RemoveTagsFromOnPremisesInstances", "codedeploy:SkipWaitTimeForInstanceTermination", "codedeploy:StopDeployment", "codedeploy:TagResource", "codedeploy:UntagResource", "codedeploy:UpdateApplication", "codedeploy:UpdateDeploymentGroup", "codedeploy-commands-secure:GetDeploymentSpecification", "codedeploy-commands-secure:PollHostCommand", "codedeploy-commands-secure:PutHostCommandAcknowledgement", "codedeploy-commands-secure:PutHostCommandComplete", "codeguru:GetCodeGuruFreeTrialSummary", "codeguru-profiler:AddNotificationChannels", "codeguru-profiler:BatchGetFrameMetricData", "codeguru-profiler:ConfigureAgent", "codeguru-profiler:CreateProfilingGroup", "codeguru-profiler:DeleteProfilingGroup", "codeguru-profiler:DescribeProfilingGroup", "codeguru-profiler:GetFindingsReportAccountSummary", "codeguru-profiler:GetNotificationConfiguration", "codeguru-profiler:GetPolicy", "codeguru-profiler:GetProfile", "codeguru-profiler:GetRecommendations", "codeguru-profiler:ListFindingsReports", "codeguru-profiler:ListProfileTimes", "codeguru-profiler:ListProfilingGroups", "codeguru-profiler:ListTagsForResource", "codeguru-profiler:PostAgentProfile", "codeguru-profiler:PutPermission", "codeguru-profiler:RemoveNotificationChannel", "codeguru-profiler:RemovePermission", "codeguru-profiler:SubmitFeedback", "codeguru-profiler:TagResource", "codeguru-profiler:UntagResource", "codeguru-profiler:UpdateProfilingGroup", "codeguru-reviewer:AssociateRepository", "codeguru-reviewer:CreateCodeReview", "codeguru-reviewer:CreateConnectionToken", "codeguru-reviewer:DescribeCodeReview", "codeguru-reviewer:DescribeRecommendationFeedback", "codeguru-reviewer:DescribeRepositoryAssociation", "codeguru-reviewer:DisassociateRepository", "codeguru-reviewer:GetMetricsData", "codeguru-reviewer:ListCodeReviews", "codeguru-reviewer:ListRecommendationFeedback", "codeguru-reviewer:ListRecommendations", "codeguru-reviewer:ListRepositoryAssociations", "codeguru-reviewer:ListTagsForResource", "codeguru-reviewer:ListThirdPartyRepositories", "codeguru-reviewer:PutRecommendationFeedback", "codeguru-reviewer:TagResource", "codeguru-reviewer:UnTagResource", "codeguru-security:BatchGetFindings", "codeguru-security:CreateScan", "codeguru-security:CreateUploadUrl", "codeguru-security:DeleteScansByCategory", "codeguru-security:GetAccountConfiguration", "codeguru-security:GetFindings", "codeguru-security:GetMetricsSummary", "codeguru-security:GetScan", "codeguru-security:ListFindings", "codeguru-security:ListFindingsMetrics", "codeguru-security:ListScans", "codeguru-security:ListTagsForResource", "codeguru-security:TagResource", "codeguru-security:UntagResource", "codeguru-security:UpdateAccountConfiguration", "codepipeline:AcknowledgeJob", "codepipeline:AcknowledgeThirdPartyJob", "codepipeline:CreateCustomActionType", "codepipeline:CreatePipeline", "codepipeline:DeleteCustomActionType", "codepipeline:DeletePipeline", "codepipeline:DeleteWebhook", "codepipeline:DeregisterWebhookWithThirdParty", "codepipeline:DisableStageTransition", "codepipeline:EnableStageTransition", "codepipeline:GetActionType", "codepipeline:GetJobDetails", "codepipeline:GetPipeline", "codepipeline:GetPipelineExecution", "codepipeline:GetPipelineState", "codepipeline:GetThirdPartyJobDetails", "codepipeline:ListActionExecutions", "codepipeline:ListActionTypes", "codepipeline:ListPipelineExecutions", "codepipeline:ListPipelines", "codepipeline:ListTagsForResource", "codepipeline:ListWebhooks", "codepipeline:PollForJobs", "codepipeline:PollForThirdPartyJobs", "codepipeline:PutActionRevision", "codepipeline:PutApprovalResult", "codepipeline:PutJobFailureResult", "codepipeline:PutJobSuccessResult", "codepipeline:PutThirdPartyJobFailureResult", "codepipeline:PutThirdPartyJobSuccessResult", "codepipeline:PutWebhook", "codepipeline:RegisterWebhookWithThirdParty", "codepipeline:RetryStageExecution", "codepipeline:StartPipelineExecution", "codepipeline:StopPipelineExecution", "codepipeline:TagResource", "codepipeline:UntagResource", "codepipeline:UpdateActionType", "codepipeline:UpdatePipeline", "codestar:AssociateTeamMember", "codestar:CreateProject", "codestar:CreateUserProfile", "codestar:DeleteExtendedAccess", "codestar:DeleteProject", "codestar:DeleteUserProfile", "codestar:DescribeProject", "codestar:DescribeUserProfile", "codestar:DisassociateTeamMember", "codestar:GetExtendedAccess", "codestar:ListProjects", "codestar:ListResources", "codestar:ListTagsForProject", "codestar:ListTeamMembers", "codestar:ListUserProfiles", "codestar:PutExtendedAccess", "codestar:TagProject", "codestar:UntagProject", "codestar:UpdateProject", "codestar:UpdateTeamMember", "codestar:UpdateUserProfile", "codestar:VerifyServiceRole", "codestar-connections:CreateConnection", "codestar-connections:CreateHost", "codestar-connections:CreateRepositoryLink", "codestar-connections:CreateSyncConfiguration", "codestar-connections:DeleteConnection", "codestar-connections:DeleteHost", "codestar-connections:DeleteRepositoryLink", "codestar-connections:DeleteSyncConfiguration", "codestar-connections:GetConnection", "codestar-connections:GetHost", "codestar-connections:GetIndividualAccessToken", "codestar-connections:GetInstallationUrl", "codestar-connections:GetRepositoryLink", "codestar-connections:GetRepositorySyncStatus", "codestar-connections:GetResourceSyncStatus", "codestar-connections:GetSyncBlockerSummary", "codestar-connections:GetSyncConfiguration", "codestar-connections:ListConnections", "codestar-connections:ListHosts", "codestar-connections:ListInstallationTargets", "codestar-connections:ListRepositoryLinks", "codestar-connections:ListRepositorySyncDefinitions", "codestar-connections:ListSyncConfigurations", "codestar-connections:ListTagsForResource", "codestar-connections:PassConnection", "codestar-connections:PassRepository", "codestar-connections:RegisterAppCode", "codestar-connections:StartAppRegistrationHandshake", "codestar-connections:StartOAuthHandshake", "codestar-connections:TagResource", "codestar-connections:UntagResource", "codestar-connections:UpdateConnectionInstallation", "codestar-connections:UpdateHost", "codestar-connections:UpdateRepositoryLink", "codestar-connections:UpdateSyncBlocker", "codestar-connections:UpdateSyncConfiguration", "codestar-connections:UseConnection", "codestar-notifications:CreateNotificationRule", "codestar-notifications:DeleteNotificationRule", "codestar-notifications:DeleteTarget", "codestar-notifications:DescribeNotificationRule", "codestar-notifications:ListEventTypes", "codestar-notifications:ListNotificationRules", "codestar-notifications:ListTagsForResource", "codestar-notifications:ListTargets", "codestar-notifications:Subscribe", "codestar-notifications:TagResource", "codestar-notifications:Unsubscribe", "codestar-notifications:UntagResource", "codestar-notifications:UpdateNotificationRule", "codewhisperer:AllowVendedLogDeliveryForResource", "codewhisperer:AssociateCustomizationPermission", "codewhisperer:CreateCustomization", "codewhisperer:CreateProfile", "codewhisperer:DeleteCustomization", "codewhisperer:DeleteProfile", "codewhisperer:DisassociateCustomizationPermission", "codewhisperer:GenerateRecommendations", "codewhisperer:GetCustomization", "codewhisperer:ListCustomizationPermissions", "codewhisperer:ListCustomizationVersions", "codewhisperer:ListCustomizations", "codewhisperer:ListProfiles", "codewhisperer:ListTagsForResource", "codewhisperer:TagResource", "codewhisperer:UntagResource", "codewhisperer:UpdateCustomization", "codewhisperer:UpdateProfile", "cognito-identity:CreateIdentityPool", "cognito-identity:DeleteIdentities", "cognito-identity:DeleteIdentityPool", "cognito-identity:DescribeIdentity", "cognito-identity:DescribeIdentityPool", "cognito-identity:GetCredentialsForIdentity", "cognito-identity:GetId", "cognito-identity:GetIdentityPoolAnalytics", "cognito-identity:GetIdentityPoolDailyAnalytics", "cognito-identity:GetIdentityPoolRoles", "cognito-identity:GetIdentityProviderDailyAnalytics", "cognito-identity:GetOpenIdToken", "cognito-identity:GetOpenIdTokenForDeveloperIdentity", "cognito-identity:GetPrincipalTagAttributeMap", "cognito-identity:ListIdentities", "cognito-identity:ListIdentityPools", "cognito-identity:ListTagsForResource", "cognito-identity:LookupDeveloperIdentity", "cognito-identity:MergeDeveloperIdentities", "cognito-identity:SetIdentityPoolRoles", "cognito-identity:SetPrincipalTagAttributeMap", "cognito-identity:TagResource", "cognito-identity:UnlinkDeveloperIdentity", "cognito-identity:UnlinkIdentity", "cognito-identity:UntagResource", "cognito-identity:UpdateIdentityPool", "cognito-idp:AddCustomAttributes", "cognito-idp:AdminAddUserToGroup", "cognito-idp:AdminConfirmSignUp", "cognito-idp:AdminCreateUser", "cognito-idp:AdminDeleteUser", "cognito-idp:AdminDeleteUserAttributes", "cognito-idp:AdminDisableProviderForUser", "cognito-idp:AdminDisableUser", "cognito-idp:AdminEnableUser", "cognito-idp:AdminForgetDevice", "cognito-idp:AdminGetDevice", "cognito-idp:AdminGetUser", "cognito-idp:AdminInitiateAuth", "cognito-idp:AdminLinkProviderForUser", "cognito-idp:AdminListDevices", "cognito-idp:AdminListGroupsForUser", "cognito-idp:AdminListUserAuthEvents", "cognito-idp:AdminRemoveUserFromGroup", "cognito-idp:AdminResetUserPassword", "cognito-idp:AdminRespondToAuthChallenge", "cognito-idp:AdminSetUserMFAPreference", "cognito-idp:AdminSetUserPassword", "cognito-idp:AdminSetUserSettings", "cognito-idp:AdminUpdateAuthEventFeedback", "cognito-idp:AdminUpdateDeviceStatus", "cognito-idp:AdminUpdateUserAttributes", "cognito-idp:AdminUserGlobalSignOut", "cognito-idp:AssociateSoftwareToken", "cognito-idp:AssociateWebACL", "cognito-idp:ChangePassword", "cognito-idp:ConfirmDevice", "cognito-idp:ConfirmForgotPassword", "cognito-idp:ConfirmSignUp", "cognito-idp:CreateGroup", "cognito-idp:CreateIdentityProvider", "cognito-idp:CreateResourceServer", "cognito-idp:CreateUserImportJob", "cognito-idp:CreateUserPool", "cognito-idp:CreateUserPoolClient", "cognito-idp:CreateUserPoolDomain", "cognito-idp:DeleteGroup", "cognito-idp:DeleteIdentityProvider", "cognito-idp:DeleteResourceServer", "cognito-idp:DeleteUser", "cognito-idp:DeleteUserAttributes", "cognito-idp:DeleteUserPool", "cognito-idp:DeleteUserPoolClient", "cognito-idp:DeleteUserPoolDomain", "cognito-idp:DescribeIdentityProvider", "cognito-idp:DescribeResourceServer", "cognito-idp:DescribeRiskConfiguration", "cognito-idp:DescribeUserImportJob", "cognito-idp:DescribeUserPool", "cognito-idp:DescribeUserPoolClient", "cognito-idp:DescribeUserPoolDomain", "cognito-idp:DisassociateWebACL", "cognito-idp:ForgetDevice", "cognito-idp:ForgotPassword", "cognito-idp:GetCSVHeader", "cognito-idp:GetDevice", "cognito-idp:GetGroup", "cognito-idp:GetIdentityProviderByIdentifier", "cognito-idp:GetLogDeliveryConfiguration", "cognito-idp:GetSigningCertificate", "cognito-idp:GetUICustomization", "cognito-idp:GetUser", "cognito-idp:GetUserAttributeVerificationCode", "cognito-idp:GetUserPoolMfaConfig", "cognito-idp:GetWebACLForResource", "cognito-idp:GlobalSignOut", "cognito-idp:InitiateAuth", "cognito-idp:ListDevices", "cognito-idp:ListGroups", "cognito-idp:ListIdentityProviders", "cognito-idp:ListResourceServers", "cognito-idp:ListResourcesForWebACL", "cognito-idp:ListTagsForResource", "cognito-idp:ListUserImportJobs", "cognito-idp:ListUserPoolClients", "cognito-idp:ListUserPools", "cognito-idp:ListUsers", "cognito-idp:ListUsersInGroup", "cognito-idp:ResendConfirmationCode", "cognito-idp:RespondToAuthChallenge", "cognito-idp:RevokeToken", "cognito-idp:SetLogDeliveryConfiguration", "cognito-idp:SetRiskConfiguration", "cognito-idp:SetUICustomization", "cognito-idp:SetUserMFAPreference", "cognito-idp:SetUserPoolMfaConfig", "cognito-idp:SetUserSettings", "cognito-idp:SignUp", "cognito-idp:StartUserImportJob", "cognito-idp:StopUserImportJob", "cognito-idp:TagResource", "cognito-idp:UntagResource", "cognito-idp:UpdateAuthEventFeedback", "cognito-idp:UpdateDeviceStatus", "cognito-idp:UpdateGroup", "cognito-idp:UpdateIdentityProvider", "cognito-idp:UpdateResourceServer", "cognito-idp:UpdateUserAttributes", "cognito-idp:UpdateUserPool", "cognito-idp:UpdateUserPoolClient", "cognito-idp:UpdateUserPoolDomain", "cognito-idp:VerifySoftwareToken", "cognito-idp:VerifyUserAttribute", "cognito-sync:BulkPublish", "cognito-sync:DeleteDataset", "cognito-sync:DescribeDataset", "cognito-sync:DescribeIdentityPoolUsage", "cognito-sync:DescribeIdentityUsage", "cognito-sync:GetBulkPublishDetails", "cognito-sync:GetCognitoEvents", "cognito-sync:GetIdentityPoolConfiguration", "cognito-sync:ListDatasets", "cognito-sync:ListIdentityPoolUsage", "cognito-sync:ListRecords", "cognito-sync:QueryRecords", "cognito-sync:RegisterDevice", "cognito-sync:SetCognitoEvents", "cognito-sync:SetDatasetConfiguration", "cognito-sync:SetIdentityPoolConfiguration", "cognito-sync:SubscribeToDataset", "cognito-sync:UnsubscribeFromDataset", "cognito-sync:UpdateRecords", "comprehend:BatchDetectDominantLanguage", "comprehend:BatchDetectEntities", "comprehend:BatchDetectKeyPhrases", "comprehend:BatchDetectSentiment", "comprehend:BatchDetectSyntax", "comprehend:BatchDetectTargetedSentiment", "comprehend:ClassifyDocument", "comprehend:ContainsPiiEntities", "comprehend:CreateDataset", "comprehend:CreateDocumentClassifier", "comprehend:CreateEndpoint", "comprehend:CreateEntityRecognizer", "comprehend:CreateFlywheel", "comprehend:DeleteDocumentClassifier", "comprehend:DeleteEndpoint", "comprehend:DeleteEntityRecognizer", "comprehend:DeleteFlywheel", "comprehend:DeleteResourcePolicy", "comprehend:DescribeDataset", "comprehend:DescribeDocumentClassificationJob", "comprehend:DescribeDocumentClassifier", "comprehend:DescribeDominantLanguageDetectionJob", "comprehend:DescribeEndpoint", "comprehend:DescribeEntitiesDetectionJob", "comprehend:DescribeEntityRecognizer", "comprehend:DescribeEventsDetectionJob", "comprehend:DescribeFlywheel", "comprehend:DescribeFlywheelIteration", "comprehend:DescribeKeyPhrasesDetectionJob", "comprehend:DescribePiiEntitiesDetectionJob", "comprehend:DescribeResourcePolicy", "comprehend:DescribeSentimentDetectionJob", "comprehend:DescribeTargetedSentimentDetectionJob", "comprehend:DescribeTopicsDetectionJob", "comprehend:DetectDominantLanguage", "comprehend:DetectEntities", "comprehend:DetectKeyPhrases", "comprehend:DetectPiiEntities", "comprehend:DetectSentiment", "comprehend:DetectSyntax", "comprehend:DetectTargetedSentiment", "comprehend:DetectToxicContent", "comprehend:ImportModel", "comprehend:ListDatasets", "comprehend:ListDocumentClassificationJobs", "comprehend:ListDocumentClassifierSummaries", "comprehend:ListDocumentClassifiers", "comprehend:ListDominantLanguageDetectionJobs", "comprehend:ListEndpoints", "comprehend:ListEntitiesDetectionJobs", "comprehend:ListEntityRecognizerSummaries", "comprehend:ListEntityRecognizers", "comprehend:ListEventsDetectionJobs", "comprehend:ListFlywheelIterationHistory", "comprehend:ListFlywheels", "comprehend:ListKeyPhrasesDetectionJobs", "comprehend:ListPiiEntitiesDetectionJobs", "comprehend:ListSentimentDetectionJobs", "comprehend:ListTagsForResource", "comprehend:ListTargetedSentimentDetectionJobs", "comprehend:ListTopicsDetectionJobs", "comprehend:PutResourcePolicy", "comprehend:StartDocumentClassificationJob", "comprehend:StartDominantLanguageDetectionJob", "comprehend:StartEntitiesDetectionJob", "comprehend:StartEventsDetectionJob", "comprehend:StartFlywheelIteration", "comprehend:StartKeyPhrasesDetectionJob", "comprehend:StartPiiEntitiesDetectionJob", "comprehend:StartSentimentDetectionJob", "comprehend:StartTargetedSentimentDetectionJob", "comprehend:StartTopicsDetectionJob", "comprehend:StopDominantLanguageDetectionJob", "comprehend:StopEntitiesDetectionJob", "comprehend:StopEventsDetectionJob", "comprehend:StopKeyPhrasesDetectionJob", "comprehend:StopPiiEntitiesDetectionJob", "comprehend:StopSentimentDetectionJob", "comprehend:StopTargetedSentimentDetectionJob", "comprehend:StopTrainingDocumentClassifier", "comprehend:StopTrainingEntityRecognizer", "comprehend:TagResource", "comprehend:UntagResource", "comprehend:UpdateEndpoint", "comprehend:UpdateFlywheel", "comprehendmedical:DescribeEntitiesDetectionV2Job", "comprehendmedical:DescribeICD10CMInferenceJob", "comprehendmedical:DescribePHIDetectionJob", "comprehendmedical:DescribeRxNormInferenceJob", "comprehendmedical:DescribeSNOMEDCTInferenceJob", "comprehendmedical:DetectEntitiesV2", "comprehendmedical:DetectPHI", "comprehendmedical:InferICD10CM", "comprehendmedical:InferRxNorm", "comprehendmedical:InferSNOMEDCT", "comprehendmedical:ListEntitiesDetectionV2Jobs", "comprehendmedical:ListICD10CMInferenceJobs", "comprehendmedical:ListPHIDetectionJobs", "comprehendmedical:ListRxNormInferenceJobs", "comprehendmedical:ListSNOMEDCTInferenceJobs", "comprehendmedical:StartEntitiesDetectionV2Job", "comprehendmedical:StartICD10CMInferenceJob", "comprehendmedical:StartPHIDetectionJob", "comprehendmedical:StartRxNormInferenceJob", "comprehendmedical:StartSNOMEDCTInferenceJob", "comprehendmedical:StopEntitiesDetectionV2Job", "comprehendmedical:StopICD10CMInferenceJob", "comprehendmedical:StopPHIDetectionJob", "comprehendmedical:StopRxNormInferenceJob", "comprehendmedical:StopSNOMEDCTInferenceJob", "compute-optimizer:DeleteRecommendationPreferences", "compute-optimizer:DescribeRecommendationExportJobs", "compute-optimizer:ExportAutoScalingGroupRecommendations", "compute-optimizer:ExportEBSVolumeRecommendations", "compute-optimizer:ExportEC2InstanceRecommendations", "compute-optimizer:ExportECSServiceRecommendations", "compute-optimizer:ExportLambdaFunctionRecommendations", "compute-optimizer:ExportLicenseRecommendations", "compute-optimizer:GetAutoScalingGroupRecommendations", "compute-optimizer:GetEBSVolumeRecommendations", "compute-optimizer:GetEC2InstanceRecommendations", "compute-optimizer:GetEC2RecommendationProjectedMetrics", "compute-optimizer:GetECSServiceRecommendationProjectedMetrics", "compute-optimizer:GetECSServiceRecommendations", "compute-optimizer:GetEffectiveRecommendationPreferences", "compute-optimizer:GetEnrollmentStatus", "compute-optimizer:GetEnrollmentStatusesForOrganization", "compute-optimizer:GetLambdaFunctionRecommendations", "compute-optimizer:GetLicenseRecommendations", "compute-optimizer:GetRecommendationPreferences", "compute-optimizer:GetRecommendationSummaries", "compute-optimizer:PutRecommendationPreferences", "compute-optimizer:UpdateEnrollmentStatus", "config:BatchGetAggregateResourceConfig", "config:BatchGetResourceConfig", "config:DeleteAggregationAuthorization", "config:DeleteConfigRule", "config:DeleteConfigurationAggregator", "config:DeleteConfigurationRecorder", "config:DeleteConformancePack", "config:DeleteDeliveryChannel", "config:DeleteEvaluationResults", "config:DeleteOrganizationConfigRule", "config:DeleteOrganizationConformancePack", "config:DeletePendingAggregationRequest", "config:DeleteRemediationConfiguration", "config:DeleteRemediationExceptions", "config:DeleteResourceConfig", "config:DeleteRetentionConfiguration", "config:DeleteStoredQuery", "config:DeliverConfigSnapshot", "config:DescribeAggregateComplianceByConfigRules", "config:DescribeAggregateComplianceByConformancePacks", "config:DescribeAggregationAuthorizations", "config:DescribeComplianceByConfigRule", "config:DescribeComplianceByResource", "config:DescribeConfigRuleEvaluationStatus", "config:DescribeConfigRules", "config:DescribeConfigurationAggregatorSourcesStatus", "config:DescribeConfigurationAggregators", "config:DescribeConfigurationRecorderStatus", "config:DescribeConfigurationRecorders", "config:DescribeConformancePackCompliance", "config:DescribeConformancePackStatus", "config:DescribeConformancePacks", "config:DescribeDeliveryChannelStatus", "config:DescribeDeliveryChannels", "config:DescribeOrganizationConfigRuleStatuses", "config:DescribeOrganizationConfigRules", "config:DescribeOrganizationConformancePackStatuses", "config:DescribeOrganizationConformancePacks", "config:DescribePendingAggregationRequests", "config:DescribeRemediationConfigurations", "config:DescribeRemediationExceptions", "config:DescribeRemediationExecutionStatus", "config:DescribeRetentionConfigurations", "config:GetAggregateComplianceDetailsByConfigRule", "config:GetAggregateConfigRuleComplianceSummary", "config:GetAggregateConformancePackComplianceSummary", "config:GetAggregateDiscoveredResourceCounts", "config:GetAggregateResourceConfig", "config:GetComplianceDetailsByConfigRule", "config:GetComplianceDetailsByResource", "config:GetComplianceSummaryByConfigRule", "config:GetComplianceSummaryByResourceType", "config:GetConformancePackComplianceDetails", "config:GetConformancePackComplianceSummary", "config:GetCustomRulePolicy", "config:GetDiscoveredResourceCounts", "config:GetOrganizationConfigRuleDetailedStatus", "config:GetOrganizationConformancePackDetailedStatus", "config:GetOrganizationCustomRulePolicy", "config:GetResourceConfigHistory", "config:GetResourceEvaluationSummary", "config:GetStoredQuery", "config:ListAggregateDiscoveredResources", "config:ListConformancePackComplianceScores", "config:ListDiscoveredResources", "config:ListResourceEvaluations", "config:ListStoredQueries", "config:ListTagsForResource", "config:PutAggregationAuthorization", "config:PutConfigRule", "config:PutConfigurationAggregator", "config:PutConfigurationRecorder", "config:PutConformancePack", "config:PutDeliveryChannel", "config:PutEvaluations", "config:PutExternalEvaluation", "config:PutOrganizationConfigRule", "config:PutOrganizationConformancePack", "config:PutRemediationConfigurations", "config:PutRemediationExceptions", "config:PutResourceConfig", "config:PutRetentionConfiguration", "config:PutStoredQuery", "config:SelectAggregateResourceConfig", "config:SelectResourceConfig", "config:StartConfigRulesEvaluation", "config:StartConfigurationRecorder", "config:StartRemediationExecution", "config:StartResourceEvaluation", "config:StopConfigurationRecorder", "config:TagResource", "config:UntagResource", "connect:ActivateEvaluationForm", "connect:AssociateAnalyticsDataSet", "connect:AssociateApprovedOrigin", "connect:AssociateBot", "connect:AssociateCustomerProfilesDomain", "connect:AssociateDefaultVocabulary", "connect:AssociateFlow", "connect:AssociateInstanceStorageConfig", "connect:AssociateLambdaFunction", "connect:AssociateLexBot", "connect:AssociatePhoneNumberContactFlow", "connect:AssociateQueueQuickConnects", "connect:AssociateRoutingProfileQueues", "connect:AssociateSecurityKey", "connect:AssociateTrafficDistributionGroupUser", "connect:AssociateUserProficiencies", "connect:BatchAssociateAnalyticsDataSet", "connect:BatchDisassociateAnalyticsDataSet", "connect:BatchGetFlowAssociation", "connect:BatchPutContact", "connect:ClaimPhoneNumber", "connect:CreateAgentStatus", "connect:CreateContactFlow", "connect:CreateContactFlowModule", "connect:CreateEvaluationForm", "connect:CreateHoursOfOperation", "connect:CreateInstance", "connect:CreateIntegrationAssociation", "connect:CreateParticipant", "connect:CreatePersistentContactAssociation", "connect:CreatePredefinedAttribute", "connect:CreatePrompt", "connect:CreateQueue", "connect:CreateQuickConnect", "connect:CreateRoutingProfile", "connect:CreateRule", "connect:CreateSecurityProfile", "connect:CreateTaskTemplate", "connect:CreateTrafficDistributionGroup", "connect:CreateUseCase", "connect:CreateUser", "connect:CreateUserHierarchyGroup", "connect:CreateView", "connect:CreateViewVersion", "connect:CreateVocabulary", "connect:DeactivateEvaluationForm", "connect:DeleteContactEvaluation", "connect:DeleteContactFlow", "connect:DeleteContactFlowModule", "connect:DeleteEvaluationForm", "connect:DeleteHoursOfOperation", "connect:DeleteInstance", "connect:DeleteIntegrationAssociation", "connect:DeletePredefinedAttribute", "connect:DeletePrompt", "connect:DeleteQueue", "connect:DeleteQuickConnect", "connect:DeleteRoutingProfile", "connect:DeleteRule", "connect:DeleteSecurityProfile", "connect:DeleteTaskTemplate", "connect:DeleteTrafficDistributionGroup", "connect:DeleteUseCase", "connect:DeleteUser", "connect:DeleteUserHierarchyGroup", "connect:DeleteView", "connect:DeleteViewVersion", "connect:DeleteVocabulary", "connect:DescribeAgentStatus", "connect:DescribeContact", "connect:DescribeContactEvaluation", "connect:DescribeContactFlow", "connect:DescribeContactFlowModule", "connect:DescribeEvaluationForm", "connect:DescribeForecastingPlanningSchedulingIntegration", "connect:DescribeHoursOfOperation", "connect:DescribeInstance", "connect:DescribeInstanceAttribute", "connect:DescribeInstanceStorageConfig", "connect:DescribePhoneNumber", "connect:DescribePredefinedAttribute", "connect:DescribePrompt", "connect:DescribeQueue", "connect:DescribeQuickConnect", "connect:DescribeRoutingProfile", "connect:DescribeRule", "connect:DescribeSecurityProfile", "connect:DescribeTrafficDistributionGroup", "connect:DescribeUser", "connect:DescribeUserHierarchyGroup", "connect:DescribeUserHierarchyStructure", "connect:DescribeView", "connect:DescribeVocabulary", "connect:DisassociateAnalyticsDataSet", "connect:DisassociateApprovedOrigin", "connect:DisassociateBot", "connect:DisassociateCustomerProfilesDomain", "connect:DisassociateFlow", "connect:DisassociateInstanceStorageConfig", "connect:DisassociateLambdaFunction", "connect:DisassociateLexBot", "connect:DisassociatePhoneNumberContactFlow", "connect:DisassociateQueueQuickConnects", "connect:DisassociateRoutingProfileQueues", "connect:DisassociateSecurityKey", "connect:DisassociateTrafficDistributionGroupUser", "connect:DisassociateUserProficiencies", "connect:DismissUserContact", "connect:GetContactAttributes", "connect:GetCurrentMetricData", "connect:GetCurrentUserData", "connect:GetFederationToken", "connect:GetFederationTokens", "connect:GetFlowAssociation", "connect:GetMetricData", "connect:GetMetricDataV2", "connect:GetPromptFile", "connect:GetTaskTemplate", "connect:GetTrafficDistribution", "connect:ImportPhoneNumber", "connect:ListAgentStatuses", "connect:ListAnalyticsDataAssociations", "connect:ListApprovedOrigins", "connect:ListBots", "connect:ListContactEvaluations", "connect:ListContactFlowModules", "connect:ListContactFlows", "connect:ListContactReferences", "connect:ListDefaultVocabularies", "connect:ListEvaluationFormVersions", "connect:ListEvaluationForms", "connect:ListFlowAssociations", "connect:ListHoursOfOperations", "connect:ListInstanceAttributes", "connect:ListInstanceStorageConfigs", "connect:ListInstances", "connect:ListIntegrationAssociations", "connect:ListLambdaFunctions", "connect:ListLexBots", "connect:ListPhoneNumbers", "connect:ListPhoneNumbersV2", "connect:ListPredefinedAttributes", "connect:ListPrompts", "connect:ListQueueQuickConnects", "connect:ListQueues", "connect:ListQuickConnects", "connect:ListRealtimeContactAnalysisSegments", "connect:ListRealtimeContactAnalysisSegmentsV2", "connect:ListRoutingProfileQueues", "connect:ListRoutingProfiles", "connect:ListRules", "connect:ListSecurityKeys", "connect:ListSecurityProfileApplications", "connect:ListSecurityProfilePermissions", "connect:ListSecurityProfiles", "connect:ListTagsForResource", "connect:ListTaskTemplates", "connect:ListTrafficDistributionGroupUsers", "connect:ListTrafficDistributionGroups", "connect:ListUseCases", "connect:ListUserHierarchyGroups", "connect:ListUserProficiencies", "connect:ListUsers", "connect:ListViewVersions", "connect:ListViews", "connect:MonitorContact", "connect:PauseContact", "connect:PutUserStatus", "connect:ReleasePhoneNumber", "connect:ReplicateInstance", "connect:ResumeContact", "connect:ResumeContactRecording", "connect:SearchAvailablePhoneNumbers", "connect:SearchContacts", "connect:SearchHoursOfOperations", "connect:SearchPredefinedAttributes", "connect:SearchPrompts", "connect:SearchQueues", "connect:SearchQuickConnects", "connect:SearchResourceTags", "connect:SearchRoutingProfiles", "connect:SearchSecurityProfiles", "connect:SearchUsers", "connect:SearchVocabularies", "connect:SendChatIntegrationEvent", "connect:StartChatContact", "connect:StartContactEvaluation", "connect:StartContactRecording", "connect:StartContactStreaming", "connect:StartForecastingPlanningSchedulingIntegration", "connect:StartOutboundVoiceContact", "connect:StartTaskContact", "connect:StartWebRTCContact", "connect:StopContact", "connect:StopContactRecording", "connect:StopContactStreaming", "connect:StopForecastingPlanningSchedulingIntegration", "connect:SubmitContactEvaluation", "connect:SuspendContactRecording", "connect:TagContact", "connect:TagResource", "connect:TransferContact", "connect:UntagContact", "connect:UntagResource", "connect:UpdateAgentStatus", "connect:UpdateContact", "connect:UpdateContactAttributes", "connect:UpdateContactEvaluation", "connect:UpdateContactFlowContent", "connect:UpdateContactFlowMetadata", "connect:UpdateContactFlowModuleContent", "connect:UpdateContactFlowModuleMetadata", "connect:UpdateContactFlowName", "connect:UpdateContactRoutingData", "connect:UpdateContactSchedule", "connect:UpdateEvaluationForm", "connect:UpdateHoursOfOperation", "connect:UpdateInstanceAttribute", "connect:UpdateInstanceStorageConfig", "connect:UpdateParticipantRoleConfig", "connect:UpdatePhoneNumber", "connect:UpdatePhoneNumberMetadata", "connect:UpdatePredefinedAttribute", "connect:UpdatePrompt", "connect:UpdateQueueHoursOfOperation", "connect:UpdateQueueMaxContacts", "connect:UpdateQueueName", "connect:UpdateQueueOutboundCallerConfig", "connect:UpdateQueueStatus", "connect:UpdateQuickConnectConfig", "connect:UpdateQuickConnectName", "connect:UpdateRoutingProfileAgentAvailabilityTimer", "connect:UpdateRoutingProfileConcurrency", "connect:UpdateRoutingProfileDefaultOutboundQueue", "connect:UpdateRoutingProfileName", "connect:UpdateRoutingProfileQueues", "connect:UpdateRule", "connect:UpdateSecurityProfile", "connect:UpdateTaskTemplate", "connect:UpdateTrafficDistribution", "connect:UpdateUserHierarchy", "connect:UpdateUserHierarchyGroupName", "connect:UpdateUserHierarchyStructure", "connect:UpdateUserIdentityInfo", "connect:UpdateUserPhoneConfig", "connect:UpdateUserProficiencies", "connect:UpdateUserRoutingProfile", "connect:UpdateUserSecurityProfiles", "connect:UpdateViewContent", "connect:UpdateViewMetadata", "connect-campaigns:CreateCampaign", "connect-campaigns:DeleteCampaign", "connect-campaigns:DeleteConnectInstanceConfig", "connect-campaigns:DeleteInstanceOnboardingJob", "connect-campaigns:DescribeCampaign", "connect-campaigns:GetCampaignState", "connect-campaigns:GetCampaignStateBatch", "connect-campaigns:GetConnectInstanceConfig", "connect-campaigns:GetInstanceOnboardingJobStatus", "connect-campaigns:ListCampaigns", "connect-campaigns:ListTagsForResource", "connect-campaigns:PauseCampaign", "connect-campaigns:PutDialRequestBatch", "connect-campaigns:ResumeCampaign", "connect-campaigns:StartCampaign", "connect-campaigns:StartInstanceOnboardingJob", "connect-campaigns:StopCampaign", "connect-campaigns:TagResource", "connect-campaigns:UntagResource", "connect-campaigns:UpdateCampaignDialerConfig", "connect-campaigns:UpdateCampaignName", "connect-campaigns:UpdateCampaignOutboundCallConfig", "consoleapp:GetDeviceIdentity", "consoleapp:ListDeviceIdentities", "consolidatedbilling:GetAccountBillingRole", "consolidatedbilling:ListLinkedAccounts", "controlcatalog:ListCommonControls", "controlcatalog:ListDomains", "controlcatalog:ListObjectives", "controltower:CreateLandingZone", "controltower:CreateManagedAccount", "controltower:DeleteLandingZone", "controltower:DeregisterManagedAccount", "controltower:DeregisterOrganizationalUnit", "controltower:DescribeAccountFactoryConfig", "controltower:DescribeCoreService", "controltower:DescribeGuardrail", "controltower:DescribeGuardrailForTarget", "controltower:DescribeLandingZoneConfiguration", "controltower:DescribeManagedAccount", "controltower:DescribeManagedOrganizationalUnit", "controltower:DescribeRegisterOrganizationalUnitOperation", "controltower:DescribeSingleSignOn", "controltower:DisableBaseline", "controltower:DisableControl", "controltower:DisableGuardrail", "controltower:EnableBaseline", "controltower:EnableControl", "controltower:EnableGuardrail", "controltower:GetAccountInfo", "controltower:GetAvailableUpdates", "controltower:GetBaseline", "controltower:GetBaselineOperation", "controltower:GetControlOperation", "controltower:GetEnabledBaseline", "controltower:GetEnabledControl", "controltower:GetGuardrailComplianceStatus", "controltower:GetHomeRegion", "controltower:GetLandingZone", "controltower:GetLandingZoneDriftStatus", "controltower:GetLandingZoneOperation", "controltower:GetLandingZoneStatus", "controltower:ListBaselines", "controltower:ListDirectoryGroups", "controltower:ListDriftDetails", "controltower:ListEnabledBaselines", "controltower:ListEnabledControls", "controltower:ListEnabledGuardrails", "controltower:ListExtendGovernancePrecheckDetails", "controltower:ListExternalConfigRuleCompliance", "controltower:ListGuardrailViolations", "controltower:ListGuardrails", "controltower:ListGuardrailsForTarget", "controltower:ListLandingZones", "controltower:ListManagedAccounts", "controltower:ListManagedAccountsForGuardrail", "controltower:ListManagedAccountsForParent", "controltower:ListManagedOrganizationalUnits", "controltower:ListManagedOrganizationalUnitsForGuardrail", "controltower:ListTagsForResource", "controltower:ManageOrganizationalUnit", "controltower:PerformPreLaunchChecks", "controltower:ResetEnabledBaseline", "controltower:ResetLandingZone", "controltower:SetupLandingZone", "controltower:TagResource", "controltower:UntagResource", "controltower:UpdateAccountFactoryConfig", "controltower:UpdateEnabledBaseline", "controltower:UpdateEnabledControl", "controltower:UpdateLandingZone", "cost-optimization-hub:GetPreferences", "cost-optimization-hub:GetRecommendation", "cost-optimization-hub:ListEnrollmentStatuses", "cost-optimization-hub:ListRecommendationSummaries", "cost-optimization-hub:ListRecommendations", "cost-optimization-hub:UpdateEnrollmentStatus", "cost-optimization-hub:UpdatePreferences", "cur:DeleteReportDefinition", "cur:DescribeReportDefinitions", "cur:GetClassicReport", "cur:GetClassicReportPreferences", "cur:GetUsageReport", "cur:ListTagsForResource", "cur:ModifyReportDefinition", "cur:PutClassicReportPreferences", "cur:PutReportDefinition", "cur:TagResource", "cur:UntagResource", "cur:ValidateReportDestination", "customer-verification:CreateCustomerVerificationDetails", "customer-verification:GetCustomerVerificationDetails", "customer-verification:GetCustomerVerificationEligibility", "customer-verification:UpdateCustomerVerificationDetails", "databrew:BatchDeleteRecipeVersion", "databrew:CreateDataset", "databrew:CreateProfileJob", "databrew:CreateProject", "databrew:CreateRecipe", "databrew:CreateRecipeJob", "databrew:CreateRuleset", "databrew:CreateSchedule", "databrew:DeleteDataset", "databrew:DeleteJob", "databrew:DeleteProject", "databrew:DeleteRecipeVersion", "databrew:DeleteRuleset", "databrew:DeleteSchedule", "databrew:DescribeDataset", "databrew:DescribeJob", "databrew:DescribeJobRun", "databrew:DescribeProject", "databrew:DescribeRecipe", "databrew:DescribeRuleset", "databrew:DescribeSchedule", "databrew:ListDatasets", "databrew:ListJobRuns", "databrew:ListJobs", "databrew:ListProjects", "databrew:ListRecipeVersions", "databrew:ListRecipes", "databrew:ListRulesets", "databrew:ListSchedules", "databrew:ListTagsForResource", "databrew:PublishRecipe", "databrew:SendProjectSessionAction", "databrew:StartJobRun", "databrew:StartProjectSession", "databrew:StopJobRun", "databrew:TagResource", "databrew:UntagResource", "databrew:UpdateDataset", "databrew:UpdateProfileJob", "databrew:UpdateProject", "databrew:UpdateRecipe", "databrew:UpdateRecipeJob", "databrew:UpdateRuleset", "databrew:UpdateSchedule", "dataexchange:CancelJob", "dataexchange:CreateAsset", "dataexchange:CreateDataSet", "dataexchange:CreateEventAction", "dataexchange:CreateJob", "dataexchange:CreateRevision", "dataexchange:DeleteAsset", "dataexchange:DeleteDataSet", "dataexchange:DeleteEventAction", "dataexchange:DeleteRevision", "dataexchange:GetAsset", "dataexchange:GetDataSet", "dataexchange:GetEventAction", "dataexchange:GetJob", "dataexchange:GetRevision", "dataexchange:ListDataSetRevisions", "dataexchange:ListDataSets", "dataexchange:ListEventActions", "dataexchange:ListJobs", "dataexchange:ListRevisionAssets", "dataexchange:ListTagsForResource", "dataexchange:PublishDataSet", "dataexchange:RevokeRevision", "dataexchange:SendApiAsset", "dataexchange:SendDataSetNotification", "dataexchange:StartJob", "dataexchange:TagResource", "dataexchange:UntagResource", "dataexchange:UpdateAsset", "dataexchange:UpdateDataSet", "dataexchange:UpdateEventAction", "dataexchange:UpdateRevision", "datapipeline:ActivatePipeline", "datapipeline:AddTags", "datapipeline:CreatePipeline", "datapipeline:DeactivatePipeline", "datapipeline:DeletePipeline", "datapipeline:DescribeObjects", "datapipeline:DescribePipelines", "datapipeline:EvaluateExpression", "datapipeline:GetAccountLimits", "datapipeline:GetPipelineDefinition", "datapipeline:ListPipelines", "datapipeline:PollForTask", "datapipeline:PutAccountLimits", "datapipeline:PutPipelineDefinition", "datapipeline:QueryObjects", "datapipeline:RemoveTags", "datapipeline:ReportTaskProgress", "datapipeline:ReportTaskRunnerHeartbeat", "datapipeline:SetStatus", "datapipeline:SetTaskStatus", "datapipeline:ValidatePipelineDefinition", "datasync:AddStorageSystem", "datasync:CancelTaskExecution", "datasync:CreateAgent", "datasync:CreateLocationAzureBlob", "datasync:CreateLocationEfs", "datasync:CreateLocationFsxLustre", "datasync:CreateLocationFsxOntap", "datasync:CreateLocationFsxOpenZfs", "datasync:CreateLocationFsxWindows", "datasync:CreateLocationHdfs", "datasync:CreateLocationNfs", "datasync:CreateLocationObjectStorage", "datasync:CreateLocationS3", "datasync:CreateLocationSmb", "datasync:CreateTask", "datasync:DeleteAgent", "datasync:DeleteLocation", "datasync:DeleteTask", "datasync:DescribeAgent", "datasync:DescribeDiscoveryJob", "datasync:DescribeLocationAzureBlob", "datasync:DescribeLocationEfs", "datasync:DescribeLocationFsxLustre", "datasync:DescribeLocationFsxOntap", "datasync:DescribeLocationFsxOpenZfs", "datasync:DescribeLocationFsxWindows", "datasync:DescribeLocationHdfs", "datasync:DescribeLocationNfs", "datasync:DescribeLocationObjectStorage", "datasync:DescribeLocationS3", "datasync:DescribeLocationSmb", "datasync:DescribeStorageSystem", "datasync:DescribeStorageSystemResourceMetrics", "datasync:DescribeStorageSystemResources", "datasync:DescribeTask", "datasync:DescribeTaskExecution", "datasync:GenerateRecommendations", "datasync:ListAgents", "datasync:ListDiscoveryJobs", "datasync:ListLocations", "datasync:ListStorageSystems", "datasync:ListTagsForResource", "datasync:ListTaskExecutions", "datasync:ListTasks", "datasync:RemoveStorageSystem", "datasync:StartDiscoveryJob", "datasync:StartTaskExecution", "datasync:StopDiscoveryJob", "datasync:TagResource", "datasync:UntagResource", "datasync:UpdateAgent", "datasync:UpdateDiscoveryJob", "datasync:UpdateLocationAzureBlob", "datasync:UpdateLocationHdfs", "datasync:UpdateLocationNfs", "datasync:UpdateLocationObjectStorage", "datasync:UpdateLocationSmb", "datasync:UpdateStorageSystem", "datasync:UpdateTask", "datasync:UpdateTaskExecution", "datazone:AcceptPredictions", "datazone:AcceptSubscriptionRequest", "datazone:AddPolicyGrant", "datazone:CancelMetadataGenerationRun", "datazone:CancelSubscription", "datazone:CreateAsset", "datazone:CreateAssetRevision", "datazone:CreateAssetType", "datazone:CreateDataSource", "datazone:CreateDomain", "datazone:CreateEnvironment", "datazone:CreateEnvironmentBlueprint", "datazone:CreateEnvironmentProfile", "datazone:CreateFormType", "datazone:CreateGlossary", "datazone:CreateGlossaryTerm", "datazone:CreateGroupProfile", "datazone:CreateListingChangeSet", "datazone:CreateProject", "datazone:CreateProjectMembership", "datazone:CreateSubscriptionGrant", "datazone:CreateSubscriptionRequest", "datazone:CreateSubscriptionTarget", "datazone:CreateUserProfile", "datazone:DeleteAsset", "datazone:DeleteAssetType", "datazone:DeleteDataSource", "datazone:DeleteDomain", "datazone:DeleteDomainSharingPolicy", "datazone:DeleteEnvironment", "datazone:DeleteEnvironmentBlueprint", "datazone:DeleteEnvironmentBlueprintConfiguration", "datazone:DeleteEnvironmentProfile", "datazone:DeleteFormType", "datazone:DeleteGlossary", "datazone:DeleteGlossaryTerm", "datazone:DeleteListing", "datazone:DeleteProject", "datazone:DeleteProjectMembership", "datazone:DeleteSubscriptionGrant", "datazone:DeleteSubscriptionRequest", "datazone:DeleteSubscriptionTarget", "datazone:DeleteTimeSeriesDataPoints", "datazone:GetAsset", "datazone:GetAssetType", "datazone:GetDataSource", "datazone:GetDataSourceRun", "datazone:GetDomain", "datazone:GetDomainSharingPolicy", "datazone:GetEnvironment", "datazone:GetEnvironmentActionLink", "datazone:GetEnvironmentBlueprint", "datazone:GetEnvironmentBlueprintConfiguration", "datazone:GetEnvironmentCredentials", "datazone:GetEnvironmentProfile", "datazone:GetFormType", "datazone:GetGlossary", "datazone:GetGlossaryTerm", "datazone:GetGroupProfile", "datazone:GetIamPortalLoginUrl", "datazone:GetListing", "datazone:GetMetadataGenerationRun", "datazone:GetProject", "datazone:GetSubscription", "datazone:GetSubscriptionEligibility", "datazone:GetSubscriptionGrant", "datazone:GetSubscriptionRequestDetails", "datazone:GetSubscriptionTarget", "datazone:GetTimeSeriesDataPoint", "datazone:GetUserProfile", "datazone:ListAccountEnvironments", "datazone:ListAssetRevisions", "datazone:ListDataSourceRunActivities", "datazone:ListDataSourceRuns", "datazone:ListDataSources", "datazone:ListDomains", "datazone:ListEnvironmentBlueprintConfigurationSummaries", "datazone:ListEnvironmentBlueprintConfigurations", "datazone:ListEnvironmentBlueprints", "datazone:ListEnvironmentProfiles", "datazone:ListEnvironments", "datazone:ListGroupsForUser", "datazone:ListMetadataGenerationRuns", "datazone:ListNotifications", "datazone:ListPolicyGrants", "datazone:ListProjectMemberships", "datazone:ListProjects", "datazone:ListSubscriptionGrants", "datazone:ListSubscriptionRequests", "datazone:ListSubscriptionTargets", "datazone:ListSubscriptions", "datazone:ListTagsForResource", "datazone:ListTimeSeriesDataPoints", "datazone:ListWarehouseMetadata", "datazone:PostTimeSeriesDataPoints", "datazone:ProvisionDomain", "datazone:PutDomainSharingPolicy", "datazone:PutEnvironmentBlueprintConfiguration", "datazone:RefreshToken", "datazone:RejectPredictions", "datazone:RejectSubscriptionRequest", "datazone:RemovePolicyGrant", "datazone:RevokeSubscription", "datazone:Search", "datazone:SearchGroupProfiles", "datazone:SearchListings", "datazone:SearchTypes", "datazone:SearchUserProfiles", "datazone:SsoLogin", "datazone:SsoLogout", "datazone:StartDataSourceRun", "datazone:StartMetadataGenerationRun", "datazone:StopMetadataGenerationRun", "datazone:TagResource", "datazone:UntagResource", "datazone:UpdateDataSource", "datazone:UpdateDataSourceRunActivities", "datazone:UpdateDomain", "datazone:UpdateEnvironment", "datazone:UpdateEnvironmentBlueprint", "datazone:UpdateEnvironmentConfiguration", "datazone:UpdateEnvironmentDeploymentStatus", "datazone:UpdateEnvironmentProfile", "datazone:UpdateGlossary", "datazone:UpdateGlossaryTerm", "datazone:UpdateGroupProfile", "datazone:UpdateProject", "datazone:UpdateSubscriptionGrantStatus", "datazone:UpdateSubscriptionRequest", "datazone:UpdateSubscriptionTarget", "datazone:UpdateUserProfile", "datazone:ValidatePassRole", "dax:BatchGetItem", "dax:BatchWriteItem", "dax:ConditionCheckItem", "dax:CreateCluster", "dax:CreateParameterGroup", "dax:CreateSubnetGroup", "dax:DecreaseReplicationFactor", "dax:DeleteCluster", "dax:DeleteItem", "dax:DeleteParameterGroup", "dax:DeleteSubnetGroup", "dax:DescribeClusters", "dax:DescribeDefaultParameters", "dax:DescribeEvents", "dax:DescribeParameterGroups", "dax:DescribeParameters", "dax:DescribeSubnetGroups", "dax:GetItem", "dax:IncreaseReplicationFactor", "dax:ListTags", "dax:PutItem", "dax:Query", "dax:RebootNode", "dax:Scan", "dax:TagResource", "dax:UntagResource", "dax:UpdateCluster", "dax:UpdateItem", "dax:UpdateParameterGroup", "dax:UpdateSubnetGroup", "dbqms:CreateFavoriteQuery", "dbqms:CreateQueryHistory", "dbqms:CreateTab", "dbqms:DeleteFavoriteQueries", "dbqms:DeleteQueryHistory", "dbqms:DeleteTab", "dbqms:DescribeFavoriteQueries", "dbqms:DescribeQueryHistory", "dbqms:DescribeTabs", "dbqms:GetQueryString", "dbqms:UpdateFavoriteQuery", "dbqms:UpdateQueryHistory", "dbqms:UpdateTab", "deadline:AssociateMemberToFarm", "deadline:AssociateMemberToFleet", "deadline:AssociateMemberToJob", "deadline:AssociateMemberToQueue", "deadline:AssumeFleetRoleForRead", "deadline:AssumeFleetRoleForWorker", "deadline:AssumeQueueRoleForRead", "deadline:AssumeQueueRoleForUser", "deadline:AssumeQueueRoleForWorker", "deadline:BatchGetJobEntity", "deadline:CopyJobTemplate", "deadline:CreateBudget", "deadline:CreateFarm", "deadline:CreateFleet", "deadline:CreateJob", "deadline:CreateLicenseEndpoint", "deadline:CreateMonitor", "deadline:CreateQueue", "deadline:CreateQueueEnvironment", "deadline:CreateQueueFleetAssociation", "deadline:CreateStorageProfile", "deadline:CreateWorker", "deadline:DeleteBudget", "deadline:DeleteFarm", "deadline:DeleteFleet", "deadline:DeleteLicenseEndpoint", "deadline:DeleteMeteredProduct", "deadline:DeleteMonitor", "deadline:DeleteQueue", "deadline:DeleteQueueEnvironment", "deadline:DeleteQueueFleetAssociation", "deadline:DeleteStorageProfile", "deadline:DeleteWorker", "deadline:DisassociateMemberFromFarm", "deadline:DisassociateMemberFromFleet", "deadline:DisassociateMemberFromJob", "deadline:DisassociateMemberFromQueue", "deadline:GetApplicationVersion", "deadline:GetBudget", "deadline:GetFarm", "deadline:GetFleet", "deadline:GetJob", "deadline:GetLicenseEndpoint", "deadline:GetMonitor", "deadline:GetQueue", "deadline:GetQueueEnvironment", "deadline:GetQueueFleetAssociation", "deadline:GetSession", "deadline:GetSessionAction", "deadline:GetSessionsStatisticsAggregation", "deadline:GetStep", "deadline:GetStorageProfile", "deadline:GetStorageProfileForQueue", "deadline:GetTask", "deadline:GetWorker", "deadline:ListAvailableMeteredProducts", "deadline:ListBudgets", "deadline:ListFarmMembers", "deadline:ListFarms", "deadline:ListFleetMembers", "deadline:ListFleets", "deadline:ListJobMembers", "deadline:ListJobs", "deadline:ListLicenseEndpoints", "deadline:ListMeteredProducts", "deadline:ListMonitors", "deadline:ListQueueEnvironments", "deadline:ListQueueFleetAssociations", "deadline:ListQueueMembers", "deadline:ListQueues", "deadline:ListSessionActions", "deadline:ListSessions", "deadline:ListSessionsForWorker", "deadline:ListStepConsumers", "deadline:ListStepDependencies", "deadline:ListSteps", "deadline:ListStorageProfiles", "deadline:ListStorageProfilesForQueue", "deadline:ListTagsForResource", "deadline:ListTasks", "deadline:ListWorkers", "deadline:PutMeteredProduct", "deadline:SearchJobs", "deadline:SearchSteps", "deadline:SearchTasks", "deadline:SearchWorkers", "deadline:StartSessionsStatisticsAggregation", "deadline:TagResource", "deadline:UntagResource", "deadline:UpdateBudget", "deadline:UpdateFarm", "deadline:UpdateFleet", "deadline:UpdateJob", "deadline:UpdateMonitor", "deadline:UpdateQueue", "deadline:UpdateQueueEnvironment", "deadline:UpdateQueueFleetAssociation", "deadline:UpdateSession", "deadline:UpdateStep", "deadline:UpdateStorageProfile", "deadline:UpdateTask", "deadline:UpdateWorker", "deadline:UpdateWorkerSchedule", "deepcomposer:AssociateCoupon", "deepcomposer:CreateAudio", "deepcomposer:CreateComposition", "deepcomposer:CreateModel", "deepcomposer:DeleteComposition", "deepcomposer:DeleteModel", "deepcomposer:GetComposition", "deepcomposer:GetModel", "deepcomposer:GetSampleModel", "deepcomposer:ListCompositions", "deepcomposer:ListModels", "deepcomposer:ListSampleModels", "deepcomposer:ListTagsForResource", "deepcomposer:ListTrainingTopics", "deepcomposer:TagResource", "deepcomposer:UntagResource", "deepcomposer:UpdateComposition", "deepcomposer:UpdateModel", "deeplens:AssociateServiceRoleToAccount", "deeplens:BatchGetDevice", "deeplens:BatchGetModel", "deeplens:BatchGetProject", "deeplens:CreateDeviceCertificates", "deeplens:CreateModel", "deeplens:CreateProject", "deeplens:DeleteModel", "deeplens:DeleteProject", "deeplens:DeployProject", "deeplens:DeregisterDevice", "deeplens:GetAssociatedResources", "deeplens:GetDeploymentStatus", "deeplens:GetDevice", "deeplens:GetModel", "deeplens:GetProject", "deeplens:ImportProjectFromTemplate", "deeplens:ListDeployments", "deeplens:ListDevices", "deeplens:ListModels", "deeplens:ListProjects", "deeplens:RegisterDevice", "deeplens:RemoveProject", "deeplens:UpdateProject", "deepracer:AddLeaderboardAccessPermission", "deepracer:AdminGetAccountConfig", "deepracer:AdminListAssociatedResources", "deepracer:AdminListAssociatedUsers", "deepracer:AdminManageUser", "deepracer:AdminSetAccountConfig", "deepracer:CloneReinforcementLearningModel", "deepracer:CreateCar", "deepracer:CreateLeaderboard", "deepracer:CreateLeaderboardAccessToken", "deepracer:CreateLeaderboardSubmission", "deepracer:CreateReinforcementLearningModel", "deepracer:DeleteLeaderboard", "deepracer:DeleteModel", "deepracer:EditLeaderboard", "deepracer:GetAccountConfig", "deepracer:GetAlias", "deepracer:GetAssetUrl", "deepracer:GetCar", "deepracer:GetCars", "deepracer:GetEvaluation", "deepracer:GetLatestUserSubmission", "deepracer:GetLeaderboard", "deepracer:GetModel", "deepracer:GetPrivateLeaderboard", "deepracer:GetRankedUserSubmission", "deepracer:GetTrack", "deepracer:GetTrainingJob", "deepracer:ImportModel", "deepracer:ListEvaluations", "deepracer:ListLeaderboardEvaluations", "deepracer:ListLeaderboardSubmissions", "deepracer:ListLeaderboards", "deepracer:ListModels", "deepracer:ListPrivateLeaderboardParticipants", "deepracer:ListPrivateLeaderboards", "deepracer:ListSubscribedPrivateLeaderboards", "deepracer:ListTagsForResource", "deepracer:ListTracks", "deepracer:ListTrainingJobs", "deepracer:MigrateModels", "deepracer:PerformLeaderboardOperation", "deepracer:RemoveLeaderboardAccessPermission", "deepracer:SetAlias", "deepracer:StartEvaluation", "deepracer:StopEvaluation", "deepracer:StopTrainingReinforcementLearningModel", "deepracer:TagResource", "deepracer:TestRewardFunction", "deepracer:UntagResource", "deepracer:UpdateCar", "detective:AcceptInvitation", "detective:BatchGetGraphMemberDatasources", "detective:BatchGetMembershipDatasources", "detective:CreateGraph", "detective:CreateMembers", "detective:DeleteGraph", "detective:DeleteMembers", "detective:DescribeOrganizationConfiguration", "detective:DisableOrganizationAdminAccount", "detective:DisassociateMembership", "detective:EnableOrganizationAdminAccount", "detective:GetFreeTrialEligibility", "detective:GetGraphIngestState", "detective:GetInvestigation", "detective:GetMembers", "detective:GetPricingInformation", "detective:GetUsageInformation", "detective:InvokeAssistant", "detective:ListDatasourcePackages", "detective:ListGraphs", "detective:ListHighDegreeEntities", "detective:ListIndicators", "detective:ListInvestigations", "detective:ListInvitations", "detective:ListMembers", "detective:ListOrganizationAdminAccount", "detective:ListTagsForResource", "detective:RejectInvitation", "detective:SearchGraph", "detective:StartInvestigation", "detective:StartMonitoringMember", "detective:TagResource", "detective:UntagResource", "detective:UpdateDatasourcePackages", "detective:UpdateInvestigationState", "detective:UpdateOrganizationConfiguration", "devicefarm:CreateDevicePool", "devicefarm:CreateInstanceProfile", "devicefarm:CreateNetworkProfile", "devicefarm:CreateProject", "devicefarm:CreateRemoteAccessSession", "devicefarm:CreateTestGridProject", "devicefarm:CreateTestGridUrl", "devicefarm:CreateUpload", "devicefarm:CreateVPCEConfiguration", "devicefarm:DeleteDevicePool", "devicefarm:DeleteInstanceProfile", "devicefarm:DeleteNetworkProfile", "devicefarm:DeleteProject", "devicefarm:DeleteRemoteAccessSession", "devicefarm:DeleteRun", "devicefarm:DeleteTestGridProject", "devicefarm:DeleteUpload", "devicefarm:DeleteVPCEConfiguration", "devicefarm:GetAccountSettings", "devicefarm:GetDevice", "devicefarm:GetDeviceInstance", "devicefarm:GetDevicePool", "devicefarm:GetDevicePoolCompatibility", "devicefarm:GetInstanceProfile", "devicefarm:GetJob", "devicefarm:GetNetworkProfile", "devicefarm:GetOfferingStatus", "devicefarm:GetProject", "devicefarm:GetRemoteAccessSession", "devicefarm:GetRun", "devicefarm:GetSuite", "devicefarm:GetTest", "devicefarm:GetTestGridProject", "devicefarm:GetTestGridSession", "devicefarm:GetUpload", "devicefarm:GetVPCEConfiguration", "devicefarm:InstallToRemoteAccessSession", "devicefarm:ListArtifacts", "devicefarm:ListDeviceInstances", "devicefarm:ListDevicePools", "devicefarm:ListDevices", "devicefarm:ListInstanceProfiles", "devicefarm:ListJobs", "devicefarm:ListNetworkProfiles", "devicefarm:ListOfferingPromotions", "devicefarm:ListOfferingTransactions", "devicefarm:ListOfferings", "devicefarm:ListProjects", "devicefarm:ListRemoteAccessSessions", "devicefarm:ListRuns", "devicefarm:ListSamples", "devicefarm:ListSuites", "devicefarm:ListTagsForResource", "devicefarm:ListTestGridProjects", "devicefarm:ListTestGridSessionActions", "devicefarm:ListTestGridSessionArtifacts", "devicefarm:ListTestGridSessions", "devicefarm:ListTests", "devicefarm:ListUniqueProblems", "devicefarm:ListUploads", "devicefarm:ListVPCEConfigurations", "devicefarm:PurchaseOffering", "devicefarm:RenewOffering", "devicefarm:ScheduleRun", "devicefarm:StopJob", "devicefarm:StopRemoteAccessSession", "devicefarm:StopRun", "devicefarm:TagResource", "devicefarm:UntagResource", "devicefarm:UpdateDeviceInstance", "devicefarm:UpdateDevicePool", "devicefarm:UpdateInstanceProfile", "devicefarm:UpdateNetworkProfile", "devicefarm:UpdateProject", "devicefarm:UpdateTestGridProject", "devicefarm:UpdateUpload", "devicefarm:UpdateVPCEConfiguration", "devops-guru:AddNotificationChannel", "devops-guru:DeleteInsight", "devops-guru:DescribeAccountHealth", "devops-guru:DescribeAccountOverview", "devops-guru:DescribeAnomaly", "devops-guru:DescribeEventSourcesConfig", "devops-guru:DescribeFeedback", "devops-guru:DescribeInsight", "devops-guru:DescribeOrganizationHealth", "devops-guru:DescribeOrganizationOverview", "devops-guru:DescribeOrganizationResourceCollectionHealth", "devops-guru:DescribeResourceCollectionHealth", "devops-guru:DescribeServiceIntegration", "devops-guru:GetCostEstimation", "devops-guru:GetResourceCollection", "devops-guru:ListAnomaliesForInsight", "devops-guru:ListAnomalousLogGroups", "devops-guru:ListEvents", "devops-guru:ListInsights", "devops-guru:ListMonitoredResources", "devops-guru:ListNotificationChannels", "devops-guru:ListOrganizationInsights", "devops-guru:ListRecommendations", "devops-guru:PutFeedback", "devops-guru:RemoveNotificationChannel", "devops-guru:SearchInsights", "devops-guru:SearchOrganizationInsights", "devops-guru:StartCostEstimation", "devops-guru:UpdateEventSourcesConfig", "devops-guru:UpdateResourceCollection", "devops-guru:UpdateServiceIntegration", "directconnect:AcceptDirectConnectGatewayAssociationProposal", "directconnect:AllocateConnectionOnInterconnect", "directconnect:AllocateHostedConnection", "directconnect:AllocatePrivateVirtualInterface", "directconnect:AllocatePublicVirtualInterface", "directconnect:AllocateTransitVirtualInterface", "directconnect:AssociateConnectionWithLag", "directconnect:AssociateHostedConnection", "directconnect:AssociateMacSecKey", "directconnect:AssociateVirtualInterface", "directconnect:ConfirmConnection", "directconnect:ConfirmCustomerAgreement", "directconnect:ConfirmPrivateVirtualInterface", "directconnect:ConfirmPublicVirtualInterface", "directconnect:ConfirmTransitVirtualInterface", "directconnect:CreateBGPPeer", "directconnect:CreateConnection", "directconnect:CreateDirectConnectGateway", "directconnect:CreateDirectConnectGatewayAssociation", "directconnect:CreateDirectConnectGatewayAssociationProposal", "directconnect:CreateInterconnect", "directconnect:CreateLag", "directconnect:CreatePrivateVirtualInterface", "directconnect:CreatePublicVirtualInterface", "directconnect:CreateTransitVirtualInterface", "directconnect:DeleteBGPPeer", "directconnect:DeleteConnection", "directconnect:DeleteDirectConnectGateway", "directconnect:DeleteDirectConnectGatewayAssociation", "directconnect:DeleteDirectConnectGatewayAssociationProposal", "directconnect:DeleteInterconnect", "directconnect:DeleteLag", "directconnect:DeleteVirtualInterface", "directconnect:DescribeConnectionLoa", "directconnect:DescribeConnections", "directconnect:DescribeConnectionsOnInterconnect", "directconnect:DescribeCustomerMetadata", "directconnect:DescribeDirectConnectGatewayAssociationProposals", "directconnect:DescribeDirectConnectGatewayAssociations", "directconnect:DescribeDirectConnectGatewayAttachments", "directconnect:DescribeDirectConnectGateways", "directconnect:DescribeHostedConnections", "directconnect:DescribeInterconnectLoa", "directconnect:DescribeInterconnects", "directconnect:DescribeLags", "directconnect:DescribeLoa", "directconnect:DescribeLocations", "directconnect:DescribeRouterConfiguration", "directconnect:DescribeTags", "directconnect:DescribeVirtualGateways", "directconnect:DescribeVirtualInterfaces", "directconnect:DisassociateConnectionFromLag", "directconnect:DisassociateMacSecKey", "directconnect:ListVirtualInterfaceTestHistory", "directconnect:StartBgpFailoverTest", "directconnect:StopBgpFailoverTest", "directconnect:TagResource", "directconnect:UntagResource", "directconnect:UpdateConnection", "directconnect:UpdateDirectConnectGateway", "directconnect:UpdateDirectConnectGatewayAssociation", "directconnect:UpdateLag", "directconnect:UpdateVirtualInterfaceAttributes", "discovery:AssociateConfigurationItemsToApplication", "discovery:BatchDeleteAgents", "discovery:BatchDeleteImportData", "discovery:CreateApplication", "discovery:CreateTags", "discovery:DeleteApplications", "discovery:DeleteTags", "discovery:DescribeAgents", "discovery:DescribeBatchDeleteConfigurationTask", "discovery:DescribeConfigurations", "discovery:DescribeContinuousExports", "discovery:DescribeExportConfigurations", "discovery:DescribeExportTasks", "discovery:DescribeImportTasks", "discovery:DescribeTags", "discovery:DisassociateConfigurationItemsFromApplication", "discovery:ExportConfigurations", "discovery:GetDiscoverySummary", "discovery:GetNetworkConnectionGraph", "discovery:ListConfigurations", "discovery:ListServerNeighbors", "discovery:StartBatchDeleteConfigurationTask", "discovery:StartContinuousExport", "discovery:StartDataCollectionByAgentIds", "discovery:StartExportTask", "discovery:StartImportTask", "discovery:StopContinuousExport", "discovery:StopDataCollectionByAgentIds", "discovery:UpdateApplication", "dlm:CreateLifecyclePolicy", "dlm:DeleteLifecyclePolicy", "dlm:GetLifecyclePolicies", "dlm:GetLifecyclePolicy", "dlm:ListTagsForResource", "dlm:TagResource", "dlm:UntagResource", "dlm:UpdateLifecyclePolicy", "dms:AddTagsToResource", "dms:ApplyPendingMaintenanceAction", "dms:AssociateExtensionPack", "dms:BatchStartRecommendations", "dms:CancelMetadataModelAssessment", "dms:CancelMetadataModelConversion", "dms:CancelMetadataModelExport", "dms:CancelReplicationTaskAssessmentRun", "dms:CreateDataMigration", "dms:CreateDataProvider", "dms:CreateEndpoint", "dms:CreateEventSubscription", "dms:CreateFleetAdvisorCollector", "dms:CreateInstanceProfile", "dms:CreateMigrationProject", "dms:CreateReplicationConfig", "dms:CreateReplicationInstance", "dms:CreateReplicationSubnetGroup", "dms:CreateReplicationTask", "dms:DeleteCertificate", "dms:DeleteConnection", "dms:DeleteDataMigration", "dms:DeleteDataProvider", "dms:DeleteEndpoint", "dms:DeleteEventSubscription", "dms:DeleteFleetAdvisorCollector", "dms:DeleteFleetAdvisorDatabases", "dms:DeleteInstanceProfile", "dms:DeleteMigrationProject", "dms:DeleteReplicationConfig", "dms:DeleteReplicationInstance", "dms:DeleteReplicationSubnetGroup", "dms:DeleteReplicationTask", "dms:DeleteReplicationTaskAssessmentRun", "dms:DescribeAccountAttributes", "dms:DescribeApplicableIndividualAssessments", "dms:DescribeCertificates", "dms:DescribeConnections", "dms:DescribeConversionConfiguration", "dms:DescribeDataMigrations", "dms:DescribeDataProviders", "dms:DescribeEndpointSettings", "dms:DescribeEndpointTypes", "dms:DescribeEndpoints", "dms:DescribeEngineVersions", "dms:DescribeEventCategories", "dms:DescribeEventSubscriptions", "dms:DescribeEvents", "dms:DescribeExtensionPackAssociations", "dms:DescribeFleetAdvisorCollectors", "dms:DescribeFleetAdvisorDatabases", "dms:DescribeFleetAdvisorLsaAnalysis", "dms:DescribeFleetAdvisorSchemaObjectSummary", "dms:DescribeFleetAdvisorSchemas", "dms:DescribeInstanceProfiles", "dms:DescribeMetadataModelAssessments", "dms:DescribeMetadataModelConversions", "dms:DescribeMetadataModelExportsAsScript", "dms:DescribeMetadataModelExportsToTarget", "dms:DescribeMetadataModelImports", "dms:DescribeMigrationProjects", "dms:DescribeOrderableReplicationInstances", "dms:DescribePendingMaintenanceActions", "dms:DescribeRecommendationLimitations", "dms:DescribeRecommendations", "dms:DescribeRefreshSchemasStatus", "dms:DescribeReplicationConfigs", "dms:DescribeReplicationInstanceTaskLogs", "dms:DescribeReplicationInstances", "dms:DescribeReplicationSubnetGroups", "dms:DescribeReplicationTableStatistics", "dms:DescribeReplicationTaskAssessmentResults", "dms:DescribeReplicationTaskAssessmentRuns", "dms:DescribeReplicationTaskIndividualAssessments", "dms:DescribeReplicationTasks", "dms:DescribeReplications", "dms:DescribeSchemas", "dms:DescribeTableStatistics", "dms:DisassociateExtensionPack", "dms:ExportMetadataModelAssessment", "dms:GetMetadataModel", "dms:ImportCertificate", "dms:ListDataProviders", "dms:ListExtensionPacks", "dms:ListInstanceProfiles", "dms:ListMetadataModelAssessmentActionItems", "dms:ListMetadataModelAssessments", "dms:ListMetadataModelConversions", "dms:ListMetadataModelExports", "dms:ListMigrationProjects", "dms:ListTagsForResource", "dms:ModifyConversionConfiguration", "dms:ModifyDataMigration", "dms:ModifyDataProvider", "dms:ModifyEndpoint", "dms:ModifyEventSubscription", "dms:ModifyFleetAdvisorCollector", "dms:ModifyFleetAdvisorCollectorStatuses", "dms:ModifyInstanceProfile", "dms:ModifyMigrationProject", "dms:ModifyReplicationConfig", "dms:ModifyReplicationInstance", "dms:ModifyReplicationSubnetGroup", "dms:ModifyReplicationTask", "dms:MoveReplicationTask", "dms:RebootReplicationInstance", "dms:RefreshSchemas", "dms:ReloadReplicationTables", "dms:ReloadTables", "dms:RemoveTagsFromResource", "dms:RunFleetAdvisorLsaAnalysis", "dms:StartDataMigration", "dms:StartExtensionPackAssociation", "dms:StartMetadataModelAssessment", "dms:StartMetadataModelConversion", "dms:StartMetadataModelExportAsScript", "dms:StartMetadataModelExportAsScripts", "dms:StartMetadataModelExportToTarget", "dms:StartMetadataModelImport", "dms:StartRecommendations", "dms:StartReplication", "dms:StartReplicationTask", "dms:StartReplicationTaskAssessment", "dms:StartReplicationTaskAssessmentRun", "dms:StopDataMigration", "dms:StopReplication", "dms:StopReplicationTask", "dms:TestConnection", "dms:UpdateConversionConfiguration", "dms:UpdateDataProvider", "dms:UpdateInstanceProfile", "dms:UpdateMigrationProject", "dms:UpdateSubscriptionsToEventBridge", "dms:UploadFileMetadataList", "docdb-elastic:CopyClusterSnapshot", "docdb-elastic:CreateCluster", "docdb-elastic:CreateClusterSnapshot", "docdb-elastic:DeleteCluster", "docdb-elastic:DeleteClusterSnapshot", "docdb-elastic:GetCluster", "docdb-elastic:GetClusterSnapshot", "docdb-elastic:ListClusterSnapshots", "docdb-elastic:ListClusters", "docdb-elastic:ListTagsForResource", "docdb-elastic:RestoreClusterFromSnapshot", "docdb-elastic:StartCluster", "docdb-elastic:StopCluster", "docdb-elastic:TagResource", "docdb-elastic:UntagResource", "docdb-elastic:UpdateCluster", "drs:AssociateFailbackClientToRecoveryInstanceForDrs", "drs:AssociateSourceNetworkStack", "drs:BatchCreateVolumeSnapshotGroupForDrs", "drs:BatchDeleteSnapshotRequestForDrs", "drs:CreateConvertedSnapshotForDrs", "drs:CreateExtendedSourceServer", "drs:CreateLaunchConfigurationTemplate", "drs:CreateRecoveryInstanceForDrs", "drs:CreateReplicationConfigurationTemplate", "drs:CreateSourceNetwork", "drs:CreateSourceServerForDrs", "drs:DeleteJob", "drs:DeleteLaunchAction", "drs:DeleteLaunchConfigurationTemplate", "drs:DeleteRecoveryInstance", "drs:DeleteReplicationConfigurationTemplate", "drs:DeleteSourceNetwork", "drs:DeleteSourceServer", "drs:DescribeJobLogItems", "drs:DescribeJobs", "drs:DescribeLaunchConfigurationTemplates", "drs:DescribeRecoveryInstances", "drs:DescribeRecoverySnapshots", "drs:DescribeReplicationConfigurationTemplates", "drs:DescribeReplicationServerAssociationsForDrs", "drs:DescribeSnapshotRequestsForDrs", "drs:DescribeSourceNetworks", "drs:DescribeSourceServers", "drs:DisconnectRecoveryInstance", "drs:DisconnectSourceServer", "drs:ExportSourceNetworkCfnTemplate", "drs:GetAgentCommandForDrs", "drs:GetAgentConfirmedResumeInfoForDrs", "drs:GetAgentInstallationAssetsForDrs", "drs:GetAgentReplicationInfoForDrs", "drs:GetAgentRuntimeConfigurationForDrs", "drs:GetAgentSnapshotCreditsForDrs", "drs:GetChannelCommandsForDrs", "drs:GetFailbackCommandForDrs", "drs:GetFailbackLaunchRequestedForDrs", "drs:GetFailbackReplicationConfiguration", "drs:GetLaunchConfiguration", "drs:GetReplicationConfiguration", "drs:GetSuggestedFailbackClientDeviceMappingForDrs", "drs:InitializeService", "drs:IssueAgentCertificateForDrs", "drs:ListExtensibleSourceServers", "drs:ListLaunchActions", "drs:ListStagingAccounts", "drs:ListTagsForResource", "drs:NotifyAgentAuthenticationForDrs", "drs:NotifyAgentConnectedForDrs", "drs:NotifyAgentDisconnectedForDrs", "drs:NotifyAgentReplicationProgressForDrs", "drs:NotifyConsistencyAttainedForDrs", "drs:NotifyReplicationServerAuthenticationForDrs", "drs:NotifyVolumeEventForDrs", "drs:PutLaunchAction", "drs:RetryDataReplication", "drs:ReverseReplication", "drs:SendAgentLogsForDrs", "drs:SendAgentMetricsForDrs", "drs:SendChannelCommandResultForDrs", "drs:SendClientLogsForDrs", "drs:SendClientMetricsForDrs", "drs:SendVolumeStatsForDrs", "drs:StartFailbackLaunch", "drs:StartRecovery", "drs:StartReplication", "drs:StartSourceNetworkRecovery", "drs:StartSourceNetworkReplication", "drs:StopFailback", "drs:StopReplication", "drs:StopSourceNetworkReplication", "drs:TagResource", "drs:TerminateRecoveryInstances", "drs:UntagResource", "drs:UpdateAgentBacklogForDrs", "drs:UpdateAgentConversionInfoForDrs", "drs:UpdateAgentReplicationInfoForDrs", "drs:UpdateAgentReplicationProcessStateForDrs", "drs:UpdateAgentSourcePropertiesForDrs", "drs:UpdateFailbackClientDeviceMappingForDrs", "drs:UpdateFailbackClientLastSeenForDrs", "drs:UpdateFailbackReplicationConfiguration", "drs:UpdateLaunchConfiguration", "drs:UpdateLaunchConfigurationTemplate", "drs:UpdateReplicationCertificateForDrs", "drs:UpdateReplicationConfiguration", "drs:UpdateReplicationConfigurationTemplate", "ds:AcceptSharedDirectory", "ds:AddIpRoutes", "ds:AddRegion", "ds:AddTagsToResource", "ds:AuthorizeApplication", "ds:CancelSchemaExtension", "ds:CheckAlias", "ds:ConnectDirectory", "ds:CreateAlias", "ds:CreateComputer", "ds:CreateConditionalForwarder", "ds:CreateDirectory", "ds:CreateIdentityPoolDirectory", "ds:CreateLogSubscription", "ds:CreateMicrosoftAD", "ds:CreateSnapshot", "ds:CreateTrust", "ds:DeleteConditionalForwarder", "ds:DeleteDirectory", "ds:DeleteLogSubscription", "ds:DeleteSnapshot", "ds:DeleteTrust", "ds:DeregisterCertificate", "ds:DeregisterEventTopic", "ds:DescribeCertificate", "ds:DescribeClientAuthenticationSettings", "ds:DescribeConditionalForwarders", "ds:DescribeDirectories", "ds:DescribeDomainControllers", "ds:DescribeEventTopics", "ds:DescribeLDAPSSettings", "ds:DescribeRegions", "ds:DescribeSettings", "ds:DescribeSharedDirectories", "ds:DescribeSnapshots", "ds:DescribeTrusts", "ds:DescribeUpdateDirectory", "ds:DisableClientAuthentication", "ds:DisableLDAPS", "ds:DisableRadius", "ds:DisableRoleAccess", "ds:DisableSso", "ds:EnableClientAuthentication", "ds:EnableLDAPS", "ds:EnableRadius", "ds:EnableRoleAccess", "ds:EnableSso", "ds:GetAuthorizedApplicationDetails", "ds:GetDirectoryLimits", "ds:GetSnapshotLimits", "ds:ListAuthorizedApplications", "ds:ListCertificates", "ds:ListIpRoutes", "ds:ListLogSubscriptions", "ds:ListSchemaExtensions", "ds:ListTagsForResource", "ds:RegisterCertificate", "ds:RegisterEventTopic", "ds:RejectSharedDirectory", "ds:RemoveIpRoutes", "ds:RemoveRegion", "ds:RemoveTagsFromResource", "ds:ResetUserPassword", "ds:RestoreFromSnapshot", "ds:ShareDirectory", "ds:StartSchemaExtension", "ds:UnauthorizeApplication", "ds:UnshareDirectory", "ds:UpdateAuthorizedApplication", "ds:UpdateConditionalForwarder", "ds:UpdateDirectory", "ds:UpdateDirectorySetup", "ds:UpdateNumberOfDomainControllers", "ds:UpdateRadius", "ds:UpdateSettings", "ds:UpdateTrust", "ds:VerifyTrust", "dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:ConditionCheckItem", "dynamodb:CreateBackup", "dynamodb:CreateGlobalTable", "dynamodb:CreateTable", "dynamodb:CreateTableReplica", "dynamodb:DeleteBackup", "dynamodb:DeleteItem", "dynamodb:DeleteResourcePolicy", "dynamodb:DeleteTable", "dynamodb:DeleteTableReplica", "dynamodb:DescribeBackup", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeContributorInsights", "dynamodb:DescribeEndpoints", "dynamodb:DescribeExport", "dynamodb:DescribeGlobalTable", "dynamodb:DescribeGlobalTableSettings", "dynamodb:DescribeImport", "dynamodb:DescribeKinesisStreamingDestination", "dynamodb:DescribeLimits", "dynamodb:DescribeReservedCapacity", "dynamodb:DescribeReservedCapacityOfferings", "dynamodb:DescribeStream", "dynamodb:DescribeTable", "dynamodb:DescribeTableReplicaAutoScaling", "dynamodb:DescribeTimeToLive", "dynamodb:DisableKinesisStreamingDestination", "dynamodb:EnableKinesisStreamingDestination", "dynamodb:ExportTableToPointInTime", "dynamodb:GetItem", "dynamodb:GetRecords", "dynamodb:GetResourcePolicy", "dynamodb:GetShardIterator", "dynamodb:ImportTable", "dynamodb:ListBackups", "dynamodb:ListContributorInsights", "dynamodb:ListExports", "dynamodb:ListGlobalTables", "dynamodb:ListImports", "dynamodb:ListStreams", "dynamodb:ListTables", "dynamodb:ListTagsOfResource", "dynamodb:PartiQLDelete", "dynamodb:PartiQLInsert", "dynamodb:PartiQLSelect", "dynamodb:PartiQLUpdate", "dynamodb:PurchaseReservedCapacityOfferings", "dynamodb:PutItem", "dynamodb:PutResourcePolicy", "dynamodb:Query", "dynamodb:RestoreTableFromAwsBackup", "dynamodb:RestoreTableFromBackup", "dynamodb:RestoreTableToPointInTime", "dynamodb:Scan", "dynamodb:StartAwsBackupJob", "dynamodb:TagResource", "dynamodb:UntagResource", "dynamodb:UpdateContinuousBackups", "dynamodb:UpdateContributorInsights", "dynamodb:UpdateGlobalTable", "dynamodb:UpdateGlobalTableSettings", "dynamodb:UpdateGlobalTableVersion", "dynamodb:UpdateItem", "dynamodb:UpdateKinesisStreamingDestination", "dynamodb:UpdateTable", "dynamodb:UpdateTableReplicaAutoScaling", "dynamodb:UpdateTimeToLive", "ebs:CompleteSnapshot", "ebs:GetSnapshotBlock", "ebs:ListChangedBlocks", "ebs:ListSnapshotBlocks", "ebs:PutSnapshotBlock", "ebs:StartSnapshot", "ec2:AcceptAddressTransfer", "ec2:AcceptReservedInstancesExchangeQuote", "ec2:AcceptTransitGatewayMulticastDomainAssociations", "ec2:AcceptTransitGatewayPeeringAttachment", "ec2:AcceptTransitGatewayVpcAttachment", "ec2:AcceptVpcEndpointConnections", "ec2:AcceptVpcPeeringConnection", "ec2:AdvertiseByoipCidr", "ec2:AllocateAddress", "ec2:AllocateHosts", "ec2:AllocateIpamPoolCidr", "ec2:ApplySecurityGroupsToClientVpnTargetNetwork", "ec2:AssignIpv6Addresses", "ec2:AssignPrivateIpAddresses", "ec2:AssignPrivateNatGatewayAddress", "ec2:AssociateAddress", "ec2:AssociateClientVpnTargetNetwork", "ec2:AssociateDhcpOptions", "ec2:AssociateEnclaveCertificateIamRole", "ec2:AssociateIamInstanceProfile", "ec2:AssociateInstanceEventWindow", "ec2:AssociateIpamByoasn", "ec2:AssociateIpamResourceDiscovery", "ec2:AssociateNatGatewayAddress", "ec2:AssociateRouteTable", "ec2:AssociateSubnetCidrBlock", "ec2:AssociateTransitGatewayMulticastDomain", "ec2:AssociateTransitGatewayPolicyTable", "ec2:AssociateTransitGatewayRouteTable", "ec2:AssociateTrunkInterface", "ec2:AssociateVerifiedAccessInstanceWebAcl", "ec2:AssociateVpcCidrBlock", "ec2:AttachClassicLinkVpc", "ec2:AttachInternetGateway", "ec2:AttachNetworkInterface", "ec2:AttachVerifiedAccessTrustProvider", "ec2:AttachVolume", "ec2:AttachVpnGateway", "ec2:AuthorizeClientVpnIngress", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:BundleInstance", "ec2:CancelBundleTask", "ec2:CancelCapacityReservation", "ec2:CancelCapacityReservationFleets", "ec2:CancelConversionTask", "ec2:CancelExportTask", "ec2:CancelImageLaunchPermission", "ec2:CancelImportTask", "ec2:CancelReservedInstancesListing", "ec2:CancelSpotFleetRequests", "ec2:CancelSpotInstanceRequests", "ec2:ConfirmProductInstance", "ec2:CopyFpgaImage", "ec2:CopyImage", "ec2:CopySnapshot", "ec2:CreateCapacityReservation", "ec2:CreateCapacityReservationFleet", "ec2:CreateCarrierGateway", "ec2:CreateClientVpnEndpoint", "ec2:CreateClientVpnRoute", "ec2:CreateCoipCidr", "ec2:CreateCoipPool", "ec2:CreateCoipPoolPermission", "ec2:CreateCustomerGateway", "ec2:CreateDefaultSubnet", "ec2:CreateDefaultVpc", "ec2:CreateDhcpOptions", "ec2:CreateEgressOnlyInternetGateway", "ec2:CreateFleet", "ec2:CreateFlowLogs", "ec2:CreateFpgaImage", "ec2:CreateImage", "ec2:CreateInstanceConnectEndpoint", "ec2:CreateInstanceEventWindow", "ec2:CreateInstanceExportTask", "ec2:CreateInternetGateway", "ec2:CreateIpam", "ec2:CreateIpamPool", "ec2:CreateIpamResourceDiscovery", "ec2:CreateIpamScope", "ec2:CreateKeyPair", "ec2:CreateLaunchTemplate", "ec2:CreateLaunchTemplateVersion", "ec2:CreateLocalGatewayRoute", "ec2:CreateLocalGatewayRouteTable", "ec2:CreateLocalGatewayRouteTablePermission", "ec2:CreateLocalGatewayRouteTableVirtualInterfaceGroupAssociation", "ec2:CreateLocalGatewayRouteTableVpcAssociation", "ec2:CreateManagedPrefixList", "ec2:CreateNatGateway", "ec2:CreateNetworkAcl", "ec2:CreateNetworkAclEntry", "ec2:CreateNetworkInsightsAccessScope", "ec2:CreateNetworkInsightsPath", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:CreatePlacementGroup", "ec2:CreatePublicIpv4Pool", "ec2:CreateReplaceRootVolumeTask", "ec2:CreateReservedInstancesListing", "ec2:CreateRestoreImageTask", "ec2:CreateRoute", "ec2:CreateRouteTable", "ec2:CreateSecurityGroup", "ec2:CreateSnapshot", "ec2:CreateSnapshots", "ec2:CreateSpotDatafeedSubscription", "ec2:CreateStoreImageTask", "ec2:CreateSubnet", "ec2:CreateSubnetCidrReservation", "ec2:CreateTags", "ec2:CreateTrafficMirrorFilter", "ec2:CreateTrafficMirrorFilterRule", "ec2:CreateTrafficMirrorSession", "ec2:CreateTrafficMirrorTarget", "ec2:CreateTransitGateway", "ec2:CreateTransitGatewayConnect", "ec2:CreateTransitGatewayConnectPeer", "ec2:CreateTransitGatewayMulticastDomain", "ec2:CreateTransitGatewayPeeringAttachment", "ec2:CreateTransitGatewayPolicyTable", "ec2:CreateTransitGatewayPrefixListReference", "ec2:CreateTransitGatewayRoute", "ec2:CreateTransitGatewayRouteTable", "ec2:CreateTransitGatewayRouteTableAnnouncement", "ec2:CreateTransitGatewayVpcAttachment", "ec2:CreateVerifiedAccessEndpoint", "ec2:CreateVerifiedAccessGroup", "ec2:CreateVerifiedAccessInstance", "ec2:CreateVerifiedAccessTrustProvider", "ec2:CreateVolume", "ec2:CreateVpc", "ec2:CreateVpcEndpoint", "ec2:CreateVpcEndpointConnectionNotification", "ec2:CreateVpcEndpointServiceConfiguration", "ec2:CreateVpcPeeringConnection", "ec2:CreateVpnConnection", "ec2:CreateVpnConnectionRoute", "ec2:CreateVpnGateway", "ec2:DeleteCarrierGateway", "ec2:DeleteClientVpnEndpoint", "ec2:DeleteClientVpnRoute", "ec2:DeleteCoipCidr", "ec2:DeleteCoipPool", "ec2:DeleteCoipPoolPermission", "ec2:DeleteCustomerGateway", "ec2:DeleteDhcpOptions", "ec2:DeleteEgressOnlyInternetGateway", "ec2:DeleteFleets", "ec2:DeleteFlowLogs", "ec2:DeleteFpgaImage", "ec2:DeleteInstanceConnectEndpoint", "ec2:DeleteInstanceEventWindow", "ec2:DeleteInternetGateway", "ec2:DeleteIpam", "ec2:DeleteIpamPool", "ec2:DeleteIpamResourceDiscovery", "ec2:DeleteIpamScope", "ec2:DeleteKeyPair", "ec2:DeleteLaunchTemplate", "ec2:DeleteLaunchTemplateVersions", "ec2:DeleteLocalGatewayRoute", "ec2:DeleteLocalGatewayRouteTable", "ec2:DeleteLocalGatewayRouteTablePermission", "ec2:DeleteLocalGatewayRouteTableVirtualInterfaceGroupAssociation", "ec2:DeleteLocalGatewayRouteTableVpcAssociation", "ec2:DeleteManagedPrefixList", "ec2:DeleteNatGateway", "ec2:DeleteNetworkAcl", "ec2:DeleteNetworkAclEntry", "ec2:DeleteNetworkInsightsAccessScope", "ec2:DeleteNetworkInsightsAccessScopeAnalysis", "ec2:DeleteNetworkInsightsAnalysis", "ec2:DeleteNetworkInsightsPath", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DeletePlacementGroup", "ec2:DeletePublicIpv4Pool", "ec2:DeleteQueuedReservedInstances", "ec2:DeleteResourcePolicy", "ec2:DeleteRoute", "ec2:DeleteRouteTable", "ec2:DeleteSecurityGroup", "ec2:DeleteSnapshot", "ec2:DeleteSpotDatafeedSubscription", "ec2:DeleteSubnet", "ec2:DeleteSubnetCidrReservation", "ec2:DeleteTags", "ec2:DeleteTrafficMirrorFilter", "ec2:DeleteTrafficMirrorFilterRule", "ec2:DeleteTrafficMirrorSession", "ec2:DeleteTrafficMirrorTarget", "ec2:DeleteTransitGateway", "ec2:DeleteTransitGatewayConnect", "ec2:DeleteTransitGatewayConnectPeer", "ec2:DeleteTransitGatewayMulticastDomain", "ec2:DeleteTransitGatewayPeeringAttachment", "ec2:DeleteTransitGatewayPolicyTable", "ec2:DeleteTransitGatewayPrefixListReference", "ec2:DeleteTransitGatewayRoute", "ec2:DeleteTransitGatewayRouteTable", "ec2:DeleteTransitGatewayRouteTableAnnouncement", "ec2:DeleteTransitGatewayVpcAttachment", "ec2:DeleteVerifiedAccessEndpoint", "ec2:DeleteVerifiedAccessGroup", "ec2:DeleteVerifiedAccessInstance", "ec2:DeleteVerifiedAccessTrustProvider", "ec2:DeleteVolume", "ec2:DeleteVpc", "ec2:DeleteVpcEndpointConnectionNotifications", "ec2:DeleteVpcEndpointServiceConfigurations", "ec2:DeleteVpcEndpoints", "ec2:DeleteVpcPeeringConnection", "ec2:DeleteVpnConnection", "ec2:DeleteVpnConnectionRoute", "ec2:DeleteVpnGateway", "ec2:DeprovisionByoipCidr", "ec2:DeprovisionIpamByoasn", "ec2:DeprovisionIpamPoolCidr", "ec2:DeprovisionPublicIpv4PoolCidr", "ec2:DeregisterImage", "ec2:DeregisterInstanceEventNotificationAttributes", "ec2:DeregisterTransitGatewayMulticastGroupMembers", "ec2:DeregisterTransitGatewayMulticastGroupSources", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:DetachClassicLinkVpc", "ec2:DetachInternetGateway", "ec2:DetachNetworkInterface", "ec2:DetachVerifiedAccessTrustProvider", "ec2:DetachVolume", "ec2:DetachVpnGateway", "ec2:DisableAddressTransfer", "ec2:DisableAwsNetworkPerformanceMetricSubscription", "ec2:DisableEbsEncryptionByDefault", "ec2:DisableFastLaunch", "ec2:DisableFastSnapshotRestores", "ec2:DisableImage", "ec2:DisableImageBlockPublicAccess", "ec2:DisableImageDeprecation", "ec2:DisableIpamOrganizationAdminAccount", "ec2:DisableSerialConsoleAccess", "ec2:DisableSnapshotBlockPublicAccess", "ec2:DisableTransitGatewayRouteTablePropagation", "ec2:DisableVgwRoutePropagation", "ec2:DisableVpcClassicLink", "ec2:DisableVpcClassicLinkDnsSupport", "ec2:DisassociateAddress", "ec2:DisassociateClientVpnTargetNetwork", "ec2:DisassociateEnclaveCertificateIamRole", "ec2:DisassociateIamInstanceProfile", "ec2:DisassociateInstanceEventWindow", "ec2:DisassociateIpamByoasn", "ec2:DisassociateIpamResourceDiscovery", "ec2:DisassociateNatGatewayAddress", "ec2:DisassociateRouteTable", "ec2:DisassociateSubnetCidrBlock", "ec2:DisassociateTransitGatewayMulticastDomain", "ec2:DisassociateTransitGatewayPolicyTable", "ec2:DisassociateTransitGatewayRouteTable", "ec2:DisassociateTrunkInterface", "ec2:DisassociateVerifiedAccessInstanceWebAcl", "ec2:DisassociateVpcCidrBlock", "ec2:EnableAddressTransfer", "ec2:EnableAwsNetworkPerformanceMetricSubscription", "ec2:EnableEbsEncryptionByDefault", "ec2:EnableFastLaunch", "ec2:EnableFastSnapshotRestores", "ec2:EnableImage", "ec2:EnableImageBlockPublicAccess", "ec2:EnableImageDeprecation", "ec2:EnableIpamOrganizationAdminAccount", "ec2:EnableReachabilityAnalyzerOrganizationSharing", "ec2:EnableSerialConsoleAccess", "ec2:EnableSnapshotBlockPublicAccess", "ec2:EnableTransitGatewayRouteTablePropagation", "ec2:EnableVgwRoutePropagation", "ec2:EnableVolumeIO", "ec2:EnableVpcClassicLink", "ec2:EnableVpcClassicLinkDnsSupport", "ec2:ExportClientVpnClientCertificateRevocationList", "ec2:ExportClientVpnClientConfiguration", "ec2:ExportImage", "ec2:ExportTransitGatewayRoutes", "ec2:GetAssociatedEnclaveCertificateIamRoles", "ec2:GetAssociatedIpv6PoolCidrs", "ec2:GetAwsNetworkPerformanceData", "ec2:GetCapacityReservationUsage", "ec2:GetCoipPoolUsage", "ec2:GetConsoleOutput", "ec2:GetConsoleScreenshot", "ec2:GetDefaultCreditSpecification", "ec2:GetEbsDefaultKmsKeyId", "ec2:GetEbsEncryptionByDefault", "ec2:GetFlowLogsIntegrationTemplate", "ec2:GetGroupsForCapacityReservation", "ec2:GetHostReservationPurchasePreview", "ec2:GetImageBlockPublicAccessState", "ec2:GetInstanceMetadataDefaults", "ec2:GetInstanceTypesFromInstanceRequirements", "ec2:GetInstanceUefiData", "ec2:GetIpamAddressHistory", "ec2:GetIpamDiscoveredAccounts", "ec2:GetIpamDiscoveredPublicAddresses", "ec2:GetIpamDiscoveredResourceCidrs", "ec2:GetIpamPoolAllocations", "ec2:GetIpamPoolCidrs", "ec2:GetIpamResourceCidrs", "ec2:GetLaunchTemplateData", "ec2:GetManagedPrefixListAssociations", "ec2:GetManagedPrefixListEntries", "ec2:GetNetworkInsightsAccessScopeAnalysisFindings", "ec2:GetNetworkInsightsAccessScopeContent", "ec2:GetPasswordData", "ec2:GetReservedInstancesExchangeQuote", "ec2:GetResourcePolicy", "ec2:GetSecurityGroupsForVpc", "ec2:GetSerialConsoleAccessStatus", "ec2:GetSnapshotBlockPublicAccessState", "ec2:GetSpotPlacementScores", "ec2:GetSubnetCidrReservations", "ec2:GetTransitGatewayAttachmentPropagations", "ec2:GetTransitGatewayMulticastDomainAssociations", "ec2:GetTransitGatewayPolicyTableAssociations", "ec2:GetTransitGatewayPolicyTableEntries", "ec2:GetTransitGatewayPrefixListReferences", "ec2:GetTransitGatewayRouteTableAssociations", "ec2:GetTransitGatewayRouteTablePropagations", "ec2:GetVerifiedAccessEndpointPolicy", "ec2:GetVerifiedAccessGroupPolicy", "ec2:GetVerifiedAccessInstanceWebAcl", "ec2:GetVpnConnectionDeviceSampleConfiguration", "ec2:GetVpnConnectionDeviceTypes", "ec2:GetVpnTunnelReplacementStatus", "ec2:ImportByoipCidrToIpam", "ec2:ImportClientVpnClientCertificateRevocationList", "ec2:ImportImage", "ec2:ImportInstance", "ec2:ImportKeyPair", "ec2:ImportSnapshot", "ec2:ImportVolume", "ec2:InjectApiError", "ec2:ListImagesInRecycleBin", "ec2:ListSnapshotsInRecycleBin", "ec2:LockSnapshot", "ec2:ModifyAddressAttribute", "ec2:ModifyAvailabilityZoneGroup", "ec2:ModifyCapacityReservation", "ec2:ModifyCapacityReservationFleet", "ec2:ModifyClientVpnEndpoint", "ec2:ModifyDefaultCreditSpecification", "ec2:ModifyEbsDefaultKmsKeyId", "ec2:ModifyFleet", "ec2:ModifyFpgaImageAttribute", "ec2:ModifyHosts", "ec2:ModifyIdFormat", "ec2:ModifyIdentityIdFormat", "ec2:ModifyImageAttribute", "ec2:ModifyInstanceAttribute", "ec2:ModifyInstanceCapacityReservationAttributes", "ec2:ModifyInstanceCreditSpecification", "ec2:ModifyInstanceEventStartTime", "ec2:ModifyInstanceEventWindow", "ec2:ModifyInstanceMaintenanceOptions", "ec2:ModifyInstanceMetadataDefaults", "ec2:ModifyInstanceMetadataOptions", "ec2:ModifyInstancePlacement", "ec2:ModifyIpam", "ec2:ModifyIpamPool", "ec2:ModifyIpamResourceCidr", "ec2:ModifyIpamResourceDiscovery", "ec2:ModifyIpamScope", "ec2:ModifyLaunchTemplate", "ec2:ModifyLocalGatewayRoute", "ec2:ModifyManagedPrefixList", "ec2:ModifyNetworkInterfaceAttribute", "ec2:ModifyPrivateDnsNameOptions", "ec2:ModifyReservedInstances", "ec2:ModifySecurityGroupRules", "ec2:ModifySnapshotAttribute", "ec2:ModifySnapshotTier", "ec2:ModifySpotFleetRequest", "ec2:ModifySubnetAttribute", "ec2:ModifyTrafficMirrorFilterNetworkServices", "ec2:ModifyTrafficMirrorFilterRule", "ec2:ModifyTrafficMirrorSession", "ec2:ModifyTransitGateway", "ec2:ModifyTransitGatewayPrefixListReference", "ec2:ModifyTransitGatewayVpcAttachment", "ec2:ModifyVerifiedAccessEndpoint", "ec2:ModifyVerifiedAccessEndpointPolicy", "ec2:ModifyVerifiedAccessGroup", "ec2:ModifyVerifiedAccessGroupPolicy", "ec2:ModifyVerifiedAccessInstance", "ec2:ModifyVerifiedAccessInstanceLoggingConfiguration", "ec2:ModifyVerifiedAccessTrustProvider", "ec2:ModifyVolume", "ec2:ModifyVolumeAttribute", "ec2:ModifyVpcAttribute", "ec2:ModifyVpcEndpoint", "ec2:ModifyVpcEndpointConnectionNotification", "ec2:ModifyVpcEndpointServiceConfiguration", "ec2:ModifyVpcEndpointServicePayerResponsibility", "ec2:ModifyVpcEndpointServicePermissions", "ec2:ModifyVpcPeeringConnectionOptions", "ec2:ModifyVpcTenancy", "ec2:ModifyVpnConnection", "ec2:ModifyVpnConnectionOptions", "ec2:ModifyVpnTunnelCertificate", "ec2:ModifyVpnTunnelOptions", "ec2:MonitorInstances", "ec2:MoveAddressToVpc", "ec2:MoveByoipCidrToIpam", "ec2:PauseVolumeIO", "ec2:ProvisionByoipCidr", "ec2:ProvisionIpamByoasn", "ec2:ProvisionIpamPoolCidr", "ec2:ProvisionPublicIpv4PoolCidr", "ec2:PurchaseCapacityBlock", "ec2:PurchaseHostReservation", "ec2:PurchaseReservedInstancesOffering", "ec2:PurchaseScheduledInstances", "ec2:PutResourcePolicy", "ec2:RebootInstances", "ec2:RegisterImage", "ec2:RegisterInstanceEventNotificationAttributes", "ec2:RegisterTransitGatewayMulticastGroupMembers", "ec2:RegisterTransitGatewayMulticastGroupSources", "ec2:RejectTransitGatewayMulticastDomainAssociations", "ec2:RejectTransitGatewayPeeringAttachment", "ec2:RejectTransitGatewayVpcAttachment", "ec2:RejectVpcEndpointConnections", "ec2:RejectVpcPeeringConnection", "ec2:ReleaseAddress", "ec2:ReleaseHosts", "ec2:ReleaseIpamPoolAllocation", "ec2:ReplaceIamInstanceProfileAssociation", "ec2:ReplaceNetworkAclAssociation", "ec2:ReplaceNetworkAclEntry", "ec2:ReplaceRoute", "ec2:ReplaceRouteTableAssociation", "ec2:ReplaceTransitGatewayRoute", "ec2:ReplaceVpnTunnel", "ec2:ReportInstanceStatus", "ec2:RequestSpotFleet", "ec2:RequestSpotInstances", "ec2:ResetAddressAttribute", "ec2:ResetEbsDefaultKmsKeyId", "ec2:ResetFpgaImageAttribute", "ec2:ResetImageAttribute", "ec2:ResetInstanceAttribute", "ec2:ResetNetworkInterfaceAttribute", "ec2:ResetSnapshotAttribute", "ec2:RestoreAddressToClassic", "ec2:RestoreImageFromRecycleBin", "ec2:RestoreManagedPrefixListVersion", "ec2:RestoreSnapshotFromRecycleBin", "ec2:RestoreSnapshotTier", "ec2:RevokeClientVpnIngress", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:RunInstances", "ec2:RunScheduledInstances", "ec2:SearchLocalGatewayRoutes", "ec2:SearchTransitGatewayMulticastGroups", "ec2:SearchTransitGatewayRoutes", "ec2:SendDiagnosticInterrupt", "ec2:SendSpotInstanceInterruptions", "ec2:StartInstances", "ec2:StartNetworkInsightsAccessScopeAnalysis", "ec2:StartNetworkInsightsAnalysis", "ec2:StartVpcEndpointServicePrivateDnsVerification", "ec2:StopInstances", "ec2:TerminateClientVpnConnections", "ec2:TerminateInstances", "ec2:UnassignIpv6Addresses", "ec2:UnassignPrivateIpAddresses", "ec2:UnassignPrivateNatGatewayAddress", "ec2:UnlockSnapshot", "ec2:UnmonitorInstances", "ec2:UpdateSecurityGroupRuleDescriptionsEgress", "ec2:UpdateSecurityGroupRuleDescriptionsIngress", "ec2:WithdrawByoipCidr", "ec2-instance-connect:OpenTunnel", "ec2-instance-connect:SendSSHPublicKey", "ec2-instance-connect:SendSerialConsoleSSHPublicKey", "ec2messages:AcknowledgeMessage", "ec2messages:DeleteMessage", "ec2messages:FailMessage", "ec2messages:GetEndpoint", "ec2messages:GetMessages", "ec2messages:SendReply", "ecr:BatchCheckLayerAvailability", "ecr:BatchDeleteImage", "ecr:BatchGetImage", "ecr:BatchGetRepositoryScanningConfiguration", "ecr:BatchImportUpstreamImage", "ecr:CompleteLayerUpload", "ecr:CreatePullThroughCacheRule", "ecr:CreateRepository", "ecr:CreateRepositoryCreationTemplate", "ecr:DeleteLifecyclePolicy", "ecr:DeletePullThroughCacheRule", "ecr:DeleteRegistryPolicy", "ecr:DeleteRepository", "ecr:DeleteRepositoryCreationTemplate", "ecr:DeleteRepositoryPolicy", "ecr:DescribeImageReplicationStatus", "ecr:DescribeImageScanFindings", "ecr:DescribeImages", "ecr:DescribePullThroughCacheRules", "ecr:DescribeRegistry", "ecr:DescribeRepositories", "ecr:DescribeRepositoryCreationTemplate", "ecr:GetAuthorizationToken", "ecr:GetDownloadUrlForLayer", "ecr:GetLifecyclePolicy", "ecr:GetLifecyclePolicyPreview", "ecr:GetRegistryPolicy", "ecr:GetRegistryScanningConfiguration", "ecr:GetRepositoryPolicy", "ecr:InitiateLayerUpload", "ecr:ListImages", "ecr:ListTagsForResource", "ecr:PutImage", "ecr:PutImageScanningConfiguration", "ecr:PutImageTagMutability", "ecr:PutLifecyclePolicy", "ecr:PutRegistryPolicy", "ecr:PutRegistryScanningConfiguration", "ecr:PutReplicationConfiguration", "ecr:ReplicateImage", "ecr:SetRepositoryPolicy", "ecr:StartImageScan", "ecr:StartLifecyclePolicyPreview", "ecr:TagResource", "ecr:UntagResource", "ecr:UpdatePullThroughCacheRule", "ecr:UploadLayerPart", "ecr:ValidatePullThroughCacheRule", "ecr-public:BatchCheckLayerAvailability", "ecr-public:BatchDeleteImage", "ecr-public:CompleteLayerUpload", "ecr-public:CreateRepository", "ecr-public:DeleteRepository", "ecr-public:DeleteRepositoryPolicy", "ecr-public:DescribeImageTags", "ecr-public:DescribeImages", "ecr-public:DescribeRegistries", "ecr-public:DescribeRepositories", "ecr-public:GetAuthorizationToken", "ecr-public:GetRegistryCatalogData", "ecr-public:GetRepositoryCatalogData", "ecr-public:GetRepositoryPolicy", "ecr-public:InitiateLayerUpload", "ecr-public:ListTagsForResource", "ecr-public:PutImage", "ecr-public:PutRegistryCatalogData", "ecr-public:PutRepositoryCatalogData", "ecr-public:SetRepositoryPolicy", "ecr-public:TagResource", "ecr-public:UntagResource", "ecr-public:UploadLayerPart", "ecs:CreateCapacityProvider", "ecs:CreateCluster", "ecs:CreateService", "ecs:CreateTaskSet", "ecs:DeleteAccountSetting", "ecs:DeleteAttributes", "ecs:DeleteCapacityProvider", "ecs:DeleteCluster", "ecs:DeleteService", "ecs:DeleteTaskDefinitions", "ecs:DeleteTaskSet", "ecs:DeregisterContainerInstance", "ecs:DeregisterTaskDefinition", "ecs:DescribeCapacityProviders", "ecs:DescribeClusters", "ecs:DescribeContainerInstances", "ecs:DescribeServices", "ecs:DescribeTaskDefinition", "ecs:DescribeTaskSets", "ecs:DescribeTasks", "ecs:DiscoverPollEndpoint", "ecs:ExecuteCommand", "ecs:GetTaskProtection", "ecs:ListAccountSettings", "ecs:ListAttributes", "ecs:ListClusters", "ecs:ListContainerInstances", "ecs:ListServices", "ecs:ListServicesByNamespace", "ecs:ListTagsForResource", "ecs:ListTaskDefinitionFamilies", "ecs:ListTaskDefinitions", "ecs:ListTasks", "ecs:Poll", "ecs:PutAccountSetting", "ecs:PutAccountSettingDefault", "ecs:PutAttributes", "ecs:PutClusterCapacityProviders", "ecs:RegisterContainerInstance", "ecs:RegisterTaskDefinition", "ecs:RunTask", "ecs:StartTask", "ecs:StartTelemetrySession", "ecs:StopTask", "ecs:SubmitAttachmentStateChanges", "ecs:SubmitContainerStateChange", "ecs:SubmitTaskStateChange", "ecs:TagResource", "ecs:UntagResource", "ecs:UpdateCapacityProvider", "ecs:UpdateCluster", "ecs:UpdateClusterSettings", "ecs:UpdateContainerAgent", "ecs:UpdateContainerInstancesState", "ecs:UpdateService", "ecs:UpdateServicePrimaryTaskSet", "ecs:UpdateTaskProtection", "ecs:UpdateTaskSet", "eks:AccessKubernetesApi", "eks:AssociateAccessPolicy", "eks:AssociateEncryptionConfig", "eks:AssociateIdentityProviderConfig", "eks:CreateAccessEntry", "eks:CreateAddon", "eks:CreateCluster", "eks:CreateEksAnywhereSubscription", "eks:CreateFargateProfile", "eks:CreateNodegroup", "eks:CreatePodIdentityAssociation", "eks:DeleteAccessEntry", "eks:DeleteAddon", "eks:DeleteCluster", "eks:DeleteEksAnywhereSubscription", "eks:DeleteFargateProfile", "eks:DeleteNodegroup", "eks:DeletePodIdentityAssociation", "eks:DeregisterCluster", "eks:DescribeAccessEntry", "eks:DescribeAddon", "eks:DescribeAddonConfiguration", "eks:DescribeAddonVersions", "eks:DescribeCluster", "eks:DescribeEksAnywhereSubscription", "eks:DescribeFargateProfile", "eks:DescribeIdentityProviderConfig", "eks:DescribeInsight", "eks:DescribeNodegroup", "eks:DescribePodIdentityAssociation", "eks:DescribeUpdate", "eks:DisassociateAccessPolicy", "eks:DisassociateIdentityProviderConfig", "eks:ListAccessEntries", "eks:ListAccessPolicies", "eks:ListAddons", "eks:ListAssociatedAccessPolicies", "eks:ListClusters", "eks:ListEksAnywhereSubscriptions", "eks:ListFargateProfiles", "eks:ListIdentityProviderConfigs", "eks:ListInsights", "eks:ListNodegroups", "eks:ListPodIdentityAssociations", "eks:ListTagsForResource", "eks:ListUpdates", "eks:RegisterCluster", "eks:TagResource", "eks:UntagResource", "eks:UpdateAccessEntry", "eks:UpdateAddon", "eks:UpdateClusterConfig", "eks:UpdateClusterVersion", "eks:UpdateEksAnywhereSubscription", "eks:UpdateNodegroupConfig", "eks:UpdateNodegroupVersion", "eks:UpdatePodIdentityAssociation", "eks-auth:AssumeRoleForPodIdentity", "elastic-inference:Connect", "elastic-inference:DescribeAcceleratorOfferings", "elastic-inference:DescribeAcceleratorTypes", "elastic-inference:DescribeAccelerators", "elastic-inference:ListTagsForResource", "elastic-inference:TagResource", "elastic-inference:UntagResource", "elasticache:AddTagsToResource", "elasticache:AuthorizeCacheSecurityGroupIngress", "elasticache:BatchApplyUpdateAction", "elasticache:BatchStopUpdateAction", "elasticache:CompleteMigration", "elasticache:Connect", "elasticache:CopyServerlessCacheSnapshot", "elasticache:CopySnapshot", "elasticache:CreateCacheCluster", "elasticache:CreateCacheParameterGroup", "elasticache:CreateCacheSecurityGroup", "elasticache:CreateCacheSubnetGroup", "elasticache:CreateGlobalReplicationGroup", "elasticache:CreateReplicationGroup", "elasticache:CreateServerlessCache", "elasticache:CreateServerlessCacheSnapshot", "elasticache:CreateSnapshot", "elasticache:CreateUser", "elasticache:CreateUserGroup", "elasticache:DecreaseNodeGroupsInGlobalReplicationGroup", "elasticache:DecreaseReplicaCount", "elasticache:DeleteCacheCluster", "elasticache:DeleteCacheParameterGroup", "elasticache:DeleteCacheSecurityGroup", "elasticache:DeleteCacheSubnetGroup", "elasticache:DeleteGlobalReplicationGroup", "elasticache:DeleteReplicationGroup", "elasticache:DeleteServerlessCache", "elasticache:DeleteServerlessCacheSnapshot", "elasticache:DeleteSnapshot", "elasticache:DeleteUser", "elasticache:DeleteUserGroup", "elasticache:DescribeCacheClusters", "elasticache:DescribeCacheEngineVersions", "elasticache:DescribeCacheParameterGroups", "elasticache:DescribeCacheParameters", "elasticache:DescribeCacheSecurityGroups", "elasticache:DescribeCacheSubnetGroups", "elasticache:DescribeEngineDefaultParameters", "elasticache:DescribeEvents", "elasticache:DescribeGlobalReplicationGroups", "elasticache:DescribeReplicationGroups", "elasticache:DescribeReservedCacheNodes", "elasticache:DescribeReservedCacheNodesOfferings", "elasticache:DescribeServerlessCacheSnapshots", "elasticache:DescribeServerlessCaches", "elasticache:DescribeServiceUpdates", "elasticache:DescribeSnapshots", "elasticache:DescribeUpdateActions", "elasticache:DescribeUserGroups", "elasticache:DescribeUsers", "elasticache:DisassociateGlobalReplicationGroup", "elasticache:ExportServerlessCacheSnapshot", "elasticache:FailoverGlobalReplicationGroup", "elasticache:IncreaseNodeGroupsInGlobalReplicationGroup", "elasticache:IncreaseReplicaCount", "elasticache:InterruptClusterAzPower", "elasticache:ListAllowedNodeTypeModifications", "elasticache:ListTagsForResource", "elasticache:ModifyCacheCluster", "elasticache:ModifyCacheParameterGroup", "elasticache:ModifyCacheSubnetGroup", "elasticache:ModifyGlobalReplicationGroup", "elasticache:ModifyReplicationGroup", "elasticache:ModifyReplicationGroupShardConfiguration", "elasticache:ModifyServerlessCache", "elasticache:ModifyUser", "elasticache:ModifyUserGroup", "elasticache:PurchaseReservedCacheNodesOffering", "elasticache:RebalanceSlotsInGlobalReplicationGroup", "elasticache:RebootCacheCluster", "elasticache:RemoveTagsFromResource", "elasticache:ResetCacheParameterGroup", "elasticache:RevokeCacheSecurityGroupIngress", "elasticache:StartMigration", "elasticache:TestFailover", "elasticache:TestMigration", "elasticbeanstalk:AbortEnvironmentUpdate", "elasticbeanstalk:AddTags", "elasticbeanstalk:ApplyEnvironmentManagedAction", "elasticbeanstalk:AssociateEnvironmentOperationsRole", "elasticbeanstalk:CheckDNSAvailability", "elasticbeanstalk:ComposeEnvironments", "elasticbeanstalk:CreateApplication", "elasticbeanstalk:CreateApplicationVersion", "elasticbeanstalk:CreateConfigurationTemplate", "elasticbeanstalk:CreateEnvironment", "elasticbeanstalk:CreatePlatformVersion", "elasticbeanstalk:CreateStorageLocation", "elasticbeanstalk:DeleteApplication", "elasticbeanstalk:DeleteApplicationVersion", "elasticbeanstalk:DeleteConfigurationTemplate", "elasticbeanstalk:DeleteEnvironmentConfiguration", "elasticbeanstalk:DeletePlatformVersion", "elasticbeanstalk:DescribeAccountAttributes", "elasticbeanstalk:DescribeApplicationVersions", "elasticbeanstalk:DescribeApplications", "elasticbeanstalk:DescribeConfigurationOptions", "elasticbeanstalk:DescribeConfigurationSettings", "elasticbeanstalk:DescribeEnvironmentHealth", "elasticbeanstalk:DescribeEnvironmentManagedActionHistory", "elasticbeanstalk:DescribeEnvironmentManagedActions", "elasticbeanstalk:DescribeEnvironmentResources", "elasticbeanstalk:DescribeEnvironments", "elasticbeanstalk:DescribeEvents", "elasticbeanstalk:DescribeInstancesHealth", "elasticbeanstalk:DescribePlatformVersion", "elasticbeanstalk:DisassociateEnvironmentOperationsRole", "elasticbeanstalk:ListAvailableSolutionStacks", "elasticbeanstalk:ListPlatformBranches", "elasticbeanstalk:ListPlatformVersions", "elasticbeanstalk:ListTagsForResource", "elasticbeanstalk:PutInstanceStatistics", "elasticbeanstalk:RebuildEnvironment", "elasticbeanstalk:RemoveTags", "elasticbeanstalk:RequestEnvironmentInfo", "elasticbeanstalk:RestartAppServer", "elasticbeanstalk:RetrieveEnvironmentInfo", "elasticbeanstalk:SwapEnvironmentCNAMEs", "elasticbeanstalk:TerminateEnvironment", "elasticbeanstalk:UpdateApplication", "elasticbeanstalk:UpdateApplicationResourceLifecycle", "elasticbeanstalk:UpdateApplicationVersion", "elasticbeanstalk:UpdateConfigurationTemplate", "elasticbeanstalk:UpdateEnvironment", "elasticbeanstalk:UpdateTagsForResource", "elasticbeanstalk:ValidateConfigurationSettings", "elasticfilesystem:Backup", "elasticfilesystem:ClientMount", "elasticfilesystem:ClientRootAccess", "elasticfilesystem:ClientWrite", "elasticfilesystem:CreateAccessPoint", "elasticfilesystem:CreateFileSystem", "elasticfilesystem:CreateMountTarget", "elasticfilesystem:CreateReplicationConfiguration", "elasticfilesystem:CreateTags", "elasticfilesystem:DeleteAccessPoint", "elasticfilesystem:DeleteFileSystem", "elasticfilesystem:DeleteFileSystemPolicy", "elasticfilesystem:DeleteMountTarget", "elasticfilesystem:DeleteReplicationConfiguration", "elasticfilesystem:DeleteTags", "elasticfilesystem:DescribeAccessPoints", "elasticfilesystem:DescribeAccountPreferences", "elasticfilesystem:DescribeBackupPolicy", "elasticfilesystem:DescribeFileSystemPolicy", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeLifecycleConfiguration", "elasticfilesystem:DescribeMountTargetSecurityGroups", "elasticfilesystem:DescribeMountTargets", "elasticfilesystem:DescribeReplicationConfigurations", "elasticfilesystem:DescribeTags", "elasticfilesystem:ListTagsForResource", "elasticfilesystem:ModifyMountTargetSecurityGroups", "elasticfilesystem:PutAccountPreferences", "elasticfilesystem:PutBackupPolicy", "elasticfilesystem:PutFileSystemPolicy", "elasticfilesystem:PutLifecycleConfiguration", "elasticfilesystem:Restore", "elasticfilesystem:TagResource", "elasticfilesystem:UntagResource", "elasticfilesystem:UpdateFileSystem", "elasticfilesystem:UpdateFileSystemProtection", "elasticloadbalancing:AddTags", "elasticloadbalancing:ApplySecurityGroupsToLoadBalancer", "elasticloadbalancing:AttachLoadBalancerToSubnets", "elasticloadbalancing:ConfigureHealthCheck", "elasticloadbalancing:CreateAppCookieStickinessPolicy", "elasticloadbalancing:CreateLBCookieStickinessPolicy", "elasticloadbalancing:CreateLoadBalancer", "elasticloadbalancing:CreateLoadBalancerListeners", "elasticloadbalancing:CreateLoadBalancerPolicy", "elasticloadbalancing:DeleteLoadBalancer", "elasticloadbalancing:DeleteLoadBalancerListeners", "elasticloadbalancing:DeleteLoadBalancerPolicy", "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DetachLoadBalancerFromSubnets", "elasticloadbalancing:DisableAvailabilityZonesForLoadBalancer", "elasticloadbalancing:EnableAvailabilityZonesForLoadBalancer", "elasticloadbalancing:ModifyLoadBalancerAttributes", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:RemoveTags", "elasticloadbalancing:SetLoadBalancerListenerSSLCertificate", "elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer", "elasticloadbalancing:SetLoadBalancerPoliciesOfListener", "elasticloadbalancing:AddListenerCertificates", "elasticloadbalancing:AddTrustStoreRevocations", "elasticloadbalancing:CreateListener", "elasticloadbalancing:CreateRule", "elasticloadbalancing:CreateTargetGroup", "elasticloadbalancing:CreateTrustStore", "elasticloadbalancing:DeleteListener", "elasticloadbalancing:DeleteRule", "elasticloadbalancing:DeleteTargetGroup", "elasticloadbalancing:DeleteTrustStore", "elasticloadbalancing:DeregisterTargets", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "elasticloadbalancing:GetTrustStoreCaCertificatesBundle", "elasticloadbalancing:GetTrustStoreRevocationContent", "elasticloadbalancing:ModifyListener", "elasticloadbalancing:ModifyRule", "elasticloadbalancing:ModifyTargetGroup", "elasticloadbalancing:ModifyTargetGroupAttributes", "elasticloadbalancing:ModifyTrustStore", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:RemoveListenerCertificates", "elasticloadbalancing:RemoveTrustStoreRevocations", "elasticloadbalancing:SetIpAddressType", "elasticloadbalancing:SetRulePriorities", "elasticloadbalancing:SetSecurityGroups", "elasticloadbalancing:SetSubnets", "elasticloadbalancing:SetWebAcl", "elasticmapreduce:AddInstanceFleet", "elasticmapreduce:AddInstanceGroups", "elasticmapreduce:AddJobFlowSteps", "elasticmapreduce:AddTags", "elasticmapreduce:AttachEditor", "elasticmapreduce:CancelSteps", "elasticmapreduce:CreateEditor", "elasticmapreduce:CreatePersistentAppUI", "elasticmapreduce:CreateRepository", "elasticmapreduce:CreateSecurityConfiguration", "elasticmapreduce:CreateStudio", "elasticmapreduce:CreateStudioPresignedUrl", "elasticmapreduce:CreateStudioSessionMapping", "elasticmapreduce:DeleteEditor", "elasticmapreduce:DeleteRepository", "elasticmapreduce:DeleteSecurityConfiguration", "elasticmapreduce:DeleteStudio", "elasticmapreduce:DeleteStudioSessionMapping", "elasticmapreduce:DeleteWorkspaceAccess", "elasticmapreduce:DescribeCluster", "elasticmapreduce:DescribeEditor", "elasticmapreduce:DescribeJobFlows", "elasticmapreduce:DescribeNotebookExecution", "elasticmapreduce:DescribePersistentAppUI", "elasticmapreduce:DescribeReleaseLabel", "elasticmapreduce:DescribeRepository", "elasticmapreduce:DescribeSecurityConfiguration", "elasticmapreduce:DescribeStep", "elasticmapreduce:DescribeStudio", "elasticmapreduce:DetachEditor", "elasticmapreduce:GetAutoTerminationPolicy", "elasticmapreduce:GetBlockPublicAccessConfiguration", "elasticmapreduce:GetClusterSessionCredentials", "elasticmapreduce:GetManagedScalingPolicy", "elasticmapreduce:GetOnClusterAppUIPresignedURL", "elasticmapreduce:GetPersistentAppUIPresignedURL", "elasticmapreduce:GetStudioSessionMapping", "elasticmapreduce:LinkRepository", "elasticmapreduce:ListBootstrapActions", "elasticmapreduce:ListClusters", "elasticmapreduce:ListEditors", "elasticmapreduce:ListInstanceFleets", "elasticmapreduce:ListInstanceGroups", "elasticmapreduce:ListInstances", "elasticmapreduce:ListNotebookExecutions", "elasticmapreduce:ListReleaseLabels", "elasticmapreduce:ListRepositories", "elasticmapreduce:ListSecurityConfigurations", "elasticmapreduce:ListSteps", "elasticmapreduce:ListStudioSessionMappings", "elasticmapreduce:ListStudios", "elasticmapreduce:ListSupportedInstanceTypes", "elasticmapreduce:ListWorkspaceAccessIdentities", "elasticmapreduce:ModifyCluster", "elasticmapreduce:ModifyInstanceFleet", "elasticmapreduce:ModifyInstanceGroups", "elasticmapreduce:OpenEditorInConsole", "elasticmapreduce:PutAutoScalingPolicy", "elasticmapreduce:PutAutoTerminationPolicy", "elasticmapreduce:PutBlockPublicAccessConfiguration", "elasticmapreduce:PutManagedScalingPolicy", "elasticmapreduce:PutWorkspaceAccess", "elasticmapreduce:RemoveAutoScalingPolicy", "elasticmapreduce:RemoveAutoTerminationPolicy", "elasticmapreduce:RemoveManagedScalingPolicy", "elasticmapreduce:RemoveTags", "elasticmapreduce:RunJobFlow", "elasticmapreduce:SetKeepJobFlowAliveWhenNoSteps", "elasticmapreduce:SetTerminationProtection", "elasticmapreduce:SetUnhealthyNodeReplacement", "elasticmapreduce:SetVisibleToAllUsers", "elasticmapreduce:StartEditor", "elasticmapreduce:StartNotebookExecution", "elasticmapreduce:StopEditor", "elasticmapreduce:StopNotebookExecution", "elasticmapreduce:TerminateJobFlows", "elasticmapreduce:UnlinkRepository", "elasticmapreduce:UpdateEditor", "elasticmapreduce:UpdateRepository", "elasticmapreduce:UpdateStudio", "elasticmapreduce:UpdateStudioSessionMapping", "elasticmapreduce:ViewEventsFromAllClustersInConsole", "elastictranscoder:CancelJob", "elastictranscoder:CreateJob", "elastictranscoder:CreatePipeline", "elastictranscoder:CreatePreset", "elastictranscoder:DeletePipeline", "elastictranscoder:DeletePreset", "elastictranscoder:ListJobsByPipeline", "elastictranscoder:ListJobsByStatus", "elastictranscoder:ListPipelines", "elastictranscoder:ListPresets", "elastictranscoder:ReadJob", "elastictranscoder:ReadPipeline", "elastictranscoder:ReadPreset", "elastictranscoder:TestRole", "elastictranscoder:UpdatePipeline", "elastictranscoder:UpdatePipelineNotifications", "elastictranscoder:UpdatePipelineStatus", "elemental-activations:CompleteAccountRegistration", "elemental-activations:CompleteFileUpload", "elemental-activations:DownloadSoftware", "elemental-activations:GenerateLicenses", "elemental-activations:GetActivation", "elemental-activations:ListTagsForResource", "elemental-activations:StartAccountRegistration", "elemental-activations:StartFileUpload", "elemental-activations:TagResource", "elemental-activations:UntagResource", "elemental-appliances-software:CompleteUpload", "elemental-appliances-software:CreateOrderV1", "elemental-appliances-software:CreateQuote", "elemental-appliances-software:GetAvsCorrectAddress", "elemental-appliances-software:GetBillingAddresses", "elemental-appliances-software:GetDeliveryAddressesV2", "elemental-appliances-software:GetOrder", "elemental-appliances-software:GetOrdersV2", "elemental-appliances-software:GetQuote", "elemental-appliances-software:GetTaxes", "elemental-appliances-software:ListQuotes", "elemental-appliances-software:ListTagsForResource", "elemental-appliances-software:StartUpload", "elemental-appliances-software:SubmitOrderV1", "elemental-appliances-software:TagResource", "elemental-appliances-software:UntagResource", "elemental-appliances-software:UpdateQuote", "elemental-support-cases:CheckCasePermission", "elemental-support-cases:CreateCase", "elemental-support-cases:GetCase", "elemental-support-cases:GetCases", "elemental-support-cases:UpdateCase", "elemental-support-content:Query", "emr-containers:CancelJobRun", "emr-containers:CreateJobTemplate", "emr-containers:CreateManagedEndpoint", "emr-containers:CreateSecurityConfiguration", "emr-containers:CreateVirtualCluster", "emr-containers:DeleteJobTemplate", "emr-containers:DeleteManagedEndpoint", "emr-containers:DeleteVirtualCluster", "emr-containers:DescribeJobRun", "emr-containers:DescribeJobTemplate", "emr-containers:DescribeManagedEndpoint", "emr-containers:DescribeSecurityConfiguration", "emr-containers:DescribeVirtualCluster", "emr-containers:GetManagedEndpointSessionCredentials", "emr-containers:ListJobRuns", "emr-containers:ListJobTemplates", "emr-containers:ListManagedEndpoints", "emr-containers:ListSecurityConfigurations", "emr-containers:ListTagsForResource", "emr-containers:ListVirtualClusters", "emr-containers:StartJobRun", "emr-containers:TagResource", "emr-containers:UntagResource", "emr-serverless:AccessInteractiveEndpoints", "emr-serverless:CancelJobRun", "emr-serverless:CreateApplication", "emr-serverless:DeleteApplication", "emr-serverless:GetApplication", "emr-serverless:GetDashboardForJobRun", "emr-serverless:GetJobRun", "emr-serverless:ListApplications", "emr-serverless:ListJobRuns", "emr-serverless:ListTagsForResource", "emr-serverless:StartApplication", "emr-serverless:StartJobRun", "emr-serverless:StopApplication", "emr-serverless:TagResource", "emr-serverless:UntagResource", "emr-serverless:UpdateApplication", "entityresolution:AddPolicyStatement", "entityresolution:CreateIdMappingWorkflow", "entityresolution:CreateIdNamespace", "entityresolution:CreateMatchingWorkflow", "entityresolution:CreateSchemaMapping", "entityresolution:DeleteIdMappingWorkflow", "entityresolution:DeleteIdNamespace", "entityresolution:DeleteMatchingWorkflow", "entityresolution:DeletePolicyStatement", "entityresolution:DeleteSchemaMapping", "entityresolution:GetIdMappingJob", "entityresolution:GetIdMappingWorkflow", "entityresolution:GetIdNamespace", "entityresolution:GetMatchId", "entityresolution:GetMatchingJob", "entityresolution:GetMatchingWorkflow", "entityresolution:GetPolicy", "entityresolution:GetProviderService", "entityresolution:GetSchemaMapping", "entityresolution:ListIdMappingJobs", "entityresolution:ListIdMappingWorkflows", "entityresolution:ListIdNamespaces", "entityresolution:ListMatchingJobs", "entityresolution:ListMatchingWorkflows", "entityresolution:ListProviderServices", "entityresolution:ListSchemaMappings", "entityresolution:ListTagsForResource", "entityresolution:PutPolicy", "entityresolution:StartIdMappingJob", "entityresolution:StartMatchingJob", "entityresolution:TagResource", "entityresolution:UntagResource", "entityresolution:UpdateIdMappingWorkflow", "entityresolution:UpdateIdNamespace", "entityresolution:UpdateMatchingWorkflow", "entityresolution:UpdateSchemaMapping", "entityresolution:UseIdNamespace", "es:AcceptInboundConnection", "es:AcceptInboundCrossClusterSearchConnection", "es:AddDataSource", "es:AddTags", "es:AssociatePackage", "es:AuthorizeVpcEndpointAccess", "es:CancelDomainConfigChange", "es:CancelElasticsearchServiceSoftwareUpdate", "es:CancelServiceSoftwareUpdate", "es:CreateDomain", "es:CreateElasticsearchDomain", "es:CreateElasticsearchServiceRole", "es:CreateOutboundConnection", "es:CreateOutboundCrossClusterSearchConnection", "es:CreatePackage", "es:CreateServiceRole", "es:CreateVpcEndpoint", "es:DeleteDataSource", "es:DeleteDomain", "es:DeleteElasticsearchDomain", "es:DeleteElasticsearchServiceRole", "es:DeleteInboundConnection", "es:DeleteInboundCrossClusterSearchConnection", "es:DeleteOutboundConnection", "es:DeleteOutboundCrossClusterSearchConnection", "es:DeletePackage", "es:DeleteVpcEndpoint", "es:DescribeDomain", "es:DescribeDomainAutoTunes", "es:DescribeDomainChangeProgress", "es:DescribeDomainConfig", "es:DescribeDomainHealth", "es:DescribeDomainNodes", "es:DescribeDomains", "es:DescribeDryRunProgress", "es:DescribeElasticsearchDomain", "es:DescribeElasticsearchDomainConfig", "es:DescribeElasticsearchDomains", "es:DescribeElasticsearchInstanceTypeLimits", "es:DescribeInboundConnections", "es:DescribeInboundCrossClusterSearchConnections", "es:DescribeInstanceTypeLimits", "es:DescribeOutboundConnections", "es:DescribeOutboundCrossClusterSearchConnections", "es:DescribePackages", "es:DescribeReservedElasticsearchInstanceOfferings", "es:DescribeReservedElasticsearchInstances", "es:DescribeReservedInstanceOfferings", "es:DescribeReservedInstances", "es:DescribeVpcEndpoints", "es:DissociatePackage", "es:ESCrossClusterGet", "es:ESHttpDelete", "es:ESHttpGet", "es:ESHttpHead", "es:ESHttpPatch", "es:ESHttpPost", "es:ESHttpPut", "es:GetCompatibleElasticsearchVersions", "es:GetCompatibleVersions", "es:GetDataSource", "es:GetDomainMaintenanceStatus", "es:GetPackageVersionHistory", "es:GetUpgradeHistory", "es:GetUpgradeStatus", "es:ListDataSources", "es:ListDomainMaintenances", "es:ListDomainNames", "es:ListDomainsForPackage", "es:ListElasticsearchInstanceTypeDetails", "es:ListElasticsearchInstanceTypes", "es:ListElasticsearchVersions", "es:ListInstanceTypeDetails", "es:ListPackagesForDomain", "es:ListScheduledActions", "es:ListTags", "es:ListVersions", "es:ListVpcEndpointAccess", "es:ListVpcEndpoints", "es:ListVpcEndpointsForDomain", "es:PurchaseReservedElasticsearchInstanceOffering", "es:PurchaseReservedInstanceOffering", "es:RejectInboundConnection", "es:RejectInboundCrossClusterSearchConnection", "es:RemoveTags", "es:RevokeVpcEndpointAccess", "es:StartDomainMaintenance", "es:StartElasticsearchServiceSoftwareUpdate", "es:StartServiceSoftwareUpdate", "es:UpdateDataSource", "es:UpdateDomainConfig", "es:UpdateElasticsearchDomainConfig", "es:UpdatePackage", "es:UpdateScheduledAction", "es:UpdateVpcEndpoint", "es:UpgradeDomain", "es:UpgradeElasticsearchDomain", "events:ActivateEventSource", "events:CancelReplay", "events:CreateApiDestination", "events:CreateArchive", "events:CreateConnection", "events:CreateEndpoint", "events:CreateEventBus", "events:CreatePartnerEventSource", "events:DeactivateEventSource", "events:DeauthorizeConnection", "events:DeleteApiDestination", "events:DeleteArchive", "events:DeleteConnection", "events:DeleteEndpoint", "events:DeleteEventBus", "events:DeletePartnerEventSource", "events:DeleteRule", "events:DescribeApiDestination", "events:DescribeArchive", "events:DescribeConnection", "events:DescribeEndpoint", "events:DescribeEventBus", "events:DescribeEventSource", "events:DescribePartnerEventSource", "events:DescribeReplay", "events:DescribeRule", "events:DisableRule", "events:EnableRule", "events:InvokeApiDestination", "events:ListApiDestinations", "events:ListArchives", "events:ListConnections", "events:ListEndpoints", "events:ListEventBuses", "events:ListEventSources", "events:ListPartnerEventSourceAccounts", "events:ListPartnerEventSources", "events:ListReplays", "events:ListRuleNamesByTarget", "events:ListRules", "events:ListTagsForResource", "events:ListTargetsByRule", "events:PutEvents", "events:PutPartnerEvents", "events:PutPermission", "events:PutRule", "events:PutTargets", "events:RemovePermission", "events:RemoveTargets", "events:RetrieveConnectionCredentials", "events:StartReplay", "events:TagResource", "events:TestEventPattern", "events:UntagResource", "events:UpdateApiDestination", "events:UpdateArchive", "events:UpdateConnection", "events:UpdateEndpoint", "evidently:BatchEvaluateFeature", "evidently:CreateExperiment", "evidently:CreateFeature", "evidently:CreateLaunch", "evidently:CreateProject", "evidently:CreateSegment", "evidently:DeleteExperiment", "evidently:DeleteFeature", "evidently:DeleteLaunch", "evidently:DeleteProject", "evidently:DeleteSegment", "evidently:EvaluateFeature", "evidently:GetExperiment", "evidently:GetExperimentResults", "evidently:GetFeature", "evidently:GetLaunch", "evidently:GetProject", "evidently:GetSegment", "evidently:ListExperiments", "evidently:ListFeatures", "evidently:ListLaunches", "evidently:ListProjects", "evidently:ListSegmentReferences", "evidently:ListSegments", "evidently:ListTagsForResource", "evidently:PutProjectEvents", "evidently:StartExperiment", "evidently:StartLaunch", "evidently:StopExperiment", "evidently:StopLaunch", "evidently:TagResource", "evidently:TestSegmentPattern", "evidently:UntagResource", "evidently:UpdateExperiment", "evidently:UpdateFeature", "evidently:UpdateLaunch", "evidently:UpdateProject", "evidently:UpdateProjectDataDelivery", "execute-api:InvalidateCache", "execute-api:Invoke", "execute-api:ManageConnections", "finspace:ConnectKxCluster", "finspace:CreateEnvironment", "finspace:CreateKxChangeset", "finspace:CreateKxCluster", "finspace:CreateKxDatabase", "finspace:CreateKxDataview", "finspace:CreateKxEnvironment", "finspace:CreateKxScalingGroup", "finspace:CreateKxUser", "finspace:CreateKxVolume", "finspace:CreateUser", "finspace:DeleteEnvironment", "finspace:DeleteKxCluster", "finspace:DeleteKxClusterNode", "finspace:DeleteKxDatabase", "finspace:DeleteKxDataview", "finspace:DeleteKxEnvironment", "finspace:DeleteKxScalingGroup", "finspace:DeleteKxUser", "finspace:DeleteKxVolume", "finspace:GetEnvironment", "finspace:GetKxChangeset", "finspace:GetKxCluster", "finspace:GetKxConnectionString", "finspace:GetKxDatabase", "finspace:GetKxDataview", "finspace:GetKxEnvironment", "finspace:GetKxScalingGroup", "finspace:GetKxUser", "finspace:GetKxVolume", "finspace:GetLoadSampleDataSetGroupIntoEnvironmentStatus", "finspace:GetUser", "finspace:ListEnvironments", "finspace:ListKxChangesets", "finspace:ListKxClusterNodes", "finspace:ListKxClusters", "finspace:ListKxDatabases", "finspace:ListKxDataviews", "finspace:ListKxEnvironments", "finspace:ListKxScalingGroups", "finspace:ListKxUsers", "finspace:ListKxVolumes", "finspace:ListTagsForResource", "finspace:ListUsers", "finspace:LoadSampleDataSetGroupIntoEnvironment", "finspace:MountKxDatabase", "finspace:ResetUserPassword", "finspace:TagResource", "finspace:UntagResource", "finspace:UpdateEnvironment", "finspace:UpdateKxClusterCodeConfiguration", "finspace:UpdateKxClusterDatabases", "finspace:UpdateKxDatabase", "finspace:UpdateKxDataview", "finspace:UpdateKxEnvironment", "finspace:UpdateKxEnvironmentNetwork", "finspace:UpdateKxUser", "finspace:UpdateKxVolume", "finspace:UpdateUser", "finspace-api:AssociateUserToPermissionGroupV2", "finspace-api:CreateChangeset", "finspace-api:CreateDatasetV2", "finspace-api:CreatePermissionGroupV2", "finspace-api:CreateUserV2", "finspace-api:DeleteDatasetV2", "finspace-api:DeletePermissionGroupV2", "finspace-api:DisableUser", "finspace-api:DisassociateUserFromPermissionGroupV2", "finspace-api:EnableUser", "finspace-api:GetChangesetV2", "finspace-api:GetDataViewV2", "finspace-api:GetDatasetV2", "finspace-api:GetExternalDataViewAccessDetails", "finspace-api:GetPermissionGroup", "finspace-api:GetProgrammaticAccessCredentials", "finspace-api:GetUser", "finspace-api:GetWorkingLocation", "finspace-api:ListChangesetsV2", "finspace-api:ListDataViewsV2", "finspace-api:ListDatasetsV2", "finspace-api:ListPermissionGroupsByUserV2", "finspace-api:ListPermissionGroupsV2", "finspace-api:ListUsersByPermissionGroupV2", "finspace-api:ListUsersV2", "finspace-api:ResetUserPasswordV2", "finspace-api:UpdateDatasetV2", "finspace-api:UpdatePermissionGroupV2", "finspace-api:UpdateUserV2", "firehose:CreateDeliveryStream", "firehose:DeleteDeliveryStream", "firehose:DescribeDeliveryStream", "firehose:ListDeliveryStreams", "firehose:ListTagsForDeliveryStream", "firehose:PutRecord", "firehose:PutRecordBatch", "firehose:StartDeliveryStreamEncryption", "firehose:StopDeliveryStreamEncryption", "firehose:TagDeliveryStream", "firehose:UntagDeliveryStream", "firehose:UpdateDestination", "fis:CreateExperimentTemplate", "fis:CreateTargetAccountConfiguration", "fis:DeleteExperimentTemplate", "fis:DeleteTargetAccountConfiguration", "fis:GetAction", "fis:GetExperiment", "fis:GetExperimentTargetAccountConfiguration", "fis:GetExperimentTemplate", "fis:GetTargetAccountConfiguration", "fis:GetTargetResourceType", "fis:InjectApiInternalError", "fis:InjectApiThrottleError", "fis:InjectApiUnavailableError", "fis:ListActions", "fis:ListExperimentResolvedTargets", "fis:ListExperimentTargetAccountConfigurations", "fis:ListExperimentTemplates", "fis:ListExperiments", "fis:ListTagsForResource", "fis:ListTargetAccountConfigurations", "fis:ListTargetResourceTypes", "fis:StartExperiment", "fis:StopExperiment", "fis:TagResource", "fis:UntagResource", "fis:UpdateExperimentTemplate", "fis:UpdateTargetAccountConfiguration", "fms:AssociateAdminAccount", "fms:AssociateThirdPartyFirewall", "fms:BatchAssociateResource", "fms:BatchDisassociateResource", "fms:DeleteAppsList", "fms:DeleteNotificationChannel", "fms:DeletePolicy", "fms:DeleteProtocolsList", "fms:DeleteResourceSet", "fms:DisassociateAdminAccount", "fms:DisassociateThirdPartyFirewall", "fms:GetAdminAccount", "fms:GetAdminScope", "fms:GetAppsList", "fms:GetComplianceDetail", "fms:GetNotificationChannel", "fms:GetPolicy", "fms:GetProtectionStatus", "fms:GetProtocolsList", "fms:GetResourceSet", "fms:GetThirdPartyFirewallAssociationStatus", "fms:GetViolationDetails", "fms:ListAdminAccountsForOrganization", "fms:ListAdminsManagingAccount", "fms:ListAppsLists", "fms:ListComplianceStatus", "fms:ListDiscoveredResources", "fms:ListMemberAccounts", "fms:ListPolicies", "fms:ListProtocolsLists", "fms:ListResourceSetResources", "fms:ListResourceSets", "fms:ListTagsForResource", "fms:ListThirdPartyFirewallFirewallPolicies", "fms:PutAdminAccount", "fms:PutAppsList", "fms:PutNotificationChannel", "fms:PutPolicy", "fms:PutProtocolsList", "fms:PutResourceSet", "fms:TagResource", "fms:UntagResource", "forecast:CreateAutoPredictor", "forecast:CreateDataset", "forecast:CreateDatasetGroup", "forecast:CreateDatasetImportJob", "forecast:CreateExplainability", "forecast:CreateExplainabilityExport", "forecast:CreateForecast", "forecast:CreateForecastEndpoint", "forecast:CreateForecastExportJob", "forecast:CreateMonitor", "forecast:CreatePredictor", "forecast:CreatePredictorBacktestExportJob", "forecast:CreateWhatIfAnalysis", "forecast:CreateWhatIfForecast", "forecast:CreateWhatIfForecastExport", "forecast:DeleteDataset", "forecast:DeleteDatasetGroup", "forecast:DeleteDatasetImportJob", "forecast:DeleteExplainability", "forecast:DeleteExplainabilityExport", "forecast:DeleteForecast", "forecast:DeleteForecastEndpoint", "forecast:DeleteForecastExportJob", "forecast:DeleteMonitor", "forecast:DeletePredictor", "forecast:DeletePredictorBacktestExportJob", "forecast:DeleteResourceTree", "forecast:DeleteWhatIfAnalysis", "forecast:DeleteWhatIfForecast", "forecast:DeleteWhatIfForecastExport", "forecast:DescribeAutoPredictor", "forecast:DescribeDataset", "forecast:DescribeDatasetGroup", "forecast:DescribeDatasetImportJob", "forecast:DescribeExplainability", "forecast:DescribeExplainabilityExport", "forecast:DescribeForecast", "forecast:DescribeForecastEndpoint", "forecast:DescribeForecastExportJob", "forecast:DescribeMonitor", "forecast:DescribePredictor", "forecast:DescribePredictorBacktestExportJob", "forecast:DescribeWhatIfAnalysis", "forecast:DescribeWhatIfForecast", "forecast:DescribeWhatIfForecastExport", "forecast:GetAccuracyMetrics", "forecast:GetRecentForecastContext", "forecast:InvokeForecastEndpoint", "forecast:ListDatasetGroups", "forecast:ListDatasetImportJobs", "forecast:ListDatasets", "forecast:ListExplainabilities", "forecast:ListExplainabilityExports", "forecast:ListForecastExportJobs", "forecast:ListForecasts", "forecast:ListMonitorEvaluations", "forecast:ListMonitors", "forecast:ListPredictorBacktestExportJobs", "forecast:ListPredictors", "forecast:ListTagsForResource", "forecast:ListWhatIfAnalyses", "forecast:ListWhatIfForecastExports", "forecast:ListWhatIfForecasts", "forecast:QueryForecast", "forecast:QueryWhatIfForecast", "forecast:ResumeResource", "forecast:StopResource", "forecast:TagResource", "forecast:UntagResource", "forecast:UpdateDatasetGroup", "frauddetector:BatchCreateVariable", "frauddetector:BatchGetVariable", "frauddetector:CancelBatchImportJob", "frauddetector:CancelBatchPredictionJob", "frauddetector:CreateBatchImportJob", "frauddetector:CreateBatchPredictionJob", "frauddetector:CreateDetectorVersion", "frauddetector:CreateList", "frauddetector:CreateModel", "frauddetector:CreateModelVersion", "frauddetector:CreateRule", "frauddetector:CreateVariable", "frauddetector:DeleteBatchImportJob", "frauddetector:DeleteBatchPredictionJob", "frauddetector:DeleteDetector", "frauddetector:DeleteDetectorVersion", "frauddetector:DeleteEntityType", "frauddetector:DeleteEvent", "frauddetector:DeleteEventType", "frauddetector:DeleteEventsByEventType", "frauddetector:DeleteExternalModel", "frauddetector:DeleteLabel", "frauddetector:DeleteList", "frauddetector:DeleteModel", "frauddetector:DeleteModelVersion", "frauddetector:DeleteOutcome", "frauddetector:DeleteRule", "frauddetector:DeleteVariable", "frauddetector:DescribeDetector", "frauddetector:DescribeModelVersions", "frauddetector:GetBatchImportJobValidationReport", "frauddetector:GetBatchImportJobs", "frauddetector:GetBatchPredictionJobs", "frauddetector:GetDeleteEventsByEventTypeStatus", "frauddetector:GetDetectorVersion", "frauddetector:GetDetectors", "frauddetector:GetEntityTypes", "frauddetector:GetEvent", "frauddetector:GetEventPrediction", "frauddetector:GetEventPredictionMetadata", "frauddetector:GetEventTypes", "frauddetector:GetExternalModels", "frauddetector:GetKMSEncryptionKey", "frauddetector:GetLabels", "frauddetector:GetListElements", "frauddetector:GetListsMetadata", "frauddetector:GetModelVersion", "frauddetector:GetModels", "frauddetector:GetOutcomes", "frauddetector:GetRules", "frauddetector:GetVariables", "frauddetector:ListEventPredictions", "frauddetector:ListTagsForResource", "frauddetector:PutDetector", "frauddetector:PutEntityType", "frauddetector:PutEventType", "frauddetector:PutExternalModel", "frauddetector:PutKMSEncryptionKey", "frauddetector:PutLabel", "frauddetector:PutOutcome", "frauddetector:SendEvent", "frauddetector:TagResource", "frauddetector:UntagResource", "frauddetector:UpdateDetectorVersion", "frauddetector:UpdateDetectorVersionMetadata", "frauddetector:UpdateDetectorVersionStatus", "frauddetector:UpdateEventLabel", "frauddetector:UpdateList", "frauddetector:UpdateModel", "frauddetector:UpdateModelVersion", "frauddetector:UpdateModelVersionStatus", "frauddetector:UpdateRuleMetadata", "frauddetector:UpdateRuleVersion", "frauddetector:UpdateVariable", "freertos:CreateSoftwareConfiguration", "freertos:CreateSubscription", "freertos:DeleteSoftwareConfiguration", "freertos:DescribeHardwarePlatform", "freertos:DescribeSoftwareConfiguration", "freertos:DescribeSubscription", "freertos:GetEmpPatchUrl", "freertos:GetSoftwareURL", "freertos:GetSoftwareURLForConfiguration", "freertos:GetSubscriptionBillingAmount", "freertos:ListFreeRTOSVersions", "freertos:ListHardwarePlatforms", "freertos:ListHardwareVendors", "freertos:ListSoftwareConfigurations", "freertos:ListSoftwarePatches", "freertos:ListSubscriptionEmails", "freertos:ListSubscriptions", "freertos:UpdateEmailRecipients", "freertos:UpdateSoftwareConfiguration", "freertos:VerifyEmail", "freetier:GetFreeTierAlertPreference", "freetier:GetFreeTierUsage", "freetier:PutFreeTierAlertPreference", "fsx:AssociateFileGateway", "fsx:AssociateFileSystemAliases", "fsx:BypassSnaplockEnterpriseRetention", "fsx:CancelDataRepositoryTask", "fsx:CopyBackup", "fsx:CopySnapshotAndUpdateVolume", "fsx:CreateBackup", "fsx:CreateDataRepositoryAssociation", "fsx:CreateDataRepositoryTask", "fsx:CreateFileCache", "fsx:CreateFileSystem", "fsx:CreateFileSystemFromBackup", "fsx:CreateSnapshot", "fsx:CreateStorageVirtualMachine", "fsx:CreateVolume", "fsx:CreateVolumeFromBackup", "fsx:DeleteBackup", "fsx:DeleteDataRepositoryAssociation", "fsx:DeleteFileCache", "fsx:DeleteFileSystem", "fsx:DeleteResourcePolicy", "fsx:DeleteSnapshot", "fsx:DeleteStorageVirtualMachine", "fsx:DeleteVolume", "fsx:DescribeAssociatedFileGateways", "fsx:DescribeBackups", "fsx:DescribeDataRepositoryAssociations", "fsx:DescribeDataRepositoryTasks", "fsx:DescribeFileCaches", "fsx:DescribeFileSystemAliases", "fsx:DescribeFileSystems", "fsx:DescribeSharedVpcConfiguration", "fsx:DescribeSnapshots", "fsx:DescribeStorageVirtualMachines", "fsx:DescribeVolumes", "fsx:DisassociateFileGateway", "fsx:DisassociateFileSystemAliases", "fsx:GetResourcePolicy", "fsx:ListTagsForResource", "fsx:ManageBackupPrincipalAssociations", "fsx:PutResourcePolicy", "fsx:ReleaseFileSystemNfsV3Locks", "fsx:RestoreVolumeFromSnapshot", "fsx:StartMisconfiguredStateRecovery", "fsx:TagResource", "fsx:UntagResource", "fsx:UpdateDataRepositoryAssociation", "fsx:UpdateFileCache", "fsx:UpdateFileSystem", "fsx:UpdateSharedVpcConfiguration", "fsx:UpdateSnapshot", "fsx:UpdateStorageVirtualMachine", "fsx:UpdateVolume", "gamelift:AcceptMatch", "gamelift:ClaimGameServer", "gamelift:CreateAlias", "gamelift:CreateBuild", "gamelift:CreateContainerGroupDefinition", "gamelift:CreateFleet", "gamelift:CreateFleetLocations", "gamelift:CreateGameServerGroup", "gamelift:CreateGameSession", "gamelift:CreateGameSessionQueue", "gamelift:CreateLocation", "gamelift:CreateMatchmakingConfiguration", "gamelift:CreateMatchmakingRuleSet", "gamelift:CreatePlayerSession", "gamelift:CreatePlayerSessions", "gamelift:CreateScript", "gamelift:CreateVpcPeeringAuthorization", "gamelift:CreateVpcPeeringConnection", "gamelift:DeleteAlias", "gamelift:DeleteBuild", "gamelift:DeleteContainerGroupDefinition", "gamelift:DeleteFleet", "gamelift:DeleteFleetLocations", "gamelift:DeleteGameServerGroup", "gamelift:DeleteGameSessionQueue", "gamelift:DeleteLocation", "gamelift:DeleteMatchmakingConfiguration", "gamelift:DeleteMatchmakingRuleSet", "gamelift:DeleteScalingPolicy", "gamelift:DeleteScript", "gamelift:DeleteVpcPeeringAuthorization", "gamelift:DeleteVpcPeeringConnection", "gamelift:DeregisterCompute", "gamelift:DeregisterGameServer", "gamelift:DescribeAlias", "gamelift:DescribeBuild", "gamelift:DescribeCompute", "gamelift:DescribeContainerGroupDefinition", "gamelift:DescribeEC2InstanceLimits", "gamelift:DescribeFleetAttributes", "gamelift:DescribeFleetCapacity", "gamelift:DescribeFleetEvents", "gamelift:DescribeFleetLocationAttributes", "gamelift:DescribeFleetLocationCapacity", "gamelift:DescribeFleetLocationUtilization", "gamelift:DescribeFleetPortSettings", "gamelift:DescribeFleetUtilization", "gamelift:DescribeGameServer", "gamelift:DescribeGameServerGroup", "gamelift:DescribeGameServerInstances", "gamelift:DescribeGameSessionDetails", "gamelift:DescribeGameSessionPlacement", "gamelift:DescribeGameSessionQueues", "gamelift:DescribeGameSessions", "gamelift:DescribeInstances", "gamelift:DescribeMatchmaking", "gamelift:DescribeMatchmakingConfigurations", "gamelift:DescribeMatchmakingRuleSets", "gamelift:DescribePlayerSessions", "gamelift:DescribeRuntimeConfiguration", "gamelift:DescribeScalingPolicies", "gamelift:DescribeScript", "gamelift:DescribeVpcPeeringAuthorizations", "gamelift:DescribeVpcPeeringConnections", "gamelift:GetComputeAccess", "gamelift:GetComputeAuthToken", "gamelift:GetGameSessionLogUrl", "gamelift:GetInstanceAccess", "gamelift:ListAliases", "gamelift:ListBuilds", "gamelift:ListCompute", "gamelift:ListContainerGroupDefinitions", "gamelift:ListFleets", "gamelift:ListGameServerGroups", "gamelift:ListGameServers", "gamelift:ListLocations", "gamelift:ListScripts", "gamelift:ListTagsForResource", "gamelift:PutScalingPolicy", "gamelift:RegisterCompute", "gamelift:RegisterGameServer", "gamelift:RequestUploadCredentials", "gamelift:ResolveAlias", "gamelift:ResumeGameServerGroup", "gamelift:SearchGameSessions", "gamelift:StartFleetActions", "gamelift:StartGameSessionPlacement", "gamelift:StartMatchBackfill", "gamelift:StartMatchmaking", "gamelift:StopFleetActions", "gamelift:StopGameSessionPlacement", "gamelift:StopMatchmaking", "gamelift:SuspendGameServerGroup", "gamelift:TagResource", "gamelift:UntagResource", "gamelift:UpdateAlias", "gamelift:UpdateBuild", "gamelift:UpdateFleetAttributes", "gamelift:UpdateFleetCapacity", "gamelift:UpdateFleetPortSettings", "gamelift:UpdateGameServer", "gamelift:UpdateGameServerGroup", "gamelift:UpdateGameSession", "gamelift:UpdateGameSessionQueue", "gamelift:UpdateMatchmakingConfiguration", "gamelift:UpdateRuntimeConfiguration", "gamelift:UpdateScript", "gamelift:ValidateMatchmakingRuleSet", "geo:AssociateTrackerConsumer", "geo:BatchDeleteDevicePositionHistory", "geo:BatchDeleteGeofence", "geo:BatchEvaluateGeofences", "geo:BatchGetDevicePosition", "geo:BatchPutGeofence", "geo:BatchUpdateDevicePosition", "geo:CalculateRoute", "geo:CalculateRouteMatrix", "geo:CreateGeofenceCollection", "geo:CreateKey", "geo:CreateMap", "geo:CreatePlaceIndex", "geo:CreateRouteCalculator", "geo:CreateTracker", "geo:DeleteGeofenceCollection", "geo:DeleteKey", "geo:DeleteMap", "geo:DeletePlaceIndex", "geo:DeleteRouteCalculator", "geo:DeleteTracker", "geo:DescribeGeofenceCollection", "geo:DescribeKey", "geo:DescribeMap", "geo:DescribePlaceIndex", "geo:DescribeRouteCalculator", "geo:DescribeTracker", "geo:DisassociateTrackerConsumer", "geo:GetDevicePosition", "geo:GetDevicePositionHistory", "geo:GetGeofence", "geo:GetMapGlyphs", "geo:GetMapSprites", "geo:GetMapStyleDescriptor", "geo:GetMapTile", "geo:GetPlace", "geo:ListDevicePositions", "geo:ListGeofenceCollections", "geo:ListGeofences", "geo:ListKeys", "geo:ListMaps", "geo:ListPlaceIndexes", "geo:ListRouteCalculators", "geo:ListTagsForResource", "geo:ListTrackerConsumers", "geo:ListTrackers", "geo:PutGeofence", "geo:SearchPlaceIndexForPosition", "geo:SearchPlaceIndexForSuggestions", "geo:SearchPlaceIndexForText", "geo:TagResource", "geo:UntagResource", "geo:UpdateGeofenceCollection", "geo:UpdateKey", "geo:UpdateMap", "geo:UpdatePlaceIndex", "geo:UpdateRouteCalculator", "geo:UpdateTracker", "glacier:AbortMultipartUpload", "glacier:AbortVaultLock", "glacier:AddTagsToVault", "glacier:CompleteMultipartUpload", "glacier:CompleteVaultLock", "glacier:CreateVault", "glacier:DeleteArchive", "glacier:DeleteVault", "glacier:DeleteVaultAccessPolicy", "glacier:DeleteVaultNotifications", "glacier:DescribeJob", "glacier:DescribeVault", "glacier:GetDataRetrievalPolicy", "glacier:GetJobOutput", "glacier:GetVaultAccessPolicy", "glacier:GetVaultLock", "glacier:GetVaultNotifications", "glacier:InitiateJob", "glacier:InitiateMultipartUpload", "glacier:InitiateVaultLock", "glacier:ListJobs", "glacier:ListMultipartUploads", "glacier:ListParts", "glacier:ListProvisionedCapacity", "glacier:ListTagsForVault", "glacier:ListVaults", "glacier:PurchaseProvisionedCapacity", "glacier:RemoveTagsFromVault", "glacier:SetDataRetrievalPolicy", "glacier:SetVaultAccessPolicy", "glacier:SetVaultNotifications", "glacier:UploadArchive", "glacier:UploadMultipartPart", "globalaccelerator:AddCustomRoutingEndpoints", "globalaccelerator:AddEndpoints", "globalaccelerator:AdvertiseByoipCidr", "globalaccelerator:AllowCustomRoutingTraffic", "globalaccelerator:CreateAccelerator", "globalaccelerator:CreateCrossAccountAttachment", "globalaccelerator:CreateCustomRoutingAccelerator", "globalaccelerator:CreateCustomRoutingEndpointGroup", "globalaccelerator:CreateCustomRoutingListener", "globalaccelerator:CreateEndpointGroup", "globalaccelerator:CreateListener", "globalaccelerator:DeleteAccelerator", "globalaccelerator:DeleteCrossAccountAttachment", "globalaccelerator:DeleteCustomRoutingAccelerator", "globalaccelerator:DeleteCustomRoutingEndpointGroup", "globalaccelerator:DeleteCustomRoutingListener", "globalaccelerator:DeleteEndpointGroup", "globalaccelerator:DeleteListener", "globalaccelerator:DenyCustomRoutingTraffic", "globalaccelerator:DeprovisionByoipCidr", "globalaccelerator:DescribeAccelerator", "globalaccelerator:DescribeAcceleratorAttributes", "globalaccelerator:DescribeCrossAccountAttachment", "globalaccelerator:DescribeCustomRoutingAccelerator", "globalaccelerator:DescribeCustomRoutingAcceleratorAttributes", "globalaccelerator:DescribeCustomRoutingEndpointGroup", "globalaccelerator:DescribeCustomRoutingListener", "globalaccelerator:DescribeEndpointGroup", "globalaccelerator:DescribeListener", "globalaccelerator:ListAccelerators", "globalaccelerator:ListByoipCidrs", "globalaccelerator:ListCrossAccountAttachments", "globalaccelerator:ListCrossAccountResourceAccounts", "globalaccelerator:ListCrossAccountResources", "globalaccelerator:ListCustomRoutingAccelerators", "globalaccelerator:ListCustomRoutingEndpointGroups", "globalaccelerator:ListCustomRoutingListeners", "globalaccelerator:ListCustomRoutingPortMappings", "globalaccelerator:ListCustomRoutingPortMappingsByDestination", "globalaccelerator:ListEndpointGroups", "globalaccelerator:ListListeners", "globalaccelerator:ListTagsForResource", "globalaccelerator:ProvisionByoipCidr", "globalaccelerator:RemoveCustomRoutingEndpoints", "globalaccelerator:RemoveEndpoints", "globalaccelerator:TagResource", "globalaccelerator:UntagResource", "globalaccelerator:UpdateAccelerator", "globalaccelerator:UpdateAcceleratorAttributes", "globalaccelerator:UpdateCrossAccountAttachment", "globalaccelerator:UpdateCustomRoutingAccelerator", "globalaccelerator:UpdateCustomRoutingAcceleratorAttributes", "globalaccelerator:UpdateCustomRoutingListener", "globalaccelerator:UpdateEndpointGroup", "globalaccelerator:UpdateListener", "globalaccelerator:WithdrawByoipCidr", "glue:BatchCreatePartition", "glue:BatchDeleteConnection", "glue:BatchDeletePartition", "glue:BatchDeleteTable", "glue:BatchDeleteTableVersion", "glue:BatchGetBlueprints", "glue:BatchGetCrawlers", "glue:BatchGetCustomEntityTypes", "glue:BatchGetDevEndpoints", "glue:BatchGetJobs", "glue:BatchGetPartition", "glue:BatchGetStageFiles", "glue:BatchGetTableOptimizer", "glue:BatchGetTriggers", "glue:BatchGetWorkflows", "glue:BatchStopJobRun", "glue:BatchUpdatePartition", "glue:CancelDataQualityRuleRecommendationRun", "glue:CancelDataQualityRulesetEvaluationRun", "glue:CancelMLTaskRun", "glue:CancelStatement", "glue:CheckSchemaVersionValidity", "glue:CreateBlueprint", "glue:CreateClassifier", "glue:CreateConnection", "glue:CreateCrawler", "glue:CreateCustomEntityType", "glue:CreateDataQualityRuleset", "glue:CreateDatabase", "glue:CreateDevEndpoint", "glue:CreateJob", "glue:CreateMLTransform", "glue:CreatePartition", "glue:CreatePartitionIndex", "glue:CreateRegistry", "glue:CreateSchema", "glue:CreateScript", "glue:CreateSecurityConfiguration", "glue:CreateSession", "glue:CreateTable", "glue:CreateTableOptimizer", "glue:CreateTrigger", "glue:CreateUserDefinedFunction", "glue:CreateWorkflow", "glue:DeleteBlueprint", "glue:DeleteClassifier", "glue:DeleteColumnStatisticsForPartition", "glue:DeleteColumnStatisticsForTable", "glue:DeleteConnection", "glue:DeleteCrawler", "glue:DeleteCustomEntityType", "glue:DeleteDataQualityRuleset", "glue:DeleteDatabase", "glue:DeleteDevEndpoint", "glue:DeleteJob", "glue:DeleteMLTransform", "glue:DeletePartition", "glue:DeletePartitionIndex", "glue:DeleteRegistry", "glue:DeleteResourcePolicy", "glue:DeleteSchema", "glue:DeleteSchemaVersions", "glue:DeleteSecurityConfiguration", "glue:DeleteSession", "glue:DeleteTable", "glue:DeleteTableOptimizer", "glue:DeleteTableVersion", "glue:DeleteTrigger", "glue:DeleteUserDefinedFunction", "glue:DeleteWorkflow", "glue:DeregisterDataPreview", "glue:GetBlueprint", "glue:GetBlueprintRun", "glue:GetBlueprintRuns", "glue:GetCatalogImportStatus", "glue:GetClassifier", "glue:GetClassifiers", "glue:GetColumnStatisticsForPartition", "glue:GetColumnStatisticsForTable", "glue:GetColumnStatisticsTaskRun", "glue:GetColumnStatisticsTaskRuns", "glue:GetCompletion", "glue:GetConnection", "glue:GetConnections", "glue:GetCrawler", "glue:GetCrawlerMetrics", "glue:GetCrawlers", "glue:GetCustomEntityType", "glue:GetDataCatalogEncryptionSettings", "glue:GetDataPreviewStatement", "glue:GetDataQualityResult", "glue:GetDataQualityRuleRecommendationRun", "glue:GetDataQualityRuleset", "glue:GetDataQualityRulesetEvaluationRun", "glue:GetDatabase", "glue:GetDatabases", "glue:GetDataflowGraph", "glue:GetDevEndpoint", "glue:GetDevEndpoints", "glue:GetEnvironment", "glue:GetExecutors", "glue:GetExecutorsThreads", "glue:GetJob", "glue:GetJobBookmark", "glue:GetJobRun", "glue:GetJobRuns", "glue:GetJobs", "glue:GetLogParsingStatus", "glue:GetMLTaskRun", "glue:GetMLTaskRuns", "glue:GetMLTransform", "glue:GetMLTransforms", "glue:GetMapping", "glue:GetNotebookInstanceStatus", "glue:GetPartition", "glue:GetPartitionIndexes", "glue:GetPartitionMetadata", "glue:GetPartitions", "glue:GetPlan", "glue:GetQueries", "glue:GetQuery", "glue:GetRegistry", "glue:GetResourcePolicies", "glue:GetResourcePolicy", "glue:GetSchema", "glue:GetSchemaByDefinition", "glue:GetSchemaVersion", "glue:GetSchemaVersionsDiff", "glue:GetSecurityConfiguration", "glue:GetSecurityConfigurations", "glue:GetSession", "glue:GetStage", "glue:GetStageAttempt", "glue:GetStageAttemptTaskList", "glue:GetStageAttemptTaskSummary", "glue:GetStageFiles", "glue:GetStages", "glue:GetStatement", "glue:GetStorage", "glue:GetStorageUnit", "glue:GetTable", "glue:GetTableOptimizer", "glue:GetTableVersion", "glue:GetTableVersions", "glue:GetTables", "glue:GetTags", "glue:GetTrigger", "glue:GetTriggers", "glue:GetUserDefinedFunction", "glue:GetUserDefinedFunctions", "glue:GetWorkflow", "glue:GetWorkflowRun", "glue:GetWorkflowRunProperties", "glue:GetWorkflowRuns", "glue:GlueNotebookAuthorize", "glue:GlueNotebookRefreshCredentials", "glue:ImportCatalogToGlue", "glue:ListBlueprints", "glue:ListColumnStatisticsTaskRuns", "glue:ListCrawlers", "glue:ListCrawls", "glue:ListCustomEntityTypes", "glue:ListDataQualityResults", "glue:ListDataQualityRuleRecommendationRuns", "glue:ListDataQualityRulesetEvaluationRuns", "glue:ListDataQualityRulesets", "glue:ListDevEndpoints", "glue:ListJobs", "glue:ListMLTransforms", "glue:ListRegistries", "glue:ListSchemaVersions", "glue:ListSchemas", "glue:ListSessions", "glue:ListStatements", "glue:ListTableOptimizerRuns", "glue:ListTriggers", "glue:ListWorkflows", "glue:NotifyEvent", "glue:PassConnection", "glue:PublishDataQuality", "glue:PutDataCatalogEncryptionSettings", "glue:PutResourcePolicy", "glue:PutSchemaVersionMetadata", "glue:PutWorkflowRunProperties", "glue:QuerySchemaVersionMetadata", "glue:RegisterSchemaVersion", "glue:RemoveSchemaVersionMetadata", "glue:RequestLogParsing", "glue:ResetJobBookmark", "glue:ResumeWorkflowRun", "glue:RunDataPreviewStatement", "glue:RunStatement", "glue:SearchTables", "glue:SendFeedback", "glue:StartBlueprintRun", "glue:StartColumnStatisticsTaskRun", "glue:StartCompletion", "glue:StartCrawler", "glue:StartCrawlerSchedule", "glue:StartDataQualityRuleRecommendationRun", "glue:StartDataQualityRulesetEvaluationRun", "glue:StartExportLabelsTaskRun", "glue:StartImportLabelsTaskRun", "glue:StartJobRun", "glue:StartMLEvaluationTaskRun", "glue:StartMLLabelingSetGenerationTaskRun", "glue:StartNotebook", "glue:StartTrigger", "glue:StartWorkflowRun", "glue:StopColumnStatisticsTaskRun", "glue:StopCrawler", "glue:StopCrawlerSchedule", "glue:StopSession", "glue:StopTrigger", "glue:StopWorkflowRun", "glue:TagResource", "glue:TerminateNotebook", "glue:TestConnection", "glue:UntagResource", "glue:UpdateBlueprint", "glue:UpdateClassifier", "glue:UpdateColumnStatisticsForPartition", "glue:UpdateColumnStatisticsForTable", "glue:UpdateConnection", "glue:UpdateCrawler", "glue:UpdateCrawlerSchedule", "glue:UpdateDataQualityRuleset", "glue:UpdateDatabase", "glue:UpdateDevEndpoint", "glue:UpdateJob", "glue:UpdateJobFromSourceControl", "glue:UpdateMLTransform", "glue:UpdatePartition", "glue:UpdateRegistry", "glue:UpdateSchema", "glue:UpdateSourceControlFromJob", "glue:UpdateTable", "glue:UpdateTableOptimizer", "glue:UpdateTrigger", "glue:UpdateUserDefinedFunction", "glue:UpdateWorkflow", "glue:UseGlueStudio", "glue:UseMLTransforms", "grafana:AssociateLicense", "grafana:CreateWorkspace", "grafana:CreateWorkspaceApiKey", "grafana:DeleteWorkspace", "grafana:DeleteWorkspaceApiKey", "grafana:DescribeWorkspace", "grafana:DescribeWorkspaceAuthentication", "grafana:DescribeWorkspaceConfiguration", "grafana:DisassociateLicense", "grafana:ListPermissions", "grafana:ListTagsForResource", "grafana:ListVersions", "grafana:ListWorkspaces", "grafana:TagResource", "grafana:UntagResource", "grafana:UpdatePermissions", "grafana:UpdateWorkspace", "grafana:UpdateWorkspaceAuthentication", "grafana:UpdateWorkspaceConfiguration", "greengrass:AssociateServiceRoleToAccount", "greengrass:BatchAssociateClientDeviceWithCoreDevice", "greengrass:BatchDisassociateClientDeviceFromCoreDevice", "greengrass:CancelDeployment", "greengrass:CreateComponentVersion", "greengrass:CreateDeployment", "greengrass:DeleteComponent", "greengrass:DeleteCoreDevice", "greengrass:DeleteDeployment", "greengrass:DescribeComponent", "greengrass:DisassociateServiceRoleFromAccount", "greengrass:GetComponent", "greengrass:GetComponentVersionArtifact", "greengrass:GetConnectivityInfo", "greengrass:GetCoreDevice", "greengrass:GetDeployment", "greengrass:GetServiceRoleForAccount", "greengrass:ListClientDevicesAssociatedWithCoreDevice", "greengrass:ListComponentVersions", "greengrass:ListComponents", "greengrass:ListCoreDevices", "greengrass:ListDeployments", "greengrass:ListEffectiveDeployments", "greengrass:ListInstalledComponents", "greengrass:ListTagsForResource", "greengrass:ResolveComponentCandidates", "greengrass:TagResource", "greengrass:UntagResource", "greengrass:UpdateConnectivityInfo", "greengrass:AssociateRoleToGroup", "greengrass:CreateConnectorDefinition", "greengrass:CreateConnectorDefinitionVersion", "greengrass:CreateCoreDefinition", "greengrass:CreateCoreDefinitionVersion", "greengrass:CreateDeviceDefinition", "greengrass:CreateDeviceDefinitionVersion", "greengrass:CreateFunctionDefinition", "greengrass:CreateFunctionDefinitionVersion", "greengrass:CreateGroup", "greengrass:CreateGroupCertificateAuthority", "greengrass:CreateGroupVersion", "greengrass:CreateLoggerDefinition", "greengrass:CreateLoggerDefinitionVersion", "greengrass:CreateResourceDefinition", "greengrass:CreateResourceDefinitionVersion", "greengrass:CreateSoftwareUpdateJob", "greengrass:CreateSubscriptionDefinition", "greengrass:CreateSubscriptionDefinitionVersion", "greengrass:DeleteConnectorDefinition", "greengrass:DeleteCoreDefinition", "greengrass:DeleteDeviceDefinition", "greengrass:DeleteFunctionDefinition", "greengrass:DeleteGroup", "greengrass:DeleteLoggerDefinition", "greengrass:DeleteResourceDefinition", "greengrass:DeleteSubscriptionDefinition", "greengrass:DisassociateRoleFromGroup", "greengrass:Discover", "greengrass:GetAssociatedRole", "greengrass:GetBulkDeploymentStatus", "greengrass:GetConnectorDefinition", "greengrass:GetConnectorDefinitionVersion", "greengrass:GetCoreDefinition", "greengrass:GetCoreDefinitionVersion", "greengrass:GetDeploymentStatus", "greengrass:GetDeviceDefinition", "greengrass:GetDeviceDefinitionVersion", "greengrass:GetFunctionDefinition", "greengrass:GetFunctionDefinitionVersion", "greengrass:GetGroup", "greengrass:GetGroupCertificateAuthority", "greengrass:GetGroupCertificateConfiguration", "greengrass:GetGroupVersion", "greengrass:GetLoggerDefinition", "greengrass:GetLoggerDefinitionVersion", "greengrass:GetResourceDefinition", "greengrass:GetResourceDefinitionVersion", "greengrass:GetSubscriptionDefinition", "greengrass:GetSubscriptionDefinitionVersion", "greengrass:GetThingRuntimeConfiguration", "greengrass:ListBulkDeploymentDetailedReports", "greengrass:ListBulkDeployments", "greengrass:ListConnectorDefinitionVersions", "greengrass:ListConnectorDefinitions", "greengrass:ListCoreDefinitionVersions", "greengrass:ListCoreDefinitions", "greengrass:ListDeviceDefinitionVersions", "greengrass:ListDeviceDefinitions", "greengrass:ListFunctionDefinitionVersions", "greengrass:ListFunctionDefinitions", "greengrass:ListGroupCertificateAuthorities", "greengrass:ListGroupVersions", "greengrass:ListGroups", "greengrass:ListLoggerDefinitionVersions", "greengrass:ListLoggerDefinitions", "greengrass:ListResourceDefinitionVersions", "greengrass:ListResourceDefinitions", "greengrass:ListSubscriptionDefinitionVersions", "greengrass:ListSubscriptionDefinitions", "greengrass:ResetDeployments", "greengrass:StartBulkDeployment", "greengrass:StopBulkDeployment", "greengrass:UpdateConnectorDefinition", "greengrass:UpdateCoreDefinition", "greengrass:UpdateDeviceDefinition", "greengrass:UpdateFunctionDefinition", "greengrass:UpdateGroup", "greengrass:UpdateGroupCertificateConfiguration", "greengrass:UpdateLoggerDefinition", "greengrass:UpdateResourceDefinition", "greengrass:UpdateSubscriptionDefinition", "greengrass:UpdateThingRuntimeConfiguration", "groundstation:CancelContact", "groundstation:CreateConfig", "groundstation:CreateDataflowEndpointGroup", "groundstation:CreateEphemeris", "groundstation:CreateMissionProfile", "groundstation:DeleteConfig", "groundstation:DeleteDataflowEndpointGroup", "groundstation:DeleteEphemeris", "groundstation:DeleteMissionProfile", "groundstation:DescribeContact", "groundstation:DescribeEphemeris", "groundstation:GetAgentConfiguration", "groundstation:GetConfig", "groundstation:GetDataflowEndpointGroup", "groundstation:GetMinuteUsage", "groundstation:GetMissionProfile", "groundstation:GetSatellite", "groundstation:ListConfigs", "groundstation:ListContacts", "groundstation:ListDataflowEndpointGroups", "groundstation:ListEphemerides", "groundstation:ListGroundStations", "groundstation:ListMissionProfiles", "groundstation:ListSatellites", "groundstation:ListTagsForResource", "groundstation:RegisterAgent", "groundstation:ReserveContact", "groundstation:TagResource", "groundstation:UntagResource", "groundstation:UpdateAgentStatus", "groundstation:UpdateConfig", "groundstation:UpdateEphemeris", "groundstation:UpdateMissionProfile", "groundtruthlabeling:AssociatePatchToManifestJob", "groundtruthlabeling:CreateBatch", "groundtruthlabeling:CreateIntakeForm", "groundtruthlabeling:CreateProject", "groundtruthlabeling:CreateWorkflowDefinition", "groundtruthlabeling:DescribeConsoleJob", "groundtruthlabeling:GenerateLIDARPreviewTaskConfigJob", "groundtruthlabeling:GetBatch", "groundtruthlabeling:GetIntakeFormStatus", "groundtruthlabeling:ListBatches", "groundtruthlabeling:ListDatasetObjects", "groundtruthlabeling:ListProjects", "groundtruthlabeling:RunFilterOrSampleDatasetJob", "groundtruthlabeling:RunGenerateManifestByCrawlingJob", "groundtruthlabeling:RunGenerateManifestMetricsJob", "groundtruthlabeling:UpdateBatch", "guardduty:AcceptAdministratorInvitation", "guardduty:AcceptInvitation", "guardduty:ArchiveFindings", "guardduty:CreateDetector", "guardduty:CreateFilter", "guardduty:CreateIPSet", "guardduty:CreateMembers", "guardduty:CreatePublishingDestination", "guardduty:CreateSampleFindings", "guardduty:CreateThreatIntelSet", "guardduty:DeclineInvitations", "guardduty:DeleteDetector", "guardduty:DeleteFilter", "guardduty:DeleteIPSet", "guardduty:DeleteInvitations", "guardduty:DeleteMembers", "guardduty:DeletePublishingDestination", "guardduty:DeleteThreatIntelSet", "guardduty:DescribeMalwareScans", "guardduty:DescribeOrganizationConfiguration", "guardduty:DescribePublishingDestination", "guardduty:DisableOrganizationAdminAccount", "guardduty:DisassociateFromAdministratorAccount", "guardduty:DisassociateFromMasterAccount", "guardduty:DisassociateMembers", "guardduty:EnableOrganizationAdminAccount", "guardduty:GetAdministratorAccount", "guardduty:GetCoverageStatistics", "guardduty:GetDetector", "guardduty:GetFilter", "guardduty:GetFindings", "guardduty:GetFindingsStatistics", "guardduty:GetIPSet", "guardduty:GetInvitationsCount", "guardduty:GetMalwareScanSettings", "guardduty:GetMasterAccount", "guardduty:GetMemberDetectors", "guardduty:GetMembers", "guardduty:GetOrganizationStatistics", "guardduty:GetRemainingFreeTrialDays", "guardduty:GetThreatIntelSet", "guardduty:GetUsageStatistics", "guardduty:InviteMembers", "guardduty:ListCoverage", "guardduty:ListDetectors", "guardduty:ListFilters", "guardduty:ListFindings", "guardduty:ListIPSets", "guardduty:ListInvitations", "guardduty:ListMembers", "guardduty:ListOrganizationAdminAccounts", "guardduty:ListPublishingDestinations", "guardduty:ListTagsForResource", "guardduty:ListThreatIntelSets", "guardduty:SendSecurityTelemetry", "guardduty:StartMalwareScan", "guardduty:StartMonitoringMembers", "guardduty:StopMonitoringMembers", "guardduty:TagResource", "guardduty:UnarchiveFindings", "guardduty:UntagResource", "guardduty:UpdateDetector", "guardduty:UpdateFilter", "guardduty:UpdateFindingsFeedback", "guardduty:UpdateIPSet", "guardduty:UpdateMalwareScanSettings", "guardduty:UpdateMemberDetectors", "guardduty:UpdateOrganizationConfiguration", "guardduty:UpdatePublishingDestination", "guardduty:UpdateThreatIntelSet", "health:DescribeAffectedAccountsForOrganization", "health:DescribeAffectedEntities", "health:DescribeAffectedEntitiesForOrganization", "health:DescribeEntityAggregates", "health:DescribeEntityAggregatesForOrganization", "health:DescribeEventAggregates", "health:DescribeEventDetails", "health:DescribeEventDetailsForOrganization", "health:DescribeEventTypes", "health:DescribeEvents", "health:DescribeEventsForOrganization", "health:DescribeHealthServiceStatusForOrganization", "health:DisableHealthServiceAccessForOrganization", "health:EnableHealthServiceAccessForOrganization", "healthlake:CreateFHIRDatastore", "healthlake:CreateResource", "healthlake:DeleteFHIRDatastore", "healthlake:DeleteResource", "healthlake:DescribeFHIRDatastore", "healthlake:DescribeFHIRExportJob", "healthlake:DescribeFHIRImportJob", "healthlake:GetCapabilities", "healthlake:ListFHIRDatastores", "healthlake:ListFHIRExportJobs", "healthlake:ListFHIRImportJobs", "healthlake:ListTagsForResource", "healthlake:ReadResource", "healthlake:SearchWithGet", "healthlake:SearchWithPost", "healthlake:StartFHIRExportJob", "healthlake:StartFHIRImportJob", "healthlake:TagResource", "healthlake:UntagResource", "healthlake:UpdateResource", "honeycode:ApproveTeamAssociation", "honeycode:BatchCreateTableRows", "honeycode:BatchDeleteTableRows", "honeycode:BatchUpdateTableRows", "honeycode:BatchUpsertTableRows", "honeycode:CreateTeam", "honeycode:CreateTenant", "honeycode:DeleteDomains", "honeycode:DeregisterGroups", "honeycode:DescribeTableDataImportJob", "honeycode:DescribeTeam", "honeycode:GetScreenData", "honeycode:InvokeScreenAutomation", "honeycode:ListDomains", "honeycode:ListGroups", "honeycode:ListTableColumns", "honeycode:ListTableRows", "honeycode:ListTables", "honeycode:ListTagsForResource", "honeycode:ListTeamAssociations", "honeycode:ListTenants", "honeycode:QueryTableRows", "honeycode:RegisterDomainForVerification", "honeycode:RegisterGroups", "honeycode:RejectTeamAssociation", "honeycode:RestartDomainVerification", "honeycode:StartTableDataImportJob", "honeycode:TagResource", "honeycode:UntagResource", "honeycode:UpdateTeam", "identity-sync:AllowVendedLogDeliveryForResource", "identity-sync:CreateSyncFilter", "identity-sync:CreateSyncProfile", "identity-sync:CreateSyncTarget", "identity-sync:DeleteSyncFilter", "identity-sync:DeleteSyncProfile", "identity-sync:DeleteSyncTarget", "identity-sync:GetSyncProfile", "identity-sync:GetSyncTarget", "identity-sync:ListSyncFilters", "identity-sync:StartSync", "identity-sync:StopSync", "identity-sync:UpdateSyncTarget", "identitystore:CreateGroup", "identitystore:CreateGroupMembership", "identitystore:CreateUser", "identitystore:DeleteGroup", "identitystore:DeleteGroupMembership", "identitystore:DeleteUser", "identitystore:DescribeGroup", "identitystore:DescribeGroupMembership", "identitystore:DescribeUser", "identitystore:GetGroupId", "identitystore:GetGroupMembershipId", "identitystore:GetUserId", "identitystore:IsMemberInGroups", "identitystore:ListGroupMemberships", "identitystore:ListGroupMembershipsForMember", "identitystore:ListGroups", "identitystore:ListUsers", "identitystore:UpdateGroup", "identitystore:UpdateUser", "identitystore-auth:BatchDeleteSession", "identitystore-auth:BatchGetSession", "identitystore-auth:ListSessions", "imagebuilder:CancelImageCreation", "imagebuilder:CancelLifecycleExecution", "imagebuilder:CreateComponent", "imagebuilder:CreateContainerRecipe", "imagebuilder:CreateDistributionConfiguration", "imagebuilder:CreateImage", "imagebuilder:CreateImagePipeline", "imagebuilder:CreateImageRecipe", "imagebuilder:CreateInfrastructureConfiguration", "imagebuilder:CreateLifecyclePolicy", "imagebuilder:CreateWorkflow", "imagebuilder:DeleteComponent", "imagebuilder:DeleteContainerRecipe", "imagebuilder:DeleteDistributionConfiguration", "imagebuilder:DeleteImage", "imagebuilder:DeleteImagePipeline", "imagebuilder:DeleteImageRecipe", "imagebuilder:DeleteInfrastructureConfiguration", "imagebuilder:DeleteLifecyclePolicy", "imagebuilder:DeleteWorkflow", "imagebuilder:GetComponent", "imagebuilder:GetComponentPolicy", "imagebuilder:GetContainerRecipe", "imagebuilder:GetContainerRecipePolicy", "imagebuilder:GetDistributionConfiguration", "imagebuilder:GetImage", "imagebuilder:GetImagePipeline", "imagebuilder:GetImagePolicy", "imagebuilder:GetImageRecipe", "imagebuilder:GetImageRecipePolicy", "imagebuilder:GetInfrastructureConfiguration", "imagebuilder:GetLifecycleExecution", "imagebuilder:GetLifecyclePolicy", "imagebuilder:GetWorkflow", "imagebuilder:GetWorkflowExecution", "imagebuilder:GetWorkflowStepExecution", "imagebuilder:ImportComponent", "imagebuilder:ImportVmImage", "imagebuilder:ListComponentBuildVersions", "imagebuilder:ListComponents", "imagebuilder:ListContainerRecipes", "imagebuilder:ListDistributionConfigurations", "imagebuilder:ListImageBuildVersions", "imagebuilder:ListImagePackages", "imagebuilder:ListImagePipelineImages", "imagebuilder:ListImagePipelines", "imagebuilder:ListImageRecipes", "imagebuilder:ListImageScanFindingAggregations", "imagebuilder:ListImageScanFindings", "imagebuilder:ListImages", "imagebuilder:ListInfrastructureConfigurations", "imagebuilder:ListLifecycleExecutionResources", "imagebuilder:ListLifecycleExecutions", "imagebuilder:ListLifecyclePolicies", "imagebuilder:ListTagsForResource", "imagebuilder:ListWaitingWorkflowSteps", "imagebuilder:ListWorkflowBuildVersions", "imagebuilder:ListWorkflowExecutions", "imagebuilder:ListWorkflowStepExecutions", "imagebuilder:ListWorkflows", "imagebuilder:PutComponentPolicy", "imagebuilder:PutContainerRecipePolicy", "imagebuilder:PutImagePolicy", "imagebuilder:PutImageRecipePolicy", "imagebuilder:SendWorkflowStepAction", "imagebuilder:StartImagePipelineExecution", "imagebuilder:StartResourceStateUpdate", "imagebuilder:TagResource", "imagebuilder:UntagResource", "imagebuilder:UpdateDistributionConfiguration", "imagebuilder:UpdateImagePipeline", "imagebuilder:UpdateInfrastructureConfiguration", "imagebuilder:UpdateLifecyclePolicy", "importexport:CancelJob", "importexport:CreateJob", "importexport:GetShippingLabel", "importexport:GetStatus", "importexport:ListJobs", "importexport:UpdateJob", "inspector:AddAttributesToFindings", "inspector:CreateAssessmentTarget", "inspector:CreateAssessmentTemplate", "inspector:CreateExclusionsPreview", "inspector:CreateResourceGroup", "inspector:DeleteAssessmentRun", "inspector:DeleteAssessmentTarget", "inspector:DeleteAssessmentTemplate", "inspector:DescribeAssessmentRuns", "inspector:DescribeAssessmentTargets", "inspector:DescribeAssessmentTemplates", "inspector:DescribeCrossAccountAccessRole", "inspector:DescribeExclusions", "inspector:DescribeFindings", "inspector:DescribeResourceGroups", "inspector:DescribeRulesPackages", "inspector:GetAssessmentReport", "inspector:GetExclusionsPreview", "inspector:GetTelemetryMetadata", "inspector:ListAssessmentRunAgents", "inspector:ListAssessmentRuns", "inspector:ListAssessmentTargets", "inspector:ListAssessmentTemplates", "inspector:ListEventSubscriptions", "inspector:ListExclusions", "inspector:ListFindings", "inspector:ListRulesPackages", "inspector:ListTagsForResource", "inspector:PreviewAgents", "inspector:RegisterCrossAccountAccessRole", "inspector:RemoveAttributesFromFindings", "inspector:SetTagsForResource", "inspector:StartAssessmentRun", "inspector:StopAssessmentRun", "inspector:SubscribeToEvent", "inspector:UnsubscribeFromEvent", "inspector:UpdateAssessmentTarget", "inspector-scan:ScanSbom", "inspector2:AssociateMember", "inspector2:BatchGetAccountStatus", "inspector2:BatchGetCodeSnippet", "inspector2:BatchGetFindingDetails", "inspector2:BatchGetFreeTrialInfo", "inspector2:BatchGetMemberEc2DeepInspectionStatus", "inspector2:BatchUpdateMemberEc2DeepInspectionStatus", "inspector2:CancelFindingsReport", "inspector2:CancelSbomExport", "inspector2:CreateCisScanConfiguration", "inspector2:CreateFilter", "inspector2:CreateFindingsReport", "inspector2:CreateSbomExport", "inspector2:DeleteCisScanConfiguration", "inspector2:DeleteFilter", "inspector2:DescribeOrganizationConfiguration", "inspector2:Disable", "inspector2:DisableDelegatedAdminAccount", "inspector2:DisassociateMember", "inspector2:Enable", "inspector2:EnableDelegatedAdminAccount", "inspector2:GetCisScanReport", "inspector2:GetCisScanResultDetails", "inspector2:GetConfiguration", "inspector2:GetDelegatedAdminAccount", "inspector2:GetEc2DeepInspectionConfiguration", "inspector2:GetEncryptionKey", "inspector2:GetFindingsReportStatus", "inspector2:GetMember", "inspector2:GetSbomExport", "inspector2:ListAccountPermissions", "inspector2:ListCisScanConfigurations", "inspector2:ListCisScanResultsAggregatedByChecks", "inspector2:ListCisScanResultsAggregatedByTargetResource", "inspector2:ListCisScans", "inspector2:ListCoverage", "inspector2:ListCoverageStatistics", "inspector2:ListDelegatedAdminAccounts", "inspector2:ListFilters", "inspector2:ListFindingAggregations", "inspector2:ListFindings", "inspector2:ListMembers", "inspector2:ListTagsForResource", "inspector2:ListUsageTotals", "inspector2:ResetEncryptionKey", "inspector2:SearchVulnerabilities", "inspector2:SendCisSessionHealth", "inspector2:SendCisSessionTelemetry", "inspector2:StartCisSession", "inspector2:StopCisSession", "inspector2:TagResource", "inspector2:UntagResource", "inspector2:UpdateCisScanConfiguration", "inspector2:UpdateConfiguration", "inspector2:UpdateEc2DeepInspectionConfiguration", "inspector2:UpdateEncryptionKey", "inspector2:UpdateFilter", "inspector2:UpdateOrgEc2DeepInspectionConfiguration", "inspector2:UpdateOrganizationConfiguration", "internetmonitor:CreateMonitor", "internetmonitor:DeleteMonitor", "internetmonitor:GetHealthEvent", "internetmonitor:GetInternetEvent", "internetmonitor:GetMonitor", "internetmonitor:GetQueryResults", "internetmonitor:GetQueryStatus", "internetmonitor:Link", "internetmonitor:ListHealthEvents", "internetmonitor:ListInternetEvents", "internetmonitor:ListMonitors", "internetmonitor:ListTagsForResource", "internetmonitor:StartQuery", "internetmonitor:StopQuery", "internetmonitor:TagResource", "internetmonitor:UntagResource", "internetmonitor:UpdateMonitor", "invoicing:GetInvoiceEmailDeliveryPreferences", "invoicing:GetInvoicePDF", "invoicing:ListInvoiceSummaries", "invoicing:PutInvoiceEmailDeliveryPreferences", "iot:AcceptCertificateTransfer", "iot:AddThingToBillingGroup", "iot:AddThingToThingGroup", "iot:AssociateTargetsWithJob", "iot:AttachPolicy", "iot:AttachPrincipalPolicy", "iot:AttachSecurityProfile", "iot:AttachThingPrincipal", "iot:CancelAuditMitigationActionsTask", "iot:CancelAuditTask", "iot:CancelCertificateTransfer", "iot:CancelDetectMitigationActionsTask", "iot:CancelJob", "iot:CancelJobExecution", "iot:ClearDefaultAuthorizer", "iot:CloseTunnel", "iot:ConfirmTopicRuleDestination", "iot:Connect", "iot:CreateAuditSuppression", "iot:CreateAuthorizer", "iot:CreateBillingGroup", "iot:CreateCertificateFromCsr", "iot:CreateCertificateProvider", "iot:CreateCustomMetric", "iot:CreateDimension", "iot:CreateDomainConfiguration", "iot:CreateDynamicThingGroup", "iot:CreateFleetMetric", "iot:CreateJob", "iot:CreateJobTemplate", "iot:CreateKeysAndCertificate", "iot:CreateMitigationAction", "iot:CreateOTAUpdate", "iot:CreatePackage", "iot:CreatePackageVersion", "iot:CreatePolicy", "iot:CreatePolicyVersion", "iot:CreateProvisioningClaim", "iot:CreateProvisioningTemplate", "iot:CreateProvisioningTemplateVersion", "iot:CreateRoleAlias", "iot:CreateScheduledAudit", "iot:CreateSecurityProfile", "iot:CreateStream", "iot:CreateThing", "iot:CreateThingGroup", "iot:CreateThingType", "iot:CreateTopicRule", "iot:CreateTopicRuleDestination", "iot:DeleteAccountAuditConfiguration", "iot:DeleteAuditSuppression", "iot:DeleteAuthorizer", "iot:DeleteBillingGroup", "iot:DeleteCACertificate", "iot:DeleteCertificate", "iot:DeleteCertificateProvider", "iot:DeleteCustomMetric", "iot:DeleteDimension", "iot:DeleteDomainConfiguration", "iot:DeleteDynamicThingGroup", "iot:DeleteFleetMetric", "iot:DeleteJob", "iot:DeleteJobExecution", "iot:DeleteJobTemplate", "iot:DeleteMitigationAction", "iot:DeleteOTAUpdate", "iot:DeletePackage", "iot:DeletePackageVersion", "iot:DeletePolicy", "iot:DeletePolicyVersion", "iot:DeleteProvisioningTemplate", "iot:DeleteProvisioningTemplateVersion", "iot:DeleteRegistrationCode", "iot:DeleteRoleAlias", "iot:DeleteScheduledAudit", "iot:DeleteSecurityProfile", "iot:DeleteStream", "iot:DeleteThing", "iot:DeleteThingGroup", "iot:DeleteThingShadow", "iot:DeleteThingType", "iot:DeleteTopicRule", "iot:DeleteTopicRuleDestination", "iot:DeleteV2LoggingLevel", "iot:DeprecateThingType", "iot:DescribeAccountAuditConfiguration", "iot:DescribeAuditFinding", "iot:DescribeAuditMitigationActionsTask", "iot:DescribeAuditSuppression", "iot:DescribeAuditTask", "iot:DescribeAuthorizer", "iot:DescribeBillingGroup", "iot:DescribeCACertificate", "iot:DescribeCertificate", "iot:DescribeCertificateProvider", "iot:DescribeCustomMetric", "iot:DescribeDefaultAuthorizer", "iot:DescribeDetectMitigationActionsTask", "iot:DescribeDimension", "iot:DescribeDomainConfiguration", "iot:DescribeEndpoint", "iot:DescribeEventConfigurations", "iot:DescribeFleetMetric", "iot:DescribeIndex", "iot:DescribeJob", "iot:DescribeJobExecution", "iot:DescribeJobTemplate", "iot:DescribeManagedJobTemplate", "iot:DescribeMitigationAction", "iot:DescribeProvisioningTemplate", "iot:DescribeProvisioningTemplateVersion", "iot:DescribeRoleAlias", "iot:DescribeScheduledAudit", "iot:DescribeSecurityProfile", "iot:DescribeStream", "iot:DescribeThing", "iot:DescribeThingGroup", "iot:DescribeThingRegistrationTask", "iot:DescribeThingType", "iot:DescribeTunnel", "iot:DetachPolicy", "iot:DetachPrincipalPolicy", "iot:DetachSecurityProfile", "iot:DetachThingPrincipal", "iot:DisableTopicRule", "iot:EnableTopicRule", "iot:GetBehaviorModelTrainingSummaries", "iot:GetBucketsAggregation", "iot:GetCardinality", "iot:GetEffectivePolicies", "iot:GetIndexingConfiguration", "iot:GetJobDocument", "iot:GetLoggingOptions", "iot:GetOTAUpdate", "iot:GetPackage", "iot:GetPackageConfiguration", "iot:GetPackageVersion", "iot:GetPercentiles", "iot:GetPolicy", "iot:GetPolicyVersion", "iot:GetRegistrationCode", "iot:GetRetainedMessage", "iot:GetStatistics", "iot:GetThingShadow", "iot:GetTopicRule", "iot:GetTopicRuleDestination", "iot:GetV2LoggingOptions", "iot:ListActiveViolations", "iot:ListAttachedPolicies", "iot:ListAuditFindings", "iot:ListAuditMitigationActionsExecutions", "iot:ListAuditMitigationActionsTasks", "iot:ListAuditSuppressions", "iot:ListAuditTasks", "iot:ListAuthorizers", "iot:ListBillingGroups", "iot:ListCACertificates", "iot:ListCertificateProviders", "iot:ListCertificates", "iot:ListCertificatesByCA", "iot:ListCustomMetrics", "iot:ListDetectMitigationActionsExecutions", "iot:ListDetectMitigationActionsTasks", "iot:ListDimensions", "iot:ListDomainConfigurations", "iot:ListFleetMetrics", "iot:ListIndices", "iot:ListJobExecutionsForJob", "iot:ListJobExecutionsForThing", "iot:ListJobTemplates", "iot:ListJobs", "iot:ListManagedJobTemplates", "iot:ListMetricValues", "iot:ListMitigationActions", "iot:ListNamedShadowsForThing", "iot:ListOTAUpdates", "iot:ListOutgoingCertificates", "iot:ListPackageVersions", "iot:ListPackages", "iot:ListPolicies", "iot:ListPolicyPrincipals", "iot:ListPolicyVersions", "iot:ListPrincipalPolicies", "iot:ListPrincipalThings", "iot:ListProvisioningTemplateVersions", "iot:ListProvisioningTemplates", "iot:ListRelatedResourcesForAuditFinding", "iot:ListRetainedMessages", "iot:ListRoleAliases", "iot:ListScheduledAudits", "iot:ListSecurityProfiles", "iot:ListSecurityProfilesForTarget", "iot:ListStreams", "iot:ListTagsForResource", "iot:ListTargetsForPolicy", "iot:ListTargetsForSecurityProfile", "iot:ListThingGroups", "iot:ListThingGroupsForThing", "iot:ListThingPrincipals", "iot:ListThingRegistrationTaskReports", "iot:ListThingRegistrationTasks", "iot:ListThingTypes", "iot:ListThings", "iot:ListThingsInBillingGroup", "iot:ListThingsInThingGroup", "iot:ListTopicRuleDestinations", "iot:ListTopicRules", "iot:ListTunnels", "iot:ListV2LoggingLevels", "iot:ListViolationEvents", "iot:OpenTunnel", "iot:Publish", "iot:PutVerificationStateOnViolation", "iot:Receive", "iot:RegisterCACertificate", "iot:RegisterCertificate", "iot:RegisterCertificateWithoutCA", "iot:RegisterThing", "iot:RejectCertificateTransfer", "iot:RemoveThingFromBillingGroup", "iot:RemoveThingFromThingGroup", "iot:ReplaceTopicRule", "iot:RetainPublish", "iot:RotateTunnelAccessToken", "iot:SearchIndex", "iot:SetDefaultAuthorizer", "iot:SetDefaultPolicyVersion", "iot:SetLoggingOptions", "iot:SetV2LoggingLevel", "iot:SetV2LoggingOptions", "iot:StartAuditMitigationActionsTask", "iot:StartDetectMitigationActionsTask", "iot:StartOnDemandAuditTask", "iot:StartThingRegistrationTask", "iot:StopThingRegistrationTask", "iot:Subscribe", "iot:TagResource", "iot:TestAuthorization", "iot:TestInvokeAuthorizer", "iot:TransferCertificate", "iot:UntagResource", "iot:UpdateAccountAuditConfiguration", "iot:UpdateAuditSuppression", "iot:UpdateAuthorizer", "iot:UpdateBillingGroup", "iot:UpdateCACertificate", "iot:UpdateCertificate", "iot:UpdateCertificateProvider", "iot:UpdateCustomMetric", "iot:UpdateDimension", "iot:UpdateDomainConfiguration", "iot:UpdateDynamicThingGroup", "iot:UpdateEventConfigurations", "iot:UpdateFleetMetric", "iot:UpdateIndexingConfiguration", "iot:UpdateJob", "iot:UpdateMitigationAction", "iot:UpdatePackage", "iot:UpdatePackageConfiguration", "iot:UpdatePackageVersion", "iot:UpdateProvisioningTemplate", "iot:UpdateRoleAlias", "iot:UpdateScheduledAudit", "iot:UpdateSecurityProfile", "iot:UpdateStream", "iot:UpdateThing", "iot:UpdateThingGroup", "iot:UpdateThingGroupsForThing", "iot:UpdateThingShadow", "iot:UpdateTopicRuleDestination", "iot:ValidateSecurityProfileBehaviors", "iot-device-tester:CheckVersion", "iot-device-tester:DownloadTestSuite", "iot-device-tester:LatestIdt", "iot-device-tester:SendMetrics", "iot-device-tester:SupportedVersion", "iot1click:AssociateDeviceWithPlacement", "iot1click:ClaimDevicesByClaimCode", "iot1click:CreatePlacement", "iot1click:CreateProject", "iot1click:DeletePlacement", "iot1click:DeleteProject", "iot1click:DescribeDevice", "iot1click:DescribePlacement", "iot1click:DescribeProject", "iot1click:DisassociateDeviceFromPlacement", "iot1click:FinalizeDeviceClaim", "iot1click:GetDeviceMethods", "iot1click:GetDevicesInPlacement", "iot1click:InitiateDeviceClaim", "iot1click:InvokeDeviceMethod", "iot1click:ListDeviceEvents", "iot1click:ListDevices", "iot1click:ListPlacements", "iot1click:ListProjects", "iot1click:ListTagsForResource", "iot1click:TagResource", "iot1click:UnclaimDevice", "iot1click:UntagResource", "iot1click:UpdateDeviceState", "iot1click:UpdatePlacement", "iot1click:UpdateProject", "iotanalytics:BatchPutMessage", "iotanalytics:CancelPipelineReprocessing", "iotanalytics:CreateChannel", "iotanalytics:CreateDataset", "iotanalytics:CreateDatasetContent", "iotanalytics:CreateDatastore", "iotanalytics:CreatePipeline", "iotanalytics:DeleteChannel", "iotanalytics:DeleteDataset", "iotanalytics:DeleteDatasetContent", "iotanalytics:DeleteDatastore", "iotanalytics:DeletePipeline", "iotanalytics:DescribeChannel", "iotanalytics:DescribeDataset", "iotanalytics:DescribeDatastore", "iotanalytics:DescribeLoggingOptions", "iotanalytics:DescribePipeline", "iotanalytics:GetDatasetContent", "iotanalytics:ListChannels", "iotanalytics:ListDatasetContents", "iotanalytics:ListDatasets", "iotanalytics:ListDatastores", "iotanalytics:ListPipelines", "iotanalytics:ListTagsForResource", "iotanalytics:PutLoggingOptions", "iotanalytics:RunPipelineActivity", "iotanalytics:SampleChannelData", "iotanalytics:StartPipelineReprocessing", "iotanalytics:TagResource", "iotanalytics:UntagResource", "iotanalytics:UpdateChannel", "iotanalytics:UpdateDataset", "iotanalytics:UpdateDatastore", "iotanalytics:UpdatePipeline", "iotdeviceadvisor:CreateSuiteDefinition", "iotdeviceadvisor:DeleteSuiteDefinition", "iotdeviceadvisor:GetEndpoint", "iotdeviceadvisor:GetSuiteDefinition", "iotdeviceadvisor:GetSuiteRun", "iotdeviceadvisor:GetSuiteRunReport", "iotdeviceadvisor:ListSuiteDefinitions", "iotdeviceadvisor:ListSuiteRuns", "iotdeviceadvisor:ListTagsForResource", "iotdeviceadvisor:StartSuiteRun", "iotdeviceadvisor:StopSuiteRun", "iotdeviceadvisor:TagResource", "iotdeviceadvisor:UntagResource", "iotdeviceadvisor:UpdateSuiteDefinition", "iotevents:BatchAcknowledgeAlarm", "iotevents:BatchDeleteDetector", "iotevents:BatchDisableAlarm", "iotevents:BatchEnableAlarm", "iotevents:BatchPutMessage", "iotevents:BatchResetAlarm", "iotevents:BatchSnoozeAlarm", "iotevents:BatchUpdateDetector", "iotevents:CreateAlarmModel", "iotevents:CreateDetectorModel", "iotevents:CreateInput", "iotevents:DeleteAlarmModel", "iotevents:DeleteDetectorModel", "iotevents:DeleteInput", "iotevents:DescribeAlarm", "iotevents:DescribeAlarmModel", "iotevents:DescribeDetector", "iotevents:DescribeDetectorModel", "iotevents:DescribeDetectorModelAnalysis", "iotevents:DescribeInput", "iotevents:DescribeLoggingOptions", "iotevents:GetDetectorModelAnalysisResults", "iotevents:ListAlarmModelVersions", "iotevents:ListAlarmModels", "iotevents:ListAlarms", "iotevents:ListDetectorModelVersions", "iotevents:ListDetectorModels", "iotevents:ListDetectors", "iotevents:ListInputRoutings", "iotevents:ListInputs", "iotevents:ListTagsForResource", "iotevents:PutLoggingOptions", "iotevents:StartDetectorModelAnalysis", "iotevents:TagResource", "iotevents:UntagResource", "iotevents:UpdateAlarmModel", "iotevents:UpdateDetectorModel", "iotevents:UpdateInput", "iotevents:UpdateInputRouting", "iotfleethub:CreateApplication", "iotfleethub:DeleteApplication", "iotfleethub:DescribeApplication", "iotfleethub:ListApplications", "iotfleethub:ListTagsForResource", "iotfleethub:TagResource", "iotfleethub:UntagResource", "iotfleethub:UpdateApplication", "iotfleetwise:AssociateVehicleFleet", "iotfleetwise:BatchCreateVehicle", "iotfleetwise:BatchUpdateVehicle", "iotfleetwise:CreateCampaign", "iotfleetwise:CreateDecoderManifest", "iotfleetwise:CreateFleet", "iotfleetwise:CreateModelManifest", "iotfleetwise:CreateSignalCatalog", "iotfleetwise:CreateVehicle", "iotfleetwise:DeleteCampaign", "iotfleetwise:DeleteDecoderManifest", "iotfleetwise:DeleteFleet", "iotfleetwise:DeleteModelManifest", "iotfleetwise:DeleteSignalCatalog", "iotfleetwise:DeleteVehicle", "iotfleetwise:DisassociateVehicleFleet", "iotfleetwise:GetCampaign", "iotfleetwise:GetDecoderManifest", "iotfleetwise:GetEncryptionConfiguration", "iotfleetwise:GetFleet", "iotfleetwise:GetLoggingOptions", "iotfleetwise:GetModelManifest", "iotfleetwise:GetRegisterAccountStatus", "iotfleetwise:GetSignalCatalog", "iotfleetwise:GetVehicle", "iotfleetwise:GetVehicleStatus", "iotfleetwise:ImportDecoderManifest", "iotfleetwise:ImportSignalCatalog", "iotfleetwise:ListCampaigns", "iotfleetwise:ListDecoderManifestNetworkInterfaces", "iotfleetwise:ListDecoderManifestSignals", "iotfleetwise:ListDecoderManifests", "iotfleetwise:ListFleets", "iotfleetwise:ListFleetsForVehicle", "iotfleetwise:ListModelManifestNodes", "iotfleetwise:ListModelManifests", "iotfleetwise:ListSignalCatalogNodes", "iotfleetwise:ListSignalCatalogs", "iotfleetwise:ListTagsForResource", "iotfleetwise:ListVehicles", "iotfleetwise:ListVehiclesInFleet", "iotfleetwise:PutEncryptionConfiguration", "iotfleetwise:PutLoggingOptions", "iotfleetwise:RegisterAccount", "iotfleetwise:TagResource", "iotfleetwise:UntagResource", "iotfleetwise:UpdateCampaign", "iotfleetwise:UpdateDecoderManifest", "iotfleetwise:UpdateFleet", "iotfleetwise:UpdateModelManifest", "iotfleetwise:UpdateSignalCatalog", "iotfleetwise:UpdateVehicle", "iotjobsdata:DescribeJobExecution", "iotjobsdata:GetPendingJobExecutions", "iotjobsdata:StartNextPendingJobExecution", "iotjobsdata:UpdateJobExecution", "iotroborunner:CreateDestination", "iotroborunner:CreateSite", "iotroborunner:CreateWorker", "iotroborunner:CreateWorkerFleet", "iotroborunner:DeleteDestination", "iotroborunner:DeleteSite", "iotroborunner:DeleteWorker", "iotroborunner:DeleteWorkerFleet", "iotroborunner:GetDestination", "iotroborunner:GetSite", "iotroborunner:GetWorker", "iotroborunner:GetWorkerFleet", "iotroborunner:ListDestinations", "iotroborunner:ListSites", "iotroborunner:ListWorkerFleets", "iotroborunner:ListWorkers", "iotroborunner:UpdateDestination", "iotroborunner:UpdateSite", "iotroborunner:UpdateWorker", "iotroborunner:UpdateWorkerFleet", "iotsitewise:AssociateAssets", "iotsitewise:AssociateTimeSeriesToAssetProperty", "iotsitewise:BatchAssociateProjectAssets", "iotsitewise:BatchDisassociateProjectAssets", "iotsitewise:BatchGetAssetPropertyAggregates", "iotsitewise:BatchGetAssetPropertyValue", "iotsitewise:BatchGetAssetPropertyValueHistory", "iotsitewise:BatchPutAssetPropertyValue", "iotsitewise:CreateAccessPolicy", "iotsitewise:CreateAsset", "iotsitewise:CreateAssetModel", "iotsitewise:CreateAssetModelCompositeModel", "iotsitewise:CreateBulkImportJob", "iotsitewise:CreateDashboard", "iotsitewise:CreateGateway", "iotsitewise:CreatePortal", "iotsitewise:CreateProject", "iotsitewise:DeleteAccessPolicy", "iotsitewise:DeleteAsset", "iotsitewise:DeleteAssetModel", "iotsitewise:DeleteAssetModelCompositeModel", "iotsitewise:DeleteDashboard", "iotsitewise:DeleteGateway", "iotsitewise:DeletePortal", "iotsitewise:DeleteProject", "iotsitewise:DeleteTimeSeries", "iotsitewise:DescribeAccessPolicy", "iotsitewise:DescribeAction", "iotsitewise:DescribeAsset", "iotsitewise:DescribeAssetCompositeModel", "iotsitewise:DescribeAssetModel", "iotsitewise:DescribeAssetModelCompositeModel", "iotsitewise:DescribeAssetProperty", "iotsitewise:DescribeBulkImportJob", "iotsitewise:DescribeDashboard", "iotsitewise:DescribeDefaultEncryptionConfiguration", "iotsitewise:DescribeGateway", "iotsitewise:DescribeGatewayCapabilityConfiguration", "iotsitewise:DescribeLoggingOptions", "iotsitewise:DescribePortal", "iotsitewise:DescribeProject", "iotsitewise:DescribeStorageConfiguration", "iotsitewise:DescribeTimeSeries", "iotsitewise:DisassociateAssets", "iotsitewise:DisassociateTimeSeriesFromAssetProperty", "iotsitewise:EnableSiteWiseIntegration", "iotsitewise:ExecuteAction", "iotsitewise:ExecuteQuery", "iotsitewise:GetAssetPropertyAggregates", "iotsitewise:GetAssetPropertyValue", "iotsitewise:GetAssetPropertyValueHistory", "iotsitewise:GetInterpolatedAssetPropertyValues", "iotsitewise:ListAccessPolicies", "iotsitewise:ListActions", "iotsitewise:ListAssetModelCompositeModels", "iotsitewise:ListAssetModelProperties", "iotsitewise:ListAssetModels", "iotsitewise:ListAssetProperties", "iotsitewise:ListAssetRelationships", "iotsitewise:ListAssets", "iotsitewise:ListAssociatedAssets", "iotsitewise:ListBulkImportJobs", "iotsitewise:ListCompositionRelationships", "iotsitewise:ListDashboards", "iotsitewise:ListGateways", "iotsitewise:ListPortals", "iotsitewise:ListProjectAssets", "iotsitewise:ListProjects", "iotsitewise:ListTagsForResource", "iotsitewise:ListTimeSeries", "iotsitewise:PutDefaultEncryptionConfiguration", "iotsitewise:PutLoggingOptions", "iotsitewise:PutStorageConfiguration", "iotsitewise:TagResource", "iotsitewise:UntagResource", "iotsitewise:UpdateAccessPolicy", "iotsitewise:UpdateAsset", "iotsitewise:UpdateAssetModel", "iotsitewise:UpdateAssetModelCompositeModel", "iotsitewise:UpdateAssetModelPropertyRouting", "iotsitewise:UpdateAssetProperty", "iotsitewise:UpdateDashboard", "iotsitewise:UpdateGateway", "iotsitewise:UpdateGatewayCapabilityConfiguration", "iotsitewise:UpdatePortal", "iotsitewise:UpdateProject", "iottwinmaker:BatchPutPropertyValues", "iottwinmaker:CancelMetadataTransferJob", "iottwinmaker:CreateComponentType", "iottwinmaker:CreateEntity", "iottwinmaker:CreateMetadataTransferJob", "iottwinmaker:CreateScene", "iottwinmaker:CreateSyncJob", "iottwinmaker:CreateWorkspace", "iottwinmaker:DeleteComponentType", "iottwinmaker:DeleteEntity", "iottwinmaker:DeleteScene", "iottwinmaker:DeleteSyncJob", "iottwinmaker:DeleteWorkspace", "iottwinmaker:ExecuteQuery", "iottwinmaker:GetComponentType", "iottwinmaker:GetEntity", "iottwinmaker:GetMetadataTransferJob", "iottwinmaker:GetPricingPlan", "iottwinmaker:GetPropertyValue", "iottwinmaker:GetPropertyValueHistory", "iottwinmaker:GetScene", "iottwinmaker:GetSyncJob", "iottwinmaker:GetWorkspace", "iottwinmaker:ListComponentTypes", "iottwinmaker:ListComponents", "iottwinmaker:ListEntities", "iottwinmaker:ListMetadataTransferJobs", "iottwinmaker:ListProperties", "iottwinmaker:ListScenes", "iottwinmaker:ListSyncJobs", "iottwinmaker:ListSyncResources", "iottwinmaker:ListTagsForResource", "iottwinmaker:ListWorkspaces", "iottwinmaker:TagResource", "iottwinmaker:UntagResource", "iottwinmaker:UpdateComponentType", "iottwinmaker:UpdateEntity", "iottwinmaker:UpdatePricingPlan", "iottwinmaker:UpdateScene", "iottwinmaker:UpdateWorkspace", "iotwireless:AssociateAwsAccountWithPartnerAccount", "iotwireless:AssociateMulticastGroupWithFuotaTask", "iotwireless:AssociateWirelessDeviceWithFuotaTask", "iotwireless:AssociateWirelessDeviceWithMulticastGroup", "iotwireless:AssociateWirelessDeviceWithThing", "iotwireless:AssociateWirelessGatewayWithCertificate", "iotwireless:AssociateWirelessGatewayWithThing", "iotwireless:CancelMulticastGroupSession", "iotwireless:CreateDestination", "iotwireless:CreateDeviceProfile", "iotwireless:CreateFuotaTask", "iotwireless:CreateMulticastGroup", "iotwireless:CreateNetworkAnalyzerConfiguration", "iotwireless:CreateServiceProfile", "iotwireless:CreateWirelessDevice", "iotwireless:CreateWirelessGateway", "iotwireless:CreateWirelessGatewayTask", "iotwireless:CreateWirelessGatewayTaskDefinition", "iotwireless:DeleteDestination", "iotwireless:DeleteDeviceProfile", "iotwireless:DeleteFuotaTask", "iotwireless:DeleteMulticastGroup", "iotwireless:DeleteNetworkAnalyzerConfiguration", "iotwireless:DeleteQueuedMessages", "iotwireless:DeleteServiceProfile", "iotwireless:DeleteWirelessDevice", "iotwireless:DeleteWirelessDeviceImportTask", "iotwireless:DeleteWirelessGateway", "iotwireless:DeleteWirelessGatewayTask", "iotwireless:DeleteWirelessGatewayTaskDefinition", "iotwireless:DeregisterWirelessDevice", "iotwireless:DisassociateAwsAccountFromPartnerAccount", "iotwireless:DisassociateMulticastGroupFromFuotaTask", "iotwireless:DisassociateWirelessDeviceFromFuotaTask", "iotwireless:DisassociateWirelessDeviceFromMulticastGroup", "iotwireless:DisassociateWirelessDeviceFromThing", "iotwireless:DisassociateWirelessGatewayFromCertificate", "iotwireless:DisassociateWirelessGatewayFromThing", "iotwireless:GetDestination", "iotwireless:GetDeviceProfile", "iotwireless:GetEventConfigurationByResourceTypes", "iotwireless:GetFuotaTask", "iotwireless:GetLogLevelsByResourceTypes", "iotwireless:GetMetricConfiguration", "iotwireless:GetMetrics", "iotwireless:GetMulticastGroup", "iotwireless:GetMulticastGroupSession", "iotwireless:GetNetworkAnalyzerConfiguration", "iotwireless:GetPartnerAccount", "iotwireless:GetPosition", "iotwireless:GetPositionConfiguration", "iotwireless:GetPositionEstimate", "iotwireless:GetResourceEventConfiguration", "iotwireless:GetResourceLogLevel", "iotwireless:GetResourcePosition", "iotwireless:GetServiceEndpoint", "iotwireless:GetServiceProfile", "iotwireless:GetWirelessDevice", "iotwireless:GetWirelessDeviceImportTask", "iotwireless:GetWirelessDeviceStatistics", "iotwireless:GetWirelessGateway", "iotwireless:GetWirelessGatewayCertificate", "iotwireless:GetWirelessGatewayFirmwareInformation", "iotwireless:GetWirelessGatewayStatistics", "iotwireless:GetWirelessGatewayTask", "iotwireless:GetWirelessGatewayTaskDefinition", "iotwireless:ListDestinations", "iotwireless:ListDeviceProfiles", "iotwireless:ListDevicesForWirelessDeviceImportTask", "iotwireless:ListEventConfigurations", "iotwireless:ListFuotaTasks", "iotwireless:ListMulticastGroups", "iotwireless:ListMulticastGroupsByFuotaTask", "iotwireless:ListNetworkAnalyzerConfigurations", "iotwireless:ListPartnerAccounts", "iotwireless:ListPositionConfigurations", "iotwireless:ListQueuedMessages", "iotwireless:ListServiceProfiles", "iotwireless:ListTagsForResource", "iotwireless:ListWirelessDeviceImportTasks", "iotwireless:ListWirelessDevices", "iotwireless:ListWirelessGatewayTaskDefinitions", "iotwireless:ListWirelessGateways", "iotwireless:PutPositionConfiguration", "iotwireless:PutResourceLogLevel", "iotwireless:ResetAllResourceLogLevels", "iotwireless:ResetResourceLogLevel", "iotwireless:SendDataToMulticastGroup", "iotwireless:SendDataToWirelessDevice", "iotwireless:StartBulkAssociateWirelessDeviceWithMulticastGroup", "iotwireless:StartBulkDisassociateWirelessDeviceFromMulticastGroup", "iotwireless:StartFuotaTask", "iotwireless:StartMulticastGroupSession", "iotwireless:StartNetworkAnalyzerStream", "iotwireless:StartSingleWirelessDeviceImportTask", "iotwireless:StartWirelessDeviceImportTask", "iotwireless:TagResource", "iotwireless:TestWirelessDevice", "iotwireless:UntagResource", "iotwireless:UpdateDestination", "iotwireless:UpdateEventConfigurationByResourceTypes", "iotwireless:UpdateFuotaTask", "iotwireless:UpdateLogLevelsByResourceTypes", "iotwireless:UpdateMetricConfiguration", "iotwireless:UpdateMulticastGroup", "iotwireless:UpdateNetworkAnalyzerConfiguration", "iotwireless:UpdatePartnerAccount", "iotwireless:UpdatePosition", "iotwireless:UpdateResourceEventConfiguration", "iotwireless:UpdateResourcePosition", "iotwireless:UpdateWirelessDevice", "iotwireless:UpdateWirelessDeviceImportTask", "iotwireless:UpdateWirelessGateway", "iq:AcceptCall", "iq:ApprovePaymentRequest", "iq:ApproveProposal", "iq:ArchiveConversation", "iq:CompleteProposal", "iq:CreateConversation", "iq:CreateExpert", "iq:CreateListing", "iq:CreateMilestoneProposal", "iq:CreatePaymentRequest", "iq:CreateProject", "iq:CreateRequest", "iq:CreateScheduledProposal", "iq:CreateSeller", "iq:CreateUpfrontProposal", "iq:DeclineCall", "iq:DeleteAttachment", "iq:DisableIndividualPublicProfile", "iq:DownloadAttachment", "iq:EnableIndividualPublicProfile", "iq:EndCall", "iq:GetBuyer", "iq:GetCall", "iq:GetChatInfo", "iq:GetChatMessages", "iq:GetChatToken", "iq:GetCompanyChatMessages", "iq:GetCompanyProfile", "iq:GetConversation", "iq:GetExpert", "iq:GetListing", "iq:GetMarketplaceSeller", "iq:GetPaymentRequest", "iq:GetProposal", "iq:GetRequest", "iq:GetReview", "iq:HideRequest", "iq:InitiateCall", "iq:LinkAwsCertification", "iq:ListAttachments", "iq:ListConversations", "iq:ListExpertAccessLogs", "iq:ListListings", "iq:ListPaymentRequests", "iq:ListProposals", "iq:ListRequests", "iq:ListReviews", "iq:MarkChatMessageRead", "iq:RejectPaymentRequest", "iq:RejectProposal", "iq:SendCompanyChatMessage", "iq:SendIndividualChatMessage", "iq:UnarchiveConversation", "iq:UnlinkAwsCertification", "iq:UpdateCompanyProfile", "iq:UpdateConversationMembers", "iq:UpdateExpert", "iq:UpdateListing", "iq:UpdateRequest", "iq:UploadAttachment", "iq:WithdrawPaymentRequest", "iq:WithdrawProposal", "iq:WriteReview", "iq-permission:ApproveAccessGrant", "iq-permission:ApprovePermissionRequest", "iq-permission:AssumePermissionRole", "iq-permission:CreatePermissionRequest", "iq-permission:GetPermissionRequest", "iq-permission:ListPermissionRequests", "iq-permission:RejectPermissionRequest", "iq-permission:RevokePermissionRequest", "iq-permission:WithdrawPermissionRequest", "ivs:BatchGetChannel", "ivs:BatchGetStreamKey", "ivs:BatchStartViewerSessionRevocation", "ivs:CreateChannel", "ivs:CreateEncoderConfiguration", "ivs:CreateParticipantToken", "ivs:CreatePlaybackRestrictionPolicy", "ivs:CreateRecordingConfiguration", "ivs:CreateStage", "ivs:CreateStorageConfiguration", "ivs:CreateStreamKey", "ivs:DeleteChannel", "ivs:DeleteEncoderConfiguration", "ivs:DeletePlaybackKeyPair", "ivs:DeletePlaybackRestrictionPolicy", "ivs:DeleteRecordingConfiguration", "ivs:DeleteStage", "ivs:DeleteStorageConfiguration", "ivs:DeleteStreamKey", "ivs:DisconnectParticipant", "ivs:GetChannel", "ivs:GetComposition", "ivs:GetEncoderConfiguration", "ivs:GetParticipant", "ivs:GetPlaybackKeyPair", "ivs:GetPlaybackRestrictionPolicy", "ivs:GetRecordingConfiguration", "ivs:GetStage", "ivs:GetStageSession", "ivs:GetStorageConfiguration", "ivs:GetStream", "ivs:GetStreamKey", "ivs:GetStreamSession", "ivs:ImportPlaybackKeyPair", "ivs:ListChannels", "ivs:ListCompositions", "ivs:ListEncoderConfigurations", "ivs:ListParticipantEvents", "ivs:ListParticipants", "ivs:ListPlaybackKeyPairs", "ivs:ListPlaybackRestrictionPolicies", "ivs:ListRecordingConfigurations", "ivs:ListStageSessions", "ivs:ListStages", "ivs:ListStorageConfigurations", "ivs:ListStreamKeys", "ivs:ListStreamSessions", "ivs:ListStreams", "ivs:ListTagsForResource", "ivs:PutMetadata", "ivs:StartComposition", "ivs:StartViewerSessionRevocation", "ivs:StopComposition", "ivs:StopStream", "ivs:TagResource", "ivs:UntagResource", "ivs:UpdateChannel", "ivs:UpdatePlaybackRestrictionPolicy", "ivs:UpdateStage", "ivschat:CreateChatToken", "ivschat:CreateLoggingConfiguration", "ivschat:CreateRoom", "ivschat:DeleteLoggingConfiguration", "ivschat:DeleteMessage", "ivschat:DeleteRoom", "ivschat:DisconnectUser", "ivschat:GetLoggingConfiguration", "ivschat:GetRoom", "ivschat:ListLoggingConfigurations", "ivschat:ListRooms", "ivschat:ListTagsForResource", "ivschat:SendEvent", "ivschat:TagResource", "ivschat:UntagResource", "ivschat:UpdateLoggingConfiguration", "ivschat:UpdateRoom", "kafka:BatchAssociateScramSecret", "kafka:BatchDisassociateScramSecret", "kafka:CreateCluster", "kafka:CreateClusterV2", "kafka:CreateConfiguration", "kafka:CreateReplicator", "kafka:CreateVpcConnection", "kafka:DeleteCluster", "kafka:DeleteClusterPolicy", "kafka:DeleteConfiguration", "kafka:DeleteReplicator", "kafka:DeleteVpcConnection", "kafka:DescribeCluster", "kafka:DescribeClusterOperation", "kafka:DescribeClusterOperationV2", "kafka:DescribeClusterV2", "kafka:DescribeConfiguration", "kafka:DescribeConfigurationRevision", "kafka:DescribeReplicator", "kafka:DescribeVpcConnection", "kafka:GetBootstrapBrokers", "kafka:GetClusterPolicy", "kafka:GetCompatibleKafkaVersions", "kafka:ListClientVpcConnections", "kafka:ListClusterOperations", "kafka:ListClusterOperationsV2", "kafka:ListClusters", "kafka:ListClustersV2", "kafka:ListConfigurationRevisions", "kafka:ListConfigurations", "kafka:ListKafkaVersions", "kafka:ListNodes", "kafka:ListReplicators", "kafka:ListScramSecrets", "kafka:ListTagsForResource", "kafka:ListVpcConnections", "kafka:PutClusterPolicy", "kafka:RebootBroker", "kafka:RejectClientVpcConnection", "kafka:TagResource", "kafka:UntagResource", "kafka:UpdateBrokerCount", "kafka:UpdateBrokerStorage", "kafka:UpdateBrokerType", "kafka:UpdateClusterConfiguration", "kafka:UpdateClusterKafkaVersion", "kafka:UpdateConfiguration", "kafka:UpdateConnectivity", "kafka:UpdateMonitoring", "kafka:UpdateReplicationInfo", "kafka:UpdateSecurity", "kafka:UpdateStorage", "kafka-cluster:AlterCluster", "kafka-cluster:AlterClusterDynamicConfiguration", "kafka-cluster:AlterGroup", "kafka-cluster:AlterTopic", "kafka-cluster:AlterTopicDynamicConfiguration", "kafka-cluster:AlterTransactionalId", "kafka-cluster:Connect", "kafka-cluster:CreateTopic", "kafka-cluster:DeleteGroup", "kafka-cluster:DeleteTopic", "kafka-cluster:DescribeCluster", "kafka-cluster:DescribeClusterDynamicConfiguration", "kafka-cluster:DescribeGroup", "kafka-cluster:DescribeTopic", "kafka-cluster:DescribeTopicDynamicConfiguration", "kafka-cluster:DescribeTransactionalId", "kafka-cluster:ReadData", "kafka-cluster:WriteData", "kafka-cluster:WriteDataIdempotently", "kafkaconnect:CreateConnector", "kafkaconnect:CreateCustomPlugin", "kafkaconnect:CreateWorkerConfiguration", "kafkaconnect:DeleteConnector", "kafkaconnect:DeleteCustomPlugin", "kafkaconnect:DeleteWorkerConfiguration", "kafkaconnect:DescribeConnector", "kafkaconnect:DescribeCustomPlugin", "kafkaconnect:DescribeWorkerConfiguration", "kafkaconnect:ListConnectors", "kafkaconnect:ListCustomPlugins", "kafkaconnect:ListTagsForResource", "kafkaconnect:ListWorkerConfigurations", "kafkaconnect:TagResource", "kafkaconnect:UntagResource", "kafkaconnect:UpdateConnector", "kendra:AssociateEntitiesToExperience", "kendra:AssociatePersonasToEntities", "kendra:BatchDeleteDocument", "kendra:BatchDeleteFeaturedResultsSet", "kendra:BatchGetDocumentStatus", "kendra:BatchPutDocument", "kendra:ClearQuerySuggestions", "kendra:CreateAccessControlConfiguration", "kendra:CreateDataSource", "kendra:CreateExperience", "kendra:CreateFaq", "kendra:CreateFeaturedResultsSet", "kendra:CreateIndex", "kendra:CreateQuerySuggestionsBlockList", "kendra:CreateThesaurus", "kendra:DeleteAccessControlConfiguration", "kendra:DeleteDataSource", "kendra:DeleteExperience", "kendra:DeleteFaq", "kendra:DeleteIndex", "kendra:DeletePrincipalMapping", "kendra:DeleteQuerySuggestionsBlockList", "kendra:DeleteThesaurus", "kendra:DescribeAccessControlConfiguration", "kendra:DescribeDataSource", "kendra:DescribeExperience", "kendra:DescribeFaq", "kendra:DescribeFeaturedResultsSet", "kendra:DescribeIndex", "kendra:DescribePrincipalMapping", "kendra:DescribeQuerySuggestionsBlockList", "kendra:DescribeQuerySuggestionsConfig", "kendra:DescribeThesaurus", "kendra:DisassociateEntitiesFromExperience", "kendra:DisassociatePersonasFromEntities", "kendra:GetQuerySuggestions", "kendra:GetSnapshots", "kendra:ListAccessControlConfigurations", "kendra:ListDataSourceSyncJobs", "kendra:ListDataSources", "kendra:ListEntityPersonas", "kendra:ListExperienceEntities", "kendra:ListExperiences", "kendra:ListFaqs", "kendra:ListFeaturedResultsSets", "kendra:ListGroupsOlderThanOrderingId", "kendra:ListIndices", "kendra:ListQuerySuggestionsBlockLists", "kendra:ListTagsForResource", "kendra:ListThesauri", "kendra:PutPrincipalMapping", "kendra:Query", "kendra:Retrieve", "kendra:StartDataSourceSyncJob", "kendra:StopDataSourceSyncJob", "kendra:SubmitFeedback", "kendra:TagResource", "kendra:UntagResource", "kendra:UpdateAccessControlConfiguration", "kendra:UpdateDataSource", "kendra:UpdateExperience", "kendra:UpdateFeaturedResultsSet", "kendra:UpdateIndex", "kendra:UpdateQuerySuggestionsBlockList", "kendra:UpdateQuerySuggestionsConfig", "kendra:UpdateThesaurus", "kendra-ranking:CreateRescoreExecutionPlan", "kendra-ranking:DeleteRescoreExecutionPlan", "kendra-ranking:DescribeRescoreExecutionPlan", "kendra-ranking:ListRescoreExecutionPlans", "kendra-ranking:ListTagsForResource", "kendra-ranking:Rescore", "kendra-ranking:TagResource", "kendra-ranking:UntagResource", "kendra-ranking:UpdateRescoreExecutionPlan", "kinesis:AddTagsToStream", "kinesis:CreateStream", "kinesis:DecreaseStreamRetentionPeriod", "kinesis:DeleteResourcePolicy", "kinesis:DeleteStream", "kinesis:DeregisterStreamConsumer", "kinesis:DescribeLimits", "kinesis:DescribeStream", "kinesis:DescribeStreamConsumer", "kinesis:DescribeStreamSummary", "kinesis:DisableEnhancedMonitoring", "kinesis:EnableEnhancedMonitoring", "kinesis:GetRecords", "kinesis:GetResourcePolicy", "kinesis:GetShardIterator", "kinesis:IncreaseStreamRetentionPeriod", "kinesis:ListShards", "kinesis:ListStreamConsumers", "kinesis:ListStreams", "kinesis:ListTagsForStream", "kinesis:MergeShards", "kinesis:PutRecord", "kinesis:PutRecords", "kinesis:PutResourcePolicy", "kinesis:RegisterStreamConsumer", "kinesis:RemoveTagsFromStream", "kinesis:SplitShard", "kinesis:StartStreamEncryption", "kinesis:StopStreamEncryption", "kinesis:SubscribeToShard", "kinesis:UpdateShardCount", "kinesis:UpdateStreamMode", "kinesisanalytics:AddApplicationInput", "kinesisanalytics:AddApplicationOutput", "kinesisanalytics:AddApplicationReferenceDataSource", "kinesisanalytics:CreateApplication", "kinesisanalytics:DeleteApplication", "kinesisanalytics:DeleteApplicationOutput", "kinesisanalytics:DeleteApplicationReferenceDataSource", "kinesisanalytics:DescribeApplication", "kinesisanalytics:DiscoverInputSchema", "kinesisanalytics:GetApplicationState", "kinesisanalytics:ListApplications", "kinesisanalytics:ListTagsForResource", "kinesisanalytics:StartApplication", "kinesisanalytics:StopApplication", "kinesisanalytics:TagResource", "kinesisanalytics:UntagResource", "kinesisanalytics:UpdateApplication", "kinesisanalytics:AddApplicationCloudWatchLoggingOption", "kinesisanalytics:AddApplicationInputProcessingConfiguration", "kinesisanalytics:AddApplicationVpcConfiguration", "kinesisanalytics:CreateApplicationPresignedUrl", "kinesisanalytics:CreateApplicationSnapshot", "kinesisanalytics:DeleteApplicationCloudWatchLoggingOption", "kinesisanalytics:DeleteApplicationInputProcessingConfiguration", "kinesisanalytics:DeleteApplicationSnapshot", "kinesisanalytics:DeleteApplicationVpcConfiguration", "kinesisanalytics:DescribeApplicationSnapshot", "kinesisanalytics:DescribeApplicationVersion", "kinesisanalytics:ListApplicationSnapshots", "kinesisanalytics:ListApplicationVersions", "kinesisanalytics:RollbackApplication", "kinesisanalytics:UpdateApplicationMaintenanceConfiguration", "kinesisvideo:ConnectAsMaster", "kinesisvideo:ConnectAsViewer", "kinesisvideo:CreateSignalingChannel", "kinesisvideo:CreateStream", "kinesisvideo:DeleteEdgeConfiguration", "kinesisvideo:DeleteSignalingChannel", "kinesisvideo:DeleteStream", "kinesisvideo:DescribeEdgeConfiguration", "kinesisvideo:DescribeImageGenerationConfiguration", "kinesisvideo:DescribeMappedResourceConfiguration", "kinesisvideo:DescribeMediaStorageConfiguration", "kinesisvideo:DescribeNotificationConfiguration", "kinesisvideo:DescribeSignalingChannel", "kinesisvideo:DescribeStream", "kinesisvideo:GetClip", "kinesisvideo:GetDASHStreamingSessionURL", "kinesisvideo:GetDataEndpoint", "kinesisvideo:GetHLSStreamingSessionURL", "kinesisvideo:GetIceServerConfig", "kinesisvideo:GetImages", "kinesisvideo:GetMedia", "kinesisvideo:GetMediaForFragmentList", "kinesisvideo:GetSignalingChannelEndpoint", "kinesisvideo:JoinStorageSession", "kinesisvideo:ListEdgeAgentConfigurations", "kinesisvideo:ListFragments", "kinesisvideo:ListSignalingChannels", "kinesisvideo:ListStreams", "kinesisvideo:ListTagsForResource", "kinesisvideo:ListTagsForStream", "kinesisvideo:PutMedia", "kinesisvideo:SendAlexaOfferToMaster", "kinesisvideo:StartEdgeConfigurationUpdate", "kinesisvideo:TagResource", "kinesisvideo:TagStream", "kinesisvideo:UntagResource", "kinesisvideo:UntagStream", "kinesisvideo:UpdateDataRetention", "kinesisvideo:UpdateImageGenerationConfiguration", "kinesisvideo:UpdateMediaStorageConfiguration", "kinesisvideo:UpdateNotificationConfiguration", "kinesisvideo:UpdateSignalingChannel", "kinesisvideo:UpdateStream", "kms:CancelKeyDeletion", "kms:ConnectCustomKeyStore", "kms:CreateAlias", "kms:CreateCustomKeyStore", "kms:CreateGrant", "kms:CreateKey", "kms:Decrypt", "kms:DeleteAlias", "kms:DeleteCustomKeyStore", "kms:DeleteImportedKeyMaterial", "kms:DescribeCustomKeyStores", "kms:DescribeKey", "kms:DisableKey", "kms:DisableKeyRotation", "kms:DisconnectCustomKeyStore", "kms:EnableKey", "kms:EnableKeyRotation", "kms:Encrypt", "kms:GenerateDataKey", "kms:GenerateDataKeyPair", "kms:GenerateDataKeyPairWithoutPlaintext", "kms:GenerateDataKeyWithoutPlaintext", "kms:GenerateMac", "kms:GenerateRandom", "kms:GetKeyPolicy", "kms:GetKeyRotationStatus", "kms:GetParametersForImport", "kms:GetPublicKey", "kms:ImportKeyMaterial", "kms:ListAliases", "kms:ListGrants", "kms:ListKeyPolicies", "kms:ListKeyRotations", "kms:ListKeys", "kms:ListResourceTags", "kms:ListRetirableGrants", "kms:PutKeyPolicy", "kms:ReEncryptFrom", "kms:ReEncryptTo", "kms:ReplicateKey", "kms:RetireGrant", "kms:RevokeGrant", "kms:RotateKeyOnDemand", "kms:ScheduleKeyDeletion", "kms:Sign", "kms:SynchronizeMultiRegionKey", "kms:TagResource", "kms:UntagResource", "kms:UpdateAlias", "kms:UpdateCustomKeyStore", "kms:UpdateKeyDescription", "kms:UpdatePrimaryRegion", "kms:Verify", "kms:VerifyMac", "lakeformation:AddLFTagsToResource", "lakeformation:BatchGrantPermissions", "lakeformation:BatchRevokePermissions", "lakeformation:CancelTransaction", "lakeformation:CommitTransaction", "lakeformation:CreateDataCellsFilter", "lakeformation:CreateLFTag", "lakeformation:CreateLakeFormationIdentityCenterConfiguration", "lakeformation:CreateLakeFormationOptIn", "lakeformation:DeleteDataCellsFilter", "lakeformation:DeleteLFTag", "lakeformation:DeleteLakeFormationIdentityCenterConfiguration", "lakeformation:DeleteLakeFormationOptIn", "lakeformation:DeleteObjectsOnCancel", "lakeformation:DeregisterResource", "lakeformation:DescribeLakeFormationIdentityCenterConfiguration", "lakeformation:DescribeResource", "lakeformation:DescribeTransaction", "lakeformation:ExtendTransaction", "lakeformation:GetDataAccess", "lakeformation:GetDataCellsFilter", "lakeformation:GetDataLakeSettings", "lakeformation:GetEffectivePermissionsForPath", "lakeformation:GetLFTag", "lakeformation:GetQueryState", "lakeformation:GetQueryStatistics", "lakeformation:GetResourceLFTags", "lakeformation:GetTableObjects", "lakeformation:GetWorkUnitResults", "lakeformation:GetWorkUnits", "lakeformation:GrantPermissions", "lakeformation:ListDataCellsFilter", "lakeformation:ListLFTags", "lakeformation:ListLakeFormationOptIns", "lakeformation:ListPermissions", "lakeformation:ListResources", "lakeformation:ListTableStorageOptimizers", "lakeformation:ListTransactions", "lakeformation:PutDataLakeSettings", "lakeformation:RegisterResource", "lakeformation:RemoveLFTagsFromResource", "lakeformation:RevokePermissions", "lakeformation:SearchDatabasesByLFTags", "lakeformation:SearchTablesByLFTags", "lakeformation:StartQueryPlanning", "lakeformation:StartTransaction", "lakeformation:UpdateDataCellsFilter", "lakeformation:UpdateLFTag", "lakeformation:UpdateLakeFormationIdentityCenterConfiguration", "lakeformation:UpdateResource", "lakeformation:UpdateTableObjects", "lakeformation:UpdateTableStorageOptimizer", "lambda:AddLayerVersionPermission", "lambda:AddPermission", "lambda:CreateAlias", "lambda:CreateCodeSigningConfig", "lambda:CreateEventSourceMapping", "lambda:CreateFunction", "lambda:CreateFunctionUrlConfig", "lambda:DeleteAlias", "lambda:DeleteCodeSigningConfig", "lambda:DeleteEventSourceMapping", "lambda:DeleteFunction", "lambda:DeleteFunctionCodeSigningConfig", "lambda:DeleteFunctionConcurrency", "lambda:DeleteFunctionEventInvokeConfig", "lambda:DeleteFunctionUrlConfig", "lambda:DeleteLayerVersion", "lambda:DeleteProvisionedConcurrencyConfig", "lambda:DisableReplication", "lambda:EnableReplication", "lambda:GetAccountSettings", "lambda:GetAlias", "lambda:GetCodeSigningConfig", "lambda:GetEventSourceMapping", "lambda:GetFunction", "lambda:GetFunctionCodeSigningConfig", "lambda:GetFunctionConcurrency", "lambda:GetFunctionConfiguration", "lambda:GetFunctionEventInvokeConfig", "lambda:GetFunctionUrlConfig", "lambda:GetLayerVersion", "lambda:GetLayerVersionPolicy", "lambda:GetPolicy", "lambda:GetProvisionedConcurrencyConfig", "lambda:GetRuntimeManagementConfig", "lambda:InvokeAsync", "lambda:InvokeFunction", "lambda:InvokeFunctionUrl", "lambda:ListAliases", "lambda:ListCodeSigningConfigs", "lambda:ListEventSourceMappings", "lambda:ListFunctionEventInvokeConfigs", "lambda:ListFunctionUrlConfigs", "lambda:ListFunctions", "lambda:ListFunctionsByCodeSigningConfig", "lambda:ListLayerVersions", "lambda:ListLayers", "lambda:ListProvisionedConcurrencyConfigs", "lambda:ListTags", "lambda:ListVersionsByFunction", "lambda:PublishLayerVersion", "lambda:PublishVersion", "lambda:PutFunctionCodeSigningConfig", "lambda:PutFunctionConcurrency", "lambda:PutFunctionEventInvokeConfig", "lambda:PutProvisionedConcurrencyConfig", "lambda:PutRuntimeManagementConfig", "lambda:RemoveLayerVersionPermission", "lambda:RemovePermission", "lambda:TagResource", "lambda:UntagResource", "lambda:UpdateAlias", "lambda:UpdateCodeSigningConfig", "lambda:UpdateEventSourceMapping", "lambda:UpdateFunctionCode", "lambda:UpdateFunctionCodeSigningConfig", "lambda:UpdateFunctionConfiguration", "lambda:UpdateFunctionEventInvokeConfig", "lambda:UpdateFunctionUrlConfig", "launchwizard:CreateAdditionalNode", "launchwizard:CreateDeployment", "launchwizard:CreateSettingsSet", "launchwizard:DeleteAdditionalNode", "launchwizard:DeleteApp", "launchwizard:DeleteDeployment", "launchwizard:DeleteSettingsSet", "launchwizard:DescribeAdditionalNode", "launchwizard:DescribeProvisionedApp", "launchwizard:DescribeProvisioningEvents", "launchwizard:DescribeSettingsSet", "launchwizard:GetDeployment", "launchwizard:GetInfrastructureSuggestion", "launchwizard:GetIpAddress", "launchwizard:GetResourceCostEstimate", "launchwizard:GetResourceRecommendation", "launchwizard:GetSettingsSet", "launchwizard:GetWorkload", "launchwizard:GetWorkloadAsset", "launchwizard:GetWorkloadAssets", "launchwizard:ListAdditionalNodes", "launchwizard:ListAllowedResources", "launchwizard:ListDeploymentEvents", "launchwizard:ListDeployments", "launchwizard:ListProvisionedApps", "launchwizard:ListResourceCostEstimates", "launchwizard:ListSettingsSets", "launchwizard:ListWorkloadDeploymentOptions", "launchwizard:ListWorkloadDeploymentPatterns", "launchwizard:ListWorkloads", "launchwizard:PutSettingsSet", "launchwizard:StartProvisioning", "launchwizard:UpdateSettingsSet", "lex:CreateBotVersion", "lex:CreateIntentVersion", "lex:CreateSlotTypeVersion", "lex:DeleteBot", "lex:DeleteBotAlias", "lex:DeleteBotChannelAssociation", "lex:DeleteBotVersion", "lex:DeleteIntent", "lex:DeleteIntentVersion", "lex:DeleteSession", "lex:DeleteSlotType", "lex:DeleteSlotTypeVersion", "lex:DeleteUtterances", "lex:GetBot", "lex:GetBotAlias", "lex:GetBotAliases", "lex:GetBotChannelAssociation", "lex:GetBotChannelAssociations", "lex:GetBotVersions", "lex:GetBots", "lex:GetBuiltinIntent", "lex:GetBuiltinIntents", "lex:GetBuiltinSlotTypes", "lex:GetExport", "lex:GetImport", "lex:GetIntent", "lex:GetIntentVersions", "lex:GetIntents", "lex:GetMigration", "lex:GetMigrations", "lex:GetSession", "lex:GetSlotType", "lex:GetSlotTypeVersions", "lex:GetSlotTypes", "lex:GetUtterancesView", "lex:ListTagsForResource", "lex:PostContent", "lex:PostText", "lex:PutBot", "lex:PutBotAlias", "lex:PutIntent", "lex:PutSession", "lex:PutSlotType", "lex:StartImport", "lex:StartMigration", "lex:TagResource", "lex:UntagResource", "lex:BatchCreateCustomVocabularyItem", "lex:BatchDeleteCustomVocabularyItem", "lex:BatchUpdateCustomVocabularyItem", "lex:BuildBotLocale", "lex:CreateBot", "lex:CreateBotAlias", "lex:CreateBotChannel", "lex:CreateBotLocale", "lex:CreateBotReplica", "lex:CreateCustomVocabulary", "lex:CreateExport", "lex:CreateIntent", "lex:CreateResourcePolicy", "lex:CreateSlot", "lex:CreateSlotType", "lex:CreateTestSet", "lex:CreateTestSetDiscrepancyReport", "lex:CreateUploadUrl", "lex:DeleteBotChannel", "lex:DeleteBotLocale", "lex:DeleteBotReplica", "lex:DeleteCustomVocabulary", "lex:DeleteExport", "lex:DeleteImport", "lex:DeleteResourcePolicy", "lex:DeleteSlot", "lex:DeleteTestSet", "lex:DescribeBot", "lex:DescribeBotAlias", "lex:DescribeBotChannel", "lex:DescribeBotLocale", "lex:DescribeBotRecommendation", "lex:DescribeBotReplica", "lex:DescribeBotResourceGeneration", "lex:DescribeBotVersion", "lex:DescribeCustomVocabulary", "lex:DescribeCustomVocabularyMetadata", "lex:DescribeExport", "lex:DescribeImport", "lex:DescribeIntent", "lex:DescribeResourcePolicy", "lex:DescribeSlot", "lex:DescribeSlotType", "lex:DescribeTestExecution", "lex:DescribeTestSet", "lex:DescribeTestSetDiscrepancyReport", "lex:DescribeTestSetGeneration", "lex:GenerateBotElement", "lex:GetTestExecutionArtifactsUrl", "lex:ListAggregatedUtterances", "lex:ListBotAliasReplicas", "lex:ListBotAliases", "lex:ListBotChannels", "lex:ListBotLocales", "lex:ListBotRecommendations", "lex:ListBotReplicas", "lex:ListBotResourceGenerations", "lex:ListBotVersionReplicas", "lex:ListBotVersions", "lex:ListBots", "lex:ListBuiltInIntents", "lex:ListBuiltInSlotTypes", "lex:ListCustomVocabularyItems", "lex:ListExports", "lex:ListImports", "lex:ListIntentMetrics", "lex:ListIntentPaths", "lex:ListIntentStageMetrics", "lex:ListIntents", "lex:ListRecommendedIntents", "lex:ListSessionAnalyticsData", "lex:ListSessionMetrics", "lex:ListSlotTypes", "lex:ListSlots", "lex:ListTestExecutionResultItems", "lex:ListTestExecutions", "lex:ListTestSetRecords", "lex:ListTestSets", "lex:RecognizeText", "lex:RecognizeUtterance", "lex:SearchAssociatedTranscripts", "lex:StartBotRecommendation", "lex:StartBotResourceGeneration", "lex:StartConversation", "lex:StartTestExecution", "lex:StartTestSetGeneration", "lex:StopBotRecommendation", "lex:UpdateBot", "lex:UpdateBotAlias", "lex:UpdateBotLocale", "lex:UpdateBotRecommendation", "lex:UpdateCustomVocabulary", "lex:UpdateExport", "lex:UpdateIntent", "lex:UpdateResourcePolicy", "lex:UpdateSlot", "lex:UpdateSlotType", "lex:UpdateTestSet", "license-manager:AcceptGrant", "license-manager:CheckInLicense", "license-manager:CheckoutBorrowLicense", "license-manager:CheckoutLicense", "license-manager:CreateGrant", "license-manager:CreateGrantVersion", "license-manager:CreateLicense", "license-manager:CreateLicenseConfiguration", "license-manager:CreateLicenseConversionTaskForResource", "license-manager:CreateLicenseManagerReportGenerator", "license-manager:CreateLicenseVersion", "license-manager:CreateToken", "license-manager:DeleteGrant", "license-manager:DeleteLicense", "license-manager:DeleteLicenseConfiguration", "license-manager:DeleteLicenseManagerReportGenerator", "license-manager:DeleteToken", "license-manager:ExtendLicenseConsumption", "license-manager:GetAccessToken", "license-manager:GetGrant", "license-manager:GetLicense", "license-manager:GetLicenseConfiguration", "license-manager:GetLicenseConversionTask", "license-manager:GetLicenseManagerReportGenerator", "license-manager:GetLicenseUsage", "license-manager:GetServiceSettings", "license-manager:ListAssociationsForLicenseConfiguration", "license-manager:ListDistributedGrants", "license-manager:ListFailuresForLicenseConfigurationOperations", "license-manager:ListLicenseConfigurations", "license-manager:ListLicenseConversionTasks", "license-manager:ListLicenseManagerReportGenerators", "license-manager:ListLicenseSpecificationsForResource", "license-manager:ListLicenseVersions", "license-manager:ListLicenses", "license-manager:ListReceivedGrants", "license-manager:ListReceivedGrantsForOrganization", "license-manager:ListReceivedLicenses", "license-manager:ListReceivedLicensesForOrganization", "license-manager:ListResourceInventory", "license-manager:ListTagsForResource", "license-manager:ListTokens", "license-manager:ListUsageForLicenseConfiguration", "license-manager:RejectGrant", "license-manager:TagResource", "license-manager:UntagResource", "license-manager:UpdateLicenseConfiguration", "license-manager:UpdateLicenseManagerReportGenerator", "license-manager:UpdateLicenseSpecificationsForResource", "license-manager:UpdateServiceSettings", "license-manager-linux-subscriptions:GetServiceSettings", "license-manager-linux-subscriptions:ListLinuxSubscriptionInstances", "license-manager-linux-subscriptions:ListLinuxSubscriptions", "license-manager-linux-subscriptions:UpdateServiceSettings", "license-manager-user-subscriptions:AssociateUser", "license-manager-user-subscriptions:DeregisterIdentityProvider", "license-manager-user-subscriptions:DisassociateUser", "license-manager-user-subscriptions:ListIdentityProviders", "license-manager-user-subscriptions:ListInstances", "license-manager-user-subscriptions:ListProductSubscriptions", "license-manager-user-subscriptions:ListUserAssociations", "license-manager-user-subscriptions:RegisterIdentityProvider", "license-manager-user-subscriptions:StartProductSubscription", "license-manager-user-subscriptions:StopProductSubscription", "license-manager-user-subscriptions:UpdateIdentityProviderSettings", "lightsail:AllocateStaticIp", "lightsail:AttachCertificateToDistribution", "lightsail:AttachDisk", "lightsail:AttachInstancesToLoadBalancer", "lightsail:AttachLoadBalancerTlsCertificate", "lightsail:AttachStaticIp", "lightsail:CloseInstancePublicPorts", "lightsail:CopySnapshot", "lightsail:CreateBucket", "lightsail:CreateBucketAccessKey", "lightsail:CreateCertificate", "lightsail:CreateCloudFormationStack", "lightsail:CreateContactMethod", "lightsail:CreateContainerService", "lightsail:CreateContainerServiceDeployment", "lightsail:CreateContainerServiceRegistryLogin", "lightsail:CreateDisk", "lightsail:CreateDiskFromSnapshot", "lightsail:CreateDiskSnapshot", "lightsail:CreateDistribution", "lightsail:CreateDomain", "lightsail:CreateDomainEntry", "lightsail:CreateGUISessionAccessDetails", "lightsail:CreateInstanceSnapshot", "lightsail:CreateInstances", "lightsail:CreateInstancesFromSnapshot", "lightsail:CreateKeyPair", "lightsail:CreateLoadBalancer", "lightsail:CreateLoadBalancerTlsCertificate", "lightsail:CreateRelationalDatabase", "lightsail:CreateRelationalDatabaseFromSnapshot", "lightsail:CreateRelationalDatabaseSnapshot", "lightsail:DeleteAlarm", "lightsail:DeleteAutoSnapshot", "lightsail:DeleteBucket", "lightsail:DeleteBucketAccessKey", "lightsail:DeleteCertificate", "lightsail:DeleteContactMethod", "lightsail:DeleteContainerImage", "lightsail:DeleteContainerService", "lightsail:DeleteDisk", "lightsail:DeleteDiskSnapshot", "lightsail:DeleteDistribution", "lightsail:DeleteDomain", "lightsail:DeleteDomainEntry", "lightsail:DeleteInstance", "lightsail:DeleteInstanceSnapshot", "lightsail:DeleteKeyPair", "lightsail:DeleteKnownHostKeys", "lightsail:DeleteLoadBalancer", "lightsail:DeleteLoadBalancerTlsCertificate", "lightsail:DeleteRelationalDatabase", "lightsail:DeleteRelationalDatabaseSnapshot", "lightsail:DetachCertificateFromDistribution", "lightsail:DetachDisk", "lightsail:DetachInstancesFromLoadBalancer", "lightsail:DetachStaticIp", "lightsail:DisableAddOn", "lightsail:DownloadDefaultKeyPair", "lightsail:EnableAddOn", "lightsail:ExportSnapshot", "lightsail:GetActiveNames", "lightsail:GetAlarms", "lightsail:GetAutoSnapshots", "lightsail:GetBlueprints", "lightsail:GetBucketAccessKeys", "lightsail:GetBucketBundles", "lightsail:GetBucketMetricData", "lightsail:GetBuckets", "lightsail:GetBundles", "lightsail:GetCertificates", "lightsail:GetCloudFormationStackRecords", "lightsail:GetContactMethods", "lightsail:GetContainerAPIMetadata", "lightsail:GetContainerImages", "lightsail:GetContainerLog", "lightsail:GetContainerServiceDeployments", "lightsail:GetContainerServiceMetricData", "lightsail:GetContainerServicePowers", "lightsail:GetContainerServices", "lightsail:GetCostEstimate", "lightsail:GetDisk", "lightsail:GetDiskSnapshot", "lightsail:GetDiskSnapshots", "lightsail:GetDisks", "lightsail:GetDistributionBundles", "lightsail:GetDistributionLatestCacheReset", "lightsail:GetDistributionMetricData", "lightsail:GetDistributions", "lightsail:GetDomain", "lightsail:GetDomains", "lightsail:GetExportSnapshotRecords", "lightsail:GetInstance", "lightsail:GetInstanceAccessDetails", "lightsail:GetInstanceMetricData", "lightsail:GetInstancePortStates", "lightsail:GetInstanceSnapshot", "lightsail:GetInstanceSnapshots", "lightsail:GetInstanceState", "lightsail:GetInstances", "lightsail:GetKeyPair", "lightsail:GetKeyPairs", "lightsail:GetLoadBalancer", "lightsail:GetLoadBalancerMetricData", "lightsail:GetLoadBalancerTlsCertificates", "lightsail:GetLoadBalancerTlsPolicies", "lightsail:GetLoadBalancers", "lightsail:GetOperation", "lightsail:GetOperations", "lightsail:GetOperationsForResource", "lightsail:GetRegions", "lightsail:GetRelationalDatabase", "lightsail:GetRelationalDatabaseBlueprints", "lightsail:GetRelationalDatabaseBundles", "lightsail:GetRelationalDatabaseEvents", "lightsail:GetRelationalDatabaseLogEvents", "lightsail:GetRelationalDatabaseLogStreams", "lightsail:GetRelationalDatabaseMasterUserPassword", "lightsail:GetRelationalDatabaseMetricData", "lightsail:GetRelationalDatabaseParameters", "lightsail:GetRelationalDatabaseSnapshot", "lightsail:GetRelationalDatabaseSnapshots", "lightsail:GetRelationalDatabases", "lightsail:GetSetupHistory", "lightsail:GetStaticIp", "lightsail:GetStaticIps", "lightsail:ImportKeyPair", "lightsail:IsVpcPeered", "lightsail:OpenInstancePublicPorts", "lightsail:PeerVpc", "lightsail:PutAlarm", "lightsail:PutInstancePublicPorts", "lightsail:RebootInstance", "lightsail:RebootRelationalDatabase", "lightsail:RegisterContainerImage", "lightsail:ReleaseStaticIp", "lightsail:ResetDistributionCache", "lightsail:SendContactMethodVerification", "lightsail:SetIpAddressType", "lightsail:SetResourceAccessForBucket", "lightsail:SetupInstanceHttps", "lightsail:StartGUISession", "lightsail:StartInstance", "lightsail:StartRelationalDatabase", "lightsail:StopGUISession", "lightsail:StopInstance", "lightsail:StopRelationalDatabase", "lightsail:TagResource", "lightsail:TestAlarm", "lightsail:UnpeerVpc", "lightsail:UntagResource", "lightsail:UpdateBucket", "lightsail:UpdateBucketBundle", "lightsail:UpdateContainerService", "lightsail:UpdateDistribution", "lightsail:UpdateDistributionBundle", "lightsail:UpdateDomainEntry", "lightsail:UpdateInstanceMetadataOptions", "lightsail:UpdateLoadBalancerAttribute", "lightsail:UpdateRelationalDatabase", "lightsail:UpdateRelationalDatabaseParameters", "logs:AssociateKmsKey", "logs:CancelExportTask", "logs:CreateDelivery", "logs:CreateExportTask", "logs:CreateLogAnomalyDetector", "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteAccountPolicy", "logs:DeleteDataProtectionPolicy", "logs:DeleteDelivery", "logs:DeleteDeliveryDestination", "logs:DeleteDeliveryDestinationPolicy", "logs:DeleteDeliverySource", "logs:DeleteDestination", "logs:DeleteLogAnomalyDetector", "logs:DeleteLogDelivery", "logs:DeleteLogGroup", "logs:DeleteLogStream", "logs:DeleteMetricFilter", "logs:DeleteQueryDefinition", "logs:DeleteResourcePolicy", "logs:DeleteRetentionPolicy", "logs:DeleteSubscriptionFilter", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:DisassociateKmsKey", "logs:FilterLogEvents", "logs:GetDataProtectionPolicy", "logs:GetDelivery", "logs:GetDeliveryDestination", "logs:GetDeliveryDestinationPolicy", "logs:GetDeliverySource", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetLogRecord", "logs:GetQueryResults", "logs:Link", "logs:ListAnomalies", "logs:ListLogAnomalyDetectors", "logs:ListLogDeliveries", "logs:ListTagsForResource", "logs:ListTagsLogGroup", "logs:PutAccountPolicy", "logs:PutDataProtectionPolicy", "logs:PutDeliveryDestination", "logs:PutDeliveryDestinationPolicy", "logs:PutDeliverySource", "logs:PutDestination", "logs:PutDestinationPolicy", "logs:PutLogEvents", "logs:PutMetricFilter", "logs:PutQueryDefinition", "logs:PutResourcePolicy", "logs:PutRetentionPolicy", "logs:PutSubscriptionFilter", "logs:StartLiveTail", "logs:StartQuery", "logs:StopLiveTail", "logs:StopQuery", "logs:TagLogGroup", "logs:TagResource", "logs:TestMetricFilter", "logs:Unmask", "logs:UntagLogGroup", "logs:UntagResource", "logs:UpdateAnomaly", "logs:UpdateLogAnomalyDetector", "logs:UpdateLogDelivery", "lookoutequipment:CreateDataset", "lookoutequipment:CreateInferenceScheduler", "lookoutequipment:CreateLabel", "lookoutequipment:CreateLabelGroup", "lookoutequipment:CreateModel", "lookoutequipment:CreateRetrainingScheduler", "lookoutequipment:DeleteDataset", "lookoutequipment:DeleteInferenceScheduler", "lookoutequipment:DeleteLabel", "lookoutequipment:DeleteLabelGroup", "lookoutequipment:DeleteModel", "lookoutequipment:DeleteResourcePolicy", "lookoutequipment:DeleteRetrainingScheduler", "lookoutequipment:DescribeDataIngestionJob", "lookoutequipment:DescribeDataset", "lookoutequipment:DescribeInferenceScheduler", "lookoutequipment:DescribeLabelGroup", "lookoutequipment:DescribeModel", "lookoutequipment:DescribeModelVersion", "lookoutequipment:DescribeResourcePolicy", "lookoutequipment:DescribeRetrainingScheduler", "lookoutequipment:Describelabel", "lookoutequipment:ImportDataset", "lookoutequipment:ImportModelVersion", "lookoutequipment:ListDataIngestionJobs", "lookoutequipment:ListDatasets", "lookoutequipment:ListInferenceEvents", "lookoutequipment:ListInferenceExecutions", "lookoutequipment:ListInferenceSchedulers", "lookoutequipment:ListLabelGroups", "lookoutequipment:ListLabels", "lookoutequipment:ListModelVersions", "lookoutequipment:ListModels", "lookoutequipment:ListRetrainingSchedulers", "lookoutequipment:ListSensorStatistics", "lookoutequipment:ListTagsForResource", "lookoutequipment:PutResourcePolicy", "lookoutequipment:StartDataIngestionJob", "lookoutequipment:StartInferenceScheduler", "lookoutequipment:StartRetrainingScheduler", "lookoutequipment:StopInferenceScheduler", "lookoutequipment:StopRetrainingScheduler", "lookoutequipment:TagResource", "lookoutequipment:UntagResource", "lookoutequipment:UpdateActiveModelVersion", "lookoutequipment:UpdateInferenceScheduler", "lookoutequipment:UpdateLabelGroup", "lookoutequipment:UpdateModel", "lookoutequipment:UpdateRetrainingScheduler", "lookoutmetrics:ActivateAnomalyDetector", "lookoutmetrics:BackTestAnomalyDetector", "lookoutmetrics:CreateAlert", "lookoutmetrics:CreateAnomalyDetector", "lookoutmetrics:CreateMetricSet", "lookoutmetrics:DeactivateAnomalyDetector", "lookoutmetrics:DeleteAlert", "lookoutmetrics:DeleteAnomalyDetector", "lookoutmetrics:DescribeAlert", "lookoutmetrics:DescribeAnomalyDetectionExecutions", "lookoutmetrics:DescribeAnomalyDetector", "lookoutmetrics:DescribeMetricSet", "lookoutmetrics:DetectMetricSetConfig", "lookoutmetrics:GetAnomalyGroup", "lookoutmetrics:GetDataQualityMetrics", "lookoutmetrics:GetFeedback", "lookoutmetrics:GetSampleData", "lookoutmetrics:ListAlerts", "lookoutmetrics:ListAnomalyDetectors", "lookoutmetrics:ListAnomalyGroupRelatedMetrics", "lookoutmetrics:ListAnomalyGroupSummaries", "lookoutmetrics:ListAnomalyGroupTimeSeries", "lookoutmetrics:ListMetricSets", "lookoutmetrics:ListTagsForResource", "lookoutmetrics:PutFeedback", "lookoutmetrics:TagResource", "lookoutmetrics:UntagResource", "lookoutmetrics:UpdateAlert", "lookoutmetrics:UpdateAnomalyDetector", "lookoutmetrics:UpdateMetricSet", "lookoutvision:CreateDataset", "lookoutvision:CreateModel", "lookoutvision:CreateProject", "lookoutvision:DeleteDataset", "lookoutvision:DeleteModel", "lookoutvision:DeleteProject", "lookoutvision:DescribeDataset", "lookoutvision:DescribeModel", "lookoutvision:DescribeModelPackagingJob", "lookoutvision:DescribeProject", "lookoutvision:DescribeTrialDetection", "lookoutvision:DetectAnomalies", "lookoutvision:ListDatasetEntries", "lookoutvision:ListModelPackagingJobs", "lookoutvision:ListModels", "lookoutvision:ListProjects", "lookoutvision:ListTagsForResource", "lookoutvision:ListTrialDetections", "lookoutvision:StartModel", "lookoutvision:StartModelPackagingJob", "lookoutvision:StartTrialDetection", "lookoutvision:StopModel", "lookoutvision:TagResource", "lookoutvision:UntagResource", "lookoutvision:UpdateDatasetEntries", "m2:CancelBatchJobExecution", "m2:CreateApplication", "m2:CreateDataSetImportTask", "m2:CreateDeployment", "m2:CreateEnvironment", "m2:DeleteApplication", "m2:DeleteApplicationFromEnvironment", "m2:DeleteEnvironment", "m2:GetApplication", "m2:GetApplicationVersion", "m2:GetBatchJobExecution", "m2:GetDataSetDetails", "m2:GetDataSetImportTask", "m2:GetDeployment", "m2:GetEnvironment", "m2:GetSignedBluinsightsUrl", "m2:ListApplicationVersions", "m2:ListApplications", "m2:ListBatchJobDefinitions", "m2:ListBatchJobExecutions", "m2:ListDataSetImportHistory", "m2:ListDataSets", "m2:ListDeployments", "m2:ListEngineVersions", "m2:ListEnvironments", "m2:ListTagsForResource", "m2:StartApplication", "m2:StartBatchJob", "m2:StopApplication", "m2:TagResource", "m2:UntagResource", "m2:UpdateApplication", "m2:UpdateEnvironment", "machinelearning:AddTags", "machinelearning:CreateBatchPrediction", "machinelearning:CreateDataSourceFromRDS", "machinelearning:CreateDataSourceFromRedshift", "machinelearning:CreateDataSourceFromS3", "machinelearning:CreateEvaluation", "machinelearning:CreateMLModel", "machinelearning:CreateRealtimeEndpoint", "machinelearning:DeleteBatchPrediction", "machinelearning:DeleteDataSource", "machinelearning:DeleteEvaluation", "machinelearning:DeleteMLModel", "machinelearning:DeleteRealtimeEndpoint", "machinelearning:DeleteTags", "machinelearning:DescribeBatchPredictions", "machinelearning:DescribeDataSources", "machinelearning:DescribeEvaluations", "machinelearning:DescribeMLModels", "machinelearning:DescribeTags", "machinelearning:GetBatchPrediction", "machinelearning:GetDataSource", "machinelearning:GetEvaluation", "machinelearning:GetMLModel", "machinelearning:Predict", "machinelearning:UpdateBatchPrediction", "machinelearning:UpdateDataSource", "machinelearning:UpdateEvaluation", "machinelearning:UpdateMLModel", "macie2:AcceptInvitation", "macie2:BatchGetCustomDataIdentifiers", "macie2:CreateAllowList", "macie2:CreateClassificationJob", "macie2:CreateCustomDataIdentifier", "macie2:CreateFindingsFilter", "macie2:CreateInvitations", "macie2:CreateMember", "macie2:CreateSampleFindings", "macie2:DeclineInvitations", "macie2:DeleteAllowList", "macie2:DeleteCustomDataIdentifier", "macie2:DeleteFindingsFilter", "macie2:DeleteInvitations", "macie2:DeleteMember", "macie2:DescribeBuckets", "macie2:DescribeClassificationJob", "macie2:DescribeOrganizationConfiguration", "macie2:DisableMacie", "macie2:DisableOrganizationAdminAccount", "macie2:DisassociateFromAdministratorAccount", "macie2:DisassociateFromMasterAccount", "macie2:DisassociateMember", "macie2:EnableMacie", "macie2:EnableOrganizationAdminAccount", "macie2:GetAdministratorAccount", "macie2:GetAllowList", "macie2:GetAutomatedDiscoveryConfiguration", "macie2:GetBucketStatistics", "macie2:GetClassificationExportConfiguration", "macie2:GetClassificationScope", "macie2:GetCustomDataIdentifier", "macie2:GetFindingStatistics", "macie2:GetFindings", "macie2:GetFindingsFilter", "macie2:GetFindingsPublicationConfiguration", "macie2:GetInvitationsCount", "macie2:GetMacieSession", "macie2:GetMasterAccount", "macie2:GetMember", "macie2:GetResourceProfile", "macie2:GetRevealConfiguration", "macie2:GetSensitiveDataOccurrences", "macie2:GetSensitiveDataOccurrencesAvailability", "macie2:GetSensitivityInspectionTemplate", "macie2:GetUsageStatistics", "macie2:GetUsageTotals", "macie2:ListAllowLists", "macie2:ListClassificationJobs", "macie2:ListClassificationScopes", "macie2:ListCustomDataIdentifiers", "macie2:ListFindings", "macie2:ListFindingsFilters", "macie2:ListInvitations", "macie2:ListManagedDataIdentifiers", "macie2:ListMembers", "macie2:ListOrganizationAdminAccounts", "macie2:ListResourceProfileArtifacts", "macie2:ListResourceProfileDetections", "macie2:ListSensitivityInspectionTemplates", "macie2:ListTagsForResource", "macie2:PutClassificationExportConfiguration", "macie2:PutFindingsPublicationConfiguration", "macie2:SearchResources", "macie2:TagResource", "macie2:TestCustomDataIdentifier", "macie2:UntagResource", "macie2:UpdateAllowList", "macie2:UpdateAutomatedDiscoveryConfiguration", "macie2:UpdateClassificationJob", "macie2:UpdateClassificationScope", "macie2:UpdateFindingsFilter", "macie2:UpdateMacieSession", "macie2:UpdateMemberSession", "macie2:UpdateOrganizationConfiguration", "macie2:UpdateResourceProfile", "macie2:UpdateResourceProfileDetections", "macie2:UpdateRevealConfiguration", "macie2:UpdateSensitivityInspectionTemplate", "managedblockchain:CreateAccessor", "managedblockchain:CreateMember", "managedblockchain:CreateNetwork", "managedblockchain:CreateNode", "managedblockchain:CreateProposal", "managedblockchain:DeleteAccessor", "managedblockchain:DeleteMember", "managedblockchain:DeleteNode", "managedblockchain:GET", "managedblockchain:GetAccessor", "managedblockchain:GetMember", "managedblockchain:GetNetwork", "managedblockchain:GetNode", "managedblockchain:GetProposal", "managedblockchain:Invoke", "managedblockchain:InvokeRpcBitcoinMainnet", "managedblockchain:InvokeRpcBitcoinTestnet", "managedblockchain:InvokeRpcPolygonMainnet", "managedblockchain:InvokeRpcPolygonMumbaiTestnet", "managedblockchain:ListAccessors", "managedblockchain:ListInvitations", "managedblockchain:ListMembers", "managedblockchain:ListNetworks", "managedblockchain:ListNodes", "managedblockchain:ListProposalVotes", "managedblockchain:ListProposals", "managedblockchain:ListTagsForResource", "managedblockchain:POST", "managedblockchain:RejectInvitation", "managedblockchain:TagResource", "managedblockchain:UntagResource", "managedblockchain:UpdateMember", "managedblockchain:UpdateNode", "managedblockchain:VoteOnProposal", "managedblockchain-query:BatchGetTokenBalance", "managedblockchain-query:GetAssetContract", "managedblockchain-query:GetTokenBalance", "managedblockchain-query:GetTransaction", "managedblockchain-query:ListAssetContracts", "managedblockchain-query:ListFilteredTransactionEvents", "managedblockchain-query:ListTokenBalances", "managedblockchain-query:ListTransactionEvents", "managedblockchain-query:ListTransactions", "mapcredits:ListAssociatedPrograms", "mapcredits:ListQuarterCredits", "mapcredits:ListQuarterSpend", "marketplacecommerceanalytics:GenerateDataSet", "marketplacecommerceanalytics:StartSupportDataExport", "mechanicalturk:AcceptQualificationRequest", "mechanicalturk:ApproveAssignment", "mechanicalturk:AssociateQualificationWithWorker", "mechanicalturk:CreateAdditionalAssignmentsForHIT", "mechanicalturk:CreateHIT", "mechanicalturk:CreateHITType", "mechanicalturk:CreateHITWithHITType", "mechanicalturk:CreateQualificationType", "mechanicalturk:CreateWorkerBlock", "mechanicalturk:DeleteHIT", "mechanicalturk:DeleteQualificationType", "mechanicalturk:DeleteWorkerBlock", "mechanicalturk:DisassociateQualificationFromWorker", "mechanicalturk:GetAccountBalance", "mechanicalturk:GetAssignment", "mechanicalturk:GetFileUploadURL", "mechanicalturk:GetHIT", "mechanicalturk:GetQualificationScore", "mechanicalturk:GetQualificationType", "mechanicalturk:ListAssignmentsForHIT", "mechanicalturk:ListBonusPayments", "mechanicalturk:ListHITs", "mechanicalturk:ListHITsForQualificationType", "mechanicalturk:ListQualificationRequests", "mechanicalturk:ListQualificationTypes", "mechanicalturk:ListReviewPolicyResultsForHIT", "mechanicalturk:ListReviewableHITs", "mechanicalturk:ListWorkerBlocks", "mechanicalturk:ListWorkersWithQualificationType", "mechanicalturk:NotifyWorkers", "mechanicalturk:RejectAssignment", "mechanicalturk:RejectQualificationRequest", "mechanicalturk:SendBonus", "mechanicalturk:SendTestEventNotification", "mechanicalturk:UpdateExpirationForHIT", "mechanicalturk:UpdateHITReviewStatus", "mechanicalturk:UpdateHITTypeOfHIT", "mechanicalturk:UpdateNotificationSettings", "mechanicalturk:UpdateQualificationType", "mediaconnect:AddBridgeOutputs", "mediaconnect:AddBridgeSources", "mediaconnect:AddFlowMediaStreams", "mediaconnect:AddFlowOutputs", "mediaconnect:AddFlowSources", "mediaconnect:AddFlowVpcInterfaces", "mediaconnect:CreateBridge", "mediaconnect:CreateFlow", "mediaconnect:CreateGateway", "mediaconnect:DeleteBridge", "mediaconnect:DeleteFlow", "mediaconnect:DeleteGateway", "mediaconnect:DeregisterGatewayInstance", "mediaconnect:DescribeBridge", "mediaconnect:DescribeFlow", "mediaconnect:DescribeFlowSourceMetadata", "mediaconnect:DescribeGateway", "mediaconnect:DescribeGatewayInstance", "mediaconnect:DescribeOffering", "mediaconnect:DescribeReservation", "mediaconnect:DiscoverGatewayPollEndpoint", "mediaconnect:GrantFlowEntitlements", "mediaconnect:ListBridges", "mediaconnect:ListEntitlements", "mediaconnect:ListFlows", "mediaconnect:ListGatewayInstances", "mediaconnect:ListGateways", "mediaconnect:ListOfferings", "mediaconnect:ListReservations", "mediaconnect:ListTagsForResource", "mediaconnect:PollGateway", "mediaconnect:PurchaseOffering", "mediaconnect:RemoveBridgeOutput", "mediaconnect:RemoveBridgeSource", "mediaconnect:RemoveFlowMediaStream", "mediaconnect:RemoveFlowOutput", "mediaconnect:RemoveFlowSource", "mediaconnect:RemoveFlowVpcInterface", "mediaconnect:RevokeFlowEntitlement", "mediaconnect:StartFlow", "mediaconnect:StopFlow", "mediaconnect:SubmitGatewayStateChange", "mediaconnect:TagResource", "mediaconnect:UntagResource", "mediaconnect:UpdateBridge", "mediaconnect:UpdateBridgeOutput", "mediaconnect:UpdateBridgeSource", "mediaconnect:UpdateBridgeState", "mediaconnect:UpdateFlow", "mediaconnect:UpdateFlowEntitlement", "mediaconnect:UpdateFlowMediaStream", "mediaconnect:UpdateFlowOutput", "mediaconnect:UpdateFlowSource", "mediaconnect:UpdateGatewayInstance", "mediaconvert:AssociateCertificate", "mediaconvert:CancelJob", "mediaconvert:CreateJob", "mediaconvert:CreateJobTemplate", "mediaconvert:CreatePreset", "mediaconvert:CreateQueue", "mediaconvert:DeleteJobTemplate", "mediaconvert:DeletePolicy", "mediaconvert:DeletePreset", "mediaconvert:DeleteQueue", "mediaconvert:DescribeEndpoints", "mediaconvert:DisassociateCertificate", "mediaconvert:GetJob", "mediaconvert:GetJobTemplate", "mediaconvert:GetPolicy", "mediaconvert:GetPreset", "mediaconvert:GetQueue", "mediaconvert:ListJobTemplates", "mediaconvert:ListJobs", "mediaconvert:ListPresets", "mediaconvert:ListQueues", "mediaconvert:ListTagsForResource", "mediaconvert:PutPolicy", "mediaconvert:TagResource", "mediaconvert:UntagResource", "mediaconvert:UpdateJobTemplate", "mediaconvert:UpdatePreset", "mediaconvert:UpdateQueue", "mediaimport:CreateDatabaseBinarySnapshot", "medialive:AcceptInputDeviceTransfer", "medialive:BatchDelete", "medialive:BatchStart", "medialive:BatchStop", "medialive:BatchUpdateSchedule", "medialive:CancelInputDeviceTransfer", "medialive:ClaimDevice", "medialive:CreateChannel", "medialive:CreateCloudWatchAlarmTemplate", "medialive:CreateCloudWatchAlarmTemplateGroup", "medialive:CreateEventBridgeRuleTemplate", "medialive:CreateEventBridgeRuleTemplateGroup", "medialive:CreateInput", "medialive:CreateInputSecurityGroup", "medialive:CreateMultiplex", "medialive:CreateMultiplexProgram", "medialive:CreatePartnerInput", "medialive:CreateSignalMap", "medialive:CreateTags", "medialive:DeleteChannel", "medialive:DeleteCloudWatchAlarmTemplate", "medialive:DeleteCloudWatchAlarmTemplateGroup", "medialive:DeleteEventBridgeRuleTemplate", "medialive:DeleteEventBridgeRuleTemplateGroup", "medialive:DeleteInput", "medialive:DeleteInputSecurityGroup", "medialive:DeleteMultiplex", "medialive:DeleteMultiplexProgram", "medialive:DeleteReservation", "medialive:DeleteSchedule", "medialive:DeleteSignalMap", "medialive:DeleteTags", "medialive:DescribeAccountConfiguration", "medialive:DescribeChannel", "medialive:DescribeInput", "medialive:DescribeInputDevice", "medialive:DescribeInputDeviceThumbnail", "medialive:DescribeInputSecurityGroup", "medialive:DescribeMultiplex", "medialive:DescribeMultiplexProgram", "medialive:DescribeOffering", "medialive:DescribeReservation", "medialive:DescribeSchedule", "medialive:DescribeThumbnails", "medialive:GetCloudWatchAlarmTemplate", "medialive:GetCloudWatchAlarmTemplateGroup", "medialive:GetEventBridgeRuleTemplate", "medialive:GetEventBridgeRuleTemplateGroup", "medialive:GetSignalMap", "medialive:ListChannels", "medialive:ListCloudWatchAlarmTemplateGroups", "medialive:ListCloudWatchAlarmTemplates", "medialive:ListEventBridgeRuleTemplateGroups", "medialive:ListEventBridgeRuleTemplates", "medialive:ListInputDeviceTransfers", "medialive:ListInputDevices", "medialive:ListInputSecurityGroups", "medialive:ListInputs", "medialive:ListMultiplexPrograms", "medialive:ListMultiplexes", "medialive:ListOfferings", "medialive:ListReservations", "medialive:ListSignalMaps", "medialive:ListTagsForResource", "medialive:PurchaseOffering", "medialive:RebootInputDevice", "medialive:RejectInputDeviceTransfer", "medialive:RestartChannelPipelines", "medialive:StartChannel", "medialive:StartDeleteMonitorDeployment", "medialive:StartInputDevice", "medialive:StartInputDeviceMaintenanceWindow", "medialive:StartMonitorDeployment", "medialive:StartMultiplex", "medialive:StartUpdateSignalMap", "medialive:StopChannel", "medialive:StopInputDevice", "medialive:StopMultiplex", "medialive:TransferInputDevice", "medialive:UpdateAccountConfiguration", "medialive:UpdateChannel", "medialive:UpdateChannelClass", "medialive:UpdateCloudWatchAlarmTemplate", "medialive:UpdateCloudWatchAlarmTemplateGroup", "medialive:UpdateEventBridgeRuleTemplate", "medialive:UpdateEventBridgeRuleTemplateGroup", "medialive:UpdateInput", "medialive:UpdateInputDevice", "medialive:UpdateInputSecurityGroup", "medialive:UpdateMultiplex", "medialive:UpdateMultiplexProgram", "medialive:UpdateReservation", "mediapackage:ConfigureLogs", "mediapackage:CreateChannel", "mediapackage:CreateHarvestJob", "mediapackage:CreateOriginEndpoint", "mediapackage:DeleteChannel", "mediapackage:DeleteOriginEndpoint", "mediapackage:DescribeChannel", "mediapackage:DescribeHarvestJob", "mediapackage:DescribeOriginEndpoint", "mediapackage:ListChannels", "mediapackage:ListHarvestJobs", "mediapackage:ListOriginEndpoints", "mediapackage:ListTagsForResource", "mediapackage:RotateChannelCredentials", "mediapackage:RotateIngestEndpointCredentials", "mediapackage:TagResource", "mediapackage:UntagResource", "mediapackage:UpdateChannel", "mediapackage:UpdateOriginEndpoint", "mediapackage-vod:ConfigureLogs", "mediapackage-vod:CreateAsset", "mediapackage-vod:CreatePackagingConfiguration", "mediapackage-vod:CreatePackagingGroup", "mediapackage-vod:DeleteAsset", "mediapackage-vod:DeletePackagingConfiguration", "mediapackage-vod:DeletePackagingGroup", "mediapackage-vod:DescribeAsset", "mediapackage-vod:DescribePackagingConfiguration", "mediapackage-vod:DescribePackagingGroup", "mediapackage-vod:ListAssets", "mediapackage-vod:ListPackagingConfigurations", "mediapackage-vod:ListPackagingGroups", "mediapackage-vod:ListTagsForResource", "mediapackage-vod:TagResource", "mediapackage-vod:UntagResource", "mediapackage-vod:UpdatePackagingGroup", "mediapackagev2:CreateChannel", "mediapackagev2:CreateChannelGroup", "mediapackagev2:CreateOriginEndpoint", "mediapackagev2:DeleteChannel", "mediapackagev2:DeleteChannelGroup", "mediapackagev2:DeleteChannelPolicy", "mediapackagev2:DeleteOriginEndpoint", "mediapackagev2:DeleteOriginEndpointPolicy", "mediapackagev2:GetChannel", "mediapackagev2:GetChannelGroup", "mediapackagev2:GetChannelPolicy", "mediapackagev2:GetHeadObject", "mediapackagev2:GetObject", "mediapackagev2:GetOriginEndpoint", "mediapackagev2:GetOriginEndpointPolicy", "mediapackagev2:ListChannelGroups", "mediapackagev2:ListChannels", "mediapackagev2:ListOriginEndpoints", "mediapackagev2:ListTagsForResource", "mediapackagev2:PutChannelPolicy", "mediapackagev2:PutObject", "mediapackagev2:PutOriginEndpointPolicy", "mediapackagev2:TagResource", "mediapackagev2:UntagResource", "mediapackagev2:UpdateChannel", "mediapackagev2:UpdateChannelGroup", "mediapackagev2:UpdateOriginEndpoint", "mediastore:CreateContainer", "mediastore:DeleteContainer", "mediastore:DeleteContainerPolicy", "mediastore:DeleteCorsPolicy", "mediastore:DeleteLifecyclePolicy", "mediastore:DeleteMetricPolicy", "mediastore:DeleteObject", "mediastore:DescribeContainer", "mediastore:DescribeObject", "mediastore:GetContainerPolicy", "mediastore:GetCorsPolicy", "mediastore:GetLifecyclePolicy", "mediastore:GetMetricPolicy", "mediastore:GetObject", "mediastore:ListContainers", "mediastore:ListItems", "mediastore:ListTagsForResource", "mediastore:PutContainerPolicy", "mediastore:PutCorsPolicy", "mediastore:PutLifecyclePolicy", "mediastore:PutMetricPolicy", "mediastore:PutObject", "mediastore:StartAccessLogging", "mediastore:StopAccessLogging", "mediastore:TagResource", "mediastore:UntagResource", "mediatailor:ConfigureLogsForChannel", "mediatailor:ConfigureLogsForPlaybackConfiguration", "mediatailor:CreateChannel", "mediatailor:CreateLiveSource", "mediatailor:CreatePrefetchSchedule", "mediatailor:CreateProgram", "mediatailor:CreateSourceLocation", "mediatailor:CreateVodSource", "mediatailor:DeleteChannel", "mediatailor:DeleteChannelPolicy", "mediatailor:DeleteLiveSource", "mediatailor:DeletePlaybackConfiguration", "mediatailor:DeletePrefetchSchedule", "mediatailor:DeleteProgram", "mediatailor:DeleteSourceLocation", "mediatailor:DeleteVodSource", "mediatailor:DescribeChannel", "mediatailor:DescribeLiveSource", "mediatailor:DescribeProgram", "mediatailor:DescribeSourceLocation", "mediatailor:DescribeVodSource", "mediatailor:GetChannelPolicy", "mediatailor:GetChannelSchedule", "mediatailor:GetPlaybackConfiguration", "mediatailor:GetPrefetchSchedule", "mediatailor:ListAlerts", "mediatailor:ListChannels", "mediatailor:ListLiveSources", "mediatailor:ListPlaybackConfigurations", "mediatailor:ListPrefetchSchedules", "mediatailor:ListSourceLocations", "mediatailor:ListTagsForResource", "mediatailor:ListVodSources", "mediatailor:PutChannelPolicy", "mediatailor:PutPlaybackConfiguration", "mediatailor:StartChannel", "mediatailor:StopChannel", "mediatailor:TagResource", "mediatailor:UntagResource", "mediatailor:UpdateChannel", "mediatailor:UpdateLiveSource", "mediatailor:UpdateProgram", "mediatailor:UpdateSourceLocation", "mediatailor:UpdateVodSource", "medical-imaging:CopyImageSet", "medical-imaging:CreateDatastore", "medical-imaging:DeleteDatastore", "medical-imaging:DeleteImageSet", "medical-imaging:GetDICOMImportJob", "medical-imaging:GetDatastore", "medical-imaging:GetImageFrame", "medical-imaging:GetImageSet", "medical-imaging:GetImageSetMetadata", "medical-imaging:ListDICOMImportJobs", "medical-imaging:ListDatastores", "medical-imaging:ListImageSetVersions", "medical-imaging:ListTagsForResource", "medical-imaging:SearchImageSets", "medical-imaging:StartDICOMImportJob", "medical-imaging:TagResource", "medical-imaging:UntagResource", "medical-imaging:UpdateImageSetMetadata", "memorydb:BatchUpdateCluster", "memorydb:Connect", "memorydb:CopySnapshot", "memorydb:CreateAcl", "memorydb:CreateCluster", "memorydb:CreateParameterGroup", "memorydb:CreateSnapshot", "memorydb:CreateSubnetGroup", "memorydb:CreateUser", "memorydb:DeleteAcl", "memorydb:DeleteCluster", "memorydb:DeleteParameterGroup", "memorydb:DeleteSnapshot", "memorydb:DeleteSubnetGroup", "memorydb:DeleteUser", "memorydb:DescribeAcls", "memorydb:DescribeClusters", "memorydb:DescribeEngineVersions", "memorydb:DescribeEvents", "memorydb:DescribeParameterGroups", "memorydb:DescribeParameters", "memorydb:DescribeReservedNodes", "memorydb:DescribeReservedNodesOfferings", "memorydb:DescribeServiceUpdates", "memorydb:DescribeSnapshots", "memorydb:DescribeSubnetGroups", "memorydb:DescribeUsers", "memorydb:FailoverShard", "memorydb:ListAllowedNodeTypeUpdates", "memorydb:ListTags", "memorydb:PurchaseReservedNodesOffering", "memorydb:ResetParameterGroup", "memorydb:TagResource", "memorydb:UntagResource", "memorydb:UpdateAcl", "memorydb:UpdateCluster", "memorydb:UpdateParameterGroup", "memorydb:UpdateSubnetGroup", "memorydb:UpdateUser", "mgh:AssociateCreatedArtifact", "mgh:AssociateDiscoveredResource", "mgh:CreateHomeRegionControl", "mgh:CreateProgressUpdateStream", "mgh:DeleteHomeRegionControl", "mgh:DeleteProgressUpdateStream", "mgh:DescribeApplicationState", "mgh:DescribeHomeRegionControls", "mgh:DescribeMigrationTask", "mgh:DisassociateCreatedArtifact", "mgh:DisassociateDiscoveredResource", "mgh:GetHomeRegion", "mgh:ImportMigrationTask", "mgh:ListApplicationStates", "mgh:ListCreatedArtifacts", "mgh:ListDiscoveredResources", "mgh:ListMigrationTasks", "mgh:ListProgressUpdateStreams", "mgh:NotifyApplicationState", "mgh:NotifyMigrationTaskState", "mgh:PutResourceAttributes", "mgn:ArchiveApplication", "mgn:ArchiveWave", "mgn:AssociateApplications", "mgn:AssociateSourceServers", "mgn:BatchCreateVolumeSnapshotGroupForMgn", "mgn:BatchDeleteSnapshotRequestForMgn", "mgn:ChangeServerLifeCycleState", "mgn:CreateApplication", "mgn:CreateConnector", "mgn:CreateLaunchConfigurationTemplate", "mgn:CreateReplicationConfigurationTemplate", "mgn:CreateVcenterClientForMgn", "mgn:CreateWave", "mgn:DeleteApplication", "mgn:DeleteConnector", "mgn:DeleteJob", "mgn:DeleteLaunchConfigurationTemplate", "mgn:DeleteReplicationConfigurationTemplate", "mgn:DeleteSourceServer", "mgn:DeleteVcenterClient", "mgn:DeleteWave", "mgn:DescribeJobLogItems", "mgn:DescribeJobs", "mgn:DescribeLaunchConfigurationTemplates", "mgn:DescribeReplicationConfigurationTemplates", "mgn:DescribeReplicationServerAssociationsForMgn", "mgn:DescribeSnapshotRequestsForMgn", "mgn:DescribeSourceServers", "mgn:DescribeVcenterClients", "mgn:DisassociateApplications", "mgn:DisassociateSourceServers", "mgn:DisconnectFromService", "mgn:FinalizeCutover", "mgn:GetAgentCommandForMgn", "mgn:GetAgentConfirmedResumeInfoForMgn", "mgn:GetAgentInstallationAssetsForMgn", "mgn:GetAgentReplicationInfoForMgn", "mgn:GetAgentRuntimeConfigurationForMgn", "mgn:GetAgentSnapshotCreditsForMgn", "mgn:GetChannelCommandsForMgn", "mgn:GetLaunchConfiguration", "mgn:GetReplicationConfiguration", "mgn:GetVcenterClientCommandsForMgn", "mgn:InitializeService", "mgn:IssueClientCertificateForMgn", "mgn:ListApplications", "mgn:ListConnectors", "mgn:ListExportErrors", "mgn:ListExports", "mgn:ListImportErrors", "mgn:ListImports", "mgn:ListManagedAccounts", "mgn:ListSourceServerActions", "mgn:ListTagsForResource", "mgn:ListTemplateActions", "mgn:ListWaves", "mgn:MarkAsArchived", "mgn:NotifyAgentAuthenticationForMgn", "mgn:NotifyAgentConnectedForMgn", "mgn:NotifyAgentDisconnectedForMgn", "mgn:NotifyAgentReplicationProgressForMgn", "mgn:NotifyVcenterClientStartedForMgn", "mgn:PauseReplication", "mgn:PutSourceServerAction", "mgn:PutTemplateAction", "mgn:RegisterAgentForMgn", "mgn:RemoveSourceServerAction", "mgn:RemoveTemplateAction", "mgn:ResumeReplication", "mgn:RetryDataReplication", "mgn:SendAgentLogsForMgn", "mgn:SendAgentMetricsForMgn", "mgn:SendChannelCommandResultForMgn", "mgn:SendClientLogsForMgn", "mgn:SendClientMetricsForMgn", "mgn:SendVcenterClientCommandResultForMgn", "mgn:SendVcenterClientLogsForMgn", "mgn:SendVcenterClientMetricsForMgn", "mgn:StartCutover", "mgn:StartExport", "mgn:StartImport", "mgn:StartReplication", "mgn:StartTest", "mgn:StopReplication", "mgn:TagResource", "mgn:TerminateTargetInstances", "mgn:UnarchiveApplication", "mgn:UnarchiveWave", "mgn:UntagResource", "mgn:UpdateAgentBacklogForMgn", "mgn:UpdateAgentConversionInfoForMgn", "mgn:UpdateAgentReplicationInfoForMgn", "mgn:UpdateAgentReplicationProcessStateForMgn", "mgn:UpdateAgentSourcePropertiesForMgn", "mgn:UpdateApplication", "mgn:UpdateConnector", "mgn:UpdateLaunchConfiguration", "mgn:UpdateLaunchConfigurationTemplate", "mgn:UpdateReplicationConfiguration", "mgn:UpdateReplicationConfigurationTemplate", "mgn:UpdateSourceServer", "mgn:UpdateSourceServerReplicationType", "mgn:UpdateWave", "mgn:VerifyClientRoleForMgn", "migrationhub-orchestrator:CreateTemplate", "migrationhub-orchestrator:CreateWorkflow", "migrationhub-orchestrator:CreateWorkflowStep", "migrationhub-orchestrator:CreateWorkflowStepGroup", "migrationhub-orchestrator:DeleteTemplate", "migrationhub-orchestrator:DeleteWorkflow", "migrationhub-orchestrator:DeleteWorkflowStep", "migrationhub-orchestrator:DeleteWorkflowStepGroup", "migrationhub-orchestrator:GetMessage", "migrationhub-orchestrator:GetTemplate", "migrationhub-orchestrator:GetTemplateStep", "migrationhub-orchestrator:GetTemplateStepGroup", "migrationhub-orchestrator:GetWorkflow", "migrationhub-orchestrator:GetWorkflowStep", "migrationhub-orchestrator:GetWorkflowStepGroup", "migrationhub-orchestrator:ListPlugins", "migrationhub-orchestrator:ListTagsForResource", "migrationhub-orchestrator:ListTemplateStepGroups", "migrationhub-orchestrator:ListTemplateSteps", "migrationhub-orchestrator:ListTemplates", "migrationhub-orchestrator:ListWorkflowStepGroups", "migrationhub-orchestrator:ListWorkflowSteps", "migrationhub-orchestrator:ListWorkflows", "migrationhub-orchestrator:RegisterPlugin", "migrationhub-orchestrator:RetryWorkflowStep", "migrationhub-orchestrator:SendMessage", "migrationhub-orchestrator:StartWorkflow", "migrationhub-orchestrator:StopWorkflow", "migrationhub-orchestrator:TagResource", "migrationhub-orchestrator:UntagResource", "migrationhub-orchestrator:UpdateTemplate", "migrationhub-orchestrator:UpdateWorkflow", "migrationhub-orchestrator:UpdateWorkflowStep", "migrationhub-orchestrator:UpdateWorkflowStepGroup", "migrationhub-strategy:GetAntiPattern", "migrationhub-strategy:GetApplicationComponentDetails", "migrationhub-strategy:GetApplicationComponentStrategies", "migrationhub-strategy:GetAssessment", "migrationhub-strategy:GetImportFileTask", "migrationhub-strategy:GetLatestAssessmentId", "migrationhub-strategy:GetMessage", "migrationhub-strategy:GetPortfolioPreferences", "migrationhub-strategy:GetPortfolioSummary", "migrationhub-strategy:GetRecommendationReportDetails", "migrationhub-strategy:GetServerDetails", "migrationhub-strategy:GetServerStrategies", "migrationhub-strategy:ListAnalyzableServers", "migrationhub-strategy:ListAntiPatterns", "migrationhub-strategy:ListApplicationComponents", "migrationhub-strategy:ListCollectors", "migrationhub-strategy:ListImportFileTask", "migrationhub-strategy:ListJarArtifacts", "migrationhub-strategy:ListServers", "migrationhub-strategy:PutLogData", "migrationhub-strategy:PutMetricData", "migrationhub-strategy:PutPortfolioPreferences", "migrationhub-strategy:RegisterCollector", "migrationhub-strategy:SendMessage", "migrationhub-strategy:StartAssessment", "migrationhub-strategy:StartImportFileTask", "migrationhub-strategy:StartRecommendationReportGeneration", "migrationhub-strategy:StopAssessment", "migrationhub-strategy:UpdateApplicationComponentConfig", "migrationhub-strategy:UpdateCollectorConfiguration", "migrationhub-strategy:UpdateServerConfig", "mobileanalytics:GetFinancialReports", "mobileanalytics:GetReports", "mobileanalytics:PutEvents", "mobiletargeting:CreateApp", "mobiletargeting:CreateCampaign", "mobiletargeting:CreateEmailTemplate", "mobiletargeting:CreateExportJob", "mobiletargeting:CreateImportJob", "mobiletargeting:CreateInAppTemplate", "mobiletargeting:CreateJourney", "mobiletargeting:CreatePushTemplate", "mobiletargeting:CreateRecommenderConfiguration", "mobiletargeting:CreateSegment", "mobiletargeting:CreateSmsTemplate", "mobiletargeting:CreateVoiceTemplate", "mobiletargeting:DeleteAdmChannel", "mobiletargeting:DeleteApnsChannel", "mobiletargeting:DeleteApnsSandboxChannel", "mobiletargeting:DeleteApnsVoipChannel", "mobiletargeting:DeleteApnsVoipSandboxChannel", "mobiletargeting:DeleteApp", "mobiletargeting:DeleteBaiduChannel", "mobiletargeting:DeleteCampaign", "mobiletargeting:DeleteEmailChannel", "mobiletargeting:DeleteEmailTemplate", "mobiletargeting:DeleteEndpoint", "mobiletargeting:DeleteEventStream", "mobiletargeting:DeleteGcmChannel", "mobiletargeting:DeleteInAppTemplate", "mobiletargeting:DeleteJourney", "mobiletargeting:DeletePushTemplate", "mobiletargeting:DeleteRecommenderConfiguration", "mobiletargeting:DeleteSegment", "mobiletargeting:DeleteSmsChannel", "mobiletargeting:DeleteSmsTemplate", "mobiletargeting:DeleteUserEndpoints", "mobiletargeting:DeleteVoiceChannel", "mobiletargeting:DeleteVoiceTemplate", "mobiletargeting:GetAdmChannel", "mobiletargeting:GetApnsChannel", "mobiletargeting:GetApnsSandboxChannel", "mobiletargeting:GetApnsVoipChannel", "mobiletargeting:GetApnsVoipSandboxChannel", "mobiletargeting:GetApp", "mobiletargeting:GetApplicationDateRangeKpi", "mobiletargeting:GetApplicationSettings", "mobiletargeting:GetApps", "mobiletargeting:GetBaiduChannel", "mobiletargeting:GetCampaign", "mobiletargeting:GetCampaignActivities", "mobiletargeting:GetCampaignDateRangeKpi", "mobiletargeting:GetCampaignVersion", "mobiletargeting:GetCampaignVersions", "mobiletargeting:GetCampaigns", "mobiletargeting:GetChannels", "mobiletargeting:GetEmailChannel", "mobiletargeting:GetEmailTemplate", "mobiletargeting:GetEndpoint", "mobiletargeting:GetEventStream", "mobiletargeting:GetExportJob", "mobiletargeting:GetExportJobs", "mobiletargeting:GetGcmChannel", "mobiletargeting:GetImportJob", "mobiletargeting:GetImportJobs", "mobiletargeting:GetInAppMessages", "mobiletargeting:GetInAppTemplate", "mobiletargeting:GetJourney", "mobiletargeting:GetJourneyDateRangeKpi", "mobiletargeting:GetJourneyExecutionActivityMetrics", "mobiletargeting:GetJourneyExecutionMetrics", "mobiletargeting:GetJourneyRunExecutionActivityMetrics", "mobiletargeting:GetJourneyRunExecutionMetrics", "mobiletargeting:GetJourneyRuns", "mobiletargeting:GetPushTemplate", "mobiletargeting:GetRecommenderConfiguration", "mobiletargeting:GetRecommenderConfigurations", "mobiletargeting:GetReports", "mobiletargeting:GetSegment", "mobiletargeting:GetSegmentExportJobs", "mobiletargeting:GetSegmentImportJobs", "mobiletargeting:GetSegmentVersion", "mobiletargeting:GetSegmentVersions", "mobiletargeting:GetSegments", "mobiletargeting:GetSmsChannel", "mobiletargeting:GetSmsTemplate", "mobiletargeting:GetUserEndpoints", "mobiletargeting:GetVoiceChannel", "mobiletargeting:GetVoiceTemplate", "mobiletargeting:ListJourneys", "mobiletargeting:ListTagsForResource", "mobiletargeting:ListTemplateVersions", "mobiletargeting:ListTemplates", "mobiletargeting:PhoneNumberValidate", "mobiletargeting:PutEventStream", "mobiletargeting:PutEvents", "mobiletargeting:RemoveAttributes", "mobiletargeting:SendMessages", "mobiletargeting:SendOTPMessage", "mobiletargeting:SendUsersMessages", "mobiletargeting:TagResource", "mobiletargeting:UntagResource", "mobiletargeting:UpdateAdmChannel", "mobiletargeting:UpdateApnsChannel", "mobiletargeting:UpdateApnsSandboxChannel", "mobiletargeting:UpdateApnsVoipChannel", "mobiletargeting:UpdateApnsVoipSandboxChannel", "mobiletargeting:UpdateApplicationSettings", "mobiletargeting:UpdateBaiduChannel", "mobiletargeting:UpdateCampaign", "mobiletargeting:UpdateEmailChannel", "mobiletargeting:UpdateEmailTemplate", "mobiletargeting:UpdateEndpoint", "mobiletargeting:UpdateEndpointsBatch", "mobiletargeting:UpdateGcmChannel", "mobiletargeting:UpdateInAppTemplate", "mobiletargeting:UpdateJourney", "mobiletargeting:UpdateJourneyState", "mobiletargeting:UpdatePushTemplate", "mobiletargeting:UpdateRecommenderConfiguration", "mobiletargeting:UpdateSegment", "mobiletargeting:UpdateSmsChannel", "mobiletargeting:UpdateSmsTemplate", "mobiletargeting:UpdateTemplateActiveVersion", "mobiletargeting:UpdateVoiceChannel", "mobiletargeting:UpdateVoiceTemplate", "mobiletargeting:VerifyOTPMessage", "monitron:AssociateProjectAdminUser", "monitron:CreateProject", "monitron:CreateProjectUserAssociation", "monitron:CreateUserAccessRoleAssociation", "monitron:DeleteProject", "monitron:DeleteProjectUserAssociation", "monitron:DeleteUserAccessRoleAssociation", "monitron:DisassociateProjectAdminUser", "monitron:GetProject", "monitron:GetProjectAdminUser", "monitron:ListProjectAdminUsers", "monitron:ListProjectUserAssociations", "monitron:ListProjects", "monitron:ListTagsForResource", "monitron:ListUserAccessRoleAssociations", "monitron:TagResource", "monitron:UntagResource", "monitron:UpdateProject", "mq:CreateBroker", "mq:CreateConfiguration", "mq:CreateReplicaBroker", "mq:CreateTags", "mq:CreateUser", "mq:DeleteBroker", "mq:DeleteTags", "mq:DeleteUser", "mq:DescribeBroker", "mq:DescribeBrokerEngineTypes", "mq:DescribeBrokerInstanceOptions", "mq:DescribeConfiguration", "mq:DescribeConfigurationRevision", "mq:DescribeUser", "mq:ListBrokers", "mq:ListConfigurationRevisions", "mq:ListConfigurations", "mq:ListTags", "mq:ListUsers", "mq:Promote", "mq:RebootBroker", "mq:UpdateBroker", "mq:UpdateConfiguration", "mq:UpdateUser", "neptune-db:CancelLoaderJob", "neptune-db:CancelMLDataProcessingJob", "neptune-db:CancelMLModelTrainingJob", "neptune-db:CancelMLModelTransformJob", "neptune-db:CancelQuery", "neptune-db:CreateMLEndpoint", "neptune-db:DeleteDataViaQuery", "neptune-db:DeleteMLEndpoint", "neptune-db:DeleteStatistics", "neptune-db:GetEngineStatus", "neptune-db:GetGraphSummary", "neptune-db:GetLoaderJobStatus", "neptune-db:GetMLDataProcessingJobStatus", "neptune-db:GetMLEndpointStatus", "neptune-db:GetMLModelTrainingJobStatus", "neptune-db:GetMLModelTransformJobStatus", "neptune-db:GetQueryStatus", "neptune-db:GetStatisticsStatus", "neptune-db:GetStreamRecords", "neptune-db:ListLoaderJobs", "neptune-db:ListMLDataProcessingJobs", "neptune-db:ListMLEndpoints", "neptune-db:ListMLModelTrainingJobs", "neptune-db:ListMLModelTransformJobs", "neptune-db:ManageStatistics", "neptune-db:ReadDataViaQuery", "neptune-db:ResetDatabase", "neptune-db:StartLoaderJob", "neptune-db:StartMLDataProcessingJob", "neptune-db:StartMLModelTrainingJob", "neptune-db:StartMLModelTransformJob", "neptune-db:WriteDataViaQuery", "neptune-db:connect", "neptune-graph:CancelImportTask", "neptune-graph:CancelQuery", "neptune-graph:CreateGraph", "neptune-graph:CreateGraphSnapshot", "neptune-graph:CreateGraphUsingImportTask", "neptune-graph:CreatePrivateGraphEndpoint", "neptune-graph:DeleteDataViaQuery", "neptune-graph:DeleteGraph", "neptune-graph:DeleteGraphSnapshot", "neptune-graph:DeletePrivateGraphEndpoint", "neptune-graph:GetEngineStatus", "neptune-graph:GetGraph", "neptune-graph:GetGraphSnapshot", "neptune-graph:GetGraphSummary", "neptune-graph:GetImportTask", "neptune-graph:GetPrivateGraphEndpoint", "neptune-graph:GetQueryStatus", "neptune-graph:GetStatisticsStatus", "neptune-graph:ListGraphSnapshots", "neptune-graph:ListGraphs", "neptune-graph:ListImportTasks", "neptune-graph:ListPrivateGraphEndpoints", "neptune-graph:ListQueries", "neptune-graph:ListTagsForResource", "neptune-graph:ReadDataViaQuery", "neptune-graph:ResetGraph", "neptune-graph:RestoreGraphFromSnapshot", "neptune-graph:StartImportTask", "neptune-graph:TagResource", "neptune-graph:UntagResource", "neptune-graph:UpdateGraph", "neptune-graph:WriteDataViaQuery", "network-firewall:AssociateFirewallPolicy", "network-firewall:AssociateSubnets", "network-firewall:CreateFirewall", "network-firewall:CreateFirewallPolicy", "network-firewall:CreateRuleGroup", "network-firewall:CreateTLSInspectionConfiguration", "network-firewall:DeleteFirewall", "network-firewall:DeleteFirewallPolicy", "network-firewall:DeleteResourcePolicy", "network-firewall:DeleteRuleGroup", "network-firewall:DeleteTLSInspectionConfiguration", "network-firewall:DescribeFirewall", "network-firewall:DescribeFirewallPolicy", "network-firewall:DescribeLoggingConfiguration", "network-firewall:DescribeResourcePolicy", "network-firewall:DescribeRuleGroup", "network-firewall:DescribeRuleGroupMetadata", "network-firewall:DescribeTLSInspectionConfiguration", "network-firewall:DisassociateSubnets", "network-firewall:ListFirewallPolicies", "network-firewall:ListFirewalls", "network-firewall:ListRuleGroups", "network-firewall:ListTLSInspectionConfigurations", "network-firewall:ListTagsForResource", "network-firewall:PutResourcePolicy", "network-firewall:TagResource", "network-firewall:UntagResource", "network-firewall:UpdateFirewallDeleteProtection", "network-firewall:UpdateFirewallDescription", "network-firewall:UpdateFirewallEncryptionConfiguration", "network-firewall:UpdateFirewallPolicy", "network-firewall:UpdateFirewallPolicyChangeProtection", "network-firewall:UpdateLoggingConfiguration", "network-firewall:UpdateRuleGroup", "network-firewall:UpdateSubnetChangeProtection", "network-firewall:UpdateTLSInspectionConfiguration", "networkmanager:AcceptAttachment", "networkmanager:AssociateConnectPeer", "networkmanager:AssociateCustomerGateway", "networkmanager:AssociateLink", "networkmanager:AssociateTransitGatewayConnectPeer", "networkmanager:CreateConnectAttachment", "networkmanager:CreateConnectPeer", "networkmanager:CreateConnection", "networkmanager:CreateCoreNetwork", "networkmanager:CreateDevice", "networkmanager:CreateGlobalNetwork", "networkmanager:CreateLink", "networkmanager:CreateSite", "networkmanager:CreateSiteToSiteVpnAttachment", "networkmanager:CreateTransitGatewayPeering", "networkmanager:CreateTransitGatewayRouteTableAttachment", "networkmanager:CreateVpcAttachment", "networkmanager:DeleteAttachment", "networkmanager:DeleteConnectPeer", "networkmanager:DeleteConnection", "networkmanager:DeleteCoreNetwork", "networkmanager:DeleteCoreNetworkPolicyVersion", "networkmanager:DeleteDevice", "networkmanager:DeleteGlobalNetwork", "networkmanager:DeleteLink", "networkmanager:DeletePeering", "networkmanager:DeleteResourcePolicy", "networkmanager:DeleteSite", "networkmanager:DeregisterTransitGateway", "networkmanager:DescribeGlobalNetworks", "networkmanager:DisassociateConnectPeer", "networkmanager:DisassociateCustomerGateway", "networkmanager:DisassociateLink", "networkmanager:DisassociateTransitGatewayConnectPeer", "networkmanager:ExecuteCoreNetworkChangeSet", "networkmanager:GetConnectAttachment", "networkmanager:GetConnectPeer", "networkmanager:GetConnectPeerAssociations", "networkmanager:GetConnections", "networkmanager:GetCoreNetwork", "networkmanager:GetCoreNetworkChangeEvents", "networkmanager:GetCoreNetworkChangeSet", "networkmanager:GetCoreNetworkPolicy", "networkmanager:GetCustomerGatewayAssociations", "networkmanager:GetDevices", "networkmanager:GetLinkAssociations", "networkmanager:GetLinks", "networkmanager:GetNetworkResourceCounts", "networkmanager:GetNetworkResourceRelationships", "networkmanager:GetNetworkResources", "networkmanager:GetNetworkRoutes", "networkmanager:GetNetworkTelemetry", "networkmanager:GetResourcePolicy", "networkmanager:GetRouteAnalysis", "networkmanager:GetSiteToSiteVpnAttachment", "networkmanager:GetSites", "networkmanager:GetTransitGatewayConnectPeerAssociations", "networkmanager:GetTransitGatewayPeering", "networkmanager:GetTransitGatewayRegistrations", "networkmanager:GetTransitGatewayRouteTableAttachment", "networkmanager:GetVpcAttachment", "networkmanager:ListAttachments", "networkmanager:ListConnectPeers", "networkmanager:ListCoreNetworkPolicyVersions", "networkmanager:ListCoreNetworks", "networkmanager:ListOrganizationServiceAccessStatus", "networkmanager:ListPeerings", "networkmanager:ListTagsForResource", "networkmanager:PutCoreNetworkPolicy", "networkmanager:PutResourcePolicy", "networkmanager:RegisterTransitGateway", "networkmanager:RejectAttachment", "networkmanager:RestoreCoreNetworkPolicyVersion", "networkmanager:StartOrganizationServiceAccessUpdate", "networkmanager:StartRouteAnalysis", "networkmanager:TagResource", "networkmanager:UntagResource", "networkmanager:UpdateConnection", "networkmanager:UpdateCoreNetwork", "networkmanager:UpdateDevice", "networkmanager:UpdateGlobalNetwork", "networkmanager:UpdateLink", "networkmanager:UpdateNetworkResourceMetadata", "networkmanager:UpdateSite", "networkmanager:UpdateVpcAttachment", "networkmanager-chat:CancelMessageResponse", "networkmanager-chat:CreateConversation", "networkmanager-chat:DeleteConversation", "networkmanager-chat:ListConversationMessages", "networkmanager-chat:ListConversations", "networkmanager-chat:NotifyConversationIsActive", "networkmanager-chat:SendConversationMessage", "networkmonitor:CreateMonitor", "networkmonitor:CreateProbe", "networkmonitor:DeleteMonitor", "networkmonitor:DeleteProbe", "networkmonitor:GetMonitor", "networkmonitor:GetProbe", "networkmonitor:ListMonitors", "networkmonitor:ListTagsForResource", "networkmonitor:TagResource", "networkmonitor:UntagResource", "networkmonitor:UpdateMonitor", "networkmonitor:UpdateProbe", "nimble:AcceptEulas", "nimble:CreateLaunchProfile", "nimble:CreateStreamingImage", "nimble:CreateStreamingSession", "nimble:CreateStreamingSessionStream", "nimble:CreateStudio", "nimble:CreateStudioComponent", "nimble:DeleteLaunchProfile", "nimble:DeleteLaunchProfileMember", "nimble:DeleteStreamingImage", "nimble:DeleteStreamingSession", "nimble:DeleteStudio", "nimble:DeleteStudioComponent", "nimble:DeleteStudioMember", "nimble:GetEula", "nimble:GetFeatureMap", "nimble:GetLaunchProfile", "nimble:GetLaunchProfileDetails", "nimble:GetLaunchProfileInitialization", "nimble:GetLaunchProfileMember", "nimble:GetStreamingImage", "nimble:GetStreamingSession", "nimble:GetStreamingSessionBackup", "nimble:GetStreamingSessionStream", "nimble:GetStudio", "nimble:GetStudioComponent", "nimble:GetStudioMember", "nimble:ListEulaAcceptances", "nimble:ListEulas", "nimble:ListLaunchProfileMembers", "nimble:ListLaunchProfiles", "nimble:ListStreamingImages", "nimble:ListStreamingSessionBackups", "nimble:ListStreamingSessions", "nimble:ListStudioComponents", "nimble:ListStudioMembers", "nimble:ListStudios", "nimble:ListTagsForResource", "nimble:PutLaunchProfileMembers", "nimble:PutStudioLogEvents", "nimble:PutStudioMembers", "nimble:StartStreamingSession", "nimble:StartStudioSSOConfigurationRepair", "nimble:StopStreamingSession", "nimble:TagResource", "nimble:UntagResource", "nimble:UpdateLaunchProfile", "nimble:UpdateLaunchProfileMember", "nimble:UpdateStreamingImage", "nimble:UpdateStudio", "nimble:UpdateStudioComponent", "notifications:AssociateChannel", "notifications:CreateEventRule", "notifications:CreateNotificationConfiguration", "notifications:DeleteEventRule", "notifications:DeleteNotificationConfiguration", "notifications:DeregisterNotificationHub", "notifications:DisassociateChannel", "notifications:GetEventRule", "notifications:GetNotificationConfiguration", "notifications:GetNotificationEvent", "notifications:ListChannels", "notifications:ListEventRules", "notifications:ListNotificationConfigurations", "notifications:ListNotificationEvents", "notifications:ListNotificationHubs", "notifications:ListTagsForResource", "notifications:RegisterNotificationHub", "notifications:TagResource", "notifications:UntagResource", "notifications:UpdateEventRule", "notifications:UpdateNotificationConfiguration", "notifications-contacts:ActivateEmailContact", "notifications-contacts:CreateEmailContact", "notifications-contacts:DeleteEmailContact", "notifications-contacts:GetEmailContact", "notifications-contacts:ListEmailContacts", "notifications-contacts:ListTagsForResource", "notifications-contacts:SendActivationCode", "notifications-contacts:TagResource", "notifications-contacts:UntagResource", "oam:CreateLink", "oam:CreateSink", "oam:DeleteLink", "oam:DeleteSink", "oam:GetLink", "oam:GetSink", "oam:GetSinkPolicy", "oam:ListAttachedLinks", "oam:ListLinks", "oam:ListSinks", "oam:ListTagsForResource", "oam:PutSinkPolicy", "oam:TagResource", "oam:UntagResource", "oam:UpdateLink", "omics:AbortMultipartReadSetUpload", "omics:AcceptShare", "omics:BatchDeleteReadSet", "omics:CancelAnnotationImportJob", "omics:CancelRun", "omics:CancelVariantImportJob", "omics:CompleteMultipartReadSetUpload", "omics:CreateAnnotationStore", "omics:CreateAnnotationStoreVersion", "omics:CreateMultipartReadSetUpload", "omics:CreateReferenceStore", "omics:CreateRunGroup", "omics:CreateSequenceStore", "omics:CreateShare", "omics:CreateVariantStore", "omics:CreateWorkflow", "omics:DeleteAnnotationStore", "omics:DeleteAnnotationStoreVersions", "omics:DeleteReference", "omics:DeleteReferenceStore", "omics:DeleteRun", "omics:DeleteRunGroup", "omics:DeleteSequenceStore", "omics:DeleteShare", "omics:DeleteVariantStore", "omics:DeleteWorkflow", "omics:GetAnnotationImportJob", "omics:GetAnnotationStore", "omics:GetAnnotationStoreVersion", "omics:GetReadSet", "omics:GetReadSetActivationJob", "omics:GetReadSetExportJob", "omics:GetReadSetImportJob", "omics:GetReadSetMetadata", "omics:GetReference", "omics:GetReferenceImportJob", "omics:GetReferenceMetadata", "omics:GetReferenceStore", "omics:GetRun", "omics:GetRunGroup", "omics:GetRunTask", "omics:GetSequenceStore", "omics:GetShare", "omics:GetVariantImportJob", "omics:GetVariantStore", "omics:GetWorkflow", "omics:ListAnnotationImportJobs", "omics:ListAnnotationStoreVersions", "omics:ListAnnotationStores", "omics:ListMultipartReadSetUploads", "omics:ListReadSetActivationJobs", "omics:ListReadSetExportJobs", "omics:ListReadSetImportJobs", "omics:ListReadSetUploadParts", "omics:ListReadSets", "omics:ListReferenceImportJobs", "omics:ListReferenceStores", "omics:ListReferences", "omics:ListRunGroups", "omics:ListRunTasks", "omics:ListRuns", "omics:ListSequenceStores", "omics:ListShares", "omics:ListTagsForResource", "omics:ListVariantImportJobs", "omics:ListVariantStores", "omics:ListWorkflows", "omics:StartAnnotationImportJob", "omics:StartReadSetActivationJob", "omics:StartReadSetExportJob", "omics:StartReadSetImportJob", "omics:StartReferenceImportJob", "omics:StartRun", "omics:StartVariantImportJob", "omics:TagResource", "omics:UntagResource", "omics:UpdateAnnotationStore", "omics:UpdateAnnotationStoreVersion", "omics:UpdateRunGroup", "omics:UpdateVariantStore", "omics:UpdateWorkflow", "omics:UploadReadSetPart", "one:CreateDeviceActivationQrCode", "one:CreateDeviceConfigurationTemplate", "one:CreateDeviceInstance", "one:CreateDeviceInstanceConfiguration", "one:CreateSite", "one:DeleteAssociatedDevice", "one:DeleteDeviceConfigurationTemplate", "one:DeleteDeviceInstance", "one:DeleteSite", "one:DeleteUser", "one:GetDeviceConfigurationTemplate", "one:GetDeviceInstance", "one:GetDeviceInstanceConfiguration", "one:GetSite", "one:GetSiteAddress", "one:ListDeviceConfigurationTemplates", "one:ListDeviceInstances", "one:ListSites", "one:ListTagsForResource", "one:ListUsers", "one:RebootDevice", "one:TagResource", "one:UntagResource", "one:UpdateDeviceConfigurationTemplate", "one:UpdateDeviceInstance", "one:UpdateSite", "one:UpdateSiteAddress", "opsworks:AssignInstance", "opsworks:AssignVolume", "opsworks:AssociateElasticIp", "opsworks:AttachElasticLoadBalancer", "opsworks:CloneStack", "opsworks:CreateApp", "opsworks:CreateDeployment", "opsworks:CreateInstance", "opsworks:CreateLayer", "opsworks:CreateStack", "opsworks:CreateUserProfile", "opsworks:DeleteApp", "opsworks:DeleteInstance", "opsworks:DeleteLayer", "opsworks:DeleteStack", "opsworks:DeleteUserProfile", "opsworks:DeregisterEcsCluster", "opsworks:DeregisterElasticIp", "opsworks:DeregisterInstance", "opsworks:DeregisterRdsDbInstance", "opsworks:DeregisterVolume", "opsworks:DescribeAgentVersions", "opsworks:DescribeApps", "opsworks:DescribeCommands", "opsworks:DescribeDeployments", "opsworks:DescribeEcsClusters", "opsworks:DescribeElasticIps", "opsworks:DescribeElasticLoadBalancers", "opsworks:DescribeInstances", "opsworks:DescribeLayers", "opsworks:DescribeLoadBasedAutoScaling", "opsworks:DescribeMyUserProfile", "opsworks:DescribeOperatingSystems", "opsworks:DescribePermissions", "opsworks:DescribeRaidArrays", "opsworks:DescribeRdsDbInstances", "opsworks:DescribeServiceErrors", "opsworks:DescribeStackProvisioningParameters", "opsworks:DescribeStackSummary", "opsworks:DescribeStacks", "opsworks:DescribeTimeBasedAutoScaling", "opsworks:DescribeUserProfiles", "opsworks:DescribeVolumes", "opsworks:DetachElasticLoadBalancer", "opsworks:DisassociateElasticIp", "opsworks:GetHostnameSuggestion", "opsworks:GrantAccess", "opsworks:ListTags", "opsworks:RebootInstance", "opsworks:RegisterEcsCluster", "opsworks:RegisterElasticIp", "opsworks:RegisterInstance", "opsworks:RegisterRdsDbInstance", "opsworks:RegisterVolume", "opsworks:SetLoadBasedAutoScaling", "opsworks:SetPermission", "opsworks:SetTimeBasedAutoScaling", "opsworks:StartInstance", "opsworks:StartStack", "opsworks:StopInstance", "opsworks:StopStack", "opsworks:TagResource", "opsworks:UnassignInstance", "opsworks:UnassignVolume", "opsworks:UntagResource", "opsworks:UpdateApp", "opsworks:UpdateElasticIp", "opsworks:UpdateInstance", "opsworks:UpdateLayer", "opsworks:UpdateMyUserProfile", "opsworks:UpdateRdsDbInstance", "opsworks:UpdateStack", "opsworks:UpdateUserProfile", "opsworks:UpdateVolume", "opsworks-cm:AssociateNode", "opsworks-cm:CreateBackup", "opsworks-cm:CreateServer", "opsworks-cm:DeleteBackup", "opsworks-cm:DeleteServer", "opsworks-cm:DescribeAccountAttributes", "opsworks-cm:DescribeBackups", "opsworks-cm:DescribeEvents", "opsworks-cm:DescribeNodeAssociationStatus", "opsworks-cm:DescribeServers", "opsworks-cm:DisassociateNode", "opsworks-cm:ExportServerEngineAttribute", "opsworks-cm:ListTagsForResource", "opsworks-cm:RestoreServer", "opsworks-cm:StartMaintenance", "opsworks-cm:TagResource", "opsworks-cm:UntagResource", "opsworks-cm:UpdateServer", "opsworks-cm:UpdateServerEngineAttributes", "osis:CreatePipeline", "osis:DeletePipeline", "osis:GetPipeline", "osis:GetPipelineBlueprint", "osis:GetPipelineChangeProgress", "osis:Ingest", "osis:ListPipelineBlueprints", "osis:ListPipelines", "osis:ListTagsForResource", "osis:StartPipeline", "osis:StopPipeline", "osis:TagResource", "osis:UntagResource", "osis:UpdatePipeline", "osis:ValidatePipeline", "outposts:CancelCapacityTask", "outposts:CancelOrder", "outposts:CreateOrder", "outposts:CreateOutpost", "outposts:CreatePrivateConnectivityConfig", "outposts:CreateSite", "outposts:DeleteOutpost", "outposts:DeleteSite", "outposts:GetCapacityTask", "outposts:GetCatalogItem", "outposts:GetConnection", "outposts:GetOrder", "outposts:GetOutpost", "outposts:GetOutpostInstanceTypes", "outposts:GetOutpostSupportedInstanceTypes", "outposts:GetPrivateConnectivityConfig", "outposts:GetSite", "outposts:GetSiteAddress", "outposts:ListAssets", "outposts:ListCapacityTasks", "outposts:ListCatalogItems", "outposts:ListOrders", "outposts:ListOutposts", "outposts:ListSites", "outposts:ListTagsForResource", "outposts:StartCapacityTask", "outposts:StartConnection", "outposts:TagResource", "outposts:UntagResource", "outposts:UpdateOutpost", "outposts:UpdateSite", "outposts:UpdateSiteAddress", "outposts:UpdateSiteRackPhysicalProperties", "panorama:CreateApplicationInstance", "panorama:CreateJobForDevices", "panorama:CreateNodeFromTemplateJob", "panorama:CreatePackage", "panorama:CreatePackageImportJob", "panorama:DeleteDevice", "panorama:DeletePackage", "panorama:DeregisterPackageVersion", "panorama:DescribeApplicationInstance", "panorama:DescribeApplicationInstanceDetails", "panorama:DescribeDevice", "panorama:DescribeDeviceJob", "panorama:DescribeNode", "panorama:DescribeNodeFromTemplateJob", "panorama:DescribePackage", "panorama:DescribePackageImportJob", "panorama:DescribePackageVersion", "panorama:DescribeSoftware", "panorama:GetWebSocketURL", "panorama:ListApplicationInstanceDependencies", "panorama:ListApplicationInstanceNodeInstances", "panorama:ListApplicationInstances", "panorama:ListDevices", "panorama:ListDevicesJobs", "panorama:ListNodeFromTemplateJobs", "panorama:ListNodes", "panorama:ListPackageImportJobs", "panorama:ListPackages", "panorama:ListTagsForResource", "panorama:ProvisionDevice", "panorama:RegisterPackageVersion", "panorama:RemoveApplicationInstance", "panorama:SignalApplicationInstanceNodeInstances", "panorama:TagResource", "panorama:UntagResource", "panorama:UpdateDeviceMetadata", "partnercentral-account-management:AssociatePartnerAccount", "partnercentral-account-management:AssociatePartnerUser", "partnercentral-account-management:DisassociatePartnerUser", "payment-cryptography:CreateAlias", "payment-cryptography:CreateKey", "payment-cryptography:DecryptData", "payment-cryptography:DeleteAlias", "payment-cryptography:DeleteKey", "payment-cryptography:EncryptData", "payment-cryptography:ExportKey", "payment-cryptography:GenerateCardValidationData", "payment-cryptography:GenerateMac", "payment-cryptography:GeneratePinData", "payment-cryptography:GetAlias", "payment-cryptography:GetKey", "payment-cryptography:GetParametersForExport", "payment-cryptography:GetParametersForImport", "payment-cryptography:GetPublicKeyCertificate", "payment-cryptography:ImportKey", "payment-cryptography:ListAliases", "payment-cryptography:ListKeys", "payment-cryptography:ListTagsForResource", "payment-cryptography:ReEncryptData", "payment-cryptography:RestoreKey", "payment-cryptography:StartKeyUsage", "payment-cryptography:StopKeyUsage", "payment-cryptography:TagResource", "payment-cryptography:TranslatePinData", "payment-cryptography:UntagResource", "payment-cryptography:UpdateAlias", "payment-cryptography:VerifyAuthRequestCryptogram", "payment-cryptography:VerifyCardValidationData", "payment-cryptography:VerifyMac", "payment-cryptography:VerifyPinData", "payments:CreatePaymentInstrument", "payments:DeletePaymentInstrument", "payments:GetPaymentInstrument", "payments:GetPaymentStatus", "payments:ListPaymentPreferences", "payments:MakePayment", "payments:UpdatePaymentPreferences", "pca-connector-ad:CreateConnector", "pca-connector-ad:CreateDirectoryRegistration", "pca-connector-ad:CreateServicePrincipalName", "pca-connector-ad:CreateTemplate", "pca-connector-ad:CreateTemplateGroupAccessControlEntry", "pca-connector-ad:DeleteConnector", "pca-connector-ad:DeleteDirectoryRegistration", "pca-connector-ad:DeleteServicePrincipalName", "pca-connector-ad:DeleteTemplate", "pca-connector-ad:DeleteTemplateGroupAccessControlEntry", "pca-connector-ad:GetConnector", "pca-connector-ad:GetDirectoryRegistration", "pca-connector-ad:GetServicePrincipalName", "pca-connector-ad:GetTemplate", "pca-connector-ad:GetTemplateGroupAccessControlEntry", "pca-connector-ad:ListConnectors", "pca-connector-ad:ListDirectoryRegistrations", "pca-connector-ad:ListServicePrincipalNames", "pca-connector-ad:ListTagsForResource", "pca-connector-ad:ListTemplateGroupAccessControlEntries", "pca-connector-ad:ListTemplates", "pca-connector-ad:TagResource", "pca-connector-ad:UntagResource", "pca-connector-ad:UpdateTemplate", "pca-connector-ad:UpdateTemplateGroupAccessControlEntry", "personalize:CreateBatchInferenceJob", "personalize:CreateBatchSegmentJob", "personalize:CreateCampaign", "personalize:CreateDataInsightsJob", "personalize:CreateDataset", "personalize:CreateDatasetExportJob", "personalize:CreateDatasetGroup", "personalize:CreateDatasetImportJob", "personalize:CreateEventTracker", "personalize:CreateFilter", "personalize:CreateMetricAttribution", "personalize:CreateRecommender", "personalize:CreateSchema", "personalize:CreateSolution", "personalize:CreateSolutionVersion", "personalize:DeleteCampaign", "personalize:DeleteDataset", "personalize:DeleteDatasetGroup", "personalize:DeleteEventTracker", "personalize:DeleteFilter", "personalize:DeleteMetricAttribution", "personalize:DeleteRecommender", "personalize:DeleteSchema", "personalize:DeleteSolution", "personalize:DescribeAlgorithm", "personalize:DescribeBatchInferenceJob", "personalize:DescribeBatchSegmentJob", "personalize:DescribeCampaign", "personalize:DescribeDataInsightsJob", "personalize:DescribeDataset", "personalize:DescribeDatasetExportJob", "personalize:DescribeDatasetGroup", "personalize:DescribeDatasetImportJob", "personalize:DescribeEventTracker", "personalize:DescribeFeatureTransformation", "personalize:DescribeFilter", "personalize:DescribeMetricAttribution", "personalize:DescribeRecipe", "personalize:DescribeRecommender", "personalize:DescribeSchema", "personalize:DescribeSolution", "personalize:DescribeSolutionVersion", "personalize:GetActionRecommendations", "personalize:GetDataInsights", "personalize:GetPersonalizedRanking", "personalize:GetRecommendations", "personalize:GetSolutionMetrics", "personalize:ListBatchInferenceJobs", "personalize:ListBatchSegmentJobs", "personalize:ListCampaigns", "personalize:ListDataInsightsJobs", "personalize:ListDatasetExportJobs", "personalize:ListDatasetGroups", "personalize:ListDatasetImportJobs", "personalize:ListDatasets", "personalize:ListEventTrackers", "personalize:ListFilters", "personalize:ListMetricAttributionMetrics", "personalize:ListMetricAttributions", "personalize:ListRecipes", "personalize:ListRecommenders", "personalize:ListSchemas", "personalize:ListSolutionVersions", "personalize:ListSolutions", "personalize:ListTagsForResource", "personalize:PutActionInteractions", "personalize:PutActions", "personalize:PutEvents", "personalize:PutItems", "personalize:PutUsers", "personalize:StartRecommender", "personalize:StopRecommender", "personalize:StopSolutionVersionCreation", "personalize:TagResource", "personalize:UntagResource", "personalize:UpdateCampaign", "personalize:UpdateDataset", "personalize:UpdateMetricAttribution", "personalize:UpdateRecommender", "pi:CreatePerformanceAnalysisReport", "pi:DeletePerformanceAnalysisReport", "pi:DescribeDimensionKeys", "pi:GetDimensionKeyDetails", "pi:GetPerformanceAnalysisReport", "pi:GetResourceMetadata", "pi:GetResourceMetrics", "pi:ListAvailableResourceDimensions", "pi:ListAvailableResourceMetrics", "pi:ListPerformanceAnalysisReports", "pi:ListTagsForResource", "pi:TagResource", "pi:UntagResource", "pipes:CreatePipe", "pipes:DeletePipe", "pipes:DescribePipe", "pipes:ListPipes", "pipes:ListTagsForResource", "pipes:StartPipe", "pipes:StopPipe", "pipes:TagResource", "pipes:UntagResource", "pipes:UpdatePipe", "polly:DeleteLexicon", "polly:DescribeVoices", "polly:GetLexicon", "polly:GetSpeechSynthesisTask", "polly:ListLexicons", "polly:ListSpeechSynthesisTasks", "polly:PutLexicon", "polly:StartSpeechSynthesisTask", "polly:SynthesizeSpeech", "pricing:DescribeServices", "pricing:GetAttributeValues", "pricing:GetPriceListFileUrl", "pricing:GetProducts", "pricing:ListPriceLists", "private-networks:AcknowledgeOrderReceipt", "private-networks:ActivateDeviceIdentifier", "private-networks:ActivateNetworkSite", "private-networks:ConfigureAccessPoint", "private-networks:CreateNetwork", "private-networks:CreateNetworkSite", "private-networks:DeactivateDeviceIdentifier", "private-networks:DeleteNetwork", "private-networks:DeleteNetworkSite", "private-networks:GetDeviceIdentifier", "private-networks:GetNetwork", "private-networks:GetNetworkResource", "private-networks:GetNetworkSite", "private-networks:GetOrder", "private-networks:ListDeviceIdentifiers", "private-networks:ListNetworkResources", "private-networks:ListNetworkSites", "private-networks:ListNetworks", "private-networks:ListOrders", "private-networks:ListTagsForResource", "private-networks:Ping", "private-networks:StartNetworkResourceUpdate", "private-networks:TagResource", "private-networks:UntagResource", "private-networks:UpdateNetworkSite", "private-networks:UpdateNetworkSitePlan", "profile:AddProfileKey", "profile:CreateCalculatedAttributeDefinition", "profile:CreateDomain", "profile:CreateEventStream", "profile:CreateIntegrationWorkflow", "profile:CreateProfile", "profile:DeleteCalculatedAttributeDefinition", "profile:DeleteDomain", "profile:DeleteEventStream", "profile:DeleteIntegration", "profile:DeleteProfile", "profile:DeleteProfileKey", "profile:DeleteProfileObject", "profile:DeleteProfileObjectType", "profile:DeleteWorkflow", "profile:DetectProfileObjectType", "profile:GetAutoMergingPreview", "profile:GetCalculatedAttributeDefinition", "profile:GetCalculatedAttributeForProfile", "profile:GetDomain", "profile:GetEventStream", "profile:GetIdentityResolutionJob", "profile:GetIntegration", "profile:GetMatches", "profile:GetProfileObjectType", "profile:GetProfileObjectTypeTemplate", "profile:GetSimilarProfiles", "profile:GetWorkflow", "profile:GetWorkflowSteps", "profile:ListAccountIntegrations", "profile:ListCalculatedAttributeDefinitions", "profile:ListCalculatedAttributesForProfile", "profile:ListDomains", "profile:ListEventStreams", "profile:ListIdentityResolutionJobs", "profile:ListIntegrations", "profile:ListProfileObjectTypeTemplates", "profile:ListProfileObjectTypes", "profile:ListProfileObjects", "profile:ListRuleBasedMatches", "profile:ListTagsForResource", "profile:ListWorkflows", "profile:MergeProfiles", "profile:PutIntegration", "profile:PutProfileObject", "profile:PutProfileObjectType", "profile:SearchProfiles", "profile:TagResource", "profile:UntagResource", "profile:UpdateCalculatedAttributeDefinition", "profile:UpdateDomain", "profile:UpdateProfile", "proton:AcceptEnvironmentAccountConnection", "proton:CancelComponentDeployment", "proton:CancelEnvironmentDeployment", "proton:CancelServiceInstanceDeployment", "proton:CancelServicePipelineDeployment", "proton:CreateComponent", "proton:CreateEnvironment", "proton:CreateEnvironmentAccountConnection", "proton:CreateEnvironmentTemplate", "proton:CreateEnvironmentTemplateMajorVersion", "proton:CreateEnvironmentTemplateMinorVersion", "proton:CreateEnvironmentTemplateVersion", "proton:CreateRepository", "proton:CreateService", "proton:CreateServiceInstance", "proton:CreateServiceSyncConfig", "proton:CreateServiceTemplate", "proton:CreateServiceTemplateMajorVersion", "proton:CreateServiceTemplateMinorVersion", "proton:CreateServiceTemplateVersion", "proton:CreateTemplateSyncConfig", "proton:DeleteAccountRoles", "proton:DeleteComponent", "proton:DeleteDeployment", "proton:DeleteEnvironment", "proton:DeleteEnvironmentAccountConnection", "proton:DeleteEnvironmentTemplate", "proton:DeleteEnvironmentTemplateMajorVersion", "proton:DeleteEnvironmentTemplateMinorVersion", "proton:DeleteEnvironmentTemplateVersion", "proton:DeleteRepository", "proton:DeleteService", "proton:DeleteServiceSyncConfig", "proton:DeleteServiceTemplate", "proton:DeleteServiceTemplateMajorVersion", "proton:DeleteServiceTemplateMinorVersion", "proton:DeleteServiceTemplateVersion", "proton:DeleteTemplateSyncConfig", "proton:GetAccountRoles", "proton:GetAccountSettings", "proton:GetComponent", "proton:GetDeployment", "proton:GetEnvironment", "proton:GetEnvironmentAccountConnection", "proton:GetEnvironmentTemplate", "proton:GetEnvironmentTemplateMajorVersion", "proton:GetEnvironmentTemplateMinorVersion", "proton:GetEnvironmentTemplateVersion", "proton:GetRepository", "proton:GetRepositorySyncStatus", "proton:GetResourceTemplateVersionStatusCounts", "proton:GetResourcesSummary", "proton:GetService", "proton:GetServiceInstance", "proton:GetServiceInstanceSyncStatus", "proton:GetServiceSyncBlockerSummary", "proton:GetServiceSyncConfig", "proton:GetServiceTemplate", "proton:GetServiceTemplateMajorVersion", "proton:GetServiceTemplateMinorVersion", "proton:GetServiceTemplateVersion", "proton:GetTemplateSyncConfig", "proton:GetTemplateSyncStatus", "proton:ListComponentOutputs", "proton:ListComponentProvisionedResources", "proton:ListComponents", "proton:ListDeployments", "proton:ListEnvironmentAccountConnections", "proton:ListEnvironmentOutputs", "proton:ListEnvironmentProvisionedResources", "proton:ListEnvironmentTemplateMajorVersions", "proton:ListEnvironmentTemplateMinorVersions", "proton:ListEnvironmentTemplateVersions", "proton:ListEnvironmentTemplates", "proton:ListEnvironments", "proton:ListRepositories", "proton:ListRepositorySyncDefinitions", "proton:ListServiceInstanceOutputs", "proton:ListServiceInstanceProvisionedResources", "proton:ListServiceInstances", "proton:ListServicePipelineOutputs", "proton:ListServicePipelineProvisionedResources", "proton:ListServiceTemplateMajorVersions", "proton:ListServiceTemplateMinorVersions", "proton:ListServiceTemplateVersions", "proton:ListServiceTemplates", "proton:ListServices", "proton:ListTagsForResource", "proton:NotifyResourceDeploymentStatusChange", "proton:RejectEnvironmentAccountConnection", "proton:TagResource", "proton:UntagResource", "proton:UpdateAccountRoles", "proton:UpdateAccountSettings", "proton:UpdateComponent", "proton:UpdateEnvironment", "proton:UpdateEnvironmentAccountConnection", "proton:UpdateEnvironmentTemplate", "proton:UpdateEnvironmentTemplateMajorVersion", "proton:UpdateEnvironmentTemplateMinorVersion", "proton:UpdateEnvironmentTemplateVersion", "proton:UpdateService", "proton:UpdateServiceInstance", "proton:UpdateServicePipeline", "proton:UpdateServiceSyncBlocker", "proton:UpdateServiceSyncConfig", "proton:UpdateServiceTemplate", "proton:UpdateServiceTemplateMajorVersion", "proton:UpdateServiceTemplateMinorVersion", "proton:UpdateServiceTemplateVersion", "proton:UpdateTemplateSyncConfig", "purchase-orders:AddPurchaseOrder", "purchase-orders:DeletePurchaseOrder", "purchase-orders:GetConsoleActionSetEnforced", "purchase-orders:GetPurchaseOrder", "purchase-orders:ListPurchaseOrderInvoices", "purchase-orders:ListPurchaseOrders", "purchase-orders:ListTagsForResource", "purchase-orders:ModifyPurchaseOrders", "purchase-orders:TagResource", "purchase-orders:UntagResource", "purchase-orders:UpdateConsoleActionSetEnforced", "purchase-orders:UpdatePurchaseOrder", "purchase-orders:UpdatePurchaseOrderStatus", "purchase-orders:ViewPurchaseOrders", "q:GetConversation", "q:GetIdentityMetadata", "q:GetTroubleshootingResults", "q:ListConversations", "q:PassRequest", "q:SendMessage", "q:StartConversation", "q:StartTroubleshootingAnalysis", "q:StartTroubleshootingResolutionExplanation", "q:UpdateTroubleshootingCommandResult", "qbusiness:AddUserLicenses", "qbusiness:BatchDeleteDocument", "qbusiness:BatchPutDocument", "qbusiness:Chat", "qbusiness:ChatSync", "qbusiness:CreateApplication", "qbusiness:CreateDataSource", "qbusiness:CreateIndex", "qbusiness:CreateLicense", "qbusiness:CreatePlugin", "qbusiness:CreateRetriever", "qbusiness:CreateUser", "qbusiness:CreateWebExperience", "qbusiness:DeleteApplication", "qbusiness:DeleteChatControlsConfiguration", "qbusiness:DeleteConversation", "qbusiness:DeleteDataSource", "qbusiness:DeleteGroup", "qbusiness:DeleteIndex", "qbusiness:DeletePlugin", "qbusiness:DeleteRetriever", "qbusiness:DeleteUser", "qbusiness:DeleteWebExperience", "qbusiness:GetApplication", "qbusiness:GetChatControlsConfiguration", "qbusiness:GetDataSource", "qbusiness:GetGroup", "qbusiness:GetIndex", "qbusiness:GetLicense", "qbusiness:GetPlugin", "qbusiness:GetRetriever", "qbusiness:GetUser", "qbusiness:GetWebExperience", "qbusiness:ListApplications", "qbusiness:ListConversations", "qbusiness:ListDataSourceSyncJobs", "qbusiness:ListDataSources", "qbusiness:ListDocuments", "qbusiness:ListGroups", "qbusiness:ListIndices", "qbusiness:ListMessages", "qbusiness:ListPlugins", "qbusiness:ListRetrievers", "qbusiness:ListTagsForResource", "qbusiness:ListUserLicenses", "qbusiness:ListWebExperiences", "qbusiness:PutFeedback", "qbusiness:PutGroup", "qbusiness:RemoveUserLicenses", "qbusiness:StartDataSourceSyncJob", "qbusiness:StopDataSourceSyncJob", "qbusiness:TagResource", "qbusiness:UntagResource", "qbusiness:UpdateApplication", "qbusiness:UpdateChatControlsConfiguration", "qbusiness:UpdateDataSource", "qbusiness:UpdateIndex", "qbusiness:UpdatePlugin", "qbusiness:UpdateRetriever", "qbusiness:UpdateUser", "qbusiness:UpdateWebExperience", "qldb:CancelJournalKinesisStream", "qldb:CreateLedger", "qldb:DeleteLedger", "qldb:DescribeJournalKinesisStream", "qldb:DescribeJournalS3Export", "qldb:DescribeLedger", "qldb:ExecuteStatement", "qldb:ExportJournalToS3", "qldb:GetBlock", "qldb:GetDigest", "qldb:GetRevision", "qldb:InsertSampleData", "qldb:ListJournalKinesisStreamsForLedger", "qldb:ListJournalS3Exports", "qldb:ListJournalS3ExportsForLedger", "qldb:ListLedgers", "qldb:ListTagsForResource", "qldb:PartiQLCreateIndex", "qldb:PartiQLCreateTable", "qldb:PartiQLDelete", "qldb:PartiQLDropIndex", "qldb:PartiQLDropTable", "qldb:PartiQLHistoryFunction", "qldb:PartiQLInsert", "qldb:PartiQLRedact", "qldb:PartiQLSelect", "qldb:PartiQLUndropTable", "qldb:PartiQLUpdate", "qldb:SendCommand", "qldb:ShowCatalog", "qldb:StreamJournalToKinesis", "qldb:TagResource", "qldb:UntagResource", "qldb:UpdateLedger", "qldb:UpdateLedgerPermissionsMode", "quicksight:AccountConfigurations", "quicksight:CancelIngestion", "quicksight:CreateAccountCustomization", "quicksight:CreateAccountSubscription", "quicksight:CreateAdmin", "quicksight:CreateAnalysis", "quicksight:CreateCustomPermissions", "quicksight:CreateDashboard", "quicksight:CreateDataSet", "quicksight:CreateDataSource", "quicksight:CreateEmailCustomizationTemplate", "quicksight:CreateFolder", "quicksight:CreateFolderMembership", "quicksight:CreateGroup", "quicksight:CreateGroupMembership", "quicksight:CreateIAMPolicyAssignment", "quicksight:CreateIngestion", "quicksight:CreateNamespace", "quicksight:CreateReader", "quicksight:CreateRefreshSchedule", "quicksight:CreateRoleMembership", "quicksight:CreateTemplate", "quicksight:CreateTemplateAlias", "quicksight:CreateTheme", "quicksight:CreateThemeAlias", "quicksight:CreateTopic", "quicksight:CreateTopicRefreshSchedule", "quicksight:CreateUser", "quicksight:CreateVPCConnection", "quicksight:DeleteAccountCustomization", "quicksight:DeleteAccountSubscription", "quicksight:DeleteAnalysis", "quicksight:DeleteCustomPermissions", "quicksight:DeleteDashboard", "quicksight:DeleteDataSet", "quicksight:DeleteDataSetRefreshProperties", "quicksight:DeleteDataSource", "quicksight:DeleteEmailCustomizationTemplate", "quicksight:DeleteFolder", "quicksight:DeleteFolderMembership", "quicksight:DeleteGroup", "quicksight:DeleteGroupMembership", "quicksight:DeleteIAMPolicyAssignment", "quicksight:DeleteIdentityPropagationConfig", "quicksight:DeleteNamespace", "quicksight:DeleteRefreshSchedule", "quicksight:DeleteRoleCustomPermission", "quicksight:DeleteRoleMembership", "quicksight:DeleteTemplate", "quicksight:DeleteTemplateAlias", "quicksight:DeleteTheme", "quicksight:DeleteThemeAlias", "quicksight:DeleteTopic", "quicksight:DeleteTopicRefreshSchedule", "quicksight:DeleteUser", "quicksight:DeleteUserByPrincipalId", "quicksight:DeleteVPCConnection", "quicksight:DescribeAccountCustomization", "quicksight:DescribeAccountSettings", "quicksight:DescribeAccountSubscription", "quicksight:DescribeAnalysis", "quicksight:DescribeAnalysisPermissions", "quicksight:DescribeAssetBundleExportJob", "quicksight:DescribeAssetBundleImportJob", "quicksight:DescribeCustomPermissions", "quicksight:DescribeDashboard", "quicksight:DescribeDashboardPermissions", "quicksight:DescribeDashboardSnapshotJob", "quicksight:DescribeDashboardSnapshotJobResult", "quicksight:DescribeDataSet", "quicksight:DescribeDataSetPermissions", "quicksight:DescribeDataSetRefreshProperties", "quicksight:DescribeDataSource", "quicksight:DescribeDataSourcePermissions", "quicksight:DescribeEmailCustomizationTemplate", "quicksight:DescribeFolder", "quicksight:DescribeFolderPermissions", "quicksight:DescribeFolderResolvedPermissions", "quicksight:DescribeGroup", "quicksight:DescribeGroupMembership", "quicksight:DescribeIAMPolicyAssignment", "quicksight:DescribeIngestion", "quicksight:DescribeIpRestriction", "quicksight:DescribeNamespace", "quicksight:DescribeRefreshSchedule", "quicksight:DescribeRoleCustomPermission", "quicksight:DescribeTemplate", "quicksight:DescribeTemplateAlias", "quicksight:DescribeTemplatePermissions", "quicksight:DescribeTheme", "quicksight:DescribeThemeAlias", "quicksight:DescribeThemePermissions", "quicksight:DescribeTopic", "quicksight:DescribeTopicPermissions", "quicksight:DescribeTopicRefresh", "quicksight:DescribeTopicRefreshSchedule", "quicksight:DescribeUser", "quicksight:DescribeVPCConnection", "quicksight:GenerateEmbedUrlForAnonymousUser", "quicksight:GenerateEmbedUrlForRegisteredUser", "quicksight:GetAnonymousUserEmbedUrl", "quicksight:GetAuthCode", "quicksight:GetDashboardEmbedUrl", "quicksight:GetGroupMapping", "quicksight:GetSessionEmbedUrl", "quicksight:ListAnalyses", "quicksight:ListAssetBundleExportJobs", "quicksight:ListAssetBundleImportJobs", "quicksight:ListCustomPermissions", "quicksight:ListCustomerManagedKeys", "quicksight:ListDashboardVersions", "quicksight:ListDashboards", "quicksight:ListDataSets", "quicksight:ListDataSources", "quicksight:ListFolderMembers", "quicksight:ListFolders", "quicksight:ListGroupMemberships", "quicksight:ListGroups", "quicksight:ListIAMPolicyAssignments", "quicksight:ListIAMPolicyAssignmentsForUser", "quicksight:ListIdentityPropagationConfigs", "quicksight:ListIngestions", "quicksight:ListKMSKeysForUser", "quicksight:ListNamespaces", "quicksight:ListRefreshSchedules", "quicksight:ListRoleMemberships", "quicksight:ListTagsForResource", "quicksight:ListTemplateAliases", "quicksight:ListTemplateVersions", "quicksight:ListTemplates", "quicksight:ListThemeAliases", "quicksight:ListThemeVersions", "quicksight:ListThemes", "quicksight:ListTopicRefreshSchedules", "quicksight:ListTopics", "quicksight:ListUserGroups", "quicksight:ListUsers", "quicksight:ListVPCConnections", "quicksight:PassDataSet", "quicksight:PassDataSource", "quicksight:PutDataSetRefreshProperties", "quicksight:RegisterCustomerManagedKey", "quicksight:RegisterUser", "quicksight:RemoveCustomerManagedKey", "quicksight:RestoreAnalysis", "quicksight:ScopeDownPolicy", "quicksight:SearchAnalyses", "quicksight:SearchDashboards", "quicksight:SearchDataSets", "quicksight:SearchDataSources", "quicksight:SearchDirectoryGroups", "quicksight:SearchFolders", "quicksight:SearchGroups", "quicksight:SearchUsers", "quicksight:SetGroupMapping", "quicksight:StartAssetBundleExportJob", "quicksight:StartAssetBundleImportJob", "quicksight:StartDashboardSnapshotJob", "quicksight:Subscribe", "quicksight:TagResource", "quicksight:Unsubscribe", "quicksight:UntagResource", "quicksight:UpdateAccountCustomization", "quicksight:UpdateAccountSettings", "quicksight:UpdateAnalysis", "quicksight:UpdateAnalysisPermissions", "quicksight:UpdateCustomPermissions", "quicksight:UpdateDashboard", "quicksight:UpdateDashboardLinks", "quicksight:UpdateDashboardPermissions", "quicksight:UpdateDashboardPublishedVersion", "quicksight:UpdateDataSet", "quicksight:UpdateDataSetPermissions", "quicksight:UpdateDataSource", "quicksight:UpdateDataSourcePermissions", "quicksight:UpdateEmailCustomizationTemplate", "quicksight:UpdateFolder", "quicksight:UpdateFolderPermissions", "quicksight:UpdateGroup", "quicksight:UpdateIAMPolicyAssignment", "quicksight:UpdateIdentityPropagationConfig", "quicksight:UpdateIpRestriction", "quicksight:UpdatePublicSharingSettings", "quicksight:UpdateRefreshSchedule", "quicksight:UpdateResourcePermissions", "quicksight:UpdateRoleCustomPermission", "quicksight:UpdateSPICECapacityConfiguration", "quicksight:UpdateTemplate", "quicksight:UpdateTemplateAlias", "quicksight:UpdateTemplatePermissions", "quicksight:UpdateTheme", "quicksight:UpdateThemeAlias", "quicksight:UpdateThemePermissions", "quicksight:UpdateTopic", "quicksight:UpdateTopicPermissions", "quicksight:UpdateTopicRefreshSchedule", "quicksight:UpdateUser", "quicksight:UpdateVPCConnection", "ram:AcceptResourceShareInvitation", "ram:AssociateResourceShare", "ram:AssociateResourceSharePermission", "ram:CreatePermission", "ram:CreatePermissionVersion", "ram:CreateResourceShare", "ram:DeletePermission", "ram:DeletePermissionVersion", "ram:DeleteResourceShare", "ram:DisassociateResourceShare", "ram:DisassociateResourceSharePermission", "ram:EnableSharingWithAwsOrganization", "ram:GetPermission", "ram:GetResourcePolicies", "ram:GetResourceShareAssociations", "ram:GetResourceShareInvitations", "ram:GetResourceShares", "ram:ListPendingInvitationResources", "ram:ListPermissionAssociations", "ram:ListPermissionVersions", "ram:ListPermissions", "ram:ListPrincipals", "ram:ListReplacePermissionAssociationsWork", "ram:ListResourceSharePermissions", "ram:ListResourceTypes", "ram:ListResources", "ram:PromotePermissionCreatedFromPolicy", "ram:PromoteResourceShareCreatedFromPolicy", "ram:RejectResourceShareInvitation", "ram:ReplacePermissionAssociations", "ram:SetDefaultPermissionVersion", "ram:TagResource", "ram:UntagResource", "ram:UpdateResourceShare", "rbin:CreateRule", "rbin:DeleteRule", "rbin:GetRule", "rbin:ListRules", "rbin:ListTagsForResource", "rbin:LockRule", "rbin:TagResource", "rbin:UnlockRule", "rbin:UntagResource", "rbin:UpdateRule", "rds:AddRoleToDBCluster", "rds:AddRoleToDBInstance", "rds:AddSourceIdentifierToSubscription", "rds:AddTagsToResource", "rds:ApplyPendingMaintenanceAction", "rds:AuthorizeDBSecurityGroupIngress", "rds:BacktrackDBCluster", "rds:CancelExportTask", "rds:CopyDBClusterParameterGroup", "rds:CopyDBClusterSnapshot", "rds:CopyDBParameterGroup", "rds:CopyDBSnapshot", "rds:CopyOptionGroup", "rds:CreateBlueGreenDeployment", "rds:CreateCustomDBEngineVersion", "rds:CreateDBCluster", "rds:CreateDBClusterEndpoint", "rds:CreateDBClusterParameterGroup", "rds:CreateDBClusterSnapshot", "rds:CreateDBInstance", "rds:CreateDBInstanceReadReplica", "rds:CreateDBParameterGroup", "rds:CreateDBProxy", "rds:CreateDBProxyEndpoint", "rds:CreateDBSecurityGroup", "rds:CreateDBShardGroup", "rds:CreateDBSnapshot", "rds:CreateDBSubnetGroup", "rds:CreateEventSubscription", "rds:CreateGlobalCluster", "rds:CreateIntegration", "rds:CreateOptionGroup", "rds:CreateTenantDatabase", "rds:CrossRegionCommunication", "rds:DeleteBlueGreenDeployment", "rds:DeleteCustomDBEngineVersion", "rds:DeleteDBCluster", "rds:DeleteDBClusterAutomatedBackup", "rds:DeleteDBClusterEndpoint", "rds:DeleteDBClusterParameterGroup", "rds:DeleteDBClusterSnapshot", "rds:DeleteDBInstance", "rds:DeleteDBInstanceAutomatedBackup", "rds:DeleteDBParameterGroup", "rds:DeleteDBProxy", "rds:DeleteDBProxyEndpoint", "rds:DeleteDBSecurityGroup", "rds:DeleteDBShardGroup", "rds:DeleteDBSnapshot", "rds:DeleteDBSubnetGroup", "rds:DeleteEventSubscription", "rds:DeleteGlobalCluster", "rds:DeleteIntegration", "rds:DeleteOptionGroup", "rds:DeleteTenantDatabase", "rds:DeregisterDBProxyTargets", "rds:DescribeAccountAttributes", "rds:DescribeBlueGreenDeployments", "rds:DescribeCertificates", "rds:DescribeDBClusterAutomatedBackups", "rds:DescribeDBClusterBacktracks", "rds:DescribeDBClusterEndpoints", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBProxies", "rds:DescribeDBProxyEndpoints", "rds:DescribeDBProxyTargetGroups", "rds:DescribeDBProxyTargets", "rds:DescribeDBRecommendations", "rds:DescribeDBSecurityGroups", "rds:DescribeDBShardGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeDbSnapshotTenantDatabases", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeExportTasks", "rds:DescribeGlobalClusters", "rds:DescribeIntegrations", "rds:DescribeOptionGroupOptions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeRecommendationGroups", "rds:DescribeRecommendations", "rds:DescribeReservedDBInstances", "rds:DescribeReservedDBInstancesOfferings", "rds:DescribeSourceRegions", "rds:DescribeTenantDatabases", "rds:DescribeValidDBInstanceModifications", "rds:DisableHttpEndpoint", "rds:DownloadCompleteDBLogFile", "rds:DownloadDBLogFilePortion", "rds:EnableHttpEndpoint", "rds:FailoverDBCluster", "rds:FailoverGlobalCluster", "rds:ListTagsForResource", "rds:ModifyActivityStream", "rds:ModifyCertificates", "rds:ModifyCurrentDBClusterCapacity", "rds:ModifyCustomDBEngineVersion", "rds:ModifyDBCluster", "rds:ModifyDBClusterEndpoint", "rds:ModifyDBClusterParameterGroup", "rds:ModifyDBClusterSnapshotAttribute", "rds:ModifyDBInstance", "rds:ModifyDBParameterGroup", "rds:ModifyDBProxy", "rds:ModifyDBProxyEndpoint", "rds:ModifyDBProxyTargetGroup", "rds:ModifyDBRecommendation", "rds:ModifyDBShardGroup", "rds:ModifyDBSnapshot", "rds:ModifyDBSnapshotAttribute", "rds:ModifyDBSubnetGroup", "rds:ModifyEventSubscription", "rds:ModifyGlobalCluster", "rds:ModifyIntegration", "rds:ModifyOptionGroup", "rds:ModifyRecommendation", "rds:ModifyTenantDatabase", "rds:PromoteReadReplica", "rds:PromoteReadReplicaDBCluster", "rds:PurchaseReservedDBInstancesOffering", "rds:RebootDBCluster", "rds:RebootDBInstance", "rds:RebootDBShardGroup", "rds:RegisterDBProxyTargets", "rds:RemoveFromGlobalCluster", "rds:RemoveRoleFromDBCluster", "rds:RemoveRoleFromDBInstance", "rds:RemoveSourceIdentifierFromSubscription", "rds:RemoveTagsFromResource", "rds:ResetDBClusterParameterGroup", "rds:ResetDBParameterGroup", "rds:RestoreDBClusterFromS3", "rds:RestoreDBClusterFromSnapshot", "rds:RestoreDBClusterToPointInTime", "rds:RestoreDBInstanceFromDBSnapshot", "rds:RestoreDBInstanceFromS3", "rds:RestoreDBInstanceToPointInTime", "rds:RevokeDBSecurityGroupIngress", "rds:StartActivityStream", "rds:StartDBCluster", "rds:StartDBInstance", "rds:StartDBInstanceAutomatedBackupsReplication", "rds:StartExportTask", "rds:StopActivityStream", "rds:StopDBCluster", "rds:StopDBInstance", "rds:StopDBInstanceAutomatedBackupsReplication", "rds:SwitchoverBlueGreenDeployment", "rds:SwitchoverGlobalCluster", "rds:SwitchoverReadReplica", "rds-data:BatchExecuteStatement", "rds-data:BeginTransaction", "rds-data:CommitTransaction", "rds-data:ExecuteSql", "rds-data:ExecuteStatement", "rds-data:RollbackTransaction", "rds-db:connect", "redshift:AcceptReservedNodeExchange", "redshift:AddPartner", "redshift:AssociateDataShareConsumer", "redshift:AuthorizeClusterSecurityGroupIngress", "redshift:AuthorizeDataShare", "redshift:AuthorizeEndpointAccess", "redshift:AuthorizeSnapshotAccess", "redshift:BatchDeleteClusterSnapshots", "redshift:BatchModifyClusterSnapshots", "redshift:CancelQuery", "redshift:CancelQuerySession", "redshift:CancelResize", "redshift:CopyClusterSnapshot", "redshift:CreateAuthenticationProfile", "redshift:CreateCluster", "redshift:CreateClusterParameterGroup", "redshift:CreateClusterSecurityGroup", "redshift:CreateClusterSnapshot", "redshift:CreateClusterSubnetGroup", "redshift:CreateClusterUser", "redshift:CreateCustomDomainAssociation", "redshift:CreateEndpointAccess", "redshift:CreateEventSubscription", "redshift:CreateHsmClientCertificate", "redshift:CreateHsmConfiguration", "redshift:CreateQev2IdcApplication", "redshift:CreateRedshiftIdcApplication", "redshift:CreateSavedQuery", "redshift:CreateScheduledAction", "redshift:CreateSnapshotCopyGrant", "redshift:CreateSnapshotSchedule", "redshift:CreateTags", "redshift:CreateUsageLimit", "redshift:DeauthorizeDataShare", "redshift:DeleteAuthenticationProfile", "redshift:DeleteCluster", "redshift:DeleteClusterParameterGroup", "redshift:DeleteClusterSecurityGroup", "redshift:DeleteClusterSnapshot", "redshift:DeleteClusterSubnetGroup", "redshift:DeleteCustomDomainAssociation", "redshift:DeleteEndpointAccess", "redshift:DeleteEventSubscription", "redshift:DeleteHsmClientCertificate", "redshift:DeleteHsmConfiguration", "redshift:DeletePartner", "redshift:DeleteQev2IdcApplication", "redshift:DeleteRedshiftIdcApplication", "redshift:DeleteResourcePolicy", "redshift:DeleteSavedQueries", "redshift:DeleteScheduledAction", "redshift:DeleteSnapshotCopyGrant", "redshift:DeleteSnapshotSchedule", "redshift:DeleteTags", "redshift:DeleteUsageLimit", "redshift:DescribeAccountAttributes", "redshift:DescribeAuthenticationProfiles", "redshift:DescribeClusterDbRevisions", "redshift:DescribeClusterParameterGroups", "redshift:DescribeClusterParameters", "redshift:DescribeClusterSecurityGroups", "redshift:DescribeClusterSnapshots", "redshift:DescribeClusterSubnetGroups", "redshift:DescribeClusterTracks", "redshift:DescribeClusterVersions", "redshift:DescribeClusters", "redshift:DescribeCustomDomainAssociations", "redshift:DescribeDataShares", "redshift:DescribeDataSharesForConsumer", "redshift:DescribeDataSharesForProducer", "redshift:DescribeDefaultClusterParameters", "redshift:DescribeEndpointAccess", "redshift:DescribeEndpointAuthorization", "redshift:DescribeEventCategories", "redshift:DescribeEventSubscriptions", "redshift:DescribeEvents", "redshift:DescribeHsmClientCertificates", "redshift:DescribeHsmConfigurations", "redshift:DescribeInboundIntegrations", "redshift:DescribeLoggingStatus", "redshift:DescribeNodeConfigurationOptions", "redshift:DescribeOrderableClusterOptions", "redshift:DescribePartners", "redshift:DescribeQev2IdcApplications", "redshift:DescribeQuery", "redshift:DescribeRedshiftIdcApplications", "redshift:DescribeReservedNodeExchangeStatus", "redshift:DescribeReservedNodeOfferings", "redshift:DescribeReservedNodes", "redshift:DescribeResize", "redshift:DescribeSavedQueries", "redshift:DescribeScheduledActions", "redshift:DescribeSnapshotCopyGrants", "redshift:DescribeSnapshotSchedules", "redshift:DescribeStorage", "redshift:DescribeTable", "redshift:DescribeTableRestoreStatus", "redshift:DescribeTags", "redshift:DescribeUsageLimits", "redshift:DisableLogging", "redshift:DisableSnapshotCopy", "redshift:DisassociateDataShareConsumer", "redshift:EnableLogging", "redshift:EnableSnapshotCopy", "redshift:ExecuteQuery", "redshift:FailoverPrimaryCompute", "redshift:FetchResults", "redshift:GetClusterCredentials", "redshift:GetClusterCredentialsWithIAM", "redshift:GetReservedNodeExchangeConfigurationOptions", "redshift:GetReservedNodeExchangeOfferings", "redshift:GetResourcePolicy", "redshift:JoinGroup", "redshift:ListDatabases", "redshift:ListRecommendations", "redshift:ListSavedQueries", "redshift:ListSchemas", "redshift:ListTables", "redshift:ModifyAquaConfiguration", "redshift:ModifyAuthenticationProfile", "redshift:ModifyCluster", "redshift:ModifyClusterDbRevision", "redshift:ModifyClusterIamRoles", "redshift:ModifyClusterMaintenance", "redshift:ModifyClusterParameterGroup", "redshift:ModifyClusterSnapshot", "redshift:ModifyClusterSnapshotSchedule", "redshift:ModifyClusterSubnetGroup", "redshift:ModifyCustomDomainAssociation", "redshift:ModifyEndpointAccess", "redshift:ModifyEventSubscription", "redshift:ModifyQev2IdcApplication", "redshift:ModifyRedshiftIdcApplication", "redshift:ModifySavedQuery", "redshift:ModifyScheduledAction", "redshift:ModifySnapshotCopyRetentionPeriod", "redshift:ModifySnapshotSchedule", "redshift:ModifyUsageLimit", "redshift:PauseCluster", "redshift:PurchaseReservedNodeOffering", "redshift:PutResourcePolicy", "redshift:RebootCluster", "redshift:RejectDataShare", "redshift:ResetClusterParameterGroup", "redshift:ResizeCluster", "redshift:RestoreFromClusterSnapshot", "redshift:RestoreTableFromClusterSnapshot", "redshift:ResumeCluster", "redshift:RevokeClusterSecurityGroupIngress", "redshift:RevokeEndpointAccess", "redshift:RevokeSnapshotAccess", "redshift:RotateEncryptionKey", "redshift:UpdatePartnerStatus", "redshift:ViewQueriesFromConsole", "redshift:ViewQueriesInConsole", "redshift-data:BatchExecuteStatement", "redshift-data:CancelStatement", "redshift-data:DescribeStatement", "redshift-data:DescribeTable", "redshift-data:ExecuteStatement", "redshift-data:GetStatementResult", "redshift-data:ListDatabases", "redshift-data:ListSchemas", "redshift-data:ListStatements", "redshift-data:ListTables", "redshift-serverless:ConvertRecoveryPointToSnapshot", "redshift-serverless:CreateCustomDomainAssociation", "redshift-serverless:CreateEndpointAccess", "redshift-serverless:CreateNamespace", "redshift-serverless:CreateScheduledAction", "redshift-serverless:CreateSnapshot", "redshift-serverless:CreateSnapshotCopyConfiguration", "redshift-serverless:CreateUsageLimit", "redshift-serverless:CreateWorkgroup", "redshift-serverless:DeleteCustomDomainAssociation", "redshift-serverless:DeleteEndpointAccess", "redshift-serverless:DeleteNamespace", "redshift-serverless:DeleteResourcePolicy", "redshift-serverless:DeleteScheduledAction", "redshift-serverless:DeleteSnapshot", "redshift-serverless:DeleteSnapshotCopyConfiguration", "redshift-serverless:DeleteUsageLimit", "redshift-serverless:DeleteWorkgroup", "redshift-serverless:DescribeOneTimeCredit", "redshift-serverless:GetCredentials", "redshift-serverless:GetCustomDomainAssociation", "redshift-serverless:GetEndpointAccess", "redshift-serverless:GetNamespace", "redshift-serverless:GetRecoveryPoint", "redshift-serverless:GetResourcePolicy", "redshift-serverless:GetScheduledAction", "redshift-serverless:GetSnapshot", "redshift-serverless:GetTableRestoreStatus", "redshift-serverless:GetUsageLimit", "redshift-serverless:GetWorkgroup", "redshift-serverless:ListCustomDomainAssociations", "redshift-serverless:ListEndpointAccess", "redshift-serverless:ListNamespaces", "redshift-serverless:ListRecoveryPoints", "redshift-serverless:ListScheduledActions", "redshift-serverless:ListSnapshotCopyConfigurations", "redshift-serverless:ListSnapshots", "redshift-serverless:ListTableRestoreStatus", "redshift-serverless:ListTagsForResource", "redshift-serverless:ListUsageLimits", "redshift-serverless:ListWorkgroups", "redshift-serverless:PutResourcePolicy", "redshift-serverless:RestoreFromRecoveryPoint", "redshift-serverless:RestoreFromSnapshot", "redshift-serverless:RestoreTableFromRecoveryPoint", "redshift-serverless:RestoreTableFromSnapshot", "redshift-serverless:TagResource", "redshift-serverless:UntagResource", "redshift-serverless:UpdateCustomDomainAssociation", "redshift-serverless:UpdateEndpointAccess", "redshift-serverless:UpdateNamespace", "redshift-serverless:UpdateScheduledAction", "redshift-serverless:UpdateSnapshot", "redshift-serverless:UpdateSnapshotCopyConfiguration", "redshift-serverless:UpdateUsageLimit", "redshift-serverless:UpdateWorkgroup", "refactor-spaces:CreateApplication", "refactor-spaces:CreateEnvironment", "refactor-spaces:CreateRoute", "refactor-spaces:CreateService", "refactor-spaces:DeleteApplication", "refactor-spaces:DeleteEnvironment", "refactor-spaces:DeleteResourcePolicy", "refactor-spaces:DeleteRoute", "refactor-spaces:DeleteService", "refactor-spaces:GetApplication", "refactor-spaces:GetEnvironment", "refactor-spaces:GetResourcePolicy", "refactor-spaces:GetRoute", "refactor-spaces:GetService", "refactor-spaces:ListApplications", "refactor-spaces:ListEnvironmentVpcs", "refactor-spaces:ListEnvironments", "refactor-spaces:ListRoutes", "refactor-spaces:ListServices", "refactor-spaces:ListTagsForResource", "refactor-spaces:PutResourcePolicy", "refactor-spaces:TagResource", "refactor-spaces:UntagResource", "refactor-spaces:UpdateRoute", "rekognition:AssociateFaces", "rekognition:CompareFaces", "rekognition:CopyProjectVersion", "rekognition:CreateCollection", "rekognition:CreateDataset", "rekognition:CreateFaceLivenessSession", "rekognition:CreateProject", "rekognition:CreateProjectVersion", "rekognition:CreateStreamProcessor", "rekognition:CreateUser", "rekognition:DeleteCollection", "rekognition:DeleteDataset", "rekognition:DeleteFaces", "rekognition:DeleteProject", "rekognition:DeleteProjectPolicy", "rekognition:DeleteProjectVersion", "rekognition:DeleteStreamProcessor", "rekognition:DeleteUser", "rekognition:DescribeCollection", "rekognition:DescribeDataset", "rekognition:DescribeProjectVersions", "rekognition:DescribeProjects", "rekognition:DescribeStreamProcessor", "rekognition:DetectCustomLabels", "rekognition:DetectFaces", "rekognition:DetectLabels", "rekognition:DetectModerationLabels", "rekognition:DetectProtectiveEquipment", "rekognition:DetectText", "rekognition:DisassociateFaces", "rekognition:DistributeDatasetEntries", "rekognition:GetCelebrityInfo", "rekognition:GetCelebrityRecognition", "rekognition:GetContentModeration", "rekognition:GetFaceDetection", "rekognition:GetFaceLivenessSessionResults", "rekognition:GetFaceSearch", "rekognition:GetLabelDetection", "rekognition:GetMediaAnalysisJob", "rekognition:GetPersonTracking", "rekognition:GetSegmentDetection", "rekognition:GetTextDetection", "rekognition:IndexFaces", "rekognition:ListCollections", "rekognition:ListDatasetEntries", "rekognition:ListDatasetLabels", "rekognition:ListFaces", "rekognition:ListMediaAnalysisJobs", "rekognition:ListProjectPolicies", "rekognition:ListStreamProcessors", "rekognition:ListTagsForResource", "rekognition:ListUsers", "rekognition:PutProjectPolicy", "rekognition:RecognizeCelebrities", "rekognition:SearchFaces", "rekognition:SearchFacesByImage", "rekognition:SearchUsers", "rekognition:SearchUsersByImage", "rekognition:StartCelebrityRecognition", "rekognition:StartContentModeration", "rekognition:StartFaceDetection", "rekognition:StartFaceLivenessSession", "rekognition:StartFaceSearch", "rekognition:StartLabelDetection", "rekognition:StartMediaAnalysisJob", "rekognition:StartPersonTracking", "rekognition:StartProjectVersion", "rekognition:StartSegmentDetection", "rekognition:StartStreamProcessor", "rekognition:StartTextDetection", "rekognition:StopProjectVersion", "rekognition:StopStreamProcessor", "rekognition:TagResource", "rekognition:UntagResource", "rekognition:UpdateDatasetEntries", "rekognition:UpdateStreamProcessor", "repostspace:CreateSpace", "repostspace:DeleteSpace", "repostspace:DeregisterAdmin", "repostspace:GetSpace", "repostspace:ListSpaces", "repostspace:ListTagsForResource", "repostspace:RegisterAdmin", "repostspace:SendInvites", "repostspace:TagResource", "repostspace:UntagResource", "repostspace:UpdateSpace", "resiliencehub:AddDraftAppVersionResourceMappings", "resiliencehub:BatchUpdateRecommendationStatus", "resiliencehub:CreateApp", "resiliencehub:CreateAppVersionAppComponent", "resiliencehub:CreateAppVersionResource", "resiliencehub:CreateRecommendationTemplate", "resiliencehub:CreateResiliencyPolicy", "resiliencehub:DeleteApp", "resiliencehub:DeleteAppAssessment", "resiliencehub:DeleteAppInputSource", "resiliencehub:DeleteAppVersionAppComponent", "resiliencehub:DeleteAppVersionResource", "resiliencehub:DeleteRecommendationTemplate", "resiliencehub:DeleteResiliencyPolicy", "resiliencehub:DescribeApp", "resiliencehub:DescribeAppAssessment", "resiliencehub:DescribeAppVersion", "resiliencehub:DescribeAppVersionAppComponent", "resiliencehub:DescribeAppVersionResource", "resiliencehub:DescribeAppVersionResourcesResolutionStatus", "resiliencehub:DescribeAppVersionTemplate", "resiliencehub:DescribeDraftAppVersionResourcesImportStatus", "resiliencehub:DescribeResiliencyPolicy", "resiliencehub:ImportResourcesToDraftAppVersion", "resiliencehub:ListAlarmRecommendations", "resiliencehub:ListAppAssessmentComplianceDrifts", "resiliencehub:ListAppAssessments", "resiliencehub:ListAppComponentCompliances", "resiliencehub:ListAppComponentRecommendations", "resiliencehub:ListAppInputSources", "resiliencehub:ListAppVersionAppComponents", "resiliencehub:ListAppVersionResourceMappings", "resiliencehub:ListAppVersionResources", "resiliencehub:ListAppVersions", "resiliencehub:ListApps", "resiliencehub:ListRecommendationTemplates", "resiliencehub:ListResiliencyPolicies", "resiliencehub:ListSopRecommendations", "resiliencehub:ListSuggestedResiliencyPolicies", "resiliencehub:ListTagsForResource", "resiliencehub:ListTestRecommendations", "resiliencehub:ListUnsupportedAppVersionResources", "resiliencehub:PublishAppVersion", "resiliencehub:PutDraftAppVersionTemplate", "resiliencehub:RemoveDraftAppVersionResourceMappings", "resiliencehub:ResolveAppVersionResources", "resiliencehub:StartAppAssessment", "resiliencehub:TagResource", "resiliencehub:UntagResource", "resiliencehub:UpdateApp", "resiliencehub:UpdateAppVersion", "resiliencehub:UpdateAppVersionAppComponent", "resiliencehub:UpdateAppVersionResource", "resiliencehub:UpdateResiliencyPolicy", "resource-explorer:ListResourceTypes", "resource-explorer:ListResources", "resource-explorer:ListTags", "resource-explorer-2:AssociateDefaultView", "resource-explorer-2:BatchGetView", "resource-explorer-2:CreateIndex", "resource-explorer-2:CreateView", "resource-explorer-2:DeleteIndex", "resource-explorer-2:DeleteView", "resource-explorer-2:DisassociateDefaultView", "resource-explorer-2:GetAccountLevelServiceConfiguration", "resource-explorer-2:GetDefaultView", "resource-explorer-2:GetIndex", "resource-explorer-2:GetView", "resource-explorer-2:ListIndexes", "resource-explorer-2:ListIndexesForMembers", "resource-explorer-2:ListSupportedResourceTypes", "resource-explorer-2:ListTagsForResource", "resource-explorer-2:ListViews", "resource-explorer-2:Search", "resource-explorer-2:TagResource", "resource-explorer-2:UntagResource", "resource-explorer-2:UpdateIndexType", "resource-explorer-2:UpdateView", "resource-groups:AssociateResource", "resource-groups:CreateGroup", "resource-groups:DeleteGroup", "resource-groups:DeleteGroupPolicy", "resource-groups:DisassociateResource", "resource-groups:GetAccountSettings", "resource-groups:GetGroup", "resource-groups:GetGroupConfiguration", "resource-groups:GetGroupPolicy", "resource-groups:GetGroupQuery", "resource-groups:GetTags", "resource-groups:GroupResources", "resource-groups:ListGroupResources", "resource-groups:ListGroups", "resource-groups:ListResourceTypes", "resource-groups:PutGroupConfiguration", "resource-groups:PutGroupPolicy", "resource-groups:SearchResources", "resource-groups:Tag", "resource-groups:UngroupResources", "resource-groups:Untag", "resource-groups:UpdateAccountSettings", "resource-groups:UpdateGroup", "resource-groups:UpdateGroupQuery", "rhelkb:GetRhelURL", "robomaker:BatchDeleteWorlds", "robomaker:BatchDescribeSimulationJob", "robomaker:CancelDeploymentJob", "robomaker:CancelSimulationJob", "robomaker:CancelSimulationJobBatch", "robomaker:CancelWorldExportJob", "robomaker:CancelWorldGenerationJob", "robomaker:CreateDeploymentJob", "robomaker:CreateFleet", "robomaker:CreateRobot", "robomaker:CreateRobotApplication", "robomaker:CreateRobotApplicationVersion", "robomaker:CreateSimulationApplication", "robomaker:CreateSimulationApplicationVersion", "robomaker:CreateSimulationJob", "robomaker:CreateWorldExportJob", "robomaker:CreateWorldGenerationJob", "robomaker:CreateWorldTemplate", "robomaker:DeleteFleet", "robomaker:DeleteRobot", "robomaker:DeleteRobotApplication", "robomaker:DeleteSimulationApplication", "robomaker:DeleteWorldTemplate", "robomaker:DeregisterRobot", "robomaker:DescribeDeploymentJob", "robomaker:DescribeFleet", "robomaker:DescribeRobot", "robomaker:DescribeRobotApplication", "robomaker:DescribeSimulationApplication", "robomaker:DescribeSimulationJob", "robomaker:DescribeSimulationJobBatch", "robomaker:DescribeWorld", "robomaker:DescribeWorldExportJob", "robomaker:DescribeWorldGenerationJob", "robomaker:DescribeWorldTemplate", "robomaker:GetWorldTemplateBody", "robomaker:ListDeploymentJobs", "robomaker:ListFleets", "robomaker:ListRobotApplications", "robomaker:ListRobots", "robomaker:ListSimulationApplications", "robomaker:ListSimulationJobBatches", "robomaker:ListSimulationJobs", "robomaker:ListSupportedAvailabilityZones", "robomaker:ListTagsForResource", "robomaker:ListWorldExportJobs", "robomaker:ListWorldGenerationJobs", "robomaker:ListWorldTemplates", "robomaker:ListWorlds", "robomaker:RegisterRobot", "robomaker:RestartSimulationJob", "robomaker:StartSimulationJobBatch", "robomaker:SyncDeploymentJob", "robomaker:TagResource", "robomaker:UntagResource", "robomaker:UpdateRobotApplication", "robomaker:UpdateRobotDeployment", "robomaker:UpdateSimulationApplication", "robomaker:UpdateWorldTemplate", "rolesanywhere:CreateProfile", "rolesanywhere:CreateTrustAnchor", "rolesanywhere:DeleteAttributeMapping", "rolesanywhere:DeleteCrl", "rolesanywhere:DeleteProfile", "rolesanywhere:DeleteTrustAnchor", "rolesanywhere:DisableCrl", "rolesanywhere:DisableProfile", "rolesanywhere:DisableTrustAnchor", "rolesanywhere:EnableCrl", "rolesanywhere:EnableProfile", "rolesanywhere:EnableTrustAnchor", "rolesanywhere:GetCrl", "rolesanywhere:GetProfile", "rolesanywhere:GetSubject", "rolesanywhere:GetTrustAnchor", "rolesanywhere:ImportCrl", "rolesanywhere:ListCrls", "rolesanywhere:ListProfiles", "rolesanywhere:ListSubjects", "rolesanywhere:ListTagsForResource", "rolesanywhere:ListTrustAnchors", "rolesanywhere:PutAttributeMapping", "rolesanywhere:PutNotificationSettings", "rolesanywhere:ResetNotificationSettings", "rolesanywhere:TagResource", "rolesanywhere:UntagResource", "rolesanywhere:UpdateCrl", "rolesanywhere:UpdateProfile", "rolesanywhere:UpdateTrustAnchor", "route53:ActivateKeySigningKey", "route53:AssociateVPCWithHostedZone", "route53:ChangeCidrCollection", "route53:ChangeResourceRecordSets", "route53:ChangeTagsForResource", "route53:CreateCidrCollection", "route53:CreateHealthCheck", "route53:CreateHostedZone", "route53:CreateKeySigningKey", "route53:CreateQueryLoggingConfig", "route53:CreateReusableDelegationSet", "route53:CreateTrafficPolicy", "route53:CreateTrafficPolicyInstance", "route53:CreateTrafficPolicyVersion", "route53:CreateVPCAssociationAuthorization", "route53:DeactivateKeySigningKey", "route53:DeleteCidrCollection", "route53:DeleteHealthCheck", "route53:DeleteHostedZone", "route53:DeleteKeySigningKey", "route53:DeleteQueryLoggingConfig", "route53:DeleteReusableDelegationSet", "route53:DeleteTrafficPolicy", "route53:DeleteTrafficPolicyInstance", "route53:DeleteVPCAssociationAuthorization", "route53:DisableHostedZoneDNSSEC", "route53:DisassociateVPCFromHostedZone", "route53:EnableHostedZoneDNSSEC", "route53:GetAccountLimit", "route53:GetChange", "route53:GetCheckerIpRanges", "route53:GetDNSSEC", "route53:GetGeoLocation", "route53:GetHealthCheck", "route53:GetHealthCheckCount", "route53:GetHealthCheckLastFailureReason", "route53:GetHealthCheckStatus", "route53:GetHostedZone", "route53:GetHostedZoneCount", "route53:GetHostedZoneLimit", "route53:GetQueryLoggingConfig", "route53:GetReusableDelegationSet", "route53:GetReusableDelegationSetLimit", "route53:GetTrafficPolicy", "route53:GetTrafficPolicyInstance", "route53:GetTrafficPolicyInstanceCount", "route53:ListCidrBlocks", "route53:ListCidrCollections", "route53:ListCidrLocations", "route53:ListGeoLocations", "route53:ListHealthChecks", "route53:ListHostedZones", "route53:ListHostedZonesByName", "route53:ListHostedZonesByVPC", "route53:ListQueryLoggingConfigs", "route53:ListResourceRecordSets", "route53:ListReusableDelegationSets", "route53:ListTagsForResource", "route53:ListTagsForResources", "route53:ListTrafficPolicies", "route53:ListTrafficPolicyInstances", "route53:ListTrafficPolicyInstancesByHostedZone", "route53:ListTrafficPolicyInstancesByPolicy", "route53:ListTrafficPolicyVersions", "route53:ListVPCAssociationAuthorizations", "route53:TestDNSAnswer", "route53:UpdateHealthCheck", "route53:UpdateHostedZoneComment", "route53:UpdateTrafficPolicyComment", "route53:UpdateTrafficPolicyInstance", "route53-recovery-cluster:GetRoutingControlState", "route53-recovery-cluster:ListRoutingControls", "route53-recovery-cluster:UpdateRoutingControlState", "route53-recovery-cluster:UpdateRoutingControlStates", "route53-recovery-control-config:CreateCluster", "route53-recovery-control-config:CreateControlPanel", "route53-recovery-control-config:CreateRoutingControl", "route53-recovery-control-config:CreateSafetyRule", "route53-recovery-control-config:DeleteCluster", "route53-recovery-control-config:DeleteControlPanel", "route53-recovery-control-config:DeleteRoutingControl", "route53-recovery-control-config:DeleteSafetyRule", "route53-recovery-control-config:DescribeCluster", "route53-recovery-control-config:DescribeControlPanel", "route53-recovery-control-config:DescribeRoutingControl", "route53-recovery-control-config:DescribeRoutingControlByName", "route53-recovery-control-config:DescribeSafetyRule", "route53-recovery-control-config:GetResourcePolicy", "route53-recovery-control-config:ListAssociatedRoute53HealthChecks", "route53-recovery-control-config:ListClusters", "route53-recovery-control-config:ListControlPanels", "route53-recovery-control-config:ListRoutingControls", "route53-recovery-control-config:ListSafetyRules", "route53-recovery-control-config:ListTagsForResource", "route53-recovery-control-config:TagResource", "route53-recovery-control-config:UntagResource", "route53-recovery-control-config:UpdateControlPanel", "route53-recovery-control-config:UpdateRoutingControl", "route53-recovery-control-config:UpdateSafetyRule", "route53-recovery-readiness:CreateCell", "route53-recovery-readiness:CreateCrossAccountAuthorization", "route53-recovery-readiness:CreateReadinessCheck", "route53-recovery-readiness:CreateRecoveryGroup", "route53-recovery-readiness:CreateResourceSet", "route53-recovery-readiness:DeleteCell", "route53-recovery-readiness:DeleteCrossAccountAuthorization", "route53-recovery-readiness:DeleteReadinessCheck", "route53-recovery-readiness:DeleteRecoveryGroup", "route53-recovery-readiness:DeleteResourceSet", "route53-recovery-readiness:GetArchitectureRecommendations", "route53-recovery-readiness:GetCell", "route53-recovery-readiness:GetCellReadinessSummary", "route53-recovery-readiness:GetReadinessCheck", "route53-recovery-readiness:GetReadinessCheckResourceStatus", "route53-recovery-readiness:GetReadinessCheckStatus", "route53-recovery-readiness:GetRecoveryGroup", "route53-recovery-readiness:GetRecoveryGroupReadinessSummary", "route53-recovery-readiness:GetResourceSet", "route53-recovery-readiness:ListCells", "route53-recovery-readiness:ListCrossAccountAuthorizations", "route53-recovery-readiness:ListReadinessChecks", "route53-recovery-readiness:ListRecoveryGroups", "route53-recovery-readiness:ListResourceSets", "route53-recovery-readiness:ListRules", "route53-recovery-readiness:ListTagsForResources", "route53-recovery-readiness:TagResource", "route53-recovery-readiness:UntagResource", "route53-recovery-readiness:UpdateCell", "route53-recovery-readiness:UpdateReadinessCheck", "route53-recovery-readiness:UpdateRecoveryGroup", "route53-recovery-readiness:UpdateResourceSet", "route53domains:AcceptDomainTransferFromAnotherAwsAccount", "route53domains:AssociateDelegationSignerToDomain", "route53domains:CancelDomainTransferToAnotherAwsAccount", "route53domains:CheckDomainAvailability", "route53domains:CheckDomainTransferability", "route53domains:DeleteDomain", "route53domains:DeleteTagsForDomain", "route53domains:DisableDomainAutoRenew", "route53domains:DisableDomainTransferLock", "route53domains:DisassociateDelegationSignerFromDomain", "route53domains:EnableDomainAutoRenew", "route53domains:EnableDomainTransferLock", "route53domains:GetContactReachabilityStatus", "route53domains:GetDomainDetail", "route53domains:GetDomainSuggestions", "route53domains:GetOperationDetail", "route53domains:ListDomains", "route53domains:ListOperations", "route53domains:ListPrices", "route53domains:ListTagsForDomain", "route53domains:PushDomain", "route53domains:RegisterDomain", "route53domains:RejectDomainTransferFromAnotherAwsAccount", "route53domains:RenewDomain", "route53domains:ResendContactReachabilityEmail", "route53domains:ResendOperationAuthorization", "route53domains:RetrieveDomainAuthCode", "route53domains:TransferDomain", "route53domains:TransferDomainToAnotherAwsAccount", "route53domains:UpdateDomainContact", "route53domains:UpdateDomainContactPrivacy", "route53domains:UpdateDomainNameservers", "route53domains:UpdateTagsForDomain", "route53domains:ViewBilling", "route53profiles:AssociateProfile", "route53profiles:AssociateResourceToProfile", "route53profiles:CreateProfile", "route53profiles:DeleteProfile", "route53profiles:DisassociateProfile", "route53profiles:DisassociateResourceFromProfile", "route53profiles:GetProfile", "route53profiles:GetProfileAssociation", "route53profiles:GetProfileResourceAssociation", "route53profiles:ListProfileAssociations", "route53profiles:ListProfileResourceAssociations", "route53profiles:ListProfiles", "route53profiles:ListTagsForResource", "route53profiles:TagResource", "route53profiles:UntagResource", "route53profiles:UpdateProfileResourceAssociation", "route53resolver:AssociateFirewallRuleGroup", "route53resolver:AssociateResolverEndpointIpAddress", "route53resolver:AssociateResolverQueryLogConfig", "route53resolver:AssociateResolverRule", "route53resolver:CreateFirewallDomainList", "route53resolver:CreateFirewallRule", "route53resolver:CreateFirewallRuleGroup", "route53resolver:CreateOutpostResolver", "route53resolver:CreateResolverEndpoint", "route53resolver:CreateResolverQueryLogConfig", "route53resolver:CreateResolverRule", "route53resolver:DeleteFirewallDomainList", "route53resolver:DeleteFirewallRule", "route53resolver:DeleteFirewallRuleGroup", "route53resolver:DeleteOutpostResolver", "route53resolver:DeleteResolverEndpoint", "route53resolver:DeleteResolverQueryLogConfig", "route53resolver:DeleteResolverRule", "route53resolver:DisassociateFirewallRuleGroup", "route53resolver:DisassociateResolverEndpointIpAddress", "route53resolver:DisassociateResolverQueryLogConfig", "route53resolver:DisassociateResolverRule", "route53resolver:GetFirewallConfig", "route53resolver:GetFirewallDomainList", "route53resolver:GetFirewallRuleGroup", "route53resolver:GetFirewallRuleGroupAssociation", "route53resolver:GetFirewallRuleGroupPolicy", "route53resolver:GetOutpostResolver", "route53resolver:GetResolverConfig", "route53resolver:GetResolverDnssecConfig", "route53resolver:GetResolverEndpoint", "route53resolver:GetResolverQueryLogConfig", "route53resolver:GetResolverQueryLogConfigAssociation", "route53resolver:GetResolverQueryLogConfigPolicy", "route53resolver:GetResolverRule", "route53resolver:GetResolverRuleAssociation", "route53resolver:GetResolverRulePolicy", "route53resolver:ImportFirewallDomains", "route53resolver:ListFirewallConfigs", "route53resolver:ListFirewallDomainLists", "route53resolver:ListFirewallDomains", "route53resolver:ListFirewallRuleGroupAssociations", "route53resolver:ListFirewallRuleGroups", "route53resolver:ListFirewallRules", "route53resolver:ListOutpostResolvers", "route53resolver:ListResolverConfigs", "route53resolver:ListResolverDnssecConfigs", "route53resolver:ListResolverEndpointIpAddresses", "route53resolver:ListResolverEndpoints", "route53resolver:ListResolverQueryLogConfigAssociations", "route53resolver:ListResolverQueryLogConfigs", "route53resolver:ListResolverRuleAssociations", "route53resolver:ListResolverRules", "route53resolver:ListTagsForResource", "route53resolver:PutFirewallRuleGroupPolicy", "route53resolver:PutResolverQueryLogConfigPolicy", "route53resolver:PutResolverRulePolicy", "route53resolver:TagResource", "route53resolver:UntagResource", "route53resolver:UpdateFirewallConfig", "route53resolver:UpdateFirewallDomains", "route53resolver:UpdateFirewallRule", "route53resolver:UpdateFirewallRuleGroupAssociation", "route53resolver:UpdateOutpostResolver", "route53resolver:UpdateResolverConfig", "route53resolver:UpdateResolverDnssecConfig", "route53resolver:UpdateResolverEndpoint", "route53resolver:UpdateResolverRule", "rum:BatchCreateRumMetricDefinitions", "rum:BatchDeleteRumMetricDefinitions", "rum:BatchGetRumMetricDefinitions", "rum:CreateAppMonitor", "rum:DeleteAppMonitor", "rum:DeleteRumMetricsDestination", "rum:GetAppMonitor", "rum:GetAppMonitorData", "rum:ListAppMonitors", "rum:ListRumMetricsDestinations", "rum:ListTagsForResource", "rum:PutRumEvents", "rum:PutRumMetricsDestination", "rum:TagResource", "rum:UntagResource", "rum:UpdateAppMonitor", "rum:UpdateRumMetricDefinition", "s3:AbortMultipartUpload", "s3:AssociateAccessGrantsIdentityCenter", "s3:BypassGovernanceRetention", "s3:CreateAccessGrant", "s3:CreateAccessGrantsInstance", "s3:CreateAccessGrantsLocation", "s3:CreateAccessPoint", "s3:CreateAccessPointForObjectLambda", "s3:CreateBucket", "s3:CreateJob", "s3:CreateMultiRegionAccessPoint", "s3:CreateStorageLensGroup", "s3:DeleteAccessGrant", "s3:DeleteAccessGrantsInstance", "s3:DeleteAccessGrantsInstanceResourcePolicy", "s3:DeleteAccessGrantsLocation", "s3:DeleteAccessPoint", "s3:DeleteAccessPointForObjectLambda", "s3:DeleteAccessPointPolicy", "s3:DeleteAccessPointPolicyForObjectLambda", "s3:DeleteBucket", "s3:DeleteBucketPolicy", "s3:DeleteBucketWebsite", "s3:DeleteIntelligentTieringConfiguration", "s3:DeleteJobTagging", "s3:DeleteMultiRegionAccessPoint", "s3:DeleteObject", "s3:DeleteObjectTagging", "s3:DeleteObjectVersion", "s3:DeleteObjectVersionTagging", "s3:DeleteStorageLensConfiguration", "s3:DeleteStorageLensConfigurationTagging", "s3:DeleteStorageLensGroup", "s3:DescribeJob", "s3:DescribeMultiRegionAccessPointOperation", "s3:DissociateAccessGrantsIdentityCenter", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:InitiateReplication", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:ObjectOwnerOverrideToBucketOwner", "s3:PutAccelerateConfiguration", "s3:PutAccessGrantsInstanceResourcePolicy", "s3:PutAccessPointConfigurationForObjectLambda", "s3:PutAccessPointPolicy", "s3:PutAccessPointPolicyForObjectLambda", "s3:PutAccessPointPublicAccessBlock", "s3:PutAccountPublicAccessBlock", "s3:PutAnalyticsConfiguration", "s3:PutBucketAcl", "s3:PutBucketCORS", "s3:PutBucketLogging", "s3:PutBucketNotification", "s3:PutBucketObjectLockConfiguration", "s3:PutBucketOwnershipControls", "s3:PutBucketPolicy", "s3:PutBucketPublicAccessBlock", "s3:PutBucketRequestPayment", "s3:PutBucketTagging", "s3:PutBucketVersioning", "s3:PutBucketWebsite", "s3:PutEncryptionConfiguration", "s3:PutIntelligentTieringConfiguration", "s3:PutInventoryConfiguration", "s3:PutJobTagging", "s3:PutLifecycleConfiguration", "s3:PutMetricsConfiguration", "s3:PutMultiRegionAccessPointPolicy", "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionAcl", "s3:PutObjectVersionTagging", "s3:PutReplicationConfiguration", "s3:PutStorageLensConfiguration", "s3:PutStorageLensConfigurationTagging", "s3:ReplicateDelete", "s3:ReplicateObject", "s3:ReplicateTags", "s3:RestoreObject", "s3:SubmitMultiRegionAccessPointRoutes", "s3:TagResource", "s3:UntagResource", "s3:UpdateAccessGrantsLocation", "s3:UpdateJobPriority", "s3:UpdateJobStatus", "s3:UpdateStorageLensGroup", "s3-object-lambda:AbortMultipartUpload", "s3-object-lambda:DeleteObject", "s3-object-lambda:DeleteObjectTagging", "s3-object-lambda:DeleteObjectVersion", "s3-object-lambda:DeleteObjectVersionTagging", "s3-object-lambda:GetObject", "s3-object-lambda:GetObjectAcl", "s3-object-lambda:GetObjectLegalHold", "s3-object-lambda:GetObjectRetention", "s3-object-lambda:GetObjectTagging", "s3-object-lambda:GetObjectVersion", "s3-object-lambda:GetObjectVersionAcl", "s3-object-lambda:GetObjectVersionTagging", "s3-object-lambda:ListBucket", "s3-object-lambda:ListBucketMultipartUploads", "s3-object-lambda:ListBucketVersions", "s3-object-lambda:ListMultipartUploadParts", "s3-object-lambda:PutObject", "s3-object-lambda:PutObjectAcl", "s3-object-lambda:PutObjectLegalHold", "s3-object-lambda:PutObjectRetention", "s3-object-lambda:PutObjectTagging", "s3-object-lambda:PutObjectVersionAcl", "s3-object-lambda:PutObjectVersionTagging", "s3-object-lambda:RestoreObject", "s3-object-lambda:WriteGetObjectResponse", "s3-outposts:AbortMultipartUpload", "s3-outposts:CreateAccessPoint", "s3-outposts:CreateBucket", "s3-outposts:CreateEndpoint", "s3-outposts:DeleteAccessPoint", "s3-outposts:DeleteAccessPointPolicy", "s3-outposts:DeleteBucket", "s3-outposts:DeleteBucketPolicy", "s3-outposts:DeleteEndpoint", "s3-outposts:DeleteObject", "s3-outposts:DeleteObjectTagging", "s3-outposts:DeleteObjectVersion", "s3-outposts:DeleteObjectVersionTagging", "s3-outposts:GetAccessPoint", "s3-outposts:GetAccessPointPolicy", "s3-outposts:GetBucket", "s3-outposts:GetBucketPolicy", "s3-outposts:GetBucketTagging", "s3-outposts:GetBucketVersioning", "s3-outposts:GetLifecycleConfiguration", "s3-outposts:GetObject", "s3-outposts:GetObjectTagging", "s3-outposts:GetObjectVersion", "s3-outposts:GetObjectVersionForReplication", "s3-outposts:GetObjectVersionTagging", "s3-outposts:GetReplicationConfiguration", "s3-outposts:ListAccessPoints", "s3-outposts:ListBucket", "s3-outposts:ListBucketMultipartUploads", "s3-outposts:ListBucketVersions", "s3-outposts:ListEndpoints", "s3-outposts:ListMultipartUploadParts", "s3-outposts:ListOutpostsWithS3", "s3-outposts:ListRegionalBuckets", "s3-outposts:ListSharedEndpoints", "s3-outposts:PutAccessPointPolicy", "s3-outposts:PutBucketPolicy", "s3-outposts:PutBucketTagging", "s3-outposts:PutBucketVersioning", "s3-outposts:PutLifecycleConfiguration", "s3-outposts:PutObject", "s3-outposts:PutObjectAcl", "s3-outposts:PutObjectTagging", "s3-outposts:PutObjectVersionTagging", "s3-outposts:PutReplicationConfiguration", "s3-outposts:ReplicateDelete", "s3-outposts:ReplicateObject", "s3-outposts:ReplicateTags", "s3express:CreateBucket", "s3express:CreateSession", "s3express:DeleteBucket", "s3express:DeleteBucketPolicy", "s3express:GetBucketPolicy", "s3express:ListAllMyDirectoryBuckets", "s3express:PutBucketPolicy", "sagemaker:AddAssociation", "sagemaker:AddTags", "sagemaker:AssociateTrialComponent", "sagemaker:BatchDescribeModelPackage", "sagemaker:BatchGetMetrics", "sagemaker:BatchGetRecord", "sagemaker:BatchPutMetrics", "sagemaker:CreateAction", "sagemaker:CreateAlgorithm", "sagemaker:CreateApp", "sagemaker:CreateAppImageConfig", "sagemaker:CreateArtifact", "sagemaker:CreateAutoMLJob", "sagemaker:CreateAutoMLJobV2", "sagemaker:CreateCluster", "sagemaker:CreateCodeRepository", "sagemaker:CreateCompilationJob", "sagemaker:CreateContext", "sagemaker:CreateDataQualityJobDefinition", "sagemaker:CreateDeviceFleet", "sagemaker:CreateDomain", "sagemaker:CreateEdgeDeploymentPlan", "sagemaker:CreateEdgeDeploymentStage", "sagemaker:CreateEdgePackagingJob", "sagemaker:CreateEndpoint", "sagemaker:CreateEndpointConfig", "sagemaker:CreateExperiment", "sagemaker:CreateFeatureGroup", "sagemaker:CreateFlowDefinition", "sagemaker:CreateHub", "sagemaker:CreateHumanTaskUi", "sagemaker:CreateHyperParameterTuningJob", "sagemaker:CreateImage", "sagemaker:CreateImageVersion", "sagemaker:CreateInferenceComponent", "sagemaker:CreateInferenceExperiment", "sagemaker:CreateInferenceRecommendationsJob", "sagemaker:CreateLabelingJob", "sagemaker:CreateLineageGroupPolicy", "sagemaker:CreateModel", "sagemaker:CreateModelBiasJobDefinition", "sagemaker:CreateModelCard", "sagemaker:CreateModelCardExportJob", "sagemaker:CreateModelExplainabilityJobDefinition", "sagemaker:CreateModelPackage", "sagemaker:CreateModelPackageGroup", "sagemaker:CreateModelQualityJobDefinition", "sagemaker:CreateMonitoringSchedule", "sagemaker:CreateNotebookInstance", "sagemaker:CreateNotebookInstanceLifecycleConfig", "sagemaker:CreatePipeline", "sagemaker:CreatePresignedDomainUrl", "sagemaker:CreatePresignedNotebookInstanceUrl", "sagemaker:CreateProcessingJob", "sagemaker:CreateProject", "sagemaker:CreateSharedModel", "sagemaker:CreateSpace", "sagemaker:CreateStudioLifecycleConfig", "sagemaker:CreateTrainingJob", "sagemaker:CreateTransformJob", "sagemaker:CreateTrial", "sagemaker:CreateTrialComponent", "sagemaker:CreateUserProfile", "sagemaker:CreateWorkforce", "sagemaker:CreateWorkteam", "sagemaker:DeleteAction", "sagemaker:DeleteAlgorithm", "sagemaker:DeleteApp", "sagemaker:DeleteAppImageConfig", "sagemaker:DeleteArtifact", "sagemaker:DeleteAssociation", "sagemaker:DeleteCluster", "sagemaker:DeleteCodeRepository", "sagemaker:DeleteCompilationJob", "sagemaker:DeleteContext", "sagemaker:DeleteDataQualityJobDefinition", "sagemaker:DeleteDeviceFleet", "sagemaker:DeleteDomain", "sagemaker:DeleteEdgeDeploymentPlan", "sagemaker:DeleteEdgeDeploymentStage", "sagemaker:DeleteEndpoint", "sagemaker:DeleteEndpointConfig", "sagemaker:DeleteExperiment", "sagemaker:DeleteFeatureGroup", "sagemaker:DeleteFlowDefinition", "sagemaker:DeleteHub", "sagemaker:DeleteHubContent", "sagemaker:DeleteHumanLoop", "sagemaker:DeleteHumanTaskUi", "sagemaker:DeleteHyperParameterTuningJob", "sagemaker:DeleteImage", "sagemaker:DeleteImageVersion", "sagemaker:DeleteInferenceComponent", "sagemaker:DeleteInferenceExperiment", "sagemaker:DeleteLineageGroupPolicy", "sagemaker:DeleteModel", "sagemaker:DeleteModelBiasJobDefinition", "sagemaker:DeleteModelCard", "sagemaker:DeleteModelExplainabilityJobDefinition", "sagemaker:DeleteModelPackage", "sagemaker:DeleteModelPackageGroup", "sagemaker:DeleteModelPackageGroupPolicy", "sagemaker:DeleteModelQualityJobDefinition", "sagemaker:DeleteMonitoringSchedule", "sagemaker:DeleteNotebookInstance", "sagemaker:DeleteNotebookInstanceLifecycleConfig", "sagemaker:DeletePipeline", "sagemaker:DeleteProject", "sagemaker:DeleteRecord", "sagemaker:DeleteResourcePolicy", "sagemaker:DeleteSpace", "sagemaker:DeleteStudioLifecycleConfig", "sagemaker:DeleteTags", "sagemaker:DeleteTrial", "sagemaker:DeleteTrialComponent", "sagemaker:DeleteUserProfile", "sagemaker:DeleteWorkforce", "sagemaker:DeleteWorkteam", "sagemaker:DeregisterDevices", "sagemaker:DescribeAction", "sagemaker:DescribeAlgorithm", "sagemaker:DescribeApp", "sagemaker:DescribeAppImageConfig", "sagemaker:DescribeArtifact", "sagemaker:DescribeAutoMLJob", "sagemaker:DescribeAutoMLJobV2", "sagemaker:DescribeCluster", "sagemaker:DescribeClusterNode", "sagemaker:DescribeCodeRepository", "sagemaker:DescribeCompilationJob", "sagemaker:DescribeContext", "sagemaker:DescribeDataQualityJobDefinition", "sagemaker:DescribeDevice", "sagemaker:DescribeDeviceFleet", "sagemaker:DescribeDomain", "sagemaker:DescribeEdgeDeploymentPlan", "sagemaker:DescribeEdgePackagingJob", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeExperiment", "sagemaker:DescribeFeatureGroup", "sagemaker:DescribeFeatureMetadata", "sagemaker:DescribeFlowDefinition", "sagemaker:DescribeHub", "sagemaker:DescribeHubContent", "sagemaker:DescribeHumanLoop", "sagemaker:DescribeHumanTaskUi", "sagemaker:DescribeHyperParameterTuningJob", "sagemaker:DescribeImage", "sagemaker:DescribeImageVersion", "sagemaker:DescribeInferenceComponent", "sagemaker:DescribeInferenceExperiment", "sagemaker:DescribeInferenceRecommendationsJob", "sagemaker:DescribeLabelingJob", "sagemaker:DescribeLineageGroup", "sagemaker:DescribeModel", "sagemaker:DescribeModelBiasJobDefinition", "sagemaker:DescribeModelCard", "sagemaker:DescribeModelCardExportJob", "sagemaker:DescribeModelExplainabilityJobDefinition", "sagemaker:DescribeModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:DescribeModelQualityJobDefinition", "sagemaker:DescribeMonitoringSchedule", "sagemaker:DescribeNotebookInstance", "sagemaker:DescribeNotebookInstanceLifecycleConfig", "sagemaker:DescribePipeline", "sagemaker:DescribePipelineDefinitionForExecution", "sagemaker:DescribePipelineExecution", "sagemaker:DescribeProcessingJob", "sagemaker:DescribeProject", "sagemaker:DescribeSharedModel", "sagemaker:DescribeSpace", "sagemaker:DescribeStudioLifecycleConfig", "sagemaker:DescribeSubscribedWorkteam", "sagemaker:DescribeTrainingJob", "sagemaker:DescribeTransformJob", "sagemaker:DescribeTrial", "sagemaker:DescribeTrialComponent", "sagemaker:DescribeUserProfile", "sagemaker:DescribeWorkforce", "sagemaker:DescribeWorkteam", "sagemaker:DisableSagemakerServicecatalogPortfolio", "sagemaker:DisassociateTrialComponent", "sagemaker:EnableSagemakerServicecatalogPortfolio", "sagemaker:GetDeployments", "sagemaker:GetDeviceFleetReport", "sagemaker:GetDeviceRegistration", "sagemaker:GetLineageGroupPolicy", "sagemaker:GetModelPackageGroupPolicy", "sagemaker:GetRecord", "sagemaker:GetResourcePolicy", "sagemaker:GetSagemakerServicecatalogPortfolioStatus", "sagemaker:GetScalingConfigurationRecommendation", "sagemaker:GetSearchSuggestions", "sagemaker:ImportHubContent", "sagemaker:InvokeEndpoint", "sagemaker:InvokeEndpointAsync", "sagemaker:InvokeEndpointWithResponseStream", "sagemaker:ListActions", "sagemaker:ListAlgorithms", "sagemaker:ListAliases", "sagemaker:ListAppImageConfigs", "sagemaker:ListApps", "sagemaker:ListArtifacts", "sagemaker:ListAssociations", "sagemaker:ListAutoMLJobs", "sagemaker:ListCandidatesForAutoMLJob", "sagemaker:ListClusterNodes", "sagemaker:ListClusters", "sagemaker:ListCodeRepositories", "sagemaker:ListCompilationJobs", "sagemaker:ListContexts", "sagemaker:ListDataQualityJobDefinitions", "sagemaker:ListDeviceFleets", "sagemaker:ListDevices", "sagemaker:ListDomains", "sagemaker:ListEdgeDeploymentPlans", "sagemaker:ListEdgePackagingJobs", "sagemaker:ListEndpointConfigs", "sagemaker:ListEndpoints", "sagemaker:ListExperiments", "sagemaker:ListFeatureGroups", "sagemaker:ListFlowDefinitions", "sagemaker:ListHubContentVersions", "sagemaker:ListHubContents", "sagemaker:ListHubs", "sagemaker:ListHumanLoops", "sagemaker:ListHumanTaskUis", "sagemaker:ListHyperParameterTuningJobs", "sagemaker:ListImageVersions", "sagemaker:ListImages", "sagemaker:ListInferenceComponents", "sagemaker:ListInferenceExperiments", "sagemaker:ListInferenceRecommendationsJobSteps", "sagemaker:ListInferenceRecommendationsJobs", "sagemaker:ListLabelingJobs", "sagemaker:ListLabelingJobsForWorkteam", "sagemaker:ListLineageGroups", "sagemaker:ListModelBiasJobDefinitions", "sagemaker:ListModelCardExportJobs", "sagemaker:ListModelCardVersions", "sagemaker:ListModelCards", "sagemaker:ListModelExplainabilityJobDefinitions", "sagemaker:ListModelMetadata", "sagemaker:ListModelPackageGroups", "sagemaker:ListModelPackages", "sagemaker:ListModelQualityJobDefinitions", "sagemaker:ListModels", "sagemaker:ListMonitoringAlertHistory", "sagemaker:ListMonitoringAlerts", "sagemaker:ListMonitoringExecutions", "sagemaker:ListMonitoringSchedules", "sagemaker:ListNotebookInstanceLifecycleConfigs", "sagemaker:ListNotebookInstances", "sagemaker:ListPipelineExecutionSteps", "sagemaker:ListPipelineExecutions", "sagemaker:ListPipelineParametersForExecution", "sagemaker:ListPipelines", "sagemaker:ListProcessingJobs", "sagemaker:ListProjects", "sagemaker:ListResourceCatalogs", "sagemaker:ListSharedModelEvents", "sagemaker:ListSharedModelVersions", "sagemaker:ListSharedModels", "sagemaker:ListSpaces", "sagemaker:ListStageDevices", "sagemaker:ListStudioLifecycleConfigs", "sagemaker:ListSubscribedWorkteams", "sagemaker:ListTags", "sagemaker:ListTrainingJobs", "sagemaker:ListTrainingJobsForHyperParameterTuningJob", "sagemaker:ListTransformJobs", "sagemaker:ListTrialComponents", "sagemaker:ListTrials", "sagemaker:ListUserProfiles", "sagemaker:ListWorkforces", "sagemaker:ListWorkteams", "sagemaker:PutLineageGroupPolicy", "sagemaker:PutModelPackageGroupPolicy", "sagemaker:PutRecord", "sagemaker:PutResourcePolicy", "sagemaker:QueryLineage", "sagemaker:RegisterDevices", "sagemaker:RenderUiTemplate", "sagemaker:RetryPipelineExecution", "sagemaker:Search", "sagemaker:SendHeartbeat", "sagemaker:SendPipelineExecutionStepFailure", "sagemaker:SendPipelineExecutionStepSuccess", "sagemaker:SendSharedModelEvent", "sagemaker:StartEdgeDeploymentStage", "sagemaker:StartHumanLoop", "sagemaker:StartInferenceExperiment", "sagemaker:StartMonitoringSchedule", "sagemaker:StartNotebookInstance", "sagemaker:StartPipelineExecution", "sagemaker:StopAutoMLJob", "sagemaker:StopCompilationJob", "sagemaker:StopEdgeDeploymentStage", "sagemaker:StopEdgePackagingJob", "sagemaker:StopHumanLoop", "sagemaker:StopHyperParameterTuningJob", "sagemaker:StopInferenceExperiment", "sagemaker:StopInferenceRecommendationsJob", "sagemaker:StopLabelingJob", "sagemaker:StopMonitoringSchedule", "sagemaker:StopNotebookInstance", "sagemaker:StopPipelineExecution", "sagemaker:StopProcessingJob", "sagemaker:StopTrainingJob", "sagemaker:StopTransformJob", "sagemaker:UpdateAction", "sagemaker:UpdateAppImageConfig", "sagemaker:UpdateArtifact", "sagemaker:UpdateCluster", "sagemaker:UpdateClusterSoftware", "sagemaker:UpdateCodeRepository", "sagemaker:UpdateContext", "sagemaker:UpdateDeviceFleet", "sagemaker:UpdateDevices", "sagemaker:UpdateDomain", "sagemaker:UpdateEndpoint", "sagemaker:UpdateEndpointWeightsAndCapacities", "sagemaker:UpdateExperiment", "sagemaker:UpdateFeatureGroup", "sagemaker:UpdateFeatureMetadata", "sagemaker:UpdateHub", "sagemaker:UpdateImage", "sagemaker:UpdateImageVersion", "sagemaker:UpdateInferenceComponent", "sagemaker:UpdateInferenceComponentRuntimeConfig", "sagemaker:UpdateInferenceExperiment", "sagemaker:UpdateModelCard", "sagemaker:UpdateModelPackage", "sagemaker:UpdateMonitoringAlert", "sagemaker:UpdateMonitoringSchedule", "sagemaker:UpdateNotebookInstance", "sagemaker:UpdateNotebookInstanceLifecycleConfig", "sagemaker:UpdatePipeline", "sagemaker:UpdatePipelineExecution", "sagemaker:UpdateProject", "sagemaker:UpdateSharedModel", "sagemaker:UpdateSpace", "sagemaker:UpdateTrainingJob", "sagemaker:UpdateTrial", "sagemaker:UpdateTrialComponent", "sagemaker:UpdateUserProfile", "sagemaker:UpdateWorkforce", "sagemaker:UpdateWorkteam", "sagemaker-geospatial:DeleteEarthObservationJob", "sagemaker-geospatial:DeleteVectorEnrichmentJob", "sagemaker-geospatial:ExportEarthObservationJob", "sagemaker-geospatial:ExportVectorEnrichmentJob", "sagemaker-geospatial:GetEarthObservationJob", "sagemaker-geospatial:GetRasterDataCollection", "sagemaker-geospatial:GetTile", "sagemaker-geospatial:GetVectorEnrichmentJob", "sagemaker-geospatial:ListEarthObservationJobs", "sagemaker-geospatial:ListRasterDataCollections", "sagemaker-geospatial:ListTagsForResource", "sagemaker-geospatial:ListVectorEnrichmentJobs", "sagemaker-geospatial:SearchRasterDataCollection", "sagemaker-geospatial:StartEarthObservationJob", "sagemaker-geospatial:StartVectorEnrichmentJob", "sagemaker-geospatial:StopEarthObservationJob", "sagemaker-geospatial:StopVectorEnrichmentJob", "sagemaker-geospatial:TagResource", "sagemaker-geospatial:UntagResource", "sagemaker-groundtruth-synthetic:CreateProject", "sagemaker-groundtruth-synthetic:DeleteProject", "sagemaker-groundtruth-synthetic:GetAccountDetails", "sagemaker-groundtruth-synthetic:GetBatch", "sagemaker-groundtruth-synthetic:GetProject", "sagemaker-groundtruth-synthetic:ListBatchDataTransfers", "sagemaker-groundtruth-synthetic:ListBatchSummaries", "sagemaker-groundtruth-synthetic:ListProjectDataTransfers", "sagemaker-groundtruth-synthetic:ListProjectSummaries", "sagemaker-groundtruth-synthetic:StartBatchDataTransfer", "sagemaker-groundtruth-synthetic:StartProjectDataTransfer", "sagemaker-groundtruth-synthetic:UpdateBatch", "savingsplans:CreateSavingsPlan", "savingsplans:DeleteQueuedSavingsPlan", "savingsplans:DescribeSavingsPlanRates", "savingsplans:DescribeSavingsPlans", "savingsplans:DescribeSavingsPlansOfferingRates", "savingsplans:DescribeSavingsPlansOfferings", "savingsplans:ListTagsForResource", "savingsplans:ReturnSavingsPlan", "savingsplans:TagResource", "savingsplans:UntagResource", "scheduler:CreateSchedule", "scheduler:CreateScheduleGroup", "scheduler:DeleteSchedule", "scheduler:DeleteScheduleGroup", "scheduler:GetSchedule", "scheduler:GetScheduleGroup", "scheduler:ListScheduleGroups", "scheduler:ListSchedules", "scheduler:ListTagsForResource", "scheduler:TagResource", "scheduler:UntagResource", "scheduler:UpdateSchedule", "schemas:CreateDiscoverer", "schemas:CreateRegistry", "schemas:CreateSchema", "schemas:DeleteDiscoverer", "schemas:DeleteRegistry", "schemas:DeleteResourcePolicy", "schemas:DeleteSchema", "schemas:DeleteSchemaVersion", "schemas:DescribeCodeBinding", "schemas:DescribeDiscoverer", "schemas:DescribeRegistry", "schemas:DescribeSchema", "schemas:ExportSchema", "schemas:GetCodeBindingSource", "schemas:GetDiscoveredSchema", "schemas:GetResourcePolicy", "schemas:ListDiscoverers", "schemas:ListRegistries", "schemas:ListSchemaVersions", "schemas:ListSchemas", "schemas:ListTagsForResource", "schemas:PutCodeBinding", "schemas:PutResourcePolicy", "schemas:SearchSchemas", "schemas:StartDiscoverer", "schemas:StopDiscoverer", "schemas:TagResource", "schemas:UntagResource", "schemas:UpdateDiscoverer", "schemas:UpdateRegistry", "schemas:UpdateSchema", "scn:AssignAdminPermissionsToUser", "scn:CreateBillOfMaterialsImportJob", "scn:CreateInstance", "scn:CreateSSOApplication", "scn:DeleteInstance", "scn:DeleteSSOApplication", "scn:DescribeInstance", "scn:GetBillOfMaterialsImportJob", "scn:ListAdminUsers", "scn:ListInstances", "scn:ListTagsForResource", "scn:RemoveAdminPermissionsForUser", "scn:SendDataIntegrationEvent", "scn:TagResource", "scn:UntagResource", "scn:UpdateInstance", "sdb:BatchDeleteAttributes", "sdb:BatchPutAttributes", "sdb:CreateDomain", "sdb:DeleteAttributes", "sdb:DeleteDomain", "sdb:DomainMetadata", "sdb:GetAttributes", "sdb:ListDomains", "sdb:PutAttributes", "sdb:Select", "secretsmanager:BatchGetSecretValue", "secretsmanager:CancelRotateSecret", "secretsmanager:CreateSecret", "secretsmanager:DeleteResourcePolicy", "secretsmanager:DeleteSecret", "secretsmanager:DescribeSecret", "secretsmanager:GetRandomPassword", "secretsmanager:GetResourcePolicy", "secretsmanager:GetSecretValue", "secretsmanager:ListSecretVersionIds", "secretsmanager:ListSecrets", "secretsmanager:PutResourcePolicy", "secretsmanager:PutSecretValue", "secretsmanager:RemoveRegionsFromReplication", "secretsmanager:ReplicateSecretToRegions", "secretsmanager:RestoreSecret", "secretsmanager:RotateSecret", "secretsmanager:StopReplicationToReplica", "secretsmanager:TagResource", "secretsmanager:UntagResource", "secretsmanager:UpdateSecret", "secretsmanager:UpdateSecretVersionStage", "secretsmanager:ValidateResourcePolicy", "securityhub:AcceptAdministratorInvitation", "securityhub:AcceptInvitation", "securityhub:BatchDeleteAutomationRules", "securityhub:BatchDisableStandards", "securityhub:BatchEnableStandards", "securityhub:BatchGetAutomationRules", "securityhub:BatchGetConfigurationPolicyAssociations", "securityhub:BatchGetControlEvaluations", "securityhub:BatchGetSecurityControls", "securityhub:BatchGetStandardsControlAssociations", "securityhub:BatchImportFindings", "securityhub:BatchUpdateAutomationRules", "securityhub:BatchUpdateFindings", "securityhub:BatchUpdateStandardsControlAssociations", "securityhub:CreateActionTarget", "securityhub:CreateAutomationRule", "securityhub:CreateConfigurationPolicy", "securityhub:CreateFindingAggregator", "securityhub:CreateInsight", "securityhub:CreateMembers", "securityhub:DeclineInvitations", "securityhub:DeleteActionTarget", "securityhub:DeleteConfigurationPolicy", "securityhub:DeleteFindingAggregator", "securityhub:DeleteInsight", "securityhub:DeleteInvitations", "securityhub:DeleteMembers", "securityhub:DescribeActionTargets", "securityhub:DescribeHub", "securityhub:DescribeOrganizationConfiguration", "securityhub:DescribeProducts", "securityhub:DescribeStandards", "securityhub:DescribeStandardsControls", "securityhub:DisableImportFindingsForProduct", "securityhub:DisableOrganizationAdminAccount", "securityhub:DisableSecurityHub", "securityhub:DisassociateFromAdministratorAccount", "securityhub:DisassociateFromMasterAccount", "securityhub:DisassociateMembers", "securityhub:EnableImportFindingsForProduct", "securityhub:EnableOrganizationAdminAccount", "securityhub:EnableSecurityHub", "securityhub:GetAdhocInsightResults", "securityhub:GetAdministratorAccount", "securityhub:GetConfigurationPolicy", "securityhub:GetConfigurationPolicyAssociation", "securityhub:GetControlFindingSummary", "securityhub:GetEnabledStandards", "securityhub:GetFindingAggregator", "securityhub:GetFindingHistory", "securityhub:GetFindings", "securityhub:GetFreeTrialEndDate", "securityhub:GetFreeTrialUsage", "securityhub:GetInsightFindingTrend", "securityhub:GetInsightResults", "securityhub:GetInsights", "securityhub:GetInvitationsCount", "securityhub:GetMasterAccount", "securityhub:GetMembers", "securityhub:GetSecurityControlDefinition", "securityhub:GetUsage", "securityhub:InviteMembers", "securityhub:ListAutomationRules", "securityhub:ListConfigurationPolicies", "securityhub:ListConfigurationPolicyAssociations", "securityhub:ListControlEvaluationSummaries", "securityhub:ListEnabledProductsForImport", "securityhub:ListFindingAggregators", "securityhub:ListInvitations", "securityhub:ListMembers", "securityhub:ListOrganizationAdminAccounts", "securityhub:ListSecurityControlDefinitions", "securityhub:ListStandardsControlAssociations", "securityhub:ListTagsForResource", "securityhub:SendFindingEvents", "securityhub:SendInsightEvents", "securityhub:StartConfigurationPolicyAssociation", "securityhub:StartConfigurationPolicyDisassociation", "securityhub:TagResource", "securityhub:UntagResource", "securityhub:UpdateActionTarget", "securityhub:UpdateConfigurationPolicy", "securityhub:UpdateFindingAggregator", "securityhub:UpdateFindings", "securityhub:UpdateInsight", "securityhub:UpdateOrganizationConfiguration", "securityhub:UpdateSecurityControl", "securityhub:UpdateSecurityHubConfiguration", "securityhub:UpdateStandardsControl", "securitylake:CreateAwsLogSource", "securitylake:CreateCustomLogSource", "securitylake:CreateDataLake", "securitylake:CreateDataLakeExceptionSubscription", "securitylake:CreateDataLakeOrganizationConfiguration", "securitylake:CreateSubscriber", "securitylake:CreateSubscriberNotification", "securitylake:DeleteAwsLogSource", "securitylake:DeleteCustomLogSource", "securitylake:DeleteDataLake", "securitylake:DeleteDataLakeExceptionSubscription", "securitylake:DeleteDataLakeOrganizationConfiguration", "securitylake:DeleteSubscriber", "securitylake:DeleteSubscriberNotification", "securitylake:DeregisterDataLakeDelegatedAdministrator", "securitylake:GetDataLakeExceptionSubscription", "securitylake:GetDataLakeOrganizationConfiguration", "securitylake:GetDataLakeSources", "securitylake:GetSubscriber", "securitylake:ListDataLakeExceptions", "securitylake:ListDataLakes", "securitylake:ListLogSources", "securitylake:ListSubscribers", "securitylake:ListTagsForResource", "securitylake:RegisterDataLakeDelegatedAdministrator", "securitylake:TagResource", "securitylake:UntagResource", "securitylake:UpdateDataLake", "securitylake:UpdateDataLakeExceptionSubscription", "securitylake:UpdateSubscriber", "securitylake:UpdateSubscriberNotification", "serverlessrepo:CreateApplication", "serverlessrepo:CreateApplicationVersion", "serverlessrepo:CreateCloudFormationChangeSet", "serverlessrepo:CreateCloudFormationTemplate", "serverlessrepo:DeleteApplication", "serverlessrepo:GetApplication", "serverlessrepo:GetApplicationPolicy", "serverlessrepo:GetCloudFormationTemplate", "serverlessrepo:ListApplicationDependencies", "serverlessrepo:ListApplicationVersions", "serverlessrepo:ListApplications", "serverlessrepo:PutApplicationPolicy", "serverlessrepo:SearchApplications", "serverlessrepo:UnshareApplication", "serverlessrepo:UpdateApplication", "servicecatalog:AcceptPortfolioShare", "servicecatalog:AssociateAttributeGroup", "servicecatalog:AssociateBudgetWithResource", "servicecatalog:AssociatePrincipalWithPortfolio", "servicecatalog:AssociateProductWithPortfolio", "servicecatalog:AssociateResource", "servicecatalog:AssociateServiceActionWithProvisioningArtifact", "servicecatalog:AssociateTagOptionWithResource", "servicecatalog:BatchAssociateServiceActionWithProvisioningArtifact", "servicecatalog:BatchDisassociateServiceActionFromProvisioningArtifact", "servicecatalog:CopyProduct", "servicecatalog:CreateApplication", "servicecatalog:CreateAttributeGroup", "servicecatalog:CreateConstraint", "servicecatalog:CreatePortfolio", "servicecatalog:CreatePortfolioShare", "servicecatalog:CreateProduct", "servicecatalog:CreateProvisionedProductPlan", "servicecatalog:CreateProvisioningArtifact", "servicecatalog:CreateServiceAction", "servicecatalog:CreateTagOption", "servicecatalog:DeleteApplication", "servicecatalog:DeleteAttributeGroup", "servicecatalog:DeleteConstraint", "servicecatalog:DeletePortfolio", "servicecatalog:DeletePortfolioShare", "servicecatalog:DeleteProduct", "servicecatalog:DeleteProvisionedProductPlan", "servicecatalog:DeleteProvisioningArtifact", "servicecatalog:DeleteServiceAction", "servicecatalog:DeleteTagOption", "servicecatalog:DescribeConstraint", "servicecatalog:DescribeCopyProductStatus", "servicecatalog:DescribePortfolio", "servicecatalog:DescribePortfolioShareStatus", "servicecatalog:DescribePortfolioShares", "servicecatalog:DescribeProduct", "servicecatalog:DescribeProductAsAdmin", "servicecatalog:DescribeProductView", "servicecatalog:DescribeProvisionedProduct", "servicecatalog:DescribeProvisionedProductPlan", "servicecatalog:DescribeProvisioningArtifact", "servicecatalog:DescribeProvisioningParameters", "servicecatalog:DescribeRecord", "servicecatalog:DescribeServiceAction", "servicecatalog:DescribeServiceActionExecutionParameters", "servicecatalog:DescribeTagOption", "servicecatalog:DisableAWSOrganizationsAccess", "servicecatalog:DisassociateAttributeGroup", "servicecatalog:DisassociateBudgetFromResource", "servicecatalog:DisassociatePrincipalFromPortfolio", "servicecatalog:DisassociateProductFromPortfolio", "servicecatalog:DisassociateResource", "servicecatalog:DisassociateServiceActionFromProvisioningArtifact", "servicecatalog:DisassociateTagOptionFromResource", "servicecatalog:EnableAWSOrganizationsAccess", "servicecatalog:ExecuteProvisionedProductPlan", "servicecatalog:ExecuteProvisionedProductServiceAction", "servicecatalog:GetAWSOrganizationsAccessStatus", "servicecatalog:GetApplication", "servicecatalog:GetAssociatedResource", "servicecatalog:GetAttributeGroup", "servicecatalog:GetConfiguration", "servicecatalog:GetProvisionedProductOutputs", "servicecatalog:ImportAsProvisionedProduct", "servicecatalog:ListAcceptedPortfolioShares", "servicecatalog:ListApplications", "servicecatalog:ListAssociatedAttributeGroups", "servicecatalog:ListAssociatedResources", "servicecatalog:ListAttributeGroups", "servicecatalog:ListAttributeGroupsForApplication", "servicecatalog:ListBudgetsForResource", "servicecatalog:ListConstraintsForPortfolio", "servicecatalog:ListLaunchPaths", "servicecatalog:ListOrganizationPortfolioAccess", "servicecatalog:ListPortfolioAccess", "servicecatalog:ListPortfolios", "servicecatalog:ListPortfoliosForProduct", "servicecatalog:ListPrincipalsForPortfolio", "servicecatalog:ListProvisionedProductPlans", "servicecatalog:ListProvisioningArtifacts", "servicecatalog:ListProvisioningArtifactsForServiceAction", "servicecatalog:ListRecordHistory", "servicecatalog:ListResourcesForTagOption", "servicecatalog:ListServiceActions", "servicecatalog:ListServiceActionsForProvisioningArtifact", "servicecatalog:ListStackInstancesForProvisionedProduct", "servicecatalog:ListTagOptions", "servicecatalog:ListTagsForResource", "servicecatalog:NotifyProvisionProductEngineWorkflowResult", "servicecatalog:NotifyTerminateProvisionedProductEngineWorkflowResult", "servicecatalog:NotifyUpdateProvisionedProductEngineWorkflowResult", "servicecatalog:ProvisionProduct", "servicecatalog:PutConfiguration", "servicecatalog:RejectPortfolioShare", "servicecatalog:ScanProvisionedProducts", "servicecatalog:SearchProducts", "servicecatalog:SearchProductsAsAdmin", "servicecatalog:SearchProvisionedProducts", "servicecatalog:SyncResource", "servicecatalog:TagResource", "servicecatalog:TerminateProvisionedProduct", "servicecatalog:UntagResource", "servicecatalog:UpdateApplication", "servicecatalog:UpdateAttributeGroup", "servicecatalog:UpdateConstraint", "servicecatalog:UpdatePortfolio", "servicecatalog:UpdatePortfolioShare", "servicecatalog:UpdateProduct", "servicecatalog:UpdateProvisionedProduct", "servicecatalog:UpdateProvisionedProductProperties", "servicecatalog:UpdateProvisioningArtifact", "servicecatalog:UpdateServiceAction", "servicecatalog:UpdateTagOption", "servicediscovery:CreateHttpNamespace", "servicediscovery:CreatePrivateDnsNamespace", "servicediscovery:CreatePublicDnsNamespace", "servicediscovery:CreateService", "servicediscovery:DeleteNamespace", "servicediscovery:DeleteService", "servicediscovery:DeregisterInstance", "servicediscovery:DiscoverInstances", "servicediscovery:DiscoverInstancesRevision", "servicediscovery:GetInstance", "servicediscovery:GetInstancesHealthStatus", "servicediscovery:GetNamespace", "servicediscovery:GetOperation", "servicediscovery:GetService", "servicediscovery:ListInstances", "servicediscovery:ListNamespaces", "servicediscovery:ListOperations", "servicediscovery:ListServices", "servicediscovery:ListTagsForResource", "servicediscovery:RegisterInstance", "servicediscovery:TagResource", "servicediscovery:UntagResource", "servicediscovery:UpdateHttpNamespace", "servicediscovery:UpdateInstanceCustomHealthStatus", "servicediscovery:UpdatePrivateDnsNamespace", "servicediscovery:UpdatePublicDnsNamespace", "servicediscovery:UpdateService", "serviceextract:GetConfig", "servicequotas:AssociateServiceQuotaTemplate", "servicequotas:DeleteServiceQuotaIncreaseRequestFromTemplate", "servicequotas:DisassociateServiceQuotaTemplate", "servicequotas:GetAWSDefaultServiceQuota", "servicequotas:GetAssociationForServiceQuotaTemplate", "servicequotas:GetRequestedServiceQuotaChange", "servicequotas:GetServiceQuota", "servicequotas:GetServiceQuotaIncreaseRequestFromTemplate", "servicequotas:ListAWSDefaultServiceQuotas", "servicequotas:ListRequestedServiceQuotaChangeHistory", "servicequotas:ListRequestedServiceQuotaChangeHistoryByQuota", "servicequotas:ListServiceQuotaIncreaseRequestsInTemplate", "servicequotas:ListServiceQuotas", "servicequotas:ListServices", "servicequotas:ListTagsForResource", "servicequotas:PutServiceQuotaIncreaseRequestIntoTemplate", "servicequotas:RequestServiceQuotaIncrease", "servicequotas:TagResource", "servicequotas:UntagResource", "ses:CreateConfigurationSet", "ses:CreateConfigurationSetEventDestination", "ses:CreateDedicatedIpPool", "ses:CreateDeliverabilityTestReport", "ses:CreateEmailIdentity", "ses:DeleteConfigurationSet", "ses:DeleteConfigurationSetEventDestination", "ses:DeleteDedicatedIpPool", "ses:DeleteEmailIdentity", "ses:GetAccount", "ses:GetBlacklistReports", "ses:GetConfigurationSet", "ses:GetConfigurationSetEventDestinations", "ses:GetDedicatedIp", "ses:GetDedicatedIps", "ses:GetDeliverabilityDashboardOptions", "ses:GetDeliverabilityTestReport", "ses:GetDomainDeliverabilityCampaign", "ses:GetDomainStatisticsReport", "ses:GetEmailIdentity", "ses:ListConfigurationSets", "ses:ListDedicatedIpPools", "ses:ListDeliverabilityTestReports", "ses:ListDomainDeliverabilityCampaigns", "ses:ListEmailIdentities", "ses:ListTagsForResource", "ses:PutAccountDedicatedIpWarmupAttributes", "ses:PutAccountSendingAttributes", "ses:PutConfigurationSetDeliveryOptions", "ses:PutConfigurationSetReputationOptions", "ses:PutConfigurationSetSendingOptions", "ses:PutConfigurationSetTrackingOptions", "ses:PutDedicatedIpInPool", "ses:PutDedicatedIpWarmupAttributes", "ses:PutDeliverabilityDashboardOption", "ses:PutEmailIdentityDkimAttributes", "ses:PutEmailIdentityFeedbackAttributes", "ses:PutEmailIdentityMailFromAttributes", "ses:SendEmail", "ses:TagResource", "ses:UntagResource", "ses:UpdateConfigurationSetEventDestination", "ses:CloneReceiptRuleSet", "ses:CreateConfigurationSetTrackingOptions", "ses:CreateCustomVerificationEmailTemplate", "ses:CreateReceiptFilter", "ses:CreateReceiptRule", "ses:CreateReceiptRuleSet", "ses:CreateTemplate", "ses:DeleteConfigurationSetTrackingOptions", "ses:DeleteCustomVerificationEmailTemplate", "ses:DeleteIdentity", "ses:DeleteIdentityPolicy", "ses:DeleteReceiptFilter", "ses:DeleteReceiptRule", "ses:DeleteReceiptRuleSet", "ses:DeleteTemplate", "ses:DeleteVerifiedEmailAddress", "ses:DescribeActiveReceiptRuleSet", "ses:DescribeConfigurationSet", "ses:DescribeReceiptRule", "ses:DescribeReceiptRuleSet", "ses:GetAccountSendingEnabled", "ses:GetCustomVerificationEmailTemplate", "ses:GetIdentityDkimAttributes", "ses:GetIdentityMailFromDomainAttributes", "ses:GetIdentityNotificationAttributes", "ses:GetIdentityPolicies", "ses:GetIdentityVerificationAttributes", "ses:GetSendQuota", "ses:GetSendStatistics", "ses:GetTemplate", "ses:ListCustomVerificationEmailTemplates", "ses:ListIdentities", "ses:ListIdentityPolicies", "ses:ListReceiptFilters", "ses:ListReceiptRuleSets", "ses:ListTemplates", "ses:ListVerifiedEmailAddresses", "ses:PutIdentityPolicy", "ses:ReorderReceiptRuleSet", "ses:SendBounce", "ses:SendBulkTemplatedEmail", "ses:SendCustomVerificationEmail", "ses:SendRawEmail", "ses:SendTemplatedEmail", "ses:SetActiveReceiptRuleSet", "ses:SetIdentityDkimEnabled", "ses:SetIdentityFeedbackForwardingEnabled", "ses:SetIdentityHeadersInNotificationsEnabled", "ses:SetIdentityMailFromDomain", "ses:SetIdentityNotificationTopic", "ses:SetReceiptRulePosition", "ses:TestRenderTemplate", "ses:UpdateAccountSendingEnabled", "ses:UpdateConfigurationSetReputationMetricsEnabled", "ses:UpdateConfigurationSetSendingEnabled", "ses:UpdateConfigurationSetTrackingOptions", "ses:UpdateCustomVerificationEmailTemplate", "ses:UpdateReceiptRule", "ses:UpdateTemplate", "ses:VerifyDomainDkim", "ses:VerifyDomainIdentity", "ses:VerifyEmailAddress", "ses:VerifyEmailIdentity", "ses:BatchGetMetricData", "ses:CancelExportJob", "ses:CreateContact", "ses:CreateContactList", "ses:CreateEmailIdentityPolicy", "ses:CreateEmailTemplate", "ses:CreateExportJob", "ses:CreateImportJob", "ses:DeleteContact", "ses:DeleteContactList", "ses:DeleteEmailIdentityPolicy", "ses:DeleteEmailTemplate", "ses:DeleteSuppressedDestination", "ses:GetContact", "ses:GetContactList", "ses:GetDedicatedIpPool", "ses:GetEmailIdentityPolicies", "ses:GetEmailTemplate", "ses:GetExportJob", "ses:GetImportJob", "ses:GetMessageInsights", "ses:GetSuppressedDestination", "ses:ListContactLists", "ses:ListContacts", "ses:ListEmailTemplates", "ses:ListExportJobs", "ses:ListImportJobs", "ses:ListRecommendations", "ses:ListSuppressedDestinations", "ses:PutAccountDetails", "ses:PutAccountSuppressionAttributes", "ses:PutAccountVdmAttributes", "ses:PutConfigurationSetSuppressionOptions", "ses:PutConfigurationSetVdmOptions", "ses:PutDedicatedIpPoolScalingAttributes", "ses:PutEmailIdentityConfigurationSetAttributes", "ses:PutEmailIdentityDkimSigningAttributes", "ses:PutSuppressedDestination", "ses:SendBulkEmail", "ses:TestRenderEmailTemplate", "ses:UpdateContact", "ses:UpdateContactList", "ses:UpdateEmailIdentityPolicy", "ses:UpdateEmailTemplate", "shield:AssociateDRTLogBucket", "shield:AssociateDRTRole", "shield:AssociateHealthCheck", "shield:AssociateProactiveEngagementDetails", "shield:CreateProtection", "shield:CreateProtectionGroup", "shield:CreateSubscription", "shield:DeleteProtection", "shield:DeleteProtectionGroup", "shield:DeleteSubscription", "shield:DescribeAttack", "shield:DescribeAttackStatistics", "shield:DescribeDRTAccess", "shield:DescribeEmergencyContactSettings", "shield:DescribeProtection", "shield:DescribeProtectionGroup", "shield:DescribeSubscription", "shield:DisableApplicationLayerAutomaticResponse", "shield:DisableProactiveEngagement", "shield:DisassociateDRTLogBucket", "shield:DisassociateDRTRole", "shield:DisassociateHealthCheck", "shield:EnableApplicationLayerAutomaticResponse", "shield:EnableProactiveEngagement", "shield:GetSubscriptionState", "shield:ListAttacks", "shield:ListProtectionGroups", "shield:ListProtections", "shield:ListResourcesInProtectionGroup", "shield:ListTagsForResource", "shield:TagResource", "shield:UntagResource", "shield:UpdateApplicationLayerAutomaticResponse", "shield:UpdateEmergencyContactSettings", "shield:UpdateProtectionGroup", "shield:UpdateSubscription", "signer:AddProfilePermission", "signer:CancelSigningProfile", "signer:DescribeSigningJob", "signer:GetRevocationStatus", "signer:GetSigningPlatform", "signer:GetSigningProfile", "signer:ListProfilePermissions", "signer:ListSigningJobs", "signer:ListSigningPlatforms", "signer:ListSigningProfiles", "signer:ListTagsForResource", "signer:PutSigningProfile", "signer:RemoveProfilePermission", "signer:RevokeSignature", "signer:RevokeSigningProfile", "signer:SignPayload", "signer:StartSigningJob", "signer:TagResource", "signer:UntagResource", "signin:CreateTrustedIdentityPropagationApplicationForConsole", "signin:ListTrustedIdentityPropagationApplicationsForConsole", "simspaceweaver:CreateSnapshot", "simspaceweaver:DeleteApp", "simspaceweaver:DeleteSimulation", "simspaceweaver:DescribeApp", "simspaceweaver:DescribeSimulation", "simspaceweaver:ListApps", "simspaceweaver:ListSimulations", "simspaceweaver:ListTagsForResource", "simspaceweaver:StartApp", "simspaceweaver:StartClock", "simspaceweaver:StartSimulation", "simspaceweaver:StopApp", "simspaceweaver:StopClock", "simspaceweaver:StopSimulation", "simspaceweaver:TagResource", "simspaceweaver:UntagResource", "sms:CreateApp", "sms:CreateReplicationJob", "sms:DeleteApp", "sms:DeleteAppLaunchConfiguration", "sms:DeleteAppReplicationConfiguration", "sms:DeleteAppValidationConfiguration", "sms:DeleteReplicationJob", "sms:DeleteServerCatalog", "sms:DisassociateConnector", "sms:GenerateChangeSet", "sms:GenerateTemplate", "sms:GetApp", "sms:GetAppLaunchConfiguration", "sms:GetAppReplicationConfiguration", "sms:GetAppValidationConfiguration", "sms:GetAppValidationOutput", "sms:GetConnectors", "sms:GetMessages", "sms:GetReplicationJobs", "sms:GetReplicationRuns", "sms:GetServers", "sms:ImportAppCatalog", "sms:ImportServerCatalog", "sms:LaunchApp", "sms:ListApps", "sms:NotifyAppValidationOutput", "sms:PutAppLaunchConfiguration", "sms:PutAppReplicationConfiguration", "sms:PutAppValidationConfiguration", "sms:SendMessage", "sms:StartAppReplication", "sms:StartOnDemandAppReplication", "sms:StartOnDemandReplicationRun", "sms:StopAppReplication", "sms:TerminateApp", "sms:UpdateApp", "sms:UpdateReplicationJob", "sms-voice:CreateConfigurationSet", "sms-voice:CreateConfigurationSetEventDestination", "sms-voice:DeleteConfigurationSet", "sms-voice:DeleteConfigurationSetEventDestination", "sms-voice:GetConfigurationSetEventDestinations", "sms-voice:ListConfigurationSets", "sms-voice:SendVoiceMessage", "sms-voice:UpdateConfigurationSetEventDestination", "sms-voice:AssociateOriginationIdentity", "sms-voice:CreateEventDestination", "sms-voice:CreateOptOutList", "sms-voice:CreatePool", "sms-voice:CreateRegistration", "sms-voice:CreateRegistrationAssociation", "sms-voice:CreateRegistrationAttachment", "sms-voice:CreateRegistrationVersion", "sms-voice:CreateVerifiedDestinationNumber", "sms-voice:DeleteDefaultMessageType", "sms-voice:DeleteDefaultSenderId", "sms-voice:DeleteEventDestination", "sms-voice:DeleteKeyword", "sms-voice:DeleteOptOutList", "sms-voice:DeleteOptedOutNumber", "sms-voice:DeletePool", "sms-voice:DeleteRegistration", "sms-voice:DeleteRegistrationAttachment", "sms-voice:DeleteRegistrationFieldValue", "sms-voice:DeleteTextMessageSpendLimitOverride", "sms-voice:DeleteVerifiedDestinationNumber", "sms-voice:DeleteVoiceMessageSpendLimitOverride", "sms-voice:DescribeAccountAttributes", "sms-voice:DescribeAccountLimits", "sms-voice:DescribeConfigurationSets", "sms-voice:DescribeKeywords", "sms-voice:DescribeOptOutLists", "sms-voice:DescribeOptedOutNumbers", "sms-voice:DescribePhoneNumbers", "sms-voice:DescribePools", "sms-voice:DescribeRegistrationAttachments", "sms-voice:DescribeRegistrationFieldDefinitions", "sms-voice:DescribeRegistrationFieldValues", "sms-voice:DescribeRegistrationSectionDefinitions", "sms-voice:DescribeRegistrationTypeDefinitions", "sms-voice:DescribeRegistrationVersions", "sms-voice:DescribeRegistrations", "sms-voice:DescribeSenderIds", "sms-voice:DescribeSpendLimits", "sms-voice:DescribeVerifiedDestinationNumbers", "sms-voice:DisassociateOriginationIdentity", "sms-voice:DiscardRegistrationVersion", "sms-voice:ListPoolOriginationIdentities", "sms-voice:ListRegistrationAssociations", "sms-voice:ListTagsForResource", "sms-voice:PutKeyword", "sms-voice:PutOptedOutNumber", "sms-voice:PutRegistrationFieldValue", "sms-voice:ReleasePhoneNumber", "sms-voice:ReleaseSenderId", "sms-voice:RequestPhoneNumber", "sms-voice:RequestSenderId", "sms-voice:SendDestinationNumberVerificationCode", "sms-voice:SendTextMessage", "sms-voice:SetDefaultMessageType", "sms-voice:SetDefaultSenderId", "sms-voice:SetTextMessageSpendLimitOverride", "sms-voice:SetVoiceMessageSpendLimitOverride", "sms-voice:SubmitRegistrationVersion", "sms-voice:TagResource", "sms-voice:UntagResource", "sms-voice:UpdateEventDestination", "sms-voice:UpdatePhoneNumber", "sms-voice:UpdatePool", "sms-voice:UpdateSenderId", "sms-voice:VerifyDestinationNumber", "snow-device-management:CancelTask", "snow-device-management:CreateTask", "snow-device-management:DescribeDevice", "snow-device-management:DescribeDeviceEc2Instances", "snow-device-management:DescribeExecution", "snow-device-management:DescribeTask", "snow-device-management:ListDeviceResources", "snow-device-management:ListDevices", "snow-device-management:ListExecutions", "snow-device-management:ListTagsForResource", "snow-device-management:ListTasks", "snow-device-management:TagResource", "snow-device-management:UntagResource", "snowball:CancelCluster", "snowball:CancelJob", "snowball:CreateAddress", "snowball:CreateCluster", "snowball:CreateJob", "snowball:CreateLongTermPricing", "snowball:CreateReturnShippingLabel", "snowball:DescribeAddress", "snowball:DescribeAddresses", "snowball:DescribeCluster", "snowball:DescribeJob", "snowball:DescribeReturnShippingLabel", "snowball:GetJobManifest", "snowball:GetJobUnlockCode", "snowball:GetSnowballUsage", "snowball:GetSoftwareUpdates", "snowball:ListClusterJobs", "snowball:ListClusters", "snowball:ListCompatibleImages", "snowball:ListJobs", "snowball:ListLongTermPricing", "snowball:ListPickupLocations", "snowball:ListServiceVersions", "snowball:UpdateCluster", "snowball:UpdateJob", "snowball:UpdateJobShipmentState", "snowball:UpdateLongTermPricing", "sns:AddPermission", "sns:CheckIfPhoneNumberIsOptedOut", "sns:ConfirmSubscription", "sns:CreatePlatformApplication", "sns:CreatePlatformEndpoint", "sns:CreateSMSSandboxPhoneNumber", "sns:CreateTopic", "sns:DeleteEndpoint", "sns:DeletePlatformApplication", "sns:DeleteSMSSandboxPhoneNumber", "sns:DeleteTopic", "sns:GetDataProtectionPolicy", "sns:GetEndpointAttributes", "sns:GetPlatformApplicationAttributes", "sns:GetSMSAttributes", "sns:GetSMSSandboxAccountStatus", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:ListEndpointsByPlatformApplication", "sns:ListOriginationNumbers", "sns:ListPhoneNumbersOptedOut", "sns:ListPlatformApplications", "sns:ListSMSSandboxPhoneNumbers", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "sns:OptInPhoneNumber", "sns:Publish", "sns:PutDataProtectionPolicy", "sns:RemovePermission", "sns:SetEndpointAttributes", "sns:SetPlatformApplicationAttributes", "sns:SetSMSAttributes", "sns:SetSubscriptionAttributes", "sns:SetTopicAttributes", "sns:Subscribe", "sns:TagResource", "sns:Unsubscribe", "sns:UntagResource", "sns:VerifySMSSandboxPhoneNumber", "sqlworkbench:AssociateConnectionWithChart", "sqlworkbench:AssociateConnectionWithTab", "sqlworkbench:AssociateNotebookWithTab", "sqlworkbench:AssociateQueryWithTab", "sqlworkbench:BatchDeleteFolder", "sqlworkbench:BatchGetNotebookCell", "sqlworkbench:CreateAccount", "sqlworkbench:CreateChart", "sqlworkbench:CreateConnection", "sqlworkbench:CreateFolder", "sqlworkbench:CreateNotebook", "sqlworkbench:CreateNotebookCell", "sqlworkbench:CreateNotebookFromVersion", "sqlworkbench:CreateNotebookVersion", "sqlworkbench:CreateSavedQuery", "sqlworkbench:DeleteChart", "sqlworkbench:DeleteConnection", "sqlworkbench:DeleteNotebook", "sqlworkbench:DeleteNotebookCell", "sqlworkbench:DeleteNotebookVersion", "sqlworkbench:DeleteSavedQuery", "sqlworkbench:DeleteTab", "sqlworkbench:DriverExecute", "sqlworkbench:DuplicateNotebook", "sqlworkbench:ExportNotebook", "sqlworkbench:GenerateSession", "sqlworkbench:GetAccountInfo", "sqlworkbench:GetAccountSettings", "sqlworkbench:GetAutocompletionMetadata", "sqlworkbench:GetAutocompletionResource", "sqlworkbench:GetChart", "sqlworkbench:GetConnection", "sqlworkbench:GetNotebook", "sqlworkbench:GetNotebookVersion", "sqlworkbench:GetQSqlRecommendations", "sqlworkbench:GetQueryExecutionHistory", "sqlworkbench:GetSavedQuery", "sqlworkbench:GetSchemaInference", "sqlworkbench:GetUserInfo", "sqlworkbench:GetUserWorkspaceSettings", "sqlworkbench:ImportNotebook", "sqlworkbench:ListConnections", "sqlworkbench:ListDatabases", "sqlworkbench:ListFiles", "sqlworkbench:ListNotebookVersions", "sqlworkbench:ListNotebooks", "sqlworkbench:ListQueryExecutionHistory", "sqlworkbench:ListRedshiftClusters", "sqlworkbench:ListSampleDatabases", "sqlworkbench:ListSavedQueryVersions", "sqlworkbench:ListTabs", "sqlworkbench:ListTaggedResources", "sqlworkbench:ListTagsForResource", "sqlworkbench:PutTab", "sqlworkbench:PutUserWorkspaceSettings", "sqlworkbench:RestoreNotebookVersion", "sqlworkbench:TagResource", "sqlworkbench:UntagResource", "sqlworkbench:UpdateAccountConnectionSettings", "sqlworkbench:UpdateAccountExportSettings", "sqlworkbench:UpdateAccountGeneralSettings", "sqlworkbench:UpdateAccountQSqlSettings", "sqlworkbench:UpdateChart", "sqlworkbench:UpdateConnection", "sqlworkbench:UpdateFileFolder", "sqlworkbench:UpdateFolder", "sqlworkbench:UpdateNotebook", "sqlworkbench:UpdateNotebookCellContent", "sqlworkbench:UpdateNotebookCellLayout", "sqlworkbench:UpdateSavedQuery", "sqs:AddPermission", "sqs:CancelMessageMoveTask", "sqs:ChangeMessageVisibility", "sqs:CreateQueue", "sqs:DeleteMessage", "sqs:DeleteQueue", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "sqs:ListDeadLetterSourceQueues", "sqs:ListMessageMoveTasks", "sqs:ListQueueTags", "sqs:ListQueues", "sqs:PurgeQueue", "sqs:ReceiveMessage", "sqs:RemovePermission", "sqs:SendMessage", "sqs:SetQueueAttributes", "sqs:StartMessageMoveTask", "sqs:TagQueue", "sqs:UntagQueue", "ssm:AddTagsToResource", "ssm:AssociateOpsItemRelatedItem", "ssm:CancelCommand", "ssm:CancelMaintenanceWindowExecution", "ssm:CreateActivation", "ssm:CreateAssociation", "ssm:CreateAssociationBatch", "ssm:CreateDocument", "ssm:CreateMaintenanceWindow", "ssm:CreateOpsItem", "ssm:CreateOpsMetadata", "ssm:CreatePatchBaseline", "ssm:CreateResourceDataSync", "ssm:DeleteActivation", "ssm:DeleteAssociation", "ssm:DeleteDocument", "ssm:DeleteInventory", "ssm:DeleteMaintenanceWindow", "ssm:DeleteOpsItem", "ssm:DeleteOpsMetadata", "ssm:DeleteParameter", "ssm:DeleteParameters", "ssm:DeletePatchBaseline", "ssm:DeleteResourceDataSync", "ssm:DeleteResourcePolicy", "ssm:DeregisterManagedInstance", "ssm:DeregisterPatchBaselineForPatchGroup", "ssm:DeregisterTargetFromMaintenanceWindow", "ssm:DeregisterTaskFromMaintenanceWindow", "ssm:DescribeActivations", "ssm:DescribeAssociation", "ssm:DescribeAssociationExecutionTargets", "ssm:DescribeAssociationExecutions", "ssm:DescribeAutomationExecutions", "ssm:DescribeAutomationStepExecutions", "ssm:DescribeAvailablePatches", "ssm:DescribeDocument", "ssm:DescribeDocumentParameters", "ssm:DescribeDocumentPermission", "ssm:DescribeEffectiveInstanceAssociations", "ssm:DescribeEffectivePatchesForPatchBaseline", "ssm:DescribeInstanceAssociationsStatus", "ssm:DescribeInstanceInformation", "ssm:DescribeInstancePatchStates", "ssm:DescribeInstancePatchStatesForPatchGroup", "ssm:DescribeInstancePatches", "ssm:DescribeInstanceProperties", "ssm:DescribeInventoryDeletions", "ssm:DescribeMaintenanceWindowExecutionTaskInvocations", "ssm:DescribeMaintenanceWindowExecutionTasks", "ssm:DescribeMaintenanceWindowExecutions", "ssm:DescribeMaintenanceWindowSchedule", "ssm:DescribeMaintenanceWindowTargets", "ssm:DescribeMaintenanceWindowTasks", "ssm:DescribeMaintenanceWindows", "ssm:DescribeMaintenanceWindowsForTarget", "ssm:DescribeOpsItems", "ssm:DescribeParameters", "ssm:DescribePatchBaselines", "ssm:DescribePatchGroupState", "ssm:DescribePatchGroups", "ssm:DescribePatchProperties", "ssm:DescribeSessions", "ssm:DisassociateOpsItemRelatedItem", "ssm:GetAutomationExecution", "ssm:GetCalendar", "ssm:GetCalendarState", "ssm:GetCommandInvocation", "ssm:GetConnectionStatus", "ssm:GetDefaultPatchBaseline", "ssm:GetDeployablePatchSnapshotForInstance", "ssm:GetDocument", "ssm:GetInventory", "ssm:GetInventorySchema", "ssm:GetMaintenanceWindow", "ssm:GetMaintenanceWindowExecution", "ssm:GetMaintenanceWindowExecutionTask", "ssm:GetMaintenanceWindowExecutionTaskInvocation", "ssm:GetMaintenanceWindowTask", "ssm:GetManifest", "ssm:GetOpsItem", "ssm:GetOpsMetadata", "ssm:GetOpsSummary", "ssm:GetParameter", "ssm:GetParameterHistory", "ssm:GetParameters", "ssm:GetParametersByPath", "ssm:GetPatchBaseline", "ssm:GetPatchBaselineForPatchGroup", "ssm:GetResourcePolicies", "ssm:GetServiceSetting", "ssm:LabelParameterVersion", "ssm:ListAssociationVersions", "ssm:ListAssociations", "ssm:ListCommandInvocations", "ssm:ListCommands", "ssm:ListComplianceItems", "ssm:ListComplianceSummaries", "ssm:ListDocumentMetadataHistory", "ssm:ListDocumentVersions", "ssm:ListDocuments", "ssm:ListInstanceAssociations", "ssm:ListInventoryEntries", "ssm:ListOpsItemEvents", "ssm:ListOpsItemRelatedItems", "ssm:ListOpsMetadata", "ssm:ListResourceComplianceSummaries", "ssm:ListResourceDataSync", "ssm:ListTagsForResource", "ssm:ModifyDocumentPermission", "ssm:PutCalendar", "ssm:PutComplianceItems", "ssm:PutConfigurePackageResult", "ssm:PutInventory", "ssm:PutParameter", "ssm:PutResourcePolicy", "ssm:RegisterDefaultPatchBaseline", "ssm:RegisterManagedInstance", "ssm:RegisterPatchBaselineForPatchGroup", "ssm:RegisterTargetWithMaintenanceWindow", "ssm:RegisterTaskWithMaintenanceWindow", "ssm:RemoveTagsFromResource", "ssm:ResetServiceSetting", "ssm:ResumeSession", "ssm:SendAutomationSignal", "ssm:SendCommand", "ssm:StartAssociationsOnce", "ssm:StartAutomationExecution", "ssm:StartChangeRequestExecution", "ssm:StartSession", "ssm:StopAutomationExecution", "ssm:TerminateSession", "ssm:UnlabelParameterVersion", "ssm:UpdateAssociation", "ssm:UpdateAssociationStatus", "ssm:UpdateDocument", "ssm:UpdateDocumentDefaultVersion", "ssm:UpdateDocumentMetadata", "ssm:UpdateInstanceAssociationStatus", "ssm:UpdateInstanceInformation", "ssm:UpdateMaintenanceWindow", "ssm:UpdateMaintenanceWindowTarget", "ssm:UpdateMaintenanceWindowTask", "ssm:UpdateManagedInstanceRole", "ssm:UpdateOpsItem", "ssm:UpdateOpsMetadata", "ssm:UpdatePatchBaseline", "ssm:UpdateResourceDataSync", "ssm:UpdateServiceSetting", "ssm-contacts:AcceptPage", "ssm-contacts:ActivateContactChannel", "ssm-contacts:AssociateContact", "ssm-contacts:CreateContact", "ssm-contacts:CreateContactChannel", "ssm-contacts:CreateRotation", "ssm-contacts:CreateRotationOverride", "ssm-contacts:DeactivateContactChannel", "ssm-contacts:DeleteContact", "ssm-contacts:DeleteContactChannel", "ssm-contacts:DeleteRotation", "ssm-contacts:DeleteRotationOverride", "ssm-contacts:DescribeEngagement", "ssm-contacts:DescribePage", "ssm-contacts:GetContact", "ssm-contacts:GetContactChannel", "ssm-contacts:GetContactPolicy", "ssm-contacts:GetRotation", "ssm-contacts:GetRotationOverride", "ssm-contacts:ListContactChannels", "ssm-contacts:ListContacts", "ssm-contacts:ListEngagements", "ssm-contacts:ListPageReceipts", "ssm-contacts:ListPageResolutions", "ssm-contacts:ListPagesByContact", "ssm-contacts:ListPagesByEngagement", "ssm-contacts:ListPreviewRotationShifts", "ssm-contacts:ListRotationOverrides", "ssm-contacts:ListRotationShifts", "ssm-contacts:ListRotations", "ssm-contacts:ListTagsForResource", "ssm-contacts:PutContactPolicy", "ssm-contacts:SendActivationCode", "ssm-contacts:StartEngagement", "ssm-contacts:StopEngagement", "ssm-contacts:TagResource", "ssm-contacts:UntagResource", "ssm-contacts:UpdateContact", "ssm-contacts:UpdateContactChannel", "ssm-contacts:UpdateRotation", "ssm-guiconnect:CancelConnection", "ssm-guiconnect:GetConnection", "ssm-guiconnect:StartConnection", "ssm-incidents:BatchGetIncidentFindings", "ssm-incidents:CreateReplicationSet", "ssm-incidents:CreateResponsePlan", "ssm-incidents:CreateTimelineEvent", "ssm-incidents:DeleteIncidentRecord", "ssm-incidents:DeleteReplicationSet", "ssm-incidents:DeleteResourcePolicy", "ssm-incidents:DeleteResponsePlan", "ssm-incidents:DeleteTimelineEvent", "ssm-incidents:GetIncidentRecord", "ssm-incidents:GetReplicationSet", "ssm-incidents:GetResourcePolicies", "ssm-incidents:GetResponsePlan", "ssm-incidents:GetTimelineEvent", "ssm-incidents:ListIncidentFindings", "ssm-incidents:ListIncidentRecords", "ssm-incidents:ListRelatedItems", "ssm-incidents:ListReplicationSets", "ssm-incidents:ListResponsePlans", "ssm-incidents:ListTagsForResource", "ssm-incidents:ListTimelineEvents", "ssm-incidents:PutResourcePolicy", "ssm-incidents:StartIncident", "ssm-incidents:TagResource", "ssm-incidents:UntagResource", "ssm-incidents:UpdateDeletionProtection", "ssm-incidents:UpdateIncidentRecord", "ssm-incidents:UpdateRelatedItems", "ssm-incidents:UpdateReplicationSet", "ssm-incidents:UpdateResponsePlan", "ssm-incidents:UpdateTimelineEvent", "ssm-sap:BackupDatabase", "ssm-sap:DeleteResourcePermission", "ssm-sap:DeregisterApplication", "ssm-sap:GetApplication", "ssm-sap:GetComponent", "ssm-sap:GetDatabase", "ssm-sap:GetOperation", "ssm-sap:GetResourcePermission", "ssm-sap:ListApplications", "ssm-sap:ListComponents", "ssm-sap:ListDatabases", "ssm-sap:ListOperations", "ssm-sap:ListTagsForResource", "ssm-sap:PutResourcePermission", "ssm-sap:RegisterApplication", "ssm-sap:RestoreDatabase", "ssm-sap:StartApplicationRefresh", "ssm-sap:TagResource", "ssm-sap:UntagResource", "ssm-sap:UpdateApplicationSettings", "ssm-sap:UpdateHANABackupSettings", "ssmmessages:CreateControlChannel", "ssmmessages:CreateDataChannel", "ssmmessages:OpenControlChannel", "ssmmessages:OpenDataChannel", "sso:AssociateDirectory", "sso:AssociateProfile", "sso:AttachCustomerManagedPolicyReferenceToPermissionSet", "sso:AttachManagedPolicyToPermissionSet", "sso:CreateAccountAssignment", "sso:CreateApplication", "sso:CreateApplicationAssignment", "sso:CreateApplicationInstance", "sso:CreateApplicationInstanceCertificate", "sso:CreateInstance", "sso:CreateInstanceAccessControlAttributeConfiguration", "sso:CreateManagedApplicationInstance", "sso:CreatePermissionSet", "sso:CreateProfile", "sso:CreateTrust", "sso:CreateTrustedTokenIssuer", "sso:DeleteAccountAssignment", "sso:DeleteApplication", "sso:DeleteApplicationAccessScope", "sso:DeleteApplicationAssignment", "sso:DeleteApplicationAuthenticationMethod", "sso:DeleteApplicationGrant", "sso:DeleteApplicationInstance", "sso:DeleteApplicationInstanceCertificate", "sso:DeleteInlinePolicyFromPermissionSet", "sso:DeleteInstance", "sso:DeleteInstanceAccessControlAttributeConfiguration", "sso:DeleteManagedApplicationInstance", "sso:DeletePermissionSet", "sso:DeletePermissionsBoundaryFromPermissionSet", "sso:DeletePermissionsPolicy", "sso:DeleteProfile", "sso:DeleteTrustedTokenIssuer", "sso:DescribeAccountAssignmentCreationStatus", "sso:DescribeAccountAssignmentDeletionStatus", "sso:DescribeApplication", "sso:DescribeApplicationAssignment", "sso:DescribeApplicationProvider", "sso:DescribeDirectories", "sso:DescribeInstance", "sso:DescribeInstanceAccessControlAttributeConfiguration", "sso:DescribePermissionSet", "sso:DescribePermissionSetProvisioningStatus", "sso:DescribePermissionsPolicies", "sso:DescribeRegisteredRegions", "sso:DescribeTrustedTokenIssuer", "sso:DescribeTrusts", "sso:DetachCustomerManagedPolicyReferenceFromPermissionSet", "sso:DetachManagedPolicyFromPermissionSet", "sso:DisassociateDirectory", "sso:DisassociateProfile", "sso:GetApplicationAccessScope", "sso:GetApplicationAssignmentConfiguration", "sso:GetApplicationAuthenticationMethod", "sso:GetApplicationGrant", "sso:GetApplicationInstance", "sso:GetApplicationTemplate", "sso:GetInlinePolicyForPermissionSet", "sso:GetManagedApplicationInstance", "sso:GetMfaDeviceManagementForDirectory", "sso:GetPermissionSet", "sso:GetPermissionsBoundaryForPermissionSet", "sso:GetPermissionsPolicy", "sso:GetProfile", "sso:GetSSOStatus", "sso:GetSharedSsoConfiguration", "sso:GetSsoConfiguration", "sso:GetTrust", "sso:ImportApplicationInstanceServiceProviderMetadata", "sso:ListAccountAssignmentCreationStatus", "sso:ListAccountAssignmentDeletionStatus", "sso:ListAccountAssignments", "sso:ListAccountAssignmentsForPrincipal", "sso:ListAccountsForProvisionedPermissionSet", "sso:ListApplicationAccessScopes", "sso:ListApplicationAssignments", "sso:ListApplicationAssignmentsForPrincipal", "sso:ListApplicationAuthenticationMethods", "sso:ListApplicationGrants", "sso:ListApplicationInstanceCertificates", "sso:ListApplicationInstances", "sso:ListApplicationProviders", "sso:ListApplicationTemplates", "sso:ListApplications", "sso:ListCustomerManagedPolicyReferencesInPermissionSet", "sso:ListDirectoryAssociations", "sso:ListInstances", "sso:ListManagedPoliciesInPermissionSet", "sso:ListPermissionSetProvisioningStatus", "sso:ListPermissionSets", "sso:ListPermissionSetsProvisionedToAccount", "sso:ListProfileAssociations", "sso:ListProfiles", "sso:ListTagsForResource", "sso:ListTrustedTokenIssuers", "sso:ProvisionPermissionSet", "sso:PutApplicationAccessScope", "sso:PutApplicationAssignmentConfiguration", "sso:PutApplicationAuthenticationMethod", "sso:PutApplicationGrant", "sso:PutInlinePolicyToPermissionSet", "sso:PutMfaDeviceManagementForDirectory", "sso:PutPermissionsBoundaryToPermissionSet", "sso:PutPermissionsPolicy", "sso:SearchGroups", "sso:SearchUsers", "sso:StartSSO", "sso:TagResource", "sso:UntagResource", "sso:UpdateApplication", "sso:UpdateApplicationInstanceActiveCertificate", "sso:UpdateApplicationInstanceDisplayData", "sso:UpdateApplicationInstanceResponseConfiguration", "sso:UpdateApplicationInstanceResponseSchemaConfiguration", "sso:UpdateApplicationInstanceSecurityConfiguration", "sso:UpdateApplicationInstanceServiceProviderConfiguration", "sso:UpdateApplicationInstanceStatus", "sso:UpdateDirectoryAssociation", "sso:UpdateInstance", "sso:UpdateInstanceAccessControlAttributeConfiguration", "sso:UpdateManagedApplicationInstanceStatus", "sso:UpdatePermissionSet", "sso:UpdateProfile", "sso:UpdateSSOConfiguration", "sso:UpdateTrust", "sso:UpdateTrustedTokenIssuer", "sso-directory:AddMemberToGroup", "sso-directory:CompleteVirtualMfaDeviceRegistration", "sso-directory:CompleteWebAuthnDeviceRegistration", "sso-directory:CreateAlias", "sso-directory:CreateBearerToken", "sso-directory:CreateExternalIdPConfigurationForDirectory", "sso-directory:CreateGroup", "sso-directory:CreateProvisioningTenant", "sso-directory:CreateUser", "sso-directory:DeleteBearerToken", "sso-directory:DeleteExternalIdPCertificate", "sso-directory:DeleteExternalIdPConfigurationForDirectory", "sso-directory:DeleteGroup", "sso-directory:DeleteMfaDeviceForUser", "sso-directory:DeleteProvisioningTenant", "sso-directory:DeleteUser", "sso-directory:DescribeDirectory", "sso-directory:DescribeGroup", "sso-directory:DescribeGroups", "sso-directory:DescribeProvisioningTenant", "sso-directory:DescribeUser", "sso-directory:DescribeUserByUniqueAttribute", "sso-directory:DescribeUsers", "sso-directory:DisableExternalIdPConfigurationForDirectory", "sso-directory:DisableUser", "sso-directory:EnableExternalIdPConfigurationForDirectory", "sso-directory:EnableUser", "sso-directory:GetAWSSPConfigurationForDirectory", "sso-directory:GetUserPoolInfo", "sso-directory:ImportExternalIdPCertificate", "sso-directory:IsMemberInGroup", "sso-directory:ListBearerTokens", "sso-directory:ListExternalIdPCertificates", "sso-directory:ListExternalIdPConfigurationsForDirectory", "sso-directory:ListGroupsForMember", "sso-directory:ListGroupsForUser", "sso-directory:ListMembersInGroup", "sso-directory:ListMfaDevicesForUser", "sso-directory:ListProvisioningTenants", "sso-directory:RemoveMemberFromGroup", "sso-directory:SearchGroups", "sso-directory:SearchUsers", "sso-directory:StartVirtualMfaDeviceRegistration", "sso-directory:StartWebAuthnDeviceRegistration", "sso-directory:UpdateExternalIdPConfigurationForDirectory", "sso-directory:UpdateGroup", "sso-directory:UpdateGroupDisplayName", "sso-directory:UpdateMfaDeviceForUser", "sso-directory:UpdatePassword", "sso-directory:UpdateUser", "sso-directory:UpdateUserName", "sso-directory:VerifyEmail", "sso-oauth:CreateTokenWithIAM", "states:CreateActivity", "states:CreateStateMachine", "states:CreateStateMachineAlias", "states:DeleteActivity", "states:DeleteStateMachine", "states:DeleteStateMachineAlias", "states:DeleteStateMachineVersion", "states:DescribeActivity", "states:DescribeExecution", "states:DescribeMapRun", "states:DescribeStateMachine", "states:DescribeStateMachineAlias", "states:DescribeStateMachineForExecution", "states:GetActivityTask", "states:GetExecutionHistory", "states:InvokeHTTPEndpoint", "states:ListActivities", "states:ListExecutions", "states:ListMapRuns", "states:ListStateMachineAliases", "states:ListStateMachineVersions", "states:ListStateMachines", "states:ListTagsForResource", "states:PublishStateMachineVersion", "states:RedriveExecution", "states:RevealSecrets", "states:SendTaskFailure", "states:SendTaskHeartbeat", "states:SendTaskSuccess", "states:StartExecution", "states:StartSyncExecution", "states:StopExecution", "states:TagResource", "states:TestState", "states:UntagResource", "states:UpdateMapRun", "states:UpdateStateMachine", "states:UpdateStateMachineAlias", "states:ValidateStateMachineDefinition", "storagegateway:ActivateGateway", "storagegateway:AddCache", "storagegateway:AddTagsToResource", "storagegateway:AddUploadBuffer", "storagegateway:AddWorkingStorage", "storagegateway:AssignTapePool", "storagegateway:AssociateFileSystem", "storagegateway:AttachVolume", "storagegateway:BypassGovernanceRetention", "storagegateway:CancelArchival", "storagegateway:CancelRetrieval", "storagegateway:CreateCachediSCSIVolume", "storagegateway:CreateNFSFileShare", "storagegateway:CreateSMBFileShare", "storagegateway:CreateSnapshot", "storagegateway:CreateSnapshotFromVolumeRecoveryPoint", "storagegateway:CreateStorediSCSIVolume", "storagegateway:CreateTapePool", "storagegateway:CreateTapeWithBarcode", "storagegateway:CreateTapes", "storagegateway:DeleteAutomaticTapeCreationPolicy", "storagegateway:DeleteBandwidthRateLimit", "storagegateway:DeleteChapCredentials", "storagegateway:DeleteFileShare", "storagegateway:DeleteGateway", "storagegateway:DeleteSnapshotSchedule", "storagegateway:DeleteTape", "storagegateway:DeleteTapeArchive", "storagegateway:DeleteTapePool", "storagegateway:DeleteVolume", "storagegateway:DescribeAvailabilityMonitorTest", "storagegateway:DescribeBandwidthRateLimit", "storagegateway:DescribeBandwidthRateLimitSchedule", "storagegateway:DescribeCache", "storagegateway:DescribeCachediSCSIVolumes", "storagegateway:DescribeChapCredentials", "storagegateway:DescribeFileSystemAssociations", "storagegateway:DescribeGatewayInformation", "storagegateway:DescribeMaintenanceStartTime", "storagegateway:DescribeNFSFileShares", "storagegateway:DescribeSMBFileShares", "storagegateway:DescribeSMBSettings", "storagegateway:DescribeSnapshotSchedule", "storagegateway:DescribeStorediSCSIVolumes", "storagegateway:DescribeTapeArchives", "storagegateway:DescribeTapeRecoveryPoints", "storagegateway:DescribeTapes", "storagegateway:DescribeUploadBuffer", "storagegateway:DescribeVTLDevices", "storagegateway:DescribeWorkingStorage", "storagegateway:DetachVolume", "storagegateway:DisableGateway", "storagegateway:DisassociateFileSystem", "storagegateway:JoinDomain", "storagegateway:ListAutomaticTapeCreationPolicies", "storagegateway:ListFileShares", "storagegateway:ListFileSystemAssociations", "storagegateway:ListGateways", "storagegateway:ListLocalDisks", "storagegateway:ListTagsForResource", "storagegateway:ListTapePools", "storagegateway:ListTapes", "storagegateway:ListVolumeInitiators", "storagegateway:ListVolumeRecoveryPoints", "storagegateway:ListVolumes", "storagegateway:NotifyWhenUploaded", "storagegateway:RefreshCache", "storagegateway:RemoveTagsFromResource", "storagegateway:ResetCache", "storagegateway:RetrieveTapeArchive", "storagegateway:RetrieveTapeRecoveryPoint", "storagegateway:SetLocalConsolePassword", "storagegateway:SetSMBGuestPassword", "storagegateway:ShutdownGateway", "storagegateway:StartAvailabilityMonitorTest", "storagegateway:StartGateway", "storagegateway:UpdateAutomaticTapeCreationPolicy", "storagegateway:UpdateBandwidthRateLimit", "storagegateway:UpdateBandwidthRateLimitSchedule", "storagegateway:UpdateChapCredentials", "storagegateway:UpdateFileSystemAssociation", "storagegateway:UpdateGatewayInformation", "storagegateway:UpdateGatewaySoftwareNow", "storagegateway:UpdateMaintenanceStartTime", "storagegateway:UpdateNFSFileShare", "storagegateway:UpdateSMBFileShare", "storagegateway:UpdateSMBFileShareVisibility", "storagegateway:UpdateSMBLocalGroups", "storagegateway:UpdateSMBSecurityStrategy", "storagegateway:UpdateSnapshotSchedule", "storagegateway:UpdateVTLDeviceType", "sts:AssumeRole", "sts:AssumeRoleWithSAML", "sts:AssumeRoleWithWebIdentity", "sts:DecodeAuthorizationMessage", "sts:GetAccessKeyInfo", "sts:GetCallerIdentity", "sts:GetFederationToken", "sts:GetServiceBearerToken", "sts:GetSessionToken", "sts:SetContext", "sts:SetSourceIdentity", "sts:TagSession", "support:AddAttachmentsToSet", "support:AddCommunicationToCase", "support:CreateCase", "support:DescribeAttachment", "support:DescribeCaseAttributes", "support:DescribeCases", "support:DescribeCommunication", "support:DescribeCommunications", "support:DescribeCreateCaseOptions", "support:DescribeIssueTypes", "support:DescribeServices", "support:DescribeSeverityLevels", "support:DescribeSupportLevel", "support:DescribeSupportedLanguages", "support:DescribeTrustedAdvisorCheckRefreshStatuses", "support:DescribeTrustedAdvisorCheckResult", "support:DescribeTrustedAdvisorCheckSummaries", "support:DescribeTrustedAdvisorChecks", "support:InitiateCallForCase", "support:InitiateChatForCase", "support:PutCaseAttributes", "support:RateCaseCommunication", "support:RefreshTrustedAdvisorCheck", "support:ResolveCase", "support:SearchForCases", "supportapp:CreateSlackChannelConfiguration", "supportapp:DeleteAccountAlias", "supportapp:DeleteSlackChannelConfiguration", "supportapp:DeleteSlackWorkspaceConfiguration", "supportapp:DescribeSlackChannels", "supportapp:GetAccountAlias", "supportapp:GetSlackOauthParameters", "supportapp:ListSlackChannelConfigurations", "supportapp:ListSlackWorkspaceConfigurations", "supportapp:PutAccountAlias", "supportapp:RedeemSlackOauthCode", "supportapp:RegisterSlackWorkspaceForOrganization", "supportapp:UpdateSlackChannelConfiguration", "supportplans:CreateSupportPlanSchedule", "supportplans:GetSupportPlan", "supportplans:GetSupportPlanUpdateStatus", "supportplans:StartSupportPlanUpdate", "sustainability:GetCarbonFootprintSummary", "swf:CancelTimer", "swf:CancelWorkflowExecution", "swf:CompleteWorkflowExecution", "swf:ContinueAsNewWorkflowExecution", "swf:CountClosedWorkflowExecutions", "swf:CountOpenWorkflowExecutions", "swf:CountPendingActivityTasks", "swf:CountPendingDecisionTasks", "swf:DeprecateActivityType", "swf:DeprecateDomain", "swf:DeprecateWorkflowType", "swf:DescribeActivityType", "swf:DescribeDomain", "swf:DescribeWorkflowExecution", "swf:DescribeWorkflowType", "swf:FailWorkflowExecution", "swf:GetWorkflowExecutionHistory", "swf:ListActivityTypes", "swf:ListClosedWorkflowExecutions", "swf:ListDomains", "swf:ListOpenWorkflowExecutions", "swf:ListTagsForResource", "swf:ListWorkflowTypes", "swf:PollForActivityTask", "swf:PollForDecisionTask", "swf:RecordActivityTaskHeartbeat", "swf:RecordMarker", "swf:RegisterActivityType", "swf:RegisterDomain", "swf:RegisterWorkflowType", "swf:RequestCancelActivityTask", "swf:RequestCancelExternalWorkflowExecution", "swf:RequestCancelWorkflowExecution", "swf:RespondActivityTaskCanceled", "swf:RespondActivityTaskCompleted", "swf:RespondActivityTaskFailed", "swf:RespondDecisionTaskCompleted", "swf:ScheduleActivityTask", "swf:SignalExternalWorkflowExecution", "swf:SignalWorkflowExecution", "swf:StartChildWorkflowExecution", "swf:StartTimer", "swf:StartWorkflowExecution", "swf:TagResource", "swf:TerminateWorkflowExecution", "swf:UndeprecateActivityType", "swf:UndeprecateDomain", "swf:UndeprecateWorkflowType", "swf:UntagResource", "synthetics:AssociateResource", "synthetics:CreateCanary", "synthetics:CreateGroup", "synthetics:DeleteCanary", "synthetics:DeleteGroup", "synthetics:DescribeCanaries", "synthetics:DescribeCanariesLastRun", "synthetics:DescribeRuntimeVersions", "synthetics:DisassociateResource", "synthetics:GetCanary", "synthetics:GetCanaryRuns", "synthetics:GetGroup", "synthetics:ListAssociatedGroups", "synthetics:ListGroupResources", "synthetics:ListGroups", "synthetics:ListTagsForResource", "synthetics:StartCanary", "synthetics:StopCanary", "synthetics:TagResource", "synthetics:UntagResource", "synthetics:UpdateCanary", "tag:DescribeReportCreation", "tag:GetComplianceSummary", "tag:GetResources", "tag:GetTagKeys", "tag:GetTagValues", "tag:StartReportCreation", "tag:TagResources", "tag:UntagResources", "tax:BatchPutTaxRegistration", "tax:DeleteTaxRegistration", "tax:GetExemptions", "tax:GetTaxInfoReportingDocument", "tax:GetTaxInheritance", "tax:GetTaxInterview", "tax:GetTaxRegistration", "tax:GetTaxRegistrationDocument", "tax:ListTaxRegistrations", "tax:PutTaxInheritance", "tax:PutTaxInterview", "tax:PutTaxRegistration", "tax:UpdateExemptions", "textract:AnalyzeDocument", "textract:AnalyzeExpense", "textract:AnalyzeID", "textract:CreateAdapter", "textract:CreateAdapterVersion", "textract:DeleteAdapter", "textract:DeleteAdapterVersion", "textract:DetectDocumentText", "textract:GetAdapter", "textract:GetAdapterVersion", "textract:GetDocumentAnalysis", "textract:GetDocumentTextDetection", "textract:GetExpenseAnalysis", "textract:GetLendingAnalysis", "textract:GetLendingAnalysisSummary", "textract:ListAdapterVersions", "textract:ListAdapters", "textract:ListTagsForResource", "textract:StartDocumentAnalysis", "textract:StartDocumentTextDetection", "textract:StartExpenseAnalysis", "textract:StartLendingAnalysis", "textract:TagResource", "textract:UntagResource", "textract:UpdateAdapter", "thinclient:CreateEnvironment", "thinclient:DeleteDevice", "thinclient:DeleteEnvironment", "thinclient:DeregisterDevice", "thinclient:GetDevice", "thinclient:GetEnvironment", "thinclient:GetSoftwareSet", "thinclient:ListDeviceSessions", "thinclient:ListDevices", "thinclient:ListEnvironments", "thinclient:ListSoftwareSets", "thinclient:ListTagsForResource", "thinclient:TagResource", "thinclient:UntagResource", "thinclient:UpdateDevice", "thinclient:UpdateEnvironment", "thinclient:UpdateSoftwareSet", "timestream:CancelQuery", "timestream:CreateBatchLoadTask", "timestream:CreateDatabase", "timestream:CreateScheduledQuery", "timestream:CreateTable", "timestream:DeleteDatabase", "timestream:DeleteScheduledQuery", "timestream:DeleteTable", "timestream:DescribeBatchLoadTask", "timestream:DescribeDatabase", "timestream:DescribeEndpoints", "timestream:DescribeScheduledQuery", "timestream:DescribeTable", "timestream:ExecuteScheduledQuery", "timestream:GetAwsBackupStatus", "timestream:GetAwsRestoreStatus", "timestream:ListBatchLoadTasks", "timestream:ListDatabases", "timestream:ListMeasures", "timestream:ListScheduledQueries", "timestream:ListTables", "timestream:ListTagsForResource", "timestream:PrepareQuery", "timestream:ResumeBatchLoadTask", "timestream:Select", "timestream:SelectValues", "timestream:StartAwsBackupJob", "timestream:StartAwsRestoreJob", "timestream:TagResource", "timestream:Unload", "timestream:UntagResource", "timestream:UpdateDatabase", "timestream:UpdateScheduledQuery", "timestream:UpdateTable", "timestream:WriteRecords", "timestream-influxdb:CreateDbInstance", "timestream-influxdb:CreateDbParameterGroup", "timestream-influxdb:DeleteDbInstance", "timestream-influxdb:GetDbInstance", "timestream-influxdb:GetDbParameterGroup", "timestream-influxdb:ListDbInstances", "timestream-influxdb:ListDbParameterGroups", "timestream-influxdb:ListTagsForResource", "timestream-influxdb:TagResource", "timestream-influxdb:UntagResource", "timestream-influxdb:UpdateDbInstance", "tiros:CreateQuery", "tiros:ExtendQuery", "tiros:GetQueryAnswer", "tiros:GetQueryExplanation", "tiros:GetQueryExtensionAccounts", "tnb:CancelSolNetworkOperation", "tnb:CreateSolFunctionPackage", "tnb:CreateSolNetworkInstance", "tnb:CreateSolNetworkPackage", "tnb:DeleteSolFunctionPackage", "tnb:DeleteSolNetworkInstance", "tnb:DeleteSolNetworkPackage", "tnb:GetSolFunctionInstance", "tnb:GetSolFunctionPackage", "tnb:GetSolFunctionPackageContent", "tnb:GetSolFunctionPackageDescriptor", "tnb:GetSolNetworkInstance", "tnb:GetSolNetworkOperation", "tnb:GetSolNetworkPackage", "tnb:GetSolNetworkPackageContent", "tnb:GetSolNetworkPackageDescriptor", "tnb:InstantiateSolNetworkInstance", "tnb:ListSolFunctionInstances", "tnb:ListSolFunctionPackages", "tnb:ListSolNetworkInstances", "tnb:ListSolNetworkOperations", "tnb:ListSolNetworkPackages", "tnb:ListTagsForResource", "tnb:PutSolFunctionPackageContent", "tnb:PutSolNetworkPackageContent", "tnb:TagResource", "tnb:TerminateSolNetworkInstance", "tnb:UntagResource", "tnb:UpdateSolFunctionPackage", "tnb:UpdateSolNetworkInstance", "tnb:UpdateSolNetworkPackage", "tnb:ValidateSolFunctionPackageContent", "tnb:ValidateSolNetworkPackageContent", "transcribe:CreateCallAnalyticsCategory", "transcribe:CreateLanguageModel", "transcribe:CreateMedicalVocabulary", "transcribe:CreateVocabulary", "transcribe:CreateVocabularyFilter", "transcribe:DeleteCallAnalyticsCategory", "transcribe:DeleteCallAnalyticsJob", "transcribe:DeleteLanguageModel", "transcribe:DeleteMedicalScribeJob", "transcribe:DeleteMedicalTranscriptionJob", "transcribe:DeleteMedicalVocabulary", "transcribe:DeleteTranscriptionJob", "transcribe:DeleteVocabulary", "transcribe:DeleteVocabularyFilter", "transcribe:DescribeLanguageModel", "transcribe:GetCallAnalyticsCategory", "transcribe:GetCallAnalyticsJob", "transcribe:GetMedicalScribeJob", "transcribe:GetMedicalTranscriptionJob", "transcribe:GetMedicalVocabulary", "transcribe:GetTranscriptionJob", "transcribe:GetVocabulary", "transcribe:GetVocabularyFilter", "transcribe:ListCallAnalyticsCategories", "transcribe:ListCallAnalyticsJobs", "transcribe:ListLanguageModels", "transcribe:ListMedicalScribeJobs", "transcribe:ListMedicalTranscriptionJobs", "transcribe:ListMedicalVocabularies", "transcribe:ListTagsForResource", "transcribe:ListTranscriptionJobs", "transcribe:ListVocabularies", "transcribe:ListVocabularyFilters", "transcribe:StartCallAnalyticsJob", "transcribe:StartCallAnalyticsStreamTranscription", "transcribe:StartCallAnalyticsStreamTranscriptionWebSocket", "transcribe:StartMedicalScribeJob", "transcribe:StartMedicalStreamTranscription", "transcribe:StartMedicalStreamTranscriptionWebSocket", "transcribe:StartMedicalTranscriptionJob", "transcribe:StartStreamTranscription", "transcribe:StartStreamTranscriptionWebSocket", "transcribe:StartTranscriptionJob", "transcribe:TagResource", "transcribe:UntagResource", "transcribe:UpdateCallAnalyticsCategory", "transcribe:UpdateMedicalVocabulary", "transcribe:UpdateVocabulary", "transcribe:UpdateVocabularyFilter", "transfer:CreateAccess", "transfer:CreateAgreement", "transfer:CreateConnector", "transfer:CreateProfile", "transfer:CreateServer", "transfer:CreateUser", "transfer:CreateWorkflow", "transfer:DeleteAccess", "transfer:DeleteAgreement", "transfer:DeleteCertificate", "transfer:DeleteConnector", "transfer:DeleteHostKey", "transfer:DeleteProfile", "transfer:DeleteServer", "transfer:DeleteSshPublicKey", "transfer:DeleteUser", "transfer:DeleteWorkflow", "transfer:DescribeAccess", "transfer:DescribeAgreement", "transfer:DescribeCertificate", "transfer:DescribeConnector", "transfer:DescribeExecution", "transfer:DescribeHostKey", "transfer:DescribeProfile", "transfer:DescribeSecurityPolicy", "transfer:DescribeServer", "transfer:DescribeUser", "transfer:DescribeWorkflow", "transfer:ImportCertificate", "transfer:ImportHostKey", "transfer:ImportSshPublicKey", "transfer:ListAccesses", "transfer:ListAgreements", "transfer:ListCertificates", "transfer:ListConnectors", "transfer:ListExecutions", "transfer:ListHostKeys", "transfer:ListProfiles", "transfer:ListSecurityPolicies", "transfer:ListServers", "transfer:ListTagsForResource", "transfer:ListUsers", "transfer:ListWorkflows", "transfer:SendWorkflowStepState", "transfer:StartFileTransfer", "transfer:StartServer", "transfer:StopServer", "transfer:TagResource", "transfer:TestConnection", "transfer:TestIdentityProvider", "transfer:UntagResource", "transfer:UpdateAccess", "transfer:UpdateAgreement", "transfer:UpdateCertificate", "transfer:UpdateConnector", "transfer:UpdateHostKey", "transfer:UpdateProfile", "transfer:UpdateServer", "transfer:UpdateUser", "translate:CreateParallelData", "translate:DeleteParallelData", "translate:DeleteTerminology", "translate:DescribeTextTranslationJob", "translate:GetParallelData", "translate:GetTerminology", "translate:ImportTerminology", "translate:ListLanguages", "translate:ListParallelData", "translate:ListTagsForResource", "translate:ListTerminologies", "translate:ListTextTranslationJobs", "translate:StartTextTranslationJob", "translate:StopTextTranslationJob", "translate:TagResource", "translate:TranslateDocument", "translate:TranslateText", "translate:UntagResource", "translate:UpdateParallelData", "trustedadvisor:CreateEngagement", "trustedadvisor:CreateEngagementAttachment", "trustedadvisor:CreateEngagementCommunication", "trustedadvisor:DeleteNotificationConfigurationForDelegatedAdmin", "trustedadvisor:DescribeAccount", "trustedadvisor:DescribeAccountAccess", "trustedadvisor:DescribeCheckItems", "trustedadvisor:DescribeCheckRefreshStatuses", "trustedadvisor:DescribeCheckStatusHistoryChanges", "trustedadvisor:DescribeCheckSummaries", "trustedadvisor:DescribeChecks", "trustedadvisor:DescribeNotificationConfigurations", "trustedadvisor:DescribeNotificationPreferences", "trustedadvisor:DescribeOrganization", "trustedadvisor:DescribeOrganizationAccounts", "trustedadvisor:DescribeReports", "trustedadvisor:DescribeRisk", "trustedadvisor:DescribeRiskResources", "trustedadvisor:DescribeRisks", "trustedadvisor:DescribeServiceMetadata", "trustedadvisor:DownloadRisk", "trustedadvisor:ExcludeCheckItems", "trustedadvisor:GenerateReport", "trustedadvisor:GetEngagement", "trustedadvisor:GetEngagementAttachment", "trustedadvisor:GetEngagementType", "trustedadvisor:GetOrganizationRecommendation", "trustedadvisor:GetRecommendation", "trustedadvisor:IncludeCheckItems", "trustedadvisor:ListAccountsForParent", "trustedadvisor:ListChecks", "trustedadvisor:ListEngagementCommunications", "trustedadvisor:ListEngagementTypes", "trustedadvisor:ListEngagements", "trustedadvisor:ListOrganizationRecommendationAccounts", "trustedadvisor:ListOrganizationRecommendationResources", "trustedadvisor:ListOrganizationRecommendations", "trustedadvisor:ListOrganizationalUnitsForParent", "trustedadvisor:ListRecommendationResources", "trustedadvisor:ListRecommendations", "trustedadvisor:ListRoots", "trustedadvisor:RefreshCheck", "trustedadvisor:SetAccountAccess", "trustedadvisor:SetOrganizationAccess", "trustedadvisor:UpdateEngagement", "trustedadvisor:UpdateEngagementStatus", "trustedadvisor:UpdateNotificationConfigurations", "trustedadvisor:UpdateNotificationPreferences", "trustedadvisor:UpdateOrganizationRecommendationLifecycle", "trustedadvisor:UpdateRecommendationLifecycle", "trustedadvisor:UpdateRiskStatus", "ts:GetExecution", "ts:GetExecutionOutput", "ts:GetTool", "ts:ListExecutions", "ts:ListTagsForResource", "ts:ListTools", "ts:StartExecution", "ts:TagResource", "ts:UntagResource", "vendor-insights:ActivateSecurityProfile", "vendor-insights:AssociateDataSource", "vendor-insights:CreateDataSource", "vendor-insights:CreateSecurityProfile", "vendor-insights:DeactivateSecurityProfile", "vendor-insights:DeleteDataSource", "vendor-insights:DisassociateDataSource", "vendor-insights:GetDataSource", "vendor-insights:GetEntitledSecurityProfileSnapshot", "vendor-insights:GetProfileAccessTerms", "vendor-insights:GetSecurityProfile", "vendor-insights:GetSecurityProfileSnapshot", "vendor-insights:ListDataSources", "vendor-insights:ListEntitledSecurityProfileSnapshots", "vendor-insights:ListEntitledSecurityProfiles", "vendor-insights:ListSecurityProfileSnapshots", "vendor-insights:ListSecurityProfiles", "vendor-insights:ListTagsForResource", "vendor-insights:TagResource", "vendor-insights:UntagResource", "vendor-insights:UpdateDataSource", "vendor-insights:UpdateSecurityProfile", "vendor-insights:UpdateSecurityProfileSnapshotCreationConfiguration", "vendor-insights:UpdateSecurityProfileSnapshotReleaseConfiguration", "verified-access:AllowVerifiedAccess", "verifiedpermissions:CreateIdentitySource", "verifiedpermissions:CreatePolicy", "verifiedpermissions:CreatePolicyStore", "verifiedpermissions:CreatePolicyTemplate", "verifiedpermissions:DeleteIdentitySource", "verifiedpermissions:DeletePolicy", "verifiedpermissions:DeletePolicyStore", "verifiedpermissions:DeletePolicyTemplate", "verifiedpermissions:GetIdentitySource", "verifiedpermissions:GetPolicy", "verifiedpermissions:GetPolicyStore", "verifiedpermissions:GetPolicyTemplate", "verifiedpermissions:GetSchema", "verifiedpermissions:IsAuthorized", "verifiedpermissions:IsAuthorizedWithToken", "verifiedpermissions:ListIdentitySources", "verifiedpermissions:ListPolicies", "verifiedpermissions:ListPolicyStores", "verifiedpermissions:ListPolicyTemplates", "verifiedpermissions:PutSchema", "verifiedpermissions:UpdateIdentitySource", "verifiedpermissions:UpdatePolicy", "verifiedpermissions:UpdatePolicyStore", "verifiedpermissions:UpdatePolicyTemplate", "verifiedpermissions:isauthorized", "voiceid:AssociateFraudster", "voiceid:CreateDomain", "voiceid:CreateWatchlist", "voiceid:DeleteDomain", "voiceid:DeleteFraudster", "voiceid:DeleteSpeaker", "voiceid:DeleteWatchlist", "voiceid:DescribeComplianceConsent", "voiceid:DescribeDomain", "voiceid:DescribeFraudster", "voiceid:DescribeFraudsterRegistrationJob", "voiceid:DescribeSpeaker", "voiceid:DescribeSpeakerEnrollmentJob", "voiceid:DescribeWatchlist", "voiceid:DisassociateFraudster", "voiceid:EvaluateSession", "voiceid:ListDomains", "voiceid:ListFraudsterRegistrationJobs", "voiceid:ListFraudsters", "voiceid:ListSpeakerEnrollmentJobs", "voiceid:ListSpeakers", "voiceid:ListTagsForResource", "voiceid:ListWatchlists", "voiceid:OptOutSpeaker", "voiceid:RegisterComplianceConsent", "voiceid:StartFraudsterRegistrationJob", "voiceid:StartSpeakerEnrollmentJob", "voiceid:TagResource", "voiceid:UntagResource", "voiceid:UpdateDomain", "voiceid:UpdateWatchlist", "vpc-lattice:CreateAccessLogSubscription", "vpc-lattice:CreateListener", "vpc-lattice:CreateRule", "vpc-lattice:CreateService", "vpc-lattice:CreateServiceNetwork", "vpc-lattice:CreateServiceNetworkServiceAssociation", "vpc-lattice:CreateServiceNetworkVpcAssociation", "vpc-lattice:CreateTargetGroup", "vpc-lattice:DeleteAccessLogSubscription", "vpc-lattice:DeleteAuthPolicy", "vpc-lattice:DeleteListener", "vpc-lattice:DeleteResourcePolicy", "vpc-lattice:DeleteRule", "vpc-lattice:DeleteService", "vpc-lattice:DeleteServiceNetwork", "vpc-lattice:DeleteServiceNetworkServiceAssociation", "vpc-lattice:DeleteServiceNetworkVpcAssociation", "vpc-lattice:DeleteTargetGroup", "vpc-lattice:DeregisterTargets", "vpc-lattice:GetAccessLogSubscription", "vpc-lattice:GetAuthPolicy", "vpc-lattice:GetListener", "vpc-lattice:GetResourcePolicy", "vpc-lattice:GetRule", "vpc-lattice:GetService", "vpc-lattice:GetServiceNetwork", "vpc-lattice:GetServiceNetworkServiceAssociation", "vpc-lattice:GetServiceNetworkVpcAssociation", "vpc-lattice:GetTargetGroup", "vpc-lattice:ListAccessLogSubscriptions", "vpc-lattice:ListListeners", "vpc-lattice:ListRules", "vpc-lattice:ListServiceNetworkServiceAssociations", "vpc-lattice:ListServiceNetworkVpcAssociations", "vpc-lattice:ListServiceNetworks", "vpc-lattice:ListServices", "vpc-lattice:ListTagsForResource", "vpc-lattice:ListTargetGroups", "vpc-lattice:ListTargets", "vpc-lattice:PutAuthPolicy", "vpc-lattice:PutResourcePolicy", "vpc-lattice:RegisterTargets", "vpc-lattice:TagResource", "vpc-lattice:UntagResource", "vpc-lattice:UpdateAccessLogSubscription", "vpc-lattice:UpdateListener", "vpc-lattice:UpdateRule", "vpc-lattice:UpdateService", "vpc-lattice:UpdateServiceNetwork", "vpc-lattice:UpdateServiceNetworkVpcAssociation", "vpc-lattice:UpdateTargetGroup", "vpc-lattice-svcs:Invoke", "waf:CreateByteMatchSet", "waf:CreateGeoMatchSet", "waf:CreateIPSet", "waf:CreateRateBasedRule", "waf:CreateRegexMatchSet", "waf:CreateRegexPatternSet", "waf:CreateRule", "waf:CreateRuleGroup", "waf:CreateSizeConstraintSet", "waf:CreateSqlInjectionMatchSet", "waf:CreateWebACL", "waf:CreateWebACLMigrationStack", "waf:CreateXssMatchSet", "waf:DeleteByteMatchSet", "waf:DeleteGeoMatchSet", "waf:DeleteIPSet", "waf:DeleteLoggingConfiguration", "waf:DeletePermissionPolicy", "waf:DeleteRateBasedRule", "waf:DeleteRegexMatchSet", "waf:DeleteRegexPatternSet", "waf:DeleteRule", "waf:DeleteRuleGroup", "waf:DeleteSizeConstraintSet", "waf:DeleteSqlInjectionMatchSet", "waf:DeleteWebACL", "waf:DeleteXssMatchSet", "waf:GetByteMatchSet", "waf:GetChangeToken", "waf:GetChangeTokenStatus", "waf:GetGeoMatchSet", "waf:GetIPSet", "waf:GetLoggingConfiguration", "waf:GetPermissionPolicy", "waf:GetRateBasedRule", "waf:GetRateBasedRuleManagedKeys", "waf:GetRegexMatchSet", "waf:GetRegexPatternSet", "waf:GetRule", "waf:GetRuleGroup", "waf:GetSampledRequests", "waf:GetSizeConstraintSet", "waf:GetSqlInjectionMatchSet", "waf:GetWebACL", "waf:GetXssMatchSet", "waf:ListActivatedRulesInRuleGroup", "waf:ListByteMatchSets", "waf:ListGeoMatchSets", "waf:ListIPSets", "waf:ListLoggingConfigurations", "waf:ListRateBasedRules", "waf:ListRegexMatchSets", "waf:ListRegexPatternSets", "waf:ListRuleGroups", "waf:ListRules", "waf:ListSizeConstraintSets", "waf:ListSqlInjectionMatchSets", "waf:ListSubscribedRuleGroups", "waf:ListTagsForResource", "waf:ListWebACLs", "waf:ListXssMatchSets", "waf:PutLoggingConfiguration", "waf:PutPermissionPolicy", "waf:TagResource", "waf:UntagResource", "waf:UpdateByteMatchSet", "waf:UpdateGeoMatchSet", "waf:UpdateIPSet", "waf:UpdateRateBasedRule", "waf:UpdateRegexMatchSet", "waf:UpdateRegexPatternSet", "waf:UpdateRule", "waf:UpdateRuleGroup", "waf:UpdateSizeConstraintSet", "waf:UpdateSqlInjectionMatchSet", "waf:UpdateWebACL", "waf:UpdateXssMatchSet", "waf-regional:AssociateWebACL", "waf-regional:CreateByteMatchSet", "waf-regional:CreateGeoMatchSet", "waf-regional:CreateIPSet", "waf-regional:CreateRateBasedRule", "waf-regional:CreateRegexMatchSet", "waf-regional:CreateRegexPatternSet", "waf-regional:CreateRule", "waf-regional:CreateRuleGroup", "waf-regional:CreateSizeConstraintSet", "waf-regional:CreateSqlInjectionMatchSet", "waf-regional:CreateWebACL", "waf-regional:CreateWebACLMigrationStack", "waf-regional:CreateXssMatchSet", "waf-regional:DeleteByteMatchSet", "waf-regional:DeleteGeoMatchSet", "waf-regional:DeleteIPSet", "waf-regional:DeleteLoggingConfiguration", "waf-regional:DeletePermissionPolicy", "waf-regional:DeleteRateBasedRule", "waf-regional:DeleteRegexMatchSet", "waf-regional:DeleteRegexPatternSet", "waf-regional:DeleteRule", "waf-regional:DeleteRuleGroup", "waf-regional:DeleteSizeConstraintSet", "waf-regional:DeleteSqlInjectionMatchSet", "waf-regional:DeleteWebACL", "waf-regional:DeleteXssMatchSet", "waf-regional:DisassociateWebACL", "waf-regional:GetByteMatchSet", "waf-regional:GetChangeToken", "waf-regional:GetChangeTokenStatus", "waf-regional:GetGeoMatchSet", "waf-regional:GetIPSet", "waf-regional:GetLoggingConfiguration", "waf-regional:GetPermissionPolicy", "waf-regional:GetRateBasedRule", "waf-regional:GetRateBasedRuleManagedKeys", "waf-regional:GetRegexMatchSet", "waf-regional:GetRegexPatternSet", "waf-regional:GetRule", "waf-regional:GetRuleGroup", "waf-regional:GetSampledRequests", "waf-regional:GetSizeConstraintSet", "waf-regional:GetSqlInjectionMatchSet", "waf-regional:GetWebACL", "waf-regional:GetWebACLForResource", "waf-regional:GetXssMatchSet", "waf-regional:ListActivatedRulesInRuleGroup", "waf-regional:ListByteMatchSets", "waf-regional:ListGeoMatchSets", "waf-regional:ListIPSets", "waf-regional:ListLoggingConfigurations", "waf-regional:ListRateBasedRules", "waf-regional:ListRegexMatchSets", "waf-regional:ListRegexPatternSets", "waf-regional:ListResourcesForWebACL", "waf-regional:ListRuleGroups", "waf-regional:ListRules", "waf-regional:ListSizeConstraintSets", "waf-regional:ListSqlInjectionMatchSets", "waf-regional:ListSubscribedRuleGroups", "waf-regional:ListTagsForResource", "waf-regional:ListWebACLs", "waf-regional:ListXssMatchSets", "waf-regional:PutLoggingConfiguration", "waf-regional:PutPermissionPolicy", "waf-regional:TagResource", "waf-regional:UntagResource", "waf-regional:UpdateByteMatchSet", "waf-regional:UpdateGeoMatchSet", "waf-regional:UpdateIPSet", "waf-regional:UpdateRateBasedRule", "waf-regional:UpdateRegexMatchSet", "waf-regional:UpdateRegexPatternSet", "waf-regional:UpdateRule", "waf-regional:UpdateRuleGroup", "waf-regional:UpdateSizeConstraintSet", "waf-regional:UpdateSqlInjectionMatchSet", "waf-regional:UpdateWebACL", "waf-regional:UpdateXssMatchSet", "wafv2:AssociateWebACL", "wafv2:CheckCapacity", "wafv2:CreateAPIKey", "wafv2:CreateIPSet", "wafv2:CreateRegexPatternSet", "wafv2:CreateRuleGroup", "wafv2:CreateWebACL", "wafv2:DeleteAPIKey", "wafv2:DeleteFirewallManagerRuleGroups", "wafv2:DeleteIPSet", "wafv2:DeleteLoggingConfiguration", "wafv2:DeletePermissionPolicy", "wafv2:DeleteRegexPatternSet", "wafv2:DeleteRuleGroup", "wafv2:DeleteWebACL", "wafv2:DescribeAllManagedProducts", "wafv2:DescribeManagedProductsByVendor", "wafv2:DescribeManagedRuleGroup", "wafv2:DisassociateFirewallManager", "wafv2:DisassociateWebACL", "wafv2:GenerateMobileSdkReleaseUrl", "wafv2:GetDecryptedAPIKey", "wafv2:GetIPSet", "wafv2:GetLoggingConfiguration", "wafv2:GetManagedRuleSet", "wafv2:GetMobileSdkRelease", "wafv2:GetPermissionPolicy", "wafv2:GetRateBasedStatementManagedKeys", "wafv2:GetRegexPatternSet", "wafv2:GetRuleGroup", "wafv2:GetSampledRequests", "wafv2:GetWebACL", "wafv2:GetWebACLForResource", "wafv2:ListAPIKeys", "wafv2:ListAvailableManagedRuleGroupVersions", "wafv2:ListAvailableManagedRuleGroups", "wafv2:ListIPSets", "wafv2:ListLoggingConfigurations", "wafv2:ListManagedRuleSets", "wafv2:ListMobileSdkReleases", "wafv2:ListRegexPatternSets", "wafv2:ListResourcesForWebACL", "wafv2:ListRuleGroups", "wafv2:ListTagsForResource", "wafv2:ListWebACLs", "wafv2:PutFirewallManagerRuleGroups", "wafv2:PutLoggingConfiguration", "wafv2:PutManagedRuleSetVersions", "wafv2:PutPermissionPolicy", "wafv2:TagResource", "wafv2:UntagResource", "wafv2:UpdateIPSet", "wafv2:UpdateManagedRuleSetVersionExpiryDate", "wafv2:UpdateRegexPatternSet", "wafv2:UpdateRuleGroup", "wafv2:UpdateWebACL", "wam:AuthenticatePackager", "wellarchitected:AssociateLenses", "wellarchitected:AssociateProfiles", "wellarchitected:ConfigureIntegration", "wellarchitected:CreateLensShare", "wellarchitected:CreateLensVersion", "wellarchitected:CreateMilestone", "wellarchitected:CreateProfile", "wellarchitected:CreateProfileShare", "wellarchitected:CreateReviewTemplate", "wellarchitected:CreateTemplateShare", "wellarchitected:CreateWorkload", "wellarchitected:CreateWorkloadShare", "wellarchitected:DeleteLens", "wellarchitected:DeleteLensShare", "wellarchitected:DeleteProfile", "wellarchitected:DeleteProfileShare", "wellarchitected:DeleteReviewTemplate", "wellarchitected:DeleteTemplateShare", "wellarchitected:DeleteWorkload", "wellarchitected:DeleteWorkloadShare", "wellarchitected:DisassociateLenses", "wellarchitected:DisassociateProfiles", "wellarchitected:ExportLens", "wellarchitected:GetAnswer", "wellarchitected:GetConsolidatedReport", "wellarchitected:GetGlobalSettings", "wellarchitected:GetLens", "wellarchitected:GetLensReview", "wellarchitected:GetLensReviewReport", "wellarchitected:GetLensVersionDifference", "wellarchitected:GetMilestone", "wellarchitected:GetProfile", "wellarchitected:GetProfileTemplate", "wellarchitected:GetReviewTemplate", "wellarchitected:GetReviewTemplateAnswer", "wellarchitected:GetReviewTemplateLensReview", "wellarchitected:GetWorkload", "wellarchitected:ImportLens", "wellarchitected:ListAnswers", "wellarchitected:ListCheckDetails", "wellarchitected:ListCheckSummaries", "wellarchitected:ListLensReviewImprovements", "wellarchitected:ListLensReviews", "wellarchitected:ListLensShares", "wellarchitected:ListLenses", "wellarchitected:ListMilestones", "wellarchitected:ListNotifications", "wellarchitected:ListProfileNotifications", "wellarchitected:ListProfileShares", "wellarchitected:ListProfiles", "wellarchitected:ListReviewTemplateAnswers", "wellarchitected:ListReviewTemplates", "wellarchitected:ListShareInvitations", "wellarchitected:ListTagsForResource", "wellarchitected:ListTemplateShares", "wellarchitected:ListWorkloadShares", "wellarchitected:ListWorkloads", "wellarchitected:TagResource", "wellarchitected:UntagResource", "wellarchitected:UpdateAnswer", "wellarchitected:UpdateGlobalSettings", "wellarchitected:UpdateIntegration", "wellarchitected:UpdateLensReview", "wellarchitected:UpdateProfile", "wellarchitected:UpdateReviewTemplate", "wellarchitected:UpdateReviewTemplateAnswer", "wellarchitected:UpdateReviewTemplateLensReview", "wellarchitected:UpdateShareInvitation", "wellarchitected:UpdateWorkload", "wellarchitected:UpdateWorkloadShare", "wellarchitected:UpgradeLensReview", "wellarchitected:UpgradeProfileVersion", "wellarchitected:UpgradeReviewTemplateLensReview", "wickr:CreateAdminSession", "wickr:CreateNetwork", "wickr:ListNetworks", "wickr:ListTagsForResource", "wickr:TagResource", "wickr:UntagResource", "wickr:UpdateNetworkDetails", "wisdom:CreateAssistant", "wisdom:CreateAssistantAssociation", "wisdom:CreateContent", "wisdom:CreateKnowledgeBase", "wisdom:CreateQuickResponse", "wisdom:CreateSession", "wisdom:DeleteAssistant", "wisdom:DeleteAssistantAssociation", "wisdom:DeleteContent", "wisdom:DeleteImportJob", "wisdom:DeleteKnowledgeBase", "wisdom:DeleteQuickResponse", "wisdom:GetAssistant", "wisdom:GetAssistantAssociation", "wisdom:GetContent", "wisdom:GetContentSummary", "wisdom:GetImportJob", "wisdom:GetKnowledgeBase", "wisdom:GetQuickResponse", "wisdom:GetRecommendations", "wisdom:GetSession", "wisdom:ListAssistantAssociations", "wisdom:ListAssistants", "wisdom:ListContents", "wisdom:ListImportJobs", "wisdom:ListKnowledgeBases", "wisdom:ListQuickResponses", "wisdom:ListTagsForResource", "wisdom:NotifyRecommendationsReceived", "wisdom:PutFeedback", "wisdom:QueryAssistant", "wisdom:RemoveKnowledgeBaseTemplateUri", "wisdom:SearchContent", "wisdom:SearchQuickResponses", "wisdom:SearchSessions", "wisdom:StartContentUpload", "wisdom:StartImportJob", "wisdom:TagResource", "wisdom:UntagResource", "wisdom:UpdateContent", "wisdom:UpdateKnowledgeBaseTemplateUri", "wisdom:UpdateQuickResponse", "wisdom:UpdateSession", "workdocs:AbortDocumentVersionUpload", "workdocs:ActivateUser", "workdocs:AddNotificationPermissions", "workdocs:AddResourcePermissions", "workdocs:AddUserToGroup", "workdocs:CheckAlias", "workdocs:CreateComment", "workdocs:CreateCustomMetadata", "workdocs:CreateFolder", "workdocs:CreateInstance", "workdocs:CreateLabels", "workdocs:CreateNotificationSubscription", "workdocs:CreateUser", "workdocs:DeactivateUser", "workdocs:DeleteComment", "workdocs:DeleteCustomMetadata", "workdocs:DeleteDocument", "workdocs:DeleteDocumentVersion", "workdocs:DeleteFolder", "workdocs:DeleteFolderContents", "workdocs:DeleteInstance", "workdocs:DeleteLabels", "workdocs:DeleteNotificationPermissions", "workdocs:DeleteNotificationSubscription", "workdocs:DeleteUser", "workdocs:DeregisterDirectory", "workdocs:DescribeActivities", "workdocs:DescribeAvailableDirectories", "workdocs:DescribeComments", "workdocs:DescribeDocumentVersions", "workdocs:DescribeFolderContents", "workdocs:DescribeGroups", "workdocs:DescribeInstanceExports", "workdocs:DescribeInstances", "workdocs:DescribeNotificationPermissions", "workdocs:DescribeNotificationSubscriptions", "workdocs:DescribeResourcePermissions", "workdocs:DescribeRootFolders", "workdocs:DescribeUsers", "workdocs:DownloadDocumentVersion", "workdocs:GetCurrentUser", "workdocs:GetDocument", "workdocs:GetDocumentPath", "workdocs:GetDocumentVersion", "workdocs:GetFolder", "workdocs:GetFolderPath", "workdocs:GetGroup", "workdocs:GetResources", "workdocs:InitiateDocumentVersionUpload", "workdocs:RegisterDirectory", "workdocs:RemoveAllResourcePermissions", "workdocs:RemoveResourcePermission", "workdocs:RestoreDocumentVersions", "workdocs:SearchResources", "workdocs:StartInstanceExport", "workdocs:UpdateDocument", "workdocs:UpdateDocumentVersion", "workdocs:UpdateFolder", "workdocs:UpdateInstanceAlias", "workdocs:UpdateUser", "workdocs:UpdateUserAdministrativeSettings", "worklink:AssociateDomain", "worklink:AssociateWebsiteAuthorizationProvider", "worklink:AssociateWebsiteCertificateAuthority", "worklink:CreateFleet", "worklink:DeleteFleet", "worklink:DescribeAuditStreamConfiguration", "worklink:DescribeCompanyNetworkConfiguration", "worklink:DescribeDevice", "worklink:DescribeDevicePolicyConfiguration", "worklink:DescribeDomain", "worklink:DescribeFleetMetadata", "worklink:DescribeIdentityProviderConfiguration", "worklink:DescribeWebsiteCertificateAuthority", "worklink:DisassociateDomain", "worklink:DisassociateWebsiteAuthorizationProvider", "worklink:DisassociateWebsiteCertificateAuthority", "worklink:ListDevices", "worklink:ListDomains", "worklink:ListFleets", "worklink:ListTagsForResource", "worklink:ListWebsiteAuthorizationProviders", "worklink:ListWebsiteCertificateAuthorities", "worklink:RestoreDomainAccess", "worklink:RevokeDomainAccess", "worklink:SearchEntity", "worklink:SignOutUser", "worklink:TagResource", "worklink:UntagResource", "worklink:UpdateAuditStreamConfiguration", "worklink:UpdateCompanyNetworkConfiguration", "worklink:UpdateDevicePolicyConfiguration", "worklink:UpdateDomainMetadata", "worklink:UpdateFleetMetadata", "worklink:UpdateIdentityProviderConfiguration", "workmail:AddMembersToGroup", "workmail:AllowVendedLogDeliveryForResource", "workmail:AssociateDelegateToResource", "workmail:AssociateMemberToGroup", "workmail:AssumeImpersonationRole", "workmail:CancelMailboxExportJob", "workmail:CreateAlias", "workmail:CreateAvailabilityConfiguration", "workmail:CreateGroup", "workmail:CreateImpersonationRole", "workmail:CreateInboundMailFlowRule", "workmail:CreateMailDomain", "workmail:CreateMobileDeviceAccessRule", "workmail:CreateOrganization", "workmail:CreateOutboundMailFlowRule", "workmail:CreateResource", "workmail:CreateSmtpGateway", "workmail:CreateUser", "workmail:DeleteAccessControlRule", "workmail:DeleteAlias", "workmail:DeleteAvailabilityConfiguration", "workmail:DeleteEmailMonitoringConfiguration", "workmail:DeleteGroup", "workmail:DeleteImpersonationRole", "workmail:DeleteInboundMailFlowRule", "workmail:DeleteMailDomain", "workmail:DeleteMailboxPermissions", "workmail:DeleteMobileDevice", "workmail:DeleteMobileDeviceAccessOverride", "workmail:DeleteMobileDeviceAccessRule", "workmail:DeleteOrganization", "workmail:DeleteOutboundMailFlowRule", "workmail:DeleteResource", "workmail:DeleteRetentionPolicy", "workmail:DeleteSmtpGateway", "workmail:DeleteUser", "workmail:DeregisterFromWorkMail", "workmail:DeregisterMailDomain", "workmail:DescribeDirectories", "workmail:DescribeEmailMonitoringConfiguration", "workmail:DescribeEntity", "workmail:DescribeGroup", "workmail:DescribeInboundDmarcSettings", "workmail:DescribeInboundMailFlowRule", "workmail:DescribeKmsKeys", "workmail:DescribeMailDomains", "workmail:DescribeMailGroups", "workmail:DescribeMailUsers", "workmail:DescribeMailboxExportJob", "workmail:DescribeOrganization", "workmail:DescribeOrganizations", "workmail:DescribeOutboundMailFlowRule", "workmail:DescribeResource", "workmail:DescribeSmtpGateway", "workmail:DescribeUser", "workmail:DisassociateDelegateFromResource", "workmail:DisassociateMemberFromGroup", "workmail:EnableMailDomain", "workmail:GetAccessControlEffect", "workmail:GetDefaultRetentionPolicy", "workmail:GetImpersonationRole", "workmail:GetImpersonationRoleEffect", "workmail:GetJournalingRules", "workmail:GetMailDomain", "workmail:GetMailDomainDetails", "workmail:GetMailGroupDetails", "workmail:GetMailboxDetails", "workmail:GetMobileDeviceAccessEffect", "workmail:GetMobileDeviceAccessOverride", "workmail:GetMobileDeviceDetails", "workmail:GetMobileDevicesForUser", "workmail:GetMobilePolicyDetails", "workmail:ListAccessControlRules", "workmail:ListAliases", "workmail:ListAvailabilityConfigurations", "workmail:ListGroupMembers", "workmail:ListGroups", "workmail:ListGroupsForEntity", "workmail:ListImpersonationRoles", "workmail:ListInboundMailFlowRules", "workmail:ListMailDomains", "workmail:ListMailboxExportJobs", "workmail:ListMailboxPermissions", "workmail:ListMembersInMailGroup", "workmail:ListMobileDeviceAccessOverrides", "workmail:ListMobileDeviceAccessRules", "workmail:ListOrganizations", "workmail:ListOutboundMailFlowRules", "workmail:ListResourceDelegates", "workmail:ListResources", "workmail:ListSmtpGateways", "workmail:ListTagsForResource", "workmail:ListUsers", "workmail:PutAccessControlRule", "workmail:PutEmailMonitoringConfiguration", "workmail:PutInboundDmarcSettings", "workmail:PutMailboxPermissions", "workmail:PutMobileDeviceAccessOverride", "workmail:PutRetentionPolicy", "workmail:RegisterMailDomain", "workmail:RegisterToWorkMail", "workmail:RemoveMembersFromGroup", "workmail:ResetPassword", "workmail:ResetUserPassword", "workmail:SearchMembers", "workmail:SetAdmin", "workmail:SetDefaultMailDomain", "workmail:SetJournalingRules", "workmail:SetMobilePolicyDetails", "workmail:StartMailboxExportJob", "workmail:TagResource", "workmail:TestAvailabilityConfiguration", "workmail:TestInboundMailFlowRules", "workmail:TestOutboundMailFlowRules", "workmail:UntagResource", "workmail:UpdateAvailabilityConfiguration", "workmail:UpdateDefaultMailDomain", "workmail:UpdateGroup", "workmail:UpdateImpersonationRole", "workmail:UpdateInboundMailFlowRule", "workmail:UpdateMailboxQuota", "workmail:UpdateMobileDeviceAccessRule", "workmail:UpdateOutboundMailFlowRule", "workmail:UpdatePrimaryEmailAddress", "workmail:UpdateResource", "workmail:UpdateSmtpGateway", "workmail:UpdateUser", "workmail:WipeMobileDevice", "workmailmessageflow:GetRawMessageContent", "workmailmessageflow:PutRawMessageContent", "workspaces:AcceptAccountLinkInvitation", "workspaces:AssociateConnectionAlias", "workspaces:AssociateIpGroups", "workspaces:AssociateWorkspaceApplication", "workspaces:AuthorizeIpRules", "workspaces:CopyWorkspaceImage", "workspaces:CreateAccountLinkInvitation", "workspaces:CreateConnectClientAddIn", "workspaces:CreateConnectionAlias", "workspaces:CreateIpGroup", "workspaces:CreateStandbyWorkspaces", "workspaces:CreateTags", "workspaces:CreateUpdatedWorkspaceImage", "workspaces:CreateWorkspaceBundle", "workspaces:CreateWorkspaceImage", "workspaces:CreateWorkspaces", "workspaces:DeleteAccountLinkInvitation", "workspaces:DeleteClientBranding", "workspaces:DeleteConnectClientAddIn", "workspaces:DeleteConnectionAlias", "workspaces:DeleteIpGroup", "workspaces:DeleteTags", "workspaces:DeleteWorkspaceBundle", "workspaces:DeleteWorkspaceImage", "workspaces:DeployWorkspaceApplications", "workspaces:DeregisterWorkspaceDirectory", "workspaces:DescribeAccount", "workspaces:DescribeAccountModifications", "workspaces:DescribeApplicationAssociations", "workspaces:DescribeApplications", "workspaces:DescribeBundleAssociations", "workspaces:DescribeClientBranding", "workspaces:DescribeClientProperties", "workspaces:DescribeConnectClientAddIns", "workspaces:DescribeConnectionAliasPermissions", "workspaces:DescribeConnectionAliases", "workspaces:DescribeImageAssociations", "workspaces:DescribeIpGroups", "workspaces:DescribeTags", "workspaces:DescribeWorkspaceAssociations", "workspaces:DescribeWorkspaceBundles", "workspaces:DescribeWorkspaceDirectories", "workspaces:DescribeWorkspaceImagePermissions", "workspaces:DescribeWorkspaceImages", "workspaces:DescribeWorkspaceSnapshots", "workspaces:DescribeWorkspaces", "workspaces:DescribeWorkspacesConnectionStatus", "workspaces:DisassociateConnectionAlias", "workspaces:DisassociateIpGroups", "workspaces:DisassociateWorkspaceApplication", "workspaces:GetAccountLink", "workspaces:ImportClientBranding", "workspaces:ImportWorkspaceImage", "workspaces:ListAccountLinks", "workspaces:ListAvailableManagementCidrRanges", "workspaces:MigrateWorkspace", "workspaces:ModifyAccount", "workspaces:ModifyCertificateBasedAuthProperties", "workspaces:ModifyClientProperties", "workspaces:ModifySamlProperties", "workspaces:ModifySelfservicePermissions", "workspaces:ModifyWorkspaceAccessProperties", "workspaces:ModifyWorkspaceCreationProperties", "workspaces:ModifyWorkspaceProperties", "workspaces:ModifyWorkspaceState", "workspaces:RebootWorkspaces", "workspaces:RebuildWorkspaces", "workspaces:RegisterWorkspaceDirectory", "workspaces:RejectAccountLinkInvitation", "workspaces:RestoreWorkspace", "workspaces:RevokeIpRules", "workspaces:StartWorkspaces", "workspaces:StopWorkspaces", "workspaces:Stream", "workspaces:TerminateWorkspaces", "workspaces:UpdateConnectClientAddIn", "workspaces:UpdateConnectionAliasPermission", "workspaces:UpdateRulesOfIpGroup", "workspaces:UpdateWorkspaceBundle", "workspaces:UpdateWorkspaceImagePermission", "workspaces-web:AssociateBrowserSettings", "workspaces-web:AssociateIpAccessSettings", "workspaces-web:AssociateNetworkSettings", "workspaces-web:AssociateTrustStore", "workspaces-web:AssociateUserAccessLoggingSettings", "workspaces-web:AssociateUserSettings", "workspaces-web:CreateBrowserSettings", "workspaces-web:CreateIdentityProvider", "workspaces-web:CreateIpAccessSettings", "workspaces-web:CreateNetworkSettings", "workspaces-web:CreatePortal", "workspaces-web:CreateTrustStore", "workspaces-web:CreateUserAccessLoggingSettings", "workspaces-web:CreateUserSettings", "workspaces-web:DeleteBrowserSettings", "workspaces-web:DeleteIdentityProvider", "workspaces-web:DeleteIpAccessSettings", "workspaces-web:DeleteNetworkSettings", "workspaces-web:DeletePortal", "workspaces-web:DeleteTrustStore", "workspaces-web:DeleteUserAccessLoggingSettings", "workspaces-web:DeleteUserSettings", "workspaces-web:DisassociateBrowserSettings", "workspaces-web:DisassociateIpAccessSettings", "workspaces-web:DisassociateNetworkSettings", "workspaces-web:DisassociateTrustStore", "workspaces-web:DisassociateUserAccessLoggingSettings", "workspaces-web:DisassociateUserSettings", "workspaces-web:GetBrowserSettings", "workspaces-web:GetIdentityProvider", "workspaces-web:GetIpAccessSettings", "workspaces-web:GetNetworkSettings", "workspaces-web:GetPortal", "workspaces-web:GetPortalServiceProviderMetadata", "workspaces-web:GetTrustStore", "workspaces-web:GetTrustStoreCertificate", "workspaces-web:GetUserAccessLoggingSettings", "workspaces-web:GetUserSettings", "workspaces-web:ListBrowserSettings", "workspaces-web:ListIdentityProviders", "workspaces-web:ListIpAccessSettings", "workspaces-web:ListNetworkSettings", "workspaces-web:ListPortals", "workspaces-web:ListTagsForResource", "workspaces-web:ListTrustStoreCertificates", "workspaces-web:ListTrustStores", "workspaces-web:ListUserAccessLoggingSettings", "workspaces-web:ListUserSettings", "workspaces-web:TagResource", "workspaces-web:UntagResource", "workspaces-web:UpdateBrowserSettings", "workspaces-web:UpdateIdentityProvider", "workspaces-web:UpdateIpAccessSettings", "workspaces-web:UpdateNetworkSettings", "workspaces-web:UpdatePortal", "workspaces-web:UpdateTrustStore", "workspaces-web:UpdateUserAccessLoggingSettings", "workspaces-web:UpdateUserSettings", "xray:BatchGetTraceSummaryById", "xray:BatchGetTraces", "xray:CreateGroup", "xray:CreateSamplingRule", "xray:DeleteGroup", "xray:DeleteResourcePolicy", "xray:DeleteSamplingRule", "xray:GetDistinctTraceGraphs", "xray:GetEncryptionConfig", "xray:GetGroup", "xray:GetGroups", "xray:GetInsight", "xray:GetInsightEvents", "xray:GetInsightImpactGraph", "xray:GetInsightSummaries", "xray:GetSamplingRules", "xray:GetSamplingStatisticSummaries", "xray:GetSamplingTargets", "xray:GetServiceGraph", "xray:GetTimeSeriesServiceStatistics", "xray:GetTraceGraph", "xray:GetTraceSummaries", "xray:Link", "xray:ListResourcePolicies", "xray:ListTagsForResource", "xray:PutEncryptionConfig", "xray:PutResourcePolicy", "xray:PutTelemetryRecords", "xray:PutTraceSegments", "xray:TagResource", "xray:UntagResource", "xray:UpdateGroup", "xray:UpdateSamplingRule", "iam:CreateServiceLinkedRole", "iam:DeleteServiceLinkedRole", "iam:ListRoles", "organizations:DescribeOrganization", "account:ListRegions", "account:GetAccountInformation" ], "malformed": false, "name": "PowerUserAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-07-06T22:04:00+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSElementalMediaLiveFullAccess", "createdate": "2020-07-08T17:07:14Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "medialive:AcceptInputDeviceTransfer", "medialive:BatchDelete", "medialive:BatchStart", "medialive:BatchStop", "medialive:BatchUpdateSchedule", "medialive:CancelInputDeviceTransfer", "medialive:ClaimDevice", "medialive:CreateChannel", "medialive:CreateCloudWatchAlarmTemplate", "medialive:CreateCloudWatchAlarmTemplateGroup", "medialive:CreateEventBridgeRuleTemplate", "medialive:CreateEventBridgeRuleTemplateGroup", "medialive:CreateInput", "medialive:CreateInputSecurityGroup", "medialive:CreateMultiplex", "medialive:CreateMultiplexProgram", "medialive:CreatePartnerInput", "medialive:CreateSignalMap", "medialive:CreateTags", "medialive:DeleteChannel", "medialive:DeleteCloudWatchAlarmTemplate", "medialive:DeleteCloudWatchAlarmTemplateGroup", "medialive:DeleteEventBridgeRuleTemplate", "medialive:DeleteEventBridgeRuleTemplateGroup", "medialive:DeleteInput", "medialive:DeleteInputSecurityGroup", "medialive:DeleteMultiplex", "medialive:DeleteMultiplexProgram", "medialive:DeleteReservation", "medialive:DeleteSchedule", "medialive:DeleteSignalMap", "medialive:DeleteTags", "medialive:DescribeAccountConfiguration", "medialive:DescribeChannel", "medialive:DescribeInput", "medialive:DescribeInputDevice", "medialive:DescribeInputDeviceThumbnail", "medialive:DescribeInputSecurityGroup", "medialive:DescribeMultiplex", "medialive:DescribeMultiplexProgram", "medialive:DescribeOffering", "medialive:DescribeReservation", "medialive:DescribeSchedule", "medialive:DescribeThumbnails", "medialive:GetCloudWatchAlarmTemplate", "medialive:GetCloudWatchAlarmTemplateGroup", "medialive:GetEventBridgeRuleTemplate", "medialive:GetEventBridgeRuleTemplateGroup", "medialive:GetSignalMap", "medialive:ListChannels", "medialive:ListCloudWatchAlarmTemplateGroups", "medialive:ListCloudWatchAlarmTemplates", "medialive:ListEventBridgeRuleTemplateGroups", "medialive:ListEventBridgeRuleTemplates", "medialive:ListInputDeviceTransfers", "medialive:ListInputDevices", "medialive:ListInputSecurityGroups", "medialive:ListInputs", "medialive:ListMultiplexPrograms", "medialive:ListMultiplexes", "medialive:ListOfferings", "medialive:ListReservations", "medialive:ListSignalMaps", "medialive:ListTagsForResource", "medialive:PurchaseOffering", "medialive:RebootInputDevice", "medialive:RejectInputDeviceTransfer", "medialive:RestartChannelPipelines", "medialive:StartChannel", "medialive:StartDeleteMonitorDeployment", "medialive:StartInputDevice", "medialive:StartInputDeviceMaintenanceWindow", "medialive:StartMonitorDeployment", "medialive:StartMultiplex", "medialive:StartUpdateSignalMap", "medialive:StopChannel", "medialive:StopInputDevice", "medialive:StopMultiplex", "medialive:TransferInputDevice", "medialive:UpdateAccountConfiguration", "medialive:UpdateChannel", "medialive:UpdateChannelClass", "medialive:UpdateCloudWatchAlarmTemplate", "medialive:UpdateCloudWatchAlarmTemplateGroup", "medialive:UpdateEventBridgeRuleTemplate", "medialive:UpdateEventBridgeRuleTemplateGroup", "medialive:UpdateInput", "medialive:UpdateInputDevice", "medialive:UpdateInputSecurityGroup", "medialive:UpdateMultiplex", "medialive:UpdateMultiplexProgram", "medialive:UpdateReservation" ], "malformed": false, "name": "AWSElementalMediaLiveFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-07-08T17:07:14+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSIQContractServiceRolePolicy", "createdate": "2019-08-22T19:28:39Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "aws-marketplace:Subscribe" ], "malformed": false, "name": "AWSIQContractServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-08-22T19:28:39+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSResilienceHubAsssessmentExecutionPolicy", "createdate": "2024-03-24T18:05:06Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "application-autoscaling:DescribeScalableTargets", "autoscaling:DescribeAutoScalingGroups", "backup:DescribeBackupVault", "backup:GetBackupPlan", "backup:GetBackupSelection", "backup:ListBackupPlans", "backup:ListBackupSelections", "cloudformation:DescribeStacks", "cloudformation:ListStackResources", "cloudformation:ValidateTemplate", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "datasync:DescribeTask", "datasync:ListLocations", "datasync:ListTasks", "devops-guru:ListMonitoredResources", "dlm:GetLifecyclePolicies", "dlm:GetLifecyclePolicy", "drs:DescribeJobs", "drs:DescribeSourceServers", "drs:GetReplicationConfiguration", "ds:DescribeDirectories", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeGlobalTable", "dynamodb:DescribeLimits", "dynamodb:DescribeTable", "dynamodb:ListGlobalTables", "dynamodb:ListTagsOfResource", "ec2:DescribeAvailabilityZones", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleets", "ec2:DescribeHosts", "ec2:DescribeInstances", "ec2:DescribeNatGateways", "ec2:DescribePlacementGroups", "ec2:DescribeRegions", "ec2:DescribeSnapshots", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeVolumes", "ec2:DescribeVpcEndpoints", "ecr:DescribeRegistry", "ecs:DescribeCapacityProviders", "ecs:DescribeClusters", "ecs:DescribeContainerInstances", "ecs:DescribeServices", "ecs:DescribeTaskDefinition", "ecs:ListContainerInstances", "ecs:ListServices", "eks:DescribeCluster", "eks:DescribeFargateProfile", "eks:DescribeNodegroup", "eks:ListFargateProfiles", "eks:ListNodegroups", "elasticache:DescribeCacheClusters", "elasticache:DescribeGlobalReplicationGroups", "elasticache:DescribeReplicationGroups", "elasticache:DescribeSnapshots", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeLifecycleConfiguration", "elasticfilesystem:DescribeMountTargets", "elasticfilesystem:DescribeReplicationConfigurations", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "fis:GetExperimentTemplate", "fis:ListExperimentTemplates", "fis:ListExperiments", "fsx:DescribeFileSystems", "lambda:GetFunctionConcurrency", "lambda:GetFunctionConfiguration", "lambda:ListAliases", "lambda:ListVersionsByFunction", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBInstances", "rds:DescribeDBProxies", "rds:DescribeDBProxyTargets", "rds:DescribeDBSnapshots", "rds:DescribeGlobalClusters", "resource-groups:GetGroup", "resource-groups:ListGroupResources", "route53-recovery-control-config:ListClusters", "route53-recovery-control-config:ListControlPanels", "route53-recovery-control-config:ListRoutingControls", "route53-recovery-readiness:GetReadinessCheckStatus", "route53-recovery-readiness:GetResourceSet", "route53-recovery-readiness:ListReadinessChecks", "route53:GetHealthCheck", "route53:ListHealthChecks", "route53:ListHostedZones", "route53:ListResourceRecordSets", "route53resolver:ListResolverEndpoints", "route53resolver:ListResolverEndpointIpAddresses", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketPolicyStatus", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetMultiRegionAccessPointRoutes", "s3:GetReplicationConfiguration", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListMultiRegionAccessPoints", "servicecatalog:GetApplication", "servicecatalog:ListAssociatedResources", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:ListSubscriptionsByTopic", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "ssm:DescribeAutomationExecutions", "states:DescribeStateMachine", "states:ListStateMachineVersions", "states:ListStateMachineAliases", "tag:GetResources", "apigateway:GET", "s3:CreateBucket", "s3:PutObject", "s3:GetObject", "cloudwatch:PutMetricData", "ssm:GetParametersByPath" ], "malformed": false, "name": "AWSResilienceHubAsssessmentExecutionPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-24T18:05:06+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsApiGatewayServiceRolePolicy", "createdate": "2022-03-25T04:25:36Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteLogDelivery", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeResourcePolicies", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeSubscriptionFilters", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:PutLogEvents", "logs:PutResourcePolicy", "logs:UpdateLogDelivery" ], "malformed": false, "name": "AmazonSageMakerServiceCatalogProductsApiGatewayServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-03-25T04:25:36+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": null, "createdate": "2015-02-06T18:40:19Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "elasticbeanstalk:CheckDNSAvailability", "elasticbeanstalk:DescribeAccountAttributes", "elasticbeanstalk:DescribeApplicationVersions", "elasticbeanstalk:DescribeApplications", "elasticbeanstalk:DescribeConfigurationOptions", "elasticbeanstalk:DescribeConfigurationSettings", "elasticbeanstalk:DescribeEnvironmentHealth", "elasticbeanstalk:DescribeEnvironmentManagedActionHistory", "elasticbeanstalk:DescribeEnvironmentManagedActions", "elasticbeanstalk:DescribeEnvironmentResources", "elasticbeanstalk:DescribeEnvironments", "elasticbeanstalk:DescribeEvents", "elasticbeanstalk:DescribeInstancesHealth", "elasticbeanstalk:DescribePlatformVersion", "elasticbeanstalk:ListAvailableSolutionStacks", "elasticbeanstalk:ListPlatformBranches", "elasticbeanstalk:ListPlatformVersions", "elasticbeanstalk:ListTagsForResource", "elasticbeanstalk:RequestEnvironmentInfo", "elasticbeanstalk:RetrieveEnvironmentInfo", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "sns:GetDataProtectionPolicy", "sns:GetEndpointAttributes", "sns:GetPlatformApplicationAttributes", "sns:GetSMSAttributes", "sns:GetSMSSandboxAccountStatus", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:ListEndpointsByPlatformApplication", "sns:ListOriginationNumbers", "sns:ListPhoneNumbersOptedOut", "sns:ListPlatformApplications", "sns:ListSMSSandboxPhoneNumbers", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeChangeSet", "cloudformation:DescribeChangeSetHooks", "cloudformation:DescribeGeneratedTemplate", "cloudformation:DescribeOrganizationsAccess", "cloudformation:DescribePublisher", "cloudformation:DescribeResourceScan", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:DescribeType", "cloudformation:DescribeTypeRegistration", "cloudformation:GetResource", "cloudformation:GetResourceRequestStatus", "cloudformation:GetGeneratedTemplate", "cloudformation:GetStackPolicy", "cloudformation:GetTemplate", "cloudformation:GetTemplateSummary", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "cloudformation:ValidateTemplate", "cloudformation:EstimateTemplateCost", "rds:DescribeAccountAttributes", "rds:DescribeBlueGreenDeployments", "rds:DescribeCertificates", "rds:DescribeDBClusterAutomatedBackups", "rds:DescribeDBClusterBacktracks", "rds:DescribeDBClusterEndpoints", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBProxies", "rds:DescribeDBProxyEndpoints", "rds:DescribeDBProxyTargetGroups", "rds:DescribeDBProxyTargets", "rds:DescribeDBRecommendations", "rds:DescribeDBSecurityGroups", "rds:DescribeDBShardGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeDbSnapshotTenantDatabases", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeExportTasks", "rds:DescribeGlobalClusters", "rds:DescribeIntegrations", "rds:DescribeOptionGroupOptions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeRecommendationGroups", "rds:DescribeRecommendations", "rds:DescribeReservedDBInstances", "rds:DescribeReservedDBInstancesOfferings", "rds:DescribeSourceRegions", "rds:DescribeTenantDatabases", "rds:DescribeValidDBInstanceModifications", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "sqs:ListDeadLetterSourceQueues", "sqs:ListMessageMoveTasks", "sqs:ListQueueTags", "sqs:ListQueues" ], "malformed": false, "name": "AWSElasticBeanstalkReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v1" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AWSMarketplaceGetEntitlements", "createdate": "2024-04-05T01:27:20Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "aws-marketplace:GetEntitlements" ], "malformed": false, "name": "AWSMarketplaceGetEntitlements", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-05T01:27:20+00:00", "version": "v2" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonAPIGatewayInvokeFullAccess", "createdate": "2018-12-18T18:25:10Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "execute-api:Invoke", "execute-api:ManageConnections" ], "malformed": false, "name": "AmazonAPIGatewayInvokeFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-12-18T18:25:10+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSShieldServiceRolePolicy", "createdate": "2021-11-17T19:17:46Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "wafv2:GetWebACL", "wafv2:UpdateWebACL", "wafv2:GetWebACLForResource", "wafv2:ListResourcesForWebACL", "cloudfront:ListDistributions", "cloudfront:GetDistribution" ], "malformed": false, "name": "AWSShieldServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-11-17T19:17:46+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonTimestreamInfluxDBFullAccess", "createdate": "2024-03-14T22:53:22Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "timestream-influxdb:CreateDbParameterGroup", "timestream-influxdb:GetDbParameterGroup", "timestream-influxdb:ListDbParameterGroups", "timestream-influxdb:CreateDbInstance", "timestream-influxdb:DeleteDbInstance", "timestream-influxdb:GetDbInstance", "timestream-influxdb:ListDbInstances", "timestream-influxdb:TagResource", "timestream-influxdb:UntagResource", "timestream-influxdb:ListTagsForResource", "timestream-influxdb:UpdateDbInstance", "iam:CreateServiceLinkedRole", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeSecurityGroups", "ec2:CreateNetworkInterface", "s3:ListBucket", "s3:GetBucketPolicy" ], "malformed": false, "name": "AmazonTimestreamInfluxDBFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-14T22:53:22+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSSecurityHubServiceRolePolicy", "createdate": "2023-11-27T03:46:47Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudtrail:DescribeTrails", "cloudtrail:GetTrailStatus", "cloudtrail:GetEventSelectors", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "logs:DescribeMetricFilters", "sns:ListSubscriptionsByTopic", "config:DescribeConfigurationRecorders", "config:DescribeConfigurationRecorderStatus", "config:DescribeConfigRules", "config:DescribeConfigRuleEvaluationStatus", "config:BatchGetResourceConfig", "config:SelectResourceConfig", "iam:GenerateCredentialReport", "organizations:ListAccounts", "config:PutEvaluations", "tag:GetResources", "iam:GetCredentialReport", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListChildren", "organizations:ListAWSServiceAccessForOrganization", "organizations:DescribeOrganizationalUnit", "securityhub:BatchDisableStandards", "securityhub:BatchEnableStandards", "securityhub:BatchUpdateStandardsControlAssociations", "securityhub:BatchGetSecurityControls", "securityhub:BatchGetStandardsControlAssociations", "securityhub:CreateMembers", "securityhub:DeleteMembers", "securityhub:DescribeHub", "securityhub:DescribeOrganizationConfiguration", "securityhub:DescribeStandards", "securityhub:DescribeStandardsControls", "securityhub:DisassociateFromAdministratorAccount", "securityhub:DisassociateMembers", "securityhub:DisableSecurityHub", "securityhub:EnableSecurityHub", "securityhub:GetEnabledStandards", "securityhub:ListStandardsControlAssociations", "securityhub:ListSecurityControlDefinitions", "securityhub:UpdateOrganizationConfiguration", "securityhub:UpdateSecurityControl", "securityhub:UpdateSecurityHubConfiguration", "securityhub:UpdateStandardsControl", "config:PutConfigRule", "config:DeleteConfigRule", "config:GetComplianceDetailsByConfigRule", "organizations:ListDelegatedAdministrators" ], "malformed": false, "name": "AWSSecurityHubServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-27T03:46:47+00:00", "version": "v14" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonInspector2ServiceRolePolicy", "createdate": "2024-01-22T14:06:01Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "directconnect:DescribeConnections", "directconnect:DescribeDirectConnectGatewayAssociations", "directconnect:DescribeDirectConnectGatewayAttachments", "directconnect:DescribeDirectConnectGateways", "directconnect:DescribeVirtualGateways", "directconnect:DescribeVirtualInterfaces", "ec2:DescribeAvailabilityZones", "ec2:DescribeCustomerGateways", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeManagedPrefixLists", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInterfaces", "ec2:DescribePrefixLists", "ec2:DescribeRegions", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:GetManagedPrefixListEntries", "ec2:GetTransitGatewayRouteTablePropagations", "ec2:SearchTransitGatewayRoutes", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetHealth", "network-firewall:DescribeFirewall", "network-firewall:DescribeFirewallPolicy", "network-firewall:DescribeResourcePolicy", "network-firewall:DescribeRuleGroup", "network-firewall:ListFirewallPolicies", "network-firewall:ListFirewalls", "network-firewall:ListRuleGroups", "tiros:CreateQuery", "tiros:GetQueryAnswer", "ecr:BatchGetImage", "ecr:BatchGetRepositoryScanningConfiguration", "ecr:DescribeImages", "ecr:DescribeRegistry", "ecr:DescribeRepositories", "ecr:GetAuthorizationToken", "ecr:GetDownloadUrlForLayer", "ecr:GetRegistryScanningConfiguration", "ecr:ListImages", "ecr:PutRegistryScanningConfiguration", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListAccounts", "ssm:DescribeAssociation", "ssm:DescribeAssociationExecutions", "ssm:DescribeInstanceInformation", "ssm:ListAssociations", "ssm:ListResourceDataSync", "lambda:ListFunctions", "lambda:GetFunction", "lambda:GetLayerVersion", "cloudwatch:GetMetricData", "ssm:CreateAssociation", "ssm:StartAssociationsOnce", "ssm:DeleteAssociation", "ssm:UpdateAssociation", "ssm:CreateResourceDataSync", "ssm:DeleteResourceDataSync", "events:PutRule", "events:DeleteRule", "events:DescribeRule", "events:ListTargetsByRule", "events:PutTargets", "events:RemoveTargets", "codeguru-security:CreateScan", "codeguru-security:GetAccountConfiguration", "codeguru-security:GetFindings", "codeguru-security:GetScan", "codeguru-security:ListFindings", "codeguru-security:BatchGetFindings", "codeguru-security:DeleteScansByCategory", "iam:GetRole", "iam:GetRolePolicy", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:ListAttachedRolePolicies", "iam:ListPolicies", "iam:ListPolicyVersions", "iam:ListRolePolicies", "lambda:ListVersionsByFunction", "ssm:PutParameter", "ssm:GetParameters", "ssm:DeleteParameter", "cloudtrail:CreateServiceLinkedChannel", "cloudtrail:DeleteServiceLinkedChannel", "cloudtrail:ListServiceLinkedChannels", "ssm:SendCommand", "ssm:GetCommandInvocation", "ssm:SendCommand", "cloudwatch:PutMetricData" ], "malformed": false, "name": "AmazonInspector2ServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-22T14:06:01+00:00", "version": "v12" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonEKSLocalOutpostClusterPolicy", "createdate": "2022-10-17T16:02:34Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "ec2:DescribeInstances", "ec2:DescribeRouteTables", "ec2:DescribeTags", "ec2:DescribeNetworkInterfaces", "ec2:DescribeInstanceTypes", "ec2messages:AcknowledgeMessage", "ec2messages:DeleteMessage", "ec2messages:FailMessage", "ec2messages:GetEndpoint", "ec2messages:GetMessages", "ec2messages:SendReply", "ssmmessages:CreateControlChannel", "ssmmessages:CreateDataChannel", "ssmmessages:OpenControlChannel", "ssmmessages:OpenDataChannel", "ssm:DescribeInstanceProperties", "ssm:DescribeDocumentParameters", "ssm:ListInstanceAssociations", "ssm:RegisterManagedInstance", "ssm:UpdateInstanceInformation", "ssm:UpdateInstanceAssociationStatus", "ssm:PutComplianceItems", "ssm:PutInventory", "ecr-public:GetAuthorizationToken", "ecr:GetAuthorizationToken", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", "secretsmanager:GetSecretValue", "secretsmanager:DeleteSecret", "logs:CreateLogGroup", "logs:PutLogEvents", "logs:CreateLogStream", "logs:DescribeLogStreams" ], "malformed": false, "name": "AmazonEKSLocalOutpostClusterPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-10-17T16:02:34+00:00", "version": "v3" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AWSAccountUsageReportAccess", "createdate": "2015-02-06T18:41:19Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "aws-portal:ViewUsage" ], "malformed": false, "name": "AWSAccountUsageReportAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:41:19+00:00", "version": "v1" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonGrafanaServiceLinkedRolePolicy", "createdate": "2022-11-08T23:10:33Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeNetworkInterfaces", "ec2:DescribeVpcs", "ec2:DescribeDhcpOptions", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "ec2:CreateNetworkInterface", "ec2:CreateTags", "ec2:DeleteNetworkInterface" ], "malformed": false, "name": "AmazonGrafanaServiceLinkedRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-08T23:10:33+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSCodePipeline_ReadOnlyAccess", "createdate": "2020-08-03T22:25:17Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "codepipeline:GetPipeline", "codepipeline:GetPipelineState", "codepipeline:GetPipelineExecution", "codepipeline:ListPipelineExecutions", "codepipeline:ListActionExecutions", "codepipeline:ListActionTypes", "codepipeline:ListPipelines", "codepipeline:ListTagsForResource", "s3:ListAllMyBuckets", "codestar-notifications:ListNotificationRules", "codestar-notifications:ListEventTypes", "codestar-notifications:ListTargets", "s3:GetObject", "s3:ListBucket", "s3:GetBucketPolicy", "codestar-notifications:DescribeNotificationRule" ], "malformed": false, "name": "AWSCodePipeline_ReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-08-03T22:25:17+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AppIntegrationsServiceLinkedRolePolicy", "createdate": "2022-09-30T19:42:56Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:PutMetricData", "appflow:DescribeConnectorEntity", "appflow:ListConnectorEntities", "appflow:DescribeConnectorProfiles", "appflow:UseConnectorProfile", "appflow:DeleteFlow", "appflow:DescribeFlow", "appflow:DescribeFlowExecutionRecords", "appflow:StartFlow", "appflow:StopFlow", "appflow:UpdateFlow", "appflow:TagResource" ], "malformed": false, "name": "AppIntegrationsServiceLinkedRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-09-30T19:42:56+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSLambdaMSKExecutionRole", "createdate": "2022-08-02T20:08:02Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "kafka:DescribeCluster", "kafka:DescribeClusterV2", "kafka:GetBootstrapBrokers", "ec2:CreateNetworkInterface", "ec2:DescribeNetworkInterfaces", "ec2:DescribeVpcs", "ec2:DeleteNetworkInterface", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "malformed": false, "name": "AWSLambdaMSKExecutionRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-08-02T20:08:02+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write", "Unknown" ], "arn": "arn:aws:iam::aws:policy/AmazonConnectReadOnlyAccess", "createdate": "2019-11-06T22:10:18Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "connect:GetContactAttributes", "connect:GetCurrentMetricData", "connect:GetCurrentUserData", "connect:GetFederationToken", "connect:GetFederationTokens", "connect:GetFlowAssociation", "connect:GetMetricData", "connect:GetMetricDataV2", "connect:GetPromptFile", "connect:GetTaskTemplate", "connect:GetTrafficDistribution", "connect:DescribeAgentStatus", "connect:DescribeContact", "connect:DescribeContactEvaluation", "connect:DescribeContactFlow", "connect:DescribeContactFlowModule", "connect:DescribeEvaluationForm", "connect:DescribeForecastingPlanningSchedulingIntegration", "connect:DescribeHoursOfOperation", "connect:DescribeInstance", "connect:DescribeInstanceAttribute", "connect:DescribeInstanceStorageConfig", "connect:DescribePhoneNumber", "connect:DescribePredefinedAttribute", "connect:DescribePrompt", "connect:DescribeQueue", "connect:DescribeQuickConnect", "connect:DescribeRoutingProfile", "connect:DescribeRule", "connect:DescribeSecurityProfile", "connect:DescribeTrafficDistributionGroup", "connect:DescribeUser", "connect:DescribeUserHierarchyGroup", "connect:DescribeUserHierarchyStructure", "connect:DescribeView", "connect:DescribeVocabulary", "connect:ListAgentStatuses", "connect:ListAnalyticsDataAssociations", "connect:ListApprovedOrigins", "connect:ListBots", "connect:ListContactEvaluations", "connect:ListContactFlowModules", "connect:ListContactFlows", "connect:ListContactReferences", "connect:ListDefaultVocabularies", "connect:ListEvaluationFormVersions", "connect:ListEvaluationForms", "connect:ListFlowAssociations", "connect:ListHoursOfOperations", "connect:ListInstanceAttributes", "connect:ListInstanceStorageConfigs", "connect:ListInstances", "connect:ListIntegrationAssociations", "connect:ListLambdaFunctions", "connect:ListLexBots", "connect:ListPhoneNumbers", "connect:ListPhoneNumbersV2", "connect:ListPredefinedAttributes", "connect:ListPrompts", "connect:ListQueueQuickConnects", "connect:ListQueues", "connect:ListQuickConnects", "connect:ListRealtimeContactAnalysisSegments", "connect:ListRealtimeContactAnalysisSegmentsV2", "connect:ListRoutingProfileQueues", "connect:ListRoutingProfiles", "connect:ListRules", "connect:ListSecurityKeys", "connect:ListSecurityProfileApplications", "connect:ListSecurityProfilePermissions", "connect:ListSecurityProfiles", "connect:ListTagsForResource", "connect:ListTaskTemplates", "connect:ListTrafficDistributionGroupUsers", "connect:ListTrafficDistributionGroups", "connect:ListUseCases", "connect:ListUserHierarchyGroups", "connect:ListUserProficiencies", "connect:ListUsers", "connect:ListViewVersions", "connect:ListViews", "ds:DescribeDirectories" ], "malformed": false, "name": "AmazonConnectReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": true, "unknown_actions": false, "updatedate": "2019-11-06T22:10:18+00:00", "version": "v3" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonElasticFileSystemClientFullAccess", "createdate": "2020-01-13T16:27:00Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elasticfilesystem:ClientMount", "elasticfilesystem:ClientRootAccess", "elasticfilesystem:ClientWrite", "elasticfilesystem:DescribeMountTargets" ], "malformed": false, "name": "AmazonElasticFileSystemClientFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-01-13T16:27:00+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSCloudFrontLogger", "createdate": "2019-11-22T19:33:51Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "malformed": false, "name": "AWSCloudFrontLogger", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-11-22T19:33:51+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSSavingsPlansFullAccess", "createdate": "2019-11-06T22:45:18Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "savingsplans:CreateSavingsPlan", "savingsplans:DeleteQueuedSavingsPlan", "savingsplans:DescribeSavingsPlanRates", "savingsplans:DescribeSavingsPlans", "savingsplans:DescribeSavingsPlansOfferingRates", "savingsplans:DescribeSavingsPlansOfferings", "savingsplans:ListTagsForResource", "savingsplans:ReturnSavingsPlan", "savingsplans:TagResource", "savingsplans:UntagResource" ], "malformed": false, "name": "AWSSavingsPlansFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-11-06T22:45:18+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSIoTFleetwiseServiceRolePolicy", "createdate": "2022-09-21T23:27:48Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:PutMetricData" ], "malformed": false, "name": "AWSIoTFleetwiseServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-09-21T23:27:48+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonSageMakerPipelinesIntegrations", "createdate": "2023-02-17T21:28:19Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "lambda:CreateFunction", "lambda:DeleteFunction", "lambda:GetFunction", "lambda:InvokeFunction", "lambda:UpdateFunctionCode", "sqs:CreateQueue", "sqs:SendMessage", "iam:PassRole", "events:DescribeRule", "events:PutRule", "events:PutTargets", "elasticmapreduce:AddJobFlowSteps", "elasticmapreduce:CancelSteps", "elasticmapreduce:DescribeStep", "elasticmapreduce:RunJobFlow", "elasticmapreduce:DescribeCluster", "elasticmapreduce:TerminateJobFlows", "elasticmapreduce:ListSteps" ], "malformed": false, "name": "AmazonSageMakerPipelinesIntegrations", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-02-17T21:28:19+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSMarketplaceSellerFullAccess", "createdate": "2024-03-15T16:09:02Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "aws-marketplace-management:uploadFiles", "aws-marketplace-management:viewMarketing", "aws-marketplace-management:viewReports", "aws-marketplace-management:viewSupport", "aws-marketplace-management:viewSettings", "aws-marketplace:ListChangeSets", "aws-marketplace:DescribeChangeSet", "aws-marketplace:StartChangeSet", "aws-marketplace:CancelChangeSet", "aws-marketplace:ListEntities", "aws-marketplace:DescribeEntity", "aws-marketplace:ListTasks", "aws-marketplace:DescribeTask", "aws-marketplace:UpdateTask", "aws-marketplace:CompleteTask", "aws-marketplace:GetSellerDashboard", "ec2:DescribeImages", "ec2:DescribeSnapshots", "ec2:ModifyImageAttribute", "ec2:ModifySnapshotAttribute", "aws-marketplace:SearchAgreements", "aws-marketplace:DescribeAgreement", "aws-marketplace:GetAgreementTerms", "iam:GetRole", "iam:PassRole", "vendor-insights:GetDataSource", "vendor-insights:ListDataSources", "vendor-insights:ListSecurityProfiles", "vendor-insights:GetSecurityProfile", "vendor-insights:GetSecurityProfileSnapshot", "vendor-insights:ListSecurityProfileSnapshots", "aws-marketplace:TagResource", "aws-marketplace:UntagResource", "aws-marketplace:ListTagsForResource", "aws-marketplace-management:GetSellerVerificationDetails", "aws-marketplace-management:PutSellerVerificationDetails", "aws-marketplace-management:GetBankAccountVerificationDetails", "aws-marketplace-management:PutBankAccountVerificationDetails", "aws-marketplace-management:GetSecondaryUserVerificationDetails", "aws-marketplace-management:PutSecondaryUserVerificationDetails", "aws-marketplace-management:GetAdditionalSellerNotificationRecipients", "aws-marketplace-management:PutAdditionalSellerNotificationRecipients", "payments:GetPaymentInstrument", "payments:CreatePaymentInstrument", "tax:GetTaxInterview", "tax:PutTaxInterview", "tax:GetTaxInfoReportingDocument", "support:CreateCase", "aws-marketplace:GetResourcePolicy", "aws-marketplace:PutResourcePolicy", "aws-marketplace:DeleteResourcePolicy", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSMarketplaceSellerFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-15T16:09:02+00:00", "version": "v11" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSDeadlineCloud-UserAccessJobs", "createdate": "2024-04-01T17:05:38Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "identitystore:DescribeGroup", "identitystore:DescribeUser", "identitystore:ListGroupMembershipsForMember", "deadline:GetApplicationVersion", "ec2:DescribeInstanceTypes", "identitystore:ListUsers", "deadline:AssociateMemberToJob", "deadline:DisassociateMemberFromJob", "deadline:AssociateMemberToJob", "deadline:DisassociateMemberFromJob", "deadline:ListJobMembers", "deadline:UpdateJob", "deadline:UpdateSession", "deadline:UpdateStep", "deadline:UpdateTask", "deadline:GetJob", "deadline:GetSession", "deadline:GetSessionAction", "deadline:GetStep", "deadline:GetTask", "deadline:ListSessionActions", "deadline:ListSessions", "deadline:ListStepConsumers", "deadline:ListStepDependencies", "deadline:ListSteps", "deadline:ListTasks", "deadline:SearchSteps", "deadline:SearchTasks", "deadline:ListJobs" ], "malformed": false, "name": "AWSDeadlineCloud-UserAccessJobs", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-01T17:05:38+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingECSServicePolicy", "createdate": "2017-10-25T23:53:08Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ecs:DescribeServices", "ecs:UpdateService", "cloudwatch:PutMetricAlarm", "cloudwatch:DescribeAlarms", "cloudwatch:DeleteAlarms" ], "malformed": false, "name": "AWSApplicationAutoscalingECSServicePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-10-25T23:53:08+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForCodeWhispererPolicy", "createdate": "2024-03-29T22:13:56Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "sso-directory:ListMembersInGroup", "sso:ListProfileAssociations", "sso:ListProfiles", "sso:ListDirectoryAssociations", "sso:DescribeRegisteredRegions", "sso:GetProfile", "sso:GetManagedApplicationInstance", "sso:ListApplicationAssignments", "sso:DescribeInstance", "sso:DescribeApplication", "codeguru-security:CreateUploadUrl", "codeguru-security:CreateScan", "codeguru-security:GetScan", "codeguru-security:ListFindings", "codeguru-security:GetFindings", "cloudwatch:PutMetricData" ], "malformed": false, "name": "AWSServiceRoleForCodeWhispererPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-29T22:13:56+00:00", "version": "v5" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSApplicationMigrationAgentPolicy", "createdate": "2022-09-20T11:13:40Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mgn:SendAgentMetricsForMgn", "mgn:SendAgentLogsForMgn", "mgn:SendClientMetricsForMgn", "mgn:SendClientLogsForMgn", "mgn:RegisterAgentForMgn", "mgn:UpdateAgentSourcePropertiesForMgn", "mgn:UpdateAgentReplicationInfoForMgn", "mgn:UpdateAgentConversionInfoForMgn", "mgn:GetAgentInstallationAssetsForMgn", "mgn:GetAgentCommandForMgn", "mgn:GetAgentConfirmedResumeInfoForMgn", "mgn:GetAgentRuntimeConfigurationForMgn", "mgn:UpdateAgentBacklogForMgn", "mgn:GetAgentReplicationInfoForMgn", "mgn:TagResource" ], "malformed": false, "name": "AWSApplicationMigrationAgentPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-09-20T11:13:40+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging" ], "arn": "arn:aws:iam::aws:policy/AmazonHoneycodeReadOnlyAccess", "createdate": "2020-12-01T17:27:53Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "honeycode:ListDomains", "honeycode:ListGroups", "honeycode:ListTableColumns", "honeycode:ListTableRows", "honeycode:ListTables", "honeycode:ListTagsForResource", "honeycode:ListTeamAssociations", "honeycode:ListTenants", "honeycode:GetScreenData", "honeycode:DescribeTableDataImportJob", "honeycode:DescribeTeam", "honeycode:QueryTableRows" ], "malformed": false, "name": "AmazonHoneycodeReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-01T17:27:53+00:00", "version": "v2" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSRepostSpaceSupportOperationsPolicy", "createdate": "2023-11-26T21:52:15Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "support:AddAttachmentsToSet", "support:AddCommunicationToCase", "support:CreateCase", "support:DescribeCases", "support:DescribeCommunications", "support:ResolveCase" ], "malformed": false, "name": "AWSRepostSpaceSupportOperationsPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-26T21:52:15+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingEMRInstanceGroupPolicy", "createdate": "2017-10-26T00:57:39Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elasticmapreduce:ListInstanceGroups", "elasticmapreduce:ModifyInstanceGroups", "cloudwatch:PutMetricAlarm", "cloudwatch:DescribeAlarms", "cloudwatch:DeleteAlarms" ], "malformed": false, "name": "AWSApplicationAutoscalingEMRInstanceGroupPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-10-26T00:57:39+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/ElementalAppliancesSoftwareFullAccess", "createdate": "2021-02-05T21:01:25Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elemental-appliances-software:CompleteUpload", "elemental-appliances-software:CreateOrderV1", "elemental-appliances-software:CreateQuote", "elemental-appliances-software:GetAvsCorrectAddress", "elemental-appliances-software:GetBillingAddresses", "elemental-appliances-software:GetDeliveryAddressesV2", "elemental-appliances-software:GetOrder", "elemental-appliances-software:GetOrdersV2", "elemental-appliances-software:GetQuote", "elemental-appliances-software:GetTaxes", "elemental-appliances-software:ListQuotes", "elemental-appliances-software:ListTagsForResource", "elemental-appliances-software:StartUpload", "elemental-appliances-software:SubmitOrderV1", "elemental-appliances-software:TagResource", "elemental-appliances-software:UntagResource", "elemental-appliances-software:UpdateQuote", "elemental-activations:CompleteAccountRegistration" ], "malformed": false, "name": "ElementalAppliancesSoftwareFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-02-05T21:01:25+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management", "Unknown" ], "arn": null, "createdate": "2019-07-10T19:27:59Z", "credentials_exposure": true, "data_access": true, "deprecated": true, "effective_action_names": [ "elasticbeanstalk:AbortEnvironmentUpdate", "elasticbeanstalk:AddTags", "elasticbeanstalk:ApplyEnvironmentManagedAction", "elasticbeanstalk:AssociateEnvironmentOperationsRole", "elasticbeanstalk:CheckDNSAvailability", "elasticbeanstalk:ComposeEnvironments", "elasticbeanstalk:CreateApplication", "elasticbeanstalk:CreateApplicationVersion", "elasticbeanstalk:CreateConfigurationTemplate", "elasticbeanstalk:CreateEnvironment", "elasticbeanstalk:CreatePlatformVersion", "elasticbeanstalk:CreateStorageLocation", "elasticbeanstalk:DeleteApplication", "elasticbeanstalk:DeleteApplicationVersion", "elasticbeanstalk:DeleteConfigurationTemplate", "elasticbeanstalk:DeleteEnvironmentConfiguration", "elasticbeanstalk:DeletePlatformVersion", "elasticbeanstalk:DescribeAccountAttributes", "elasticbeanstalk:DescribeApplicationVersions", "elasticbeanstalk:DescribeApplications", "elasticbeanstalk:DescribeConfigurationOptions", "elasticbeanstalk:DescribeConfigurationSettings", "elasticbeanstalk:DescribeEnvironmentHealth", "elasticbeanstalk:DescribeEnvironmentManagedActionHistory", "elasticbeanstalk:DescribeEnvironmentManagedActions", "elasticbeanstalk:DescribeEnvironmentResources", "elasticbeanstalk:DescribeEnvironments", "elasticbeanstalk:DescribeEvents", "elasticbeanstalk:DescribeInstancesHealth", "elasticbeanstalk:DescribePlatformVersion", "elasticbeanstalk:DisassociateEnvironmentOperationsRole", "elasticbeanstalk:ListAvailableSolutionStacks", "elasticbeanstalk:ListPlatformBranches", "elasticbeanstalk:ListPlatformVersions", "elasticbeanstalk:ListTagsForResource", "elasticbeanstalk:PutInstanceStatistics", "elasticbeanstalk:RebuildEnvironment", "elasticbeanstalk:RemoveTags", "elasticbeanstalk:RequestEnvironmentInfo", "elasticbeanstalk:RestartAppServer", "elasticbeanstalk:RetrieveEnvironmentInfo", "elasticbeanstalk:SwapEnvironmentCNAMEs", "elasticbeanstalk:TerminateEnvironment", "elasticbeanstalk:UpdateApplication", "elasticbeanstalk:UpdateApplicationResourceLifecycle", "elasticbeanstalk:UpdateApplicationVersion", "elasticbeanstalk:UpdateConfigurationTemplate", "elasticbeanstalk:UpdateEnvironment", "elasticbeanstalk:UpdateTagsForResource", "elasticbeanstalk:ValidateConfigurationSettings", "ec2:AcceptAddressTransfer", "ec2:AcceptReservedInstancesExchangeQuote", "ec2:AcceptTransitGatewayMulticastDomainAssociations", "ec2:AcceptTransitGatewayPeeringAttachment", "ec2:AcceptTransitGatewayVpcAttachment", "ec2:AcceptVpcEndpointConnections", "ec2:AcceptVpcPeeringConnection", "ec2:AdvertiseByoipCidr", "ec2:AllocateAddress", "ec2:AllocateHosts", "ec2:AllocateIpamPoolCidr", "ec2:ApplySecurityGroupsToClientVpnTargetNetwork", "ec2:AssignIpv6Addresses", "ec2:AssignPrivateIpAddresses", "ec2:AssignPrivateNatGatewayAddress", "ec2:AssociateAddress", "ec2:AssociateClientVpnTargetNetwork", "ec2:AssociateDhcpOptions", "ec2:AssociateEnclaveCertificateIamRole", "ec2:AssociateIamInstanceProfile", "ec2:AssociateInstanceEventWindow", "ec2:AssociateIpamByoasn", "ec2:AssociateIpamResourceDiscovery", "ec2:AssociateNatGatewayAddress", "ec2:AssociateRouteTable", "ec2:AssociateSubnetCidrBlock", "ec2:AssociateTransitGatewayMulticastDomain", "ec2:AssociateTransitGatewayPolicyTable", "ec2:AssociateTransitGatewayRouteTable", "ec2:AssociateTrunkInterface", "ec2:AssociateVerifiedAccessInstanceWebAcl", "ec2:AssociateVpcCidrBlock", "ec2:AttachClassicLinkVpc", "ec2:AttachInternetGateway", "ec2:AttachNetworkInterface", "ec2:AttachVerifiedAccessTrustProvider", "ec2:AttachVolume", "ec2:AttachVpnGateway", "ec2:AuthorizeClientVpnIngress", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:BundleInstance", "ec2:CancelBundleTask", "ec2:CancelCapacityReservation", "ec2:CancelCapacityReservationFleets", "ec2:CancelConversionTask", "ec2:CancelExportTask", "ec2:CancelImageLaunchPermission", "ec2:CancelImportTask", "ec2:CancelReservedInstancesListing", "ec2:CancelSpotFleetRequests", "ec2:CancelSpotInstanceRequests", "ec2:ConfirmProductInstance", "ec2:CopyFpgaImage", "ec2:CopyImage", "ec2:CopySnapshot", "ec2:CreateCapacityReservation", "ec2:CreateCapacityReservationFleet", "ec2:CreateCarrierGateway", "ec2:CreateClientVpnEndpoint", "ec2:CreateClientVpnRoute", "ec2:CreateCoipCidr", "ec2:CreateCoipPool", "ec2:CreateCoipPoolPermission", "ec2:CreateCustomerGateway", "ec2:CreateDefaultSubnet", "ec2:CreateDefaultVpc", "ec2:CreateDhcpOptions", "ec2:CreateEgressOnlyInternetGateway", "ec2:CreateFleet", "ec2:CreateFlowLogs", "ec2:CreateFpgaImage", "ec2:CreateImage", "ec2:CreateInstanceConnectEndpoint", "ec2:CreateInstanceEventWindow", "ec2:CreateInstanceExportTask", "ec2:CreateInternetGateway", "ec2:CreateIpam", "ec2:CreateIpamPool", "ec2:CreateIpamResourceDiscovery", "ec2:CreateIpamScope", "ec2:CreateKeyPair", "ec2:CreateLaunchTemplate", "ec2:CreateLaunchTemplateVersion", "ec2:CreateLocalGatewayRoute", "ec2:CreateLocalGatewayRouteTable", "ec2:CreateLocalGatewayRouteTablePermission", "ec2:CreateLocalGatewayRouteTableVirtualInterfaceGroupAssociation", "ec2:CreateLocalGatewayRouteTableVpcAssociation", "ec2:CreateManagedPrefixList", "ec2:CreateNatGateway", "ec2:CreateNetworkAcl", "ec2:CreateNetworkAclEntry", "ec2:CreateNetworkInsightsAccessScope", "ec2:CreateNetworkInsightsPath", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:CreatePlacementGroup", "ec2:CreatePublicIpv4Pool", "ec2:CreateReplaceRootVolumeTask", "ec2:CreateReservedInstancesListing", "ec2:CreateRestoreImageTask", "ec2:CreateRoute", "ec2:CreateRouteTable", "ec2:CreateSecurityGroup", "ec2:CreateSnapshot", "ec2:CreateSnapshots", "ec2:CreateSpotDatafeedSubscription", "ec2:CreateStoreImageTask", "ec2:CreateSubnet", "ec2:CreateSubnetCidrReservation", "ec2:CreateTags", "ec2:CreateTrafficMirrorFilter", "ec2:CreateTrafficMirrorFilterRule", "ec2:CreateTrafficMirrorSession", "ec2:CreateTrafficMirrorTarget", "ec2:CreateTransitGateway", "ec2:CreateTransitGatewayConnect", "ec2:CreateTransitGatewayConnectPeer", "ec2:CreateTransitGatewayMulticastDomain", "ec2:CreateTransitGatewayPeeringAttachment", "ec2:CreateTransitGatewayPolicyTable", "ec2:CreateTransitGatewayPrefixListReference", "ec2:CreateTransitGatewayRoute", "ec2:CreateTransitGatewayRouteTable", "ec2:CreateTransitGatewayRouteTableAnnouncement", "ec2:CreateTransitGatewayVpcAttachment", "ec2:CreateVerifiedAccessEndpoint", "ec2:CreateVerifiedAccessGroup", "ec2:CreateVerifiedAccessInstance", "ec2:CreateVerifiedAccessTrustProvider", "ec2:CreateVolume", "ec2:CreateVpc", "ec2:CreateVpcEndpoint", "ec2:CreateVpcEndpointConnectionNotification", "ec2:CreateVpcEndpointServiceConfiguration", "ec2:CreateVpcPeeringConnection", "ec2:CreateVpnConnection", "ec2:CreateVpnConnectionRoute", "ec2:CreateVpnGateway", "ec2:DeleteCarrierGateway", "ec2:DeleteClientVpnEndpoint", "ec2:DeleteClientVpnRoute", "ec2:DeleteCoipCidr", "ec2:DeleteCoipPool", "ec2:DeleteCoipPoolPermission", "ec2:DeleteCustomerGateway", "ec2:DeleteDhcpOptions", "ec2:DeleteEgressOnlyInternetGateway", "ec2:DeleteFleets", "ec2:DeleteFlowLogs", "ec2:DeleteFpgaImage", "ec2:DeleteInstanceConnectEndpoint", "ec2:DeleteInstanceEventWindow", "ec2:DeleteInternetGateway", "ec2:DeleteIpam", "ec2:DeleteIpamPool", "ec2:DeleteIpamResourceDiscovery", "ec2:DeleteIpamScope", "ec2:DeleteKeyPair", "ec2:DeleteLaunchTemplate", "ec2:DeleteLaunchTemplateVersions", "ec2:DeleteLocalGatewayRoute", "ec2:DeleteLocalGatewayRouteTable", "ec2:DeleteLocalGatewayRouteTablePermission", "ec2:DeleteLocalGatewayRouteTableVirtualInterfaceGroupAssociation", "ec2:DeleteLocalGatewayRouteTableVpcAssociation", "ec2:DeleteManagedPrefixList", "ec2:DeleteNatGateway", "ec2:DeleteNetworkAcl", "ec2:DeleteNetworkAclEntry", "ec2:DeleteNetworkInsightsAccessScope", "ec2:DeleteNetworkInsightsAccessScopeAnalysis", "ec2:DeleteNetworkInsightsAnalysis", "ec2:DeleteNetworkInsightsPath", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DeletePlacementGroup", "ec2:DeletePublicIpv4Pool", "ec2:DeleteQueuedReservedInstances", "ec2:DeleteResourcePolicy", "ec2:DeleteRoute", "ec2:DeleteRouteTable", "ec2:DeleteSecurityGroup", "ec2:DeleteSnapshot", "ec2:DeleteSpotDatafeedSubscription", "ec2:DeleteSubnet", "ec2:DeleteSubnetCidrReservation", "ec2:DeleteTags", "ec2:DeleteTrafficMirrorFilter", "ec2:DeleteTrafficMirrorFilterRule", "ec2:DeleteTrafficMirrorSession", "ec2:DeleteTrafficMirrorTarget", "ec2:DeleteTransitGateway", "ec2:DeleteTransitGatewayConnect", "ec2:DeleteTransitGatewayConnectPeer", "ec2:DeleteTransitGatewayMulticastDomain", "ec2:DeleteTransitGatewayPeeringAttachment", "ec2:DeleteTransitGatewayPolicyTable", "ec2:DeleteTransitGatewayPrefixListReference", "ec2:DeleteTransitGatewayRoute", "ec2:DeleteTransitGatewayRouteTable", "ec2:DeleteTransitGatewayRouteTableAnnouncement", "ec2:DeleteTransitGatewayVpcAttachment", "ec2:DeleteVerifiedAccessEndpoint", "ec2:DeleteVerifiedAccessGroup", "ec2:DeleteVerifiedAccessInstance", "ec2:DeleteVerifiedAccessTrustProvider", "ec2:DeleteVolume", "ec2:DeleteVpc", "ec2:DeleteVpcEndpointConnectionNotifications", "ec2:DeleteVpcEndpointServiceConfigurations", "ec2:DeleteVpcEndpoints", "ec2:DeleteVpcPeeringConnection", "ec2:DeleteVpnConnection", "ec2:DeleteVpnConnectionRoute", "ec2:DeleteVpnGateway", "ec2:DeprovisionByoipCidr", "ec2:DeprovisionIpamByoasn", "ec2:DeprovisionIpamPoolCidr", "ec2:DeprovisionPublicIpv4PoolCidr", "ec2:DeregisterImage", "ec2:DeregisterInstanceEventNotificationAttributes", "ec2:DeregisterTransitGatewayMulticastGroupMembers", "ec2:DeregisterTransitGatewayMulticastGroupSources", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:DetachClassicLinkVpc", "ec2:DetachInternetGateway", "ec2:DetachNetworkInterface", "ec2:DetachVerifiedAccessTrustProvider", "ec2:DetachVolume", "ec2:DetachVpnGateway", "ec2:DisableAddressTransfer", "ec2:DisableAwsNetworkPerformanceMetricSubscription", "ec2:DisableEbsEncryptionByDefault", "ec2:DisableFastLaunch", "ec2:DisableFastSnapshotRestores", "ec2:DisableImage", "ec2:DisableImageBlockPublicAccess", "ec2:DisableImageDeprecation", "ec2:DisableIpamOrganizationAdminAccount", "ec2:DisableSerialConsoleAccess", "ec2:DisableSnapshotBlockPublicAccess", "ec2:DisableTransitGatewayRouteTablePropagation", "ec2:DisableVgwRoutePropagation", "ec2:DisableVpcClassicLink", "ec2:DisableVpcClassicLinkDnsSupport", "ec2:DisassociateAddress", "ec2:DisassociateClientVpnTargetNetwork", "ec2:DisassociateEnclaveCertificateIamRole", "ec2:DisassociateIamInstanceProfile", "ec2:DisassociateInstanceEventWindow", "ec2:DisassociateIpamByoasn", "ec2:DisassociateIpamResourceDiscovery", "ec2:DisassociateNatGatewayAddress", "ec2:DisassociateRouteTable", "ec2:DisassociateSubnetCidrBlock", "ec2:DisassociateTransitGatewayMulticastDomain", "ec2:DisassociateTransitGatewayPolicyTable", "ec2:DisassociateTransitGatewayRouteTable", "ec2:DisassociateTrunkInterface", "ec2:DisassociateVerifiedAccessInstanceWebAcl", "ec2:DisassociateVpcCidrBlock", "ec2:EnableAddressTransfer", "ec2:EnableAwsNetworkPerformanceMetricSubscription", "ec2:EnableEbsEncryptionByDefault", "ec2:EnableFastLaunch", "ec2:EnableFastSnapshotRestores", "ec2:EnableImage", "ec2:EnableImageBlockPublicAccess", "ec2:EnableImageDeprecation", "ec2:EnableIpamOrganizationAdminAccount", "ec2:EnableReachabilityAnalyzerOrganizationSharing", "ec2:EnableSerialConsoleAccess", "ec2:EnableSnapshotBlockPublicAccess", "ec2:EnableTransitGatewayRouteTablePropagation", "ec2:EnableVgwRoutePropagation", "ec2:EnableVolumeIO", "ec2:EnableVpcClassicLink", "ec2:EnableVpcClassicLinkDnsSupport", "ec2:ExportClientVpnClientCertificateRevocationList", "ec2:ExportClientVpnClientConfiguration", "ec2:ExportImage", "ec2:ExportTransitGatewayRoutes", "ec2:GetAssociatedEnclaveCertificateIamRoles", "ec2:GetAssociatedIpv6PoolCidrs", "ec2:GetAwsNetworkPerformanceData", "ec2:GetCapacityReservationUsage", "ec2:GetCoipPoolUsage", "ec2:GetConsoleOutput", "ec2:GetConsoleScreenshot", "ec2:GetDefaultCreditSpecification", "ec2:GetEbsDefaultKmsKeyId", "ec2:GetEbsEncryptionByDefault", "ec2:GetFlowLogsIntegrationTemplate", "ec2:GetGroupsForCapacityReservation", "ec2:GetHostReservationPurchasePreview", "ec2:GetImageBlockPublicAccessState", "ec2:GetInstanceMetadataDefaults", "ec2:GetInstanceTypesFromInstanceRequirements", "ec2:GetInstanceUefiData", "ec2:GetIpamAddressHistory", "ec2:GetIpamDiscoveredAccounts", "ec2:GetIpamDiscoveredPublicAddresses", "ec2:GetIpamDiscoveredResourceCidrs", "ec2:GetIpamPoolAllocations", "ec2:GetIpamPoolCidrs", "ec2:GetIpamResourceCidrs", "ec2:GetLaunchTemplateData", "ec2:GetManagedPrefixListAssociations", "ec2:GetManagedPrefixListEntries", "ec2:GetNetworkInsightsAccessScopeAnalysisFindings", "ec2:GetNetworkInsightsAccessScopeContent", "ec2:GetPasswordData", "ec2:GetReservedInstancesExchangeQuote", "ec2:GetResourcePolicy", "ec2:GetSecurityGroupsForVpc", "ec2:GetSerialConsoleAccessStatus", "ec2:GetSnapshotBlockPublicAccessState", "ec2:GetSpotPlacementScores", "ec2:GetSubnetCidrReservations", "ec2:GetTransitGatewayAttachmentPropagations", "ec2:GetTransitGatewayMulticastDomainAssociations", "ec2:GetTransitGatewayPolicyTableAssociations", "ec2:GetTransitGatewayPolicyTableEntries", "ec2:GetTransitGatewayPrefixListReferences", "ec2:GetTransitGatewayRouteTableAssociations", "ec2:GetTransitGatewayRouteTablePropagations", "ec2:GetVerifiedAccessEndpointPolicy", "ec2:GetVerifiedAccessGroupPolicy", "ec2:GetVerifiedAccessInstanceWebAcl", "ec2:GetVpnConnectionDeviceSampleConfiguration", "ec2:GetVpnConnectionDeviceTypes", "ec2:GetVpnTunnelReplacementStatus", "ec2:ImportByoipCidrToIpam", "ec2:ImportClientVpnClientCertificateRevocationList", "ec2:ImportImage", "ec2:ImportInstance", "ec2:ImportKeyPair", "ec2:ImportSnapshot", "ec2:ImportVolume", "ec2:InjectApiError", "ec2:ListImagesInRecycleBin", "ec2:ListSnapshotsInRecycleBin", "ec2:LockSnapshot", "ec2:ModifyAddressAttribute", "ec2:ModifyAvailabilityZoneGroup", "ec2:ModifyCapacityReservation", "ec2:ModifyCapacityReservationFleet", "ec2:ModifyClientVpnEndpoint", "ec2:ModifyDefaultCreditSpecification", "ec2:ModifyEbsDefaultKmsKeyId", "ec2:ModifyFleet", "ec2:ModifyFpgaImageAttribute", "ec2:ModifyHosts", "ec2:ModifyIdFormat", "ec2:ModifyIdentityIdFormat", "ec2:ModifyImageAttribute", "ec2:ModifyInstanceAttribute", "ec2:ModifyInstanceCapacityReservationAttributes", "ec2:ModifyInstanceCreditSpecification", "ec2:ModifyInstanceEventStartTime", "ec2:ModifyInstanceEventWindow", "ec2:ModifyInstanceMaintenanceOptions", "ec2:ModifyInstanceMetadataDefaults", "ec2:ModifyInstanceMetadataOptions", "ec2:ModifyInstancePlacement", "ec2:ModifyIpam", "ec2:ModifyIpamPool", "ec2:ModifyIpamResourceCidr", "ec2:ModifyIpamResourceDiscovery", "ec2:ModifyIpamScope", "ec2:ModifyLaunchTemplate", "ec2:ModifyLocalGatewayRoute", "ec2:ModifyManagedPrefixList", "ec2:ModifyNetworkInterfaceAttribute", "ec2:ModifyPrivateDnsNameOptions", "ec2:ModifyReservedInstances", "ec2:ModifySecurityGroupRules", "ec2:ModifySnapshotAttribute", "ec2:ModifySnapshotTier", "ec2:ModifySpotFleetRequest", "ec2:ModifySubnetAttribute", "ec2:ModifyTrafficMirrorFilterNetworkServices", "ec2:ModifyTrafficMirrorFilterRule", "ec2:ModifyTrafficMirrorSession", "ec2:ModifyTransitGateway", "ec2:ModifyTransitGatewayPrefixListReference", "ec2:ModifyTransitGatewayVpcAttachment", "ec2:ModifyVerifiedAccessEndpoint", "ec2:ModifyVerifiedAccessEndpointPolicy", "ec2:ModifyVerifiedAccessGroup", "ec2:ModifyVerifiedAccessGroupPolicy", "ec2:ModifyVerifiedAccessInstance", "ec2:ModifyVerifiedAccessInstanceLoggingConfiguration", "ec2:ModifyVerifiedAccessTrustProvider", "ec2:ModifyVolume", "ec2:ModifyVolumeAttribute", "ec2:ModifyVpcAttribute", "ec2:ModifyVpcEndpoint", "ec2:ModifyVpcEndpointConnectionNotification", "ec2:ModifyVpcEndpointServiceConfiguration", "ec2:ModifyVpcEndpointServicePayerResponsibility", "ec2:ModifyVpcEndpointServicePermissions", "ec2:ModifyVpcPeeringConnectionOptions", "ec2:ModifyVpcTenancy", "ec2:ModifyVpnConnection", "ec2:ModifyVpnConnectionOptions", "ec2:ModifyVpnTunnelCertificate", "ec2:ModifyVpnTunnelOptions", "ec2:MonitorInstances", "ec2:MoveAddressToVpc", "ec2:MoveByoipCidrToIpam", "ec2:PauseVolumeIO", "ec2:ProvisionByoipCidr", "ec2:ProvisionIpamByoasn", "ec2:ProvisionIpamPoolCidr", "ec2:ProvisionPublicIpv4PoolCidr", "ec2:PurchaseCapacityBlock", "ec2:PurchaseHostReservation", "ec2:PurchaseReservedInstancesOffering", "ec2:PurchaseScheduledInstances", "ec2:PutResourcePolicy", "ec2:RebootInstances", "ec2:RegisterImage", "ec2:RegisterInstanceEventNotificationAttributes", "ec2:RegisterTransitGatewayMulticastGroupMembers", "ec2:RegisterTransitGatewayMulticastGroupSources", "ec2:RejectTransitGatewayMulticastDomainAssociations", "ec2:RejectTransitGatewayPeeringAttachment", "ec2:RejectTransitGatewayVpcAttachment", "ec2:RejectVpcEndpointConnections", "ec2:RejectVpcPeeringConnection", "ec2:ReleaseAddress", "ec2:ReleaseHosts", "ec2:ReleaseIpamPoolAllocation", "ec2:ReplaceIamInstanceProfileAssociation", "ec2:ReplaceNetworkAclAssociation", "ec2:ReplaceNetworkAclEntry", "ec2:ReplaceRoute", "ec2:ReplaceRouteTableAssociation", "ec2:ReplaceTransitGatewayRoute", "ec2:ReplaceVpnTunnel", "ec2:ReportInstanceStatus", "ec2:RequestSpotFleet", "ec2:RequestSpotInstances", "ec2:ResetAddressAttribute", "ec2:ResetEbsDefaultKmsKeyId", "ec2:ResetFpgaImageAttribute", "ec2:ResetImageAttribute", "ec2:ResetInstanceAttribute", "ec2:ResetNetworkInterfaceAttribute", "ec2:ResetSnapshotAttribute", "ec2:RestoreAddressToClassic", "ec2:RestoreImageFromRecycleBin", "ec2:RestoreManagedPrefixListVersion", "ec2:RestoreSnapshotFromRecycleBin", "ec2:RestoreSnapshotTier", "ec2:RevokeClientVpnIngress", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:RunInstances", "ec2:RunScheduledInstances", "ec2:SearchLocalGatewayRoutes", "ec2:SearchTransitGatewayMulticastGroups", "ec2:SearchTransitGatewayRoutes", "ec2:SendDiagnosticInterrupt", "ec2:SendSpotInstanceInterruptions", "ec2:StartInstances", "ec2:StartNetworkInsightsAccessScopeAnalysis", "ec2:StartNetworkInsightsAnalysis", "ec2:StartVpcEndpointServicePrivateDnsVerification", "ec2:StopInstances", "ec2:TerminateClientVpnConnections", "ec2:TerminateInstances", "ec2:UnassignIpv6Addresses", "ec2:UnassignPrivateIpAddresses", "ec2:UnassignPrivateNatGatewayAddress", "ec2:UnlockSnapshot", "ec2:UnmonitorInstances", "ec2:UpdateSecurityGroupRuleDescriptionsEgress", "ec2:UpdateSecurityGroupRuleDescriptionsIngress", "ec2:WithdrawByoipCidr", "ecs:CreateCapacityProvider", "ecs:CreateCluster", "ecs:CreateService", "ecs:CreateTaskSet", "ecs:DeleteAccountSetting", "ecs:DeleteAttributes", "ecs:DeleteCapacityProvider", "ecs:DeleteCluster", "ecs:DeleteService", "ecs:DeleteTaskDefinitions", "ecs:DeleteTaskSet", "ecs:DeregisterContainerInstance", "ecs:DeregisterTaskDefinition", "ecs:DescribeCapacityProviders", "ecs:DescribeClusters", "ecs:DescribeContainerInstances", "ecs:DescribeServices", "ecs:DescribeTaskDefinition", "ecs:DescribeTaskSets", "ecs:DescribeTasks", "ecs:DiscoverPollEndpoint", "ecs:ExecuteCommand", "ecs:GetTaskProtection", "ecs:ListAccountSettings", "ecs:ListAttributes", "ecs:ListClusters", "ecs:ListContainerInstances", "ecs:ListServices", "ecs:ListServicesByNamespace", "ecs:ListTagsForResource", "ecs:ListTaskDefinitionFamilies", "ecs:ListTaskDefinitions", "ecs:ListTasks", "ecs:Poll", "ecs:PutAccountSetting", "ecs:PutAccountSettingDefault", "ecs:PutAttributes", "ecs:PutClusterCapacityProviders", "ecs:RegisterContainerInstance", "ecs:RegisterTaskDefinition", "ecs:RunTask", "ecs:StartTask", "ecs:StartTelemetrySession", "ecs:StopTask", "ecs:SubmitAttachmentStateChanges", "ecs:SubmitContainerStateChange", "ecs:SubmitTaskStateChange", "ecs:TagResource", "ecs:UntagResource", "ecs:UpdateCapacityProvider", "ecs:UpdateCluster", "ecs:UpdateClusterSettings", "ecs:UpdateContainerAgent", "ecs:UpdateContainerInstancesState", "ecs:UpdateService", "ecs:UpdateServicePrimaryTaskSet", "ecs:UpdateTaskProtection", "ecs:UpdateTaskSet", "ecr:BatchCheckLayerAvailability", "ecr:BatchDeleteImage", "ecr:BatchGetImage", "ecr:BatchGetRepositoryScanningConfiguration", "ecr:BatchImportUpstreamImage", "ecr:CompleteLayerUpload", "ecr:CreatePullThroughCacheRule", "ecr:CreateRepository", "ecr:CreateRepositoryCreationTemplate", "ecr:DeleteLifecyclePolicy", "ecr:DeletePullThroughCacheRule", "ecr:DeleteRegistryPolicy", "ecr:DeleteRepository", "ecr:DeleteRepositoryCreationTemplate", "ecr:DeleteRepositoryPolicy", "ecr:DescribeImageReplicationStatus", "ecr:DescribeImageScanFindings", "ecr:DescribeImages", "ecr:DescribePullThroughCacheRules", "ecr:DescribeRegistry", "ecr:DescribeRepositories", "ecr:DescribeRepositoryCreationTemplate", "ecr:GetAuthorizationToken", "ecr:GetDownloadUrlForLayer", "ecr:GetLifecyclePolicy", "ecr:GetLifecyclePolicyPreview", "ecr:GetRegistryPolicy", "ecr:GetRegistryScanningConfiguration", "ecr:GetRepositoryPolicy", "ecr:InitiateLayerUpload", "ecr:ListImages", "ecr:ListTagsForResource", "ecr:PutImage", "ecr:PutImageScanningConfiguration", "ecr:PutImageTagMutability", "ecr:PutLifecyclePolicy", "ecr:PutRegistryPolicy", "ecr:PutRegistryScanningConfiguration", "ecr:PutReplicationConfiguration", "ecr:ReplicateImage", "ecr:SetRepositoryPolicy", "ecr:StartImageScan", "ecr:StartLifecyclePolicyPreview", "ecr:TagResource", "ecr:UntagResource", "ecr:UpdatePullThroughCacheRule", "ecr:UploadLayerPart", "ecr:ValidatePullThroughCacheRule", "elasticloadbalancing:AddTags", "elasticloadbalancing:ApplySecurityGroupsToLoadBalancer", "elasticloadbalancing:AttachLoadBalancerToSubnets", "elasticloadbalancing:ConfigureHealthCheck", "elasticloadbalancing:CreateAppCookieStickinessPolicy", "elasticloadbalancing:CreateLBCookieStickinessPolicy", "elasticloadbalancing:CreateLoadBalancer", "elasticloadbalancing:CreateLoadBalancerListeners", "elasticloadbalancing:CreateLoadBalancerPolicy", "elasticloadbalancing:DeleteLoadBalancer", "elasticloadbalancing:DeleteLoadBalancerListeners", "elasticloadbalancing:DeleteLoadBalancerPolicy", "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DetachLoadBalancerFromSubnets", "elasticloadbalancing:DisableAvailabilityZonesForLoadBalancer", "elasticloadbalancing:EnableAvailabilityZonesForLoadBalancer", "elasticloadbalancing:ModifyLoadBalancerAttributes", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:RemoveTags", "elasticloadbalancing:SetLoadBalancerListenerSSLCertificate", "elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer", "elasticloadbalancing:SetLoadBalancerPoliciesOfListener", "elasticloadbalancing:AddListenerCertificates", "elasticloadbalancing:AddTrustStoreRevocations", "elasticloadbalancing:CreateListener", "elasticloadbalancing:CreateRule", "elasticloadbalancing:CreateTargetGroup", "elasticloadbalancing:CreateTrustStore", "elasticloadbalancing:DeleteListener", "elasticloadbalancing:DeleteRule", "elasticloadbalancing:DeleteTargetGroup", "elasticloadbalancing:DeleteTrustStore", "elasticloadbalancing:DeregisterTargets", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "elasticloadbalancing:GetTrustStoreCaCertificatesBundle", "elasticloadbalancing:GetTrustStoreRevocationContent", "elasticloadbalancing:ModifyListener", "elasticloadbalancing:ModifyRule", "elasticloadbalancing:ModifyTargetGroup", "elasticloadbalancing:ModifyTargetGroupAttributes", "elasticloadbalancing:ModifyTrustStore", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:RemoveListenerCertificates", "elasticloadbalancing:RemoveTrustStoreRevocations", "elasticloadbalancing:SetIpAddressType", "elasticloadbalancing:SetRulePriorities", "elasticloadbalancing:SetSecurityGroups", "elasticloadbalancing:SetSubnets", "elasticloadbalancing:SetWebAcl", "autoscaling:AttachInstances", "autoscaling:AttachLoadBalancerTargetGroups", "autoscaling:AttachLoadBalancers", "autoscaling:AttachTrafficSources", "autoscaling:BatchDeleteScheduledAction", "autoscaling:BatchPutScheduledUpdateGroupAction", "autoscaling:CancelInstanceRefresh", "autoscaling:CompleteLifecycleAction", "autoscaling:CreateAutoScalingGroup", "autoscaling:CreateLaunchConfiguration", "autoscaling:CreateOrUpdateTags", "autoscaling:DeleteAutoScalingGroup", "autoscaling:DeleteLaunchConfiguration", "autoscaling:DeleteLifecycleHook", "autoscaling:DeleteNotificationConfiguration", "autoscaling:DeletePolicy", "autoscaling:DeleteScheduledAction", "autoscaling:DeleteTags", "autoscaling:DeleteWarmPool", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "autoscaling:DetachInstances", "autoscaling:DetachLoadBalancerTargetGroups", "autoscaling:DetachLoadBalancers", "autoscaling:DetachTrafficSources", "autoscaling:DisableMetricsCollection", "autoscaling:EnableMetricsCollection", "autoscaling:EnterStandby", "autoscaling:ExecutePolicy", "autoscaling:ExitStandby", "autoscaling:GetPredictiveScalingForecast", "autoscaling:PutLifecycleHook", "autoscaling:PutNotificationConfiguration", "autoscaling:PutScalingPolicy", "autoscaling:PutScheduledUpdateGroupAction", "autoscaling:PutWarmPool", "autoscaling:RecordLifecycleActionHeartbeat", "autoscaling:ResumeProcesses", "autoscaling:RollbackInstanceRefresh", "autoscaling:SetDesiredCapacity", "autoscaling:SetInstanceHealth", "autoscaling:SetInstanceProtection", "autoscaling:StartInstanceRefresh", "autoscaling:SuspendProcesses", "autoscaling:TerminateInstanceInAutoScalingGroup", "autoscaling:UpdateAutoScalingGroup", "cloudwatch:BatchGetServiceLevelIndicatorReport", "cloudwatch:BatchGetServiceLevelObjectiveBudgetReport", "cloudwatch:CreateServiceLevelObjective", "cloudwatch:DeleteAlarms", "cloudwatch:DeleteAnomalyDetector", "cloudwatch:DeleteDashboards", "cloudwatch:DeleteInsightRules", "cloudwatch:DeleteMetricStream", "cloudwatch:DeleteServiceLevelObjective", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:DisableAlarmActions", "cloudwatch:DisableInsightRules", "cloudwatch:EnableAlarmActions", "cloudwatch:EnableInsightRules", "cloudwatch:EnableTopologyDiscovery", "cloudwatch:GenerateQuery", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:Link", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "cloudwatch:PutAnomalyDetector", "cloudwatch:PutCompositeAlarm", "cloudwatch:PutDashboard", "cloudwatch:PutInsightRule", "cloudwatch:PutManagedInsightRules", "cloudwatch:PutMetricAlarm", "cloudwatch:PutMetricData", "cloudwatch:PutMetricStream", "cloudwatch:SetAlarmState", "cloudwatch:StartMetricStreams", "cloudwatch:StopMetricStreams", "cloudwatch:TagResource", "cloudwatch:UntagResource", "cloudwatch:UpdateServiceLevelObjective", "s3:AbortMultipartUpload", "s3:AssociateAccessGrantsIdentityCenter", "s3:BypassGovernanceRetention", "s3:CreateAccessGrant", "s3:CreateAccessGrantsInstance", "s3:CreateAccessGrantsLocation", "s3:CreateAccessPoint", "s3:CreateAccessPointForObjectLambda", "s3:CreateBucket", "s3:CreateJob", "s3:CreateMultiRegionAccessPoint", "s3:CreateStorageLensGroup", "s3:DeleteAccessGrant", "s3:DeleteAccessGrantsInstance", "s3:DeleteAccessGrantsInstanceResourcePolicy", "s3:DeleteAccessGrantsLocation", "s3:DeleteAccessPoint", "s3:DeleteAccessPointForObjectLambda", "s3:DeleteAccessPointPolicy", "s3:DeleteAccessPointPolicyForObjectLambda", "s3:DeleteBucket", "s3:DeleteBucketPolicy", "s3:DeleteBucketWebsite", "s3:DeleteIntelligentTieringConfiguration", "s3:DeleteJobTagging", "s3:DeleteMultiRegionAccessPoint", "s3:DeleteObject", "s3:DeleteObjectTagging", "s3:DeleteObjectVersion", "s3:DeleteObjectVersionTagging", "s3:DeleteStorageLensConfiguration", "s3:DeleteStorageLensConfigurationTagging", "s3:DeleteStorageLensGroup", "s3:DescribeJob", "s3:DescribeMultiRegionAccessPointOperation", "s3:DissociateAccessGrantsIdentityCenter", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:InitiateReplication", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:ObjectOwnerOverrideToBucketOwner", "s3:PutAccelerateConfiguration", "s3:PutAccessGrantsInstanceResourcePolicy", "s3:PutAccessPointConfigurationForObjectLambda", "s3:PutAccessPointPolicy", "s3:PutAccessPointPolicyForObjectLambda", "s3:PutAccessPointPublicAccessBlock", "s3:PutAccountPublicAccessBlock", "s3:PutAnalyticsConfiguration", "s3:PutBucketAcl", "s3:PutBucketCORS", "s3:PutBucketLogging", "s3:PutBucketNotification", "s3:PutBucketObjectLockConfiguration", "s3:PutBucketOwnershipControls", "s3:PutBucketPolicy", "s3:PutBucketPublicAccessBlock", "s3:PutBucketRequestPayment", "s3:PutBucketTagging", "s3:PutBucketVersioning", "s3:PutBucketWebsite", "s3:PutEncryptionConfiguration", "s3:PutIntelligentTieringConfiguration", "s3:PutInventoryConfiguration", "s3:PutJobTagging", "s3:PutLifecycleConfiguration", "s3:PutMetricsConfiguration", "s3:PutMultiRegionAccessPointPolicy", "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionAcl", "s3:PutObjectVersionTagging", "s3:PutReplicationConfiguration", "s3:PutStorageLensConfiguration", "s3:PutStorageLensConfigurationTagging", "s3:ReplicateDelete", "s3:ReplicateObject", "s3:ReplicateTags", "s3:RestoreObject", "s3:SubmitMultiRegionAccessPointRoutes", "s3:TagResource", "s3:UntagResource", "s3:UpdateAccessGrantsLocation", "s3:UpdateJobPriority", "s3:UpdateJobStatus", "s3:UpdateStorageLensGroup", "sns:AddPermission", "sns:CheckIfPhoneNumberIsOptedOut", "sns:ConfirmSubscription", "sns:CreatePlatformApplication", "sns:CreatePlatformEndpoint", "sns:CreateSMSSandboxPhoneNumber", "sns:CreateTopic", "sns:DeleteEndpoint", "sns:DeletePlatformApplication", "sns:DeleteSMSSandboxPhoneNumber", "sns:DeleteTopic", "sns:GetDataProtectionPolicy", "sns:GetEndpointAttributes", "sns:GetPlatformApplicationAttributes", "sns:GetSMSAttributes", "sns:GetSMSSandboxAccountStatus", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:ListEndpointsByPlatformApplication", "sns:ListOriginationNumbers", "sns:ListPhoneNumbersOptedOut", "sns:ListPlatformApplications", "sns:ListSMSSandboxPhoneNumbers", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "sns:OptInPhoneNumber", "sns:Publish", "sns:PutDataProtectionPolicy", "sns:RemovePermission", "sns:SetEndpointAttributes", "sns:SetPlatformApplicationAttributes", "sns:SetSMSAttributes", "sns:SetSubscriptionAttributes", "sns:SetTopicAttributes", "sns:Subscribe", "sns:TagResource", "sns:Unsubscribe", "sns:UntagResource", "sns:VerifySMSSandboxPhoneNumber", "cloudformation:CancelResourceRequest", "cloudformation:CreateResource", "cloudformation:DeleteResource", "cloudformation:GetResource", "cloudformation:GetResourceRequestStatus", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:UpdateResource", "cloudformation:ActivateOrganizationsAccess", "cloudformation:ActivateType", "cloudformation:BatchDescribeTypeConfigurations", "cloudformation:CancelUpdateStack", "cloudformation:ContinueUpdateRollback", "cloudformation:CreateChangeSet", "cloudformation:CreateGeneratedTemplate", "cloudformation:CreateStack", "cloudformation:CreateStackInstances", "cloudformation:CreateStackSet", "cloudformation:CreateUploadBucket", "cloudformation:DeactivateOrganizationsAccess", "cloudformation:DeactivateType", "cloudformation:DeleteChangeSet", "cloudformation:DeleteGeneratedTemplate", "cloudformation:DeleteStack", "cloudformation:DeleteStackInstances", "cloudformation:DeleteStackSet", "cloudformation:DeregisterType", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeChangeSet", "cloudformation:DescribeChangeSetHooks", "cloudformation:DescribeGeneratedTemplate", "cloudformation:DescribeOrganizationsAccess", "cloudformation:DescribePublisher", "cloudformation:DescribeResourceScan", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:DescribeType", "cloudformation:DescribeTypeRegistration", "cloudformation:DetectStackDrift", "cloudformation:DetectStackResourceDrift", "cloudformation:DetectStackSetDrift", "cloudformation:EstimateTemplateCost", "cloudformation:ExecuteChangeSet", "cloudformation:GetGeneratedTemplate", "cloudformation:GetStackPolicy", "cloudformation:GetTemplate", "cloudformation:GetTemplateSummary", "cloudformation:ImportStacksToStackSet", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "cloudformation:PublishType", "cloudformation:RecordHandlerProgress", "cloudformation:RegisterPublisher", "cloudformation:RegisterType", "cloudformation:RollbackStack", "cloudformation:SetStackPolicy", "cloudformation:SetTypeConfiguration", "cloudformation:SetTypeDefaultVersion", "cloudformation:SignalResource", "cloudformation:StartResourceScan", "cloudformation:StopStackSetOperation", "cloudformation:TagResource", "cloudformation:TestType", "cloudformation:UntagResource", "cloudformation:UpdateGeneratedTemplate", "cloudformation:UpdateStack", "cloudformation:UpdateStackInstances", "cloudformation:UpdateStackSet", "cloudformation:UpdateTerminationProtection", "cloudformation:ValidateTemplate", "dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:ConditionCheckItem", "dynamodb:CreateBackup", "dynamodb:CreateGlobalTable", "dynamodb:CreateTable", "dynamodb:CreateTableReplica", "dynamodb:DeleteBackup", "dynamodb:DeleteItem", "dynamodb:DeleteResourcePolicy", "dynamodb:DeleteTable", "dynamodb:DeleteTableReplica", "dynamodb:DescribeBackup", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeContributorInsights", "dynamodb:DescribeEndpoints", "dynamodb:DescribeExport", "dynamodb:DescribeGlobalTable", "dynamodb:DescribeGlobalTableSettings", "dynamodb:DescribeImport", "dynamodb:DescribeKinesisStreamingDestination", "dynamodb:DescribeLimits", "dynamodb:DescribeReservedCapacity", "dynamodb:DescribeReservedCapacityOfferings", "dynamodb:DescribeStream", "dynamodb:DescribeTable", "dynamodb:DescribeTableReplicaAutoScaling", "dynamodb:DescribeTimeToLive", "dynamodb:DisableKinesisStreamingDestination", "dynamodb:EnableKinesisStreamingDestination", "dynamodb:ExportTableToPointInTime", "dynamodb:GetItem", "dynamodb:GetRecords", "dynamodb:GetResourcePolicy", "dynamodb:GetShardIterator", "dynamodb:ImportTable", "dynamodb:ListBackups", "dynamodb:ListContributorInsights", "dynamodb:ListExports", "dynamodb:ListGlobalTables", "dynamodb:ListImports", "dynamodb:ListStreams", "dynamodb:ListTables", "dynamodb:ListTagsOfResource", "dynamodb:PartiQLDelete", "dynamodb:PartiQLInsert", "dynamodb:PartiQLSelect", "dynamodb:PartiQLUpdate", "dynamodb:PurchaseReservedCapacityOfferings", "dynamodb:PutItem", "dynamodb:PutResourcePolicy", "dynamodb:Query", "dynamodb:RestoreTableFromAwsBackup", "dynamodb:RestoreTableFromBackup", "dynamodb:RestoreTableToPointInTime", "dynamodb:Scan", "dynamodb:StartAwsBackupJob", "dynamodb:TagResource", "dynamodb:UntagResource", "dynamodb:UpdateContinuousBackups", "dynamodb:UpdateContributorInsights", "dynamodb:UpdateGlobalTable", "dynamodb:UpdateGlobalTableSettings", "dynamodb:UpdateGlobalTableVersion", "dynamodb:UpdateItem", "dynamodb:UpdateKinesisStreamingDestination", "dynamodb:UpdateTable", "dynamodb:UpdateTableReplicaAutoScaling", "dynamodb:UpdateTimeToLive", "rds:AddRoleToDBCluster", "rds:AddRoleToDBInstance", "rds:AddSourceIdentifierToSubscription", "rds:AddTagsToResource", "rds:ApplyPendingMaintenanceAction", "rds:AuthorizeDBSecurityGroupIngress", "rds:BacktrackDBCluster", "rds:CancelExportTask", "rds:CopyDBClusterParameterGroup", "rds:CopyDBClusterSnapshot", "rds:CopyDBParameterGroup", "rds:CopyDBSnapshot", "rds:CopyOptionGroup", "rds:CreateBlueGreenDeployment", "rds:CreateCustomDBEngineVersion", "rds:CreateDBCluster", "rds:CreateDBClusterEndpoint", "rds:CreateDBClusterParameterGroup", "rds:CreateDBClusterSnapshot", "rds:CreateDBInstance", "rds:CreateDBInstanceReadReplica", "rds:CreateDBParameterGroup", "rds:CreateDBProxy", "rds:CreateDBProxyEndpoint", "rds:CreateDBSecurityGroup", "rds:CreateDBShardGroup", "rds:CreateDBSnapshot", "rds:CreateDBSubnetGroup", "rds:CreateEventSubscription", "rds:CreateGlobalCluster", "rds:CreateIntegration", "rds:CreateOptionGroup", "rds:CreateTenantDatabase", "rds:CrossRegionCommunication", "rds:DeleteBlueGreenDeployment", "rds:DeleteCustomDBEngineVersion", "rds:DeleteDBCluster", "rds:DeleteDBClusterAutomatedBackup", "rds:DeleteDBClusterEndpoint", "rds:DeleteDBClusterParameterGroup", "rds:DeleteDBClusterSnapshot", "rds:DeleteDBInstance", "rds:DeleteDBInstanceAutomatedBackup", "rds:DeleteDBParameterGroup", "rds:DeleteDBProxy", "rds:DeleteDBProxyEndpoint", "rds:DeleteDBSecurityGroup", "rds:DeleteDBShardGroup", "rds:DeleteDBSnapshot", "rds:DeleteDBSubnetGroup", "rds:DeleteEventSubscription", "rds:DeleteGlobalCluster", "rds:DeleteIntegration", "rds:DeleteOptionGroup", "rds:DeleteTenantDatabase", "rds:DeregisterDBProxyTargets", "rds:DescribeAccountAttributes", "rds:DescribeBlueGreenDeployments", "rds:DescribeCertificates", "rds:DescribeDBClusterAutomatedBackups", "rds:DescribeDBClusterBacktracks", "rds:DescribeDBClusterEndpoints", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBProxies", "rds:DescribeDBProxyEndpoints", "rds:DescribeDBProxyTargetGroups", "rds:DescribeDBProxyTargets", "rds:DescribeDBRecommendations", "rds:DescribeDBSecurityGroups", "rds:DescribeDBShardGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeDbSnapshotTenantDatabases", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeExportTasks", "rds:DescribeGlobalClusters", "rds:DescribeIntegrations", "rds:DescribeOptionGroupOptions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeRecommendationGroups", "rds:DescribeRecommendations", "rds:DescribeReservedDBInstances", "rds:DescribeReservedDBInstancesOfferings", "rds:DescribeSourceRegions", "rds:DescribeTenantDatabases", "rds:DescribeValidDBInstanceModifications", "rds:DisableHttpEndpoint", "rds:DownloadCompleteDBLogFile", "rds:DownloadDBLogFilePortion", "rds:EnableHttpEndpoint", "rds:FailoverDBCluster", "rds:FailoverGlobalCluster", "rds:ListTagsForResource", "rds:ModifyActivityStream", "rds:ModifyCertificates", "rds:ModifyCurrentDBClusterCapacity", "rds:ModifyCustomDBEngineVersion", "rds:ModifyDBCluster", "rds:ModifyDBClusterEndpoint", "rds:ModifyDBClusterParameterGroup", "rds:ModifyDBClusterSnapshotAttribute", "rds:ModifyDBInstance", "rds:ModifyDBParameterGroup", "rds:ModifyDBProxy", "rds:ModifyDBProxyEndpoint", "rds:ModifyDBProxyTargetGroup", "rds:ModifyDBRecommendation", "rds:ModifyDBShardGroup", "rds:ModifyDBSnapshot", "rds:ModifyDBSnapshotAttribute", "rds:ModifyDBSubnetGroup", "rds:ModifyEventSubscription", "rds:ModifyGlobalCluster", "rds:ModifyIntegration", "rds:ModifyOptionGroup", "rds:ModifyRecommendation", "rds:ModifyTenantDatabase", "rds:PromoteReadReplica", "rds:PromoteReadReplicaDBCluster", "rds:PurchaseReservedDBInstancesOffering", "rds:RebootDBCluster", "rds:RebootDBInstance", "rds:RebootDBShardGroup", "rds:RegisterDBProxyTargets", "rds:RemoveFromGlobalCluster", "rds:RemoveRoleFromDBCluster", "rds:RemoveRoleFromDBInstance", "rds:RemoveSourceIdentifierFromSubscription", "rds:RemoveTagsFromResource", "rds:ResetDBClusterParameterGroup", "rds:ResetDBParameterGroup", "rds:RestoreDBClusterFromS3", "rds:RestoreDBClusterFromSnapshot", "rds:RestoreDBClusterToPointInTime", "rds:RestoreDBInstanceFromDBSnapshot", "rds:RestoreDBInstanceFromS3", "rds:RestoreDBInstanceToPointInTime", "rds:RevokeDBSecurityGroupIngress", "rds:StartActivityStream", "rds:StartDBCluster", "rds:StartDBInstance", "rds:StartDBInstanceAutomatedBackupsReplication", "rds:StartExportTask", "rds:StopActivityStream", "rds:StopDBCluster", "rds:StopDBInstance", "rds:StopDBInstanceAutomatedBackupsReplication", "rds:SwitchoverBlueGreenDeployment", "rds:SwitchoverGlobalCluster", "rds:SwitchoverReadReplica", "sqs:AddPermission", "sqs:CancelMessageMoveTask", "sqs:ChangeMessageVisibility", "sqs:CreateQueue", "sqs:DeleteMessage", "sqs:DeleteQueue", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "sqs:ListDeadLetterSourceQueues", "sqs:ListMessageMoveTasks", "sqs:ListQueueTags", "sqs:ListQueues", "sqs:PurgeQueue", "sqs:ReceiveMessage", "sqs:RemovePermission", "sqs:SendMessage", "sqs:SetQueueAttributes", "sqs:StartMessageMoveTask", "sqs:TagQueue", "sqs:UntagQueue", "logs:AssociateKmsKey", "logs:CancelExportTask", "logs:CreateDelivery", "logs:CreateExportTask", "logs:CreateLogAnomalyDetector", "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteAccountPolicy", "logs:DeleteDataProtectionPolicy", "logs:DeleteDelivery", "logs:DeleteDeliveryDestination", "logs:DeleteDeliveryDestinationPolicy", "logs:DeleteDeliverySource", "logs:DeleteDestination", "logs:DeleteLogAnomalyDetector", "logs:DeleteLogDelivery", "logs:DeleteLogGroup", "logs:DeleteLogStream", "logs:DeleteMetricFilter", "logs:DeleteQueryDefinition", "logs:DeleteResourcePolicy", "logs:DeleteRetentionPolicy", "logs:DeleteSubscriptionFilter", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:DisassociateKmsKey", "logs:FilterLogEvents", "logs:GetDataProtectionPolicy", "logs:GetDelivery", "logs:GetDeliveryDestination", "logs:GetDeliveryDestinationPolicy", "logs:GetDeliverySource", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetLogRecord", "logs:GetQueryResults", "logs:Link", "logs:ListAnomalies", "logs:ListLogAnomalyDetectors", "logs:ListLogDeliveries", "logs:ListTagsForResource", "logs:ListTagsLogGroup", "logs:PutAccountPolicy", "logs:PutDataProtectionPolicy", "logs:PutDeliveryDestination", "logs:PutDeliveryDestinationPolicy", "logs:PutDeliverySource", "logs:PutDestination", "logs:PutDestinationPolicy", "logs:PutLogEvents", "logs:PutMetricFilter", "logs:PutQueryDefinition", "logs:PutResourcePolicy", "logs:PutRetentionPolicy", "logs:PutSubscriptionFilter", "logs:StartLiveTail", "logs:StartQuery", "logs:StopLiveTail", "logs:StopQuery", "logs:TagLogGroup", "logs:TagResource", "logs:TestMetricFilter", "logs:Unmask", "logs:UntagLogGroup", "logs:UntagResource", "logs:UpdateAnomaly", "logs:UpdateLogAnomalyDetector", "logs:UpdateLogDelivery", "iam:GetPolicyVersion", "iam:GetRole", "iam:PassRole", "iam:ListRolePolicies", "iam:ListAttachedRolePolicies", "iam:ListInstanceProfiles", "iam:ListRoles", "iam:ListServerCertificates", "acm:DescribeCertificate", "acm:ListCertificates", "codebuild:CreateProject", "codebuild:DeleteProject", "codebuild:BatchGetBuilds", "codebuild:StartBuild", "iam:AddRoleToInstanceProfile", "iam:CreateInstanceProfile", "iam:CreateRole", "iam:CreateServiceLinkedRole", "iam:CreateServiceLinkedRole", "iam:CreateServiceLinkedRole", "iam:AttachRolePolicy" ], "malformed": false, "name": "AWSElasticBeanstalkFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": true, "unknown_actions": false, "updatedate": null, "version": "v8" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonEventBridgeSchemasServiceRolePolicy", "createdate": "2019-11-27T01:10:40Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "events:PutRule", "events:PutTargets", "events:EnableRule", "events:DisableRule", "events:DeleteRule", "events:RemoveTargets", "events:ListTargetsByRule" ], "malformed": false, "name": "AmazonEventBridgeSchemasServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-11-27T01:10:40+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonFISServiceRolePolicy", "createdate": "2022-10-25T09:05:23Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "events:PutRule", "events:DeleteRule", "events:PutTargets", "events:RemoveTargets", "events:DescribeRule", "tag:GetResources", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmHistory", "ec2:DescribeInstances", "ec2:DescribeSubnets", "iam:GetUser", "iam:GetRole", "iam:ListUsers", "iam:ListRoles", "rds:DescribeDBClusters", "rds:DescribeDBInstances", "ecs:DescribeClusters", "ecs:DescribeTasks", "ecs:ListTasks", "eks:DescribeNodegroup", "eks:DescribeCluster" ], "malformed": false, "name": "AmazonFISServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-10-25T09:05:23+00:00", "version": "v7" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonLookoutEquipmentFullAccess", "createdate": "2021-11-24T21:00:13Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "lookoutequipment:CreateDataset", "lookoutequipment:CreateInferenceScheduler", "lookoutequipment:CreateLabel", "lookoutequipment:CreateLabelGroup", "lookoutequipment:CreateModel", "lookoutequipment:CreateRetrainingScheduler", "lookoutequipment:DeleteDataset", "lookoutequipment:DeleteInferenceScheduler", "lookoutequipment:DeleteLabel", "lookoutequipment:DeleteLabelGroup", "lookoutequipment:DeleteModel", "lookoutequipment:DeleteResourcePolicy", "lookoutequipment:DeleteRetrainingScheduler", "lookoutequipment:DescribeDataIngestionJob", "lookoutequipment:DescribeDataset", "lookoutequipment:DescribeInferenceScheduler", "lookoutequipment:DescribeLabelGroup", "lookoutequipment:DescribeModel", "lookoutequipment:DescribeModelVersion", "lookoutequipment:DescribeResourcePolicy", "lookoutequipment:DescribeRetrainingScheduler", "lookoutequipment:Describelabel", "lookoutequipment:ImportDataset", "lookoutequipment:ImportModelVersion", "lookoutequipment:ListDataIngestionJobs", "lookoutequipment:ListDatasets", "lookoutequipment:ListInferenceEvents", "lookoutequipment:ListInferenceExecutions", "lookoutequipment:ListInferenceSchedulers", "lookoutequipment:ListLabelGroups", "lookoutequipment:ListLabels", "lookoutequipment:ListModelVersions", "lookoutequipment:ListModels", "lookoutequipment:ListRetrainingSchedulers", "lookoutequipment:ListSensorStatistics", "lookoutequipment:ListTagsForResource", "lookoutequipment:PutResourcePolicy", "lookoutequipment:StartDataIngestionJob", "lookoutequipment:StartInferenceScheduler", "lookoutequipment:StartRetrainingScheduler", "lookoutequipment:StopInferenceScheduler", "lookoutequipment:StopRetrainingScheduler", "lookoutequipment:TagResource", "lookoutequipment:UntagResource", "lookoutequipment:UpdateActiveModelVersion", "lookoutequipment:UpdateInferenceScheduler", "lookoutequipment:UpdateLabelGroup", "lookoutequipment:UpdateModel", "lookoutequipment:UpdateRetrainingScheduler", "iam:PassRole", "kms:CreateGrant", "kms:DescribeKey", "kms:ListAliases" ], "malformed": false, "name": "AmazonLookoutEquipmentFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-11-24T21:00:13+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonSageMakerGroundTruthExecution", "createdate": "2022-04-29T20:49:54Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "lambda:InvokeFunction", "s3:AbortMultipartUpload", "s3:GetObject", "s3:PutObject", "s3:GetObject", "s3:GetBucketLocation", "s3:ListBucket", "cloudwatch:PutMetricData", "logs:CreateLogStream", "logs:CreateLogGroup", "logs:DescribeLogStreams", "logs:PutLogEvents", "sqs:CreateQueue", "sqs:DeleteMessage", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "sqs:ReceiveMessage", "sqs:SendMessage", "sqs:SetQueueAttributes", "sns:Subscribe", "sns:Publish", "sns:Unsubscribe", "ec2:CreateVpcEndpoint", "ec2:DescribeVpcEndpoints", "ec2:DeleteVpcEndpoints" ], "malformed": false, "name": "AmazonSageMakerGroundTruthExecution", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-04-29T20:49:54+00:00", "version": "v3" }, { "access_levels": [ "Read", "Write" ], "arn": null, "createdate": "2023-02-23T18:34:44Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [ "iotroborunner:CreateDestination", "iotroborunner:CreateSite", "iotroborunner:CreateWorker", "iotroborunner:CreateWorkerFleet", "iotroborunner:DeleteDestination", "iotroborunner:DeleteSite", "iotroborunner:DeleteWorker", "iotroborunner:DeleteWorkerFleet", "iotroborunner:GetDestination", "iotroborunner:GetSite", "iotroborunner:GetWorker", "iotroborunner:GetWorkerFleet", "iotroborunner:ListDestinations", "iotroborunner:ListSites", "iotroborunner:ListWorkerFleets", "iotroborunner:ListWorkers", "iotroborunner:UpdateDestination", "iotroborunner:UpdateSite", "iotroborunner:UpdateWorker", "iotroborunner:UpdateWorkerFleet", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSIotRoboRunnerFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/CloudWatchEventsReadOnlyAccess", "createdate": "2022-12-01T16:29:31Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "events:DescribeRule", "events:DescribeEventBus", "events:DescribeEventSource", "events:ListEventBuses", "events:ListEventSources", "events:ListRuleNamesByTarget", "events:ListRules", "events:ListTargetsByRule", "events:TestEventPattern", "events:DescribeArchive", "events:ListArchives", "events:DescribeReplay", "events:ListReplays", "events:DescribeConnection", "events:ListConnections", "events:DescribeApiDestination", "events:ListApiDestinations", "events:DescribeEndpoint", "events:ListEndpoints", "schemas:DescribeCodeBinding", "schemas:DescribeDiscoverer", "schemas:DescribeRegistry", "schemas:DescribeSchema", "schemas:ExportSchema", "schemas:GetCodeBindingSource", "schemas:GetDiscoveredSchema", "schemas:GetResourcePolicy", "schemas:ListDiscoverers", "schemas:ListRegistries", "schemas:ListSchemas", "schemas:ListSchemaVersions", "schemas:ListTagsForResource", "schemas:SearchSchemas", "scheduler:GetSchedule", "scheduler:GetScheduleGroup", "scheduler:ListSchedules", "scheduler:ListScheduleGroups", "scheduler:ListTagsForResource", "pipes:DescribePipe", "pipes:ListPipes", "pipes:ListTagsForResource" ], "malformed": false, "name": "CloudWatchEventsReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-12-01T16:29:31+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSKeyManagementServiceCustomKeyStoresServiceRolePolicy", "createdate": "2023-11-10T19:03:34Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudhsm:DescribeBackups", "cloudhsm:DescribeClusters", "cloudhsm:DescribeHapg", "cloudhsm:DescribeHsm", "cloudhsm:DescribeLunaClient", "ec2:CreateNetworkInterface", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateSecurityGroup", "ec2:DescribeSecurityGroups", "ec2:RevokeSecurityGroupEgress", "ec2:DeleteSecurityGroup", "ec2:DescribeVpcs", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInterfaces" ], "malformed": false, "name": "AWSKeyManagementServiceCustomKeyStoresServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-10T19:03:34+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/ResourceGroupsandTagEditorReadOnlyAccess", "createdate": "2023-08-10T13:42:58Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "tag:GetResources", "tag:GetTagKeys", "tag:GetTagValues", "resource-groups:GetAccountSettings", "resource-groups:GetGroup", "resource-groups:GetGroupConfiguration", "resource-groups:GetGroupPolicy", "resource-groups:GetGroupQuery", "resource-groups:GetTags", "resource-groups:ListGroupResources", "resource-groups:ListGroups", "resource-groups:ListResourceTypes", "resource-groups:SearchResources", "cloudformation:DescribeStacks", "cloudformation:ListStackResources", "cloudformation:ListStacks" ], "malformed": false, "name": "ResourceGroupsandTagEditorReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-08-10T13:42:58+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonManagedBlockchainConsoleFullAccess", "createdate": "2019-04-29T21:23:25Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "managedblockchain:CreateAccessor", "managedblockchain:CreateMember", "managedblockchain:CreateNetwork", "managedblockchain:CreateNode", "managedblockchain:CreateProposal", "managedblockchain:DeleteAccessor", "managedblockchain:DeleteMember", "managedblockchain:DeleteNode", "managedblockchain:GET", "managedblockchain:GetAccessor", "managedblockchain:GetMember", "managedblockchain:GetNetwork", "managedblockchain:GetNode", "managedblockchain:GetProposal", "managedblockchain:Invoke", "managedblockchain:InvokeRpcBitcoinMainnet", "managedblockchain:InvokeRpcBitcoinTestnet", "managedblockchain:InvokeRpcPolygonMainnet", "managedblockchain:InvokeRpcPolygonMumbaiTestnet", "managedblockchain:ListAccessors", "managedblockchain:ListInvitations", "managedblockchain:ListMembers", "managedblockchain:ListNetworks", "managedblockchain:ListNodes", "managedblockchain:ListProposalVotes", "managedblockchain:ListProposals", "managedblockchain:ListTagsForResource", "managedblockchain:POST", "managedblockchain:RejectInvitation", "managedblockchain:TagResource", "managedblockchain:UntagResource", "managedblockchain:UpdateMember", "managedblockchain:UpdateNode", "managedblockchain:VoteOnProposal", "ec2:DescribeAvailabilityZones", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:CreateVpcEndpoint", "kms:ListAliases", "kms:DescribeKey" ], "malformed": false, "name": "AmazonManagedBlockchainConsoleFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-04-29T21:23:25+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonEMRServicePolicy_v2", "createdate": "2022-02-15T16:48:29Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateNetworkInterface", "ec2:RunInstances", "ec2:CreateFleet", "ec2:CreateLaunchTemplate", "ec2:CreateLaunchTemplateVersion", "ec2:CreateFleet", "ec2:RunInstances", "ec2:CreateLaunchTemplateVersion", "ec2:CreateLaunchTemplate", "ec2:RunInstances", "ec2:CreateFleet", "ec2:RunInstances", "ec2:CreateFleet", "ec2:CreateLaunchTemplate", "ec2:CreateLaunchTemplateVersion", "ec2:CreateLaunchTemplateVersion", "ec2:DeleteLaunchTemplate", "ec2:DeleteNetworkInterface", "ec2:ModifyInstanceAttribute", "ec2:TerminateInstances", "ec2:CreateTags", "ec2:DeleteTags", "ec2:CreateNetworkInterface", "ec2:CreateTags", "ec2:CreateTags", "ec2:DeleteTags", "ec2:DescribeAccountAttributes", "ec2:DescribeCapacityReservations", "ec2:DescribeDhcpOptions", "ec2:DescribeImages", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplates", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVolumes", "ec2:DescribeVolumeStatus", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcs", "ec2:CreateSecurityGroup", "ec2:CreateSecurityGroup", "ec2:CreateTags", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:CreatePlacementGroup", "ec2:DeletePlacementGroup", "application-autoscaling:DeleteScalingPolicy", "application-autoscaling:DeregisterScalableTarget", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:PutScalingPolicy", "application-autoscaling:RegisterScalableTarget", "resource-groups:ListGroupResources", "cloudwatch:PutMetricAlarm", "cloudwatch:DeleteAlarms", "cloudwatch:DescribeAlarms", "iam:PassRole", "iam:PassRole" ], "malformed": false, "name": "AmazonEMRServicePolicy_v2", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-02-15T16:48:29+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonAPIGatewayPushToCloudWatchLogs", "createdate": "2015-11-11T23:41:46Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:PutLogEvents", "logs:GetLogEvents", "logs:FilterLogEvents" ], "malformed": false, "name": "AmazonAPIGatewayPushToCloudWatchLogs", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-11-11T23:41:46+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonOpenSearchServiceRolePolicy", "createdate": "2023-10-23T07:07:31Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateNetworkInterface", "ec2:DescribeNetworkInterfaces", "ec2:DeleteNetworkInterface", "ec2:ModifyNetworkInterfaceAttribute", "ec2:AssignIpv6Addresses", "ec2:UnassignIpv6Addresses", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "elasticloadbalancing:AddListenerCertificates", "elasticloadbalancing:RemoveListenerCertificates", "ec2:CreateTags", "ec2:DescribeTags", "acm:DescribeCertificate", "cloudwatch:PutMetricData", "ec2:CreateVpcEndpoint", "ec2:ModifyVpcEndpoint", "ec2:CreateVpcEndpoint", "ec2:ModifyVpcEndpoint", "ec2:DeleteVpcEndpoints", "ec2:DescribeVpcEndpoints", "ec2:CreateTags" ], "malformed": false, "name": "AmazonOpenSearchServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-10-23T07:07:31+00:00", "version": "v7" }, { "access_levels": [ "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleECS", "createdate": "2023-03-23T22:43:56Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ecs:CreateCluster", "ecs:DeleteCluster", "ecs:RegisterTaskDefinition", "ecs:DeregisterTaskDefinition", "ecs:TagResource" ], "malformed": false, "name": "AWSElasticBeanstalkRoleECS", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-23T22:43:56+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSArtifactAccountSync", "createdate": "2018-04-10T23:04:33Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:ListAccounts", "organizations:DescribeOrganization" ], "malformed": false, "name": "AWSArtifactAccountSync", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-04-10T23:04:33+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/CloudWatchApplicationInsightsReadOnlyAccess", "createdate": "2020-11-24T18:48:00Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "applicationinsights:DescribeApplication", "applicationinsights:DescribeComponent", "applicationinsights:DescribeComponentConfiguration", "applicationinsights:DescribeComponentConfigurationRecommendation", "applicationinsights:DescribeLogPattern", "applicationinsights:DescribeObservation", "applicationinsights:DescribeProblem", "applicationinsights:DescribeProblemObservations", "applicationinsights:DescribeWorkload", "applicationinsights:ListApplications", "applicationinsights:ListComponents", "applicationinsights:ListConfigurationHistory", "applicationinsights:ListLogPatternSets", "applicationinsights:ListLogPatterns", "applicationinsights:ListProblems", "applicationinsights:ListTagsForResource", "applicationinsights:ListWorkloads" ], "malformed": false, "name": "CloudWatchApplicationInsightsReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-11-24T18:48:00+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRolePolicyForBackupRestoreTesting", "createdate": "2024-02-14T22:42:37Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "backup:DescribeRecoveryPoint", "backup:DescribeRestoreJob", "backup:DescribeProtectedResource", "backup:GetRecoveryPointRestoreMetadata", "backup:ListBackupVaults", "backup:ListProtectedResources", "backup:ListProtectedResourcesByBackupVault", "backup:ListRecoveryPointsByBackupVault", "backup:ListRecoveryPointsByResource", "backup:ListTags", "backup:StartRestoreJob", "iam:PassRole", "ec2:DescribeInstances", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeTags", "ec2:DescribeVolumes", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeMountTargets", "fsx:DescribeFileSystems", "fsx:DescribeVolumes", "fsx:ListTagsForResource", "rds:DescribeDBInstances", "rds:DescribeDBClusters", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBClusterAutomatedBackups", "rds:ListTagsForResource", "redshift:DescribeClusters", "ec2:DeleteVolume", "ec2:TerminateInstances", "elasticfilesystem:DeleteFileSystem", "elasticfilesystem:DeleteMountTarget", "rds:DeleteDBCluster", "rds:DeleteDBInstance", "fsx:DeleteFileSystem", "fsx:DeleteVolume", "dynamodb:DeleteTable", "dynamodb:DescribeTable", "redshift:DeleteCluster", "s3:DeleteBucket", "s3:GetLifecycleConfiguration", "s3:PutLifecycleConfiguration", "timestream:DeleteTable" ], "malformed": false, "name": "AWSServiceRolePolicyForBackupRestoreTesting", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-14T22:42:37+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAFullAccess", "createdate": "2018-10-23T16:54:50Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "acm-pca:CreateCertificateAuthority", "acm-pca:CreateCertificateAuthorityAuditReport", "acm-pca:CreatePermission", "acm-pca:DeleteCertificateAuthority", "acm-pca:DeletePermission", "acm-pca:DeletePolicy", "acm-pca:DescribeCertificateAuthority", "acm-pca:DescribeCertificateAuthorityAuditReport", "acm-pca:GetCertificate", "acm-pca:GetCertificateAuthorityCertificate", "acm-pca:GetCertificateAuthorityCsr", "acm-pca:GetPolicy", "acm-pca:ImportCertificateAuthorityCertificate", "acm-pca:IssueCertificate", "acm-pca:ListCertificateAuthorities", "acm-pca:ListPermissions", "acm-pca:ListTags", "acm-pca:PutPolicy", "acm-pca:RestoreCertificateAuthority", "acm-pca:RevokeCertificate", "acm-pca:TagCertificateAuthority", "acm-pca:UntagCertificateAuthority", "acm-pca:UpdateCertificateAuthority" ], "malformed": false, "name": "AWSCertificateManagerPrivateCAFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-10-23T16:54:50+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/ServerMigrationServiceRoleForInstanceValidation", "createdate": "2020-07-20T22:25:07Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:GetObject", "sms:NotifyAppValidationOutput" ], "malformed": false, "name": "ServerMigrationServiceRoleForInstanceValidation", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-07-20T22:25:07+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/NeptuneFullAccess", "createdate": "2024-01-22T16:32:31Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "rds:CreateDBCluster", "rds:CreateDBInstance", "rds:AddRoleToDBCluster", "rds:AddSourceIdentifierToSubscription", "rds:AddTagsToResource", "rds:ApplyPendingMaintenanceAction", "rds:CopyDBClusterParameterGroup", "rds:CopyDBClusterSnapshot", "rds:CopyDBParameterGroup", "rds:CreateDBClusterEndpoint", "rds:CreateDBClusterParameterGroup", "rds:CreateDBClusterSnapshot", "rds:CreateDBParameterGroup", "rds:CreateDBSubnetGroup", "rds:CreateEventSubscription", "rds:CreateGlobalCluster", "rds:DeleteDBCluster", "rds:DeleteDBClusterEndpoint", "rds:DeleteDBClusterParameterGroup", "rds:DeleteDBClusterSnapshot", "rds:DeleteDBInstance", "rds:DeleteDBParameterGroup", "rds:DeleteDBSubnetGroup", "rds:DeleteEventSubscription", "rds:DeleteGlobalCluster", "rds:DescribeDBClusterEndpoints", "rds:DescribeAccountAttributes", "rds:DescribeCertificates", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBSecurityGroups", "rds:DescribeDBSubnetGroups", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeGlobalClusters", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeValidDBInstanceModifications", "rds:DownloadDBLogFilePortion", "rds:FailoverDBCluster", "rds:FailoverGlobalCluster", "rds:ListTagsForResource", "rds:ModifyDBCluster", "rds:ModifyDBClusterEndpoint", "rds:ModifyDBClusterParameterGroup", "rds:ModifyDBClusterSnapshotAttribute", "rds:ModifyDBInstance", "rds:ModifyDBParameterGroup", "rds:ModifyDBSubnetGroup", "rds:ModifyEventSubscription", "rds:ModifyGlobalCluster", "rds:PromoteReadReplicaDBCluster", "rds:RebootDBInstance", "rds:RemoveFromGlobalCluster", "rds:RemoveRoleFromDBCluster", "rds:RemoveSourceIdentifierFromSubscription", "rds:RemoveTagsFromResource", "rds:ResetDBClusterParameterGroup", "rds:ResetDBParameterGroup", "rds:RestoreDBClusterFromSnapshot", "rds:RestoreDBClusterToPointInTime", "rds:StartDBCluster", "rds:StopDBCluster", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcs", "kms:ListAliases", "kms:ListKeyPolicies", "kms:ListKeys", "kms:ListRetirableGrants", "logs:DescribeLogStreams", "logs:GetLogEvents", "sns:ListSubscriptions", "sns:ListTopics", "sns:Publish", "iam:PassRole", "iam:CreateServiceLinkedRole", "neptune-db:CancelLoaderJob", "neptune-db:CancelMLDataProcessingJob", "neptune-db:CancelMLModelTrainingJob", "neptune-db:CancelMLModelTransformJob", "neptune-db:CancelQuery", "neptune-db:CreateMLEndpoint", "neptune-db:DeleteDataViaQuery", "neptune-db:DeleteMLEndpoint", "neptune-db:DeleteStatistics", "neptune-db:GetEngineStatus", "neptune-db:GetGraphSummary", "neptune-db:GetLoaderJobStatus", "neptune-db:GetMLDataProcessingJobStatus", "neptune-db:GetMLEndpointStatus", "neptune-db:GetMLModelTrainingJobStatus", "neptune-db:GetMLModelTransformJobStatus", "neptune-db:GetQueryStatus", "neptune-db:GetStatisticsStatus", "neptune-db:GetStreamRecords", "neptune-db:ListLoaderJobs", "neptune-db:ListMLDataProcessingJobs", "neptune-db:ListMLEndpoints", "neptune-db:ListMLModelTrainingJobs", "neptune-db:ListMLModelTransformJobs", "neptune-db:ManageStatistics", "neptune-db:ReadDataViaQuery", "neptune-db:ResetDatabase", "neptune-db:StartLoaderJob", "neptune-db:StartMLDataProcessingJob", "neptune-db:StartMLModelTrainingJob", "neptune-db:StartMLModelTransformJob", "neptune-db:WriteDataViaQuery", "neptune-db:connect" ], "malformed": false, "name": "NeptuneFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-22T16:32:31+00:00", "version": "v7" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSSSMForSAPServiceLinkedRolePolicy", "createdate": "2024-04-11T18:31:07Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeInstances", "ssm:GetCommandInvocation", "ssm:DescribeInstanceInformation", "ec2:DescribeInstanceStatus", "events:DeleteRule", "events:PutTargets", "events:DescribeRule", "events:PutRule", "events:RemoveTargets", "ssm:DescribeDocument", "ssm:SendCommand", "ssm:SendCommand", "ec2:CreateTags", "ec2:DeleteTags", "ec2:DescribeTags", "servicecatalog:GetApplication", "servicecatalog:DeleteApplication", "servicecatalog:UpdateApplication", "servicecatalog:TagResource", "servicecatalog:CreateApplication", "iam:CreateServiceLinkedRole", "cloudwatch:PutMetricData", "servicecatalog:CreateAttributeGroup", "servicecatalog:GetAttributeGroup", "servicecatalog:DeleteAttributeGroup", "servicecatalog:AssociateAttributeGroup", "servicecatalog:DisassociateAttributeGroup", "servicecatalog:ListAssociatedAttributeGroups", "resource-groups:CreateGroup", "resource-groups:Tag", "resource-groups:GetGroup", "resource-groups:DeleteGroup", "resource-groups:CreateGroup", "resource-groups:Tag", "resource-groups:GetGroupConfiguration", "ec2:StartInstances", "ec2:StopInstances" ], "malformed": false, "name": "AWSSSMForSAPServiceLinkedRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-11T18:31:07+00:00", "version": "v7" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/S3StorageLensServiceRolePolicy", "createdate": "2020-11-18T18:15:40Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:DescribeOrganization", "organizations:ListAccounts", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListDelegatedAdministrators" ], "malformed": false, "name": "S3StorageLensServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-11-18T18:15:40+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonSageMakerCanvasAIServicesAccess", "createdate": "2023-11-29T14:47:09Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "textract:AnalyzeDocument", "textract:AnalyzeExpense", "textract:AnalyzeID", "textract:StartDocumentAnalysis", "textract:StartExpenseAnalysis", "textract:GetDocumentAnalysis", "textract:GetExpenseAnalysis", "rekognition:DetectLabels", "rekognition:DetectText", "comprehend:BatchDetectDominantLanguage", "comprehend:BatchDetectEntities", "comprehend:BatchDetectSentiment", "comprehend:DetectPiiEntities", "comprehend:DetectEntities", "comprehend:DetectSentiment", "comprehend:DetectDominantLanguage", "bedrock:InvokeModel", "bedrock:ListFoundationModels", "bedrock:InvokeModelWithResponseStream", "bedrock:CreateModelCustomizationJob", "bedrock:CreateProvisionedModelThroughput", "bedrock:TagResource", "bedrock:GetModelCustomizationJob", "bedrock:GetCustomModel", "bedrock:GetProvisionedModelThroughput", "bedrock:StopModelCustomizationJob", "bedrock:DeleteProvisionedModelThroughput", "bedrock:CreateModelCustomizationJob", "iam:PassRole" ], "malformed": false, "name": "AmazonSageMakerCanvasAIServicesAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-29T14:47:09+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSBackupServiceLinkedRolePolicyForBackup", "createdate": "2023-12-15T22:06:53Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elasticfilesystem:Backup", "elasticfilesystem:DescribeTags", "tag:GetResources", "elasticfilesystem:DescribeFileSystems", "dynamodb:ListTables", "storagegateway:ListVolumes", "ec2:DescribeVolumes", "ec2:DescribeInstances", "rds:DescribeDBInstances", "rds:DescribeDBClusters", "fsx:DescribeFileSystems", "fsx:DescribeVolumes", "s3:ListAllMyBuckets", "s3:GetBucketTagging", "ec2:CreateTags", "ec2:CreateTags", "ec2:CreateTags", "ec2:DescribeSnapshots", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeImages", "rds:DescribeDBSnapshots", "rds:DescribeDBClusterSnapshots", "ec2:CopySnapshot", "ec2:CopyImage", "ec2:DeregisterImage", "ec2:DeleteSnapshot", "ec2:ModifySnapshotTier", "rds:AddTagsToResource", "rds:CopyDBSnapshot", "rds:DeleteDBSnapshot", "rds:DeleteDBInstanceAutomatedBackup", "rds:AddTagsToResource", "rds:CopyDBClusterSnapshot", "rds:DeleteDBClusterSnapshot", "kms:DescribeKey", "kms:ListGrants", "kms:ReEncryptFrom", "kms:GenerateDataKeyWithoutPlaintext", "kms:CreateGrant", "fsx:CopyBackup", "fsx:TagResource", "fsx:DescribeBackups", "fsx:DeleteBackup", "dynamodb:DeleteBackup", "backup-gateway:ListVirtualMachines", "backup-gateway:ListTagsForResource", "dynamodb:ListTagsOfResource", "dynamodb:DescribeTable", "storagegateway:DescribeCachediSCSIVolumes", "storagegateway:DescribeStorediSCSIVolumes", "events:DeleteRule", "events:PutTargets", "events:DescribeRule", "events:EnableRule", "events:PutRule", "events:RemoveTargets", "events:ListTargetsByRule", "events:DisableRule", "events:ListRules", "ssm-sap:GetOperation", "ssm-sap:UpdateHANABackupSettings", "timestream:ListDatabases", "timestream:ListTables", "timestream:ListTagsForResource", "timestream:DescribeDatabase", "timestream:DescribeTable", "timestream:GetAwsBackupStatus", "timestream:GetAwsRestoreStatus", "timestream:DescribeEndpoints", "redshift:DescribeClusterSnapshots", "redshift:DescribeTags", "redshift:DeleteClusterSnapshot", "redshift:DescribeClusters", "cloudformation:ListStacks" ], "malformed": false, "name": "AWSBackupServiceLinkedRolePolicyForBackup", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-15T22:06:53+00:00", "version": "v15" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForLogDeliveryPolicy", "createdate": "2021-07-15T20:07:44Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "firehose:PutRecord", "firehose:PutRecordBatch", "firehose:ListTagsForDeliveryStream" ], "malformed": false, "name": "AWSServiceRoleForLogDeliveryPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-07-15T20:07:44+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSOrganizationsFullAccess", "createdate": "2024-02-06T17:49:01Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:AcceptHandshake", "organizations:AttachPolicy", "organizations:CancelHandshake", "organizations:CloseAccount", "organizations:CreateAccount", "organizations:CreateGovCloudAccount", "organizations:CreateOrganization", "organizations:CreateOrganizationalUnit", "organizations:CreatePolicy", "organizations:DeclineHandshake", "organizations:DeleteOrganization", "organizations:DeleteOrganizationalUnit", "organizations:DeletePolicy", "organizations:DeleteResourcePolicy", "organizations:DeregisterDelegatedAdministrator", "organizations:DescribeAccount", "organizations:DescribeCreateAccountStatus", "organizations:DescribeEffectivePolicy", "organizations:DescribeHandshake", "organizations:DescribeOrganization", "organizations:DescribeOrganizationalUnit", "organizations:DescribePolicy", "organizations:DescribeResourcePolicy", "organizations:DetachPolicy", "organizations:DisableAWSServiceAccess", "organizations:DisablePolicyType", "organizations:EnableAWSServiceAccess", "organizations:EnableAllFeatures", "organizations:EnablePolicyType", "organizations:InviteAccountToOrganization", "organizations:LeaveOrganization", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListAccounts", "organizations:ListAccountsForParent", "organizations:ListChildren", "organizations:ListCreateAccountStatus", "organizations:ListDelegatedAdministrators", "organizations:ListDelegatedServicesForAccount", "organizations:ListHandshakesForAccount", "organizations:ListHandshakesForOrganization", "organizations:ListOrganizationalUnitsForParent", "organizations:ListParents", "organizations:ListPolicies", "organizations:ListPoliciesForTarget", "organizations:ListRoots", "organizations:ListTagsForResource", "organizations:ListTargetsForPolicy", "organizations:MoveAccount", "organizations:PutResourcePolicy", "organizations:RegisterDelegatedAdministrator", "organizations:RemoveAccountFromOrganization", "organizations:TagResource", "organizations:UntagResource", "organizations:UpdateOrganizationalUnit", "organizations:UpdatePolicy", "account:PutAlternateContact", "account:DeleteAlternateContact", "account:GetAlternateContact", "account:GetContactInformation", "account:PutContactInformation", "account:ListRegions", "account:EnableRegion", "account:DisableRegion", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSOrganizationsFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-06T17:49:01+00:00", "version": "v6" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSDataLifecycleManagerSSMFullAccess", "createdate": "2023-11-16T22:31:54Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ssm:GetCommandInvocation", "ssm:ListCommands", "ssm:DescribeInstanceInformation", "ssm:SendCommand", "ssm:DescribeDocument", "ssm:GetDocument", "ssm:SendCommand", "ssm:DescribeDocument", "ssm:GetDocument", "ssm:SendCommand" ], "malformed": false, "name": "AWSDataLifecycleManagerSSMFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-16T22:31:54+00:00", "version": "v2" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonElasticFileSystemClientReadOnlyAccess", "createdate": "2020-01-13T16:24:36Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elasticfilesystem:ClientMount", "elasticfilesystem:DescribeMountTargets" ], "malformed": false, "name": "AmazonElasticFileSystemClientReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-01-13T16:24:36+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonDocDBFullAccess", "createdate": "2019-01-09T20:21:44Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "rds:AddRoleToDBCluster", "rds:AddSourceIdentifierToSubscription", "rds:AddTagsToResource", "rds:ApplyPendingMaintenanceAction", "rds:CopyDBClusterParameterGroup", "rds:CopyDBClusterSnapshot", "rds:CopyDBParameterGroup", "rds:CreateDBCluster", "rds:CreateDBClusterParameterGroup", "rds:CreateDBClusterSnapshot", "rds:CreateDBInstance", "rds:CreateDBParameterGroup", "rds:CreateDBSubnetGroup", "rds:CreateEventSubscription", "rds:DeleteDBCluster", "rds:DeleteDBClusterParameterGroup", "rds:DeleteDBClusterSnapshot", "rds:DeleteDBInstance", "rds:DeleteDBParameterGroup", "rds:DeleteDBSubnetGroup", "rds:DeleteEventSubscription", "rds:DescribeAccountAttributes", "rds:DescribeCertificates", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBSecurityGroups", "rds:DescribeDBSubnetGroups", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeValidDBInstanceModifications", "rds:DownloadDBLogFilePortion", "rds:FailoverDBCluster", "rds:ListTagsForResource", "rds:ModifyDBCluster", "rds:ModifyDBClusterParameterGroup", "rds:ModifyDBClusterSnapshotAttribute", "rds:ModifyDBInstance", "rds:ModifyDBParameterGroup", "rds:ModifyDBSubnetGroup", "rds:ModifyEventSubscription", "rds:PromoteReadReplicaDBCluster", "rds:RebootDBInstance", "rds:RemoveRoleFromDBCluster", "rds:RemoveSourceIdentifierFromSubscription", "rds:RemoveTagsFromResource", "rds:ResetDBClusterParameterGroup", "rds:ResetDBParameterGroup", "rds:RestoreDBClusterFromSnapshot", "rds:RestoreDBClusterToPointInTime", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcs", "kms:ListAliases", "kms:ListKeyPolicies", "kms:ListKeys", "kms:ListRetirableGrants", "logs:DescribeLogStreams", "logs:GetLogEvents", "sns:ListSubscriptions", "sns:ListTopics", "sns:Publish", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonDocDBFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-01-09T20:21:44+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSSavingsPlansReadOnlyAccess", "createdate": "2019-11-06T22:45:10Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "savingsplans:DescribeSavingsPlanRates", "savingsplans:DescribeSavingsPlans", "savingsplans:DescribeSavingsPlansOfferingRates", "savingsplans:DescribeSavingsPlansOfferings", "savingsplans:ListTagsForResource" ], "malformed": false, "name": "AWSSavingsPlansReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-11-06T22:45:10+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/ElasticLoadBalancingReadOnly", "createdate": "2023-11-26T18:15:46Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "elasticloadbalancing:GetTrustStoreCaCertificatesBundle", "elasticloadbalancing:GetTrustStoreRevocationContent", "ec2:DescribeInstances", "ec2:DescribeClassicLinkInstances", "ec2:DescribeSecurityGroups", "arc-zonal-shift:GetManagedResource", "arc-zonal-shift:ListManagedResources", "arc-zonal-shift:ListZonalShifts" ], "malformed": false, "name": "ElasticLoadBalancingReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-26T18:15:46+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/ROSAInstallerPolicy", "createdate": "2024-04-10T20:52:53Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeAvailabilityZones", "ec2:DescribeInternetGateways", "ec2:DescribeInstances", "ec2:DescribeInstanceTypes", "ec2:DescribeRegions", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcs", "ec2:DescribeInstanceTypeOfferings", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeLoadBalancers", "iam:GetOpenIDConnectProvider", "iam:GetRole", "route53:GetHostedZone", "route53:ListHostedZones", "route53:ListHostedZonesByName", "route53:ListResourceRecordSets", "route53:GetAccountLimit", "servicequotas:GetServiceQuota", "iam:PassRole", "iam:AddRoleToInstanceProfile", "iam:RemoveRoleFromInstanceProfile", "iam:DeleteInstanceProfile", "iam:GetInstanceProfile", "iam:CreateInstanceProfile", "iam:TagInstanceProfile", "secretsmanager:GetSecretValue", "route53:ChangeResourceRecordSets", "route53:ChangeTagsForResource", "route53:CreateHostedZone", "route53:DeleteHostedZone", "ec2:CreateTags", "ec2:RunInstances", "ec2:RunInstances", "ec2:RunInstances", "ec2:TerminateInstances", "ec2:GetConsoleOutput", "kms:CreateGrant", "kms:DescribeKey", "kms:GenerateDataKeyWithoutPlaintext", "ec2:CreateSecurityGroup", "ec2:DeleteSecurityGroup", "ec2:AuthorizeSecurityGroupIngress", "ec2:AuthorizeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:RevokeSecurityGroupEgress", "ec2:CreateSecurityGroup", "ec2:CreateTags", "iam:ListAttachedRolePolicies", "iam:ListRolePolicies" ], "malformed": false, "name": "ROSAInstallerPolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-10T20:52:53+00:00", "version": "v3" }, { "access_levels": [], "arn": null, "createdate": "2023-03-26T18:24:35Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [], "malformed": false, "name": "AmazonDataZonePortalFullAccessPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": true, "updatedate": null, "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/ElasticLoadBalancingFullAccess", "createdate": "2022-11-29T01:45:49Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "elasticloadbalancing:AddTags", "elasticloadbalancing:ApplySecurityGroupsToLoadBalancer", "elasticloadbalancing:AttachLoadBalancerToSubnets", "elasticloadbalancing:ConfigureHealthCheck", "elasticloadbalancing:CreateAppCookieStickinessPolicy", "elasticloadbalancing:CreateLBCookieStickinessPolicy", "elasticloadbalancing:CreateLoadBalancer", "elasticloadbalancing:CreateLoadBalancerListeners", "elasticloadbalancing:CreateLoadBalancerPolicy", "elasticloadbalancing:DeleteLoadBalancer", "elasticloadbalancing:DeleteLoadBalancerListeners", "elasticloadbalancing:DeleteLoadBalancerPolicy", "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DetachLoadBalancerFromSubnets", "elasticloadbalancing:DisableAvailabilityZonesForLoadBalancer", "elasticloadbalancing:EnableAvailabilityZonesForLoadBalancer", "elasticloadbalancing:ModifyLoadBalancerAttributes", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:RemoveTags", "elasticloadbalancing:SetLoadBalancerListenerSSLCertificate", "elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer", "elasticloadbalancing:SetLoadBalancerPoliciesOfListener", "elasticloadbalancing:AddListenerCertificates", "elasticloadbalancing:AddTrustStoreRevocations", "elasticloadbalancing:CreateListener", "elasticloadbalancing:CreateRule", "elasticloadbalancing:CreateTargetGroup", "elasticloadbalancing:CreateTrustStore", "elasticloadbalancing:DeleteListener", "elasticloadbalancing:DeleteRule", "elasticloadbalancing:DeleteTargetGroup", "elasticloadbalancing:DeleteTrustStore", "elasticloadbalancing:DeregisterTargets", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "elasticloadbalancing:GetTrustStoreCaCertificatesBundle", "elasticloadbalancing:GetTrustStoreRevocationContent", "elasticloadbalancing:ModifyListener", "elasticloadbalancing:ModifyRule", "elasticloadbalancing:ModifyTargetGroup", "elasticloadbalancing:ModifyTargetGroupAttributes", "elasticloadbalancing:ModifyTrustStore", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:RemoveListenerCertificates", "elasticloadbalancing:RemoveTrustStoreRevocations", "elasticloadbalancing:SetIpAddressType", "elasticloadbalancing:SetRulePriorities", "elasticloadbalancing:SetSecurityGroups", "elasticloadbalancing:SetSubnets", "elasticloadbalancing:SetWebAcl", "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DescribeInternetGateways", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeVpcClassicLink", "ec2:DescribeInstances", "ec2:DescribeNetworkInterfaces", "ec2:DescribeClassicLinkInstances", "ec2:DescribeRouteTables", "ec2:DescribeCoipPools", "ec2:GetCoipPoolUsage", "ec2:DescribeVpcPeeringConnections", "cognito-idp:DescribeUserPoolClient", "iam:CreateServiceLinkedRole", "arc-zonal-shift:CancelZonalShift", "arc-zonal-shift:CreatePracticeRunConfiguration", "arc-zonal-shift:DeletePracticeRunConfiguration", "arc-zonal-shift:GetManagedResource", "arc-zonal-shift:ListAutoshifts", "arc-zonal-shift:ListManagedResources", "arc-zonal-shift:ListZonalShifts", "arc-zonal-shift:StartZonalShift", "arc-zonal-shift:UpdatePracticeRunConfiguration", "arc-zonal-shift:UpdateZonalAutoshiftConfiguration", "arc-zonal-shift:UpdateZonalShift", "arc-zonal-shift:ListManagedResources", "arc-zonal-shift:ListZonalShifts" ], "malformed": false, "name": "ElasticLoadBalancingFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-29T01:45:49+00:00", "version": "v7" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSIoTWirelessGatewayCertManager", "createdate": "2020-12-15T15:30:48Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iot:CreateKeysAndCertificate", "iot:DescribeCertificate", "iot:ListCertificates" ], "malformed": false, "name": "AWSIoTWirelessGatewayCertManager", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-15T15:30:48+00:00", "version": "v1" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonFSxReadOnlyAccess", "createdate": "2018-11-28T16:33:32Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "fsx:DescribeAssociatedFileGateways", "fsx:DescribeBackups", "fsx:DescribeDataRepositoryAssociations", "fsx:DescribeDataRepositoryTasks", "fsx:DescribeFileCaches", "fsx:DescribeFileSystemAliases", "fsx:DescribeFileSystems", "fsx:DescribeSharedVpcConfiguration", "fsx:DescribeSnapshots", "fsx:DescribeStorageVirtualMachines", "fsx:DescribeVolumes", "fsx:ListTagsForResource" ], "malformed": false, "name": "AmazonFSxReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-11-28T16:33:32+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSGlueSchemaRegistryReadonlyAccess", "createdate": "2020-11-20T00:20:06Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "glue:GetRegistry", "glue:ListRegistries", "glue:GetSchema", "glue:ListSchemas", "glue:GetSchemaByDefinition", "glue:GetSchemaVersion", "glue:ListSchemaVersions", "glue:GetSchemaVersionsDiff", "glue:CheckSchemaVersionValidity", "glue:QuerySchemaVersionMetadata", "glue:GetTags" ], "malformed": false, "name": "AWSGlueSchemaRegistryReadonlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-11-20T00:20:06+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSProtonDeveloperAccess", "createdate": "2022-11-18T18:35:07Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "codecommit:ListRepositories", "codepipeline:GetPipeline", "codepipeline:GetPipelineExecution", "codepipeline:GetPipelineState", "codepipeline:ListPipelineExecutions", "codepipeline:ListPipelines", "codestar-connections:ListConnections", "codestar-connections:UseConnection", "proton:CancelServiceInstanceDeployment", "proton:CancelServicePipelineDeployment", "proton:CreateService", "proton:DeleteService", "proton:GetAccountRoles", "proton:GetAccountSettings", "proton:GetEnvironment", "proton:GetEnvironmentAccountConnection", "proton:GetEnvironmentTemplate", "proton:GetEnvironmentTemplateMajorVersion", "proton:GetEnvironmentTemplateMinorVersion", "proton:GetEnvironmentTemplateVersion", "proton:GetRepository", "proton:GetRepositorySyncStatus", "proton:GetResourcesSummary", "proton:GetService", "proton:GetServiceInstance", "proton:GetServiceTemplate", "proton:GetServiceTemplateMajorVersion", "proton:GetServiceTemplateMinorVersion", "proton:GetServiceTemplateVersion", "proton:GetTemplateSyncConfig", "proton:GetTemplateSyncStatus", "proton:ListEnvironmentAccountConnections", "proton:ListEnvironmentOutputs", "proton:ListEnvironmentProvisionedResources", "proton:ListEnvironments", "proton:ListEnvironmentTemplateMajorVersions", "proton:ListEnvironmentTemplateMinorVersions", "proton:ListEnvironmentTemplates", "proton:ListEnvironmentTemplateVersions", "proton:ListRepositories", "proton:ListRepositorySyncDefinitions", "proton:ListServiceInstanceOutputs", "proton:ListServiceInstanceProvisionedResources", "proton:ListServiceInstances", "proton:ListServicePipelineOutputs", "proton:ListServicePipelineProvisionedResources", "proton:ListServices", "proton:ListServiceTemplateMajorVersions", "proton:ListServiceTemplateMinorVersions", "proton:ListServiceTemplates", "proton:ListServiceTemplateVersions", "proton:ListTagsForResource", "proton:UpdateService", "proton:UpdateServiceInstance", "proton:UpdateServicePipeline", "s3:ListAllMyBuckets", "s3:ListBucket", "codestar-connections:PassConnection" ], "malformed": false, "name": "AWSProtonDeveloperAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-18T18:35:07+00:00", "version": "v3" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/MonitronServiceRolePolicy", "createdate": "2022-05-02T19:22:03Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "malformed": false, "name": "MonitronServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-05-02T19:22:03+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSApplicationMigrationEC2Access", "createdate": "2023-02-06T16:07:02Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:PassRole", "ec2:DeleteSnapshot", "ec2:DescribeSnapshots", "ec2:DescribeImages", "ec2:DescribeVolumes", "ec2:CreateLaunchTemplateVersion", "ec2:ModifyLaunchTemplate", "ec2:DeleteLaunchTemplateVersions", "ec2:CreateLaunchTemplate", "ec2:DeleteLaunchTemplate", "ec2:DeleteVolume", "ec2:StartInstances", "ec2:StopInstances", "ec2:TerminateInstances", "ec2:ModifyInstanceAttribute", "ec2:GetConsoleOutput", "ec2:GetConsoleScreenshot", "ec2:RevokeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:AuthorizeSecurityGroupEgress", "ec2:CreateVolume", "ec2:CreateSecurityGroup", "ec2:CreateSecurityGroup", "ec2:CreateSnapshot", "ec2:CreateSnapshot", "ec2:DetachVolume", "ec2:AttachVolume", "ec2:AttachVolume", "ec2:DetachVolume", "ec2:RunInstances", "ec2:RunInstances", "ec2:CreateTags", "ec2:CreateTags", "ec2:ModifyVolume" ], "malformed": false, "name": "AWSApplicationMigrationEC2Access", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-02-06T16:07:02+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSDataExchangeProviderFullAccess", "createdate": "2022-03-15T16:16:20Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "dataexchange:CreateDataSet", "dataexchange:CreateRevision", "dataexchange:CreateAsset", "dataexchange:GetAsset", "dataexchange:GetDataSet", "dataexchange:GetEventAction", "dataexchange:GetJob", "dataexchange:GetRevision", "dataexchange:UpdateAsset", "dataexchange:UpdateDataSet", "dataexchange:UpdateEventAction", "dataexchange:UpdateRevision", "dataexchange:ListDataSetRevisions", "dataexchange:ListDataSets", "dataexchange:ListEventActions", "dataexchange:ListJobs", "dataexchange:ListRevisionAssets", "dataexchange:ListTagsForResource", "dataexchange:DeleteAsset", "dataexchange:DeleteDataSet", "dataexchange:DeleteEventAction", "dataexchange:DeleteRevision", "dataexchange:TagResource", "dataexchange:UntagResource", "dataexchange:PublishDataSet", "dataexchange:SendApiAsset", "dataexchange:RevokeRevision", "tag:GetTagKeys", "tag:GetTagValues", "dataexchange:CreateJob", "dataexchange:StartJob", "dataexchange:CancelJob", "s3:GetObject", "s3:GetObject", "s3:PutObject", "s3:PutObjectAcl", "s3:GetBucketLocation", "s3:ListBucket", "s3:ListAllMyBuckets", "aws-marketplace:DescribeEntity", "aws-marketplace:ListEntities", "aws-marketplace:DescribeChangeSet", "aws-marketplace:ListChangeSets", "aws-marketplace:StartChangeSet", "aws-marketplace:CancelChangeSet", "aws-marketplace:GetAgreementApprovalRequest", "aws-marketplace:ListAgreementApprovalRequests", "aws-marketplace:AcceptAgreementApprovalRequest", "aws-marketplace:RejectAgreementApprovalRequest", "aws-marketplace:UpdateAgreementApprovalRequest", "aws-marketplace:SearchAgreements", "aws-marketplace:GetAgreementTerms", "kms:DescribeKey", "kms:ListAliases", "kms:ListKeys", "redshift:AuthorizeDataShare", "redshift:DescribeDataSharesForProducer", "redshift:DescribeDataShares", "apigateway:GET" ], "malformed": false, "name": "AWSDataExchangeProviderFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-03-15T16:16:20+00:00", "version": "v11" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderAudit", "createdate": "2019-11-25T23:52:43Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iot:GetLoggingOptions", "iot:GetV2LoggingOptions", "iot:ListCACertificates", "iot:ListCertificates", "iot:DescribeCACertificate", "iot:DescribeCertificate", "iot:ListPolicies", "iot:GetPolicy", "iot:GetEffectivePolicies", "iot:ListRoleAliases", "iot:DescribeRoleAlias", "cognito-identity:GetIdentityPoolRoles", "iam:ListRolePolicies", "iam:ListAttachedRolePolicies", "iam:GetRole", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:GetRolePolicy", "iam:GenerateServiceLastAccessedDetails", "iam:GetServiceLastAccessedDetails" ], "malformed": false, "name": "AWSIoTDeviceDefenderAudit", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-11-25T23:52:43+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/GroundTruthSyntheticConsoleReadOnlyAccess", "createdate": "2022-08-25T15:58:49Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "sagemaker-groundtruth-synthetic:ListBatchDataTransfers", "sagemaker-groundtruth-synthetic:ListBatchSummaries", "sagemaker-groundtruth-synthetic:ListProjectDataTransfers", "sagemaker-groundtruth-synthetic:ListProjectSummaries", "sagemaker-groundtruth-synthetic:GetAccountDetails", "sagemaker-groundtruth-synthetic:GetBatch", "sagemaker-groundtruth-synthetic:GetProject", "s3:ListBucket" ], "malformed": false, "name": "GroundTruthSyntheticConsoleReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-08-25T15:58:49+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSIoTFullAccess", "createdate": "2022-05-19T21:39:11Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iot:AcceptCertificateTransfer", "iot:AddThingToBillingGroup", "iot:AddThingToThingGroup", "iot:AssociateTargetsWithJob", "iot:AttachPolicy", "iot:AttachPrincipalPolicy", "iot:AttachSecurityProfile", "iot:AttachThingPrincipal", "iot:CancelAuditMitigationActionsTask", "iot:CancelAuditTask", "iot:CancelCertificateTransfer", "iot:CancelDetectMitigationActionsTask", "iot:CancelJob", "iot:CancelJobExecution", "iot:ClearDefaultAuthorizer", "iot:CloseTunnel", "iot:ConfirmTopicRuleDestination", "iot:Connect", "iot:CreateAuditSuppression", "iot:CreateAuthorizer", "iot:CreateBillingGroup", "iot:CreateCertificateFromCsr", "iot:CreateCertificateProvider", "iot:CreateCustomMetric", "iot:CreateDimension", "iot:CreateDomainConfiguration", "iot:CreateDynamicThingGroup", "iot:CreateFleetMetric", "iot:CreateJob", "iot:CreateJobTemplate", "iot:CreateKeysAndCertificate", "iot:CreateMitigationAction", "iot:CreateOTAUpdate", "iot:CreatePackage", "iot:CreatePackageVersion", "iot:CreatePolicy", "iot:CreatePolicyVersion", "iot:CreateProvisioningClaim", "iot:CreateProvisioningTemplate", "iot:CreateProvisioningTemplateVersion", "iot:CreateRoleAlias", "iot:CreateScheduledAudit", "iot:CreateSecurityProfile", "iot:CreateStream", "iot:CreateThing", "iot:CreateThingGroup", "iot:CreateThingType", "iot:CreateTopicRule", "iot:CreateTopicRuleDestination", "iot:DeleteAccountAuditConfiguration", "iot:DeleteAuditSuppression", "iot:DeleteAuthorizer", "iot:DeleteBillingGroup", "iot:DeleteCACertificate", "iot:DeleteCertificate", "iot:DeleteCertificateProvider", "iot:DeleteCustomMetric", "iot:DeleteDimension", "iot:DeleteDomainConfiguration", "iot:DeleteDynamicThingGroup", "iot:DeleteFleetMetric", "iot:DeleteJob", "iot:DeleteJobExecution", "iot:DeleteJobTemplate", "iot:DeleteMitigationAction", "iot:DeleteOTAUpdate", "iot:DeletePackage", "iot:DeletePackageVersion", "iot:DeletePolicy", "iot:DeletePolicyVersion", "iot:DeleteProvisioningTemplate", "iot:DeleteProvisioningTemplateVersion", "iot:DeleteRegistrationCode", "iot:DeleteRoleAlias", "iot:DeleteScheduledAudit", "iot:DeleteSecurityProfile", "iot:DeleteStream", "iot:DeleteThing", "iot:DeleteThingGroup", "iot:DeleteThingShadow", "iot:DeleteThingType", "iot:DeleteTopicRule", "iot:DeleteTopicRuleDestination", "iot:DeleteV2LoggingLevel", "iot:DeprecateThingType", "iot:DescribeAccountAuditConfiguration", "iot:DescribeAuditFinding", "iot:DescribeAuditMitigationActionsTask", "iot:DescribeAuditSuppression", "iot:DescribeAuditTask", "iot:DescribeAuthorizer", "iot:DescribeBillingGroup", "iot:DescribeCACertificate", "iot:DescribeCertificate", "iot:DescribeCertificateProvider", "iot:DescribeCustomMetric", "iot:DescribeDefaultAuthorizer", "iot:DescribeDetectMitigationActionsTask", "iot:DescribeDimension", "iot:DescribeDomainConfiguration", "iot:DescribeEndpoint", "iot:DescribeEventConfigurations", "iot:DescribeFleetMetric", "iot:DescribeIndex", "iot:DescribeJob", "iot:DescribeJobExecution", "iot:DescribeJobTemplate", "iot:DescribeManagedJobTemplate", "iot:DescribeMitigationAction", "iot:DescribeProvisioningTemplate", "iot:DescribeProvisioningTemplateVersion", "iot:DescribeRoleAlias", "iot:DescribeScheduledAudit", "iot:DescribeSecurityProfile", "iot:DescribeStream", "iot:DescribeThing", "iot:DescribeThingGroup", "iot:DescribeThingRegistrationTask", "iot:DescribeThingType", "iot:DescribeTunnel", "iot:DetachPolicy", "iot:DetachPrincipalPolicy", "iot:DetachSecurityProfile", "iot:DetachThingPrincipal", "iot:DisableTopicRule", "iot:EnableTopicRule", "iot:GetBehaviorModelTrainingSummaries", "iot:GetBucketsAggregation", "iot:GetCardinality", "iot:GetEffectivePolicies", "iot:GetIndexingConfiguration", "iot:GetJobDocument", "iot:GetLoggingOptions", "iot:GetOTAUpdate", "iot:GetPackage", "iot:GetPackageConfiguration", "iot:GetPackageVersion", "iot:GetPercentiles", "iot:GetPolicy", "iot:GetPolicyVersion", "iot:GetRegistrationCode", "iot:GetRetainedMessage", "iot:GetStatistics", "iot:GetThingShadow", "iot:GetTopicRule", "iot:GetTopicRuleDestination", "iot:GetV2LoggingOptions", "iot:ListActiveViolations", "iot:ListAttachedPolicies", "iot:ListAuditFindings", "iot:ListAuditMitigationActionsExecutions", "iot:ListAuditMitigationActionsTasks", "iot:ListAuditSuppressions", "iot:ListAuditTasks", "iot:ListAuthorizers", "iot:ListBillingGroups", "iot:ListCACertificates", "iot:ListCertificateProviders", "iot:ListCertificates", "iot:ListCertificatesByCA", "iot:ListCustomMetrics", "iot:ListDetectMitigationActionsExecutions", "iot:ListDetectMitigationActionsTasks", "iot:ListDimensions", "iot:ListDomainConfigurations", "iot:ListFleetMetrics", "iot:ListIndices", "iot:ListJobExecutionsForJob", "iot:ListJobExecutionsForThing", "iot:ListJobTemplates", "iot:ListJobs", "iot:ListManagedJobTemplates", "iot:ListMetricValues", "iot:ListMitigationActions", "iot:ListNamedShadowsForThing", "iot:ListOTAUpdates", "iot:ListOutgoingCertificates", "iot:ListPackageVersions", "iot:ListPackages", "iot:ListPolicies", "iot:ListPolicyPrincipals", "iot:ListPolicyVersions", "iot:ListPrincipalPolicies", "iot:ListPrincipalThings", "iot:ListProvisioningTemplateVersions", "iot:ListProvisioningTemplates", "iot:ListRelatedResourcesForAuditFinding", "iot:ListRetainedMessages", "iot:ListRoleAliases", "iot:ListScheduledAudits", "iot:ListSecurityProfiles", "iot:ListSecurityProfilesForTarget", "iot:ListStreams", "iot:ListTagsForResource", "iot:ListTargetsForPolicy", "iot:ListTargetsForSecurityProfile", "iot:ListThingGroups", "iot:ListThingGroupsForThing", "iot:ListThingPrincipals", "iot:ListThingRegistrationTaskReports", "iot:ListThingRegistrationTasks", "iot:ListThingTypes", "iot:ListThings", "iot:ListThingsInBillingGroup", "iot:ListThingsInThingGroup", "iot:ListTopicRuleDestinations", "iot:ListTopicRules", "iot:ListTunnels", "iot:ListV2LoggingLevels", "iot:ListViolationEvents", "iot:OpenTunnel", "iot:Publish", "iot:PutVerificationStateOnViolation", "iot:Receive", "iot:RegisterCACertificate", "iot:RegisterCertificate", "iot:RegisterCertificateWithoutCA", "iot:RegisterThing", "iot:RejectCertificateTransfer", "iot:RemoveThingFromBillingGroup", "iot:RemoveThingFromThingGroup", "iot:ReplaceTopicRule", "iot:RetainPublish", "iot:RotateTunnelAccessToken", "iot:SearchIndex", "iot:SetDefaultAuthorizer", "iot:SetDefaultPolicyVersion", "iot:SetLoggingOptions", "iot:SetV2LoggingLevel", "iot:SetV2LoggingOptions", "iot:StartAuditMitigationActionsTask", "iot:StartDetectMitigationActionsTask", "iot:StartOnDemandAuditTask", "iot:StartThingRegistrationTask", "iot:StopThingRegistrationTask", "iot:Subscribe", "iot:TagResource", "iot:TestAuthorization", "iot:TestInvokeAuthorizer", "iot:TransferCertificate", "iot:UntagResource", "iot:UpdateAccountAuditConfiguration", "iot:UpdateAuditSuppression", "iot:UpdateAuthorizer", "iot:UpdateBillingGroup", "iot:UpdateCACertificate", "iot:UpdateCertificate", "iot:UpdateCertificateProvider", "iot:UpdateCustomMetric", "iot:UpdateDimension", "iot:UpdateDomainConfiguration", "iot:UpdateDynamicThingGroup", "iot:UpdateEventConfigurations", "iot:UpdateFleetMetric", "iot:UpdateIndexingConfiguration", "iot:UpdateJob", "iot:UpdateMitigationAction", "iot:UpdatePackage", "iot:UpdatePackageConfiguration", "iot:UpdatePackageVersion", "iot:UpdateProvisioningTemplate", "iot:UpdateRoleAlias", "iot:UpdateScheduledAudit", "iot:UpdateSecurityProfile", "iot:UpdateStream", "iot:UpdateThing", "iot:UpdateThingGroup", "iot:UpdateThingGroupsForThing", "iot:UpdateThingShadow", "iot:UpdateTopicRuleDestination", "iot:ValidateSecurityProfileBehaviors", "iotjobsdata:DescribeJobExecution", "iotjobsdata:GetPendingJobExecutions", "iotjobsdata:StartNextPendingJobExecution", "iotjobsdata:UpdateJobExecution" ], "malformed": false, "name": "AWSIoTFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-05-19T21:39:11+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSAppRunnerFullAccess", "createdate": "2022-01-11T04:02:09Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:CreateServiceLinkedRole", "iam:PassRole", "apprunner:AssociateCustomDomain", "apprunner:AssociateWebAcl", "apprunner:CreateAutoScalingConfiguration", "apprunner:CreateConnection", "apprunner:CreateObservabilityConfiguration", "apprunner:CreateService", "apprunner:CreateVpcConnector", "apprunner:CreateVpcIngressConnection", "apprunner:DeleteAutoScalingConfiguration", "apprunner:DeleteConnection", "apprunner:DeleteObservabilityConfiguration", "apprunner:DeleteService", "apprunner:DeleteVpcConnector", "apprunner:DeleteVpcIngressConnection", "apprunner:DescribeAutoScalingConfiguration", "apprunner:DescribeCustomDomains", "apprunner:DescribeObservabilityConfiguration", "apprunner:DescribeOperation", "apprunner:DescribeService", "apprunner:DescribeVpcConnector", "apprunner:DescribeVpcIngressConnection", "apprunner:DescribeWebAclForService", "apprunner:DisassociateCustomDomain", "apprunner:DisassociateWebAcl", "apprunner:ListAssociatedServicesForWebAcl", "apprunner:ListAutoScalingConfigurations", "apprunner:ListConnections", "apprunner:ListObservabilityConfigurations", "apprunner:ListOperations", "apprunner:ListServices", "apprunner:ListServicesForAutoScalingConfiguration", "apprunner:ListTagsForResource", "apprunner:ListVpcConnectors", "apprunner:ListVpcIngressConnections", "apprunner:PauseService", "apprunner:ResumeService", "apprunner:StartDeployment", "apprunner:TagResource", "apprunner:UntagResource", "apprunner:UpdateDefaultAutoScalingConfiguration", "apprunner:UpdateService", "apprunner:UpdateVpcIngressConnection" ], "malformed": false, "name": "AWSAppRunnerFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-01-11T04:02:09+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonEMRServerlessServiceRolePolicy", "createdate": "2024-01-25T18:21:43Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeDhcpOptions", "ec2:DescribeRouteTables", "cloudwatch:PutMetricData" ], "malformed": false, "name": "AmazonEMRServerlessServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-25T18:21:43+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSCodeArtifactAdminAccess", "createdate": "2020-06-16T23:53:23Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "codeartifact:AssociateExternalConnection", "codeartifact:AssociateWithDownstreamRepository", "codeartifact:CopyPackageVersions", "codeartifact:CreateDomain", "codeartifact:CreatePackageGroup", "codeartifact:CreateRepository", "codeartifact:DeleteDomain", "codeartifact:DeleteDomainPermissionsPolicy", "codeartifact:DeletePackage", "codeartifact:DeletePackageGroup", "codeartifact:DeletePackageVersions", "codeartifact:DeleteRepository", "codeartifact:DeleteRepositoryPermissionsPolicy", "codeartifact:DescribeDomain", "codeartifact:DescribePackage", "codeartifact:DescribePackageGroup", "codeartifact:DescribePackageVersion", "codeartifact:DescribeRepository", "codeartifact:DisassociateExternalConnection", "codeartifact:DisposePackageVersions", "codeartifact:GetAssociatedPackageGroup", "codeartifact:GetAuthorizationToken", "codeartifact:GetDomainPermissionsPolicy", "codeartifact:GetPackageVersionAsset", "codeartifact:GetPackageVersionReadme", "codeartifact:GetRepositoryEndpoint", "codeartifact:GetRepositoryPermissionsPolicy", "codeartifact:ListAllowedRepositoriesForGroup", "codeartifact:ListAssociatedPackages", "codeartifact:ListDomains", "codeartifact:ListPackageGroups", "codeartifact:ListPackageVersionAssets", "codeartifact:ListPackageVersionDependencies", "codeartifact:ListPackageVersions", "codeartifact:ListPackages", "codeartifact:ListRepositories", "codeartifact:ListRepositoriesInDomain", "codeartifact:ListSubPackageGroups", "codeartifact:ListTagsForResource", "codeartifact:PublishPackageVersion", "codeartifact:PutDomainPermissionsPolicy", "codeartifact:PutPackageMetadata", "codeartifact:PutPackageOriginConfiguration", "codeartifact:PutRepositoryPermissionsPolicy", "codeartifact:ReadFromRepository", "codeartifact:TagResource", "codeartifact:UntagResource", "codeartifact:UpdatePackageGroup", "codeartifact:UpdatePackageGroupOriginConfiguration", "codeartifact:UpdatePackageVersionsStatus", "codeartifact:UpdateRepository", "sts:GetServiceBearerToken" ], "malformed": false, "name": "AWSCodeArtifactAdminAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-06-16T23:53:23+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSIoTAnalyticsFullAccess", "createdate": "2018-06-18T23:02:45Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iotanalytics:BatchPutMessage", "iotanalytics:CancelPipelineReprocessing", "iotanalytics:CreateChannel", "iotanalytics:CreateDataset", "iotanalytics:CreateDatasetContent", "iotanalytics:CreateDatastore", "iotanalytics:CreatePipeline", "iotanalytics:DeleteChannel", "iotanalytics:DeleteDataset", "iotanalytics:DeleteDatasetContent", "iotanalytics:DeleteDatastore", "iotanalytics:DeletePipeline", "iotanalytics:DescribeChannel", "iotanalytics:DescribeDataset", "iotanalytics:DescribeDatastore", "iotanalytics:DescribeLoggingOptions", "iotanalytics:DescribePipeline", "iotanalytics:GetDatasetContent", "iotanalytics:ListChannels", "iotanalytics:ListDatasetContents", "iotanalytics:ListDatasets", "iotanalytics:ListDatastores", "iotanalytics:ListPipelines", "iotanalytics:ListTagsForResource", "iotanalytics:PutLoggingOptions", "iotanalytics:RunPipelineActivity", "iotanalytics:SampleChannelData", "iotanalytics:StartPipelineReprocessing", "iotanalytics:TagResource", "iotanalytics:UntagResource", "iotanalytics:UpdateChannel", "iotanalytics:UpdateDataset", "iotanalytics:UpdateDatastore", "iotanalytics:UpdatePipeline" ], "malformed": false, "name": "AWSIoTAnalyticsFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-06-18T23:02:45+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryReadOnlyAccess", "createdate": "2023-11-27T13:03:00Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "drs:DescribeJobLogItems", "drs:DescribeJobs", "drs:DescribeRecoveryInstances", "drs:DescribeRecoverySnapshots", "drs:DescribeReplicationConfigurationTemplates", "drs:DescribeSourceServers", "drs:GetFailbackReplicationConfiguration", "drs:GetLaunchConfiguration", "drs:GetReplicationConfiguration", "drs:ListExtensibleSourceServers", "drs:ListStagingAccounts", "drs:ListTagsForResource", "drs:ListLaunchActions", "ec2:DescribeInstances", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "iam:ListRoles", "ssm:ListCommandInvocations", "ssm:GetParameter", "ssm:DescribeDocument", "ssm:GetDocument", "ssm:GetAutomationExecution" ], "malformed": false, "name": "AWSElasticDisasterRecoveryReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-27T13:03:00+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSMarketplaceImageBuildFullAccess", "createdate": "2022-03-04T17:05:09Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "aws-marketplace:ListBuilds", "aws-marketplace:StartBuild", "aws-marketplace:DescribeBuilds", "ec2:TerminateInstances", "iam:PassRole", "ssm:GetAutomationExecution", "ssm:ListDocuments", "ssm:DescribeDocument", "ec2:DeregisterImage", "ec2:CopyImage", "ec2:DescribeSnapshots", "ec2:DescribeSecurityGroups", "ec2:DescribeImages", "ec2:DescribeSubnets", "ec2:DeleteSnapshot", "ec2:CreateImage", "ec2:RunInstances", "ec2:DescribeInstanceStatus", "sns:GetTopicAttributes", "iam:GetRole", "iam:GetInstanceProfile", "s3:GetObject", "s3:ListBucket", "ec2:CreateTags", "sns:Publish", "ssm:StartAutomationExecution", "iam:PassRole" ], "malformed": false, "name": "AWSMarketplaceImageBuildFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-03-04T17:05:09+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonSNSFullAccess", "createdate": "2015-02-06T18:41:05Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "sns:AddPermission", "sns:CheckIfPhoneNumberIsOptedOut", "sns:ConfirmSubscription", "sns:CreatePlatformApplication", "sns:CreatePlatformEndpoint", "sns:CreateSMSSandboxPhoneNumber", "sns:CreateTopic", "sns:DeleteEndpoint", "sns:DeletePlatformApplication", "sns:DeleteSMSSandboxPhoneNumber", "sns:DeleteTopic", "sns:GetDataProtectionPolicy", "sns:GetEndpointAttributes", "sns:GetPlatformApplicationAttributes", "sns:GetSMSAttributes", "sns:GetSMSSandboxAccountStatus", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:ListEndpointsByPlatformApplication", "sns:ListOriginationNumbers", "sns:ListPhoneNumbersOptedOut", "sns:ListPlatformApplications", "sns:ListSMSSandboxPhoneNumbers", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "sns:OptInPhoneNumber", "sns:Publish", "sns:PutDataProtectionPolicy", "sns:RemovePermission", "sns:SetEndpointAttributes", "sns:SetPlatformApplicationAttributes", "sns:SetSMSAttributes", "sns:SetSubscriptionAttributes", "sns:SetTopicAttributes", "sns:Subscribe", "sns:TagResource", "sns:Unsubscribe", "sns:UntagResource", "sns:VerifySMSSandboxPhoneNumber" ], "malformed": false, "name": "AmazonSNSFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:41:05+00:00", "version": "v1" }, { "access_levels": [ "List" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForGroundStationDataflowEndpointGroupPolicy", "createdate": "2022-12-13T23:52:45Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeAddresses", "ec2:DescribeNetworkInterfaces" ], "malformed": false, "name": "AWSServiceRoleForGroundStationDataflowEndpointGroupPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-12-13T23:52:45+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonRoute53AutoNamingReadOnlyAccess", "createdate": "2018-01-18T03:02:59Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "servicediscovery:GetInstance", "servicediscovery:GetInstancesHealthStatus", "servicediscovery:GetNamespace", "servicediscovery:GetOperation", "servicediscovery:GetService", "servicediscovery:ListInstances", "servicediscovery:ListNamespaces", "servicediscovery:ListOperations", "servicediscovery:ListServices", "servicediscovery:ListTagsForResource" ], "malformed": false, "name": "AmazonRoute53AutoNamingReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-01-18T03:02:59+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonRoute53RecoveryClusterFullAccess", "createdate": "2021-08-18T18:37:00Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "route53-recovery-cluster:GetRoutingControlState", "route53-recovery-cluster:ListRoutingControls", "route53-recovery-cluster:UpdateRoutingControlState", "route53-recovery-cluster:UpdateRoutingControlStates" ], "malformed": false, "name": "AmazonRoute53RecoveryClusterFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-08-18T18:37:00+00:00", "version": "v1" }, { "access_levels": [ "List", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/KafkaConnectServiceRolePolicy", "createdate": "2021-09-07T13:12:44Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterface", "ec2:CreateTags", "ec2:DescribeNetworkInterfaces", "ec2:CreateNetworkInterfacePermission", "ec2:AttachNetworkInterface", "ec2:DetachNetworkInterface", "ec2:DeleteNetworkInterface" ], "malformed": false, "name": "KafkaConnectServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-09-07T13:12:44+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSOpsWorksCMServiceRole", "createdate": "2021-04-23T17:32:13Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:CreateBucket", "s3:DeleteObject", "s3:DeleteBucket", "s3:GetObject", "s3:ListBucket", "s3:PutBucketPolicy", "s3:PutObject", "s3:GetBucketTagging", "s3:PutBucketTagging", "tag:UntagResources", "tag:TagResources", "ssm:DescribeInstanceInformation", "ssm:GetCommandInvocation", "ssm:ListCommandInvocations", "ssm:ListCommands", "ssm:SendCommand", "ssm:SendCommand", "ec2:AllocateAddress", "ec2:AssociateAddress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateImage", "ec2:CreateSecurityGroup", "ec2:CreateSnapshot", "ec2:CreateTags", "ec2:DeleteSecurityGroup", "ec2:DeleteSnapshot", "ec2:DeregisterImage", "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DescribeImages", "ec2:DescribeInstanceStatus", "ec2:DescribeInstances", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshots", "ec2:DescribeSubnets", "ec2:DisassociateAddress", "ec2:ReleaseAddress", "ec2:RunInstances", "ec2:StopInstances", "ec2:TerminateInstances", "ec2:RebootInstances", "opsworks-cm:DeleteServer", "opsworks-cm:StartMaintenance", "cloudformation:CreateStack", "cloudformation:DeleteStack", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackResources", "cloudformation:DescribeStacks", "cloudformation:UpdateStack", "iam:PassRole", "acm:DeleteCertificate", "acm:ImportCertificate", "secretsmanager:CreateSecret", "secretsmanager:GetSecretValue", "secretsmanager:UpdateSecret", "secretsmanager:DeleteSecret", "secretsmanager:TagResource", "secretsmanager:UntagResource", "ec2:DeleteTags" ], "malformed": false, "name": "AWSOpsWorksCMServiceRole", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-04-23T17:32:13+00:00", "version": "v14" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonBraketJobsExecutionPolicy", "createdate": "2021-11-28T05:34:55Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:GetObject", "s3:PutObject", "s3:ListBucket", "s3:CreateBucket", "s3:PutBucketPublicAccessBlock", "s3:PutBucketPolicy", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", "ecr:BatchCheckLayerAvailability", "ecr:GetAuthorizationToken", "braket:CancelJob", "braket:CancelQuantumTask", "braket:CreateJob", "braket:CreateQuantumTask", "braket:GetDevice", "braket:GetJob", "braket:GetQuantumTask", "braket:SearchDevices", "braket:SearchJobs", "braket:SearchQuantumTasks", "braket:ListTagsForResource", "braket:TagResource", "braket:UntagResource", "iam:PassRole", "iam:ListRoles", "logs:GetQueryResults", "logs:PutLogEvents", "logs:CreateLogStream", "logs:CreateLogGroup", "logs:GetLogEvents", "logs:DescribeLogStreams", "logs:StartQuery", "logs:StopQuery", "cloudwatch:PutMetricData" ], "malformed": false, "name": "AmazonBraketJobsExecutionPolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-11-28T05:34:55+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonEC2FullAccess", "createdate": "2018-11-27T02:16:56Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:AcceptAddressTransfer", "ec2:AcceptReservedInstancesExchangeQuote", "ec2:AcceptTransitGatewayMulticastDomainAssociations", "ec2:AcceptTransitGatewayPeeringAttachment", "ec2:AcceptTransitGatewayVpcAttachment", "ec2:AcceptVpcEndpointConnections", "ec2:AcceptVpcPeeringConnection", "ec2:AdvertiseByoipCidr", "ec2:AllocateAddress", "ec2:AllocateHosts", "ec2:AllocateIpamPoolCidr", "ec2:ApplySecurityGroupsToClientVpnTargetNetwork", "ec2:AssignIpv6Addresses", "ec2:AssignPrivateIpAddresses", "ec2:AssignPrivateNatGatewayAddress", "ec2:AssociateAddress", "ec2:AssociateClientVpnTargetNetwork", "ec2:AssociateDhcpOptions", "ec2:AssociateEnclaveCertificateIamRole", "ec2:AssociateIamInstanceProfile", "ec2:AssociateInstanceEventWindow", "ec2:AssociateIpamByoasn", "ec2:AssociateIpamResourceDiscovery", "ec2:AssociateNatGatewayAddress", "ec2:AssociateRouteTable", "ec2:AssociateSubnetCidrBlock", "ec2:AssociateTransitGatewayMulticastDomain", "ec2:AssociateTransitGatewayPolicyTable", "ec2:AssociateTransitGatewayRouteTable", "ec2:AssociateTrunkInterface", "ec2:AssociateVerifiedAccessInstanceWebAcl", "ec2:AssociateVpcCidrBlock", "ec2:AttachClassicLinkVpc", "ec2:AttachInternetGateway", "ec2:AttachNetworkInterface", "ec2:AttachVerifiedAccessTrustProvider", "ec2:AttachVolume", "ec2:AttachVpnGateway", "ec2:AuthorizeClientVpnIngress", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:BundleInstance", "ec2:CancelBundleTask", "ec2:CancelCapacityReservation", "ec2:CancelCapacityReservationFleets", "ec2:CancelConversionTask", "ec2:CancelExportTask", "ec2:CancelImageLaunchPermission", "ec2:CancelImportTask", "ec2:CancelReservedInstancesListing", "ec2:CancelSpotFleetRequests", "ec2:CancelSpotInstanceRequests", "ec2:ConfirmProductInstance", "ec2:CopyFpgaImage", "ec2:CopyImage", "ec2:CopySnapshot", "ec2:CreateCapacityReservation", "ec2:CreateCapacityReservationFleet", "ec2:CreateCarrierGateway", "ec2:CreateClientVpnEndpoint", "ec2:CreateClientVpnRoute", "ec2:CreateCoipCidr", "ec2:CreateCoipPool", "ec2:CreateCoipPoolPermission", "ec2:CreateCustomerGateway", "ec2:CreateDefaultSubnet", "ec2:CreateDefaultVpc", "ec2:CreateDhcpOptions", "ec2:CreateEgressOnlyInternetGateway", "ec2:CreateFleet", "ec2:CreateFlowLogs", "ec2:CreateFpgaImage", "ec2:CreateImage", "ec2:CreateInstanceConnectEndpoint", "ec2:CreateInstanceEventWindow", "ec2:CreateInstanceExportTask", "ec2:CreateInternetGateway", "ec2:CreateIpam", "ec2:CreateIpamPool", "ec2:CreateIpamResourceDiscovery", "ec2:CreateIpamScope", "ec2:CreateKeyPair", "ec2:CreateLaunchTemplate", "ec2:CreateLaunchTemplateVersion", "ec2:CreateLocalGatewayRoute", "ec2:CreateLocalGatewayRouteTable", "ec2:CreateLocalGatewayRouteTablePermission", "ec2:CreateLocalGatewayRouteTableVirtualInterfaceGroupAssociation", "ec2:CreateLocalGatewayRouteTableVpcAssociation", "ec2:CreateManagedPrefixList", "ec2:CreateNatGateway", "ec2:CreateNetworkAcl", "ec2:CreateNetworkAclEntry", "ec2:CreateNetworkInsightsAccessScope", "ec2:CreateNetworkInsightsPath", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:CreatePlacementGroup", "ec2:CreatePublicIpv4Pool", "ec2:CreateReplaceRootVolumeTask", "ec2:CreateReservedInstancesListing", "ec2:CreateRestoreImageTask", "ec2:CreateRoute", "ec2:CreateRouteTable", "ec2:CreateSecurityGroup", "ec2:CreateSnapshot", "ec2:CreateSnapshots", "ec2:CreateSpotDatafeedSubscription", "ec2:CreateStoreImageTask", "ec2:CreateSubnet", "ec2:CreateSubnetCidrReservation", "ec2:CreateTags", "ec2:CreateTrafficMirrorFilter", "ec2:CreateTrafficMirrorFilterRule", "ec2:CreateTrafficMirrorSession", "ec2:CreateTrafficMirrorTarget", "ec2:CreateTransitGateway", "ec2:CreateTransitGatewayConnect", "ec2:CreateTransitGatewayConnectPeer", "ec2:CreateTransitGatewayMulticastDomain", "ec2:CreateTransitGatewayPeeringAttachment", "ec2:CreateTransitGatewayPolicyTable", "ec2:CreateTransitGatewayPrefixListReference", "ec2:CreateTransitGatewayRoute", "ec2:CreateTransitGatewayRouteTable", "ec2:CreateTransitGatewayRouteTableAnnouncement", "ec2:CreateTransitGatewayVpcAttachment", "ec2:CreateVerifiedAccessEndpoint", "ec2:CreateVerifiedAccessGroup", "ec2:CreateVerifiedAccessInstance", "ec2:CreateVerifiedAccessTrustProvider", "ec2:CreateVolume", "ec2:CreateVpc", "ec2:CreateVpcEndpoint", "ec2:CreateVpcEndpointConnectionNotification", "ec2:CreateVpcEndpointServiceConfiguration", "ec2:CreateVpcPeeringConnection", "ec2:CreateVpnConnection", "ec2:CreateVpnConnectionRoute", "ec2:CreateVpnGateway", "ec2:DeleteCarrierGateway", "ec2:DeleteClientVpnEndpoint", "ec2:DeleteClientVpnRoute", "ec2:DeleteCoipCidr", "ec2:DeleteCoipPool", "ec2:DeleteCoipPoolPermission", "ec2:DeleteCustomerGateway", "ec2:DeleteDhcpOptions", "ec2:DeleteEgressOnlyInternetGateway", "ec2:DeleteFleets", "ec2:DeleteFlowLogs", "ec2:DeleteFpgaImage", "ec2:DeleteInstanceConnectEndpoint", "ec2:DeleteInstanceEventWindow", "ec2:DeleteInternetGateway", "ec2:DeleteIpam", "ec2:DeleteIpamPool", "ec2:DeleteIpamResourceDiscovery", "ec2:DeleteIpamScope", "ec2:DeleteKeyPair", "ec2:DeleteLaunchTemplate", "ec2:DeleteLaunchTemplateVersions", "ec2:DeleteLocalGatewayRoute", "ec2:DeleteLocalGatewayRouteTable", "ec2:DeleteLocalGatewayRouteTablePermission", "ec2:DeleteLocalGatewayRouteTableVirtualInterfaceGroupAssociation", "ec2:DeleteLocalGatewayRouteTableVpcAssociation", "ec2:DeleteManagedPrefixList", "ec2:DeleteNatGateway", "ec2:DeleteNetworkAcl", "ec2:DeleteNetworkAclEntry", "ec2:DeleteNetworkInsightsAccessScope", "ec2:DeleteNetworkInsightsAccessScopeAnalysis", "ec2:DeleteNetworkInsightsAnalysis", "ec2:DeleteNetworkInsightsPath", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DeletePlacementGroup", "ec2:DeletePublicIpv4Pool", "ec2:DeleteQueuedReservedInstances", "ec2:DeleteResourcePolicy", "ec2:DeleteRoute", "ec2:DeleteRouteTable", "ec2:DeleteSecurityGroup", "ec2:DeleteSnapshot", "ec2:DeleteSpotDatafeedSubscription", "ec2:DeleteSubnet", "ec2:DeleteSubnetCidrReservation", "ec2:DeleteTags", "ec2:DeleteTrafficMirrorFilter", "ec2:DeleteTrafficMirrorFilterRule", "ec2:DeleteTrafficMirrorSession", "ec2:DeleteTrafficMirrorTarget", "ec2:DeleteTransitGateway", "ec2:DeleteTransitGatewayConnect", "ec2:DeleteTransitGatewayConnectPeer", "ec2:DeleteTransitGatewayMulticastDomain", "ec2:DeleteTransitGatewayPeeringAttachment", "ec2:DeleteTransitGatewayPolicyTable", "ec2:DeleteTransitGatewayPrefixListReference", "ec2:DeleteTransitGatewayRoute", "ec2:DeleteTransitGatewayRouteTable", "ec2:DeleteTransitGatewayRouteTableAnnouncement", "ec2:DeleteTransitGatewayVpcAttachment", "ec2:DeleteVerifiedAccessEndpoint", "ec2:DeleteVerifiedAccessGroup", "ec2:DeleteVerifiedAccessInstance", "ec2:DeleteVerifiedAccessTrustProvider", "ec2:DeleteVolume", "ec2:DeleteVpc", "ec2:DeleteVpcEndpointConnectionNotifications", "ec2:DeleteVpcEndpointServiceConfigurations", "ec2:DeleteVpcEndpoints", "ec2:DeleteVpcPeeringConnection", "ec2:DeleteVpnConnection", "ec2:DeleteVpnConnectionRoute", "ec2:DeleteVpnGateway", "ec2:DeprovisionByoipCidr", "ec2:DeprovisionIpamByoasn", "ec2:DeprovisionIpamPoolCidr", "ec2:DeprovisionPublicIpv4PoolCidr", "ec2:DeregisterImage", "ec2:DeregisterInstanceEventNotificationAttributes", "ec2:DeregisterTransitGatewayMulticastGroupMembers", "ec2:DeregisterTransitGatewayMulticastGroupSources", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:DetachClassicLinkVpc", "ec2:DetachInternetGateway", "ec2:DetachNetworkInterface", "ec2:DetachVerifiedAccessTrustProvider", "ec2:DetachVolume", "ec2:DetachVpnGateway", "ec2:DisableAddressTransfer", "ec2:DisableAwsNetworkPerformanceMetricSubscription", "ec2:DisableEbsEncryptionByDefault", "ec2:DisableFastLaunch", "ec2:DisableFastSnapshotRestores", "ec2:DisableImage", "ec2:DisableImageBlockPublicAccess", "ec2:DisableImageDeprecation", "ec2:DisableIpamOrganizationAdminAccount", "ec2:DisableSerialConsoleAccess", "ec2:DisableSnapshotBlockPublicAccess", "ec2:DisableTransitGatewayRouteTablePropagation", "ec2:DisableVgwRoutePropagation", "ec2:DisableVpcClassicLink", "ec2:DisableVpcClassicLinkDnsSupport", "ec2:DisassociateAddress", "ec2:DisassociateClientVpnTargetNetwork", "ec2:DisassociateEnclaveCertificateIamRole", "ec2:DisassociateIamInstanceProfile", "ec2:DisassociateInstanceEventWindow", "ec2:DisassociateIpamByoasn", "ec2:DisassociateIpamResourceDiscovery", "ec2:DisassociateNatGatewayAddress", "ec2:DisassociateRouteTable", "ec2:DisassociateSubnetCidrBlock", "ec2:DisassociateTransitGatewayMulticastDomain", "ec2:DisassociateTransitGatewayPolicyTable", "ec2:DisassociateTransitGatewayRouteTable", "ec2:DisassociateTrunkInterface", "ec2:DisassociateVerifiedAccessInstanceWebAcl", "ec2:DisassociateVpcCidrBlock", "ec2:EnableAddressTransfer", "ec2:EnableAwsNetworkPerformanceMetricSubscription", "ec2:EnableEbsEncryptionByDefault", "ec2:EnableFastLaunch", "ec2:EnableFastSnapshotRestores", "ec2:EnableImage", "ec2:EnableImageBlockPublicAccess", "ec2:EnableImageDeprecation", "ec2:EnableIpamOrganizationAdminAccount", "ec2:EnableReachabilityAnalyzerOrganizationSharing", "ec2:EnableSerialConsoleAccess", "ec2:EnableSnapshotBlockPublicAccess", "ec2:EnableTransitGatewayRouteTablePropagation", "ec2:EnableVgwRoutePropagation", "ec2:EnableVolumeIO", "ec2:EnableVpcClassicLink", "ec2:EnableVpcClassicLinkDnsSupport", "ec2:ExportClientVpnClientCertificateRevocationList", "ec2:ExportClientVpnClientConfiguration", "ec2:ExportImage", "ec2:ExportTransitGatewayRoutes", "ec2:GetAssociatedEnclaveCertificateIamRoles", "ec2:GetAssociatedIpv6PoolCidrs", "ec2:GetAwsNetworkPerformanceData", "ec2:GetCapacityReservationUsage", "ec2:GetCoipPoolUsage", "ec2:GetConsoleOutput", "ec2:GetConsoleScreenshot", "ec2:GetDefaultCreditSpecification", "ec2:GetEbsDefaultKmsKeyId", "ec2:GetEbsEncryptionByDefault", "ec2:GetFlowLogsIntegrationTemplate", "ec2:GetGroupsForCapacityReservation", "ec2:GetHostReservationPurchasePreview", "ec2:GetImageBlockPublicAccessState", "ec2:GetInstanceMetadataDefaults", "ec2:GetInstanceTypesFromInstanceRequirements", "ec2:GetInstanceUefiData", "ec2:GetIpamAddressHistory", "ec2:GetIpamDiscoveredAccounts", "ec2:GetIpamDiscoveredPublicAddresses", "ec2:GetIpamDiscoveredResourceCidrs", "ec2:GetIpamPoolAllocations", "ec2:GetIpamPoolCidrs", "ec2:GetIpamResourceCidrs", "ec2:GetLaunchTemplateData", "ec2:GetManagedPrefixListAssociations", "ec2:GetManagedPrefixListEntries", "ec2:GetNetworkInsightsAccessScopeAnalysisFindings", "ec2:GetNetworkInsightsAccessScopeContent", "ec2:GetPasswordData", "ec2:GetReservedInstancesExchangeQuote", "ec2:GetResourcePolicy", "ec2:GetSecurityGroupsForVpc", "ec2:GetSerialConsoleAccessStatus", "ec2:GetSnapshotBlockPublicAccessState", "ec2:GetSpotPlacementScores", "ec2:GetSubnetCidrReservations", "ec2:GetTransitGatewayAttachmentPropagations", "ec2:GetTransitGatewayMulticastDomainAssociations", "ec2:GetTransitGatewayPolicyTableAssociations", "ec2:GetTransitGatewayPolicyTableEntries", "ec2:GetTransitGatewayPrefixListReferences", "ec2:GetTransitGatewayRouteTableAssociations", "ec2:GetTransitGatewayRouteTablePropagations", "ec2:GetVerifiedAccessEndpointPolicy", "ec2:GetVerifiedAccessGroupPolicy", "ec2:GetVerifiedAccessInstanceWebAcl", "ec2:GetVpnConnectionDeviceSampleConfiguration", "ec2:GetVpnConnectionDeviceTypes", "ec2:GetVpnTunnelReplacementStatus", "ec2:ImportByoipCidrToIpam", "ec2:ImportClientVpnClientCertificateRevocationList", "ec2:ImportImage", "ec2:ImportInstance", "ec2:ImportKeyPair", "ec2:ImportSnapshot", "ec2:ImportVolume", "ec2:InjectApiError", "ec2:ListImagesInRecycleBin", "ec2:ListSnapshotsInRecycleBin", "ec2:LockSnapshot", "ec2:ModifyAddressAttribute", "ec2:ModifyAvailabilityZoneGroup", "ec2:ModifyCapacityReservation", "ec2:ModifyCapacityReservationFleet", "ec2:ModifyClientVpnEndpoint", "ec2:ModifyDefaultCreditSpecification", "ec2:ModifyEbsDefaultKmsKeyId", "ec2:ModifyFleet", "ec2:ModifyFpgaImageAttribute", "ec2:ModifyHosts", "ec2:ModifyIdFormat", "ec2:ModifyIdentityIdFormat", "ec2:ModifyImageAttribute", "ec2:ModifyInstanceAttribute", "ec2:ModifyInstanceCapacityReservationAttributes", "ec2:ModifyInstanceCreditSpecification", "ec2:ModifyInstanceEventStartTime", "ec2:ModifyInstanceEventWindow", "ec2:ModifyInstanceMaintenanceOptions", "ec2:ModifyInstanceMetadataDefaults", "ec2:ModifyInstanceMetadataOptions", "ec2:ModifyInstancePlacement", "ec2:ModifyIpam", "ec2:ModifyIpamPool", "ec2:ModifyIpamResourceCidr", "ec2:ModifyIpamResourceDiscovery", "ec2:ModifyIpamScope", "ec2:ModifyLaunchTemplate", "ec2:ModifyLocalGatewayRoute", "ec2:ModifyManagedPrefixList", "ec2:ModifyNetworkInterfaceAttribute", "ec2:ModifyPrivateDnsNameOptions", "ec2:ModifyReservedInstances", "ec2:ModifySecurityGroupRules", "ec2:ModifySnapshotAttribute", "ec2:ModifySnapshotTier", "ec2:ModifySpotFleetRequest", "ec2:ModifySubnetAttribute", "ec2:ModifyTrafficMirrorFilterNetworkServices", "ec2:ModifyTrafficMirrorFilterRule", "ec2:ModifyTrafficMirrorSession", "ec2:ModifyTransitGateway", "ec2:ModifyTransitGatewayPrefixListReference", "ec2:ModifyTransitGatewayVpcAttachment", "ec2:ModifyVerifiedAccessEndpoint", "ec2:ModifyVerifiedAccessEndpointPolicy", "ec2:ModifyVerifiedAccessGroup", "ec2:ModifyVerifiedAccessGroupPolicy", "ec2:ModifyVerifiedAccessInstance", "ec2:ModifyVerifiedAccessInstanceLoggingConfiguration", "ec2:ModifyVerifiedAccessTrustProvider", "ec2:ModifyVolume", "ec2:ModifyVolumeAttribute", "ec2:ModifyVpcAttribute", "ec2:ModifyVpcEndpoint", "ec2:ModifyVpcEndpointConnectionNotification", "ec2:ModifyVpcEndpointServiceConfiguration", "ec2:ModifyVpcEndpointServicePayerResponsibility", "ec2:ModifyVpcEndpointServicePermissions", "ec2:ModifyVpcPeeringConnectionOptions", "ec2:ModifyVpcTenancy", "ec2:ModifyVpnConnection", "ec2:ModifyVpnConnectionOptions", "ec2:ModifyVpnTunnelCertificate", "ec2:ModifyVpnTunnelOptions", "ec2:MonitorInstances", "ec2:MoveAddressToVpc", "ec2:MoveByoipCidrToIpam", "ec2:PauseVolumeIO", "ec2:ProvisionByoipCidr", "ec2:ProvisionIpamByoasn", "ec2:ProvisionIpamPoolCidr", "ec2:ProvisionPublicIpv4PoolCidr", "ec2:PurchaseCapacityBlock", "ec2:PurchaseHostReservation", "ec2:PurchaseReservedInstancesOffering", "ec2:PurchaseScheduledInstances", "ec2:PutResourcePolicy", "ec2:RebootInstances", "ec2:RegisterImage", "ec2:RegisterInstanceEventNotificationAttributes", "ec2:RegisterTransitGatewayMulticastGroupMembers", "ec2:RegisterTransitGatewayMulticastGroupSources", "ec2:RejectTransitGatewayMulticastDomainAssociations", "ec2:RejectTransitGatewayPeeringAttachment", "ec2:RejectTransitGatewayVpcAttachment", "ec2:RejectVpcEndpointConnections", "ec2:RejectVpcPeeringConnection", "ec2:ReleaseAddress", "ec2:ReleaseHosts", "ec2:ReleaseIpamPoolAllocation", "ec2:ReplaceIamInstanceProfileAssociation", "ec2:ReplaceNetworkAclAssociation", "ec2:ReplaceNetworkAclEntry", "ec2:ReplaceRoute", "ec2:ReplaceRouteTableAssociation", "ec2:ReplaceTransitGatewayRoute", "ec2:ReplaceVpnTunnel", "ec2:ReportInstanceStatus", "ec2:RequestSpotFleet", "ec2:RequestSpotInstances", "ec2:ResetAddressAttribute", "ec2:ResetEbsDefaultKmsKeyId", "ec2:ResetFpgaImageAttribute", "ec2:ResetImageAttribute", "ec2:ResetInstanceAttribute", "ec2:ResetNetworkInterfaceAttribute", "ec2:ResetSnapshotAttribute", "ec2:RestoreAddressToClassic", "ec2:RestoreImageFromRecycleBin", "ec2:RestoreManagedPrefixListVersion", "ec2:RestoreSnapshotFromRecycleBin", "ec2:RestoreSnapshotTier", "ec2:RevokeClientVpnIngress", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:RunInstances", "ec2:RunScheduledInstances", "ec2:SearchLocalGatewayRoutes", "ec2:SearchTransitGatewayMulticastGroups", "ec2:SearchTransitGatewayRoutes", "ec2:SendDiagnosticInterrupt", "ec2:SendSpotInstanceInterruptions", "ec2:StartInstances", "ec2:StartNetworkInsightsAccessScopeAnalysis", "ec2:StartNetworkInsightsAnalysis", "ec2:StartVpcEndpointServicePrivateDnsVerification", "ec2:StopInstances", "ec2:TerminateClientVpnConnections", "ec2:TerminateInstances", "ec2:UnassignIpv6Addresses", "ec2:UnassignPrivateIpAddresses", "ec2:UnassignPrivateNatGatewayAddress", "ec2:UnlockSnapshot", "ec2:UnmonitorInstances", "ec2:UpdateSecurityGroupRuleDescriptionsEgress", "ec2:UpdateSecurityGroupRuleDescriptionsIngress", "ec2:WithdrawByoipCidr", "elasticloadbalancing:AddTags", "elasticloadbalancing:ApplySecurityGroupsToLoadBalancer", "elasticloadbalancing:AttachLoadBalancerToSubnets", "elasticloadbalancing:ConfigureHealthCheck", "elasticloadbalancing:CreateAppCookieStickinessPolicy", "elasticloadbalancing:CreateLBCookieStickinessPolicy", "elasticloadbalancing:CreateLoadBalancer", "elasticloadbalancing:CreateLoadBalancerListeners", "elasticloadbalancing:CreateLoadBalancerPolicy", "elasticloadbalancing:DeleteLoadBalancer", "elasticloadbalancing:DeleteLoadBalancerListeners", "elasticloadbalancing:DeleteLoadBalancerPolicy", "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DetachLoadBalancerFromSubnets", "elasticloadbalancing:DisableAvailabilityZonesForLoadBalancer", "elasticloadbalancing:EnableAvailabilityZonesForLoadBalancer", "elasticloadbalancing:ModifyLoadBalancerAttributes", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:RemoveTags", "elasticloadbalancing:SetLoadBalancerListenerSSLCertificate", "elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer", "elasticloadbalancing:SetLoadBalancerPoliciesOfListener", "elasticloadbalancing:AddListenerCertificates", "elasticloadbalancing:AddTrustStoreRevocations", "elasticloadbalancing:CreateListener", "elasticloadbalancing:CreateRule", "elasticloadbalancing:CreateTargetGroup", "elasticloadbalancing:CreateTrustStore", "elasticloadbalancing:DeleteListener", "elasticloadbalancing:DeleteRule", "elasticloadbalancing:DeleteTargetGroup", "elasticloadbalancing:DeleteTrustStore", "elasticloadbalancing:DeregisterTargets", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "elasticloadbalancing:GetTrustStoreCaCertificatesBundle", "elasticloadbalancing:GetTrustStoreRevocationContent", "elasticloadbalancing:ModifyListener", "elasticloadbalancing:ModifyRule", "elasticloadbalancing:ModifyTargetGroup", "elasticloadbalancing:ModifyTargetGroupAttributes", "elasticloadbalancing:ModifyTrustStore", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:RemoveListenerCertificates", "elasticloadbalancing:RemoveTrustStoreRevocations", "elasticloadbalancing:SetIpAddressType", "elasticloadbalancing:SetRulePriorities", "elasticloadbalancing:SetSecurityGroups", "elasticloadbalancing:SetSubnets", "elasticloadbalancing:SetWebAcl", "cloudwatch:BatchGetServiceLevelIndicatorReport", "cloudwatch:BatchGetServiceLevelObjectiveBudgetReport", "cloudwatch:CreateServiceLevelObjective", "cloudwatch:DeleteAlarms", "cloudwatch:DeleteAnomalyDetector", "cloudwatch:DeleteDashboards", "cloudwatch:DeleteInsightRules", "cloudwatch:DeleteMetricStream", "cloudwatch:DeleteServiceLevelObjective", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:DisableAlarmActions", "cloudwatch:DisableInsightRules", "cloudwatch:EnableAlarmActions", "cloudwatch:EnableInsightRules", "cloudwatch:EnableTopologyDiscovery", "cloudwatch:GenerateQuery", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:Link", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "cloudwatch:PutAnomalyDetector", "cloudwatch:PutCompositeAlarm", "cloudwatch:PutDashboard", "cloudwatch:PutInsightRule", "cloudwatch:PutManagedInsightRules", "cloudwatch:PutMetricAlarm", "cloudwatch:PutMetricData", "cloudwatch:PutMetricStream", "cloudwatch:SetAlarmState", "cloudwatch:StartMetricStreams", "cloudwatch:StopMetricStreams", "cloudwatch:TagResource", "cloudwatch:UntagResource", "cloudwatch:UpdateServiceLevelObjective", "autoscaling:AttachInstances", "autoscaling:AttachLoadBalancerTargetGroups", "autoscaling:AttachLoadBalancers", "autoscaling:AttachTrafficSources", "autoscaling:BatchDeleteScheduledAction", "autoscaling:BatchPutScheduledUpdateGroupAction", "autoscaling:CancelInstanceRefresh", "autoscaling:CompleteLifecycleAction", "autoscaling:CreateAutoScalingGroup", "autoscaling:CreateLaunchConfiguration", "autoscaling:CreateOrUpdateTags", "autoscaling:DeleteAutoScalingGroup", "autoscaling:DeleteLaunchConfiguration", "autoscaling:DeleteLifecycleHook", "autoscaling:DeleteNotificationConfiguration", "autoscaling:DeletePolicy", "autoscaling:DeleteScheduledAction", "autoscaling:DeleteTags", "autoscaling:DeleteWarmPool", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "autoscaling:DetachInstances", "autoscaling:DetachLoadBalancerTargetGroups", "autoscaling:DetachLoadBalancers", "autoscaling:DetachTrafficSources", "autoscaling:DisableMetricsCollection", "autoscaling:EnableMetricsCollection", "autoscaling:EnterStandby", "autoscaling:ExecutePolicy", "autoscaling:ExitStandby", "autoscaling:GetPredictiveScalingForecast", "autoscaling:PutLifecycleHook", "autoscaling:PutNotificationConfiguration", "autoscaling:PutScalingPolicy", "autoscaling:PutScheduledUpdateGroupAction", "autoscaling:PutWarmPool", "autoscaling:RecordLifecycleActionHeartbeat", "autoscaling:ResumeProcesses", "autoscaling:RollbackInstanceRefresh", "autoscaling:SetDesiredCapacity", "autoscaling:SetInstanceHealth", "autoscaling:SetInstanceProtection", "autoscaling:StartInstanceRefresh", "autoscaling:SuspendProcesses", "autoscaling:TerminateInstanceInAutoScalingGroup", "autoscaling:UpdateAutoScalingGroup", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonEC2FullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-11-27T02:16:56+00:00", "version": "v5" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSOutpostsServiceRolePolicy", "createdate": "2020-11-09T22:55:56Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeNetworkInterfaces", "ec2:DescribeSecurityGroups", "ec2:CreateNetworkInterface", "ec2:CreateSecurityGroup" ], "malformed": false, "name": "AWSOutpostsServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-11-09T22:55:56+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSBackupAuditAccess", "createdate": "2023-04-10T21:23:31Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "backup:CreateFramework", "backup:UpdateFramework", "backup:ListFrameworks", "backup:DescribeFramework", "backup:DeleteFramework", "backup:ListBackupPlans", "backup:ListBackupVaults", "backup:CreateReportPlan", "backup:UpdateReportPlan", "backup:ListReportPlans", "backup:DescribeReportPlan", "backup:DeleteReportPlan", "backup:StartReportJob", "backup:ListReportJobs", "backup:DescribeReportJob", "config:DescribeConfigurationRecorders", "config:DescribeConfigurationRecorderStatus", "config:DescribeComplianceByConfigRule", "config:GetComplianceDetailsByConfigRule", "s3:ListAllMyBuckets", "s3:GetBucketLocation" ], "malformed": false, "name": "AWSBackupAuditAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-10T21:23:31+00:00", "version": "v2" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceAutoscaleRole", "createdate": "2018-02-05T19:15:15Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ecs:DescribeServices", "ecs:UpdateService", "cloudwatch:DescribeAlarms", "cloudwatch:PutMetricAlarm" ], "malformed": false, "name": "AmazonEC2ContainerServiceAutoscaleRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-02-05T19:15:15+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/CloudWatchAutomaticDashboardsAccess", "createdate": "2021-04-20T13:05:40Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "autoscaling:DescribeAutoScalingGroups", "cloudfront:GetDistribution", "cloudfront:ListDistributions", "dynamodb:DescribeTable", "dynamodb:ListTables", "ec2:DescribeInstances", "ec2:DescribeVolumes", "ecs:DescribeClusters", "ecs:DescribeContainerInstances", "ecs:ListClusters", "ecs:ListContainerInstances", "ecs:ListServices", "elasticache:DescribeCacheClusters", "elasticbeanstalk:DescribeEnvironments", "elasticfilesystem:DescribeFileSystems", "elasticloadbalancing:DescribeLoadBalancers", "kinesis:DescribeStream", "kinesis:ListStreams", "lambda:GetFunction", "lambda:ListFunctions", "rds:DescribeDBClusters", "rds:DescribeDBInstances", "resource-groups:ListGroupResources", "resource-groups:ListGroups", "route53:GetHealthCheck", "route53:ListHealthChecks", "s3:ListAllMyBuckets", "s3:ListBucket", "sns:ListTopics", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "sqs:ListQueues", "synthetics:DescribeCanariesLastRun", "tag:GetResources", "apigateway:GET" ], "malformed": false, "name": "CloudWatchAutomaticDashboardsAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-04-20T13:05:40+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonRDSServiceRolePolicy", "createdate": "2024-01-19T15:10:09Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "rds:CrossRegionCommunication", "ec2:AllocateAddress", "ec2:AssociateAddress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateCoipPoolPermission", "ec2:CreateLocalGatewayRouteTablePermission", "ec2:CreateNetworkInterface", "ec2:CreateSecurityGroup", "ec2:DeleteCoipPoolPermission", "ec2:DeleteLocalGatewayRouteTablePermission", "ec2:DeleteNetworkInterface", "ec2:DeleteSecurityGroup", "ec2:DescribeAddresses", "ec2:DescribeAvailabilityZones", "ec2:DescribeCoipPools", "ec2:DescribeInternetGateways", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGateways", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcs", "ec2:DisassociateAddress", "ec2:ModifyNetworkInterfaceAttribute", "ec2:ModifyVpcEndpoint", "ec2:ReleaseAddress", "ec2:RevokeSecurityGroupIngress", "ec2:CreateVpcEndpoint", "ec2:DescribeVpcEndpoints", "ec2:DeleteVpcEndpoints", "ec2:AssignPrivateIpAddresses", "ec2:UnassignPrivateIpAddresses", "sns:Publish", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogStreams", "kinesis:CreateStream", "kinesis:PutRecord", "kinesis:PutRecords", "kinesis:DescribeStream", "kinesis:SplitShard", "kinesis:MergeShards", "kinesis:DeleteStream", "kinesis:UpdateShardCount", "cloudwatch:PutMetricData", "secretsmanager:GetRandomPassword", "secretsmanager:DeleteSecret", "secretsmanager:DescribeSecret", "secretsmanager:PutSecretValue", "secretsmanager:RotateSecret", "secretsmanager:UpdateSecret", "secretsmanager:UpdateSecretVersionStage", "secretsmanager:ListSecretVersionIds", "secretsmanager:TagResource" ], "malformed": false, "name": "AmazonRDSServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-19T15:10:09+00:00", "version": "v13" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonRoute53RecoveryControlConfigReadOnlyAccess", "createdate": "2023-10-18T17:15:33Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "route53-recovery-control-config:DescribeCluster", "route53-recovery-control-config:DescribeControlPanel", "route53-recovery-control-config:DescribeRoutingControl", "route53-recovery-control-config:DescribeRoutingControlByName", "route53-recovery-control-config:DescribeSafetyRule", "route53-recovery-control-config:GetResourcePolicy", "route53-recovery-control-config:ListAssociatedRoute53HealthChecks", "route53-recovery-control-config:ListClusters", "route53-recovery-control-config:ListControlPanels", "route53-recovery-control-config:ListRoutingControls", "route53-recovery-control-config:ListSafetyRules", "route53-recovery-control-config:ListTagsForResource" ], "malformed": false, "name": "AmazonRoute53RecoveryControlConfigReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-10-18T17:15:33+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonLexFullAccess", "createdate": "2024-04-16T20:06:39Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:GetMetricStatistics", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "kms:DescribeKey", "kms:ListAliases", "lambda:GetPolicy", "lambda:ListFunctions", "lex:CreateBotVersion", "lex:CreateIntentVersion", "lex:CreateSlotTypeVersion", "lex:DeleteBot", "lex:DeleteBotAlias", "lex:DeleteBotChannelAssociation", "lex:DeleteBotVersion", "lex:DeleteIntent", "lex:DeleteIntentVersion", "lex:DeleteSession", "lex:DeleteSlotType", "lex:DeleteSlotTypeVersion", "lex:DeleteUtterances", "lex:GetBot", "lex:GetBotAlias", "lex:GetBotAliases", "lex:GetBotChannelAssociation", "lex:GetBotChannelAssociations", "lex:GetBotVersions", "lex:GetBots", "lex:GetBuiltinIntent", "lex:GetBuiltinIntents", "lex:GetBuiltinSlotTypes", "lex:GetExport", "lex:GetImport", "lex:GetIntent", "lex:GetIntentVersions", "lex:GetIntents", "lex:GetMigration", "lex:GetMigrations", "lex:GetSession", "lex:GetSlotType", "lex:GetSlotTypeVersions", "lex:GetSlotTypes", "lex:GetUtterancesView", "lex:ListTagsForResource", "lex:PostContent", "lex:PostText", "lex:PutBot", "lex:PutBotAlias", "lex:PutIntent", "lex:PutSession", "lex:PutSlotType", "lex:StartImport", "lex:StartMigration", "lex:TagResource", "lex:UntagResource", "lex:BatchCreateCustomVocabularyItem", "lex:BatchDeleteCustomVocabularyItem", "lex:BatchUpdateCustomVocabularyItem", "lex:BuildBotLocale", "lex:CreateBot", "lex:CreateBotAlias", "lex:CreateBotChannel", "lex:CreateBotLocale", "lex:CreateBotReplica", "lex:CreateCustomVocabulary", "lex:CreateExport", "lex:CreateIntent", "lex:CreateResourcePolicy", "lex:CreateSlot", "lex:CreateSlotType", "lex:CreateTestSet", "lex:CreateTestSetDiscrepancyReport", "lex:CreateUploadUrl", "lex:DeleteBotChannel", "lex:DeleteBotLocale", "lex:DeleteBotReplica", "lex:DeleteCustomVocabulary", "lex:DeleteExport", "lex:DeleteImport", "lex:DeleteResourcePolicy", "lex:DeleteSlot", "lex:DeleteTestSet", "lex:DescribeBot", "lex:DescribeBotAlias", "lex:DescribeBotChannel", "lex:DescribeBotLocale", "lex:DescribeBotRecommendation", "lex:DescribeBotReplica", "lex:DescribeBotResourceGeneration", "lex:DescribeBotVersion", "lex:DescribeCustomVocabulary", "lex:DescribeCustomVocabularyMetadata", "lex:DescribeExport", "lex:DescribeImport", "lex:DescribeIntent", "lex:DescribeResourcePolicy", "lex:DescribeSlot", "lex:DescribeSlotType", "lex:DescribeTestExecution", "lex:DescribeTestSet", "lex:DescribeTestSetDiscrepancyReport", "lex:DescribeTestSetGeneration", "lex:GenerateBotElement", "lex:GetTestExecutionArtifactsUrl", "lex:ListAggregatedUtterances", "lex:ListBotAliasReplicas", "lex:ListBotAliases", "lex:ListBotChannels", "lex:ListBotLocales", "lex:ListBotRecommendations", "lex:ListBotReplicas", "lex:ListBotResourceGenerations", "lex:ListBotVersionReplicas", "lex:ListBotVersions", "lex:ListBots", "lex:ListBuiltInIntents", "lex:ListBuiltInSlotTypes", "lex:ListCustomVocabularyItems", "lex:ListExports", "lex:ListImports", "lex:ListIntentMetrics", "lex:ListIntentPaths", "lex:ListIntentStageMetrics", "lex:ListIntents", "lex:ListRecommendedIntents", "lex:ListSessionAnalyticsData", "lex:ListSessionMetrics", "lex:ListSlotTypes", "lex:ListSlots", "lex:ListTestExecutionResultItems", "lex:ListTestExecutions", "lex:ListTestSetRecords", "lex:ListTestSets", "lex:RecognizeText", "lex:RecognizeUtterance", "lex:SearchAssociatedTranscripts", "lex:StartBotRecommendation", "lex:StartBotResourceGeneration", "lex:StartConversation", "lex:StartTestExecution", "lex:StartTestSetGeneration", "lex:StopBotRecommendation", "lex:UpdateBot", "lex:UpdateBotAlias", "lex:UpdateBotLocale", "lex:UpdateBotRecommendation", "lex:UpdateCustomVocabulary", "lex:UpdateExport", "lex:UpdateIntent", "lex:UpdateResourcePolicy", "lex:UpdateSlot", "lex:UpdateSlotType", "lex:UpdateTestSet", "polly:DescribeVoices", "polly:SynthesizeSpeech", "kendra:ListIndices", "iam:ListRoles", "s3:ListAllMyBuckets", "logs:DescribeLogGroups", "s3:GetBucketLocation", "lambda:AddPermission", "lambda:RemovePermission", "iam:GetRole", "iam:CreateServiceLinkedRole", "iam:CreateServiceLinkedRole", "iam:CreateServiceLinkedRole", "iam:CreateServiceLinkedRole", "iam:CreateServiceLinkedRole", "iam:DeleteServiceLinkedRole", "iam:GetServiceLinkedRoleDeletionStatus", "iam:PassRole", "iam:PassRole", "iam:PassRole", "iam:PassRole" ], "malformed": false, "name": "AmazonLexFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-16T20:06:39+00:00", "version": "v9" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonEventBridgeFullAccess", "createdate": "2022-12-01T17:00:46Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "events:ActivateEventSource", "events:CancelReplay", "events:CreateApiDestination", "events:CreateArchive", "events:CreateConnection", "events:CreateEndpoint", "events:CreateEventBus", "events:CreatePartnerEventSource", "events:DeactivateEventSource", "events:DeauthorizeConnection", "events:DeleteApiDestination", "events:DeleteArchive", "events:DeleteConnection", "events:DeleteEndpoint", "events:DeleteEventBus", "events:DeletePartnerEventSource", "events:DeleteRule", "events:DescribeApiDestination", "events:DescribeArchive", "events:DescribeConnection", "events:DescribeEndpoint", "events:DescribeEventBus", "events:DescribeEventSource", "events:DescribePartnerEventSource", "events:DescribeReplay", "events:DescribeRule", "events:DisableRule", "events:EnableRule", "events:InvokeApiDestination", "events:ListApiDestinations", "events:ListArchives", "events:ListConnections", "events:ListEndpoints", "events:ListEventBuses", "events:ListEventSources", "events:ListPartnerEventSourceAccounts", "events:ListPartnerEventSources", "events:ListReplays", "events:ListRuleNamesByTarget", "events:ListRules", "events:ListTagsForResource", "events:ListTargetsByRule", "events:PutEvents", "events:PutPartnerEvents", "events:PutPermission", "events:PutRule", "events:PutTargets", "events:RemovePermission", "events:RemoveTargets", "events:RetrieveConnectionCredentials", "events:StartReplay", "events:TagResource", "events:TestEventPattern", "events:UntagResource", "events:UpdateApiDestination", "events:UpdateArchive", "events:UpdateConnection", "events:UpdateEndpoint", "schemas:CreateDiscoverer", "schemas:CreateRegistry", "schemas:CreateSchema", "schemas:DeleteDiscoverer", "schemas:DeleteRegistry", "schemas:DeleteResourcePolicy", "schemas:DeleteSchema", "schemas:DeleteSchemaVersion", "schemas:DescribeCodeBinding", "schemas:DescribeDiscoverer", "schemas:DescribeRegistry", "schemas:DescribeSchema", "schemas:ExportSchema", "schemas:GetCodeBindingSource", "schemas:GetDiscoveredSchema", "schemas:GetResourcePolicy", "schemas:ListDiscoverers", "schemas:ListRegistries", "schemas:ListSchemaVersions", "schemas:ListSchemas", "schemas:ListTagsForResource", "schemas:PutCodeBinding", "schemas:PutResourcePolicy", "schemas:SearchSchemas", "schemas:StartDiscoverer", "schemas:StopDiscoverer", "schemas:TagResource", "schemas:UntagResource", "schemas:UpdateDiscoverer", "schemas:UpdateRegistry", "schemas:UpdateSchema", "scheduler:CreateSchedule", "scheduler:CreateScheduleGroup", "scheduler:DeleteSchedule", "scheduler:DeleteScheduleGroup", "scheduler:GetSchedule", "scheduler:GetScheduleGroup", "scheduler:ListScheduleGroups", "scheduler:ListSchedules", "scheduler:ListTagsForResource", "scheduler:TagResource", "scheduler:UntagResource", "scheduler:UpdateSchedule", "pipes:CreatePipe", "pipes:DeletePipe", "pipes:DescribePipe", "pipes:ListPipes", "pipes:ListTagsForResource", "pipes:StartPipe", "pipes:StopPipe", "pipes:TagResource", "pipes:UntagResource", "pipes:UpdatePipe", "iam:CreateServiceLinkedRole", "iam:CreateServiceLinkedRole", "secretsmanager:CreateSecret", "secretsmanager:UpdateSecret", "secretsmanager:DeleteSecret", "secretsmanager:GetSecretValue", "secretsmanager:PutSecretValue", "iam:PassRole", "iam:PassRole", "iam:PassRole" ], "malformed": false, "name": "AmazonEventBridgeFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-12-01T17:00:46+00:00", "version": "v4" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonMobileAnalyticsNon-financialReportAccess", "createdate": "2015-02-06T18:40:36Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mobileanalytics:GetReports" ], "malformed": false, "name": "AmazonMobileAnalyticsNon-financialReportAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:40:36+00:00", "version": "v1" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSGitSyncServiceRolePolicy", "createdate": "2023-11-16T17:05:42Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "codestar-connections:UseConnection" ], "malformed": false, "name": "AWSGitSyncServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-16T17:05:42+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSElementalMediaConvertReadOnly", "createdate": "2019-06-10T22:52:18Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mediaconvert:GetJob", "mediaconvert:GetJobTemplate", "mediaconvert:GetPolicy", "mediaconvert:GetPreset", "mediaconvert:GetQueue", "mediaconvert:ListJobTemplates", "mediaconvert:ListJobs", "mediaconvert:ListPresets", "mediaconvert:ListQueues", "mediaconvert:ListTagsForResource", "mediaconvert:DescribeEndpoints", "s3:ListAllMyBuckets", "s3:ListBucket" ], "malformed": false, "name": "AWSElementalMediaConvertReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-10T22:52:18+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonQLDBFullAccess", "createdate": "2022-11-04T17:01:27Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "qldb:CreateLedger", "qldb:UpdateLedger", "qldb:UpdateLedgerPermissionsMode", "qldb:DeleteLedger", "qldb:ListLedgers", "qldb:DescribeLedger", "qldb:ExportJournalToS3", "qldb:ListJournalS3Exports", "qldb:ListJournalS3ExportsForLedger", "qldb:DescribeJournalS3Export", "qldb:CancelJournalKinesisStream", "qldb:DescribeJournalKinesisStream", "qldb:ListJournalKinesisStreamsForLedger", "qldb:StreamJournalToKinesis", "qldb:GetDigest", "qldb:GetRevision", "qldb:GetBlock", "qldb:TagResource", "qldb:UntagResource", "qldb:ListTagsForResource", "qldb:SendCommand", "qldb:PartiQLCreateTable", "qldb:PartiQLCreateIndex", "qldb:PartiQLDropTable", "qldb:PartiQLDropIndex", "qldb:PartiQLUndropTable", "qldb:PartiQLDelete", "qldb:PartiQLInsert", "qldb:PartiQLUpdate", "qldb:PartiQLSelect", "qldb:PartiQLHistoryFunction", "qldb:PartiQLRedact", "iam:PassRole" ], "malformed": false, "name": "AmazonQLDBFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-04T17:01:27+00:00", "version": "v5" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonWorkMailMessageFlowReadOnlyAccess", "createdate": "2021-01-28T12:40:08Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "workmailmessageflow:GetRawMessageContent" ], "malformed": false, "name": "AmazonWorkMailMessageFlowReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-01-28T12:40:08+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Unknown" ], "arn": "arn:aws:iam::aws:policy/ReadOnlyAccess", "createdate": "2024-04-17T21:17:05Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "a4b:GetAddressBook", "a4b:GetConferencePreference", "a4b:GetConferenceProvider", "a4b:GetContact", "a4b:GetDevice", "a4b:GetGateway", "a4b:GetGatewayGroup", "a4b:GetInvitationConfiguration", "a4b:GetNetworkProfile", "a4b:GetProfile", "a4b:GetRoom", "a4b:GetRoomSkillParameter", "a4b:GetSkillGroup", "a4b:ListBusinessReportSchedules", "a4b:ListConferenceProviders", "a4b:ListDeviceEvents", "a4b:ListGatewayGroups", "a4b:ListGateways", "a4b:ListSkills", "a4b:ListSkillsStoreCategories", "a4b:ListSkillsStoreSkillsByCategory", "a4b:ListSmartHomeAppliances", "a4b:ListTags", "a4b:SearchAddressBooks", "a4b:SearchContacts", "a4b:SearchDevices", "a4b:SearchNetworkProfiles", "a4b:SearchProfiles", "a4b:SearchRooms", "a4b:SearchSkillGroups", "a4b:SearchUsers", "access-analyzer:GetAccessPreview", "access-analyzer:GetAnalyzedResource", "access-analyzer:GetAnalyzer", "access-analyzer:GetArchiveRule", "access-analyzer:GetFinding", "access-analyzer:GetGeneratedPolicy", "access-analyzer:ListAccessPreviewFindings", "access-analyzer:ListAccessPreviews", "access-analyzer:ListAnalyzedResources", "access-analyzer:ListAnalyzers", "access-analyzer:ListArchiveRules", "access-analyzer:ListFindings", "access-analyzer:ListPolicyGenerations", "access-analyzer:ListTagsForResource", "access-analyzer:ValidatePolicy", "account:GetAccountInformation", "account:GetAlternateContact", "account:GetChallengeQuestions", "account:GetContactInformation", "account:GetRegionOptStatus", "account:ListRegions", "acm-pca:DescribeCertificateAuthority", "acm-pca:DescribeCertificateAuthorityAuditReport", "acm-pca:GetCertificate", "acm-pca:GetCertificateAuthorityCertificate", "acm-pca:GetCertificateAuthorityCsr", "acm-pca:GetPolicy", "acm-pca:ListCertificateAuthorities", "acm-pca:ListPermissions", "acm-pca:ListTags", "acm:DescribeCertificate", "acm:GetAccountConfiguration", "acm:GetCertificate", "acm:ListCertificates", "acm:ListTagsForCertificate", "airflow:ListEnvironments", "airflow:ListTagsForResource", "amplify:GetApp", "amplify:GetBranch", "amplify:GetDomainAssociation", "amplify:GetJob", "amplify:ListApps", "amplify:ListBranches", "amplify:ListDomainAssociations", "amplify:ListJobs", "aoss:BatchGetCollection", "aoss:BatchGetLifecyclePolicy", "aoss:BatchGetVpcEndpoint", "aoss:GetAccessPolicy", "aoss:GetAccountSettings", "aoss:GetPoliciesStats", "aoss:GetSecurityConfig", "aoss:GetSecurityPolicy", "aoss:ListAccessPolicies", "aoss:ListCollections", "aoss:ListLifecyclePolicies", "aoss:ListSecurityConfigs", "aoss:ListSecurityPolicies", "aoss:ListTagsForResource", "aoss:ListVpcEndpoints", "apigateway:GET", "appconfig:GetApplication", "appconfig:GetConfiguration", "appconfig:GetConfigurationProfile", "appconfig:GetDeployment", "appconfig:GetDeploymentStrategy", "appconfig:GetEnvironment", "appconfig:GetHostedConfigurationVersion", "appconfig:ListApplications", "appconfig:ListConfigurationProfiles", "appconfig:ListDeployments", "appconfig:ListDeploymentStrategies", "appconfig:ListEnvironments", "appconfig:ListHostedConfigurationVersions", "appconfig:ListTagsForResource", "appfabric:GetAppAuthorization", "appfabric:GetAppBundle", "appfabric:GetIngestion", "appfabric:GetIngestionDestination", "appfabric:ListAppAuthorizations", "appfabric:ListAppBundles", "appfabric:ListIngestionDestinations", "appfabric:ListIngestions", "appfabric:ListTagsForResource", "appflow:DescribeConnector", "appflow:DescribeConnectorEntity", "appflow:DescribeConnectorFields", "appflow:DescribeConnectorProfiles", "appflow:DescribeConnectors", "appflow:DescribeFlow", "appflow:DescribeFlowExecution", "appflow:DescribeFlowExecutionRecords", "appflow:DescribeFlows", "appflow:ListConnectorEntities", "appflow:ListConnectorFields", "appflow:ListConnectors", "appflow:ListFlows", "appflow:ListTagsForResource", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingActivities", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:DescribeScheduledActions", "application-autoscaling:ListTagsForResource", "applicationinsights:DescribeApplication", "applicationinsights:DescribeComponent", "applicationinsights:DescribeComponentConfiguration", "applicationinsights:DescribeComponentConfigurationRecommendation", "applicationinsights:DescribeLogPattern", "applicationinsights:DescribeObservation", "applicationinsights:DescribeProblem", "applicationinsights:DescribeProblemObservations", "applicationinsights:DescribeWorkload", "applicationinsights:ListApplications", "applicationinsights:ListComponents", "applicationinsights:ListConfigurationHistory", "applicationinsights:ListLogPatternSets", "applicationinsights:ListLogPatterns", "applicationinsights:ListProblems", "applicationinsights:ListTagsForResource", "applicationinsights:ListWorkloads", "appmesh:DescribeGatewayRoute", "appmesh:DescribeMesh", "appmesh:DescribeRoute", "appmesh:DescribeVirtualGateway", "appmesh:DescribeVirtualNode", "appmesh:DescribeVirtualRouter", "appmesh:DescribeVirtualService", "appmesh:ListGatewayRoutes", "appmesh:ListMeshes", "appmesh:ListRoutes", "appmesh:ListTagsForResource", "appmesh:ListVirtualGateways", "appmesh:ListVirtualNodes", "appmesh:ListVirtualRouters", "appmesh:ListVirtualServices", "apprunner:DescribeAutoScalingConfiguration", "apprunner:DescribeCustomDomains", "apprunner:DescribeObservabilityConfiguration", "apprunner:DescribeService", "apprunner:DescribeVpcConnector", "apprunner:DescribeVpcIngressConnection", "apprunner:DescribeWebAclForService", "apprunner:ListAssociatedServicesForWebAcl", "apprunner:ListAutoScalingConfigurations", "apprunner:ListConnections", "apprunner:ListObservabilityConfigurations", "apprunner:ListOperations", "apprunner:ListServices", "apprunner:ListServicesForAutoScalingConfiguration", "apprunner:ListTagsForResource", "apprunner:ListVpcConnectors", "apprunner:ListVpcIngressConnections", "appstream:DescribeAppBlockBuilderAppBlockAssociations", "appstream:DescribeAppBlockBuilders", "appstream:DescribeAppBlocks", "appstream:DescribeApplicationFleetAssociations", "appstream:DescribeApplications", "appstream:DescribeDirectoryConfigs", "appstream:DescribeEntitlements", "appstream:DescribeFleets", "appstream:DescribeImageBuilders", "appstream:DescribeImagePermissions", "appstream:DescribeImages", "appstream:DescribeSessions", "appstream:DescribeStacks", "appstream:DescribeUsageReportSubscriptions", "appstream:DescribeUserStackAssociations", "appstream:DescribeUsers", "appstream:ListAssociatedFleets", "appstream:ListAssociatedStacks", "appstream:ListEntitledApplications", "appstream:ListTagsForResource", "appsync:GetApiAssociation", "appsync:GetApiCache", "appsync:GetDataSource", "appsync:GetDataSourceIntrospection", "appsync:GetDomainName", "appsync:GetFunction", "appsync:GetGraphqlApi", "appsync:GetGraphqlApiEnvironmentVariables", "appsync:GetIntrospectionSchema", "appsync:GetResolver", "appsync:GetResourcePolicy", "appsync:GetSchemaCreationStatus", "appsync:GetSourceApiAssociation", "appsync:GetType", "appsync:ListApiKeys", "appsync:ListDataSources", "appsync:ListDomainNames", "appsync:ListFunctions", "appsync:ListGraphqlApis", "appsync:ListResolvers", "appsync:ListResolversByFunction", "appsync:ListSourceApiAssociations", "appsync:ListTagsForResource", "appsync:ListTypes", "appsync:ListTypesByAssociation", "aps:DescribeAlertManagerDefinition", "aps:DescribeLoggingConfiguration", "aps:DescribeRuleGroupsNamespace", "aps:DescribeScraper", "aps:DescribeWorkspace", "aps:GetAlertManagerSilence", "aps:GetAlertManagerStatus", "aps:GetDefaultScraperConfiguration", "aps:GetLabels", "aps:GetMetricMetadata", "aps:GetSeries", "aps:ListAlertManagerAlertGroups", "aps:ListAlertManagerAlerts", "aps:ListAlertManagerReceivers", "aps:ListAlertManagerSilences", "aps:ListAlerts", "aps:ListRuleGroupsNamespaces", "aps:ListRules", "aps:ListScrapers", "aps:ListTagsForResource", "aps:ListWorkspaces", "aps:QueryMetrics", "arc-zonal-shift:GetManagedResource", "arc-zonal-shift:ListAutoshifts", "arc-zonal-shift:ListManagedResources", "arc-zonal-shift:ListZonalShifts", "artifact:GetReport", "artifact:GetReportMetadata", "artifact:GetTermForReport", "artifact:ListReports", "athena:BatchGetNamedQuery", "athena:BatchGetPreparedStatement", "athena:BatchGetQueryExecution", "athena:GetCalculationExecution", "athena:GetCalculationExecutionCode", "athena:GetCalculationExecutionStatus", "athena:GetCapacityAssignmentConfiguration", "athena:GetCapacityReservation", "athena:GetCatalogs", "athena:GetDataCatalog", "athena:GetDatabase", "athena:GetExecutionEngine", "athena:GetExecutionEngines", "athena:GetNamedQuery", "athena:GetNamespace", "athena:GetNamespaces", "athena:GetNotebookMetadata", "athena:GetPreparedStatement", "athena:GetQueryExecution", "athena:GetQueryExecutions", "athena:GetQueryResults", "athena:GetQueryResultsStream", "athena:GetQueryRuntimeStatistics", "athena:GetSession", "athena:GetSessionStatus", "athena:GetTable", "athena:GetTableMetadata", "athena:GetTables", "athena:GetWorkGroup", "athena:ListApplicationDPUSizes", "athena:ListCalculationExecutions", "athena:ListCapacityReservations", "athena:ListDataCatalogs", "athena:ListDatabases", "athena:ListEngineVersions", "athena:ListExecutors", "athena:ListNamedQueries", "athena:ListNotebookMetadata", "athena:ListNotebookSessions", "athena:ListPreparedStatements", "athena:ListQueryExecutions", "athena:ListSessions", "athena:ListTableMetadata", "athena:ListTagsForResource", "athena:ListWorkGroups", "auditmanager:GetAccountStatus", "auditmanager:GetAssessment", "auditmanager:GetAssessmentFramework", "auditmanager:GetAssessmentReportUrl", "auditmanager:GetChangeLogs", "auditmanager:GetControl", "auditmanager:GetDelegations", "auditmanager:GetEvidence", "auditmanager:GetEvidenceByEvidenceFolder", "auditmanager:GetEvidenceFolder", "auditmanager:GetEvidenceFoldersByAssessment", "auditmanager:GetEvidenceFoldersByAssessmentControl", "auditmanager:GetOrganizationAdminAccount", "auditmanager:GetServicesInScope", "auditmanager:GetSettings", "auditmanager:ListAssessmentFrameworks", "auditmanager:ListAssessmentReports", "auditmanager:ListAssessments", "auditmanager:ListControls", "auditmanager:ListKeywordsForDataSource", "auditmanager:ListNotifications", "auditmanager:ListTagsForResource", "auditmanager:ValidateAssessmentReportIntegrity", "autoscaling-plans:DescribeScalingPlanResources", "autoscaling-plans:DescribeScalingPlans", "autoscaling-plans:GetScalingPlanResourceForecastData", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "autoscaling:GetPredictiveScalingForecast", "aws-portal:ViewAccount", "aws-portal:ViewBilling", "aws-portal:ViewPaymentMethods", "aws-portal:ViewUsage", "backup-gateway:GetBandwidthRateLimitSchedule", "backup-gateway:GetGateway", "backup-gateway:GetHypervisor", "backup-gateway:GetHypervisorPropertyMappings", "backup-gateway:GetVirtualMachine", "backup-gateway:ListGateways", "backup-gateway:ListHypervisors", "backup-gateway:ListTagsForResource", "backup-gateway:ListVirtualMachines", "backup:DescribeBackupJob", "backup:DescribeBackupVault", "backup:DescribeCopyJob", "backup:DescribeFramework", "backup:DescribeGlobalSettings", "backup:DescribeProtectedResource", "backup:DescribeRecoveryPoint", "backup:DescribeRegionSettings", "backup:DescribeReportJob", "backup:DescribeReportPlan", "backup:DescribeRestoreJob", "backup:GetBackupPlan", "backup:GetBackupPlanFromJSON", "backup:GetBackupPlanFromTemplate", "backup:GetBackupSelection", "backup:GetBackupVaultAccessPolicy", "backup:GetBackupVaultNotifications", "backup:GetBackupVaultSharingPolicy", "backup:GetLegalHold", "backup:GetRecoveryPointRestoreMetadata", "backup:GetRestoreJobMetadata", "backup:GetRestoreTestingInferredMetadata", "backup:GetRestoreTestingPlan", "backup:GetRestoreTestingSelection", "backup:GetSupportedResourceTypes", "backup:ListBackupJobSummaries", "backup:ListBackupJobs", "backup:ListBackupPlanTemplates", "backup:ListBackupPlanVersions", "backup:ListBackupPlans", "backup:ListBackupSelections", "backup:ListBackupVaults", "backup:ListCopyJobSummaries", "backup:ListCopyJobs", "backup:ListFrameworks", "backup:ListLegalHolds", "backup:ListProtectedResources", "backup:ListProtectedResourcesByBackupVault", "backup:ListRecoveryPointsByBackupVault", "backup:ListRecoveryPointsByLegalHold", "backup:ListRecoveryPointsByResource", "backup:ListReportJobs", "backup:ListReportPlans", "backup:ListRestoreJobSummaries", "backup:ListRestoreJobs", "backup:ListRestoreJobsByProtectedResource", "backup:ListRestoreTestingPlans", "backup:ListRestoreTestingSelections", "backup:ListTags", "batch:DescribeComputeEnvironments", "batch:DescribeJobDefinitions", "batch:DescribeJobQueues", "batch:DescribeJobs", "batch:DescribeSchedulingPolicies", "batch:ListJobs", "batch:ListSchedulingPolicies", "batch:ListTagsForResource", "bedrock:GetAgent", "bedrock:GetAgentActionGroup", "bedrock:GetAgentAlias", "bedrock:GetAgentKnowledgeBase", "bedrock:GetAgentVersion", "bedrock:GetCustomModel", "bedrock:GetDataSource", "bedrock:GetFoundationModel", "bedrock:GetFoundationModelAvailability", "bedrock:GetIngestionJob", "bedrock:GetKnowledgeBase", "bedrock:GetModelCustomizationJob", "bedrock:GetModelInvocationLoggingConfiguration", "bedrock:GetProvisionedModelThroughput", "bedrock:GetUseCaseForModelAccess", "bedrock:ListAgentActionGroups", "bedrock:ListAgentAliases", "bedrock:ListAgentKnowledgeBases", "bedrock:ListAgents", "bedrock:ListAgentVersions", "bedrock:ListCustomModels", "bedrock:ListDataSources", "bedrock:ListFoundationModelAgreementOffers", "bedrock:ListFoundationModels", "bedrock:ListIngestionJobs", "bedrock:ListKnowledgeBases", "bedrock:ListModelCustomizationJobs", "bedrock:ListProvisionedModelThroughputs", "billing:GetBillingData", "billing:GetBillingDetails", "billing:GetBillingNotifications", "billing:GetBillingPreferences", "billing:GetContractInformation", "billing:GetCredits", "billing:GetIAMAccessPreference", "billing:GetSellerOfRecord", "billing:ListBillingViews", "billingconductor:GetBillingGroupCostReport", "billingconductor:ListAccountAssociations", "billingconductor:ListBillingGroupCostReports", "billingconductor:ListBillingGroups", "billingconductor:ListCustomLineItems", "billingconductor:ListCustomLineItemVersions", "billingconductor:ListPricingPlans", "billingconductor:ListPricingPlansAssociatedWithPricingRule", "billingconductor:ListPricingRules", "billingconductor:ListPricingRulesAssociatedToPricingPlan", "billingconductor:ListResourcesAssociatedToCustomLineItem", "billingconductor:ListTagsForResource", "braket:GetDevice", "braket:GetJob", "braket:GetQuantumTask", "braket:SearchDevices", "braket:SearchJobs", "braket:SearchQuantumTasks", "budgets:DescribeBudgetAction", "budgets:DescribeBudgetActionHistories", "budgets:DescribeBudgetActionsForAccount", "budgets:DescribeBudgetActionsForBudget", "budgets:ViewBudget", "cassandra:Select", "ce:DescribeCostCategoryDefinition", "ce:DescribeNotificationSubscription", "ce:DescribeReport", "ce:GetAnomalies", "ce:GetAnomalyMonitors", "ce:GetAnomalySubscriptions", "ce:GetApproximateUsageRecords", "ce:GetCostAndUsage", "ce:GetCostAndUsageWithResources", "ce:GetCostCategories", "ce:GetCostForecast", "ce:GetDimensionValues", "ce:GetPreferences", "ce:GetReservationCoverage", "ce:GetReservationPurchaseRecommendation", "ce:GetReservationUtilization", "ce:GetRightsizingRecommendation", "ce:GetSavingsPlanPurchaseRecommendationDetails", "ce:GetSavingsPlansCoverage", "ce:GetSavingsPlansPurchaseRecommendation", "ce:GetSavingsPlansUtilization", "ce:GetSavingsPlansUtilizationDetails", "ce:GetTags", "ce:GetUsageForecast", "ce:ListCostAllocationTags", "ce:ListCostAllocationTagBackfillHistory", "ce:ListCostCategoryDefinitions", "ce:ListSavingsPlansPurchaseRecommendationGeneration", "ce:ListTagsForResource", "chatbot:DescribeChimeWebhookConfigurations", "chatbot:DescribeSlackChannelConfigurations", "chatbot:DescribeSlackChannels", "chatbot:DescribeSlackUserIdentities", "chatbot:DescribeSlackWorkspaces", "chatbot:GetAccountPreferences", "chatbot:GetMicrosoftTeamsChannelConfiguration", "chatbot:GetMicrosoftTeamsOauthParameters", "chatbot:GetSlackOauthParameters", "chatbot:ListMicrosoftTeamsChannelConfigurations", "chatbot:ListMicrosoftTeamsConfiguredTeams", "chatbot:ListMicrosoftTeamsUserIdentities", "chime:GetAccount", "chime:GetAccountResource", "chime:GetAccountSettings", "chime:GetAccountWithOpenIdConfig", "chime:GetAppInstanceRetentionSettings", "chime:GetAppInstanceStreamingConfigurations", "chime:GetAttendee", "chime:GetBot", "chime:GetCDRBucket", "chime:GetChannelMembershipPreferences", "chime:GetChannelMessage", "chime:GetChannelMessageStatus", "chime:GetDomain", "chime:GetEventsConfiguration", "chime:GetGlobalSettings", "chime:GetMediaCapturePipeline", "chime:GetMediaInsightsPipelineConfiguration", "chime:GetMediaPipeline", "chime:GetMediaPipelineKinesisVideoStreamPool", "chime:GetMeeting", "chime:GetMeetingDetail", "chime:GetMessagingSessionEndpoint", "chime:GetMessagingStreamingConfigurations", "chime:GetPhoneNumber", "chime:GetPhoneNumberOrder", "chime:GetPhoneNumberSettings", "chime:GetProxySession", "chime:GetRetentionSettings", "chime:GetRoom", "chime:GetSipMediaApplication", "chime:GetSipMediaApplicationAlexaSkillConfiguration", "chime:GetSipMediaApplicationLoggingConfiguration", "chime:GetSipRule", "chime:GetSpeakerSearchTask", "chime:GetTelephonyLimits", "chime:GetUser", "chime:GetUserActivityReportData", "chime:GetUserByEmail", "chime:GetUserSettings", "chime:GetVoiceConnector", "chime:GetVoiceConnectorEmergencyCallingConfiguration", "chime:GetVoiceConnectorGroup", "chime:GetVoiceConnectorLoggingConfiguration", "chime:GetVoiceConnectorOrigination", "chime:GetVoiceConnectorProxy", "chime:GetVoiceConnectorStreamingConfiguration", "chime:GetVoiceConnectorTermination", "chime:GetVoiceConnectorTerminationHealth", "chime:GetVoiceProfile", "chime:GetVoiceProfileDomain", "chime:GetVoiceToneAnalysisTask", "chime:ListAccountUsageReportData", "chime:ListAccounts", "chime:ListApiKeys", "chime:ListAppInstanceAdmins", "chime:ListAppInstanceBots", "chime:ListAppInstanceUserEndpoints", "chime:ListAppInstanceUsers", "chime:ListAppInstances", "chime:ListAttendeeTags", "chime:ListAttendees", "chime:ListAvailableVoiceConnectorRegions", "chime:ListBots", "chime:ListCDRBucket", "chime:ListCallingRegions", "chime:ListChannelBans", "chime:ListChannelFlows", "chime:ListChannelMemberships", "chime:ListChannelMembershipsForAppInstanceUser", "chime:ListChannelMessages", "chime:ListChannelModerators", "chime:ListChannels", "chime:ListChannelsAssociatedWithChannelFlow", "chime:ListChannelsModeratedByAppInstanceUser", "chime:ListDelegates", "chime:ListDirectories", "chime:ListDomains", "chime:ListGroups", "chime:ListMediaCapturePipelines", "chime:ListMediaInsightsPipelineConfigurations", "chime:ListMediaPipelineKinesisVideoStreamPools", "chime:ListMediaPipelines", "chime:ListMeetingEvents", "chime:ListMeetingTags", "chime:ListMeetings", "chime:ListMeetingsReportData", "chime:ListPhoneNumberOrders", "chime:ListPhoneNumbers", "chime:ListProxySessions", "chime:ListRoomMemberships", "chime:ListRooms", "chime:ListSipMediaApplications", "chime:ListSipRules", "chime:ListSubChannels", "chime:ListSupportedPhoneNumberCountries", "chime:ListTagsForResource", "chime:ListUsers", "chime:ListVoiceConnectorGroups", "chime:ListVoiceConnectorTerminationCredentials", "chime:ListVoiceConnectors", "chime:ListVoiceProfileDomains", "chime:ListVoiceProfiles", "chime:RetrieveDataExports", "chime:SearchAvailablePhoneNumbers", "chime:SearchChannels", "chime:ValidateAccountResource", "chime:ValidateE911Address", "cleanrooms:BatchGetCollaborationAnalysisTemplate", "cleanrooms:BatchGetSchema", "cleanrooms:GetAnalysisTemplate", "cleanrooms:GetCollaboration", "cleanrooms:GetCollaborationAnalysisTemplate", "cleanrooms:GetConfiguredAudienceModelAssociation", "cleanrooms:GetConfiguredTable", "cleanrooms:GetConfiguredTableAnalysisRule", "cleanrooms:GetConfiguredTableAssociation", "cleanrooms:GetMembership", "cleanrooms:GetProtectedQuery", "cleanrooms:GetSchema", "cleanrooms:GetSchemaAnalysisRule", "cleanrooms:ListAnalysisTemplates", "cleanrooms:ListCollaborationAnalysisTemplates", "cleanrooms:ListCollaborationConfiguredAudienceModelAssociations", "cleanrooms:ListCollaborations", "cleanrooms:ListConfiguredTableAssociations", "cleanrooms:ListConfiguredTables", "cleanrooms:ListMembers", "cleanrooms:ListMemberships", "cleanrooms:ListProtectedQueries", "cleanrooms:ListSchemas", "cleanrooms:ListTagsForResource", "cleanrooms-ml:GetTrainingDataset", "cleanrooms-ml:GetAudienceGenerationJob", "cleanrooms-ml:GetAudienceModel", "cleanrooms-ml:GetConfiguredAudienceModel", "cleanrooms-ml:GetConfiguredAudienceModelPolicy", "cleanrooms-ml:ListAudienceExportJobs", "cleanrooms-ml:ListAudienceGenerationJobs", "cleanrooms-ml:ListAudienceModels", "cleanrooms-ml:ListConfiguredAudienceModels", "cleanrooms-ml:ListTrainingDatasets", "cleanrooms-ml:ListTagsForResource", "cloud9:DescribeEC2Remote", "cloud9:DescribeEnvironmentMemberships", "cloud9:DescribeEnvironmentStatus", "cloud9:DescribeEnvironments", "cloud9:DescribeSSHRemote", "cloud9:ListEnvironments", "cloud9:ListTagsForResource", "clouddirectory:BatchRead", "clouddirectory:GetAppliedSchemaVersion", "clouddirectory:GetDirectory", "clouddirectory:GetFacet", "clouddirectory:GetLinkAttributes", "clouddirectory:GetObjectAttributes", "clouddirectory:GetObjectInformation", "clouddirectory:GetSchemaAsJson", "clouddirectory:GetTypedLinkFacetInformation", "clouddirectory:ListAppliedSchemaArns", "clouddirectory:ListAttachedIndices", "clouddirectory:ListDevelopmentSchemaArns", "clouddirectory:ListDirectories", "clouddirectory:ListFacetAttributes", "clouddirectory:ListFacetNames", "clouddirectory:ListIncomingTypedLinks", "clouddirectory:ListIndex", "clouddirectory:ListManagedSchemaArns", "clouddirectory:ListObjectAttributes", "clouddirectory:ListObjectChildren", "clouddirectory:ListObjectParentPaths", "clouddirectory:ListObjectParents", "clouddirectory:ListObjectPolicies", "clouddirectory:ListOutgoingTypedLinks", "clouddirectory:ListPolicyAttachments", "clouddirectory:ListPublishedSchemaArns", "clouddirectory:ListTagsForResource", "clouddirectory:ListTypedLinkFacetAttributes", "clouddirectory:ListTypedLinkFacetNames", "clouddirectory:LookupPolicy", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeChangeSet", "cloudformation:DescribeChangeSetHooks", "cloudformation:DescribeGeneratedTemplate", "cloudformation:DescribeOrganizationsAccess", "cloudformation:DescribePublisher", "cloudformation:DescribeResourceScan", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:DescribeType", "cloudformation:DescribeTypeRegistration", "cloudformation:DetectStackDrift", "cloudformation:DetectStackResourceDrift", "cloudformation:DetectStackSetDrift", "cloudformation:EstimateTemplateCost", "cloudformation:GetResource", "cloudformation:GetResourceRequestStatus", "cloudformation:GetGeneratedTemplate", "cloudformation:GetStackPolicy", "cloudformation:GetTemplate", "cloudformation:GetTemplateSummary", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "cloudformation:ValidateTemplate", "cloudfront-keyvaluestore:DescribeKeyValueStore", "cloudfront-keyvaluestore:GetKey", "cloudfront-keyvaluestore:ListKeys", "cloudfront:DescribeFunction", "cloudfront:DescribeKeyValueStore", "cloudfront:GetCachePolicy", "cloudfront:GetCachePolicyConfig", "cloudfront:GetCloudFrontOriginAccessIdentity", "cloudfront:GetCloudFrontOriginAccessIdentityConfig", "cloudfront:GetContinuousDeploymentPolicy", "cloudfront:GetContinuousDeploymentPolicyConfig", "cloudfront:GetDistribution", "cloudfront:GetDistributionConfig", "cloudfront:GetFieldLevelEncryption", "cloudfront:GetFieldLevelEncryptionConfig", "cloudfront:GetFieldLevelEncryptionProfile", "cloudfront:GetFieldLevelEncryptionProfileConfig", "cloudfront:GetFunction", "cloudfront:GetInvalidation", "cloudfront:GetKeyGroup", "cloudfront:GetKeyGroupConfig", "cloudfront:GetMonitoringSubscription", "cloudfront:GetOriginAccessControl", "cloudfront:GetOriginAccessControlConfig", "cloudfront:GetOriginRequestPolicy", "cloudfront:GetOriginRequestPolicyConfig", "cloudfront:GetPublicKey", "cloudfront:GetPublicKeyConfig", "cloudfront:GetRealtimeLogConfig", "cloudfront:GetResponseHeadersPolicy", "cloudfront:GetResponseHeadersPolicyConfig", "cloudfront:GetSavingsPlan", "cloudfront:GetStreamingDistribution", "cloudfront:GetStreamingDistributionConfig", "cloudfront:ListCachePolicies", "cloudfront:ListCloudFrontOriginAccessIdentities", "cloudfront:ListConflictingAliases", "cloudfront:ListContinuousDeploymentPolicies", "cloudfront:ListDistributions", "cloudfront:ListDistributionsByCachePolicyId", "cloudfront:ListDistributionsByKeyGroup", "cloudfront:ListDistributionsByLambdaFunction", "cloudfront:ListDistributionsByOriginRequestPolicyId", "cloudfront:ListDistributionsByRealtimeLogConfig", "cloudfront:ListDistributionsByResponseHeadersPolicyId", "cloudfront:ListDistributionsByWebACLId", "cloudfront:ListFieldLevelEncryptionConfigs", "cloudfront:ListFieldLevelEncryptionProfiles", "cloudfront:ListFunctions", "cloudfront:ListInvalidations", "cloudfront:ListKeyGroups", "cloudfront:ListKeyValueStores", "cloudfront:ListOriginAccessControls", "cloudfront:ListOriginRequestPolicies", "cloudfront:ListPublicKeys", "cloudfront:ListRateCards", "cloudfront:ListRealtimeLogConfigs", "cloudfront:ListResponseHeadersPolicies", "cloudfront:ListSavingsPlans", "cloudfront:ListStreamingDistributions", "cloudfront:ListTagsForResource", "cloudfront:ListUsages", "cloudhsm:DescribeBackups", "cloudhsm:DescribeClusters", "cloudhsm:DescribeHapg", "cloudhsm:DescribeHsm", "cloudhsm:DescribeLunaClient", "cloudhsm:ListAvailableZones", "cloudhsm:ListHapgs", "cloudhsm:ListHsms", "cloudhsm:ListLunaClients", "cloudhsm:ListTags", "cloudhsm:ListTagsForResource", "cloudsearch:DescribeAnalysisSchemes", "cloudsearch:DescribeAvailabilityOptions", "cloudsearch:DescribeDomainEndpointOptions", "cloudsearch:DescribeDomains", "cloudsearch:DescribeExpressions", "cloudsearch:DescribeIndexFields", "cloudsearch:DescribeScalingParameters", "cloudsearch:DescribeServiceAccessPolicies", "cloudsearch:DescribeSuggesters", "cloudsearch:ListDomainNames", "cloudsearch:ListTags", "cloudtrail:DescribeQuery", "cloudtrail:DescribeTrails", "cloudtrail:GetChannel", "cloudtrail:GetEventDataStore", "cloudtrail:GetEventDataStoreData", "cloudtrail:GetEventSelectors", "cloudtrail:GetImport", "cloudtrail:GetInsightSelectors", "cloudtrail:GetQueryResults", "cloudtrail:GetResourcePolicy", "cloudtrail:GetServiceLinkedChannel", "cloudtrail:GetTrail", "cloudtrail:GetTrailStatus", "cloudtrail:ListChannels", "cloudtrail:ListEventDataStores", "cloudtrail:ListImportFailures", "cloudtrail:ListImports", "cloudtrail:ListPublicKeys", "cloudtrail:ListQueries", "cloudtrail:ListServiceLinkedChannels", "cloudtrail:ListTags", "cloudtrail:ListTrails", "cloudtrail:LookupEvents", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:GenerateQuery", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "codeartifact:DescribeDomain", "codeartifact:DescribePackage", "codeartifact:DescribePackageVersion", "codeartifact:DescribeRepository", "codeartifact:GetAuthorizationToken", "codeartifact:GetDomainPermissionsPolicy", "codeartifact:GetPackageVersionAsset", "codeartifact:GetPackageVersionReadme", "codeartifact:GetRepositoryEndpoint", "codeartifact:GetRepositoryPermissionsPolicy", "codeartifact:ListDomains", "codeartifact:ListPackages", "codeartifact:ListPackageVersionAssets", "codeartifact:ListPackageVersionDependencies", "codeartifact:ListPackageVersions", "codeartifact:ListRepositories", "codeartifact:ListRepositoriesInDomain", "codeartifact:ListTagsForResource", "codeartifact:ReadFromRepository", "codebuild:BatchGetBuildBatches", "codebuild:BatchGetBuilds", "codebuild:BatchGetFleets", "codebuild:BatchGetProjects", "codebuild:BatchGetReportGroups", "codebuild:BatchGetReports", "codebuild:DescribeCodeCoverages", "codebuild:DescribeTestCases", "codebuild:ListBuildBatches", "codebuild:ListBuildBatchesForProject", "codebuild:ListBuilds", "codebuild:ListBuildsForProject", "codebuild:ListConnectedOAuthAccounts", "codebuild:ListCuratedEnvironmentImages", "codebuild:ListFleets", "codebuild:ListProjects", "codebuild:ListReportGroups", "codebuild:ListReports", "codebuild:ListReportsForReportGroup", "codebuild:ListRepositories", "codebuild:ListSharedProjects", "codebuild:ListSharedReportGroups", "codebuild:ListSourceCredentials", "codecatalyst:GetBillingAuthorization", "codecatalyst:GetConnection", "codecatalyst:GetPendingConnection", "codecatalyst:ListConnections", "codecatalyst:ListIamRolesForConnection", "codecatalyst:ListTagsForResource", "codecommit:BatchGetCommits", "codecommit:BatchGetPullRequests", "codecommit:BatchGetRepositories", "codecommit:DescribeMergeConflicts", "codecommit:DescribePullRequestEvents", "codecommit:GetApprovalRuleTemplate", "codecommit:GetBlob", "codecommit:GetBranch", "codecommit:GetComment", "codecommit:GetCommentReactions", "codecommit:GetCommentsForComparedCommit", "codecommit:GetCommentsForPullRequest", "codecommit:GetCommit", "codecommit:GetCommitHistory", "codecommit:GetCommitsFromMergeBase", "codecommit:GetDifferences", "codecommit:GetFile", "codecommit:GetFolder", "codecommit:GetMergeCommit", "codecommit:GetMergeConflicts", "codecommit:GetMergeOptions", "codecommit:GetObjectIdentifier", "codecommit:GetPullRequest", "codecommit:GetPullRequestApprovalStates", "codecommit:GetPullRequestOverrideState", "codecommit:GetReferences", "codecommit:GetRepository", "codecommit:GetRepositoryTriggers", "codecommit:GetTree", "codecommit:GetUploadArchiveStatus", "codecommit:GitPull", "codecommit:ListApprovalRuleTemplates", "codecommit:ListAssociatedApprovalRuleTemplatesForRepository", "codecommit:ListBranches", "codecommit:ListFileCommitHistory", "codecommit:ListPullRequests", "codecommit:ListRepositories", "codecommit:ListRepositoriesForApprovalRuleTemplate", "codecommit:ListTagsForResource", "codedeploy:BatchGetApplicationRevisions", "codedeploy:BatchGetApplications", "codedeploy:BatchGetDeploymentGroups", "codedeploy:BatchGetDeploymentInstances", "codedeploy:BatchGetDeploymentTargets", "codedeploy:BatchGetDeployments", "codedeploy:BatchGetOnPremisesInstances", "codedeploy:GetApplication", "codedeploy:GetApplicationRevision", "codedeploy:GetDeployment", "codedeploy:GetDeploymentConfig", "codedeploy:GetDeploymentGroup", "codedeploy:GetDeploymentInstance", "codedeploy:GetDeploymentTarget", "codedeploy:GetOnPremisesInstance", "codedeploy:ListApplicationRevisions", "codedeploy:ListApplications", "codedeploy:ListDeploymentConfigs", "codedeploy:ListDeploymentGroups", "codedeploy:ListDeploymentInstances", "codedeploy:ListDeploymentTargets", "codedeploy:ListDeployments", "codedeploy:ListGitHubAccountTokenNames", "codedeploy:ListOnPremisesInstances", "codedeploy:ListTagsForResource", "codeguru-profiler:DescribeProfilingGroup", "codeguru-profiler:GetFindingsReportAccountSummary", "codeguru-profiler:GetNotificationConfiguration", "codeguru-profiler:GetPolicy", "codeguru-profiler:GetProfile", "codeguru-profiler:GetRecommendations", "codeguru-profiler:ListFindingsReports", "codeguru-profiler:ListProfileTimes", "codeguru-profiler:ListProfilingGroups", "codeguru-profiler:ListTagsForResource", "codeguru-reviewer:DescribeCodeReview", "codeguru-reviewer:DescribeRecommendationFeedback", "codeguru-reviewer:DescribeRepositoryAssociation", "codeguru-reviewer:GetMetricsData", "codeguru-reviewer:ListCodeReviews", "codeguru-reviewer:ListRecommendationFeedback", "codeguru-reviewer:ListRecommendations", "codeguru-reviewer:ListRepositoryAssociations", "codeguru-reviewer:ListTagsForResource", "codeguru-reviewer:ListThirdPartyRepositories", "codepipeline:GetActionType", "codepipeline:GetJobDetails", "codepipeline:GetPipeline", "codepipeline:GetPipelineExecution", "codepipeline:GetPipelineState", "codepipeline:GetThirdPartyJobDetails", "codepipeline:ListActionExecutions", "codepipeline:ListActionTypes", "codepipeline:ListPipelineExecutions", "codepipeline:ListPipelines", "codepipeline:ListTagsForResource", "codepipeline:ListWebhooks", "codestar-connections:GetConnection", "codestar-connections:GetHost", "codestar-connections:GetRepositoryLink", "codestar-connections:GetRepositorySyncStatus", "codestar-connections:GetResourceSyncStatus", "codestar-connections:GetSyncConfiguration", "codestar-connections:ListConnections", "codestar-connections:ListHosts", "codestar-connections:ListRepositoryLinks", "codestar-connections:ListRepositorySyncDefinitions", "codestar-connections:ListSyncConfigurations", "codestar-connections:ListTagsForResource", "codestar-notifications:DescribeNotificationRule", "codestar-notifications:ListEventTypes", "codestar-notifications:ListNotificationRules", "codestar-notifications:ListTagsForResource", "codestar-notifications:ListTargets", "codestar:DescribeProject", "codestar:DescribeUserProfile", "codestar:GetExtendedAccess", "codestar:ListProjects", "codestar:ListResources", "codestar:ListTagsForProject", "codestar:ListTeamMembers", "codestar:ListUserProfiles", "codestar:VerifyServiceRole", "cognito-identity:DescribeIdentity", "cognito-identity:DescribeIdentityPool", "cognito-identity:GetCredentialsForIdentity", "cognito-identity:GetIdentityPoolAnalytics", "cognito-identity:GetIdentityPoolDailyAnalytics", "cognito-identity:GetIdentityPoolRoles", "cognito-identity:GetIdentityProviderDailyAnalytics", "cognito-identity:GetOpenIdToken", "cognito-identity:GetOpenIdTokenForDeveloperIdentity", "cognito-identity:ListIdentities", "cognito-identity:ListIdentityPools", "cognito-identity:ListTagsForResource", "cognito-identity:LookupDeveloperIdentity", "cognito-idp:AdminGetDevice", "cognito-idp:AdminGetUser", "cognito-idp:AdminListDevices", "cognito-idp:AdminListGroupsForUser", "cognito-idp:AdminListUserAuthEvents", "cognito-idp:DescribeIdentityProvider", "cognito-idp:DescribeResourceServer", "cognito-idp:DescribeRiskConfiguration", "cognito-idp:DescribeUserImportJob", "cognito-idp:DescribeUserPool", "cognito-idp:DescribeUserPoolClient", "cognito-idp:DescribeUserPoolDomain", "cognito-idp:GetCSVHeader", "cognito-idp:GetDevice", "cognito-idp:GetGroup", "cognito-idp:GetIdentityProviderByIdentifier", "cognito-idp:GetLogDeliveryConfiguration", "cognito-idp:GetSigningCertificate", "cognito-idp:GetUICustomization", "cognito-idp:GetUser", "cognito-idp:GetUserAttributeVerificationCode", "cognito-idp:GetUserPoolMfaConfig", "cognito-idp:GetWebACLForResource", "cognito-idp:ListDevices", "cognito-idp:ListGroups", "cognito-idp:ListIdentityProviders", "cognito-idp:ListResourceServers", "cognito-idp:ListResourcesForWebACL", "cognito-idp:ListTagsForResource", "cognito-idp:ListUserImportJobs", "cognito-idp:ListUserPoolClients", "cognito-idp:ListUserPools", "cognito-idp:ListUsers", "cognito-idp:ListUsersInGroup", "cognito-sync:DescribeDataset", "cognito-sync:DescribeIdentityPoolUsage", "cognito-sync:DescribeIdentityUsage", "cognito-sync:GetBulkPublishDetails", "cognito-sync:GetCognitoEvents", "cognito-sync:GetIdentityPoolConfiguration", "cognito-sync:ListDatasets", "cognito-sync:ListIdentityPoolUsage", "cognito-sync:ListRecords", "cognito-sync:QueryRecords", "comprehend:BatchDetectDominantLanguage", "comprehend:BatchDetectEntities", "comprehend:BatchDetectKeyPhrases", "comprehend:BatchDetectSentiment", "comprehend:BatchDetectSyntax", "comprehend:BatchDetectTargetedSentiment", "comprehend:ClassifyDocument", "comprehend:ContainsPiiEntities", "comprehend:DescribeDataset", "comprehend:DescribeDocumentClassificationJob", "comprehend:DescribeDocumentClassifier", "comprehend:DescribeDominantLanguageDetectionJob", "comprehend:DescribeEndpoint", "comprehend:DescribeEntitiesDetectionJob", "comprehend:DescribeEntityRecognizer", "comprehend:DescribeEventsDetectionJob", "comprehend:DescribeFlywheel", "comprehend:DescribeFlywheelIteration", "comprehend:DescribeKeyPhrasesDetectionJob", "comprehend:DescribePiiEntitiesDetectionJob", "comprehend:DescribeResourcePolicy", "comprehend:DescribeSentimentDetectionJob", "comprehend:DescribeTargetedSentimentDetectionJob", "comprehend:DescribeTopicsDetectionJob", "comprehend:DetectDominantLanguage", "comprehend:DetectEntities", "comprehend:DetectKeyPhrases", "comprehend:DetectPiiEntities", "comprehend:DetectSentiment", "comprehend:DetectSyntax", "comprehend:DetectTargetedSentiment", "comprehend:DetectToxicContent", "comprehend:ListDatasets", "comprehend:ListDocumentClassificationJobs", "comprehend:ListDocumentClassifierSummaries", "comprehend:ListDocumentClassifiers", "comprehend:ListDominantLanguageDetectionJobs", "comprehend:ListEndpoints", "comprehend:ListEntitiesDetectionJobs", "comprehend:ListEntityRecognizerSummaries", "comprehend:ListEntityRecognizers", "comprehend:ListEventsDetectionJobs", "comprehend:ListFlywheelIterationHistory", "comprehend:ListFlywheels", "comprehend:ListKeyPhrasesDetectionJobs", "comprehend:ListPiiEntitiesDetectionJobs", "comprehend:ListSentimentDetectionJobs", "comprehend:ListTagsForResource", "comprehend:ListTargetedSentimentDetectionJobs", "comprehend:ListTopicsDetectionJobs", "compute-optimizer:DescribeRecommendationExportJobs", "compute-optimizer:GetAutoScalingGroupRecommendations", "compute-optimizer:GetEBSVolumeRecommendations", "compute-optimizer:GetEC2InstanceRecommendations", "compute-optimizer:GetEC2RecommendationProjectedMetrics", "compute-optimizer:GetECSServiceRecommendationProjectedMetrics", "compute-optimizer:GetECSServiceRecommendations", "compute-optimizer:GetEffectiveRecommendationPreferences", "compute-optimizer:GetEnrollmentStatus", "compute-optimizer:GetEnrollmentStatusesForOrganization", "compute-optimizer:GetLambdaFunctionRecommendations", "compute-optimizer:GetLicenseRecommendations", "compute-optimizer:GetRecommendationPreferences", "compute-optimizer:GetRecommendationSummaries", "config:BatchGetAggregateResourceConfig", "config:BatchGetResourceConfig", "config:DeliverConfigSnapshot", "config:DescribeAggregateComplianceByConfigRules", "config:DescribeAggregateComplianceByConformancePacks", "config:DescribeAggregationAuthorizations", "config:DescribeComplianceByConfigRule", "config:DescribeComplianceByResource", "config:DescribeConfigRuleEvaluationStatus", "config:DescribeConfigRules", "config:DescribeConfigurationAggregatorSourcesStatus", "config:DescribeConfigurationAggregators", "config:DescribeConfigurationRecorderStatus", "config:DescribeConfigurationRecorders", "config:DescribeConformancePackCompliance", "config:DescribeConformancePackStatus", "config:DescribeConformancePacks", "config:DescribeDeliveryChannelStatus", "config:DescribeDeliveryChannels", "config:DescribeOrganizationConfigRuleStatuses", "config:DescribeOrganizationConfigRules", "config:DescribeOrganizationConformancePackStatuses", "config:DescribeOrganizationConformancePacks", "config:DescribePendingAggregationRequests", "config:DescribeRemediationConfigurations", "config:DescribeRemediationExceptions", "config:DescribeRemediationExecutionStatus", "config:DescribeRetentionConfigurations", "config:GetAggregateComplianceDetailsByConfigRule", "config:GetAggregateConfigRuleComplianceSummary", "config:GetAggregateConformancePackComplianceSummary", "config:GetAggregateDiscoveredResourceCounts", "config:GetAggregateResourceConfig", "config:GetComplianceDetailsByConfigRule", "config:GetComplianceDetailsByResource", "config:GetComplianceSummaryByConfigRule", "config:GetComplianceSummaryByResourceType", "config:GetConformancePackComplianceDetails", "config:GetConformancePackComplianceSummary", "config:GetCustomRulePolicy", "config:GetDiscoveredResourceCounts", "config:GetOrganizationConfigRuleDetailedStatus", "config:GetOrganizationConformancePackDetailedStatus", "config:GetOrganizationCustomRulePolicy", "config:GetResourceConfigHistory", "config:GetResourceEvaluationSummary", "config:GetStoredQuery", "config:ListAggregateDiscoveredResources", "config:ListConformancePackComplianceScores", "config:ListDiscoveredResources", "config:ListResourceEvaluations", "config:ListStoredQueries", "config:ListTagsForResource", "config:SelectAggregateResourceConfig", "config:SelectResourceConfig", "connect:DescribeAgentStatus", "connect:DescribeContact", "connect:DescribeContactEvaluation", "connect:DescribeContactFlow", "connect:DescribeContactFlowModule", "connect:DescribeEvaluationForm", "connect:DescribeForecastingPlanningSchedulingIntegration", "connect:DescribeHoursOfOperation", "connect:DescribeInstance", "connect:DescribeInstanceAttribute", "connect:DescribeInstanceStorageConfig", "connect:DescribePhoneNumber", "connect:DescribePredefinedAttribute", "connect:DescribePrompt", "connect:DescribeQueue", "connect:DescribeQuickConnect", "connect:DescribeRoutingProfile", "connect:DescribeRule", "connect:DescribeSecurityProfile", "connect:DescribeTrafficDistributionGroup", "connect:DescribeUser", "connect:DescribeUserHierarchyGroup", "connect:DescribeUserHierarchyStructure", "connect:DescribeView", "connect:DescribeVocabulary", "connect:GetContactAttributes", "connect:GetCurrentMetricData", "connect:GetCurrentUserData", "connect:GetFederationToken", "connect:GetMetricData", "connect:GetMetricDataV2", "connect:GetTaskTemplate", "connect:GetTrafficDistribution", "connect:ListAgentStatuses", "connect:ListAnalyticsDataAssociations", "connect:ListApprovedOrigins", "connect:ListBots", "connect:ListContactEvaluations", "connect:ListContactFlowModules", "connect:ListContactFlows", "connect:ListContactReferences", "connect:ListDefaultVocabularies", "connect:ListEvaluationFormVersions", "connect:ListEvaluationForms", "connect:ListFlowAssociations", "connect:ListHoursOfOperations", "connect:ListInstanceAttributes", "connect:ListInstanceStorageConfigs", "connect:ListInstances", "connect:ListIntegrationAssociations", "connect:ListLambdaFunctions", "connect:ListLexBots", "connect:ListPhoneNumbers", "connect:ListPhoneNumbersV2", "connect:ListPredefinedAttributes", "connect:ListPrompts", "connect:ListQueueQuickConnects", "connect:ListQueues", "connect:ListQuickConnects", "connect:ListRealtimeContactAnalysisSegments", "connect:ListRealtimeContactAnalysisSegmentsV2", "connect:ListRoutingProfileQueues", "connect:ListRoutingProfiles", "connect:ListRules", "connect:ListSecurityKeys", "connect:ListSecurityProfileApplications", "connect:ListSecurityProfilePermissions", "connect:ListSecurityProfiles", "connect:ListTagsForResource", "connect:ListTaskTemplates", "connect:ListTrafficDistributionGroupUsers", "connect:ListTrafficDistributionGroups", "connect:ListUseCases", "connect:ListUserHierarchyGroups", "connect:ListUserProficiencies", "connect:ListUsers", "connect:ListViewVersions", "connect:ListViews", "consoleapp:GetDeviceIdentity", "consoleapp:ListDeviceIdentities", "consolidatedbilling:GetAccountBillingRole", "consolidatedbilling:ListLinkedAccounts", "cost-optimization-hub:GetPreferences", "cost-optimization-hub:GetRecommendation", "cost-optimization-hub:ListEnrollmentStatuses", "cost-optimization-hub:ListRecommendations", "cost-optimization-hub:ListRecommendationSummaries", "cur:GetClassicReport", "cur:GetClassicReportPreferences", "cur:GetUsageReport", "customer-verification:GetCustomerVerificationDetails", "customer-verification:GetCustomerVerificationEligibility", "databrew:DescribeDataset", "databrew:DescribeJob", "databrew:DescribeJobRun", "databrew:DescribeProject", "databrew:DescribeRecipe", "databrew:DescribeRuleset", "databrew:DescribeSchedule", "databrew:ListDatasets", "databrew:ListJobRuns", "databrew:ListJobs", "databrew:ListProjects", "databrew:ListRecipes", "databrew:ListRecipeVersions", "databrew:ListRulesets", "databrew:ListSchedules", "databrew:ListTagsForResource", "dataexchange:GetAsset", "dataexchange:GetDataSet", "dataexchange:GetEventAction", "dataexchange:GetJob", "dataexchange:GetRevision", "dataexchange:ListDataSetRevisions", "dataexchange:ListDataSets", "dataexchange:ListEventActions", "dataexchange:ListJobs", "dataexchange:ListRevisionAssets", "dataexchange:ListTagsForResource", "datapipeline:DescribeObjects", "datapipeline:DescribePipelines", "datapipeline:EvaluateExpression", "datapipeline:GetAccountLimits", "datapipeline:GetPipelineDefinition", "datapipeline:ListPipelines", "datapipeline:QueryObjects", "datapipeline:ValidatePipelineDefinition", "datasync:DescribeAgent", "datasync:DescribeDiscoveryJob", "datasync:DescribeLocationAzureBlob", "datasync:DescribeLocationEfs", "datasync:DescribeLocationFsxLustre", "datasync:DescribeLocationFsxOntap", "datasync:DescribeLocationFsxOpenZfs", "datasync:DescribeLocationFsxWindows", "datasync:DescribeLocationHdfs", "datasync:DescribeLocationNfs", "datasync:DescribeLocationObjectStorage", "datasync:DescribeLocationS3", "datasync:DescribeLocationSmb", "datasync:DescribeStorageSystem", "datasync:DescribeStorageSystemResourceMetrics", "datasync:DescribeStorageSystemResources", "datasync:DescribeTask", "datasync:DescribeTaskExecution", "datasync:ListAgents", "datasync:ListDiscoveryJobs", "datasync:ListLocations", "datasync:ListStorageSystems", "datasync:ListTagsForResource", "datasync:ListTaskExecutions", "datasync:ListTasks", "dax:BatchGetItem", "dax:DescribeClusters", "dax:DescribeDefaultParameters", "dax:DescribeEvents", "dax:DescribeParameterGroups", "dax:DescribeParameters", "dax:DescribeSubnetGroups", "dax:GetItem", "dax:ListTags", "dax:Query", "dax:Scan", "deepcomposer:GetComposition", "deepcomposer:GetModel", "deepcomposer:GetSampleModel", "deepcomposer:ListCompositions", "deepcomposer:ListModels", "deepcomposer:ListSampleModels", "deepcomposer:ListTrainingTopics", "detective:BatchGetGraphMemberDatasources", "detective:BatchGetMembershipDatasources", "detective:GetFreeTrialEligibility", "detective:GetGraphIngestState", "detective:GetInvestigation", "detective:GetMembers", "detective:GetPricingInformation", "detective:GetUsageInformation", "detective:ListDatasourcePackages", "detective:ListGraphs", "detective:ListHighDegreeEntities", "detective:ListIndicators", "detective:ListInvestigations", "detective:ListInvitations", "detective:ListMembers", "detective:ListOrganizationAdminAccount", "detective:ListTagsForResource", "detective:SearchGraph", "devicefarm:GetAccountSettings", "devicefarm:GetDevice", "devicefarm:GetDeviceInstance", "devicefarm:GetDevicePool", "devicefarm:GetDevicePoolCompatibility", "devicefarm:GetInstanceProfile", "devicefarm:GetJob", "devicefarm:GetNetworkProfile", "devicefarm:GetOfferingStatus", "devicefarm:GetProject", "devicefarm:GetRemoteAccessSession", "devicefarm:GetRun", "devicefarm:GetSuite", "devicefarm:GetTest", "devicefarm:GetTestGridProject", "devicefarm:GetTestGridSession", "devicefarm:GetUpload", "devicefarm:GetVPCEConfiguration", "devicefarm:ListArtifacts", "devicefarm:ListDeviceInstances", "devicefarm:ListDevicePools", "devicefarm:ListDevices", "devicefarm:ListInstanceProfiles", "devicefarm:ListJobs", "devicefarm:ListNetworkProfiles", "devicefarm:ListOfferingPromotions", "devicefarm:ListOfferingTransactions", "devicefarm:ListOfferings", "devicefarm:ListProjects", "devicefarm:ListRemoteAccessSessions", "devicefarm:ListRuns", "devicefarm:ListSamples", "devicefarm:ListSuites", "devicefarm:ListTagsForResource", "devicefarm:ListTestGridProjects", "devicefarm:ListTestGridSessionActions", "devicefarm:ListTestGridSessionArtifacts", "devicefarm:ListTestGridSessions", "devicefarm:ListTests", "devicefarm:ListUniqueProblems", "devicefarm:ListUploads", "devicefarm:ListVPCEConfigurations", "devops-guru:DescribeAccountHealth", "devops-guru:DescribeAccountOverview", "devops-guru:DescribeAnomaly", "devops-guru:DescribeEventSourcesConfig", "devops-guru:DescribeFeedback", "devops-guru:DescribeInsight", "devops-guru:DescribeOrganizationHealth", "devops-guru:DescribeOrganizationOverview", "devops-guru:DescribeOrganizationResourceCollectionHealth", "devops-guru:DescribeResourceCollectionHealth", "devops-guru:DescribeServiceIntegration", "devops-guru:GetCostEstimation", "devops-guru:GetResourceCollection", "devops-guru:ListAnomaliesForInsight", "devops-guru:ListAnomalousLogGroups", "devops-guru:ListEvents", "devops-guru:ListInsights", "devops-guru:ListMonitoredResources", "devops-guru:ListNotificationChannels", "devops-guru:ListOrganizationInsights", "devops-guru:ListRecommendations", "devops-guru:SearchInsights", "devops-guru:StartCostEstimation", "directconnect:DescribeConnectionLoa", "directconnect:DescribeConnections", "directconnect:DescribeConnectionsOnInterconnect", "directconnect:DescribeCustomerMetadata", "directconnect:DescribeDirectConnectGatewayAssociationProposals", "directconnect:DescribeDirectConnectGatewayAssociations", "directconnect:DescribeDirectConnectGatewayAttachments", "directconnect:DescribeDirectConnectGateways", "directconnect:DescribeHostedConnections", "directconnect:DescribeInterconnectLoa", "directconnect:DescribeInterconnects", "directconnect:DescribeLags", "directconnect:DescribeLoa", "directconnect:DescribeLocations", "directconnect:DescribeRouterConfiguration", "directconnect:DescribeTags", "directconnect:DescribeVirtualGateways", "directconnect:DescribeVirtualInterfaces", "discovery:DescribeAgents", "discovery:DescribeBatchDeleteConfigurationTask", "discovery:DescribeConfigurations", "discovery:DescribeContinuousExports", "discovery:DescribeExportConfigurations", "discovery:DescribeExportTasks", "discovery:DescribeImportTasks", "discovery:DescribeTags", "discovery:GetDiscoverySummary", "discovery:GetNetworkConnectionGraph", "discovery:ListConfigurations", "discovery:ListServerNeighbors", "dlm:GetLifecyclePolicies", "dlm:GetLifecyclePolicy", "dms:DescribeAccountAttributes", "dms:DescribeApplicableIndividualAssessments", "dms:DescribeCertificates", "dms:DescribeConnections", "dms:DescribeConversionConfiguration", "dms:DescribeDataMigrations", "dms:DescribeDataProviders", "dms:DescribeEndpointSettings", "dms:DescribeEndpointTypes", "dms:DescribeEndpoints", "dms:DescribeEngineVersions", "dms:DescribeEventCategories", "dms:DescribeEventSubscriptions", "dms:DescribeEvents", "dms:DescribeExtensionPackAssociations", "dms:DescribeFleetAdvisorCollectors", "dms:DescribeFleetAdvisorDatabases", "dms:DescribeFleetAdvisorLsaAnalysis", "dms:DescribeFleetAdvisorSchemaObjectSummary", "dms:DescribeFleetAdvisorSchemas", "dms:DescribeInstanceProfiles", "dms:DescribeMetadataModelAssessments", "dms:DescribeMetadataModelConversions", "dms:DescribeMetadataModelExportsAsScript", "dms:DescribeMetadataModelExportsToTarget", "dms:DescribeMetadataModelImports", "dms:DescribeMigrationProjects", "dms:DescribeOrderableReplicationInstances", "dms:DescribePendingMaintenanceActions", "dms:DescribeRecommendationLimitations", "dms:DescribeRecommendations", "dms:DescribeRefreshSchemasStatus", "dms:DescribeReplicationConfigs", "dms:DescribeReplicationInstanceTaskLogs", "dms:DescribeReplicationInstances", "dms:DescribeReplicationSubnetGroups", "dms:DescribeReplicationTableStatistics", "dms:DescribeReplicationTaskAssessmentResults", "dms:DescribeReplicationTaskAssessmentRuns", "dms:DescribeReplicationTaskIndividualAssessments", "dms:DescribeReplicationTasks", "dms:DescribeReplications", "dms:DescribeSchemas", "dms:DescribeTableStatistics", "dms:ListDataProviders", "dms:ListExtensionPacks", "dms:ListInstanceProfiles", "dms:ListMetadataModelAssessmentActionItems", "dms:ListMetadataModelAssessments", "dms:ListMetadataModelConversions", "dms:ListMetadataModelExports", "dms:ListMigrationProjects", "dms:ListTagsForResource", "dms:TestConnection", "drs:DescribeJobLogItems", "drs:DescribeJobs", "drs:DescribeLaunchConfigurationTemplates", "drs:DescribeRecoveryInstances", "drs:DescribeRecoverySnapshots", "drs:DescribeReplicationConfigurationTemplates", "drs:DescribeSourceNetworks", "drs:DescribeSourceServers", "drs:GetFailbackReplicationConfiguration", "drs:GetLaunchConfiguration", "drs:GetReplicationConfiguration", "drs:ListExtensibleSourceServers", "drs:ListLaunchActions", "drs:ListStagingAccounts", "drs:ListTagsForResource", "ds:CheckAlias", "ds:DescribeCertificate", "ds:DescribeClientAuthenticationSettings", "ds:DescribeConditionalForwarders", "ds:DescribeDirectories", "ds:DescribeDomainControllers", "ds:DescribeEventTopics", "ds:DescribeLDAPSSettings", "ds:DescribeRegions", "ds:DescribeSettings", "ds:DescribeSharedDirectories", "ds:DescribeSnapshots", "ds:DescribeTrusts", "ds:DescribeUpdateDirectory", "ds:GetAuthorizedApplicationDetails", "ds:GetDirectoryLimits", "ds:GetSnapshotLimits", "ds:ListAuthorizedApplications", "ds:ListCertificates", "ds:ListIpRoutes", "ds:ListLogSubscriptions", "ds:ListSchemaExtensions", "ds:ListTagsForResource", "ds:VerifyTrust", "dynamodb:BatchGetItem", "dynamodb:DescribeBackup", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeContributorInsights", "dynamodb:DescribeEndpoints", "dynamodb:DescribeExport", "dynamodb:DescribeGlobalTable", "dynamodb:DescribeGlobalTableSettings", "dynamodb:DescribeImport", "dynamodb:DescribeKinesisStreamingDestination", "dynamodb:DescribeLimits", "dynamodb:DescribeReservedCapacity", "dynamodb:DescribeReservedCapacityOfferings", "dynamodb:DescribeStream", "dynamodb:DescribeTable", "dynamodb:DescribeTableReplicaAutoScaling", "dynamodb:DescribeTimeToLive", "dynamodb:GetItem", "dynamodb:GetRecords", "dynamodb:GetResourcePolicy", "dynamodb:GetShardIterator", "dynamodb:ListBackups", "dynamodb:ListContributorInsights", "dynamodb:ListExports", "dynamodb:ListGlobalTables", "dynamodb:ListImports", "dynamodb:ListStreams", "dynamodb:ListTables", "dynamodb:ListTagsOfResource", "dynamodb:PartiQLSelect", "dynamodb:Query", "dynamodb:Scan", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:GetAssociatedEnclaveCertificateIamRoles", "ec2:GetAssociatedIpv6PoolCidrs", "ec2:GetAwsNetworkPerformanceData", "ec2:GetCapacityReservationUsage", "ec2:GetCoipPoolUsage", "ec2:GetConsoleOutput", "ec2:GetConsoleScreenshot", "ec2:GetDefaultCreditSpecification", "ec2:GetEbsDefaultKmsKeyId", "ec2:GetEbsEncryptionByDefault", "ec2:GetFlowLogsIntegrationTemplate", "ec2:GetGroupsForCapacityReservation", "ec2:GetHostReservationPurchasePreview", "ec2:GetImageBlockPublicAccessState", "ec2:GetInstanceMetadataDefaults", "ec2:GetInstanceTypesFromInstanceRequirements", "ec2:GetInstanceUefiData", "ec2:GetIpamAddressHistory", "ec2:GetIpamDiscoveredAccounts", "ec2:GetIpamDiscoveredPublicAddresses", "ec2:GetIpamDiscoveredResourceCidrs", "ec2:GetIpamPoolAllocations", "ec2:GetIpamPoolCidrs", "ec2:GetIpamResourceCidrs", "ec2:GetLaunchTemplateData", "ec2:GetManagedPrefixListAssociations", "ec2:GetManagedPrefixListEntries", "ec2:GetNetworkInsightsAccessScopeAnalysisFindings", "ec2:GetNetworkInsightsAccessScopeContent", "ec2:GetPasswordData", "ec2:GetReservedInstancesExchangeQuote", "ec2:GetResourcePolicy", "ec2:GetSecurityGroupsForVpc", "ec2:GetSerialConsoleAccessStatus", "ec2:GetSnapshotBlockPublicAccessState", "ec2:GetSpotPlacementScores", "ec2:GetSubnetCidrReservations", "ec2:GetTransitGatewayAttachmentPropagations", "ec2:GetTransitGatewayMulticastDomainAssociations", "ec2:GetTransitGatewayPolicyTableAssociations", "ec2:GetTransitGatewayPolicyTableEntries", "ec2:GetTransitGatewayPrefixListReferences", "ec2:GetTransitGatewayRouteTableAssociations", "ec2:GetTransitGatewayRouteTablePropagations", "ec2:GetVerifiedAccessEndpointPolicy", "ec2:GetVerifiedAccessGroupPolicy", "ec2:GetVerifiedAccessInstanceWebAcl", "ec2:GetVpnConnectionDeviceSampleConfiguration", "ec2:GetVpnConnectionDeviceTypes", "ec2:GetVpnTunnelReplacementStatus", "ec2:ListImagesInRecycleBin", "ec2:ListSnapshotsInRecycleBin", "ec2:SearchLocalGatewayRoutes", "ec2:SearchTransitGatewayRoutes", "ec2messages:GetEndpoint", "ec2messages:GetMessages", "ecr-public:BatchCheckLayerAvailability", "ecr-public:DescribeImages", "ecr-public:DescribeImageTags", "ecr-public:DescribeRegistries", "ecr-public:DescribeRepositories", "ecr-public:GetAuthorizationToken", "ecr-public:GetRegistryCatalogData", "ecr-public:GetRepositoryCatalogData", "ecr-public:GetRepositoryPolicy", "ecr-public:ListTagsForResource", "ecr:BatchCheckLayerAvailability", "ecr:BatchGetImage", "ecr:BatchGetRepositoryScanningConfiguration", "ecr:DescribeImageReplicationStatus", "ecr:DescribeImageScanFindings", "ecr:DescribeImages", "ecr:DescribePullThroughCacheRules", "ecr:DescribeRegistry", "ecr:DescribeRepositories", "ecr:DescribeRepositoryCreationTemplate", "ecr:GetAuthorizationToken", "ecr:GetDownloadUrlForLayer", "ecr:GetLifecyclePolicy", "ecr:GetLifecyclePolicyPreview", "ecr:GetRegistryPolicy", "ecr:GetRegistryScanningConfiguration", "ecr:GetRepositoryPolicy", "ecr:ListImages", "ecr:ListTagsForResource", "ecs:DescribeCapacityProviders", "ecs:DescribeClusters", "ecs:DescribeContainerInstances", "ecs:DescribeServices", "ecs:DescribeTaskDefinition", "ecs:DescribeTaskSets", "ecs:DescribeTasks", "ecs:ListAccountSettings", "ecs:ListAttributes", "ecs:ListClusters", "ecs:ListContainerInstances", "ecs:ListServices", "ecs:ListServicesByNamespace", "ecs:ListTagsForResource", "ecs:ListTaskDefinitionFamilies", "ecs:ListTaskDefinitions", "ecs:ListTasks", "eks:DescribeAccessEntry", "eks:DescribeAddon", "eks:DescribeAddonConfiguration", "eks:DescribeAddonVersions", "eks:DescribeCluster", "eks:DescribeEksAnywhereSubscription", "eks:DescribeFargateProfile", "eks:DescribeIdentityProviderConfig", "eks:DescribeInsight", "eks:DescribeNodegroup", "eks:DescribePodIdentityAssociation", "eks:DescribeUpdate", "eks:ListAccessEntries", "eks:ListAccessPolicies", "eks:ListAddons", "eks:ListAssociatedAccessPolicies", "eks:ListClusters", "eks:ListEksAnywhereSubscriptions", "eks:ListFargateProfiles", "eks:ListIdentityProviderConfigs", "eks:ListInsights", "eks:ListNodegroups", "eks:ListPodIdentityAssociations", "eks:ListTagsForResource", "eks:ListUpdates", "elastic-inference:DescribeAcceleratorOfferings", "elastic-inference:DescribeAccelerators", "elastic-inference:DescribeAcceleratorTypes", "elastic-inference:ListTagsForResource", "elasticache:DescribeCacheClusters", "elasticache:DescribeCacheEngineVersions", "elasticache:DescribeCacheParameterGroups", "elasticache:DescribeCacheParameters", "elasticache:DescribeCacheSecurityGroups", "elasticache:DescribeCacheSubnetGroups", "elasticache:DescribeEngineDefaultParameters", "elasticache:DescribeEvents", "elasticache:DescribeGlobalReplicationGroups", "elasticache:DescribeReplicationGroups", "elasticache:DescribeReservedCacheNodes", "elasticache:DescribeReservedCacheNodesOfferings", "elasticache:DescribeServerlessCacheSnapshots", "elasticache:DescribeServerlessCaches", "elasticache:DescribeServiceUpdates", "elasticache:DescribeSnapshots", "elasticache:DescribeUpdateActions", "elasticache:DescribeUserGroups", "elasticache:DescribeUsers", "elasticache:ListAllowedNodeTypeModifications", "elasticache:ListTagsForResource", "elasticbeanstalk:CheckDNSAvailability", "elasticbeanstalk:DescribeAccountAttributes", "elasticbeanstalk:DescribeApplicationVersions", "elasticbeanstalk:DescribeApplications", "elasticbeanstalk:DescribeConfigurationOptions", "elasticbeanstalk:DescribeConfigurationSettings", "elasticbeanstalk:DescribeEnvironmentHealth", "elasticbeanstalk:DescribeEnvironmentManagedActionHistory", "elasticbeanstalk:DescribeEnvironmentManagedActions", "elasticbeanstalk:DescribeEnvironmentResources", "elasticbeanstalk:DescribeEnvironments", "elasticbeanstalk:DescribeEvents", "elasticbeanstalk:DescribeInstancesHealth", "elasticbeanstalk:DescribePlatformVersion", "elasticbeanstalk:ListAvailableSolutionStacks", "elasticbeanstalk:ListPlatformBranches", "elasticbeanstalk:ListPlatformVersions", "elasticbeanstalk:ListTagsForResource", "elasticbeanstalk:RequestEnvironmentInfo", "elasticbeanstalk:RetrieveEnvironmentInfo", "elasticbeanstalk:ValidateConfigurationSettings", "elasticfilesystem:DescribeAccessPoints", "elasticfilesystem:DescribeAccountPreferences", "elasticfilesystem:DescribeBackupPolicy", "elasticfilesystem:DescribeFileSystemPolicy", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeLifecycleConfiguration", "elasticfilesystem:DescribeMountTargetSecurityGroups", "elasticfilesystem:DescribeMountTargets", "elasticfilesystem:DescribeReplicationConfigurations", "elasticfilesystem:DescribeTags", "elasticfilesystem:ListTagsForResource", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "elasticmapreduce:DescribeCluster", "elasticmapreduce:DescribeEditor", "elasticmapreduce:DescribeJobFlows", "elasticmapreduce:DescribeNotebookExecution", "elasticmapreduce:DescribePersistentAppUI", "elasticmapreduce:DescribeReleaseLabel", "elasticmapreduce:DescribeRepository", "elasticmapreduce:DescribeSecurityConfiguration", "elasticmapreduce:DescribeStep", "elasticmapreduce:DescribeStudio", "elasticmapreduce:GetBlockPublicAccessConfiguration", "elasticmapreduce:ListBootstrapActions", "elasticmapreduce:ListClusters", "elasticmapreduce:ListEditors", "elasticmapreduce:ListInstanceFleets", "elasticmapreduce:ListInstanceGroups", "elasticmapreduce:ListInstances", "elasticmapreduce:ListNotebookExecutions", "elasticmapreduce:ListReleaseLabels", "elasticmapreduce:ListRepositories", "elasticmapreduce:ListSecurityConfigurations", "elasticmapreduce:ListSteps", "elasticmapreduce:ListStudioSessionMappings", "elasticmapreduce:ListStudios", "elasticmapreduce:ListSupportedInstanceTypes", "elasticmapreduce:ListWorkspaceAccessIdentities", "elasticmapreduce:ViewEventsFromAllClustersInConsole", "elastictranscoder:ListJobsByPipeline", "elastictranscoder:ListJobsByStatus", "elastictranscoder:ListPipelines", "elastictranscoder:ListPresets", "elastictranscoder:ReadJob", "elastictranscoder:ReadPipeline", "elastictranscoder:ReadPreset", "elemental-appliances-software:GetAvsCorrectAddress", "elemental-appliances-software:GetBillingAddresses", "elemental-appliances-software:GetDeliveryAddressesV2", "elemental-appliances-software:GetOrder", "elemental-appliances-software:GetOrdersV2", "elemental-appliances-software:GetQuote", "elemental-appliances-software:GetTaxes", "elemental-appliances-software:ListQuotes", "elemental-appliances-software:ListTagsForResource", "emr-containers:DescribeJobRun", "emr-containers:DescribeManagedEndpoint", "emr-containers:DescribeVirtualCluster", "emr-containers:ListJobRuns", "emr-containers:ListManagedEndpoints", "emr-containers:ListTagsForResource", "emr-containers:ListVirtualClusters", "emr-serverless:GetApplication", "emr-serverless:GetDashboardForJobRun", "emr-serverless:GetJobRun", "emr-serverless:ListApplications", "emr-serverless:ListJobRuns", "emr-serverless:ListTagsForResource", "es:DescribeDomain", "es:DescribeDomainAutoTunes", "es:DescribeDomainChangeProgress", "es:DescribeDomainConfig", "es:DescribeDomainHealth", "es:DescribeDomainNodes", "es:DescribeDomains", "es:DescribeDryRunProgress", "es:DescribeElasticsearchDomain", "es:DescribeElasticsearchDomainConfig", "es:DescribeElasticsearchDomains", "es:DescribeElasticsearchInstanceTypeLimits", "es:DescribeInboundConnections", "es:DescribeInboundCrossClusterSearchConnections", "es:DescribeInstanceTypeLimits", "es:DescribeOutboundConnections", "es:DescribeOutboundCrossClusterSearchConnections", "es:DescribePackages", "es:DescribeReservedElasticsearchInstanceOfferings", "es:DescribeReservedElasticsearchInstances", "es:DescribeReservedInstanceOfferings", "es:DescribeReservedInstances", "es:DescribeVpcEndpoints", "es:ESHttpGet", "es:ESHttpHead", "es:GetCompatibleElasticsearchVersions", "es:GetCompatibleVersions", "es:GetDataSource", "es:GetDomainMaintenanceStatus", "es:GetPackageVersionHistory", "es:GetUpgradeHistory", "es:GetUpgradeStatus", "es:ListDataSources", "es:ListDomainMaintenances", "es:ListDomainNames", "es:ListDomainsForPackage", "es:ListElasticsearchInstanceTypeDetails", "es:ListElasticsearchInstanceTypes", "es:ListElasticsearchVersions", "es:ListInstanceTypeDetails", "es:ListPackagesForDomain", "es:ListScheduledActions", "es:ListTags", "es:ListVersions", "es:ListVpcEndpointAccess", "es:ListVpcEndpoints", "es:ListVpcEndpointsForDomain", "events:DescribeApiDestination", "events:DescribeArchive", "events:DescribeConnection", "events:DescribeEndpoint", "events:DescribeEventBus", "events:DescribeEventSource", "events:DescribePartnerEventSource", "events:DescribeReplay", "events:DescribeRule", "events:ListApiDestinations", "events:ListArchives", "events:ListConnections", "events:ListEndpoints", "events:ListEventBuses", "events:ListEventSources", "events:ListPartnerEventSourceAccounts", "events:ListPartnerEventSources", "events:ListReplays", "events:ListRuleNamesByTarget", "events:ListRules", "events:ListTagsForResource", "events:ListTargetsByRule", "events:TestEventPattern", "evidently:GetExperiment", "evidently:GetExperimentResults", "evidently:GetFeature", "evidently:GetLaunch", "evidently:GetProject", "evidently:GetSegment", "evidently:ListExperiments", "evidently:ListFeatures", "evidently:ListLaunches", "evidently:ListProjects", "evidently:ListSegmentReferences", "evidently:ListSegments", "evidently:ListTagsForResource", "evidently:TestSegmentPattern", "firehose:DescribeDeliveryStream", "firehose:ListDeliveryStreams", "firehose:ListTagsForDeliveryStream", "fis:GetAction", "fis:GetExperiment", "fis:GetExperimentTargetAccountConfiguration", "fis:GetExperimentTemplate", "fis:GetTargetAccountConfiguration", "fis:GetTargetResourceType", "fis:ListActions", "fis:ListExperimentResolvedTargets", "fis:ListExperiments", "fis:ListExperimentTargetAccountConfigurations", "fis:ListExperimentTemplates", "fis:ListTagsForResource", "fis:ListTargetAccountConfigurations", "fis:ListTargetResourceTypes", "fms:GetAdminAccount", "fms:GetAppsList", "fms:GetComplianceDetail", "fms:GetNotificationChannel", "fms:GetPolicy", "fms:GetProtectionStatus", "fms:GetProtocolsList", "fms:GetViolationDetails", "fms:ListAppsLists", "fms:ListComplianceStatus", "fms:ListMemberAccounts", "fms:ListPolicies", "fms:ListProtocolsLists", "fms:ListTagsForResource", "forecast:DescribeAutoPredictor", "forecast:DescribeDataset", "forecast:DescribeDatasetGroup", "forecast:DescribeDatasetImportJob", "forecast:DescribeExplainability", "forecast:DescribeExplainabilityExport", "forecast:DescribeForecast", "forecast:DescribeForecastExportJob", "forecast:DescribeMonitor", "forecast:DescribePredictor", "forecast:DescribePredictorBacktestExportJob", "forecast:DescribeWhatIfAnalysis", "forecast:DescribeWhatIfForecast", "forecast:DescribeWhatIfForecastExport", "forecast:GetAccuracyMetrics", "forecast:ListDatasetGroups", "forecast:ListDatasetImportJobs", "forecast:ListDatasets", "forecast:ListExplainabilities", "forecast:ListExplainabilityExports", "forecast:ListForecastExportJobs", "forecast:ListForecasts", "forecast:ListMonitorEvaluations", "forecast:ListMonitors", "forecast:ListPredictorBacktestExportJobs", "forecast:ListPredictors", "forecast:ListWhatIfAnalyses", "forecast:ListWhatIfForecastExports", "forecast:ListWhatIfForecasts", "forecast:QueryForecast", "forecast:QueryWhatIfForecast", "frauddetector:BatchGetVariable", "frauddetector:DescribeDetector", "frauddetector:DescribeModelVersions", "frauddetector:GetBatchImportJobs", "frauddetector:GetBatchPredictionJobs", "frauddetector:GetDeleteEventsByEventTypeStatus", "frauddetector:GetDetectors", "frauddetector:GetDetectorVersion", "frauddetector:GetEntityTypes", "frauddetector:GetEvent", "frauddetector:GetEventPredictionMetadata", "frauddetector:GetEventTypes", "frauddetector:GetExternalModels", "frauddetector:GetKMSEncryptionKey", "frauddetector:GetLabels", "frauddetector:GetListElements", "frauddetector:GetListsMetadata", "frauddetector:GetModels", "frauddetector:GetModelVersion", "frauddetector:GetOutcomes", "frauddetector:GetRules", "frauddetector:GetVariables", "frauddetector:ListEventPredictions", "frauddetector:ListTagsForResource", "freertos:DescribeHardwarePlatform", "freertos:DescribeSoftwareConfiguration", "freertos:DescribeSubscription", "freertos:ListFreeRTOSVersions", "freertos:ListHardwarePlatforms", "freertos:ListHardwareVendors", "freertos:ListSoftwareConfigurations", "freertos:ListSoftwarePatches", "freertos:ListSubscriptionEmails", "freertos:ListSubscriptions", "freetier:GetFreeTierAlertPreference", "freetier:GetFreeTierUsage", "fsx:DescribeAssociatedFileGateways", "fsx:DescribeBackups", "fsx:DescribeDataRepositoryAssociations", "fsx:DescribeDataRepositoryTasks", "fsx:DescribeFileCaches", "fsx:DescribeFileSystemAliases", "fsx:DescribeFileSystems", "fsx:DescribeSharedVpcConfiguration", "fsx:DescribeSnapshots", "fsx:DescribeStorageVirtualMachines", "fsx:DescribeVolumes", "fsx:ListTagsForResource", "gamelift:DescribeAlias", "gamelift:DescribeBuild", "gamelift:DescribeCompute", "gamelift:DescribeContainerGroupDefinition", "gamelift:DescribeEC2InstanceLimits", "gamelift:DescribeFleetAttributes", "gamelift:DescribeFleetCapacity", "gamelift:DescribeFleetEvents", "gamelift:DescribeFleetLocationAttributes", "gamelift:DescribeFleetLocationCapacity", "gamelift:DescribeFleetLocationUtilization", "gamelift:DescribeFleetPortSettings", "gamelift:DescribeFleetUtilization", "gamelift:DescribeGameServer", "gamelift:DescribeGameServerGroup", "gamelift:DescribeGameServerInstances", "gamelift:DescribeGameSessionDetails", "gamelift:DescribeGameSessionPlacement", "gamelift:DescribeGameSessionQueues", "gamelift:DescribeGameSessions", "gamelift:DescribeInstances", "gamelift:DescribeMatchmaking", "gamelift:DescribeMatchmakingConfigurations", "gamelift:DescribeMatchmakingRuleSets", "gamelift:DescribePlayerSessions", "gamelift:DescribeRuntimeConfiguration", "gamelift:DescribeScalingPolicies", "gamelift:DescribeScript", "gamelift:DescribeVpcPeeringAuthorizations", "gamelift:DescribeVpcPeeringConnections", "gamelift:GetComputeAccess", "gamelift:GetComputeAuthToken", "gamelift:GetGameSessionLogUrl", "gamelift:GetInstanceAccess", "gamelift:ListAliases", "gamelift:ListBuilds", "gamelift:ListCompute", "gamelift:ListContainerGroupDefinitions", "gamelift:ListFleets", "gamelift:ListGameServerGroups", "gamelift:ListGameServers", "gamelift:ListLocations", "gamelift:ListScripts", "gamelift:ListTagsForResource", "gamelift:ResolveAlias", "gamelift:SearchGameSessions", "glacier:DescribeJob", "glacier:DescribeVault", "glacier:GetDataRetrievalPolicy", "glacier:GetJobOutput", "glacier:GetVaultAccessPolicy", "glacier:GetVaultLock", "glacier:GetVaultNotifications", "glacier:ListJobs", "glacier:ListMultipartUploads", "glacier:ListParts", "glacier:ListProvisionedCapacity", "glacier:ListTagsForVault", "glacier:ListVaults", "globalaccelerator:DescribeAccelerator", "globalaccelerator:DescribeAcceleratorAttributes", "globalaccelerator:DescribeCrossAccountAttachment", "globalaccelerator:DescribeCustomRoutingAccelerator", "globalaccelerator:DescribeCustomRoutingAcceleratorAttributes", "globalaccelerator:DescribeCustomRoutingEndpointGroup", "globalaccelerator:DescribeCustomRoutingListener", "globalaccelerator:DescribeEndpointGroup", "globalaccelerator:DescribeListener", "globalaccelerator:ListAccelerators", "globalaccelerator:ListByoipCidrs", "globalaccelerator:ListCrossAccountAttachments", "globalaccelerator:ListCrossAccountResourceAccounts", "globalaccelerator:ListCrossAccountResources", "globalaccelerator:ListCustomRoutingAccelerators", "globalaccelerator:ListCustomRoutingEndpointGroups", "globalaccelerator:ListCustomRoutingListeners", "globalaccelerator:ListCustomRoutingPortMappings", "globalaccelerator:ListCustomRoutingPortMappingsByDestination", "globalaccelerator:ListEndpointGroups", "globalaccelerator:ListListeners", "globalaccelerator:ListTagsForResource", "glue:BatchGetCrawlers", "glue:BatchGetDevEndpoints", "glue:BatchGetJobs", "glue:BatchGetPartition", "glue:BatchGetTriggers", "glue:BatchGetWorkflows", "glue:CheckSchemaVersionValidity", "glue:GetCatalogImportStatus", "glue:GetClassifier", "glue:GetClassifiers", "glue:GetCrawler", "glue:GetCrawlerMetrics", "glue:GetCrawlers", "glue:GetDatabase", "glue:GetDatabases", "glue:GetDataCatalogEncryptionSettings", "glue:GetDataflowGraph", "glue:GetDevEndpoint", "glue:GetDevEndpoints", "glue:GetJob", "glue:GetJobBookmark", "glue:GetJobRun", "glue:GetJobRuns", "glue:GetJobs", "glue:GetMapping", "glue:GetMLTaskRun", "glue:GetMLTaskRuns", "glue:GetMLTransform", "glue:GetMLTransforms", "glue:GetPartition", "glue:GetPartitions", "glue:GetPlan", "glue:GetRegistry", "glue:GetResourcePolicy", "glue:GetSchema", "glue:GetSchemaByDefinition", "glue:GetSchemaVersion", "glue:GetSchemaVersionsDiff", "glue:GetSecurityConfiguration", "glue:GetSecurityConfigurations", "glue:GetTable", "glue:GetTables", "glue:GetTableVersion", "glue:GetTableVersions", "glue:GetTags", "glue:GetTrigger", "glue:GetTriggers", "glue:GetUserDefinedFunction", "glue:GetUserDefinedFunctions", "glue:GetWorkflow", "glue:GetWorkflowRun", "glue:GetWorkflowRunProperties", "glue:GetWorkflowRuns", "glue:ListCrawlers", "glue:ListCrawls", "glue:ListDevEndpoints", "glue:ListJobs", "glue:ListMLTransforms", "glue:ListRegistries", "glue:ListSchemas", "glue:ListSchemaVersions", "glue:ListTriggers", "glue:ListWorkflows", "glue:QuerySchemaVersionMetadata", "glue:SearchTables", "grafana:DescribeWorkspace", "grafana:DescribeWorkspaceAuthentication", "grafana:DescribeWorkspaceConfiguration", "grafana:ListPermissions", "grafana:ListTagsForResource", "grafana:ListVersions", "grafana:ListWorkspaces", "greengrass:DescribeComponent", "greengrass:GetComponent", "greengrass:GetComponentVersionArtifact", "greengrass:GetConnectivityInfo", "greengrass:GetCoreDevice", "greengrass:GetDeployment", "greengrass:GetServiceRoleForAccount", "greengrass:GetAssociatedRole", "greengrass:GetBulkDeploymentStatus", "greengrass:GetConnectorDefinition", "greengrass:GetConnectorDefinitionVersion", "greengrass:GetCoreDefinition", "greengrass:GetCoreDefinitionVersion", "greengrass:GetDeploymentStatus", "greengrass:GetDeviceDefinition", "greengrass:GetDeviceDefinitionVersion", "greengrass:GetFunctionDefinition", "greengrass:GetFunctionDefinitionVersion", "greengrass:GetGroup", "greengrass:GetGroupCertificateAuthority", "greengrass:GetGroupCertificateConfiguration", "greengrass:GetGroupVersion", "greengrass:GetLoggerDefinition", "greengrass:GetLoggerDefinitionVersion", "greengrass:GetResourceDefinition", "greengrass:GetResourceDefinitionVersion", "greengrass:GetSubscriptionDefinition", "greengrass:GetSubscriptionDefinitionVersion", "greengrass:GetThingRuntimeConfiguration", "greengrass:ListClientDevicesAssociatedWithCoreDevice", "greengrass:ListComponentVersions", "greengrass:ListComponents", "greengrass:ListCoreDevices", "greengrass:ListDeployments", "greengrass:ListEffectiveDeployments", "greengrass:ListInstalledComponents", "greengrass:ListTagsForResource", "greengrass:ListBulkDeploymentDetailedReports", "greengrass:ListBulkDeployments", "greengrass:ListConnectorDefinitionVersions", "greengrass:ListConnectorDefinitions", "greengrass:ListCoreDefinitionVersions", "greengrass:ListCoreDefinitions", "greengrass:ListDeviceDefinitionVersions", "greengrass:ListDeviceDefinitions", "greengrass:ListFunctionDefinitionVersions", "greengrass:ListFunctionDefinitions", "greengrass:ListGroupCertificateAuthorities", "greengrass:ListGroupVersions", "greengrass:ListGroups", "greengrass:ListLoggerDefinitionVersions", "greengrass:ListLoggerDefinitions", "greengrass:ListResourceDefinitionVersions", "greengrass:ListResourceDefinitions", "greengrass:ListSubscriptionDefinitionVersions", "greengrass:ListSubscriptionDefinitions", "groundstation:DescribeContact", "groundstation:GetConfig", "groundstation:GetDataflowEndpointGroup", "groundstation:GetMinuteUsage", "groundstation:GetMissionProfile", "groundstation:GetSatellite", "groundstation:ListConfigs", "groundstation:ListContacts", "groundstation:ListDataflowEndpointGroups", "groundstation:ListGroundStations", "groundstation:ListMissionProfiles", "groundstation:ListSatellites", "groundstation:ListTagsForResource", "guardduty:DescribeMalwareScans", "guardduty:DescribeOrganizationConfiguration", "guardduty:DescribePublishingDestination", "guardduty:GetAdministratorAccount", "guardduty:GetCoverageStatistics", "guardduty:GetDetector", "guardduty:GetFilter", "guardduty:GetFindings", "guardduty:GetFindingsStatistics", "guardduty:GetIPSet", "guardduty:GetInvitationsCount", "guardduty:GetMalwareScanSettings", "guardduty:GetMasterAccount", "guardduty:GetMemberDetectors", "guardduty:GetMembers", "guardduty:GetOrganizationStatistics", "guardduty:GetRemainingFreeTrialDays", "guardduty:GetThreatIntelSet", "guardduty:GetUsageStatistics", "guardduty:ListCoverage", "guardduty:ListDetectors", "guardduty:ListFilters", "guardduty:ListFindings", "guardduty:ListIPSets", "guardduty:ListInvitations", "guardduty:ListMembers", "guardduty:ListOrganizationAdminAccounts", "guardduty:ListPublishingDestinations", "guardduty:ListTagsForResource", "guardduty:ListThreatIntelSets", "health:DescribeAffectedAccountsForOrganization", "health:DescribeAffectedEntities", "health:DescribeAffectedEntitiesForOrganization", "health:DescribeEntityAggregates", "health:DescribeEntityAggregatesForOrganization", "health:DescribeEventAggregates", "health:DescribeEventDetails", "health:DescribeEventDetailsForOrganization", "health:DescribeEventTypes", "health:DescribeEvents", "health:DescribeEventsForOrganization", "health:DescribeHealthServiceStatusForOrganization", "healthlake:DescribeFHIRDatastore", "healthlake:DescribeFHIRExportJob", "healthlake:DescribeFHIRImportJob", "healthlake:GetCapabilities", "healthlake:ListFHIRDatastores", "healthlake:ListFHIRExportJobs", "healthlake:ListFHIRImportJobs", "healthlake:ListTagsForResource", "healthlake:ReadResource", "healthlake:SearchWithGet", "healthlake:SearchWithPost", "iam:GenerateCredentialReport", "iam:GenerateOrganizationsAccessReport", "iam:GenerateServiceLastAccessedDetails", "iam:GetAccessKeyLastUsed", "iam:GetAccountAuthorizationDetails", "iam:GetAccountEmailAddress", "iam:GetAccountName", "iam:GetAccountPasswordPolicy", "iam:GetAccountSummary", "iam:GetCloudFrontPublicKey", "iam:GetContextKeysForCustomPolicy", "iam:GetContextKeysForPrincipalPolicy", "iam:GetCredentialReport", "iam:GetGroup", "iam:GetGroupPolicy", "iam:GetInstanceProfile", "iam:GetLoginProfile", "iam:GetMFADevice", "iam:GetOpenIDConnectProvider", "iam:GetOrganizationsAccessReport", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:GetRole", "iam:GetRolePolicy", "iam:GetSAMLProvider", "iam:GetSSHPublicKey", "iam:GetServerCertificate", "iam:GetServiceLastAccessedDetails", "iam:GetServiceLastAccessedDetailsWithEntities", "iam:GetServiceLinkedRoleDeletionStatus", "iam:GetUser", "iam:GetUserPolicy", "iam:ListAccessKeys", "iam:ListAccountAliases", "iam:ListAttachedGroupPolicies", "iam:ListAttachedRolePolicies", "iam:ListAttachedUserPolicies", "iam:ListCloudFrontPublicKeys", "iam:ListEntitiesForPolicy", "iam:ListGroupPolicies", "iam:ListGroups", "iam:ListGroupsForUser", "iam:ListInstanceProfileTags", "iam:ListInstanceProfiles", "iam:ListInstanceProfilesForRole", "iam:ListMFADeviceTags", "iam:ListMFADevices", "iam:ListOpenIDConnectProviderTags", "iam:ListOpenIDConnectProviders", "iam:ListPolicies", "iam:ListPoliciesGrantingServiceAccess", "iam:ListPolicyTags", "iam:ListPolicyVersions", "iam:ListRolePolicies", "iam:ListRoleTags", "iam:ListRoles", "iam:ListSAMLProviderTags", "iam:ListSAMLProviders", "iam:ListSSHPublicKeys", "iam:ListSTSRegionalEndpointsStatus", "iam:ListServerCertificateTags", "iam:ListServerCertificates", "iam:ListServiceSpecificCredentials", "iam:ListSigningCertificates", "iam:ListUserPolicies", "iam:ListUserTags", "iam:ListUsers", "iam:ListVirtualMFADevices", "iam:SimulateCustomPolicy", "iam:SimulatePrincipalPolicy", "identity-sync:GetSyncProfile", "identity-sync:GetSyncTarget", "identity-sync:ListSyncFilters", "identitystore-auth:BatchGetSession", "identitystore-auth:ListSessions", "identitystore:DescribeGroup", "identitystore:DescribeGroupMembership", "identitystore:DescribeUser", "identitystore:GetGroupId", "identitystore:GetGroupMembershipId", "identitystore:GetUserId", "identitystore:IsMemberInGroups", "identitystore:ListGroupMemberships", "identitystore:ListGroupMembershipsForMember", "identitystore:ListGroups", "identitystore:ListUsers", "imagebuilder:GetComponent", "imagebuilder:GetComponentPolicy", "imagebuilder:GetContainerRecipe", "imagebuilder:GetContainerRecipePolicy", "imagebuilder:GetDistributionConfiguration", "imagebuilder:GetImage", "imagebuilder:GetImagePipeline", "imagebuilder:GetImagePolicy", "imagebuilder:GetImageRecipe", "imagebuilder:GetImageRecipePolicy", "imagebuilder:GetInfrastructureConfiguration", "imagebuilder:GetLifecycleExecution", "imagebuilder:GetLifecyclePolicy", "imagebuilder:GetWorkflow", "imagebuilder:GetWorkflowExecution", "imagebuilder:GetWorkflowStepExecution", "imagebuilder:ListComponentBuildVersions", "imagebuilder:ListComponents", "imagebuilder:ListContainerRecipes", "imagebuilder:ListDistributionConfigurations", "imagebuilder:ListImageBuildVersions", "imagebuilder:ListImagePackages", "imagebuilder:ListImagePipelineImages", "imagebuilder:ListImagePipelines", "imagebuilder:ListImageRecipes", "imagebuilder:ListImageScanFindingAggregations", "imagebuilder:ListImageScanFindings", "imagebuilder:ListImages", "imagebuilder:ListInfrastructureConfigurations", "imagebuilder:ListLifecycleExecutionResources", "imagebuilder:ListLifecycleExecutions", "imagebuilder:ListLifecyclePolicies", "imagebuilder:ListTagsForResource", "imagebuilder:ListWaitingWorkflowSteps", "imagebuilder:ListWorkflowBuildVersions", "imagebuilder:ListWorkflowExecutions", "imagebuilder:ListWorkflowStepExecutions", "imagebuilder:ListWorkflows", "importexport:GetShippingLabel", "importexport:GetStatus", "importexport:ListJobs", "inspector:DescribeAssessmentRuns", "inspector:DescribeAssessmentTargets", "inspector:DescribeAssessmentTemplates", "inspector:DescribeCrossAccountAccessRole", "inspector:DescribeExclusions", "inspector:DescribeFindings", "inspector:DescribeResourceGroups", "inspector:DescribeRulesPackages", "inspector:GetAssessmentReport", "inspector:GetExclusionsPreview", "inspector:GetTelemetryMetadata", "inspector:ListAssessmentRunAgents", "inspector:ListAssessmentRuns", "inspector:ListAssessmentTargets", "inspector:ListAssessmentTemplates", "inspector:ListEventSubscriptions", "inspector:ListExclusions", "inspector:ListFindings", "inspector:ListRulesPackages", "inspector:ListTagsForResource", "inspector:PreviewAgents", "inspector2:BatchGetAccountStatus", "inspector2:BatchGetFreeTrialInfo", "inspector2:DescribeOrganizationConfiguration", "inspector2:GetDelegatedAdminAccount", "inspector2:GetFindingsReportStatus", "inspector2:GetMember", "inspector2:ListAccountPermissions", "inspector2:ListCisScans", "inspector2:ListCoverage", "inspector2:ListCoverageStatistics", "inspector2:ListDelegatedAdminAccounts", "inspector2:ListFilters", "inspector2:ListFindingAggregations", "inspector2:ListFindings", "inspector2:ListMembers", "inspector2:ListTagsForResource", "inspector2:ListUsageTotals", "internetmonitor:GetHealthEvent", "internetmonitor:GetInternetEvent", "internetmonitor:GetMonitor", "internetmonitor:ListHealthEvents", "internetmonitor:ListInternetEvents", "internetmonitor:ListMonitors", "internetmonitor:ListTagsForResource", "invoicing:GetInvoiceEmailDeliveryPreferences", "invoicing:GetInvoicePDF", "invoicing:ListInvoiceSummaries", "iot:DescribeAccountAuditConfiguration", "iot:DescribeAuditFinding", "iot:DescribeAuditMitigationActionsTask", "iot:DescribeAuditSuppression", "iot:DescribeAuditTask", "iot:DescribeAuthorizer", "iot:DescribeBillingGroup", "iot:DescribeCACertificate", "iot:DescribeCertificate", "iot:DescribeCertificateProvider", "iot:DescribeCustomMetric", "iot:DescribeDefaultAuthorizer", "iot:DescribeDetectMitigationActionsTask", "iot:DescribeDimension", "iot:DescribeDomainConfiguration", "iot:DescribeEndpoint", "iot:DescribeEventConfigurations", "iot:DescribeFleetMetric", "iot:DescribeIndex", "iot:DescribeJob", "iot:DescribeJobExecution", "iot:DescribeJobTemplate", "iot:DescribeManagedJobTemplate", "iot:DescribeMitigationAction", "iot:DescribeProvisioningTemplate", "iot:DescribeProvisioningTemplateVersion", "iot:DescribeRoleAlias", "iot:DescribeScheduledAudit", "iot:DescribeSecurityProfile", "iot:DescribeStream", "iot:DescribeThing", "iot:DescribeThingGroup", "iot:DescribeThingRegistrationTask", "iot:DescribeThingType", "iot:DescribeTunnel", "iot:GetBehaviorModelTrainingSummaries", "iot:GetBucketsAggregation", "iot:GetCardinality", "iot:GetEffectivePolicies", "iot:GetIndexingConfiguration", "iot:GetJobDocument", "iot:GetLoggingOptions", "iot:GetOTAUpdate", "iot:GetPackage", "iot:GetPackageConfiguration", "iot:GetPackageVersion", "iot:GetPercentiles", "iot:GetPolicy", "iot:GetPolicyVersion", "iot:GetRegistrationCode", "iot:GetRetainedMessage", "iot:GetStatistics", "iot:GetThingShadow", "iot:GetTopicRule", "iot:GetTopicRuleDestination", "iot:GetV2LoggingOptions", "iot:ListActiveViolations", "iot:ListAttachedPolicies", "iot:ListAuditFindings", "iot:ListAuditMitigationActionsExecutions", "iot:ListAuditMitigationActionsTasks", "iot:ListAuditSuppressions", "iot:ListAuditTasks", "iot:ListAuthorizers", "iot:ListBillingGroups", "iot:ListCACertificates", "iot:ListCertificateProviders", "iot:ListCertificates", "iot:ListCertificatesByCA", "iot:ListCustomMetrics", "iot:ListDetectMitigationActionsExecutions", "iot:ListDetectMitigationActionsTasks", "iot:ListDimensions", "iot:ListDomainConfigurations", "iot:ListFleetMetrics", "iot:ListIndices", "iot:ListJobExecutionsForJob", "iot:ListJobExecutionsForThing", "iot:ListJobTemplates", "iot:ListJobs", "iot:ListManagedJobTemplates", "iot:ListMetricValues", "iot:ListMitigationActions", "iot:ListNamedShadowsForThing", "iot:ListOTAUpdates", "iot:ListOutgoingCertificates", "iot:ListPackageVersions", "iot:ListPackages", "iot:ListPolicies", "iot:ListPolicyPrincipals", "iot:ListPolicyVersions", "iot:ListPrincipalPolicies", "iot:ListPrincipalThings", "iot:ListProvisioningTemplateVersions", "iot:ListProvisioningTemplates", "iot:ListRelatedResourcesForAuditFinding", "iot:ListRetainedMessages", "iot:ListRoleAliases", "iot:ListScheduledAudits", "iot:ListSecurityProfiles", "iot:ListSecurityProfilesForTarget", "iot:ListStreams", "iot:ListTagsForResource", "iot:ListTargetsForPolicy", "iot:ListTargetsForSecurityProfile", "iot:ListThingGroups", "iot:ListThingGroupsForThing", "iot:ListThingPrincipals", "iot:ListThingRegistrationTaskReports", "iot:ListThingRegistrationTasks", "iot:ListThingTypes", "iot:ListThings", "iot:ListThingsInBillingGroup", "iot:ListThingsInThingGroup", "iot:ListTopicRuleDestinations", "iot:ListTopicRules", "iot:ListTunnels", "iot:ListV2LoggingLevels", "iot:ListViolationEvents", "iot1click:DescribeDevice", "iot1click:DescribePlacement", "iot1click:DescribeProject", "iot1click:GetDeviceMethods", "iot1click:GetDevicesInPlacement", "iot1click:ListDeviceEvents", "iot1click:ListDevices", "iot1click:ListPlacements", "iot1click:ListProjects", "iot1click:ListTagsForResource", "iotanalytics:DescribeChannel", "iotanalytics:DescribeDataset", "iotanalytics:DescribeDatastore", "iotanalytics:DescribeLoggingOptions", "iotanalytics:DescribePipeline", "iotanalytics:GetDatasetContent", "iotanalytics:ListChannels", "iotanalytics:ListDatasetContents", "iotanalytics:ListDatasets", "iotanalytics:ListDatastores", "iotanalytics:ListPipelines", "iotanalytics:ListTagsForResource", "iotanalytics:SampleChannelData", "iotevents:DescribeAlarm", "iotevents:DescribeAlarmModel", "iotevents:DescribeDetector", "iotevents:DescribeDetectorModel", "iotevents:DescribeInput", "iotevents:DescribeLoggingOptions", "iotevents:ListAlarmModels", "iotevents:ListAlarmModelVersions", "iotevents:ListAlarms", "iotevents:ListDetectorModels", "iotevents:ListDetectorModelVersions", "iotevents:ListDetectors", "iotevents:ListInputs", "iotevents:ListTagsForResource", "iotfleethub:DescribeApplication", "iotfleethub:ListApplications", "iotfleetwise:GetCampaign", "iotfleetwise:GetDecoderManifest", "iotfleetwise:GetFleet", "iotfleetwise:GetLoggingOptions", "iotfleetwise:GetModelManifest", "iotfleetwise:GetRegisterAccountStatus", "iotfleetwise:GetSignalCatalog", "iotfleetwise:GetVehicle", "iotfleetwise:GetVehicleStatus", "iotfleetwise:ListCampaigns", "iotfleetwise:ListDecoderManifestNetworkInterfaces", "iotfleetwise:ListDecoderManifests", "iotfleetwise:ListDecoderManifestSignals", "iotfleetwise:ListFleets", "iotfleetwise:ListFleetsForVehicle", "iotfleetwise:ListModelManifestNodes", "iotfleetwise:ListModelManifests", "iotfleetwise:ListSignalCatalogNodes", "iotfleetwise:ListSignalCatalogs", "iotfleetwise:ListTagsForResource", "iotfleetwise:ListVehicles", "iotfleetwise:ListVehiclesInFleet", "iotroborunner:GetDestination", "iotroborunner:GetSite", "iotroborunner:GetWorker", "iotroborunner:GetWorkerFleet", "iotroborunner:ListDestinations", "iotroborunner:ListSites", "iotroborunner:ListWorkerFleets", "iotroborunner:ListWorkers", "iotsitewise:DescribeAccessPolicy", "iotsitewise:DescribeAction", "iotsitewise:DescribeAsset", "iotsitewise:DescribeAssetCompositeModel", "iotsitewise:DescribeAssetModel", "iotsitewise:DescribeAssetModelCompositeModel", "iotsitewise:DescribeAssetProperty", "iotsitewise:DescribeBulkImportJob", "iotsitewise:DescribeDashboard", "iotsitewise:DescribeDefaultEncryptionConfiguration", "iotsitewise:DescribeGateway", "iotsitewise:DescribeGatewayCapabilityConfiguration", "iotsitewise:DescribeLoggingOptions", "iotsitewise:DescribePortal", "iotsitewise:DescribeProject", "iotsitewise:DescribeStorageConfiguration", "iotsitewise:DescribeTimeSeries", "iotsitewise:GetAssetPropertyAggregates", "iotsitewise:GetAssetPropertyValue", "iotsitewise:GetAssetPropertyValueHistory", "iotsitewise:GetInterpolatedAssetPropertyValues", "iotsitewise:ListAccessPolicies", "iotsitewise:ListActions", "iotsitewise:ListAssetModelCompositeModels", "iotsitewise:ListAssetModelProperties", "iotsitewise:ListAssetModels", "iotsitewise:ListAssetProperties", "iotsitewise:ListAssetRelationships", "iotsitewise:ListAssets", "iotsitewise:ListAssociatedAssets", "iotsitewise:ListBulkImportJobs", "iotsitewise:ListCompositionRelationships", "iotsitewise:ListDashboards", "iotsitewise:ListGateways", "iotsitewise:ListPortals", "iotsitewise:ListProjectAssets", "iotsitewise:ListProjects", "iotsitewise:ListTagsForResource", "iotsitewise:ListTimeSeries", "iotwireless:GetDestination", "iotwireless:GetDeviceProfile", "iotwireless:GetEventConfigurationByResourceTypes", "iotwireless:GetFuotaTask", "iotwireless:GetLogLevelsByResourceTypes", "iotwireless:GetMetrics", "iotwireless:GetMetricConfiguration", "iotwireless:GetMulticastGroup", "iotwireless:GetMulticastGroupSession", "iotwireless:GetNetworkAnalyzerConfiguration", "iotwireless:GetPartnerAccount", "iotwireless:GetPosition", "iotwireless:GetPositionConfiguration", "iotwireless:GetPositionEstimate", "iotwireless:GetResourceEventConfiguration", "iotwireless:GetResourceLogLevel", "iotwireless:GetResourcePosition", "iotwireless:GetServiceEndpoint", "iotwireless:GetServiceProfile", "iotwireless:GetWirelessDevice", "iotwireless:GetWirelessDeviceImportTask", "iotwireless:GetWirelessDeviceStatistics", "iotwireless:GetWirelessGateway", "iotwireless:GetWirelessGatewayCertificate", "iotwireless:GetWirelessGatewayFirmwareInformation", "iotwireless:GetWirelessGatewayStatistics", "iotwireless:GetWirelessGatewayTask", "iotwireless:GetWirelessGatewayTaskDefinition", "iotwireless:ListDestinations", "iotwireless:ListDeviceProfiles", "iotwireless:ListDevicesForWirelessDeviceImportTask", "iotwireless:ListEventConfigurations", "iotwireless:ListFuotaTasks", "iotwireless:ListMulticastGroups", "iotwireless:ListMulticastGroupsByFuotaTask", "iotwireless:ListNetworkAnalyzerConfigurations", "iotwireless:ListPartnerAccounts", "iotwireless:ListPositionConfigurations", "iotwireless:ListQueuedMessages", "iotwireless:ListServiceProfiles", "iotwireless:ListTagsForResource", "iotwireless:ListWirelessDeviceImportTasks", "iotwireless:ListWirelessDevices", "iotwireless:ListWirelessGateways", "iotwireless:ListWirelessGatewayTaskDefinitions", "ivs:BatchGetChannel", "ivs:GetChannel", "ivs:GetComposition", "ivs:GetEncoderConfiguration", "ivs:GetStage", "ivs:GetStageSession", "ivs:GetParticipant", "ivs:GetPlaybackKeyPair", "ivs:GetPlaybackRestrictionPolicy", "ivs:GetRecordingConfiguration", "ivs:GetStreamSession", "ivs:ListChannels", "ivs:ListCompositions", "ivs:ListEncoderConfigurations", "ivs:ListParticipants", "ivs:ListParticipantEvents", "ivs:ListPlaybackKeyPairs", "ivs:ListPlaybackRestrictionPolicies", "ivs:ListRecordingConfigurations", "ivs:ListStages", "ivs:ListStageSessions", "ivs:ListStreams", "ivs:ListStreamKeys", "ivs:ListStreamSessions", "ivs:ListTagsForResource", "ivschat:GetLoggingConfiguration", "ivschat:GetRoom", "ivschat:ListLoggingConfigurations", "ivschat:ListRooms", "ivschat:ListTagsForResource", "kafka:DescribeCluster", "kafka:DescribeClusterOperation", "kafka:DescribeClusterOperationV2", "kafka:DescribeClusterV2", "kafka:DescribeConfiguration", "kafka:DescribeConfigurationRevision", "kafka:DescribeReplicator", "kafka:DescribeVpcConnection", "kafka:DescribeCluster", "kafka:DescribeClusterOperation", "kafka:DescribeClusterV2", "kafka:DescribeConfiguration", "kafka:DescribeConfigurationRevision", "kafka:GetBootstrapBrokers", "kafka:GetClusterPolicy", "kafka:GetCompatibleKafkaVersions", "kafka:GetBootstrapBrokers", "kafka:GetCompatibleKafkaVersions", "kafka:ListClientVpcConnections", "kafka:ListClusterOperations", "kafka:ListClusterOperationsV2", "kafka:ListClusters", "kafka:ListClustersV2", "kafka:ListConfigurationRevisions", "kafka:ListConfigurations", "kafka:ListKafkaVersions", "kafka:ListNodes", "kafka:ListReplicators", "kafka:ListScramSecrets", "kafka:ListTagsForResource", "kafka:ListVpcConnections", "kafka:ListClusterOperations", "kafka:ListClusters", "kafka:ListClustersV2", "kafka:ListConfigurationRevisions", "kafka:ListConfigurations", "kafka:ListKafkaVersions", "kafka:ListNodes", "kafka:ListTagsForResource", "kafkaconnect:DescribeConnector", "kafkaconnect:DescribeCustomPlugin", "kafkaconnect:DescribeWorkerConfiguration", "kafkaconnect:ListConnectors", "kafkaconnect:ListCustomPlugins", "kafkaconnect:ListWorkerConfigurations", "kendra:BatchGetDocumentStatus", "kendra:DescribeDataSource", "kendra:DescribeExperience", "kendra:DescribeFaq", "kendra:DescribeIndex", "kendra:DescribePrincipalMapping", "kendra:DescribeQuerySuggestionsBlockList", "kendra:DescribeQuerySuggestionsConfig", "kendra:DescribeThesaurus", "kendra:GetQuerySuggestions", "kendra:GetSnapshots", "kendra:ListDataSources", "kendra:ListDataSourceSyncJobs", "kendra:ListEntityPersonas", "kendra:ListExperienceEntities", "kendra:ListExperiences", "kendra:ListFaqs", "kendra:ListGroupsOlderThanOrderingId", "kendra:ListIndices", "kendra:ListQuerySuggestionsBlockLists", "kendra:ListTagsForResource", "kendra:ListThesauri", "kendra:Query", "kinesis:DescribeLimits", "kinesis:DescribeStream", "kinesis:DescribeStreamConsumer", "kinesis:DescribeStreamSummary", "kinesis:GetRecords", "kinesis:GetResourcePolicy", "kinesis:GetShardIterator", "kinesis:ListShards", "kinesis:ListStreamConsumers", "kinesis:ListStreams", "kinesis:ListTagsForStream", "kinesisanalytics:DescribeApplication", "kinesisanalytics:DescribeApplicationSnapshot", "kinesisanalytics:DescribeApplicationVersion", "kinesisanalytics:DiscoverInputSchema", "kinesisanalytics:GetApplicationState", "kinesisanalytics:ListApplications", "kinesisanalytics:ListTagsForResource", "kinesisanalytics:ListApplicationSnapshots", "kinesisanalytics:ListApplicationVersions", "kinesisvideo:DescribeEdgeConfiguration", "kinesisvideo:DescribeImageGenerationConfiguration", "kinesisvideo:DescribeMappedResourceConfiguration", "kinesisvideo:DescribeMediaStorageConfiguration", "kinesisvideo:DescribeNotificationConfiguration", "kinesisvideo:DescribeSignalingChannel", "kinesisvideo:DescribeStream", "kinesisvideo:GetClip", "kinesisvideo:GetDASHStreamingSessionURL", "kinesisvideo:GetDataEndpoint", "kinesisvideo:GetHLSStreamingSessionURL", "kinesisvideo:GetIceServerConfig", "kinesisvideo:GetImages", "kinesisvideo:GetMedia", "kinesisvideo:GetMediaForFragmentList", "kinesisvideo:GetSignalingChannelEndpoint", "kinesisvideo:ListEdgeAgentConfigurations", "kinesisvideo:ListFragments", "kinesisvideo:ListSignalingChannels", "kinesisvideo:ListStreams", "kinesisvideo:ListTagsForResource", "kinesisvideo:ListTagsForStream", "kms:DescribeCustomKeyStores", "kms:DescribeKey", "kms:GetKeyPolicy", "kms:GetKeyRotationStatus", "kms:GetParametersForImport", "kms:GetPublicKey", "kms:ListAliases", "kms:ListGrants", "kms:ListKeyPolicies", "kms:ListKeyRotations", "kms:ListKeys", "kms:ListResourceTags", "kms:ListRetirableGrants", "lakeformation:DescribeResource", "lakeformation:GetDataCellsFilter", "lakeformation:GetDataLakeSettings", "lakeformation:GetEffectivePermissionsForPath", "lakeformation:GetLFTag", "lakeformation:GetResourceLFTags", "lakeformation:ListDataCellsFilter", "lakeformation:ListLFTags", "lakeformation:ListPermissions", "lakeformation:ListResources", "lakeformation:ListTableStorageOptimizers", "lakeformation:SearchDatabasesByLFTags", "lakeformation:SearchTablesByLFTags", "lambda:GetAccountSettings", "lambda:GetAlias", "lambda:GetCodeSigningConfig", "lambda:GetEventSourceMapping", "lambda:GetFunction", "lambda:GetFunctionCodeSigningConfig", "lambda:GetFunctionConcurrency", "lambda:GetFunctionConfiguration", "lambda:GetFunctionEventInvokeConfig", "lambda:GetFunctionUrlConfig", "lambda:GetLayerVersion", "lambda:GetLayerVersionPolicy", "lambda:GetPolicy", "lambda:GetProvisionedConcurrencyConfig", "lambda:GetRuntimeManagementConfig", "lambda:ListAliases", "lambda:ListCodeSigningConfigs", "lambda:ListEventSourceMappings", "lambda:ListFunctionEventInvokeConfigs", "lambda:ListFunctionUrlConfigs", "lambda:ListFunctions", "lambda:ListFunctionsByCodeSigningConfig", "lambda:ListLayerVersions", "lambda:ListLayers", "lambda:ListProvisionedConcurrencyConfigs", "lambda:ListTags", "lambda:ListVersionsByFunction", "launchwizard:DescribeAdditionalNode", "launchwizard:DescribeProvisionedApp", "launchwizard:DescribeProvisioningEvents", "launchwizard:DescribeSettingsSet", "launchwizard:GetDeployment", "launchwizard:GetInfrastructureSuggestion", "launchwizard:GetIpAddress", "launchwizard:GetResourceCostEstimate", "launchwizard:GetResourceRecommendation", "launchwizard:GetSettingsSet", "launchwizard:GetWorkload", "launchwizard:GetWorkloadAsset", "launchwizard:GetWorkloadAssets", "launchwizard:ListAdditionalNodes", "launchwizard:ListAllowedResources", "launchwizard:ListDeploymentEvents", "launchwizard:ListDeployments", "launchwizard:ListProvisionedApps", "launchwizard:ListResourceCostEstimates", "launchwizard:ListSettingsSets", "launchwizard:ListWorkloadDeploymentOptions", "launchwizard:ListWorkloadDeploymentPatterns", "launchwizard:ListWorkloads", "lex:DescribeBot", "lex:DescribeBotAlias", "lex:DescribeBotChannel", "lex:DescribeBotLocale", "lex:DescribeBotVersion", "lex:DescribeExport", "lex:DescribeImport", "lex:DescribeIntent", "lex:DescribeResourcePolicy", "lex:DescribeSlot", "lex:DescribeSlotType", "lex:GetBot", "lex:GetBotAlias", "lex:GetBotAliases", "lex:GetBotChannelAssociation", "lex:GetBotChannelAssociations", "lex:GetBotVersions", "lex:GetBots", "lex:GetBuiltinIntent", "lex:GetBuiltinIntents", "lex:GetBuiltinSlotTypes", "lex:GetExport", "lex:GetImport", "lex:GetIntent", "lex:GetIntentVersions", "lex:GetIntents", "lex:GetMigration", "lex:GetMigrations", "lex:GetSession", "lex:GetSlotType", "lex:GetSlotTypeVersions", "lex:GetSlotTypes", "lex:GetUtterancesView", "lex:GetTestExecutionArtifactsUrl", "lex:ListBotAliases", "lex:ListBotChannels", "lex:ListBotLocales", "lex:ListBots", "lex:ListBotVersions", "lex:ListBuiltInIntents", "lex:ListBuiltInSlotTypes", "lex:ListExports", "lex:ListImports", "lex:ListIntents", "lex:ListSlots", "lex:ListSlotTypes", "lex:ListTagsForResource", "license-manager:GetAccessToken", "license-manager:GetGrant", "license-manager:GetLicense", "license-manager:GetLicenseConfiguration", "license-manager:GetLicenseConversionTask", "license-manager:GetLicenseManagerReportGenerator", "license-manager:GetLicenseUsage", "license-manager:GetServiceSettings", "license-manager:ListAssociationsForLicenseConfiguration", "license-manager:ListDistributedGrants", "license-manager:ListFailuresForLicenseConfigurationOperations", "license-manager:ListLicenseConfigurations", "license-manager:ListLicenseConversionTasks", "license-manager:ListLicenseManagerReportGenerators", "license-manager:ListLicenseSpecificationsForResource", "license-manager:ListLicenseVersions", "license-manager:ListLicenses", "license-manager:ListReceivedGrants", "license-manager:ListReceivedGrantsForOrganization", "license-manager:ListReceivedLicenses", "license-manager:ListReceivedLicensesForOrganization", "license-manager:ListResourceInventory", "license-manager:ListTagsForResource", "license-manager:ListTokens", "license-manager:ListUsageForLicenseConfiguration", "lightsail:GetActiveNames", "lightsail:GetAlarms", "lightsail:GetAutoSnapshots", "lightsail:GetBlueprints", "lightsail:GetBucketAccessKeys", "lightsail:GetBucketBundles", "lightsail:GetBucketMetricData", "lightsail:GetBuckets", "lightsail:GetBundles", "lightsail:GetCertificates", "lightsail:GetCloudFormationStackRecords", "lightsail:GetContainerAPIMetadata", "lightsail:GetContainerImages", "lightsail:GetContainerServiceDeployments", "lightsail:GetContainerServiceMetricData", "lightsail:GetContainerServicePowers", "lightsail:GetContainerServices", "lightsail:GetDisk", "lightsail:GetDisks", "lightsail:GetDiskSnapshot", "lightsail:GetDiskSnapshots", "lightsail:GetDistributionBundles", "lightsail:GetDistributionLatestCacheReset", "lightsail:GetDistributionMetricData", "lightsail:GetDistributions", "lightsail:GetDomain", "lightsail:GetDomains", "lightsail:GetExportSnapshotRecords", "lightsail:GetInstance", "lightsail:GetInstanceMetricData", "lightsail:GetInstancePortStates", "lightsail:GetInstances", "lightsail:GetInstanceSnapshot", "lightsail:GetInstanceSnapshots", "lightsail:GetInstanceState", "lightsail:GetKeyPair", "lightsail:GetKeyPairs", "lightsail:GetLoadBalancer", "lightsail:GetLoadBalancerMetricData", "lightsail:GetLoadBalancers", "lightsail:GetLoadBalancerTlsCertificates", "lightsail:GetOperation", "lightsail:GetOperations", "lightsail:GetOperationsForResource", "lightsail:GetRegions", "lightsail:GetRelationalDatabase", "lightsail:GetRelationalDatabaseBlueprints", "lightsail:GetRelationalDatabaseBundles", "lightsail:GetRelationalDatabaseEvents", "lightsail:GetRelationalDatabaseLogEvents", "lightsail:GetRelationalDatabaseLogStreams", "lightsail:GetRelationalDatabaseMetricData", "lightsail:GetRelationalDatabaseParameters", "lightsail:GetRelationalDatabases", "lightsail:GetRelationalDatabaseSnapshot", "lightsail:GetRelationalDatabaseSnapshots", "lightsail:GetStaticIp", "lightsail:GetStaticIps", "lightsail:IsVpcPeered", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:FilterLogEvents", "logs:GetDataProtectionPolicy", "logs:GetDelivery", "logs:GetDeliveryDestination", "logs:GetDeliveryDestinationPolicy", "logs:GetDeliverySource", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetLogRecord", "logs:GetQueryResults", "logs:ListAnomalies", "logs:ListLogAnomalyDetectors", "logs:ListLogDeliveries", "logs:ListTagsForResource", "logs:ListTagsLogGroup", "logs:StartLiveTail", "logs:StartQuery", "logs:StopLiveTail", "logs:StopQuery", "logs:TestMetricFilter", "lookoutequipment:DescribeDataIngestionJob", "lookoutequipment:DescribeDataset", "lookoutequipment:DescribeInferenceScheduler", "lookoutequipment:Describelabel", "lookoutequipment:DescribeLabelGroup", "lookoutequipment:DescribeModel", "lookoutequipment:DescribeModelVersion", "lookoutequipment:DescribeResourcePolicy", "lookoutequipment:DescribeRetrainingScheduler", "lookoutequipment:ListDataIngestionJobs", "lookoutequipment:ListDatasets", "lookoutequipment:ListInferenceEvents", "lookoutequipment:ListInferenceExecutions", "lookoutequipment:ListInferenceSchedulers", "lookoutequipment:ListLabelGroups", "lookoutequipment:ListLabels", "lookoutequipment:ListModels", "lookoutequipment:ListModelVersions", "lookoutequipment:ListRetrainingSchedulers", "lookoutequipment:ListSensorStatistics", "lookoutequipment:ListTagsForResource", "lookoutmetrics:DescribeAlert", "lookoutmetrics:DescribeAnomalyDetectionExecutions", "lookoutmetrics:DescribeAnomalyDetector", "lookoutmetrics:DescribeMetricSet", "lookoutmetrics:GetAnomalyGroup", "lookoutmetrics:GetDataQualityMetrics", "lookoutmetrics:GetFeedback", "lookoutmetrics:GetSampleData", "lookoutmetrics:ListAlerts", "lookoutmetrics:ListAnomalyDetectors", "lookoutmetrics:ListAnomalyGroupRelatedMetrics", "lookoutmetrics:ListAnomalyGroupSummaries", "lookoutmetrics:ListAnomalyGroupTimeSeries", "lookoutmetrics:ListMetricSets", "lookoutmetrics:ListTagsForResource", "lookoutvision:DescribeDataset", "lookoutvision:DescribeModel", "lookoutvision:DescribeModelPackagingJob", "lookoutvision:DescribeProject", "lookoutvision:ListDatasetEntries", "lookoutvision:ListModelPackagingJobs", "lookoutvision:ListModels", "lookoutvision:ListProjects", "lookoutvision:ListTagsForResource", "m2:GetApplication", "m2:GetApplicationVersion", "m2:GetBatchJobExecution", "m2:GetDataSetDetails", "m2:GetDataSetImportTask", "m2:GetDeployment", "m2:GetEnvironment", "m2:ListApplications", "m2:ListApplicationVersions", "m2:ListBatchJobDefinitions", "m2:ListBatchJobExecutions", "m2:ListDataSetImportHistory", "m2:ListDataSets", "m2:ListDeployments", "m2:ListEngineVersions", "m2:ListEnvironments", "m2:ListTagsForResource", "machinelearning:DescribeBatchPredictions", "machinelearning:DescribeDataSources", "machinelearning:DescribeEvaluations", "machinelearning:DescribeMLModels", "machinelearning:DescribeTags", "machinelearning:GetBatchPrediction", "machinelearning:GetDataSource", "machinelearning:GetEvaluation", "machinelearning:GetMLModel", "macie2:BatchGetCustomDataIdentifiers", "macie2:DescribeBuckets", "macie2:DescribeClassificationJob", "macie2:DescribeOrganizationConfiguration", "macie2:GetAdministratorAccount", "macie2:GetAllowList", "macie2:GetAutomatedDiscoveryConfiguration", "macie2:GetBucketStatistics", "macie2:GetClassificationExportConfiguration", "macie2:GetClassificationScope", "macie2:GetCustomDataIdentifier", "macie2:GetFindings", "macie2:GetFindingsFilter", "macie2:GetFindingsPublicationConfiguration", "macie2:GetFindingStatistics", "macie2:GetInvitationsCount", "macie2:GetMacieSession", "macie2:GetMember", "macie2:GetResourceProfile", "macie2:GetRevealConfiguration", "macie2:GetSensitiveDataOccurrencesAvailability", "macie2:GetSensitivityInspectionTemplate", "macie2:GetUsageStatistics", "macie2:GetUsageTotals", "macie2:ListAllowLists", "macie2:ListClassificationJobs", "macie2:ListClassificationScopes", "macie2:ListCustomDataIdentifiers", "macie2:ListFindings", "macie2:ListFindingsFilters", "macie2:ListInvitations", "macie2:ListMembers", "macie2:ListOrganizationAdminAccounts", "macie2:ListResourceProfileArtifacts", "macie2:ListResourceProfileDetections", "macie2:ListSensitivityInspectionTemplates", "macie2:ListTagsForResource", "macie2:SearchResources", "managedblockchain:GetMember", "managedblockchain:GetNetwork", "managedblockchain:GetNode", "managedblockchain:GetProposal", "managedblockchain:ListInvitations", "managedblockchain:ListMembers", "managedblockchain:ListNetworks", "managedblockchain:ListNodes", "managedblockchain:ListProposals", "managedblockchain:ListProposalVotes", "managedblockchain:ListTagsForResource", "mediaconnect:DescribeFlow", "mediaconnect:DescribeOffering", "mediaconnect:DescribeReservation", "mediaconnect:ListEntitlements", "mediaconnect:ListFlows", "mediaconnect:ListOfferings", "mediaconnect:ListReservations", "mediaconnect:ListTagsForResource", "mediaconvert:DescribeEndpoints", "mediaconvert:GetJob", "mediaconvert:GetJobTemplate", "mediaconvert:GetPolicy", "mediaconvert:GetPreset", "mediaconvert:GetQueue", "mediaconvert:ListJobTemplates", "mediaconvert:ListJobs", "mediaconvert:ListPresets", "mediaconvert:ListQueues", "mediaconvert:ListTagsForResource", "medialive:DescribeChannel", "medialive:DescribeInput", "medialive:DescribeInputDevice", "medialive:DescribeInputDeviceThumbnail", "medialive:DescribeInputSecurityGroup", "medialive:DescribeMultiplex", "medialive:DescribeMultiplexProgram", "medialive:DescribeOffering", "medialive:DescribeReservation", "medialive:DescribeSchedule", "medialive:GetCloudWatchAlarmTemplate", "medialive:GetCloudWatchAlarmTemplateGroup", "medialive:GetEventBridgeRuleTemplate", "medialive:GetEventBridgeRuleTemplateGroup", "medialive:GetSignalMap", "medialive:ListChannels", "medialive:ListCloudWatchAlarmTemplateGroups", "medialive:ListCloudWatchAlarmTemplates", "medialive:ListEventBridgeRuleTemplateGroups", "medialive:ListEventBridgeRuleTemplates", "medialive:ListInputDevices", "medialive:ListInputDeviceTransfers", "medialive:ListInputs", "medialive:ListInputSecurityGroups", "medialive:ListMultiplexes", "medialive:ListMultiplexPrograms", "medialive:ListOfferings", "medialive:ListReservations", "medialive:ListSignalMaps", "medialive:ListTagsForResource", "mediapackage-vod:DescribeAsset", "mediapackage-vod:DescribePackagingConfiguration", "mediapackage-vod:DescribePackagingGroup", "mediapackage-vod:ListAssets", "mediapackage-vod:ListPackagingConfigurations", "mediapackage-vod:ListPackagingGroups", "mediapackage-vod:ListTagsForResource", "mediapackage:DescribeChannel", "mediapackage:DescribeHarvestJob", "mediapackage:DescribeOriginEndpoint", "mediapackage:ListChannels", "mediapackage:ListHarvestJobs", "mediapackage:ListOriginEndpoints", "mediapackage:ListTagsForResource", "mediapackagev2:GetChannel", "mediapackagev2:GetChannelGroup", "mediapackagev2:GetChannelPolicy", "mediapackagev2:GetHeadObject", "mediapackagev2:GetObject", "mediapackagev2:GetOriginEndpoint", "mediapackagev2:GetOriginEndpointPolicy", "mediapackagev2:ListChannelGroups", "mediapackagev2:ListChannels", "mediapackagev2:ListOriginEndpoints", "mediapackagev2:ListTagsForResource", "mediastore:DescribeContainer", "mediastore:DescribeObject", "mediastore:GetContainerPolicy", "mediastore:GetCorsPolicy", "mediastore:GetLifecyclePolicy", "mediastore:GetMetricPolicy", "mediastore:GetObject", "mediastore:ListContainers", "mediastore:ListItems", "mediastore:ListTagsForResource", "memorydb:DescribeClusters", "memorydb:DescribeParameterGroups", "memorydb:DescribeParameters", "memorydb:ListTags", "mgh:DescribeApplicationState", "mgh:DescribeHomeRegionControls", "mgh:DescribeMigrationTask", "mgh:GetHomeRegion", "mgh:ListApplicationStates", "mgh:ListCreatedArtifacts", "mgh:ListDiscoveredResources", "mgh:ListMigrationTasks", "mgh:ListProgressUpdateStreams", "mgn:DescribeJobLogItems", "mgn:DescribeJobs", "mgn:DescribeLaunchConfigurationTemplates", "mgn:DescribeReplicationConfigurationTemplates", "mgn:DescribeSourceServers", "mgn:DescribeVcenterClients", "mgn:GetLaunchConfiguration", "mgn:GetReplicationConfiguration", "mgn:ListApplications", "mgn:ListSourceServerActions", "mgn:ListTemplateActions", "mgn:ListWaves", "mobileanalytics:GetFinancialReports", "mobileanalytics:GetReports", "mobiletargeting:GetAdmChannel", "mobiletargeting:GetApnsChannel", "mobiletargeting:GetApnsSandboxChannel", "mobiletargeting:GetApnsVoipChannel", "mobiletargeting:GetApnsVoipSandboxChannel", "mobiletargeting:GetApp", "mobiletargeting:GetApplicationDateRangeKpi", "mobiletargeting:GetApplicationSettings", "mobiletargeting:GetApps", "mobiletargeting:GetBaiduChannel", "mobiletargeting:GetCampaign", "mobiletargeting:GetCampaignActivities", "mobiletargeting:GetCampaignDateRangeKpi", "mobiletargeting:GetCampaignVersion", "mobiletargeting:GetCampaignVersions", "mobiletargeting:GetCampaigns", "mobiletargeting:GetChannels", "mobiletargeting:GetEmailChannel", "mobiletargeting:GetEmailTemplate", "mobiletargeting:GetEndpoint", "mobiletargeting:GetEventStream", "mobiletargeting:GetExportJob", "mobiletargeting:GetExportJobs", "mobiletargeting:GetGcmChannel", "mobiletargeting:GetImportJob", "mobiletargeting:GetImportJobs", "mobiletargeting:GetInAppMessages", "mobiletargeting:GetInAppTemplate", "mobiletargeting:GetJourney", "mobiletargeting:GetJourneyDateRangeKpi", "mobiletargeting:GetJourneyExecutionActivityMetrics", "mobiletargeting:GetJourneyExecutionMetrics", "mobiletargeting:GetJourneyRunExecutionActivityMetrics", "mobiletargeting:GetJourneyRunExecutionMetrics", "mobiletargeting:GetJourneyRuns", "mobiletargeting:GetPushTemplate", "mobiletargeting:GetRecommenderConfiguration", "mobiletargeting:GetRecommenderConfigurations", "mobiletargeting:GetReports", "mobiletargeting:GetSegment", "mobiletargeting:GetSegmentExportJobs", "mobiletargeting:GetSegmentImportJobs", "mobiletargeting:GetSegmentVersion", "mobiletargeting:GetSegmentVersions", "mobiletargeting:GetSegments", "mobiletargeting:GetSmsChannel", "mobiletargeting:GetSmsTemplate", "mobiletargeting:GetUserEndpoints", "mobiletargeting:GetVoiceChannel", "mobiletargeting:GetVoiceTemplate", "mobiletargeting:ListJourneys", "mobiletargeting:ListTagsForResource", "mobiletargeting:ListTemplateVersions", "mobiletargeting:ListTemplates", "monitron:GetProject", "monitron:GetProjectAdminUser", "monitron:ListProjects", "monitron:ListTagsForResource", "mq:DescribeBroker", "mq:DescribeBrokerEngineTypes", "mq:DescribeBrokerInstanceOptions", "mq:DescribeConfiguration", "mq:DescribeConfigurationRevision", "mq:DescribeUser", "mq:ListBrokers", "mq:ListConfigurationRevisions", "mq:ListConfigurations", "mq:ListTags", "mq:ListUsers", "network-firewall:DescribeFirewall", "network-firewall:DescribeFirewallPolicy", "network-firewall:DescribeLoggingConfiguration", "network-firewall:DescribeResourcePolicy", "network-firewall:DescribeRuleGroup", "network-firewall:DescribeRuleGroupMetadata", "network-firewall:DescribeTLSInspectionConfiguration", "network-firewall:ListFirewallPolicies", "network-firewall:ListFirewalls", "network-firewall:ListRuleGroups", "network-firewall:ListTagsForResource", "network-firewall:ListTLSInspectionConfigurations", "networkmanager:DescribeGlobalNetworks", "networkmanager:GetConnectAttachment", "networkmanager:GetConnections", "networkmanager:GetConnectPeer", "networkmanager:GetConnectPeerAssociations", "networkmanager:GetCoreNetwork", "networkmanager:GetCoreNetworkChangeEvents", "networkmanager:GetCoreNetworkChangeSet", "networkmanager:GetCoreNetworkPolicy", "networkmanager:GetCustomerGatewayAssociations", "networkmanager:GetDevices", "networkmanager:GetLinkAssociations", "networkmanager:GetLinks", "networkmanager:GetNetworkResourceCounts", "networkmanager:GetNetworkResourceRelationships", "networkmanager:GetNetworkResources", "networkmanager:GetNetworkRoutes", "networkmanager:GetNetworkTelemetry", "networkmanager:GetResourcePolicy", "networkmanager:GetRouteAnalysis", "networkmanager:GetSites", "networkmanager:GetSiteToSiteVpnAttachment", "networkmanager:GetTransitGatewayConnectPeerAssociations", "networkmanager:GetTransitGatewayPeering", "networkmanager:GetTransitGatewayRegistrations", "networkmanager:GetTransitGatewayRouteTableAttachment", "networkmanager:GetVpcAttachment", "networkmanager:ListAttachments", "networkmanager:ListConnectPeers", "networkmanager:ListCoreNetworkPolicyVersions", "networkmanager:ListCoreNetworks", "networkmanager:ListPeerings", "networkmanager:ListTagsForResource", "nimble:GetEula", "nimble:GetFeatureMap", "nimble:GetLaunchProfile", "nimble:GetLaunchProfileDetails", "nimble:GetLaunchProfileInitialization", "nimble:GetLaunchProfileMember", "nimble:GetStreamingImage", "nimble:GetStreamingSession", "nimble:GetStudio", "nimble:GetStudioComponent", "nimble:GetStudioMember", "nimble:ListEulaAcceptances", "nimble:ListEulas", "nimble:ListLaunchProfileMembers", "nimble:ListLaunchProfiles", "nimble:ListStreamingImages", "nimble:ListStreamingSessions", "nimble:ListStudioComponents", "nimble:ListStudioMembers", "nimble:ListStudios", "nimble:ListTagsForResource", "notifications-contacts:GetEmailContact", "notifications-contacts:ListEmailContacts", "notifications-contacts:ListTagsForResource", "notifications:GetEventRule", "notifications:GetNotificationConfiguration", "notifications:GetNotificationEvent", "notifications:ListChannels", "notifications:ListEventRules", "notifications:ListNotificationConfigurations", "notifications:ListNotificationEvents", "notifications:ListNotificationHubs", "notifications:ListTagsForResource", "oam:GetLink", "oam:GetSink", "oam:GetSinkPolicy", "oam:ListAttachedLinks", "oam:ListLinks", "oam:ListSinks", "omics:GetAnnotationImportJob", "omics:GetAnnotationStore", "omics:GetAnnotationStoreVersion", "omics:GetReadSet", "omics:GetReadSetActivationJob", "omics:GetReadSetExportJob", "omics:GetReadSetImportJob", "omics:GetReadSetMetadata", "omics:GetReference", "omics:GetReferenceImportJob", "omics:GetReferenceMetadata", "omics:GetReferenceStore", "omics:GetRun", "omics:GetRunGroup", "omics:GetRunTask", "omics:GetSequenceStore", "omics:GetShare", "omics:GetVariantImportJob", "omics:GetVariantStore", "omics:GetWorkflow", "omics:ListAnnotationImportJobs", "omics:ListAnnotationStoreVersions", "omics:ListAnnotationStores", "omics:ListMultipartReadSetUploads", "omics:ListReadSetActivationJobs", "omics:ListReadSetExportJobs", "omics:ListReadSetImportJobs", "omics:ListReadSetUploadParts", "omics:ListReadSets", "omics:ListReferenceImportJobs", "omics:ListReferenceStores", "omics:ListReferences", "omics:ListRunGroups", "omics:ListRunTasks", "omics:ListRuns", "omics:ListSequenceStores", "omics:ListShares", "omics:ListTagsForResource", "omics:ListVariantImportJobs", "omics:ListVariantStores", "omics:ListWorkflows", "one:GetDeviceConfigurationTemplate", "one:GetDeviceInstance", "one:GetDeviceInstanceConfiguration", "one:GetSite", "one:GetSiteAddress", "one:ListDeviceConfigurationTemplates", "one:ListDeviceInstances", "one:ListSites", "one:ListUsers", "opsworks-cm:DescribeAccountAttributes", "opsworks-cm:DescribeBackups", "opsworks-cm:DescribeEvents", "opsworks-cm:DescribeNodeAssociationStatus", "opsworks-cm:DescribeServers", "opsworks-cm:ListTagsForResource", "opsworks:DescribeAgentVersions", "opsworks:DescribeApps", "opsworks:DescribeCommands", "opsworks:DescribeDeployments", "opsworks:DescribeEcsClusters", "opsworks:DescribeElasticIps", "opsworks:DescribeElasticLoadBalancers", "opsworks:DescribeInstances", "opsworks:DescribeLayers", "opsworks:DescribeLoadBasedAutoScaling", "opsworks:DescribeMyUserProfile", "opsworks:DescribeOperatingSystems", "opsworks:DescribePermissions", "opsworks:DescribeRaidArrays", "opsworks:DescribeRdsDbInstances", "opsworks:DescribeServiceErrors", "opsworks:DescribeStackProvisioningParameters", "opsworks:DescribeStackSummary", "opsworks:DescribeStacks", "opsworks:DescribeTimeBasedAutoScaling", "opsworks:DescribeUserProfiles", "opsworks:DescribeVolumes", "opsworks:GetHostnameSuggestion", "organizations:DescribeAccount", "organizations:DescribeCreateAccountStatus", "organizations:DescribeEffectivePolicy", "organizations:DescribeHandshake", "organizations:DescribeOrganization", "organizations:DescribeOrganizationalUnit", "organizations:DescribePolicy", "organizations:DescribeResourcePolicy", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListAccounts", "organizations:ListAccountsForParent", "organizations:ListChildren", "organizations:ListCreateAccountStatus", "organizations:ListDelegatedAdministrators", "organizations:ListDelegatedServicesForAccount", "organizations:ListHandshakesForAccount", "organizations:ListHandshakesForOrganization", "organizations:ListOrganizationalUnitsForParent", "organizations:ListParents", "organizations:ListPolicies", "organizations:ListPoliciesForTarget", "organizations:ListRoots", "organizations:ListTagsForResource", "organizations:ListTargetsForPolicy", "osis:GetPipeline", "osis:GetPipelineBlueprint", "osis:GetPipelineChangeProgress", "osis:ListPipelineBlueprints", "osis:ListPipelines", "osis:ListTagsForResource", "outposts:GetCapacityTask", "outposts:GetCatalogItem", "outposts:GetConnection", "outposts:GetOrder", "outposts:GetOutpost", "outposts:GetOutpostInstanceTypes", "outposts:GetOutpostSupportedInstanceTypes", "outposts:GetPrivateConnectivityConfig", "outposts:GetSite", "outposts:GetSiteAddress", "outposts:ListAssets", "outposts:ListCapacityTasks", "outposts:ListCatalogItems", "outposts:ListOrders", "outposts:ListOutposts", "outposts:ListSites", "outposts:ListTagsForResource", "payment-cryptography:GetAlias", "payment-cryptography:GetKey", "payment-cryptography:GetPublicKeyCertificate", "payment-cryptography:ListAliases", "payment-cryptography:ListKeys", "payment-cryptography:ListTagsForResource", "payments:GetPaymentInstrument", "payments:GetPaymentStatus", "payments:ListPaymentPreferences", "pca-connector-ad:GetConnector", "pca-connector-ad:GetDirectoryRegistration", "pca-connector-ad:GetServicePrincipalName", "pca-connector-ad:GetTemplate", "pca-connector-ad:GetTemplateGroupAccessControlEntry", "pca-connector-ad:ListConnectors", "pca-connector-ad:ListDirectoryRegistrations", "pca-connector-ad:ListServicePrincipalNames", "pca-connector-ad:ListTagsForResource", "pca-connector-ad:ListTemplateGroupAccessControlEntries", "pca-connector-ad:ListTemplates", "personalize:DescribeAlgorithm", "personalize:DescribeBatchInferenceJob", "personalize:DescribeBatchSegmentJob", "personalize:DescribeCampaign", "personalize:DescribeDataInsightsJob", "personalize:DescribeDataset", "personalize:DescribeDatasetExportJob", "personalize:DescribeDatasetGroup", "personalize:DescribeDatasetImportJob", "personalize:DescribeEventTracker", "personalize:DescribeFeatureTransformation", "personalize:DescribeFilter", "personalize:DescribeMetricAttribution", "personalize:DescribeRecipe", "personalize:DescribeRecommender", "personalize:DescribeSchema", "personalize:DescribeSolution", "personalize:DescribeSolutionVersion", "personalize:GetActionRecommendations", "personalize:GetDataInsights", "personalize:GetPersonalizedRanking", "personalize:GetRecommendations", "personalize:GetSolutionMetrics", "personalize:ListBatchInferenceJobs", "personalize:ListBatchSegmentJobs", "personalize:ListCampaigns", "personalize:ListDataInsightsJobs", "personalize:ListDatasetExportJobs", "personalize:ListDatasetGroups", "personalize:ListDatasetImportJobs", "personalize:ListDatasets", "personalize:ListEventTrackers", "personalize:ListFilters", "personalize:ListMetricAttributionMetrics", "personalize:ListMetricAttributions", "personalize:ListRecipes", "personalize:ListRecommenders", "personalize:ListSchemas", "personalize:ListSolutionVersions", "personalize:ListSolutions", "personalize:ListTagsForResource", "pi:DescribeDimensionKeys", "pi:GetDimensionKeyDetails", "pi:GetResourceMetadata", "pi:GetResourceMetrics", "pi:ListAvailableResourceDimensions", "pi:ListAvailableResourceMetrics", "pipes:DescribePipe", "pipes:ListPipes", "pipes:ListTagsForResource", "polly:DescribeVoices", "polly:GetLexicon", "polly:GetSpeechSynthesisTask", "polly:ListLexicons", "polly:ListSpeechSynthesisTasks", "polly:SynthesizeSpeech", "pricing:DescribeServices", "pricing:GetAttributeValues", "pricing:GetPriceListFileUrl", "pricing:GetProducts", "pricing:ListPriceLists", "proton:GetDeployment", "proton:GetEnvironment", "proton:GetEnvironmentTemplate", "proton:GetEnvironmentTemplateVersion", "proton:GetService", "proton:GetServiceInstance", "proton:GetServiceTemplate", "proton:GetServiceTemplateVersion", "proton:ListDeployments", "proton:ListEnvironmentAccountConnections", "proton:ListEnvironments", "proton:ListEnvironmentTemplates", "proton:ListServiceInstances", "proton:ListServices", "proton:ListServiceTemplates", "proton:ListTagsForResource", "purchase-orders:GetPurchaseOrder", "purchase-orders:ListPurchaseOrderInvoices", "purchase-orders:ListPurchaseOrders", "purchase-orders:ViewPurchaseOrders", "qldb:DescribeJournalKinesisStream", "qldb:DescribeJournalS3Export", "qldb:DescribeLedger", "qldb:GetBlock", "qldb:GetDigest", "qldb:GetRevision", "qldb:ListJournalKinesisStreamsForLedger", "qldb:ListJournalS3Exports", "qldb:ListJournalS3ExportsForLedger", "qldb:ListLedgers", "qldb:ListTagsForResource", "ram:GetPermission", "ram:GetResourcePolicies", "ram:GetResourceShareAssociations", "ram:GetResourceShareInvitations", "ram:GetResourceShares", "ram:ListPendingInvitationResources", "ram:ListPermissionAssociations", "ram:ListPermissionVersions", "ram:ListPermissions", "ram:ListPrincipals", "ram:ListReplacePermissionAssociationsWork", "ram:ListResourceSharePermissions", "ram:ListResourceTypes", "ram:ListResources", "rbin:GetRule", "rbin:ListRules", "rbin:ListTagsForResource", "rds:DescribeAccountAttributes", "rds:DescribeBlueGreenDeployments", "rds:DescribeCertificates", "rds:DescribeDBClusterAutomatedBackups", "rds:DescribeDBClusterBacktracks", "rds:DescribeDBClusterEndpoints", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBProxies", "rds:DescribeDBProxyEndpoints", "rds:DescribeDBProxyTargetGroups", "rds:DescribeDBProxyTargets", "rds:DescribeDBRecommendations", "rds:DescribeDBSecurityGroups", "rds:DescribeDBShardGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeDbSnapshotTenantDatabases", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeExportTasks", "rds:DescribeGlobalClusters", "rds:DescribeIntegrations", "rds:DescribeOptionGroupOptions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeRecommendationGroups", "rds:DescribeRecommendations", "rds:DescribeReservedDBInstances", "rds:DescribeReservedDBInstancesOfferings", "rds:DescribeSourceRegions", "rds:DescribeTenantDatabases", "rds:DescribeValidDBInstanceModifications", "rds:DownloadCompleteDBLogFile", "rds:DownloadDBLogFilePortion", "rds:ListTagsForResource", "redshift:DescribeAccountAttributes", "redshift:DescribeAuthenticationProfiles", "redshift:DescribeClusterDbRevisions", "redshift:DescribeClusterParameterGroups", "redshift:DescribeClusterParameters", "redshift:DescribeClusterSecurityGroups", "redshift:DescribeClusterSnapshots", "redshift:DescribeClusterSubnetGroups", "redshift:DescribeClusterTracks", "redshift:DescribeClusterVersions", "redshift:DescribeClusters", "redshift:DescribeCustomDomainAssociations", "redshift:DescribeDataShares", "redshift:DescribeDataSharesForConsumer", "redshift:DescribeDataSharesForProducer", "redshift:DescribeDefaultClusterParameters", "redshift:DescribeEndpointAccess", "redshift:DescribeEndpointAuthorization", "redshift:DescribeEventCategories", "redshift:DescribeEventSubscriptions", "redshift:DescribeEvents", "redshift:DescribeHsmClientCertificates", "redshift:DescribeHsmConfigurations", "redshift:DescribeInboundIntegrations", "redshift:DescribeLoggingStatus", "redshift:DescribeNodeConfigurationOptions", "redshift:DescribeOrderableClusterOptions", "redshift:DescribePartners", "redshift:DescribeQev2IdcApplications", "redshift:DescribeQuery", "redshift:DescribeRedshiftIdcApplications", "redshift:DescribeReservedNodeExchangeStatus", "redshift:DescribeReservedNodeOfferings", "redshift:DescribeReservedNodes", "redshift:DescribeResize", "redshift:DescribeSavedQueries", "redshift:DescribeScheduledActions", "redshift:DescribeSnapshotCopyGrants", "redshift:DescribeSnapshotSchedules", "redshift:DescribeStorage", "redshift:DescribeTable", "redshift:DescribeTableRestoreStatus", "redshift:DescribeTags", "redshift:DescribeUsageLimits", "redshift:GetReservedNodeExchangeOfferings", "redshift:ViewQueriesFromConsole", "redshift:ViewQueriesInConsole", "refactor-spaces:GetApplication", "refactor-spaces:GetEnvironment", "refactor-spaces:GetResourcePolicy", "refactor-spaces:GetRoute", "refactor-spaces:GetService", "refactor-spaces:ListApplications", "refactor-spaces:ListEnvironments", "refactor-spaces:ListEnvironmentVpcs", "refactor-spaces:ListRoutes", "refactor-spaces:ListServices", "refactor-spaces:ListTagsForResource", "rekognition:CompareFaces", "rekognition:DescribeDataset", "rekognition:DescribeProjects", "rekognition:DescribeProjectVersions", "rekognition:DescribeStreamProcessor", "rekognition:DetectCustomLabels", "rekognition:DetectFaces", "rekognition:DetectLabels", "rekognition:DetectModerationLabels", "rekognition:DetectProtectiveEquipment", "rekognition:DetectText", "rekognition:GetCelebrityInfo", "rekognition:GetCelebrityRecognition", "rekognition:GetContentModeration", "rekognition:GetFaceDetection", "rekognition:GetFaceSearch", "rekognition:GetLabelDetection", "rekognition:GetPersonTracking", "rekognition:GetSegmentDetection", "rekognition:GetTextDetection", "rekognition:ListCollections", "rekognition:ListDatasetEntries", "rekognition:ListDatasetLabels", "rekognition:ListFaces", "rekognition:ListMediaAnalysisJobs", "rekognition:ListProjectPolicies", "rekognition:ListStreamProcessors", "rekognition:ListTagsForResource", "rekognition:ListUsers", "rekognition:RecognizeCelebrities", "rekognition:SearchFaces", "rekognition:SearchFacesByImage", "rekognition:SearchUsers", "rekognition:SearchUsersByImage", "resiliencehub:DescribeApp", "resiliencehub:DescribeAppAssessment", "resiliencehub:DescribeAppVersion", "resiliencehub:DescribeAppVersionAppComponent", "resiliencehub:DescribeAppVersionResource", "resiliencehub:DescribeAppVersionResourcesResolutionStatus", "resiliencehub:DescribeAppVersionTemplate", "resiliencehub:DescribeDraftAppVersionResourcesImportStatus", "resiliencehub:DescribeResiliencyPolicy", "resiliencehub:ListAlarmRecommendations", "resiliencehub:ListAppAssessmentComplianceDrifts", "resiliencehub:ListAppAssessments", "resiliencehub:ListAppComponentCompliances", "resiliencehub:ListAppComponentRecommendations", "resiliencehub:ListAppInputSources", "resiliencehub:ListApps", "resiliencehub:ListAppVersionAppComponents", "resiliencehub:ListAppVersionResourceMappings", "resiliencehub:ListAppVersionResources", "resiliencehub:ListAppVersions", "resiliencehub:ListRecommendationTemplates", "resiliencehub:ListResiliencyPolicies", "resiliencehub:ListSopRecommendations", "resiliencehub:ListSuggestedResiliencyPolicies", "resiliencehub:ListTagsForResource", "resiliencehub:ListTestRecommendations", "resiliencehub:ListUnsupportedAppVersionResources", "resource-explorer-2:BatchGetView", "resource-explorer-2:GetDefaultView", "resource-explorer-2:GetIndex", "resource-explorer-2:GetView", "resource-explorer-2:ListIndexes", "resource-explorer-2:ListSupportedResourceTypes", "resource-explorer-2:ListTagsForResource", "resource-explorer-2:ListViews", "resource-explorer-2:Search", "resource-groups:GetAccountSettings", "resource-groups:GetGroup", "resource-groups:GetGroupConfiguration", "resource-groups:GetGroupPolicy", "resource-groups:GetGroupQuery", "resource-groups:GetTags", "resource-groups:ListGroupResources", "resource-groups:ListGroups", "resource-groups:ListResourceTypes", "resource-groups:SearchResources", "robomaker:BatchDescribeSimulationJob", "robomaker:DescribeDeploymentJob", "robomaker:DescribeFleet", "robomaker:DescribeRobot", "robomaker:DescribeRobotApplication", "robomaker:DescribeSimulationApplication", "robomaker:DescribeSimulationJob", "robomaker:DescribeSimulationJobBatch", "robomaker:DescribeWorld", "robomaker:DescribeWorldExportJob", "robomaker:DescribeWorldGenerationJob", "robomaker:DescribeWorldTemplate", "robomaker:GetWorldTemplateBody", "robomaker:ListDeploymentJobs", "robomaker:ListFleets", "robomaker:ListRobotApplications", "robomaker:ListRobots", "robomaker:ListSimulationApplications", "robomaker:ListSimulationJobBatches", "robomaker:ListSimulationJobs", "robomaker:ListSupportedAvailabilityZones", "robomaker:ListTagsForResource", "robomaker:ListWorldExportJobs", "robomaker:ListWorldGenerationJobs", "robomaker:ListWorldTemplates", "robomaker:ListWorlds", "route53-recovery-cluster:GetRoutingControlState", "route53-recovery-cluster:ListRoutingControls", "route53-recovery-control-config:DescribeCluster", "route53-recovery-control-config:DescribeControlPanel", "route53-recovery-control-config:DescribeRoutingControl", "route53-recovery-control-config:DescribeRoutingControlByName", "route53-recovery-control-config:DescribeSafetyRule", "route53-recovery-control-config:GetResourcePolicy", "route53-recovery-control-config:ListAssociatedRoute53HealthChecks", "route53-recovery-control-config:ListClusters", "route53-recovery-control-config:ListControlPanels", "route53-recovery-control-config:ListRoutingControls", "route53-recovery-control-config:ListSafetyRules", "route53-recovery-control-config:ListTagsForResource", "route53-recovery-readiness:GetArchitectureRecommendations", "route53-recovery-readiness:GetCell", "route53-recovery-readiness:GetCellReadinessSummary", "route53-recovery-readiness:GetReadinessCheck", "route53-recovery-readiness:GetReadinessCheckResourceStatus", "route53-recovery-readiness:GetReadinessCheckStatus", "route53-recovery-readiness:GetRecoveryGroup", "route53-recovery-readiness:GetRecoveryGroupReadinessSummary", "route53-recovery-readiness:GetResourceSet", "route53-recovery-readiness:ListCells", "route53-recovery-readiness:ListCrossAccountAuthorizations", "route53-recovery-readiness:ListReadinessChecks", "route53-recovery-readiness:ListRecoveryGroups", "route53-recovery-readiness:ListResourceSets", "route53-recovery-readiness:ListRules", "route53-recovery-readiness:ListTagsForResources", "route53:GetAccountLimit", "route53:GetChange", "route53:GetCheckerIpRanges", "route53:GetDNSSEC", "route53:GetGeoLocation", "route53:GetHealthCheck", "route53:GetHealthCheckCount", "route53:GetHealthCheckLastFailureReason", "route53:GetHealthCheckStatus", "route53:GetHostedZone", "route53:GetHostedZoneCount", "route53:GetHostedZoneLimit", "route53:GetQueryLoggingConfig", "route53:GetReusableDelegationSet", "route53:GetReusableDelegationSetLimit", "route53:GetTrafficPolicy", "route53:GetTrafficPolicyInstance", "route53:GetTrafficPolicyInstanceCount", "route53:ListCidrBlocks", "route53:ListCidrCollections", "route53:ListCidrLocations", "route53:ListGeoLocations", "route53:ListHealthChecks", "route53:ListHostedZones", "route53:ListHostedZonesByName", "route53:ListHostedZonesByVPC", "route53:ListQueryLoggingConfigs", "route53:ListResourceRecordSets", "route53:ListReusableDelegationSets", "route53:ListTagsForResource", "route53:ListTagsForResources", "route53:ListTrafficPolicies", "route53:ListTrafficPolicyInstances", "route53:ListTrafficPolicyInstancesByHostedZone", "route53:ListTrafficPolicyInstancesByPolicy", "route53:ListTrafficPolicyVersions", "route53:ListVPCAssociationAuthorizations", "route53:TestDNSAnswer", "route53domains:CheckDomainAvailability", "route53domains:CheckDomainTransferability", "route53domains:GetContactReachabilityStatus", "route53domains:GetDomainDetail", "route53domains:GetDomainSuggestions", "route53domains:GetOperationDetail", "route53domains:ListDomains", "route53domains:ListOperations", "route53domains:ListPrices", "route53domains:ListTagsForDomain", "route53domains:ViewBilling", "route53resolver:GetFirewallConfig", "route53resolver:GetFirewallDomainList", "route53resolver:GetFirewallRuleGroup", "route53resolver:GetFirewallRuleGroupAssociation", "route53resolver:GetFirewallRuleGroupPolicy", "route53resolver:GetOutpostResolver", "route53resolver:GetResolverConfig", "route53resolver:GetResolverDnssecConfig", "route53resolver:GetResolverEndpoint", "route53resolver:GetResolverQueryLogConfig", "route53resolver:GetResolverQueryLogConfigAssociation", "route53resolver:GetResolverQueryLogConfigPolicy", "route53resolver:GetResolverRule", "route53resolver:GetResolverRuleAssociation", "route53resolver:GetResolverRulePolicy", "route53resolver:ListFirewallConfigs", "route53resolver:ListFirewallDomainLists", "route53resolver:ListFirewallDomains", "route53resolver:ListFirewallRuleGroupAssociations", "route53resolver:ListFirewallRuleGroups", "route53resolver:ListFirewallRules", "route53resolver:ListOutpostResolvers", "route53resolver:ListResolverConfigs", "route53resolver:ListResolverDnssecConfigs", "route53resolver:ListResolverEndpointIpAddresses", "route53resolver:ListResolverEndpoints", "route53resolver:ListResolverQueryLogConfigAssociations", "route53resolver:ListResolverQueryLogConfigs", "route53resolver:ListResolverRuleAssociations", "route53resolver:ListResolverRules", "route53resolver:ListTagsForResource", "rum:GetAppMonitor", "rum:GetAppMonitorData", "rum:ListAppMonitors", "s3-object-lambda:GetObject", "s3-object-lambda:GetObjectAcl", "s3-object-lambda:GetObjectLegalHold", "s3-object-lambda:GetObjectRetention", "s3-object-lambda:GetObjectTagging", "s3-object-lambda:GetObjectVersion", "s3-object-lambda:GetObjectVersionAcl", "s3-object-lambda:GetObjectVersionTagging", "s3-object-lambda:ListBucket", "s3-object-lambda:ListBucketMultipartUploads", "s3-object-lambda:ListBucketVersions", "s3-object-lambda:ListMultipartUploadParts", "s3:DescribeJob", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "sagemaker-groundtruth-synthetic:GetAccountDetails", "sagemaker-groundtruth-synthetic:GetBatch", "sagemaker-groundtruth-synthetic:GetProject", "sagemaker-groundtruth-synthetic:ListBatchDataTransfers", "sagemaker-groundtruth-synthetic:ListBatchSummaries", "sagemaker-groundtruth-synthetic:ListProjectDataTransfers", "sagemaker-groundtruth-synthetic:ListProjectSummaries", "sagemaker:DescribeAction", "sagemaker:DescribeAlgorithm", "sagemaker:DescribeApp", "sagemaker:DescribeAppImageConfig", "sagemaker:DescribeArtifact", "sagemaker:DescribeAutoMLJob", "sagemaker:DescribeAutoMLJobV2", "sagemaker:DescribeCluster", "sagemaker:DescribeClusterNode", "sagemaker:DescribeCodeRepository", "sagemaker:DescribeCompilationJob", "sagemaker:DescribeContext", "sagemaker:DescribeDataQualityJobDefinition", "sagemaker:DescribeDevice", "sagemaker:DescribeDeviceFleet", "sagemaker:DescribeDomain", "sagemaker:DescribeEdgeDeploymentPlan", "sagemaker:DescribeEdgePackagingJob", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeExperiment", "sagemaker:DescribeFeatureGroup", "sagemaker:DescribeFeatureMetadata", "sagemaker:DescribeFlowDefinition", "sagemaker:DescribeHub", "sagemaker:DescribeHubContent", "sagemaker:DescribeHumanLoop", "sagemaker:DescribeHumanTaskUi", "sagemaker:DescribeHyperParameterTuningJob", "sagemaker:DescribeImage", "sagemaker:DescribeImageVersion", "sagemaker:DescribeInferenceComponent", "sagemaker:DescribeInferenceExperiment", "sagemaker:DescribeInferenceRecommendationsJob", "sagemaker:DescribeLabelingJob", "sagemaker:DescribeLineageGroup", "sagemaker:DescribeModel", "sagemaker:DescribeModelBiasJobDefinition", "sagemaker:DescribeModelCard", "sagemaker:DescribeModelCardExportJob", "sagemaker:DescribeModelExplainabilityJobDefinition", "sagemaker:DescribeModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:DescribeModelQualityJobDefinition", "sagemaker:DescribeMonitoringSchedule", "sagemaker:DescribeNotebookInstance", "sagemaker:DescribeNotebookInstanceLifecycleConfig", "sagemaker:DescribePipeline", "sagemaker:DescribePipelineDefinitionForExecution", "sagemaker:DescribePipelineExecution", "sagemaker:DescribeProcessingJob", "sagemaker:DescribeProject", "sagemaker:DescribeSharedModel", "sagemaker:DescribeSpace", "sagemaker:DescribeStudioLifecycleConfig", "sagemaker:DescribeSubscribedWorkteam", "sagemaker:DescribeTrainingJob", "sagemaker:DescribeTransformJob", "sagemaker:DescribeTrial", "sagemaker:DescribeTrialComponent", "sagemaker:DescribeUserProfile", "sagemaker:DescribeWorkforce", "sagemaker:DescribeWorkteam", "sagemaker:GetSearchSuggestions", "sagemaker:ListActions", "sagemaker:ListAlgorithms", "sagemaker:ListAliases", "sagemaker:ListAppImageConfigs", "sagemaker:ListApps", "sagemaker:ListArtifacts", "sagemaker:ListAssociations", "sagemaker:ListAutoMLJobs", "sagemaker:ListCandidatesForAutoMLJob", "sagemaker:ListClusterNodes", "sagemaker:ListClusters", "sagemaker:ListCodeRepositories", "sagemaker:ListCompilationJobs", "sagemaker:ListContexts", "sagemaker:ListDataQualityJobDefinitions", "sagemaker:ListDeviceFleets", "sagemaker:ListDevices", "sagemaker:ListDomains", "sagemaker:ListEdgeDeploymentPlans", "sagemaker:ListEdgePackagingJobs", "sagemaker:ListEndpointConfigs", "sagemaker:ListEndpoints", "sagemaker:ListExperiments", "sagemaker:ListFeatureGroups", "sagemaker:ListFlowDefinitions", "sagemaker:ListHubContentVersions", "sagemaker:ListHubContents", "sagemaker:ListHubs", "sagemaker:ListHumanLoops", "sagemaker:ListHumanTaskUis", "sagemaker:ListHyperParameterTuningJobs", "sagemaker:ListImageVersions", "sagemaker:ListImages", "sagemaker:ListInferenceComponents", "sagemaker:ListInferenceExperiments", "sagemaker:ListInferenceRecommendationsJobSteps", "sagemaker:ListInferenceRecommendationsJobs", "sagemaker:ListLabelingJobs", "sagemaker:ListLabelingJobsForWorkteam", "sagemaker:ListLineageGroups", "sagemaker:ListModelBiasJobDefinitions", "sagemaker:ListModelCardExportJobs", "sagemaker:ListModelCardVersions", "sagemaker:ListModelCards", "sagemaker:ListModelExplainabilityJobDefinitions", "sagemaker:ListModelMetadata", "sagemaker:ListModelPackageGroups", "sagemaker:ListModelPackages", "sagemaker:ListModelQualityJobDefinitions", "sagemaker:ListModels", "sagemaker:ListMonitoringAlertHistory", "sagemaker:ListMonitoringAlerts", "sagemaker:ListMonitoringExecutions", "sagemaker:ListMonitoringSchedules", "sagemaker:ListNotebookInstanceLifecycleConfigs", "sagemaker:ListNotebookInstances", "sagemaker:ListPipelineExecutionSteps", "sagemaker:ListPipelineExecutions", "sagemaker:ListPipelineParametersForExecution", "sagemaker:ListPipelines", "sagemaker:ListProcessingJobs", "sagemaker:ListProjects", "sagemaker:ListResourceCatalogs", "sagemaker:ListSharedModelEvents", "sagemaker:ListSharedModelVersions", "sagemaker:ListSharedModels", "sagemaker:ListSpaces", "sagemaker:ListStageDevices", "sagemaker:ListStudioLifecycleConfigs", "sagemaker:ListSubscribedWorkteams", "sagemaker:ListTags", "sagemaker:ListTrainingJobs", "sagemaker:ListTrainingJobsForHyperParameterTuningJob", "sagemaker:ListTransformJobs", "sagemaker:ListTrialComponents", "sagemaker:ListTrials", "sagemaker:ListUserProfiles", "sagemaker:ListWorkforces", "sagemaker:ListWorkteams", "sagemaker:Search", "savingsplans:DescribeSavingsPlanRates", "savingsplans:DescribeSavingsPlans", "savingsplans:DescribeSavingsPlansOfferingRates", "savingsplans:DescribeSavingsPlansOfferings", "savingsplans:ListTagsForResource", "scheduler:GetSchedule", "scheduler:GetScheduleGroup", "scheduler:ListScheduleGroups", "scheduler:ListSchedules", "scheduler:ListTagsForResource", "schemas:DescribeCodeBinding", "schemas:DescribeDiscoverer", "schemas:DescribeRegistry", "schemas:DescribeSchema", "schemas:GetCodeBindingSource", "schemas:GetDiscoveredSchema", "schemas:GetResourcePolicy", "schemas:ListDiscoverers", "schemas:ListRegistries", "schemas:ListSchemaVersions", "schemas:ListSchemas", "schemas:ListTagsForResource", "schemas:SearchSchemas", "sdb:GetAttributes", "sdb:ListDomains", "sdb:Select", "secretsmanager:DescribeSecret", "secretsmanager:GetResourcePolicy", "secretsmanager:ListSecretVersionIds", "secretsmanager:ListSecrets", "securityhub:BatchGetControlEvaluations", "securityhub:BatchGetSecurityControls", "securityhub:BatchGetStandardsControlAssociations", "securityhub:DescribeActionTargets", "securityhub:DescribeHub", "securityhub:DescribeOrganizationConfiguration", "securityhub:DescribeProducts", "securityhub:DescribeStandards", "securityhub:DescribeStandardsControls", "securityhub:GetAdhocInsightResults", "securityhub:GetAdministratorAccount", "securityhub:GetConfigurationPolicy", "securityhub:GetConfigurationPolicyAssociation", "securityhub:GetControlFindingSummary", "securityhub:GetEnabledStandards", "securityhub:GetFindingAggregator", "securityhub:GetFindingHistory", "securityhub:GetFindings", "securityhub:GetFreeTrialEndDate", "securityhub:GetFreeTrialUsage", "securityhub:GetInsightFindingTrend", "securityhub:GetInsightResults", "securityhub:GetInsights", "securityhub:GetInvitationsCount", "securityhub:GetMasterAccount", "securityhub:GetMembers", "securityhub:GetSecurityControlDefinition", "securityhub:GetUsage", "securityhub:ListAutomationRules", "securityhub:ListConfigurationPolicies", "securityhub:ListConfigurationPolicyAssociations", "securityhub:ListControlEvaluationSummaries", "securityhub:ListEnabledProductsForImport", "securityhub:ListFindingAggregators", "securityhub:ListInvitations", "securityhub:ListMembers", "securityhub:ListOrganizationAdminAccounts", "securityhub:ListSecurityControlDefinitions", "securityhub:ListStandardsControlAssociations", "securityhub:ListTagsForResource", "securitylake:GetDataLakeExceptionSubscription", "securitylake:GetDataLakeOrganizationConfiguration", "securitylake:GetDataLakeSources", "securitylake:GetSubscriber", "securitylake:ListDataLakeExceptions", "securitylake:ListDataLakes", "securitylake:ListLogSources", "securitylake:ListSubscribers", "securitylake:ListTagsForResource", "serverlessrepo:GetApplication", "serverlessrepo:GetApplicationPolicy", "serverlessrepo:GetCloudFormationTemplate", "serverlessrepo:ListApplicationDependencies", "serverlessrepo:ListApplicationVersions", "serverlessrepo:ListApplications", "serverlessrepo:SearchApplications", "servicecatalog:DescribeConstraint", "servicecatalog:DescribeCopyProductStatus", "servicecatalog:DescribePortfolio", "servicecatalog:DescribePortfolioShareStatus", "servicecatalog:DescribePortfolioShares", "servicecatalog:DescribeProduct", "servicecatalog:DescribeProductAsAdmin", "servicecatalog:DescribeProductView", "servicecatalog:DescribeProvisionedProduct", "servicecatalog:DescribeProvisionedProductPlan", "servicecatalog:DescribeProvisioningArtifact", "servicecatalog:DescribeProvisioningParameters", "servicecatalog:DescribeRecord", "servicecatalog:DescribeServiceAction", "servicecatalog:DescribeServiceActionExecutionParameters", "servicecatalog:DescribeTagOption", "servicecatalog:GetApplication", "servicecatalog:GetAttributeGroup", "servicecatalog:ListAcceptedPortfolioShares", "servicecatalog:ListApplications", "servicecatalog:ListAssociatedAttributeGroups", "servicecatalog:ListAssociatedResources", "servicecatalog:ListAttributeGroups", "servicecatalog:ListAttributeGroupsForApplication", "servicecatalog:ListBudgetsForResource", "servicecatalog:ListConstraintsForPortfolio", "servicecatalog:ListLaunchPaths", "servicecatalog:ListOrganizationPortfolioAccess", "servicecatalog:ListPortfolioAccess", "servicecatalog:ListPortfolios", "servicecatalog:ListPortfoliosForProduct", "servicecatalog:ListPrincipalsForPortfolio", "servicecatalog:ListProvisionedProductPlans", "servicecatalog:ListProvisioningArtifacts", "servicecatalog:ListProvisioningArtifactsForServiceAction", "servicecatalog:ListRecordHistory", "servicecatalog:ListResourcesForTagOption", "servicecatalog:ListServiceActions", "servicecatalog:ListServiceActionsForProvisioningArtifact", "servicecatalog:ListStackInstancesForProvisionedProduct", "servicecatalog:ListTagOptions", "servicecatalog:ListTagsForResource", "servicecatalog:ScanProvisionedProducts", "servicecatalog:SearchProducts", "servicecatalog:SearchProductsAsAdmin", "servicecatalog:SearchProvisionedProducts", "servicediscovery:DiscoverInstances", "servicediscovery:DiscoverInstancesRevision", "servicediscovery:GetInstance", "servicediscovery:GetInstancesHealthStatus", "servicediscovery:GetNamespace", "servicediscovery:GetOperation", "servicediscovery:GetService", "servicediscovery:ListInstances", "servicediscovery:ListNamespaces", "servicediscovery:ListOperations", "servicediscovery:ListServices", "servicediscovery:ListTagsForResource", "servicequotas:GetAssociationForServiceQuotaTemplate", "servicequotas:GetAWSDefaultServiceQuota", "servicequotas:GetRequestedServiceQuotaChange", "servicequotas:GetServiceQuota", "servicequotas:GetServiceQuotaIncreaseRequestFromTemplate", "servicequotas:ListAWSDefaultServiceQuotas", "servicequotas:ListRequestedServiceQuotaChangeHistory", "servicequotas:ListRequestedServiceQuotaChangeHistoryByQuota", "servicequotas:ListServiceQuotaIncreaseRequestsInTemplate", "servicequotas:ListServiceQuotas", "servicequotas:ListServices", "ses:BatchGetMetricData", "ses:DescribeActiveReceiptRuleSet", "ses:DescribeConfigurationSet", "ses:DescribeReceiptRule", "ses:DescribeReceiptRuleSet", "ses:GetAccount", "ses:GetBlacklistReports", "ses:GetConfigurationSet", "ses:GetConfigurationSetEventDestinations", "ses:GetDedicatedIp", "ses:GetDedicatedIps", "ses:GetDeliverabilityDashboardOptions", "ses:GetDeliverabilityTestReport", "ses:GetDomainDeliverabilityCampaign", "ses:GetDomainStatisticsReport", "ses:GetEmailIdentity", "ses:GetAccountSendingEnabled", "ses:GetCustomVerificationEmailTemplate", "ses:GetIdentityDkimAttributes", "ses:GetIdentityMailFromDomainAttributes", "ses:GetIdentityNotificationAttributes", "ses:GetIdentityPolicies", "ses:GetIdentityVerificationAttributes", "ses:GetSendQuota", "ses:GetSendStatistics", "ses:GetTemplate", "ses:GetContact", "ses:GetContactList", "ses:GetDedicatedIpPool", "ses:GetEmailIdentityPolicies", "ses:GetEmailTemplate", "ses:GetExportJob", "ses:GetImportJob", "ses:GetMessageInsights", "ses:GetSuppressedDestination", "ses:ListConfigurationSets", "ses:ListDedicatedIpPools", "ses:ListDeliverabilityTestReports", "ses:ListDomainDeliverabilityCampaigns", "ses:ListEmailIdentities", "ses:ListTagsForResource", "ses:ListCustomVerificationEmailTemplates", "ses:ListIdentities", "ses:ListIdentityPolicies", "ses:ListReceiptFilters", "ses:ListReceiptRuleSets", "ses:ListTemplates", "ses:ListVerifiedEmailAddresses", "ses:ListContactLists", "ses:ListContacts", "ses:ListEmailTemplates", "ses:ListExportJobs", "ses:ListImportJobs", "ses:ListRecommendations", "ses:ListSuppressedDestinations", "shield:DescribeAttack", "shield:DescribeAttackStatistics", "shield:DescribeDRTAccess", "shield:DescribeEmergencyContactSettings", "shield:DescribeProtection", "shield:DescribeProtectionGroup", "shield:DescribeSubscription", "shield:GetSubscriptionState", "shield:ListAttacks", "shield:ListProtectionGroups", "shield:ListProtections", "shield:ListResourcesInProtectionGroup", "shield:ListTagsForResource", "signer:DescribeSigningJob", "signer:GetSigningPlatform", "signer:GetSigningProfile", "signer:ListProfilePermissions", "signer:ListSigningJobs", "signer:ListSigningPlatforms", "signer:ListSigningProfiles", "signer:ListTagsForResource", "sms-voice:DescribeAccountAttributes", "sms-voice:DescribeAccountLimits", "sms-voice:DescribeConfigurationSets", "sms-voice:DescribeKeywords", "sms-voice:DescribeOptedOutNumbers", "sms-voice:DescribeOptOutLists", "sms-voice:DescribePhoneNumbers", "sms-voice:DescribePools", "sms-voice:DescribeSenderIds", "sms-voice:DescribeSpendLimits", "sms-voice:ListPoolOriginationIdentities", "sms-voice:ListTagsForResource", "snowball:DescribeAddress", "snowball:DescribeAddresses", "snowball:DescribeCluster", "snowball:DescribeJob", "snowball:DescribeReturnShippingLabel", "snowball:GetJobManifest", "snowball:GetJobUnlockCode", "snowball:GetSnowballUsage", "snowball:GetSoftwareUpdates", "snowball:ListClusterJobs", "snowball:ListClusters", "snowball:ListCompatibleImages", "snowball:ListJobs", "snowball:ListLongTermPricing", "snowball:ListPickupLocations", "snowball:ListServiceVersions", "sns:CheckIfPhoneNumberIsOptedOut", "sns:GetDataProtectionPolicy", "sns:GetEndpointAttributes", "sns:GetPlatformApplicationAttributes", "sns:GetSMSAttributes", "sns:GetSMSSandboxAccountStatus", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:ListEndpointsByPlatformApplication", "sns:ListOriginationNumbers", "sns:ListPhoneNumbersOptedOut", "sns:ListPlatformApplications", "sns:ListSMSSandboxPhoneNumbers", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "sqs:ListDeadLetterSourceQueues", "sqs:ListMessageMoveTasks", "sqs:ListQueueTags", "sqs:ListQueues", "sqs:ReceiveMessage", "ssm-contacts:DescribeEngagement", "ssm-contacts:DescribePage", "ssm-contacts:GetContact", "ssm-contacts:GetContactChannel", "ssm-contacts:ListContactChannels", "ssm-contacts:ListContacts", "ssm-contacts:ListEngagements", "ssm-contacts:ListPageReceipts", "ssm-contacts:ListPagesByContact", "ssm-contacts:ListPagesByEngagement", "ssm-incidents:GetIncidentRecord", "ssm-incidents:GetReplicationSet", "ssm-incidents:GetResourcePolicies", "ssm-incidents:GetResponsePlan", "ssm-incidents:GetTimelineEvent", "ssm-incidents:ListIncidentRecords", "ssm-incidents:ListRelatedItems", "ssm-incidents:ListReplicationSets", "ssm-incidents:ListResponsePlans", "ssm-incidents:ListTagsForResource", "ssm-incidents:ListTimelineEvents", "ssm:DescribeActivations", "ssm:DescribeAssociation", "ssm:DescribeAssociationExecutionTargets", "ssm:DescribeAssociationExecutions", "ssm:DescribeAutomationExecutions", "ssm:DescribeAutomationStepExecutions", "ssm:DescribeAvailablePatches", "ssm:DescribeDocument", "ssm:DescribeDocumentParameters", "ssm:DescribeDocumentPermission", "ssm:DescribeEffectiveInstanceAssociations", "ssm:DescribeEffectivePatchesForPatchBaseline", "ssm:DescribeInstanceAssociationsStatus", "ssm:DescribeInstanceInformation", "ssm:DescribeInstancePatchStates", "ssm:DescribeInstancePatchStatesForPatchGroup", "ssm:DescribeInstancePatches", "ssm:DescribeInstanceProperties", "ssm:DescribeInventoryDeletions", "ssm:DescribeMaintenanceWindowExecutionTaskInvocations", "ssm:DescribeMaintenanceWindowExecutionTasks", "ssm:DescribeMaintenanceWindowExecutions", "ssm:DescribeMaintenanceWindowSchedule", "ssm:DescribeMaintenanceWindowTargets", "ssm:DescribeMaintenanceWindowTasks", "ssm:DescribeMaintenanceWindows", "ssm:DescribeMaintenanceWindowsForTarget", "ssm:DescribeOpsItems", "ssm:DescribeParameters", "ssm:DescribePatchBaselines", "ssm:DescribePatchGroupState", "ssm:DescribePatchGroups", "ssm:DescribePatchProperties", "ssm:DescribeSessions", "ssm:GetAutomationExecution", "ssm:GetCalendar", "ssm:GetCalendarState", "ssm:GetCommandInvocation", "ssm:GetConnectionStatus", "ssm:GetDefaultPatchBaseline", "ssm:GetDeployablePatchSnapshotForInstance", "ssm:GetDocument", "ssm:GetInventory", "ssm:GetInventorySchema", "ssm:GetMaintenanceWindow", "ssm:GetMaintenanceWindowExecution", "ssm:GetMaintenanceWindowExecutionTask", "ssm:GetMaintenanceWindowExecutionTaskInvocation", "ssm:GetMaintenanceWindowTask", "ssm:GetManifest", "ssm:GetOpsItem", "ssm:GetOpsMetadata", "ssm:GetOpsSummary", "ssm:GetParameter", "ssm:GetParameterHistory", "ssm:GetParameters", "ssm:GetParametersByPath", "ssm:GetPatchBaseline", "ssm:GetPatchBaselineForPatchGroup", "ssm:GetResourcePolicies", "ssm:GetServiceSetting", "ssm:ListAssociationVersions", "ssm:ListAssociations", "ssm:ListCommandInvocations", "ssm:ListCommands", "ssm:ListComplianceItems", "ssm:ListComplianceSummaries", "ssm:ListDocumentMetadataHistory", "ssm:ListDocumentVersions", "ssm:ListDocuments", "ssm:ListInstanceAssociations", "ssm:ListInventoryEntries", "ssm:ListOpsItemEvents", "ssm:ListOpsItemRelatedItems", "ssm:ListOpsMetadata", "ssm:ListResourceComplianceSummaries", "ssm:ListResourceDataSync", "ssm:ListTagsForResource", "sso-directory:DescribeDirectory", "sso-directory:DescribeGroup", "sso-directory:DescribeGroups", "sso-directory:DescribeProvisioningTenant", "sso-directory:DescribeUser", "sso-directory:DescribeUserByUniqueAttribute", "sso-directory:DescribeUsers", "sso-directory:ListBearerTokens", "sso-directory:ListExternalIdPCertificates", "sso-directory:ListExternalIdPConfigurationsForDirectory", "sso-directory:ListGroupsForMember", "sso-directory:ListGroupsForUser", "sso-directory:ListMembersInGroup", "sso-directory:ListMfaDevicesForUser", "sso-directory:ListProvisioningTenants", "sso-directory:SearchGroups", "sso-directory:SearchUsers", "sso:DescribeAccountAssignmentCreationStatus", "sso:DescribeAccountAssignmentDeletionStatus", "sso:DescribeApplication", "sso:DescribeApplicationAssignment", "sso:DescribeApplicationProvider", "sso:DescribeDirectories", "sso:DescribeInstance", "sso:DescribeInstanceAccessControlAttributeConfiguration", "sso:DescribePermissionSet", "sso:DescribePermissionSetProvisioningStatus", "sso:DescribePermissionsPolicies", "sso:DescribeRegisteredRegions", "sso:DescribeTrustedTokenIssuer", "sso:DescribeTrusts", "sso:GetApplicationAccessScope", "sso:GetApplicationAssignmentConfiguration", "sso:GetApplicationAuthenticationMethod", "sso:GetApplicationGrant", "sso:GetApplicationInstance", "sso:GetApplicationTemplate", "sso:GetInlinePolicyForPermissionSet", "sso:GetManagedApplicationInstance", "sso:GetMfaDeviceManagementForDirectory", "sso:GetPermissionSet", "sso:GetPermissionsBoundaryForPermissionSet", "sso:GetPermissionsPolicy", "sso:GetProfile", "sso:GetSSOStatus", "sso:GetSharedSsoConfiguration", "sso:GetSsoConfiguration", "sso:GetTrust", "sso:ListAccountAssignmentCreationStatus", "sso:ListAccountAssignmentDeletionStatus", "sso:ListAccountAssignments", "sso:ListAccountAssignmentsForPrincipal", "sso:ListAccountsForProvisionedPermissionSet", "sso:ListApplicationAccessScopes", "sso:ListApplicationAssignments", "sso:ListApplicationAssignmentsForPrincipal", "sso:ListApplicationAuthenticationMethods", "sso:ListApplicationGrants", "sso:ListApplicationInstanceCertificates", "sso:ListApplicationInstances", "sso:ListApplicationProviders", "sso:ListApplicationTemplates", "sso:ListApplications", "sso:ListCustomerManagedPolicyReferencesInPermissionSet", "sso:ListDirectoryAssociations", "sso:ListInstances", "sso:ListManagedPoliciesInPermissionSet", "sso:ListPermissionSetProvisioningStatus", "sso:ListPermissionSets", "sso:ListPermissionSetsProvisionedToAccount", "sso:ListProfileAssociations", "sso:ListProfiles", "sso:ListTagsForResource", "sso:ListTrustedTokenIssuers", "sso:SearchGroups", "sso:SearchUsers", "states:DescribeActivity", "states:DescribeExecution", "states:DescribeMapRun", "states:DescribeStateMachine", "states:DescribeStateMachineAlias", "states:DescribeStateMachineForExecution", "states:GetExecutionHistory", "states:ListActivities", "states:ListExecutions", "states:ListMapRuns", "states:ListStateMachineAliases", "states:ListStateMachineVersions", "states:ListStateMachines", "states:ListTagsForResource", "storagegateway:DescribeAvailabilityMonitorTest", "storagegateway:DescribeBandwidthRateLimit", "storagegateway:DescribeBandwidthRateLimitSchedule", "storagegateway:DescribeCache", "storagegateway:DescribeCachediSCSIVolumes", "storagegateway:DescribeChapCredentials", "storagegateway:DescribeFileSystemAssociations", "storagegateway:DescribeGatewayInformation", "storagegateway:DescribeMaintenanceStartTime", "storagegateway:DescribeNFSFileShares", "storagegateway:DescribeSMBFileShares", "storagegateway:DescribeSMBSettings", "storagegateway:DescribeSnapshotSchedule", "storagegateway:DescribeStorediSCSIVolumes", "storagegateway:DescribeTapeArchives", "storagegateway:DescribeTapeRecoveryPoints", "storagegateway:DescribeTapes", "storagegateway:DescribeUploadBuffer", "storagegateway:DescribeVTLDevices", "storagegateway:DescribeWorkingStorage", "storagegateway:ListAutomaticTapeCreationPolicies", "storagegateway:ListFileShares", "storagegateway:ListFileSystemAssociations", "storagegateway:ListGateways", "storagegateway:ListLocalDisks", "storagegateway:ListTagsForResource", "storagegateway:ListTapePools", "storagegateway:ListTapes", "storagegateway:ListVolumeInitiators", "storagegateway:ListVolumeRecoveryPoints", "storagegateway:ListVolumes", "sts:GetAccessKeyInfo", "sts:GetCallerIdentity", "sts:GetSessionToken", "support:DescribeAttachment", "support:DescribeCases", "support:DescribeCommunications", "support:DescribeServices", "support:DescribeSeverityLevels", "support:DescribeTrustedAdvisorCheckRefreshStatuses", "support:DescribeTrustedAdvisorCheckResult", "support:DescribeTrustedAdvisorChecks", "support:DescribeTrustedAdvisorCheckSummaries", "supportplans:GetSupportPlan", "supportplans:GetSupportPlanUpdateStatus", "sustainability:GetCarbonFootprintSummary", "swf:CountClosedWorkflowExecutions", "swf:CountOpenWorkflowExecutions", "swf:CountPendingActivityTasks", "swf:CountPendingDecisionTasks", "swf:DescribeActivityType", "swf:DescribeDomain", "swf:DescribeWorkflowExecution", "swf:DescribeWorkflowType", "swf:GetWorkflowExecutionHistory", "swf:ListActivityTypes", "swf:ListClosedWorkflowExecutions", "swf:ListDomains", "swf:ListOpenWorkflowExecutions", "swf:ListTagsForResource", "swf:ListWorkflowTypes", "synthetics:DescribeCanaries", "synthetics:DescribeCanariesLastRun", "synthetics:DescribeRuntimeVersions", "synthetics:GetCanary", "synthetics:GetCanaryRuns", "synthetics:GetGroup", "synthetics:ListAssociatedGroups", "synthetics:ListGroupResources", "synthetics:ListGroups", "synthetics:ListTagsForResource", "tag:DescribeReportCreation", "tag:GetComplianceSummary", "tag:GetResources", "tag:GetTagKeys", "tag:GetTagValues", "tax:GetExemptions", "tax:GetTaxInheritance", "tax:GetTaxInterview", "tax:GetTaxRegistration", "tax:GetTaxRegistrationDocument", "tax:ListTaxRegistrations", "timestream:DescribeBatchLoadTask", "timestream:DescribeDatabase", "timestream:DescribeEndpoints", "timestream:DescribeTable", "timestream:ListBatchLoadTasks", "timestream:ListDatabases", "timestream:ListMeasures", "timestream:ListTables", "timestream:ListTagsForResource", "tnb:GetSolFunctionInstance", "tnb:GetSolFunctionPackage", "tnb:GetSolFunctionPackageContent", "tnb:GetSolFunctionPackageDescriptor", "tnb:GetSolNetworkInstance", "tnb:GetSolNetworkOperation", "tnb:GetSolNetworkPackage", "tnb:GetSolNetworkPackageContent", "tnb:GetSolNetworkPackageDescriptor", "tnb:ListSolFunctionInstances", "tnb:ListSolFunctionPackages", "tnb:ListSolNetworkInstances", "tnb:ListSolNetworkOperations", "tnb:ListSolNetworkPackages", "tnb:ListTagsForResource", "transcribe:GetCallAnalyticsCategory", "transcribe:GetCallAnalyticsJob", "transcribe:GetMedicalScribeJob", "transcribe:GetMedicalTranscriptionJob", "transcribe:GetMedicalVocabulary", "transcribe:GetTranscriptionJob", "transcribe:GetVocabulary", "transcribe:GetVocabularyFilter", "transcribe:ListCallAnalyticsCategories", "transcribe:ListCallAnalyticsJobs", "transcribe:ListLanguageModels", "transcribe:ListMedicalScribeJobs", "transcribe:ListMedicalTranscriptionJobs", "transcribe:ListMedicalVocabularies", "transcribe:ListTagsForResource", "transcribe:ListTranscriptionJobs", "transcribe:ListVocabularies", "transcribe:ListVocabularyFilters", "transfer:DescribeAccess", "transfer:DescribeAgreement", "transfer:DescribeCertificate", "transfer:DescribeConnector", "transfer:DescribeExecution", "transfer:DescribeHostKey", "transfer:DescribeProfile", "transfer:DescribeSecurityPolicy", "transfer:DescribeServer", "transfer:DescribeUser", "transfer:DescribeWorkflow", "transfer:ListAccesses", "transfer:ListAgreements", "transfer:ListCertificates", "transfer:ListConnectors", "transfer:ListExecutions", "transfer:ListHostKeys", "transfer:ListProfiles", "transfer:ListSecurityPolicies", "transfer:ListServers", "transfer:ListTagsForResource", "transfer:ListUsers", "transfer:ListWorkflows", "transfer:TestIdentityProvider", "translate:DescribeTextTranslationJob", "translate:GetParallelData", "translate:GetTerminology", "translate:ListParallelData", "translate:ListTerminologies", "translate:ListTextTranslationJobs", "trustedadvisor:DescribeAccount", "trustedadvisor:DescribeAccountAccess", "trustedadvisor:DescribeCheckItems", "trustedadvisor:DescribeCheckRefreshStatuses", "trustedadvisor:DescribeCheckStatusHistoryChanges", "trustedadvisor:DescribeCheckSummaries", "trustedadvisor:DescribeChecks", "trustedadvisor:DescribeNotificationConfigurations", "trustedadvisor:DescribeNotificationPreferences", "trustedadvisor:DescribeOrganization", "trustedadvisor:DescribeOrganizationAccounts", "trustedadvisor:DescribeReports", "trustedadvisor:DescribeRisk", "trustedadvisor:DescribeRiskResources", "trustedadvisor:DescribeRisks", "trustedadvisor:DescribeServiceMetadata", "verifiedpermissions:GetIdentitySource", "verifiedpermissions:GetPolicy", "verifiedpermissions:GetPolicyStore", "verifiedpermissions:GetPolicyTemplate", "verifiedpermissions:GetSchema", "verifiedpermissions:IsAuthorized", "verifiedpermissions:isauthorized", "verifiedpermissions:IsAuthorizedWithToken", "verifiedpermissions:ListIdentitySources", "verifiedpermissions:ListPolicies", "verifiedpermissions:ListPolicyStores", "verifiedpermissions:ListPolicyTemplates", "vpc-lattice:GetAccessLogSubscription", "vpc-lattice:GetAuthPolicy", "vpc-lattice:GetListener", "vpc-lattice:GetResourcePolicy", "vpc-lattice:GetRule", "vpc-lattice:GetService", "vpc-lattice:GetServiceNetwork", "vpc-lattice:GetServiceNetworkServiceAssociation", "vpc-lattice:GetServiceNetworkVpcAssociation", "vpc-lattice:GetTargetGroup", "vpc-lattice:ListAccessLogSubscriptions", "vpc-lattice:ListListeners", "vpc-lattice:ListRules", "vpc-lattice:ListServiceNetworks", "vpc-lattice:ListServiceNetworkServiceAssociations", "vpc-lattice:ListServiceNetworkVpcAssociations", "vpc-lattice:ListServices", "vpc-lattice:ListTagsForResource", "vpc-lattice:ListTargetGroups", "vpc-lattice:ListTargets", "waf-regional:GetByteMatchSet", "waf-regional:GetChangeToken", "waf-regional:GetChangeTokenStatus", "waf-regional:GetGeoMatchSet", "waf-regional:GetIPSet", "waf-regional:GetLoggingConfiguration", "waf-regional:GetPermissionPolicy", "waf-regional:GetRateBasedRule", "waf-regional:GetRateBasedRuleManagedKeys", "waf-regional:GetRegexMatchSet", "waf-regional:GetRegexPatternSet", "waf-regional:GetRule", "waf-regional:GetRuleGroup", "waf-regional:GetSampledRequests", "waf-regional:GetSizeConstraintSet", "waf-regional:GetSqlInjectionMatchSet", "waf-regional:GetWebACL", "waf-regional:GetWebACLForResource", "waf-regional:GetXssMatchSet", "waf-regional:ListActivatedRulesInRuleGroup", "waf-regional:ListByteMatchSets", "waf-regional:ListGeoMatchSets", "waf-regional:ListIPSets", "waf-regional:ListLoggingConfigurations", "waf-regional:ListRateBasedRules", "waf-regional:ListRegexMatchSets", "waf-regional:ListRegexPatternSets", "waf-regional:ListResourcesForWebACL", "waf-regional:ListRuleGroups", "waf-regional:ListRules", "waf-regional:ListSizeConstraintSets", "waf-regional:ListSqlInjectionMatchSets", "waf-regional:ListSubscribedRuleGroups", "waf-regional:ListTagsForResource", "waf-regional:ListWebACLs", "waf-regional:ListXssMatchSets", "waf:GetByteMatchSet", "waf:GetChangeToken", "waf:GetChangeTokenStatus", "waf:GetGeoMatchSet", "waf:GetIPSet", "waf:GetLoggingConfiguration", "waf:GetPermissionPolicy", "waf:GetRateBasedRule", "waf:GetRateBasedRuleManagedKeys", "waf:GetRegexMatchSet", "waf:GetRegexPatternSet", "waf:GetRule", "waf:GetRuleGroup", "waf:GetSampledRequests", "waf:GetSizeConstraintSet", "waf:GetSqlInjectionMatchSet", "waf:GetWebACL", "waf:GetXssMatchSet", "waf:ListActivatedRulesInRuleGroup", "waf:ListByteMatchSets", "waf:ListGeoMatchSets", "waf:ListIPSets", "waf:ListLoggingConfigurations", "waf:ListRateBasedRules", "waf:ListRegexMatchSets", "waf:ListRegexPatternSets", "waf:ListRuleGroups", "waf:ListRules", "waf:ListSizeConstraintSets", "waf:ListSqlInjectionMatchSets", "waf:ListSubscribedRuleGroups", "waf:ListTagsForResource", "waf:ListWebACLs", "waf:ListXssMatchSets", "wafv2:CheckCapacity", "wafv2:DescribeAllManagedProducts", "wafv2:DescribeManagedProductsByVendor", "wafv2:DescribeManagedRuleGroup", "wafv2:GetDecryptedAPIKey", "wafv2:GetIPSet", "wafv2:GetLoggingConfiguration", "wafv2:GetManagedRuleSet", "wafv2:GetMobileSdkRelease", "wafv2:GetPermissionPolicy", "wafv2:GetRateBasedStatementManagedKeys", "wafv2:GetRegexPatternSet", "wafv2:GetRuleGroup", "wafv2:GetSampledRequests", "wafv2:GetWebACL", "wafv2:GetWebACLForResource", "wafv2:ListAPIKeys", "wafv2:ListAvailableManagedRuleGroupVersions", "wafv2:ListAvailableManagedRuleGroups", "wafv2:ListIPSets", "wafv2:ListLoggingConfigurations", "wafv2:ListManagedRuleSets", "wafv2:ListMobileSdkReleases", "wafv2:ListRegexPatternSets", "wafv2:ListResourcesForWebACL", "wafv2:ListRuleGroups", "wafv2:ListTagsForResource", "wafv2:ListWebACLs", "wellarchitected:ExportLens", "wellarchitected:GetAnswer", "wellarchitected:GetConsolidatedReport", "wellarchitected:GetLens", "wellarchitected:GetLensReview", "wellarchitected:GetLensReviewReport", "wellarchitected:GetLensVersionDifference", "wellarchitected:GetMilestone", "wellarchitected:GetProfile", "wellarchitected:GetProfileTemplate", "wellarchitected:GetReviewTemplate", "wellarchitected:GetReviewTemplateAnswer", "wellarchitected:GetReviewTemplateLensReview", "wellarchitected:GetWorkload", "wellarchitected:ListAnswers", "wellarchitected:ListCheckDetails", "wellarchitected:ListCheckSummaries", "wellarchitected:ListLenses", "wellarchitected:ListLensReviewImprovements", "wellarchitected:ListLensReviews", "wellarchitected:ListLensShares", "wellarchitected:ListMilestones", "wellarchitected:ListNotifications", "wellarchitected:ListProfileNotifications", "wellarchitected:ListProfiles", "wellarchitected:ListProfileShares", "wellarchitected:ListReviewTemplateAnswers", "wellarchitected:ListReviewTemplates", "wellarchitected:ListShareInvitations", "wellarchitected:ListTagsForResource", "wellarchitected:ListTemplateShares", "wellarchitected:ListWorkloads", "wellarchitected:ListWorkloadShares", "workdocs:CheckAlias", "workdocs:DescribeActivities", "workdocs:DescribeAvailableDirectories", "workdocs:DescribeComments", "workdocs:DescribeDocumentVersions", "workdocs:DescribeFolderContents", "workdocs:DescribeGroups", "workdocs:DescribeInstanceExports", "workdocs:DescribeInstances", "workdocs:DescribeNotificationPermissions", "workdocs:DescribeNotificationSubscriptions", "workdocs:DescribeResourcePermissions", "workdocs:DescribeRootFolders", "workdocs:DescribeUsers", "workdocs:GetCurrentUser", "workdocs:GetDocument", "workdocs:GetDocumentPath", "workdocs:GetDocumentVersion", "workdocs:GetFolder", "workdocs:GetFolderPath", "workdocs:GetGroup", "workdocs:GetResources", "workmail:DescribeDirectories", "workmail:DescribeEmailMonitoringConfiguration", "workmail:DescribeEntity", "workmail:DescribeGroup", "workmail:DescribeInboundDmarcSettings", "workmail:DescribeInboundMailFlowRule", "workmail:DescribeKmsKeys", "workmail:DescribeMailDomains", "workmail:DescribeMailGroups", "workmail:DescribeMailUsers", "workmail:DescribeMailboxExportJob", "workmail:DescribeOrganization", "workmail:DescribeOrganizations", "workmail:DescribeOutboundMailFlowRule", "workmail:DescribeResource", "workmail:DescribeSmtpGateway", "workmail:DescribeUser", "workmail:GetAccessControlEffect", "workmail:GetDefaultRetentionPolicy", "workmail:GetImpersonationRole", "workmail:GetImpersonationRoleEffect", "workmail:GetJournalingRules", "workmail:GetMailDomain", "workmail:GetMailDomainDetails", "workmail:GetMailGroupDetails", "workmail:GetMailboxDetails", "workmail:GetMobileDeviceAccessEffect", "workmail:GetMobileDeviceAccessOverride", "workmail:GetMobileDeviceDetails", "workmail:GetMobileDevicesForUser", "workmail:GetMobilePolicyDetails", "workmail:ListAccessControlRules", "workmail:ListAliases", "workmail:ListAvailabilityConfigurations", "workmail:ListGroupMembers", "workmail:ListGroups", "workmail:ListGroupsForEntity", "workmail:ListImpersonationRoles", "workmail:ListInboundMailFlowRules", "workmail:ListMailDomains", "workmail:ListMailboxExportJobs", "workmail:ListMailboxPermissions", "workmail:ListMembersInMailGroup", "workmail:ListMobileDeviceAccessOverrides", "workmail:ListMobileDeviceAccessRules", "workmail:ListOrganizations", "workmail:ListOutboundMailFlowRules", "workmail:ListResourceDelegates", "workmail:ListResources", "workmail:ListSmtpGateways", "workmail:ListTagsForResource", "workmail:ListUsers", "workmail:SearchMembers", "workspaces-web:GetBrowserSettings", "workspaces-web:GetIdentityProvider", "workspaces-web:GetNetworkSettings", "workspaces-web:GetPortal", "workspaces-web:GetPortalServiceProviderMetadata", "workspaces-web:GetTrustStore", "workspaces-web:GetUserAccessLoggingSettings", "workspaces-web:GetUserSettings", "workspaces-web:ListBrowserSettings", "workspaces-web:ListIdentityProviders", "workspaces-web:ListNetworkSettings", "workspaces-web:ListPortals", "workspaces-web:ListTagsForResource", "workspaces-web:ListTrustStores", "workspaces-web:ListUserAccessLoggingSettings", "workspaces-web:ListUserSettings", "workspaces:DescribeAccount", "workspaces:DescribeAccountModifications", "workspaces:DescribeApplicationAssociations", "workspaces:DescribeApplications", "workspaces:DescribeBundleAssociations", "workspaces:DescribeClientBranding", "workspaces:DescribeClientProperties", "workspaces:DescribeConnectClientAddIns", "workspaces:DescribeConnectionAliasPermissions", "workspaces:DescribeConnectionAliases", "workspaces:DescribeImageAssociations", "workspaces:DescribeIpGroups", "workspaces:DescribeTags", "workspaces:DescribeWorkspaceAssociations", "workspaces:DescribeWorkspaceBundles", "workspaces:DescribeWorkspaceDirectories", "workspaces:DescribeWorkspaceImagePermissions", "workspaces:DescribeWorkspaceImages", "workspaces:DescribeWorkspaceSnapshots", "workspaces:DescribeWorkspaces", "workspaces:DescribeWorkspacesConnectionStatus", "xray:BatchGetTraceSummaryById", "xray:BatchGetTraces", "xray:GetDistinctTraceGraphs", "xray:GetEncryptionConfig", "xray:GetGroup", "xray:GetGroups", "xray:GetInsight", "xray:GetInsightEvents", "xray:GetInsightImpactGraph", "xray:GetInsightSummaries", "xray:GetSamplingRules", "xray:GetSamplingStatisticSummaries", "xray:GetSamplingTargets", "xray:GetServiceGraph", "xray:GetTimeSeriesServiceStatistics", "xray:GetTraceGraph", "xray:GetTraceSummaries" ], "malformed": false, "name": "ReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": true, "unknown_actions": false, "updatedate": "2024-04-17T21:17:05+00:00", "version": "v112" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderUpdateCACertMitigationAction", "createdate": "2019-08-07T17:05:49Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iot:UpdateCACertificate" ], "malformed": false, "name": "AWSIoTDeviceDefenderUpdateCACertMitigationAction", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-08-07T17:05:49+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSResourceAccessManagerResourceShareParticipantAccess", "createdate": "2019-12-09T20:41:37Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ram:AcceptResourceShareInvitation", "ram:GetResourcePolicies", "ram:GetResourceShareInvitations", "ram:GetResourceShares", "ram:ListPendingInvitationResources", "ram:ListPrincipals", "ram:ListResources", "ram:RejectResourceShareInvitation" ], "malformed": false, "name": "AWSResourceAccessManagerResourceShareParticipantAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-12-09T20:41:37+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSLambdaExecute", "createdate": "2015-02-06T18:40:46Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "logs:AssociateKmsKey", "logs:CancelExportTask", "logs:CreateDelivery", "logs:CreateExportTask", "logs:CreateLogAnomalyDetector", "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteAccountPolicy", "logs:DeleteDataProtectionPolicy", "logs:DeleteDelivery", "logs:DeleteDeliveryDestination", "logs:DeleteDeliveryDestinationPolicy", "logs:DeleteDeliverySource", "logs:DeleteDestination", "logs:DeleteLogAnomalyDetector", "logs:DeleteLogDelivery", "logs:DeleteLogGroup", "logs:DeleteLogStream", "logs:DeleteMetricFilter", "logs:DeleteQueryDefinition", "logs:DeleteResourcePolicy", "logs:DeleteRetentionPolicy", "logs:DeleteSubscriptionFilter", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:DisassociateKmsKey", "logs:FilterLogEvents", "logs:GetDataProtectionPolicy", "logs:GetDelivery", "logs:GetDeliveryDestination", "logs:GetDeliveryDestinationPolicy", "logs:GetDeliverySource", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetLogRecord", "logs:GetQueryResults", "logs:Link", "logs:ListAnomalies", "logs:ListLogAnomalyDetectors", "logs:ListLogDeliveries", "logs:ListTagsForResource", "logs:ListTagsLogGroup", "logs:PutAccountPolicy", "logs:PutDataProtectionPolicy", "logs:PutDeliveryDestination", "logs:PutDeliveryDestinationPolicy", "logs:PutDeliverySource", "logs:PutDestination", "logs:PutDestinationPolicy", "logs:PutLogEvents", "logs:PutMetricFilter", "logs:PutQueryDefinition", "logs:PutResourcePolicy", "logs:PutRetentionPolicy", "logs:PutSubscriptionFilter", "logs:StartLiveTail", "logs:StartQuery", "logs:StopLiveTail", "logs:StopQuery", "logs:TagLogGroup", "logs:TagResource", "logs:TestMetricFilter", "logs:Unmask", "logs:UntagLogGroup", "logs:UntagResource", "logs:UpdateAnomaly", "logs:UpdateLogAnomalyDetector", "logs:UpdateLogDelivery", "s3:GetObject", "s3:PutObject" ], "malformed": false, "name": "AWSLambdaExecute", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:40:46+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSIdentitySyncFullAccess", "createdate": "2022-03-23T23:29:33Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ds:AuthorizeApplication", "ds:UnauthorizeApplication", "identity-sync:DeleteSyncProfile", "identity-sync:CreateSyncProfile", "identity-sync:GetSyncProfile", "identity-sync:StartSync", "identity-sync:StopSync", "identity-sync:CreateSyncFilter", "identity-sync:DeleteSyncFilter", "identity-sync:ListSyncFilters", "identity-sync:CreateSyncTarget", "identity-sync:DeleteSyncTarget", "identity-sync:GetSyncTarget", "identity-sync:UpdateSyncTarget" ], "malformed": false, "name": "AWSIdentitySyncFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-03-23T23:29:33+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSFinSpaceServiceRolePolicy", "createdate": "2023-12-01T21:05:00Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:PutMetricData" ], "malformed": false, "name": "AWSFinSpaceServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-01T21:05:00+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonChimeSDK", "createdate": "2023-01-10T18:05:12Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "chime:CreateMeeting", "chime:CreateMeetingWithAttendees", "chime:DeleteMeeting", "chime:GetMeeting", "chime:ListMeetings", "chime:CreateAttendee", "chime:BatchCreateAttendee", "chime:DeleteAttendee", "chime:GetAttendee", "chime:ListAttendees", "chime:ListAttendeeTags", "chime:ListMeetingTags", "chime:ListTagsForResource", "chime:TagAttendee", "chime:TagMeeting", "chime:TagResource", "chime:UntagAttendee", "chime:UntagMeeting", "chime:UntagResource", "chime:StartMeetingTranscription", "chime:StopMeetingTranscription", "chime:CreateMediaCapturePipeline", "chime:CreateMediaConcatenationPipeline", "chime:CreateMediaLiveConnectorPipeline", "chime:DeleteMediaCapturePipeline", "chime:DeleteMediaPipeline", "chime:GetMediaCapturePipeline", "chime:GetMediaPipeline", "chime:ListMediaCapturePipelines", "chime:ListMediaPipelines" ], "malformed": false, "name": "AmazonChimeSDK", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-01-10T18:05:12+00:00", "version": "v5" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderUpdateDeviceCertMitigationAction", "createdate": "2019-08-07T17:06:00Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iot:UpdateCertificate" ], "malformed": false, "name": "AWSIoTDeviceDefenderUpdateDeviceCertMitigationAction", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-08-07T17:06:00+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AutoScalingConsoleFullAccess", "createdate": "2018-02-06T23:15:36Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateKeyPair", "ec2:CreateSecurityGroup", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", "ec2:DescribeImages", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstances", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribePlacementGroups", "ec2:DescribeSecurityGroups", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeVpcClassicLink", "ec2:ImportKeyPair", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "cloudwatch:ListMetrics", "cloudwatch:GetMetricStatistics", "cloudwatch:PutMetricAlarm", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "autoscaling:AttachInstances", "autoscaling:AttachLoadBalancerTargetGroups", "autoscaling:AttachLoadBalancers", "autoscaling:AttachTrafficSources", "autoscaling:BatchDeleteScheduledAction", "autoscaling:BatchPutScheduledUpdateGroupAction", "autoscaling:CancelInstanceRefresh", "autoscaling:CompleteLifecycleAction", "autoscaling:CreateAutoScalingGroup", "autoscaling:CreateLaunchConfiguration", "autoscaling:CreateOrUpdateTags", "autoscaling:DeleteAutoScalingGroup", "autoscaling:DeleteLaunchConfiguration", "autoscaling:DeleteLifecycleHook", "autoscaling:DeleteNotificationConfiguration", "autoscaling:DeletePolicy", "autoscaling:DeleteScheduledAction", "autoscaling:DeleteTags", "autoscaling:DeleteWarmPool", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "autoscaling:DetachInstances", "autoscaling:DetachLoadBalancerTargetGroups", "autoscaling:DetachLoadBalancers", "autoscaling:DetachTrafficSources", "autoscaling:DisableMetricsCollection", "autoscaling:EnableMetricsCollection", "autoscaling:EnterStandby", "autoscaling:ExecutePolicy", "autoscaling:ExitStandby", "autoscaling:GetPredictiveScalingForecast", "autoscaling:PutLifecycleHook", "autoscaling:PutNotificationConfiguration", "autoscaling:PutScalingPolicy", "autoscaling:PutScheduledUpdateGroupAction", "autoscaling:PutWarmPool", "autoscaling:RecordLifecycleActionHeartbeat", "autoscaling:ResumeProcesses", "autoscaling:RollbackInstanceRefresh", "autoscaling:SetDesiredCapacity", "autoscaling:SetInstanceHealth", "autoscaling:SetInstanceProtection", "autoscaling:StartInstanceRefresh", "autoscaling:SuspendProcesses", "autoscaling:TerminateInstanceInAutoScalingGroup", "autoscaling:UpdateAutoScalingGroup", "sns:ListSubscriptions", "sns:ListTopics", "iam:ListRoles", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AutoScalingConsoleFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-02-06T23:15:36+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSConfigServiceRolePolicy", "createdate": "2024-02-22T17:20:56Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "access-analyzer:GetAnalyzer", "access-analyzer:GetArchiveRule", "access-analyzer:ListAnalyzers", "access-analyzer:ListArchiveRules", "access-analyzer:ListTagsForResource", "account:GetAlternateContact", "acm-pca:DescribeCertificateAuthority", "acm-pca:GetCertificateAuthorityCertificate", "acm-pca:GetCertificateAuthorityCsr", "acm-pca:ListCertificateAuthorities", "acm-pca:ListTags", "acm:DescribeCertificate", "acm:ListCertificates", "acm:ListTagsForCertificate", "airflow:GetEnvironment", "airflow:ListEnvironments", "airflow:ListTagsForResource", "amplify:GetApp", "amplify:GetBranch", "amplify:ListApps", "amplify:ListBranches", "amplifyuibuilder:ExportThemes", "amplifyuibuilder:GetTheme", "amplifyuibuilder:ListThemes", "app-integrations:GetEventIntegration", "app-integrations:ListEventIntegrationAssociations", "app-integrations:ListEventIntegrations", "appconfig:GetApplication", "appconfig:GetConfigurationProfile", "appconfig:GetDeployment", "appconfig:GetDeploymentStrategy", "appconfig:GetEnvironment", "appconfig:GetExtensionAssociation", "appconfig:GetHostedConfigurationVersion", "appconfig:ListApplications", "appconfig:ListConfigurationProfiles", "appconfig:ListDeployments", "appconfig:ListDeploymentStrategies", "appconfig:ListEnvironments", "appconfig:ListExtensionAssociations", "appconfig:ListHostedConfigurationVersions", "appconfig:ListTagsForResource", "appflow:DescribeConnectorProfiles", "appflow:DescribeFlow", "appflow:ListFlows", "appflow:ListTagsForResource", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingPolicies", "appmesh:DescribeGatewayRoute", "appmesh:DescribeMesh", "appmesh:DescribeRoute", "appmesh:DescribeVirtualGateway", "appmesh:DescribeVirtualNode", "appmesh:DescribeVirtualRouter", "appmesh:DescribeVirtualService", "appmesh:ListGatewayRoutes", "appmesh:ListMeshes", "appmesh:ListRoutes", "appmesh:ListTagsForResource", "appmesh:ListVirtualGateways", "appmesh:ListVirtualNodes", "appmesh:ListVirtualRouters", "appmesh:ListVirtualServices", "apprunner:DescribeService", "apprunner:DescribeVpcConnector", "apprunner:ListServices", "apprunner:ListTagsForResource", "apprunner:ListVpcConnectors", "appstream:DescribeApplications", "appstream:DescribeDirectoryConfigs", "appstream:DescribeFleets", "appstream:DescribeStacks", "appstream:ListTagsForResource", "appsync:GetApiCache", "appsync:GetGraphqlApi", "appsync:ListGraphqlApis", "aps:DescribeAlertManagerDefinition", "aps:DescribeLoggingConfiguration", "aps:DescribeRuleGroupsNamespace", "aps:DescribeWorkspace", "aps:ListRuleGroupsNamespaces", "aps:ListTagsForResource", "aps:ListWorkspaces", "athena:GetDataCatalog", "athena:GetPreparedStatement", "athena:GetWorkGroup", "athena:ListDataCatalogs", "athena:ListPreparedStatements", "athena:ListTagsForResource", "athena:ListWorkGroups", "auditmanager:GetAccountStatus", "auditmanager:GetAssessment", "auditmanager:ListAssessments", "autoscaling-plans:DescribeScalingPlanResources", "autoscaling-plans:DescribeScalingPlans", "autoscaling-plans:GetScalingPlanResourceForecastData", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribePolicies", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeWarmPool", "backup-gateway:ListTagsForResource", "backup-gateway:ListVirtualMachines", "backup:DescribeBackupVault", "backup:DescribeFramework", "backup:DescribeProtectedResource", "backup:DescribeRecoveryPoint", "backup:DescribeReportPlan", "backup:GetBackupPlan", "backup:GetBackupSelection", "backup:GetBackupVaultAccessPolicy", "backup:GetBackupVaultNotifications", "backup:ListBackupPlans", "backup:ListBackupSelections", "backup:ListBackupVaults", "backup:ListFrameworks", "backup:ListRecoveryPointsByBackupVault", "backup:ListReportPlans", "backup:ListTags", "batch:DescribeComputeEnvironments", "batch:DescribeJobQueues", "batch:DescribeSchedulingPolicies", "batch:ListSchedulingPolicies", "batch:ListTagsForResource", "billingconductor:ListAccountAssociations", "billingconductor:ListBillingGroups", "billingconductor:ListCustomLineItems", "billingconductor:ListPricingPlans", "billingconductor:ListPricingRules", "billingconductor:ListPricingRulesAssociatedToPricingPlan", "billingconductor:ListTagsForResource", "budgets:DescribeBudgetAction", "budgets:DescribeBudgetActionsForAccount", "budgets:DescribeBudgetActionsForBudget", "budgets:ViewBudget", "cassandra:Select", "ce:GetAnomalyMonitors", "ce:GetAnomalySubscriptions", "cloud9:DescribeEnvironmentMemberships", "cloud9:DescribeEnvironments", "cloud9:ListEnvironments", "cloud9:ListTagsForResource", "cloudformation:DescribeType", "cloudformation:GetResource", "cloudformation:ListResources", "cloudformation:ListStackResources", "cloudformation:ListStacks", "cloudformation:ListTypes", "cloudfront:GetFunction", "cloudfront:GetOriginAccessControl", "cloudfront:GetResponseHeadersPolicy", "cloudfront:ListDistributions", "cloudfront:ListFunctions", "cloudfront:ListOriginAccessControls", "cloudfront:ListResponseHeadersPolicies", "cloudfront:ListTagsForResource", "cloudtrail:DescribeTrails", "cloudtrail:GetEventDataStore", "cloudtrail:GetEventSelectors", "cloudtrail:GetTrailStatus", "cloudtrail:ListEventDataStores", "cloudtrail:ListTags", "cloudtrail:ListTrails", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:GetDashboard", "cloudwatch:GetMetricStream", "cloudwatch:ListDashboards", "cloudwatch:ListMetricStreams", "cloudwatch:ListTagsForResource", "codeartifact:DescribeRepository", "codeartifact:GetRepositoryPermissionsPolicy", "codeartifact:ListDomains", "codeartifact:ListPackages", "codeartifact:ListPackageVersions", "codeartifact:ListRepositories", "codeartifact:ListTagsForResource", "codebuild:BatchGetReportGroups", "codebuild:ListReportGroups", "codecommit:GetRepository", "codecommit:GetRepositoryTriggers", "codecommit:ListRepositories", "codecommit:ListTagsForResource", "codedeploy:GetDeploymentConfig", "codeguru-profiler:DescribeProfilingGroup", "codeguru-profiler:GetNotificationConfiguration", "codeguru-profiler:GetPolicy", "codeguru-profiler:ListProfilingGroups", "codeguru-reviewer:DescribeRepositoryAssociation", "codeguru-reviewer:ListRepositoryAssociations", "codepipeline:GetPipeline", "codepipeline:GetPipelineState", "codepipeline:ListPipelines", "cognito-identity:DescribeIdentityPool", "cognito-identity:GetIdentityPoolRoles", "cognito-identity:GetPrincipalTagAttributeMap", "cognito-identity:ListIdentityPools", "cognito-identity:ListTagsForResource", "cognito-idp:DescribeIdentityProvider", "cognito-idp:DescribeResourceServer", "cognito-idp:DescribeUserPool", "cognito-idp:DescribeUserPoolClient", "cognito-idp:DescribeUserPoolDomain", "cognito-idp:GetGroup", "cognito-idp:GetUserPoolMfaConfig", "cognito-idp:ListGroups", "cognito-idp:ListIdentityProviders", "cognito-idp:ListResourceServers", "cognito-idp:ListTagsForResource", "cognito-idp:ListUserPoolClients", "cognito-idp:ListUserPools", "config:BatchGetAggregateResourceConfig", "config:BatchGetResourceConfig", "config:DescribeAggregateComplianceByConfigRules", "config:DescribeAggregateComplianceByConformancePacks", "config:DescribeAggregationAuthorizations", "config:DescribeComplianceByConfigRule", "config:DescribeComplianceByResource", "config:DescribeConfigRuleEvaluationStatus", "config:DescribeConfigRules", "config:DescribeConfigurationAggregatorSourcesStatus", "config:DescribeConfigurationAggregators", "config:DescribeConfigurationRecorderStatus", "config:DescribeConfigurationRecorders", "config:DescribeConformancePackCompliance", "config:DescribeConformancePackStatus", "config:DescribeConformancePacks", "config:DescribeDeliveryChannelStatus", "config:DescribeDeliveryChannels", "config:DescribeOrganizationConfigRuleStatuses", "config:DescribeOrganizationConfigRules", "config:DescribeOrganizationConformancePackStatuses", "config:DescribeOrganizationConformancePacks", "config:DescribePendingAggregationRequests", "config:DescribeRemediationConfigurations", "config:DescribeRemediationExceptions", "config:DescribeRemediationExecutionStatus", "config:DescribeRetentionConfigurations", "config:GetAggregateComplianceDetailsByConfigRule", "config:GetAggregateConfigRuleComplianceSummary", "config:GetAggregateConformancePackComplianceSummary", "config:GetAggregateDiscoveredResourceCounts", "config:GetAggregateResourceConfig", "config:GetComplianceDetailsByConfigRule", "config:GetComplianceDetailsByResource", "config:GetComplianceSummaryByConfigRule", "config:GetComplianceSummaryByResourceType", "config:GetConformancePackComplianceDetails", "config:GetConformancePackComplianceSummary", "config:GetCustomRulePolicy", "config:GetDiscoveredResourceCounts", "config:GetOrganizationConfigRuleDetailedStatus", "config:GetOrganizationConformancePackDetailedStatus", "config:GetOrganizationCustomRulePolicy", "config:GetResourceConfigHistory", "config:GetResourceEvaluationSummary", "config:GetStoredQuery", "config:ListAggregateDiscoveredResources", "config:ListConformancePackComplianceScores", "config:ListDiscoveredResources", "config:ListResourceEvaluations", "config:ListStoredQueries", "config:ListTagsForResource", "config:PutAggregationAuthorization", "config:PutConfigRule", "config:PutConfigurationAggregator", "config:PutConfigurationRecorder", "config:PutConformancePack", "config:PutDeliveryChannel", "config:PutEvaluations", "config:PutExternalEvaluation", "config:PutOrganizationConfigRule", "config:PutOrganizationConformancePack", "config:PutRemediationConfigurations", "config:PutRemediationExceptions", "config:PutResourceConfig", "config:PutRetentionConfiguration", "config:PutStoredQuery", "config:SelectAggregateResourceConfig", "config:SelectResourceConfig", "connect:DescribeEvaluationForm", "connect:DescribeInstance", "connect:DescribeInstanceStorageConfig", "connect:DescribePhoneNumber", "connect:DescribePrompt", "connect:DescribeQuickConnect", "connect:DescribeRule", "connect:DescribeUser", "connect:GetTaskTemplate", "connect:ListApprovedOrigins", "connect:ListEvaluationForms", "connect:ListInstanceAttributes", "connect:ListInstances", "connect:ListInstanceStorageConfigs", "connect:ListIntegrationAssociations", "connect:ListPhoneNumbers", "connect:ListPhoneNumbersV2", "connect:ListPrompts", "connect:ListQuickConnects", "connect:ListRules", "connect:ListSecurityKeys", "connect:ListTagsForResource", "connect:ListTaskTemplates", "connect:ListUsers", "connect:SearchAvailablePhoneNumbers", "databrew:DescribeDataset", "databrew:DescribeJob", "databrew:DescribeProject", "databrew:DescribeRecipe", "databrew:DescribeRuleset", "databrew:DescribeSchedule", "databrew:ListDatasets", "databrew:ListJobs", "databrew:ListProjects", "databrew:ListRecipes", "databrew:ListRecipeVersions", "databrew:ListRulesets", "databrew:ListSchedules", "datasync:DescribeAgent", "datasync:DescribeLocationEfs", "datasync:DescribeLocationFsxLustre", "datasync:DescribeLocationFsxWindows", "datasync:DescribeLocationHdfs", "datasync:DescribeLocationNfs", "datasync:DescribeLocationObjectStorage", "datasync:DescribeLocationS3", "datasync:DescribeLocationSmb", "datasync:DescribeTask", "datasync:ListAgents", "datasync:ListLocations", "datasync:ListTagsForResource", "datasync:ListTasks", "dax:DescribeClusters", "dax:DescribeParameterGroups", "dax:DescribeParameters", "dax:DescribeSubnetGroups", "dax:ListTags", "detective:ListGraphs", "detective:ListTagsForResource", "devicefarm:GetInstanceProfile", "devicefarm:GetNetworkProfile", "devicefarm:GetProject", "devicefarm:GetTestGridProject", "devicefarm:ListInstanceProfiles", "devicefarm:ListNetworkProfiles", "devicefarm:ListProjects", "devicefarm:ListTagsForResource", "devicefarm:ListTestGridProjects", "devops-guru:GetResourceCollection", "dms:DescribeCertificates", "dms:DescribeEndpoints", "dms:DescribeEventSubscriptions", "dms:DescribeReplicationInstances", "dms:DescribeReplicationSubnetGroups", "dms:DescribeReplicationTaskAssessmentRuns", "dms:DescribeReplicationTasks", "dms:ListTagsForResource", "ds:DescribeDirectories", "ds:DescribeDomainControllers", "ds:DescribeEventTopics", "ds:ListLogSubscriptions", "ds:ListTagsForResource", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeGlobalTable", "dynamodb:DescribeGlobalTableSettings", "dynamodb:DescribeLimits", "dynamodb:DescribeTable", "dynamodb:DescribeTableReplicaAutoScaling", "dynamodb:DescribeTimeToLive", "dynamodb:ListTables", "dynamodb:ListTagsOfResource", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeDhcpOptions", "ec2:DescribeFleets", "ec2:DescribeNetworkAcls", "ec2:DescribePlacementGroups", "ec2:DescribeRouteTables", "ec2:DescribeSpotFleetRequests", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumes", "ec2:GetEbsEncryptionByDefault", "ec2:GetInstanceTypesFromInstanceRequirements", "ec2:GetIpamPoolAllocations", "ec2:GetIpamPoolCidrs", "ec2:GetManagedPrefixListEntries", "ec2:GetNetworkInsightsAccessScopeAnalysisFindings", "ec2:GetNetworkInsightsAccessScopeContent", "ecr-public:DescribeRepositories", "ecr-public:GetRepositoryCatalogData", "ecr-public:GetRepositoryPolicy", "ecr-public:ListTagsForResource", "ecr:BatchGetRepositoryScanningConfiguration", "ecr:DescribePullThroughCacheRules", "ecr:DescribeRegistry", "ecr:DescribeRepositories", "ecr:GetLifecyclePolicy", "ecr:GetRegistryPolicy", "ecr:GetRepositoryPolicy", "ecr:ListTagsForResource", "ecs:DescribeCapacityProviders", "ecs:DescribeClusters", "ecs:DescribeServices", "ecs:DescribeTaskDefinition", "ecs:DescribeTaskSets", "ecs:ListClusters", "ecs:ListServices", "ecs:ListTagsForResource", "ecs:ListTaskDefinitionFamilies", "ecs:ListTaskDefinitions", "eks:DescribeAddon", "eks:DescribeCluster", "eks:DescribeFargateProfile", "eks:DescribeIdentityProviderConfig", "eks:DescribeNodegroup", "eks:ListAddons", "eks:ListClusters", "eks:ListFargateProfiles", "eks:ListIdentityProviderConfigs", "eks:ListNodegroups", "eks:ListTagsForResource", "elasticache:DescribeCacheClusters", "elasticache:DescribeCacheParameterGroups", "elasticache:DescribeCacheParameters", "elasticache:DescribeCacheSecurityGroups", "elasticache:DescribeCacheSubnetGroups", "elasticache:DescribeGlobalReplicationGroups", "elasticache:DescribeReplicationGroups", "elasticache:DescribeSnapshots", "elasticache:DescribeUserGroups", "elasticache:DescribeUsers", "elasticache:ListTagsForResource", "elasticbeanstalk:DescribeConfigurationSettings", "elasticbeanstalk:DescribeEnvironments", "elasticfilesystem:DescribeAccessPoints", "elasticfilesystem:DescribeBackupPolicy", "elasticfilesystem:DescribeFileSystemPolicy", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeLifecycleConfiguration", "elasticfilesystem:DescribeMountTargets", "elasticfilesystem:DescribeMountTargetSecurityGroups", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticmapreduce:DescribeCluster", "elasticmapreduce:DescribeSecurityConfiguration", "elasticmapreduce:DescribeStep", "elasticmapreduce:DescribeStudio", "elasticmapreduce:GetBlockPublicAccessConfiguration", "elasticmapreduce:GetManagedScalingPolicy", "elasticmapreduce:GetStudioSessionMapping", "elasticmapreduce:ListClusters", "elasticmapreduce:ListInstanceFleets", "elasticmapreduce:ListInstanceGroups", "elasticmapreduce:ListInstances", "elasticmapreduce:ListSecurityConfigurations", "elasticmapreduce:ListSteps", "elasticmapreduce:ListStudios", "elasticmapreduce:ListStudioSessionMappings", "emr-containers:DescribeVirtualCluster", "emr-containers:ListVirtualClusters", "emr-serverless:GetApplication", "emr-serverless:ListApplications", "es:DescribeDomain", "es:DescribeDomains", "es:DescribeElasticsearchDomain", "es:DescribeElasticsearchDomains", "es:GetCompatibleElasticsearchVersions", "es:GetCompatibleVersions", "es:ListDomainNames", "es:ListTags", "events:DescribeApiDestination", "events:DescribeArchive", "events:DescribeConnection", "events:DescribeEndpoint", "events:DescribeEventBus", "events:DescribeRule", "events:ListApiDestinations", "events:ListArchives", "events:ListConnections", "events:ListEndpoints", "events:ListEventBuses", "events:ListRules", "events:ListTagsForResource", "events:ListTargetsByRule", "evidently:GetLaunch", "evidently:GetProject", "evidently:GetSegment", "evidently:ListLaunches", "evidently:ListProjects", "evidently:ListSegments", "evidently:ListTagsForResource", "finspace:GetEnvironment", "finspace:ListEnvironments", "firehose:DescribeDeliveryStream", "firehose:ListDeliveryStreams", "firehose:ListTagsForDeliveryStream", "fis:GetExperimentTemplate", "fis:ListExperimentTemplates", "fms:GetNotificationChannel", "fms:GetPolicy", "fms:ListPolicies", "fms:ListTagsForResource", "forecast:DescribeDataset", "forecast:DescribeDatasetGroup", "forecast:ListDatasetGroups", "forecast:ListDatasets", "forecast:ListTagsForResource", "frauddetector:GetDetectors", "frauddetector:GetDetectorVersion", "frauddetector:GetEntityTypes", "frauddetector:GetEventTypes", "frauddetector:GetExternalModels", "frauddetector:GetLabels", "frauddetector:GetModels", "frauddetector:GetOutcomes", "frauddetector:GetRules", "frauddetector:GetVariables", "frauddetector:ListTagsForResource", "fsx:DescribeBackups", "fsx:DescribeDataRepositoryAssociations", "fsx:DescribeFileSystems", "fsx:DescribeSnapshots", "fsx:DescribeStorageVirtualMachines", "fsx:DescribeVolumes", "fsx:ListTagsForResource", "gamelift:DescribeAlias", "gamelift:DescribeBuild", "gamelift:DescribeFleetAttributes", "gamelift:DescribeFleetCapacity", "gamelift:DescribeFleetLocationAttributes", "gamelift:DescribeFleetLocationCapacity", "gamelift:DescribeFleetPortSettings", "gamelift:DescribeGameServerGroup", "gamelift:DescribeGameSessionQueues", "gamelift:DescribeMatchmakingConfigurations", "gamelift:DescribeMatchmakingRuleSets", "gamelift:DescribeRuntimeConfiguration", "gamelift:DescribeScript", "gamelift:DescribeVpcPeeringAuthorizations", "gamelift:DescribeVpcPeeringConnections", "gamelift:ListAliases", "gamelift:ListBuilds", "gamelift:ListFleets", "gamelift:ListGameServerGroups", "gamelift:ListScripts", "gamelift:ListTagsForResource", "geo:DescribeGeofenceCollection", "geo:DescribeMap", "geo:DescribePlaceIndex", "geo:DescribeRouteCalculator", "geo:DescribeTracker", "geo:ListGeofenceCollections", "geo:ListMaps", "geo:ListPlaceIndexes", "geo:ListRouteCalculators", "geo:ListTrackerConsumers", "geo:ListTrackers", "globalaccelerator:DescribeAccelerator", "globalaccelerator:DescribeEndpointGroup", "globalaccelerator:DescribeListener", "globalaccelerator:ListAccelerators", "globalaccelerator:ListEndpointGroups", "globalaccelerator:ListListeners", "globalaccelerator:ListTagsForResource", "glue:BatchGetDevEndpoints", "glue:BatchGetJobs", "glue:BatchGetWorkflows", "glue:GetClassifier", "glue:GetClassifiers", "glue:GetCrawler", "glue:GetCrawlers", "glue:GetDatabase", "glue:GetDatabases", "glue:GetDevEndpoint", "glue:GetDevEndpoints", "glue:GetJob", "glue:GetJobs", "glue:GetMLTransform", "glue:GetMLTransforms", "glue:GetPartition", "glue:GetPartitions", "glue:GetSecurityConfiguration", "glue:GetSecurityConfigurations", "glue:GetTable", "glue:GetTags", "glue:GetWorkflow", "glue:ListCrawlers", "glue:ListDevEndpoints", "glue:ListJobs", "glue:ListMLTransforms", "glue:ListWorkflows", "grafana:DescribeWorkspace", "grafana:DescribeWorkspaceAuthentication", "grafana:DescribeWorkspaceConfiguration", "grafana:ListWorkspaces", "greengrass:DescribeComponent", "greengrass:GetComponent", "greengrass:ListComponents", "greengrass:ListComponentVersions", "groundstation:GetConfig", "groundstation:GetDataflowEndpointGroup", "groundstation:GetMissionProfile", "groundstation:ListConfigs", "groundstation:ListDataflowEndpointGroups", "groundstation:ListMissionProfiles", "groundstation:ListTagsForResource", "guardduty:DescribePublishingDestination", "guardduty:GetAdministratorAccount", "guardduty:GetDetector", "guardduty:GetFilter", "guardduty:GetFindings", "guardduty:GetIPSet", "guardduty:GetMasterAccount", "guardduty:GetMemberDetectors", "guardduty:GetMembers", "guardduty:GetThreatIntelSet", "guardduty:ListDetectors", "guardduty:ListFilters", "guardduty:ListFindings", "guardduty:ListIPSets", "guardduty:ListMembers", "guardduty:ListOrganizationAdminAccounts", "guardduty:ListPublishingDestinations", "guardduty:ListTagsForResource", "guardduty:ListThreatIntelSets", "healthlake:DescribeFHIRDatastore", "healthlake:ListFHIRDatastores", "healthlake:ListTagsForResource", "iam:GenerateCredentialReport", "iam:GetAccountAuthorizationDetails", "iam:GetAccountPasswordPolicy", "iam:GetAccountSummary", "iam:GetCredentialReport", "iam:GetGroup", "iam:GetGroupPolicy", "iam:GetInstanceProfile", "iam:GetOpenIDConnectProvider", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:GetRole", "iam:GetRolePolicy", "iam:GetSAMLProvider", "iam:GetServerCertificate", "iam:GetUser", "iam:GetUserPolicy", "iam:ListAccessKeys", "iam:ListAttachedGroupPolicies", "iam:ListAttachedRolePolicies", "iam:ListAttachedUserPolicies", "iam:ListEntitiesForPolicy", "iam:ListGroupPolicies", "iam:ListGroups", "iam:ListGroupsForUser", "iam:ListInstanceProfiles", "iam:ListInstanceProfilesForRole", "iam:ListInstanceProfileTags", "iam:ListMFADevices", "iam:ListMFADeviceTags", "iam:ListOpenIDConnectProviders", "iam:ListPolicyVersions", "iam:ListRolePolicies", "iam:ListRoles", "iam:ListSAMLProviders", "iam:ListServerCertificates", "iam:ListUserPolicies", "iam:ListUsers", "iam:ListVirtualMFADevices", "imagebuilder:GetComponent", "imagebuilder:GetContainerRecipe", "imagebuilder:GetDistributionConfiguration", "imagebuilder:GetImage", "imagebuilder:GetImagePipeline", "imagebuilder:GetImageRecipe", "imagebuilder:GetInfrastructureConfiguration", "imagebuilder:ListComponentBuildVersions", "imagebuilder:ListComponents", "imagebuilder:ListContainerRecipes", "imagebuilder:ListDistributionConfigurations", "imagebuilder:ListImageBuildVersions", "imagebuilder:ListImagePipelines", "imagebuilder:ListImageRecipes", "imagebuilder:ListImages", "imagebuilder:ListInfrastructureConfigurations", "inspector2:BatchGetAccountStatus", "inspector2:GetDelegatedAdminAccount", "inspector2:ListFilters", "inspector2:ListMembers", "iot:DescribeAccountAuditConfiguration", "iot:DescribeAuthorizer", "iot:DescribeCACertificate", "iot:DescribeCertificate", "iot:DescribeCustomMetric", "iot:DescribeDimension", "iot:DescribeDomainConfiguration", "iot:DescribeFleetMetric", "iot:DescribeJobTemplate", "iot:DescribeMitigationAction", "iot:DescribeProvisioningTemplate", "iot:DescribeRoleAlias", "iot:DescribeScheduledAudit", "iot:DescribeSecurityProfile", "iot:GetPolicy", "iot:GetTopicRule", "iot:GetTopicRuleDestination", "iot:ListAuthorizers", "iot:ListCACertificates", "iot:ListCertificates", "iot:ListCustomMetrics", "iot:ListDimensions", "iot:ListDomainConfigurations", "iot:ListFleetMetrics", "iot:ListJobTemplates", "iot:ListMitigationActions", "iot:ListPolicies", "iot:ListProvisioningTemplates", "iot:ListRoleAliases", "iot:ListScheduledAudits", "iot:ListSecurityProfiles", "iot:ListSecurityProfilesForTarget", "iot:ListTagsForResource", "iot:ListTargetsForSecurityProfile", "iot:ListTopicRuleDestinations", "iot:ListTopicRules", "iot:ListV2LoggingLevels", "iot:ValidateSecurityProfileBehaviors", "iotanalytics:DescribeChannel", "iotanalytics:DescribeDataset", "iotanalytics:DescribeDatastore", "iotanalytics:DescribePipeline", "iotanalytics:ListChannels", "iotanalytics:ListDatasets", "iotanalytics:ListDatastores", "iotanalytics:ListPipelines", "iotanalytics:ListTagsForResource", "iotevents:DescribeAlarmModel", "iotevents:DescribeDetectorModel", "iotevents:DescribeInput", "iotevents:ListAlarmModels", "iotevents:ListDetectorModels", "iotevents:ListInputs", "iotevents:ListTagsForResource", "iotsitewise:DescribeAccessPolicy", "iotsitewise:DescribeAsset", "iotsitewise:DescribeAssetModel", "iotsitewise:DescribeDashboard", "iotsitewise:DescribeGateway", "iotsitewise:DescribePortal", "iotsitewise:DescribeProject", "iotsitewise:ListAccessPolicies", "iotsitewise:ListAssetModels", "iotsitewise:ListAssets", "iotsitewise:ListDashboards", "iotsitewise:ListGateways", "iotsitewise:ListPortals", "iotsitewise:ListProjectAssets", "iotsitewise:ListProjects", "iotsitewise:ListTagsForResource", "iottwinmaker:GetComponentType", "iottwinmaker:GetEntity", "iottwinmaker:GetScene", "iottwinmaker:GetSyncJob", "iottwinmaker:GetWorkspace", "iottwinmaker:ListComponentTypes", "iottwinmaker:ListEntities", "iottwinmaker:ListScenes", "iottwinmaker:ListSyncJobs", "iottwinmaker:ListTagsForResource", "iottwinmaker:ListWorkspaces", "iotwireless:GetFuotaTask", "iotwireless:GetMulticastGroup", "iotwireless:GetServiceProfile", "iotwireless:GetWirelessDevice", "iotwireless:GetWirelessGatewayTaskDefinition", "iotwireless:ListFuotaTasks", "iotwireless:ListMulticastGroups", "iotwireless:ListServiceProfiles", "iotwireless:ListTagsForResource", "iotwireless:ListWirelessDevices", "iotwireless:ListWirelessGatewayTaskDefinitions", "ivs:GetChannel", "ivs:GetPlaybackKeyPair", "ivs:GetRecordingConfiguration", "ivs:GetStreamKey", "ivs:ListChannels", "ivs:ListPlaybackKeyPairs", "ivs:ListRecordingConfigurations", "ivs:ListStreamKeys", "ivs:ListTagsForResource", "kafka:DescribeCluster", "kafka:DescribeClusterV2", "kafka:DescribeConfiguration", "kafka:DescribeConfigurationRevision", "kafka:DescribeVpcConnection", "kafka:GetClusterPolicy", "kafka:ListClusters", "kafka:ListClustersV2", "kafka:ListConfigurations", "kafka:ListScramSecrets", "kafka:ListTagsForResource", "kafka:ListVpcConnections", "kafkaconnect:DescribeConnector", "kafkaconnect:ListConnectors", "kendra:DescribeIndex", "kendra:ListIndices", "kendra:ListTagsForResource", "kinesis:DescribeStreamConsumer", "kinesis:DescribeStreamSummary", "kinesis:ListStreamConsumers", "kinesis:ListStreams", "kinesis:ListTagsForStream", "kinesisanalytics:DescribeApplication", "kinesisanalytics:ListApplications", "kinesisanalytics:ListTagsForResource", "kinesisvideo:DescribeSignalingChannel", "kinesisvideo:DescribeStream", "kinesisvideo:ListSignalingChannels", "kinesisvideo:ListStreams", "kinesisvideo:ListTagsForResource", "kinesisvideo:ListTagsForStream", "kms:DescribeKey", "kms:GetKeyPolicy", "kms:GetKeyRotationStatus", "kms:ListAliases", "kms:ListKeys", "kms:ListResourceTags", "lakeformation:DescribeResource", "lakeformation:GetDataLakeSettings", "lakeformation:ListPermissions", "lakeformation:ListResources", "lambda:GetAlias", "lambda:GetCodeSigningConfig", "lambda:GetFunction", "lambda:GetFunctionCodeSigningConfig", "lambda:GetLayerVersion", "lambda:GetPolicy", "lambda:ListAliases", "lambda:ListCodeSigningConfigs", "lambda:ListFunctions", "lambda:ListLayers", "lambda:ListLayerVersions", "lambda:ListTags", "lambda:ListVersionsByFunction", "lex:DescribeBot", "lex:DescribeBotAlias", "lex:DescribeBotVersion", "lex:DescribeResourcePolicy", "lex:ListBotAliases", "lex:ListBotLocales", "lex:ListBots", "lex:ListBotVersions", "lex:ListTagsForResource", "license-manager:GetGrant", "license-manager:GetLicense", "license-manager:ListDistributedGrants", "license-manager:ListLicenses", "license-manager:ListReceivedGrants", "lightsail:GetAlarms", "lightsail:GetBuckets", "lightsail:GetCertificates", "lightsail:GetContainerServices", "lightsail:GetDisk", "lightsail:GetDisks", "lightsail:GetDistributions", "lightsail:GetInstance", "lightsail:GetInstances", "lightsail:GetKeyPair", "lightsail:GetLoadBalancer", "lightsail:GetLoadBalancers", "lightsail:GetLoadBalancerTlsCertificates", "lightsail:GetRelationalDatabase", "lightsail:GetRelationalDatabaseParameters", "lightsail:GetRelationalDatabases", "lightsail:GetStaticIp", "lightsail:GetStaticIps", "logs:DescribeDestinations", "logs:DescribeLogGroups", "logs:DescribeMetricFilters", "logs:GetDataProtectionPolicy", "logs:GetLogDelivery", "logs:ListLogDeliveries", "logs:ListTagsLogGroup", "lookoutequipment:DescribeInferenceScheduler", "lookoutequipment:ListTagsForResource", "lookoutmetrics:DescribeAlert", "lookoutmetrics:DescribeAnomalyDetector", "lookoutmetrics:ListAlerts", "lookoutmetrics:ListAnomalyDetectors", "lookoutmetrics:ListMetricSets", "lookoutmetrics:ListTagsForResource", "lookoutvision:DescribeProject", "lookoutvision:ListProjects", "m2:GetEnvironment", "m2:ListEnvironments", "m2:ListTagsForResource", "macie2:DescribeOrganizationConfiguration", "macie2:GetAutomatedDiscoveryConfiguration", "macie2:GetClassificationExportConfiguration", "macie2:GetCustomDataIdentifier", "macie2:GetFindingsPublicationConfiguration", "macie2:GetMacieSession", "macie2:ListCustomDataIdentifiers", "macie2:ListTagsForResource", "managedblockchain:GetMember", "managedblockchain:GetNetwork", "managedblockchain:GetNode", "managedblockchain:ListInvitations", "managedblockchain:ListMembers", "managedblockchain:ListNodes", "mediaconnect:DescribeFlow", "mediaconnect:ListFlows", "mediaconnect:ListTagsForResource", "mediapackage-vod:DescribePackagingConfiguration", "mediapackage-vod:DescribePackagingGroup", "mediapackage-vod:ListPackagingConfigurations", "mediapackage-vod:ListPackagingGroups", "mediapackage-vod:ListTagsForResource", "mediatailor:GetPlaybackConfiguration", "mediatailor:ListPlaybackConfigurations", "memorydb:DescribeAcls", "memorydb:DescribeClusters", "memorydb:DescribeParameterGroups", "memorydb:DescribeParameters", "memorydb:DescribeSubnetGroups", "memorydb:DescribeUsers", "memorydb:ListTags", "mobiletargeting:GetApp", "mobiletargeting:GetApplicationSettings", "mobiletargeting:GetApps", "mobiletargeting:GetCampaign", "mobiletargeting:GetCampaigns", "mobiletargeting:GetEmailChannel", "mobiletargeting:GetEmailTemplate", "mobiletargeting:GetEventStream", "mobiletargeting:GetInAppTemplate", "mobiletargeting:GetSegment", "mobiletargeting:GetSegments", "mobiletargeting:ListTagsForResource", "mobiletargeting:ListTemplates", "mq:DescribeBroker", "mq:ListBrokers", "network-firewall:DescribeLoggingConfiguration", "network-firewall:ListFirewalls", "networkmanager:DescribeGlobalNetworks", "networkmanager:GetConnectPeer", "networkmanager:GetCustomerGatewayAssociations", "networkmanager:GetDevices", "networkmanager:GetLinkAssociations", "networkmanager:GetLinks", "networkmanager:GetSites", "networkmanager:GetTransitGatewayRegistrations", "networkmanager:ListConnectPeers", "networkmanager:ListTagsForResource", "nimble:GetLaunchProfile", "nimble:GetLaunchProfileDetails", "nimble:GetStreamingImage", "nimble:GetStudio", "nimble:GetStudioComponent", "nimble:ListLaunchProfiles", "nimble:ListStreamingImages", "nimble:ListStudioComponents", "nimble:ListStudios", "opsworks:DescribeInstances", "opsworks:DescribeLayers", "opsworks:DescribeTimeBasedAutoScaling", "opsworks:DescribeVolumes", "opsworks:ListTags", "organizations:DescribeAccount", "organizations:DescribeEffectivePolicy", "organizations:DescribeOrganization", "organizations:DescribeOrganizationalUnit", "organizations:DescribePolicy", "organizations:DescribeResourcePolicy", "organizations:ListAccounts", "organizations:ListAccountsForParent", "organizations:ListDelegatedAdministrators", "organizations:ListOrganizationalUnitsForParent", "organizations:ListParents", "organizations:ListPolicies", "organizations:ListPoliciesForTarget", "organizations:ListRoots", "organizations:ListTagsForResource", "organizations:ListTargetsForPolicy", "panorama:DescribeApplicationInstance", "panorama:DescribeApplicationInstanceDetails", "panorama:DescribePackage", "panorama:DescribePackageVersion", "panorama:ListApplicationInstances", "panorama:ListNodes", "panorama:ListPackages", "personalize:DescribeDataset", "personalize:DescribeDatasetGroup", "personalize:DescribeSchema", "personalize:DescribeSolution", "personalize:ListDatasetGroups", "personalize:ListDatasetImportJobs", "personalize:ListDatasets", "personalize:ListSchemas", "personalize:ListSolutions", "personalize:ListTagsForResource", "profile:GetDomain", "profile:GetIntegration", "profile:GetProfileObjectType", "profile:ListDomains", "profile:ListIntegrations", "profile:ListProfileObjectTypes", "profile:ListTagsForResource", "quicksight:DescribeAccountSubscription", "quicksight:DescribeAnalysis", "quicksight:DescribeAnalysisPermissions", "quicksight:DescribeDashboard", "quicksight:DescribeDashboardPermissions", "quicksight:DescribeDataSet", "quicksight:DescribeDataSetPermissions", "quicksight:DescribeDataSetRefreshProperties", "quicksight:DescribeDataSource", "quicksight:DescribeDataSourcePermissions", "quicksight:DescribeTemplate", "quicksight:DescribeTemplatePermissions", "quicksight:DescribeTheme", "quicksight:DescribeThemePermissions", "quicksight:ListAnalyses", "quicksight:ListDashboards", "quicksight:ListDataSets", "quicksight:ListDataSources", "quicksight:ListTagsForResource", "quicksight:ListTemplates", "quicksight:ListThemes", "ram:GetPermission", "ram:GetResourceShareAssociations", "ram:GetResourceShares", "ram:ListPermissionAssociations", "ram:ListPermissions", "ram:ListPermissionVersions", "ram:ListResources", "ram:ListResourceSharePermissions", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstances", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBProxies", "rds:DescribeDBProxyEndpoints", "rds:DescribeDBSecurityGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEventSubscriptions", "rds:DescribeGlobalClusters", "rds:DescribeOptionGroups", "rds:ListTagsForResource", "redshift-serverless:GetNamespace", "redshift-serverless:GetWorkgroup", "redshift-serverless:ListNamespaces", "redshift-serverless:ListTagsForResource", "redshift-serverless:ListWorkgroups", "redshift:DescribeClusterParameterGroups", "redshift:DescribeClusterParameters", "redshift:DescribeClusters", "redshift:DescribeClusterSecurityGroups", "redshift:DescribeClusterSnapshots", "redshift:DescribeClusterSubnetGroups", "redshift:DescribeEndpointAccess", "redshift:DescribeEndpointAuthorization", "redshift:DescribeEventSubscriptions", "redshift:DescribeLoggingStatus", "redshift:DescribeScheduledActions", "refactor-spaces:GetEnvironment", "refactor-spaces:GetService", "refactor-spaces:ListApplications", "refactor-spaces:ListEnvironments", "refactor-spaces:ListServices", "rekognition:DescribeStreamProcessor", "rekognition:ListStreamProcessors", "rekognition:ListTagsForResource", "resiliencehub:DescribeApp", "resiliencehub:DescribeAppVersionTemplate", "resiliencehub:DescribeResiliencyPolicy", "resiliencehub:ListApps", "resiliencehub:ListAppVersionResourceMappings", "resiliencehub:ListResiliencyPolicies", "resiliencehub:ListTagsForResource", "resource-explorer-2:GetIndex", "resource-explorer-2:ListIndexes", "resource-explorer-2:ListTagsForResource", "resource-groups:GetGroup", "resource-groups:GetGroupConfiguration", "resource-groups:GetGroupQuery", "resource-groups:GetTags", "resource-groups:ListGroupResources", "resource-groups:ListGroups", "robomaker:DescribeRobotApplication", "robomaker:DescribeSimulationApplication", "robomaker:ListRobotApplications", "robomaker:ListSimulationApplications", "route53-recovery-control-config:DescribeCluster", "route53-recovery-control-config:DescribeControlPanel", "route53-recovery-control-config:DescribeRoutingControl", "route53-recovery-control-config:DescribeSafetyRule", "route53-recovery-control-config:ListClusters", "route53-recovery-control-config:ListControlPanels", "route53-recovery-control-config:ListRoutingControls", "route53-recovery-control-config:ListSafetyRules", "route53-recovery-control-config:ListTagsForResource", "route53-recovery-readiness:GetCell", "route53-recovery-readiness:GetReadinessCheck", "route53-recovery-readiness:GetRecoveryGroup", "route53-recovery-readiness:GetResourceSet", "route53-recovery-readiness:ListCells", "route53-recovery-readiness:ListReadinessChecks", "route53-recovery-readiness:ListRecoveryGroups", "route53-recovery-readiness:ListResourceSets", "route53:GetChange", "route53:GetDNSSEC", "route53:GetHealthCheck", "route53:GetHostedZone", "route53:ListCidrBlocks", "route53:ListCidrCollections", "route53:ListCidrLocations", "route53:ListHealthChecks", "route53:ListHostedZones", "route53:ListHostedZonesByName", "route53:ListQueryLoggingConfigs", "route53:ListResourceRecordSets", "route53:ListTagsForResource", "route53resolver:GetFirewallDomainList", "route53resolver:GetFirewallRuleGroup", "route53resolver:GetFirewallRuleGroupAssociation", "route53resolver:GetResolverDnssecConfig", "route53resolver:GetResolverEndpoint", "route53resolver:GetResolverQueryLogConfig", "route53resolver:GetResolverQueryLogConfigAssociation", "route53resolver:GetResolverRule", "route53resolver:GetResolverRuleAssociation", "route53resolver:ListFirewallDomainLists", "route53resolver:ListFirewallDomains", "route53resolver:ListFirewallRuleGroupAssociations", "route53resolver:ListFirewallRuleGroups", "route53resolver:ListFirewallRules", "route53resolver:ListResolverDnssecConfigs", "route53resolver:ListResolverEndpointIpAddresses", "route53resolver:ListResolverEndpoints", "route53resolver:ListResolverQueryLogConfigAssociations", "route53resolver:ListResolverQueryLogConfigs", "route53resolver:ListResolverRuleAssociations", "route53resolver:ListResolverRules", "route53resolver:ListTagsForResource", "rum:GetAppMonitor", "rum:GetAppMonitorData", "rum:ListAppMonitors", "rum:ListTagsForResource", "s3-outposts:GetAccessPoint", "s3-outposts:GetAccessPointPolicy", "s3-outposts:GetBucket", "s3-outposts:GetBucketPolicy", "s3-outposts:GetBucketTagging", "s3-outposts:GetLifecycleConfiguration", "s3-outposts:ListAccessPoints", "s3-outposts:ListEndpoints", "s3-outposts:ListRegionalBuckets", "s3:GetAccelerateConfiguration", "s3:GetAccessPoint", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetEncryptionConfiguration", "s3:GetLifecycleConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListMultiRegionAccessPoints", "s3:ListStorageLensConfigurations", "s3express:GetBucketPolicy", "s3express:ListAllMyDirectoryBuckets", "sagemaker:DescribeAppImageConfig", "sagemaker:DescribeCodeRepository", "sagemaker:DescribeDataQualityJobDefinition", "sagemaker:DescribeDeviceFleet", "sagemaker:DescribeDomain", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeFeatureGroup", "sagemaker:DescribeImage", "sagemaker:DescribeImageVersion", "sagemaker:DescribeInferenceExperiment", "sagemaker:DescribeModel", "sagemaker:DescribeModelBiasJobDefinition", "sagemaker:DescribeModelExplainabilityJobDefinition", "sagemaker:DescribeModelQualityJobDefinition", "sagemaker:DescribeMonitoringSchedule", "sagemaker:DescribeNotebookInstance", "sagemaker:DescribeNotebookInstanceLifecycleConfig", "sagemaker:DescribePipeline", "sagemaker:DescribeProject", "sagemaker:DescribeWorkteam", "sagemaker:ListAppImageConfigs", "sagemaker:ListCodeRepositories", "sagemaker:ListDataQualityJobDefinitions", "sagemaker:ListDeviceFleets", "sagemaker:ListDomains", "sagemaker:ListEndpointConfigs", "sagemaker:ListEndpoints", "sagemaker:ListFeatureGroups", "sagemaker:ListImages", "sagemaker:ListImageVersions", "sagemaker:ListInferenceExperiments", "sagemaker:ListModelBiasJobDefinitions", "sagemaker:ListModelExplainabilityJobDefinitions", "sagemaker:ListModelQualityJobDefinitions", "sagemaker:ListModels", "sagemaker:ListMonitoringSchedules", "sagemaker:ListNotebookInstanceLifecycleConfigs", "sagemaker:ListNotebookInstances", "sagemaker:ListPipelines", "sagemaker:ListProjects", "sagemaker:ListTags", "sagemaker:ListWorkteams", "schemas:DescribeDiscoverer", "schemas:DescribeRegistry", "schemas:DescribeSchema", "schemas:GetResourcePolicy", "schemas:ListDiscoverers", "schemas:ListRegistries", "schemas:ListSchemas", "sdb:GetAttributes", "sdb:ListDomains", "secretsmanager:ListSecrets", "secretsmanager:ListSecretVersionIds", "securityhub:DescribeHub", "servicecatalog:DescribePortfolioShares", "servicediscovery:GetInstance", "servicediscovery:GetNamespace", "servicediscovery:GetService", "servicediscovery:ListInstances", "servicediscovery:ListNamespaces", "servicediscovery:ListServices", "servicediscovery:ListTagsForResource", "ses:DescribeReceiptRule", "ses:DescribeReceiptRuleSet", "ses:GetConfigurationSet", "ses:GetConfigurationSetEventDestinations", "ses:GetContactList", "ses:GetEmailTemplate", "ses:GetTemplate", "ses:ListConfigurationSets", "ses:ListContactLists", "ses:ListEmailTemplates", "ses:ListReceiptFilters", "ses:ListReceiptRuleSets", "ses:ListTemplates", "shield:DescribeDRTAccess", "shield:DescribeProtection", "shield:DescribeSubscription", "signer:GetSigningProfile", "signer:ListProfilePermissions", "signer:ListSigningProfiles", "sns:GetDataProtectionPolicy", "sns:GetSMSSandboxAccountStatus", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "sqs:GetQueueAttributes", "sqs:ListQueues", "sqs:ListQueueTags", "ssm:DescribeAutomationExecutions", "ssm:DescribeDocument", "ssm:DescribeDocumentPermission", "ssm:DescribeParameters", "ssm:GetAutomationExecution", "ssm:GetDocument", "ssm:ListDocuments", "ssm:ListTagsForResource", "sso:DescribeInstanceAccessControlAttributeConfiguration", "sso:DescribePermissionSet", "sso:GetInlinePolicyForPermissionSet", "sso:ListManagedPoliciesInPermissionSet", "sso:ListPermissionSets", "sso:ListTagsForResource", "states:DescribeActivity", "states:DescribeStateMachine", "states:ListActivities", "states:ListStateMachines", "states:ListTagsForResource", "storagegateway:ListGateways", "storagegateway:ListTagsForResource", "storagegateway:ListVolumes", "sts:GetCallerIdentity", "support:DescribeCases", "synthetics:DescribeCanaries", "synthetics:DescribeCanariesLastRun", "synthetics:DescribeRuntimeVersions", "synthetics:GetCanary", "synthetics:GetCanaryRuns", "synthetics:GetGroup", "synthetics:ListAssociatedGroups", "synthetics:ListGroupResources", "synthetics:ListGroups", "synthetics:ListTagsForResource", "tag:GetResources", "timestream:DescribeDatabase", "timestream:DescribeEndpoints", "timestream:DescribeTable", "timestream:ListDatabases", "timestream:ListTables", "timestream:ListTagsForResource", "transfer:DescribeAgreement", "transfer:DescribeCertificate", "transfer:DescribeConnector", "transfer:DescribeProfile", "transfer:DescribeServer", "transfer:DescribeUser", "transfer:DescribeWorkflow", "transfer:ListAgreements", "transfer:ListCertificates", "transfer:ListConnectors", "transfer:ListProfiles", "transfer:ListServers", "transfer:ListTagsForResource", "transfer:ListUsers", "transfer:ListWorkflows", "voiceid:DescribeDomain", "voiceid:ListTagsForResource", "waf-regional:GetLoggingConfiguration", "waf-regional:GetWebACL", "waf-regional:GetWebACLForResource", "waf-regional:ListLoggingConfigurations", "waf:GetLoggingConfiguration", "waf:GetWebACL", "wafv2:GetLoggingConfiguration", "wafv2:GetRuleGroup", "wafv2:ListRuleGroups", "wafv2:ListTagsForResource", "workspaces:DescribeConnectionAliases", "workspaces:DescribeTags", "workspaces:DescribeWorkspaces", "logs:CreateLogStream", "logs:CreateLogGroup", "logs:PutLogEvents", "apigateway:GET" ], "malformed": false, "name": "AWSConfigServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-22T17:20:56+00:00", "version": "v50" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonKinesisAnalyticsReadOnly", "createdate": "2016-09-21T18:16:43Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "kinesisanalytics:DescribeApplication", "kinesisanalytics:DescribeApplicationSnapshot", "kinesisanalytics:DescribeApplicationVersion", "kinesisanalytics:GetApplicationState", "kinesisanalytics:ListApplications", "kinesisanalytics:ListTagsForResource", "kinesisanalytics:ListApplicationSnapshots", "kinesisanalytics:ListApplicationVersions", "kinesis:DescribeStream", "kinesis:ListStreams", "firehose:DescribeDeliveryStream", "firehose:ListDeliveryStreams", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "logs:GetLogEvents", "iam:ListPolicyVersions", "iam:ListRoles" ], "malformed": false, "name": "AmazonKinesisAnalyticsReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2016-09-21T18:16:43+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSCloudTrail_FullAccess", "createdate": "2021-02-22T19:01:00Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "sns:AddPermission", "sns:CreateTopic", "sns:SetTopicAttributes", "sns:GetTopicAttributes", "sns:ListTopics", "s3:CreateBucket", "s3:PutBucketPolicy", "s3:PutBucketPublicAccessBlock", "s3:ListAllMyBuckets", "s3:GetBucketLocation", "s3:GetBucketPolicy", "cloudtrail:AddTags", "cloudtrail:CancelQuery", "cloudtrail:CreateChannel", "cloudtrail:CreateEventDataStore", "cloudtrail:CreateServiceLinkedChannel", "cloudtrail:CreateTrail", "cloudtrail:DeleteChannel", "cloudtrail:DeleteEventDataStore", "cloudtrail:DeleteResourcePolicy", "cloudtrail:DeleteServiceLinkedChannel", "cloudtrail:DeleteTrail", "cloudtrail:DeregisterOrganizationDelegatedAdmin", "cloudtrail:DescribeQuery", "cloudtrail:DescribeTrails", "cloudtrail:DisableFederation", "cloudtrail:EnableFederation", "cloudtrail:GetChannel", "cloudtrail:GetEventDataStore", "cloudtrail:GetEventDataStoreData", "cloudtrail:GetEventSelectors", "cloudtrail:GetImport", "cloudtrail:GetInsightSelectors", "cloudtrail:GetQueryResults", "cloudtrail:GetResourcePolicy", "cloudtrail:GetServiceLinkedChannel", "cloudtrail:GetTrail", "cloudtrail:GetTrailStatus", "cloudtrail:ListChannels", "cloudtrail:ListEventDataStores", "cloudtrail:ListImportFailures", "cloudtrail:ListImports", "cloudtrail:ListPublicKeys", "cloudtrail:ListQueries", "cloudtrail:ListServiceLinkedChannels", "cloudtrail:ListTags", "cloudtrail:ListTrails", "cloudtrail:LookupEvents", "cloudtrail:PutEventSelectors", "cloudtrail:PutInsightSelectors", "cloudtrail:PutResourcePolicy", "cloudtrail:RegisterOrganizationDelegatedAdmin", "cloudtrail:RemoveTags", "cloudtrail:RestoreEventDataStore", "cloudtrail:StartEventDataStoreIngestion", "cloudtrail:StartImport", "cloudtrail:StartLogging", "cloudtrail:StartQuery", "cloudtrail:StopEventDataStoreIngestion", "cloudtrail:StopImport", "cloudtrail:StopLogging", "cloudtrail:UpdateChannel", "cloudtrail:UpdateEventDataStore", "cloudtrail:UpdateServiceLinkedChannel", "cloudtrail:UpdateTrail", "logs:CreateLogGroup", "iam:ListRoles", "iam:GetRolePolicy", "iam:GetUser", "iam:PassRole", "kms:CreateKey", "kms:CreateAlias", "kms:ListKeys", "kms:ListAliases", "lambda:ListFunctions", "dynamodb:ListGlobalTables", "dynamodb:ListTables" ], "malformed": false, "name": "AWSCloudTrail_FullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-02-22T19:01:00+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSCostAndUsageReportAutomationPolicy", "createdate": "2021-11-01T21:27:29Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:DescribeOrganization", "s3:GetBucketTagging", "s3:PutBucketTagging", "s3:GetBucketPolicy", "s3:PutBucketPolicy", "s3:ListBucket", "s3:CreateBucket", "cur:PutReportDefinition", "cur:DeleteReportDefinition", "cur:DescribeReportDefinitions", "cur:DescribeReportDefinitions" ], "malformed": false, "name": "AWSCostAndUsageReportAutomationPolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-11-01T21:27:29+00:00", "version": "v1" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSWickrFullAccess", "createdate": "2022-11-27T20:36:44Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "wickr:CreateAdminSession", "wickr:CreateNetwork", "wickr:ListNetworks", "wickr:ListTagsForResource", "wickr:TagResource", "wickr:UntagResource", "wickr:UpdateNetworkDetails" ], "malformed": false, "name": "AWSWickrFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-27T20:36:44+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSDeepLensLambdaFunctionAccessPolicy", "createdate": "2019-06-11T23:11:55Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:ListBucket", "s3:GetObject", "logs:CreateLogStream", "logs:DescribeLogStreams", "logs:PutLogEvents", "logs:CreateLogGroup", "deeplens:AssociateServiceRoleToAccount", "deeplens:BatchGetDevice", "deeplens:BatchGetModel", "deeplens:BatchGetProject", "deeplens:CreateDeviceCertificates", "deeplens:CreateModel", "deeplens:CreateProject", "deeplens:DeleteModel", "deeplens:DeleteProject", "deeplens:DeployProject", "deeplens:DeregisterDevice", "deeplens:GetAssociatedResources", "deeplens:GetDeploymentStatus", "deeplens:GetDevice", "deeplens:GetModel", "deeplens:GetProject", "deeplens:ImportProjectFromTemplate", "deeplens:ListDeployments", "deeplens:ListDevices", "deeplens:ListModels", "deeplens:ListProjects", "deeplens:RegisterDevice", "deeplens:RemoveProject", "deeplens:UpdateProject", "kinesisvideo:DescribeStream", "kinesisvideo:CreateStream", "kinesisvideo:GetDataEndpoint", "kinesisvideo:PutMedia" ], "malformed": false, "name": "AWSDeepLensLambdaFunctionAccessPolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-11T23:11:55+00:00", "version": "v4" }, { "access_levels": [ "List", "Write", "Permissions management" ], "arn": null, "createdate": "2019-06-20T23:32:21Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [ "lambda:CreateFunction", "lambda:DeleteFunction", "lambda:DisableReplication", "iam:PassRole", "cloudfront:ListDistributionsByLambdaFunction" ], "malformed": false, "name": "AWSLambdaReplicatorInternal", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v4" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/ApplicationAutoScalingForAmazonAppStreamAccess", "createdate": "2017-02-06T21:39:56Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "appstream:UpdateFleet", "appstream:DescribeFleets", "cloudwatch:DescribeAlarms" ], "malformed": false, "name": "ApplicationAutoScalingForAmazonAppStreamAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-02-06T21:39:56+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSForWordPressPluginPolicy", "createdate": "2020-01-20T23:20:47Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "polly:SynthesizeSpeech", "polly:DescribeVoices", "translate:TranslateText", "s3:ListBucket", "s3:GetBucketAcl", "s3:GetBucketPolicy", "s3:PutObject", "s3:DeleteObject", "s3:CreateBucket", "s3:PutObjectAcl", "acm:AddTagsToCertificate", "acm:DescribeCertificate", "acm:RequestCertificate", "cloudformation:CreateStack", "cloudfront:ListDistributions", "acm:DeleteCertificate", "cloudformation:DeleteStack", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackResources", "cloudformation:UpdateStack", "cloudfront:CreateDistribution", "cloudfront:CreateInvalidation", "cloudfront:DeleteDistribution", "cloudfront:GetDistribution", "cloudfront:GetInvalidation", "cloudfront:TagResource", "cloudfront:UpdateDistribution" ], "malformed": false, "name": "AWSForWordPressPluginPolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-01-20T23:20:47+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSCodeArtifactReadOnlyAccess", "createdate": "2020-06-25T21:23:52Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "codeartifact:DescribeDomain", "codeartifact:DescribePackage", "codeartifact:DescribePackageGroup", "codeartifact:DescribePackageVersion", "codeartifact:DescribeRepository", "codeartifact:GetAssociatedPackageGroup", "codeartifact:GetAuthorizationToken", "codeartifact:GetDomainPermissionsPolicy", "codeartifact:GetPackageVersionAsset", "codeartifact:GetPackageVersionReadme", "codeartifact:GetRepositoryEndpoint", "codeartifact:GetRepositoryPermissionsPolicy", "codeartifact:ListAllowedRepositoriesForGroup", "codeartifact:ListAssociatedPackages", "codeartifact:ListDomains", "codeartifact:ListPackageGroups", "codeartifact:ListPackageVersionAssets", "codeartifact:ListPackageVersionDependencies", "codeartifact:ListPackageVersions", "codeartifact:ListPackages", "codeartifact:ListRepositories", "codeartifact:ListRepositoriesInDomain", "codeartifact:ListSubPackageGroups", "codeartifact:ListTagsForResource", "codeartifact:ReadFromRepository", "sts:GetServiceBearerToken" ], "malformed": false, "name": "AWSCodeArtifactReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-06-25T21:23:52+00:00", "version": "v1" }, { "access_levels": [ "List" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSQuickSightListIAM", "createdate": "2015-11-10T23:25:07Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:ListAccessKeys", "iam:ListAccountAliases", "iam:ListAttachedGroupPolicies", "iam:ListAttachedRolePolicies", "iam:ListAttachedUserPolicies", "iam:ListCloudFrontPublicKeys", "iam:ListEntitiesForPolicy", "iam:ListGroupPolicies", "iam:ListGroups", "iam:ListGroupsForUser", "iam:ListInstanceProfileTags", "iam:ListInstanceProfiles", "iam:ListInstanceProfilesForRole", "iam:ListMFADeviceTags", "iam:ListMFADevices", "iam:ListOpenIDConnectProviderTags", "iam:ListOpenIDConnectProviders", "iam:ListPolicies", "iam:ListPoliciesGrantingServiceAccess", "iam:ListPolicyTags", "iam:ListPolicyVersions", "iam:ListRolePolicies", "iam:ListRoleTags", "iam:ListRoles", "iam:ListSAMLProviderTags", "iam:ListSAMLProviders", "iam:ListSSHPublicKeys", "iam:ListSTSRegionalEndpointsStatus", "iam:ListServerCertificateTags", "iam:ListServerCertificates", "iam:ListServiceSpecificCredentials", "iam:ListSigningCertificates", "iam:ListUserPolicies", "iam:ListUserTags", "iam:ListUsers", "iam:ListVirtualMFADevices" ], "malformed": false, "name": "AWSQuickSightListIAM", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-11-10T23:25:07+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonHoneycodeWorkbookReadOnlyAccess", "createdate": "2020-12-01T17:32:49Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "honeycode:GetScreenData", "honeycode:DescribeTableDataImportJob", "honeycode:ListTableColumns", "honeycode:ListTableRows", "honeycode:ListTables", "honeycode:QueryTableRows" ], "malformed": false, "name": "AmazonHoneycodeWorkbookReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-01T17:32:49+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSSSODirectoryReadOnly", "createdate": "2022-11-16T18:17:48Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "sso-directory:SearchGroups", "sso-directory:SearchUsers", "sso-directory:DescribeDirectory", "sso-directory:DescribeGroup", "sso-directory:DescribeGroups", "sso-directory:DescribeProvisioningTenant", "sso-directory:DescribeUser", "sso-directory:DescribeUserByUniqueAttribute", "sso-directory:DescribeUsers", "sso-directory:ListBearerTokens", "sso-directory:ListExternalIdPCertificates", "sso-directory:ListExternalIdPConfigurationsForDirectory", "sso-directory:ListGroupsForMember", "sso-directory:ListGroupsForUser", "sso-directory:ListMembersInGroup", "sso-directory:ListMfaDevicesForUser", "sso-directory:ListProvisioningTenants", "sso-directory:GetAWSSPConfigurationForDirectory", "sso-directory:GetUserPoolInfo", "identitystore:DescribeGroup", "identitystore:DescribeGroupMembership", "identitystore:DescribeUser", "identitystore:ListGroupMemberships", "identitystore:ListGroupMembershipsForMember", "identitystore:ListGroups", "identitystore:ListUsers", "identitystore-auth:ListSessions", "identitystore-auth:BatchGetSession" ], "malformed": false, "name": "AWSSSODirectoryReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-16T18:17:48+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorEKSAccess", "createdate": "2023-11-13T16:44:51Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeInstances", "ec2:TerminateInstances", "ec2:DescribeSubnets", "eks:DescribeCluster", "eks:DescribeNodegroup", "tag:GetResources" ], "malformed": false, "name": "AWSFaultInjectionSimulatorEKSAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-13T16:44:51+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonAppStreamReadOnlyAccess", "createdate": "2016-12-07T21:00:06Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "appstream:ListAssociatedFleets", "appstream:ListAssociatedStacks", "appstream:ListEntitledApplications", "appstream:ListTagsForResource", "appstream:DescribeAppBlockBuilderAppBlockAssociations", "appstream:DescribeAppBlockBuilders", "appstream:DescribeAppBlocks", "appstream:DescribeApplicationFleetAssociations", "appstream:DescribeApplications", "appstream:DescribeDirectoryConfigs", "appstream:DescribeEntitlements", "appstream:DescribeFleets", "appstream:DescribeImageBuilders", "appstream:DescribeImagePermissions", "appstream:DescribeImages", "appstream:DescribeSessions", "appstream:DescribeStacks", "appstream:DescribeUsageReportSubscriptions", "appstream:DescribeUserStackAssociations", "appstream:DescribeUsers" ], "malformed": false, "name": "AmazonAppStreamReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": true, "updatedate": "2016-12-07T21:00:06+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management", "Unknown" ], "arn": "arn:aws:iam::aws:policy/AWSGlueConsoleSageMakerNotebookFullAccess", "createdate": "2021-07-15T15:24:19Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "glue:BatchCreatePartition", "glue:BatchDeleteConnection", "glue:BatchDeletePartition", "glue:BatchDeleteTable", "glue:BatchDeleteTableVersion", "glue:BatchGetBlueprints", "glue:BatchGetCrawlers", "glue:BatchGetCustomEntityTypes", "glue:BatchGetDevEndpoints", "glue:BatchGetJobs", "glue:BatchGetPartition", "glue:BatchGetStageFiles", "glue:BatchGetTableOptimizer", "glue:BatchGetTriggers", "glue:BatchGetWorkflows", "glue:BatchStopJobRun", "glue:BatchUpdatePartition", "glue:CancelDataQualityRuleRecommendationRun", "glue:CancelDataQualityRulesetEvaluationRun", "glue:CancelMLTaskRun", "glue:CancelStatement", "glue:CheckSchemaVersionValidity", "glue:CreateBlueprint", "glue:CreateClassifier", "glue:CreateConnection", "glue:CreateCrawler", "glue:CreateCustomEntityType", "glue:CreateDataQualityRuleset", "glue:CreateDatabase", "glue:CreateDevEndpoint", "glue:CreateJob", "glue:CreateMLTransform", "glue:CreatePartition", "glue:CreatePartitionIndex", "glue:CreateRegistry", "glue:CreateSchema", "glue:CreateScript", "glue:CreateSecurityConfiguration", "glue:CreateSession", "glue:CreateTable", "glue:CreateTableOptimizer", "glue:CreateTrigger", "glue:CreateUserDefinedFunction", "glue:CreateWorkflow", "glue:DeleteBlueprint", "glue:DeleteClassifier", "glue:DeleteColumnStatisticsForPartition", "glue:DeleteColumnStatisticsForTable", "glue:DeleteConnection", "glue:DeleteCrawler", "glue:DeleteCustomEntityType", "glue:DeleteDataQualityRuleset", "glue:DeleteDatabase", "glue:DeleteDevEndpoint", "glue:DeleteJob", "glue:DeleteMLTransform", "glue:DeletePartition", "glue:DeletePartitionIndex", "glue:DeleteRegistry", "glue:DeleteResourcePolicy", "glue:DeleteSchema", "glue:DeleteSchemaVersions", "glue:DeleteSecurityConfiguration", "glue:DeleteSession", "glue:DeleteTable", "glue:DeleteTableOptimizer", "glue:DeleteTableVersion", "glue:DeleteTrigger", "glue:DeleteUserDefinedFunction", "glue:DeleteWorkflow", "glue:DeregisterDataPreview", "glue:GetBlueprint", "glue:GetBlueprintRun", "glue:GetBlueprintRuns", "glue:GetCatalogImportStatus", "glue:GetClassifier", "glue:GetClassifiers", "glue:GetColumnStatisticsForPartition", "glue:GetColumnStatisticsForTable", "glue:GetColumnStatisticsTaskRun", "glue:GetColumnStatisticsTaskRuns", "glue:GetCompletion", "glue:GetConnection", "glue:GetConnections", "glue:GetCrawler", "glue:GetCrawlerMetrics", "glue:GetCrawlers", "glue:GetCustomEntityType", "glue:GetDataCatalogEncryptionSettings", "glue:GetDataPreviewStatement", "glue:GetDataQualityResult", "glue:GetDataQualityRuleRecommendationRun", "glue:GetDataQualityRuleset", "glue:GetDataQualityRulesetEvaluationRun", "glue:GetDatabase", "glue:GetDatabases", "glue:GetDataflowGraph", "glue:GetDevEndpoint", "glue:GetDevEndpoints", "glue:GetEnvironment", "glue:GetExecutors", "glue:GetExecutorsThreads", "glue:GetJob", "glue:GetJobBookmark", "glue:GetJobRun", "glue:GetJobRuns", "glue:GetJobs", "glue:GetLogParsingStatus", "glue:GetMLTaskRun", "glue:GetMLTaskRuns", "glue:GetMLTransform", "glue:GetMLTransforms", "glue:GetMapping", "glue:GetNotebookInstanceStatus", "glue:GetPartition", "glue:GetPartitionIndexes", "glue:GetPartitionMetadata", "glue:GetPartitions", "glue:GetPlan", "glue:GetQueries", "glue:GetQuery", "glue:GetRegistry", "glue:GetResourcePolicies", "glue:GetResourcePolicy", "glue:GetSchema", "glue:GetSchemaByDefinition", "glue:GetSchemaVersion", "glue:GetSchemaVersionsDiff", "glue:GetSecurityConfiguration", "glue:GetSecurityConfigurations", "glue:GetSession", "glue:GetStage", "glue:GetStageAttempt", "glue:GetStageAttemptTaskList", "glue:GetStageAttemptTaskSummary", "glue:GetStageFiles", "glue:GetStages", "glue:GetStatement", "glue:GetStorage", "glue:GetStorageUnit", "glue:GetTable", "glue:GetTableOptimizer", "glue:GetTableVersion", "glue:GetTableVersions", "glue:GetTables", "glue:GetTags", "glue:GetTrigger", "glue:GetTriggers", "glue:GetUserDefinedFunction", "glue:GetUserDefinedFunctions", "glue:GetWorkflow", "glue:GetWorkflowRun", "glue:GetWorkflowRunProperties", "glue:GetWorkflowRuns", "glue:GlueNotebookAuthorize", "glue:GlueNotebookRefreshCredentials", "glue:ImportCatalogToGlue", "glue:ListBlueprints", "glue:ListColumnStatisticsTaskRuns", "glue:ListCrawlers", "glue:ListCrawls", "glue:ListCustomEntityTypes", "glue:ListDataQualityResults", "glue:ListDataQualityRuleRecommendationRuns", "glue:ListDataQualityRulesetEvaluationRuns", "glue:ListDataQualityRulesets", "glue:ListDevEndpoints", "glue:ListJobs", "glue:ListMLTransforms", "glue:ListRegistries", "glue:ListSchemaVersions", "glue:ListSchemas", "glue:ListSessions", "glue:ListStatements", "glue:ListTableOptimizerRuns", "glue:ListTriggers", "glue:ListWorkflows", "glue:NotifyEvent", "glue:PassConnection", "glue:PublishDataQuality", "glue:PutDataCatalogEncryptionSettings", "glue:PutResourcePolicy", "glue:PutSchemaVersionMetadata", "glue:PutWorkflowRunProperties", "glue:QuerySchemaVersionMetadata", "glue:RegisterSchemaVersion", "glue:RemoveSchemaVersionMetadata", "glue:RequestLogParsing", "glue:ResetJobBookmark", "glue:ResumeWorkflowRun", "glue:RunDataPreviewStatement", "glue:RunStatement", "glue:SearchTables", "glue:SendFeedback", "glue:StartBlueprintRun", "glue:StartColumnStatisticsTaskRun", "glue:StartCompletion", "glue:StartCrawler", "glue:StartCrawlerSchedule", "glue:StartDataQualityRuleRecommendationRun", "glue:StartDataQualityRulesetEvaluationRun", "glue:StartExportLabelsTaskRun", "glue:StartImportLabelsTaskRun", "glue:StartJobRun", "glue:StartMLEvaluationTaskRun", "glue:StartMLLabelingSetGenerationTaskRun", "glue:StartNotebook", "glue:StartTrigger", "glue:StartWorkflowRun", "glue:StopColumnStatisticsTaskRun", "glue:StopCrawler", "glue:StopCrawlerSchedule", "glue:StopSession", "glue:StopTrigger", "glue:StopWorkflowRun", "glue:TagResource", "glue:TerminateNotebook", "glue:TestConnection", "glue:UntagResource", "glue:UpdateBlueprint", "glue:UpdateClassifier", "glue:UpdateColumnStatisticsForPartition", "glue:UpdateColumnStatisticsForTable", "glue:UpdateConnection", "glue:UpdateCrawler", "glue:UpdateCrawlerSchedule", "glue:UpdateDataQualityRuleset", "glue:UpdateDatabase", "glue:UpdateDevEndpoint", "glue:UpdateJob", "glue:UpdateJobFromSourceControl", "glue:UpdateMLTransform", "glue:UpdatePartition", "glue:UpdateRegistry", "glue:UpdateSchema", "glue:UpdateSourceControlFromJob", "glue:UpdateTable", "glue:UpdateTableOptimizer", "glue:UpdateTrigger", "glue:UpdateUserDefinedFunction", "glue:UpdateWorkflow", "glue:UseGlueStudio", "glue:UseMLTransforms", "redshift:DescribeClusters", "redshift:DescribeClusterSubnetGroups", "iam:ListRoles", "iam:ListRolePolicies", "iam:GetRole", "iam:GetRolePolicy", "iam:ListAttachedRolePolicies", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeVpcEndpoints", "ec2:DescribeRouteTables", "ec2:DescribeVpcAttribute", "ec2:DescribeKeyPairs", "ec2:DescribeInstances", "ec2:DescribeImages", "ec2:CreateNetworkInterface", "ec2:AttachNetworkInterface", "ec2:ModifyNetworkInterfaceAttribute", "ec2:DeleteNetworkInterface", "ec2:DescribeAvailabilityZones", "ec2:DescribeInternetGateways", "ec2:DescribeNetworkInterfaces", "rds:DescribeDBInstances", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:GetBucketAcl", "s3:GetBucketLocation", "cloudformation:DescribeStacks", "cloudformation:GetTemplateSummary", "dynamodb:ListTables", "kms:ListAliases", "kms:DescribeKey", "sagemaker:ListNotebookInstances", "cloudformation:ListStacks", "cloudwatch:GetMetricData", "cloudwatch:ListDashboards", "s3:GetObject", "s3:PutObject", "s3:CreateBucket", "logs:GetLogEvents", "cloudformation:CreateStack", "cloudformation:DeleteStack", "sagemaker:CreatePresignedNotebookInstanceUrl", "sagemaker:CreateNotebookInstance", "sagemaker:DeleteNotebookInstance", "sagemaker:DescribeNotebookInstance", "sagemaker:StartNotebookInstance", "sagemaker:StopNotebookInstance", "sagemaker:UpdateNotebookInstance", "sagemaker:ListTags", "sagemaker:DescribeNotebookInstanceLifecycleConfig", "sagemaker:CreateNotebookInstanceLifecycleConfig", "sagemaker:DeleteNotebookInstanceLifecycleConfig", "sagemaker:ListNotebookInstanceLifecycleConfigs", "ec2:RunInstances", "ec2:TerminateInstances", "ec2:CreateTags", "ec2:DeleteTags", "tag:GetResources", "iam:PassRole", "iam:PassRole", "iam:PassRole", "iam:PassRole" ], "malformed": false, "name": "AWSGlueConsoleSageMakerNotebookFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": true, "unknown_actions": false, "updatedate": "2021-07-15T15:24:19+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonEventBridgePipesReadOnlyAccess", "createdate": "2022-12-01T17:04:03Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "pipes:DescribePipe", "pipes:ListPipes", "pipes:ListTagsForResource" ], "malformed": false, "name": "AmazonEventBridgePipesReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-12-01T17:04:03+00:00", "version": "v1" }, { "access_levels": [ "List", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorEC2Access", "createdate": "2023-11-27T15:08:12Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:RebootInstances", "ec2:SendSpotInstanceInterruptions", "ec2:StartInstances", "ec2:StopInstances", "ec2:TerminateInstances", "kms:CreateGrant", "ssm:SendCommand", "ssm:CancelCommand", "ssm:ListCommands", "ec2:DescribeInstances" ], "malformed": false, "name": "AWSFaultInjectionSimulatorEC2Access", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-27T15:08:12+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/ServiceQuotasFullAccess", "createdate": "2021-02-04T21:29:43Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "autoscaling:DescribeAccountLimits", "cloudformation:DescribeAccountLimits", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:PutMetricAlarm", "dynamodb:DescribeLimits", "elasticloadbalancing:DescribeAccountLimits", "iam:GetAccountSummary", "kinesis:DescribeLimits", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListAWSServiceAccessForOrganization", "rds:DescribeAccountAttributes", "route53:GetAccountLimit", "tag:GetTagKeys", "tag:GetTagValues", "servicequotas:AssociateServiceQuotaTemplate", "servicequotas:DeleteServiceQuotaIncreaseRequestFromTemplate", "servicequotas:DisassociateServiceQuotaTemplate", "servicequotas:GetAWSDefaultServiceQuota", "servicequotas:GetAssociationForServiceQuotaTemplate", "servicequotas:GetRequestedServiceQuotaChange", "servicequotas:GetServiceQuota", "servicequotas:GetServiceQuotaIncreaseRequestFromTemplate", "servicequotas:ListAWSDefaultServiceQuotas", "servicequotas:ListRequestedServiceQuotaChangeHistory", "servicequotas:ListRequestedServiceQuotaChangeHistoryByQuota", "servicequotas:ListServiceQuotaIncreaseRequestsInTemplate", "servicequotas:ListServiceQuotas", "servicequotas:ListServices", "servicequotas:ListTagsForResource", "servicequotas:PutServiceQuotaIncreaseRequestIntoTemplate", "servicequotas:RequestServiceQuotaIncrease", "servicequotas:TagResource", "servicequotas:UntagResource", "cloudwatch:DeleteAlarms", "organizations:EnableAWSServiceAccess", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "ServiceQuotasFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-02-04T21:29:43+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSSecurityHubFullAccess", "createdate": "2024-04-23T18:35:45Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "securityhub:AcceptAdministratorInvitation", "securityhub:AcceptInvitation", "securityhub:BatchDeleteAutomationRules", "securityhub:BatchDisableStandards", "securityhub:BatchEnableStandards", "securityhub:BatchGetAutomationRules", "securityhub:BatchGetConfigurationPolicyAssociations", "securityhub:BatchGetControlEvaluations", "securityhub:BatchGetSecurityControls", "securityhub:BatchGetStandardsControlAssociations", "securityhub:BatchImportFindings", "securityhub:BatchUpdateAutomationRules", "securityhub:BatchUpdateFindings", "securityhub:BatchUpdateStandardsControlAssociations", "securityhub:CreateActionTarget", "securityhub:CreateAutomationRule", "securityhub:CreateConfigurationPolicy", "securityhub:CreateFindingAggregator", "securityhub:CreateInsight", "securityhub:CreateMembers", "securityhub:DeclineInvitations", "securityhub:DeleteActionTarget", "securityhub:DeleteConfigurationPolicy", "securityhub:DeleteFindingAggregator", "securityhub:DeleteInsight", "securityhub:DeleteInvitations", "securityhub:DeleteMembers", "securityhub:DescribeActionTargets", "securityhub:DescribeHub", "securityhub:DescribeOrganizationConfiguration", "securityhub:DescribeProducts", "securityhub:DescribeStandards", "securityhub:DescribeStandardsControls", "securityhub:DisableImportFindingsForProduct", "securityhub:DisableOrganizationAdminAccount", "securityhub:DisableSecurityHub", "securityhub:DisassociateFromAdministratorAccount", "securityhub:DisassociateFromMasterAccount", "securityhub:DisassociateMembers", "securityhub:EnableImportFindingsForProduct", "securityhub:EnableOrganizationAdminAccount", "securityhub:EnableSecurityHub", "securityhub:GetAdhocInsightResults", "securityhub:GetAdministratorAccount", "securityhub:GetConfigurationPolicy", "securityhub:GetConfigurationPolicyAssociation", "securityhub:GetControlFindingSummary", "securityhub:GetEnabledStandards", "securityhub:GetFindingAggregator", "securityhub:GetFindingHistory", "securityhub:GetFindings", "securityhub:GetFreeTrialEndDate", "securityhub:GetFreeTrialUsage", "securityhub:GetInsightFindingTrend", "securityhub:GetInsightResults", "securityhub:GetInsights", "securityhub:GetInvitationsCount", "securityhub:GetMasterAccount", "securityhub:GetMembers", "securityhub:GetSecurityControlDefinition", "securityhub:GetUsage", "securityhub:InviteMembers", "securityhub:ListAutomationRules", "securityhub:ListConfigurationPolicies", "securityhub:ListConfigurationPolicyAssociations", "securityhub:ListControlEvaluationSummaries", "securityhub:ListEnabledProductsForImport", "securityhub:ListFindingAggregators", "securityhub:ListInvitations", "securityhub:ListMembers", "securityhub:ListOrganizationAdminAccounts", "securityhub:ListSecurityControlDefinitions", "securityhub:ListStandardsControlAssociations", "securityhub:ListTagsForResource", "securityhub:SendFindingEvents", "securityhub:SendInsightEvents", "securityhub:StartConfigurationPolicyAssociation", "securityhub:StartConfigurationPolicyDisassociation", "securityhub:TagResource", "securityhub:UntagResource", "securityhub:UpdateActionTarget", "securityhub:UpdateConfigurationPolicy", "securityhub:UpdateFindingAggregator", "securityhub:UpdateFindings", "securityhub:UpdateInsight", "securityhub:UpdateOrganizationConfiguration", "securityhub:UpdateSecurityControl", "securityhub:UpdateSecurityHubConfiguration", "securityhub:UpdateStandardsControl", "iam:CreateServiceLinkedRole", "guardduty:GetDetector", "guardduty:ListDetectors", "inspector2:BatchGetAccountStatus", "pricing:GetProducts" ], "malformed": false, "name": "AWSSecurityHubFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-23T18:35:45+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSTransferReadOnlyAccess", "createdate": "2020-08-27T17:54:51Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "transfer:DescribeUser", "transfer:DescribeServer", "transfer:ListUsers", "transfer:ListServers", "transfer:TestIdentityProvider", "transfer:ListTagsForResource" ], "malformed": false, "name": "AWSTransferReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-08-27T17:54:51+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/ComprehendDataAccessRolePolicy", "createdate": "2019-03-06T22:28:15Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:GetObject", "s3:ListBucket", "s3:PutObject" ], "malformed": false, "name": "ComprehendDataAccessRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-03-06T22:28:15+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/ServiceQuotasServiceRolePolicy", "createdate": "2019-06-24T14:52:56Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "support:AddAttachmentsToSet", "support:AddCommunicationToCase", "support:CreateCase", "support:DescribeAttachment", "support:DescribeCaseAttributes", "support:DescribeCases", "support:DescribeCommunication", "support:DescribeCommunications", "support:DescribeCreateCaseOptions", "support:DescribeIssueTypes", "support:DescribeServices", "support:DescribeSeverityLevels", "support:DescribeSupportLevel", "support:DescribeSupportedLanguages", "support:DescribeTrustedAdvisorCheckRefreshStatuses", "support:DescribeTrustedAdvisorCheckResult", "support:DescribeTrustedAdvisorCheckSummaries", "support:DescribeTrustedAdvisorChecks", "support:InitiateCallForCase", "support:InitiateChatForCase", "support:PutCaseAttributes", "support:RateCaseCommunication", "support:RefreshTrustedAdvisorCheck", "support:ResolveCase", "support:SearchForCases" ], "malformed": false, "name": "ServiceQuotasServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-24T14:52:56+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSGrafanaConsoleReadOnlyAccess", "createdate": "2022-02-15T22:30:54Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "grafana:DescribeWorkspace", "grafana:DescribeWorkspaceAuthentication", "grafana:DescribeWorkspaceConfiguration", "grafana:ListPermissions", "grafana:ListTagsForResource", "grafana:ListVersions", "grafana:ListWorkspaces" ], "malformed": false, "name": "AWSGrafanaConsoleReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-02-15T22:30:54+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/CloudSearchReadOnlyAccess", "createdate": "2015-02-06T18:39:57Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudsearch:DescribeAnalysisSchemes", "cloudsearch:DescribeAvailabilityOptions", "cloudsearch:DescribeDomainEndpointOptions", "cloudsearch:DescribeDomains", "cloudsearch:DescribeExpressions", "cloudsearch:DescribeIndexFields", "cloudsearch:DescribeScalingParameters", "cloudsearch:DescribeServiceAccessPolicies", "cloudsearch:DescribeSuggesters", "cloudsearch:ListDomainNames", "cloudsearch:ListTags" ], "malformed": false, "name": "CloudSearchReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:39:57+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSXrayWriteOnlyAccess", "createdate": "2018-08-28T23:03:04Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "xray:PutTraceSegments", "xray:PutTelemetryRecords", "xray:GetSamplingRules", "xray:GetSamplingTargets", "xray:GetSamplingStatisticSummaries" ], "malformed": false, "name": "AWSXrayWriteOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-08-28T23:03:04+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonInspector2AgentlessServiceRolePolicy", "createdate": "2023-11-20T15:18:32Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeInstances", "ec2:DescribeVolumes", "ec2:DescribeSnapshots", "ebs:ListSnapshotBlocks", "ebs:GetSnapshotBlock", "ec2:CreateSnapshots", "ec2:CreateSnapshots", "ec2:CreateTags", "ec2:DeleteSnapshot", "kms:Decrypt", "kms:Decrypt", "kms:DescribeKey", "kms:ListResourceTags" ], "malformed": false, "name": "AmazonInspector2AgentlessServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-20T15:18:32+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerGeospatialFullAccess", "createdate": "2022-11-30T10:06:48Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "sagemaker-geospatial:DeleteEarthObservationJob", "sagemaker-geospatial:DeleteVectorEnrichmentJob", "sagemaker-geospatial:ExportEarthObservationJob", "sagemaker-geospatial:ExportVectorEnrichmentJob", "sagemaker-geospatial:GetEarthObservationJob", "sagemaker-geospatial:GetRasterDataCollection", "sagemaker-geospatial:GetTile", "sagemaker-geospatial:GetVectorEnrichmentJob", "sagemaker-geospatial:ListEarthObservationJobs", "sagemaker-geospatial:ListRasterDataCollections", "sagemaker-geospatial:ListTagsForResource", "sagemaker-geospatial:ListVectorEnrichmentJobs", "sagemaker-geospatial:SearchRasterDataCollection", "sagemaker-geospatial:StartEarthObservationJob", "sagemaker-geospatial:StartVectorEnrichmentJob", "sagemaker-geospatial:StopEarthObservationJob", "sagemaker-geospatial:StopVectorEnrichmentJob", "sagemaker-geospatial:TagResource", "sagemaker-geospatial:UntagResource", "iam:PassRole" ], "malformed": false, "name": "AmazonSageMakerGeospatialFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-30T10:06:48+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSIoTDeviceTesterForFreeRTOSFullAccess", "createdate": "2023-08-10T20:30:07Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "iam:PassRole", "iot:DeleteThing", "iot:AttachThingPrincipal", "iot:DeleteCertificate", "iot:GetRegistrationCode", "iot:CreatePolicy", "iot:UpdateCACertificate", "s3:ListBucket", "iot:DescribeEndpoint", "iot:CreateOTAUpdate", "iot:CreateStream", "signer:ListSigningJobs", "acm:ListCertificates", "iot:CreateKeysAndCertificate", "iot:UpdateCertificate", "iot:CreateCertificateFromCsr", "iot:DetachThingPrincipal", "iot:RegisterCACertificate", "iot:CreateThing", "iam:ListRoles", "iot:RegisterCertificate", "iot:DeleteCACertificate", "signer:PutSigningProfile", "s3:ListAllMyBuckets", "signer:ListSigningPlatforms", "iot-device-tester:SendMetrics", "iot-device-tester:SupportedVersion", "iot-device-tester:LatestIdt", "iot-device-tester:CheckVersion", "iot-device-tester:DownloadTestSuite", "iam:GetRole", "signer:StartSigningJob", "acm:GetCertificate", "signer:DescribeSigningJob", "s3:CreateBucket", "execute-api:Invoke", "s3:DeleteBucket", "s3:PutBucketVersioning", "signer:CancelSigningProfile", "iot:DeleteStream", "iot:DeleteCertificate", "iot:AttachPolicy", "iot:DetachPolicy", "iot:DeletePolicy", "s3:ListBucketVersions", "iot:UpdateCertificate", "iot:GetOTAUpdate", "iot:DeleteOTAUpdate", "iot:DescribeJobExecution", "iot:DeleteCertificate", "iot:AttachPolicy", "iot:DetachPolicy", "s3:DeleteObjectVersion", "iot:DeleteOTAUpdate", "s3:PutObject", "s3:GetObject", "iot:DeleteStream", "iot:DeletePolicy", "s3:DeleteObject", "iot:UpdateCertificate", "iot:GetOTAUpdate", "s3:GetObjectVersion", "iot:DescribeJobExecution", "s3:PutObject", "s3:GetObject", "iot:CancelJobExecution", "ec2:TerminateInstances", "ec2:AuthorizeSecurityGroupIngress", "ec2:DeleteSecurityGroup", "ec2:RunInstances", "ec2:RunInstances", "ec2:CreateSecurityGroup", "ec2:DescribeInstances", "ec2:DescribeSecurityGroups", "ssm:DescribeParameters", "ssm:GetParameters", "ec2:CreateTags" ], "malformed": false, "name": "AWSIoTDeviceTesterForFreeRTOSFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-08-10T20:30:07+00:00", "version": "v7" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSBackupFullAccess", "createdate": "2023-11-27T17:33:10Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "backup:CancelLegalHold", "backup:CopyFromBackupVault", "backup:CopyIntoBackupVault", "backup:CreateBackupPlan", "backup:CreateBackupSelection", "backup:CreateBackupVault", "backup:CreateFramework", "backup:CreateLegalHold", "backup:CreateLogicallyAirGappedBackupVault", "backup:CreateReportPlan", "backup:CreateRestoreTestingPlan", "backup:CreateRestoreTestingSelection", "backup:DeleteBackupPlan", "backup:DeleteBackupSelection", "backup:DeleteBackupVault", "backup:DeleteBackupVaultAccessPolicy", "backup:DeleteBackupVaultLockConfiguration", "backup:DeleteBackupVaultNotifications", "backup:DeleteBackupVaultSharingPolicy", "backup:DeleteFramework", "backup:DeleteRecoveryPoint", "backup:DeleteReportPlan", "backup:DeleteRestoreTestingPlan", "backup:DeleteRestoreTestingSelection", "backup:DescribeBackupJob", "backup:DescribeBackupVault", "backup:DescribeCopyJob", "backup:DescribeFramework", "backup:DescribeGlobalSettings", "backup:DescribeProtectedResource", "backup:DescribeRecoveryPoint", "backup:DescribeRegionSettings", "backup:DescribeReportJob", "backup:DescribeReportPlan", "backup:DescribeRestoreJob", "backup:DisassociateRecoveryPoint", "backup:DisassociateRecoveryPointFromParent", "backup:ExportBackupPlanTemplate", "backup:GetBackupPlan", "backup:GetBackupPlanFromJSON", "backup:GetBackupPlanFromTemplate", "backup:GetBackupSelection", "backup:GetBackupVaultAccessPolicy", "backup:GetBackupVaultNotifications", "backup:GetBackupVaultSharingPolicy", "backup:GetLegalHold", "backup:GetRecoveryPointRestoreMetadata", "backup:GetRestoreJobMetadata", "backup:GetRestoreTestingInferredMetadata", "backup:GetRestoreTestingPlan", "backup:GetRestoreTestingSelection", "backup:GetSupportedResourceTypes", "backup:ListBackupJobSummaries", "backup:ListBackupJobs", "backup:ListBackupPlanTemplates", "backup:ListBackupPlanVersions", "backup:ListBackupPlans", "backup:ListBackupSelections", "backup:ListBackupVaults", "backup:ListCopyJobSummaries", "backup:ListCopyJobs", "backup:ListFrameworks", "backup:ListLegalHolds", "backup:ListProtectedResources", "backup:ListProtectedResourcesByBackupVault", "backup:ListRecoveryPointsByBackupVault", "backup:ListRecoveryPointsByLegalHold", "backup:ListRecoveryPointsByResource", "backup:ListReportJobs", "backup:ListReportPlans", "backup:ListRestoreJobSummaries", "backup:ListRestoreJobs", "backup:ListRestoreJobsByProtectedResource", "backup:ListRestoreTestingPlans", "backup:ListRestoreTestingSelections", "backup:ListTags", "backup:PutBackupVaultAccessPolicy", "backup:PutBackupVaultLockConfiguration", "backup:PutBackupVaultNotifications", "backup:PutBackupVaultSharingPolicy", "backup:PutRestoreValidationResult", "backup:StartBackupJob", "backup:StartCopyJob", "backup:StartReportJob", "backup:StartRestoreJob", "backup:StopBackupJob", "backup:TagResource", "backup:UntagResource", "backup:UpdateBackupPlan", "backup:UpdateFramework", "backup:UpdateGlobalSettings", "backup:UpdateRecoveryPointLifecycle", "backup:UpdateRegionSettings", "backup:UpdateReportPlan", "backup:UpdateRestoreTestingPlan", "backup:UpdateRestoreTestingSelection", "backup-storage:CommitBackupJob", "backup-storage:DeleteObjects", "backup-storage:DescribeBackupJob", "backup-storage:GetBaseBackup", "backup-storage:GetChunk", "backup-storage:GetIncrementalBaseBackup", "backup-storage:GetObjectMetadata", "backup-storage:ListChunks", "backup-storage:ListObjects", "backup-storage:MountCapsule", "backup-storage:NotifyObjectComplete", "backup-storage:PutChunk", "backup-storage:PutObject", "backup-storage:StartObject", "backup-storage:UpdateObjectComplete", "rds:DescribeDBSnapshots", "rds:ListTagsForResource", "rds:DescribeDBInstances", "rds:DescribeDBEngineVersions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribeDBSubnetGroups", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBParameterGroups", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBClusterAutomatedBackups", "rds:DeleteDBSnapshot", "rds:DeleteDBClusterSnapshot", "dynamodb:ListBackups", "dynamodb:ListTables", "dynamodb:DeleteBackup", "elasticfilesystem:DescribeFileSystems", "ec2:DescribeSnapshots", "ec2:DescribeVolumes", "ec2:DescribeAvailabilityZones", "ec2:DescribeVpcs", "ec2:DescribeAccountAttributes", "ec2:DescribeSecurityGroups", "ec2:DescribeImages", "ec2:DescribeSubnets", "ec2:DescribePlacementGroups", "ec2:DescribeInstances", "ec2:DescribeInstanceTypes", "ec2:DescribeVpcEndpoints", "ec2:DescribeAddresses", "ec2:DeleteSnapshot", "ec2:DeregisterImage", "tag:GetTagKeys", "tag:GetTagValues", "tag:GetResources", "storagegateway:DescribeCachediSCSIVolumes", "storagegateway:DescribeStorediSCSIVolumes", "storagegateway:ListGateways", "storagegateway:DescribeGatewayInformation", "storagegateway:ListVolumes", "storagegateway:ListLocalDisks", "iam:ListRoles", "iam:GetRole", "iam:PassRole", "organizations:DescribeOrganization", "kms:ListKeys", "kms:DescribeKey", "kms:GenerateDataKey", "kms:ListAliases", "kms:CreateGrant", "ssm:CancelCommand", "ssm:GetCommandInvocation", "ssm:SendCommand", "fsx:DescribeFileSystems", "fsx:DescribeBackups", "fsx:DescribeVolumes", "fsx:DescribeStorageVirtualMachines", "fsx:DeleteBackup", "ds:DescribeDirectories", "iam:CreateServiceLinkedRole", "backup-gateway:AssociateGatewayToServer", "backup-gateway:CreateGateway", "backup-gateway:DeleteGateway", "backup-gateway:DeleteHypervisor", "backup-gateway:DisassociateGatewayFromServer", "backup-gateway:ImportHypervisorConfiguration", "backup-gateway:ListGateways", "backup-gateway:ListHypervisors", "backup-gateway:ListTagsForResource", "backup-gateway:ListVirtualMachines", "backup-gateway:PutMaintenanceStartTime", "backup-gateway:TagResource", "backup-gateway:TestHypervisorConfiguration", "backup-gateway:UntagResource", "backup-gateway:UpdateGatewayInformation", "backup-gateway:UpdateHypervisor", "backup-gateway:GetHypervisor", "backup-gateway:GetHypervisorPropertyMappings", "backup-gateway:PutHypervisorPropertyMappings", "backup-gateway:StartVirtualMachinesMetadataSync", "backup-gateway:GetVirtualMachine", "backup-gateway:GetBandwidthRateLimitSchedule", "backup-gateway:GetGateway", "backup-gateway:PutBandwidthRateLimitSchedule", "cloudwatch:GetMetricData", "timestream:ListTables", "timestream:ListDatabases", "timestream:DescribeEndpoints", "s3:ListAllMyBuckets", "redshift:DescribeClusters", "redshift:DescribeClusterSubnetGroups", "redshift:DescribeClusterSnapshots", "redshift:DescribeSnapshotSchedules", "redshift:DescribeNodeConfigurationOptions", "redshift:DescribeOrderableClusterOptions", "redshift:DescribeClusterParameterGroups", "redshift:DescribeClusterTracks", "cloudformation:ListStacks", "ssm-sap:GetOperation", "ssm-sap:ListDatabases", "ssm-sap:GetDatabase", "ssm-sap:ListTagsForResource", "ram:GetResourceShareAssociations" ], "malformed": false, "name": "AWSBackupFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-27T17:33:10+00:00", "version": "v17" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSVendorInsightsVendorReadOnly", "createdate": "2022-12-01T00:54:38Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "aws-marketplace:DescribeEntity", "aws-marketplace:ListEntities", "vendor-insights:GetDataSource", "vendor-insights:ListDataSources", "vendor-insights:ListSecurityProfiles", "vendor-insights:GetSecurityProfile", "vendor-insights:GetSecurityProfileSnapshot", "vendor-insights:ListSecurityProfileSnapshots", "vendor-insights:ListTagsForResource", "artifact:GetReport", "artifact:GetReportMetadata", "artifact:GetTermForReport", "artifact:ListReports" ], "malformed": false, "name": "AWSVendorInsightsVendorReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-12-01T00:54:38+00:00", "version": "v2" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonWorkMailMessageFlowFullAccess", "createdate": "2021-02-11T11:08:35Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "workmailmessageflow:GetRawMessageContent", "workmailmessageflow:PutRawMessageContent" ], "malformed": false, "name": "AmazonWorkMailMessageFlowFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-02-11T11:08:35+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSConfigMultiAccountSetupPolicy", "createdate": "2023-02-24T01:39:49Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "config:PutConfigRule", "config:DeleteConfigRule", "config:DescribeConfigurationRecorders", "organizations:ListAccounts", "organizations:DescribeOrganization", "organizations:ListAWSServiceAccessForOrganization", "organizations:DescribeAccount", "config:PutConformancePack", "config:DeleteConformancePack", "config:DescribeConformancePackStatus", "iam:GetRole", "iam:CreateServiceLinkedRole", "iam:PassRole" ], "malformed": false, "name": "AWSConfigMultiAccountSetupPolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-02-24T01:39:49+00:00", "version": "v5" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerPartnerServiceCatalogProductsApiGatewayServiceRolePolicy", "createdate": "2023-08-01T15:06:24Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "lambda:InvokeFunction", "sagemaker:InvokeEndpoint" ], "malformed": false, "name": "AmazonSageMakerPartnerServiceCatalogProductsApiGatewayServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-08-01T15:06:24+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/CloudWatchFullAccess", "createdate": "2022-11-27T13:23:49Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "cloudwatch:BatchGetServiceLevelIndicatorReport", "cloudwatch:BatchGetServiceLevelObjectiveBudgetReport", "cloudwatch:CreateServiceLevelObjective", "cloudwatch:DeleteAlarms", "cloudwatch:DeleteAnomalyDetector", "cloudwatch:DeleteDashboards", "cloudwatch:DeleteInsightRules", "cloudwatch:DeleteMetricStream", "cloudwatch:DeleteServiceLevelObjective", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:DisableAlarmActions", "cloudwatch:DisableInsightRules", "cloudwatch:EnableAlarmActions", "cloudwatch:EnableInsightRules", "cloudwatch:EnableTopologyDiscovery", "cloudwatch:GenerateQuery", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:Link", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "cloudwatch:PutAnomalyDetector", "cloudwatch:PutCompositeAlarm", "cloudwatch:PutDashboard", "cloudwatch:PutInsightRule", "cloudwatch:PutManagedInsightRules", "cloudwatch:PutMetricAlarm", "cloudwatch:PutMetricData", "cloudwatch:PutMetricStream", "cloudwatch:SetAlarmState", "cloudwatch:StartMetricStreams", "cloudwatch:StopMetricStreams", "cloudwatch:TagResource", "cloudwatch:UntagResource", "cloudwatch:UpdateServiceLevelObjective", "logs:AssociateKmsKey", "logs:CancelExportTask", "logs:CreateDelivery", "logs:CreateExportTask", "logs:CreateLogAnomalyDetector", "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteAccountPolicy", "logs:DeleteDataProtectionPolicy", "logs:DeleteDelivery", "logs:DeleteDeliveryDestination", "logs:DeleteDeliveryDestinationPolicy", "logs:DeleteDeliverySource", "logs:DeleteDestination", "logs:DeleteLogAnomalyDetector", "logs:DeleteLogDelivery", "logs:DeleteLogGroup", "logs:DeleteLogStream", "logs:DeleteMetricFilter", "logs:DeleteQueryDefinition", "logs:DeleteResourcePolicy", "logs:DeleteRetentionPolicy", "logs:DeleteSubscriptionFilter", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:DisassociateKmsKey", "logs:FilterLogEvents", "logs:GetDataProtectionPolicy", "logs:GetDelivery", "logs:GetDeliveryDestination", "logs:GetDeliveryDestinationPolicy", "logs:GetDeliverySource", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetLogRecord", "logs:GetQueryResults", "logs:Link", "logs:ListAnomalies", "logs:ListLogAnomalyDetectors", "logs:ListLogDeliveries", "logs:ListTagsForResource", "logs:ListTagsLogGroup", "logs:PutAccountPolicy", "logs:PutDataProtectionPolicy", "logs:PutDeliveryDestination", "logs:PutDeliveryDestinationPolicy", "logs:PutDeliverySource", "logs:PutDestination", "logs:PutDestinationPolicy", "logs:PutLogEvents", "logs:PutMetricFilter", "logs:PutQueryDefinition", "logs:PutResourcePolicy", "logs:PutRetentionPolicy", "logs:PutSubscriptionFilter", "logs:StartLiveTail", "logs:StartQuery", "logs:StopLiveTail", "logs:StopQuery", "logs:TagLogGroup", "logs:TagResource", "logs:TestMetricFilter", "logs:Unmask", "logs:UntagLogGroup", "logs:UntagResource", "logs:UpdateAnomaly", "logs:UpdateLogAnomalyDetector", "logs:UpdateLogDelivery", "sns:AddPermission", "sns:CheckIfPhoneNumberIsOptedOut", "sns:ConfirmSubscription", "sns:CreatePlatformApplication", "sns:CreatePlatformEndpoint", "sns:CreateSMSSandboxPhoneNumber", "sns:CreateTopic", "sns:DeleteEndpoint", "sns:DeletePlatformApplication", "sns:DeleteSMSSandboxPhoneNumber", "sns:DeleteTopic", "sns:GetDataProtectionPolicy", "sns:GetEndpointAttributes", "sns:GetPlatformApplicationAttributes", "sns:GetSMSAttributes", "sns:GetSMSSandboxAccountStatus", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:ListEndpointsByPlatformApplication", "sns:ListOriginationNumbers", "sns:ListPhoneNumbersOptedOut", "sns:ListPlatformApplications", "sns:ListSMSSandboxPhoneNumbers", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "sns:OptInPhoneNumber", "sns:Publish", "sns:PutDataProtectionPolicy", "sns:RemovePermission", "sns:SetEndpointAttributes", "sns:SetPlatformApplicationAttributes", "sns:SetSMSAttributes", "sns:SetSubscriptionAttributes", "sns:SetTopicAttributes", "sns:Subscribe", "sns:TagResource", "sns:Unsubscribe", "sns:UntagResource", "sns:VerifySMSSandboxPhoneNumber", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:GetRole", "oam:ListSinks", "iam:CreateServiceLinkedRole", "oam:ListAttachedLinks" ], "malformed": false, "name": "CloudWatchFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-27T13:23:49+00:00", "version": "v4" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryConversionServerPolicy", "createdate": "2023-11-27T13:13:38Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "drs:SendClientMetricsForDrs", "drs:SendClientLogsForDrs", "drs:GetChannelCommandsForDrs", "drs:SendChannelCommandResultForDrs" ], "malformed": false, "name": "AWSElasticDisasterRecoveryConversionServerPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-27T13:13:38+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/CloudWatchLogsReadOnlyAccess", "createdate": "2023-11-26T18:11:33Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:GetDataProtectionPolicy", "logs:GetDelivery", "logs:GetDeliveryDestination", "logs:GetDeliveryDestinationPolicy", "logs:GetDeliverySource", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetLogRecord", "logs:GetQueryResults", "logs:ListAnomalies", "logs:ListLogAnomalyDetectors", "logs:ListLogDeliveries", "logs:ListTagsForResource", "logs:ListTagsLogGroup", "logs:StartQuery", "logs:StopQuery", "logs:TestMetricFilter", "logs:FilterLogEvents", "logs:StartLiveTail", "logs:StopLiveTail", "cloudwatch:GenerateQuery" ], "malformed": false, "name": "CloudWatchLogsReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-26T18:11:33+00:00", "version": "v6" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess", "createdate": "2021-11-22T17:11:11Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "athena:GetDatabase", "athena:GetDataCatalog", "athena:GetTableMetadata", "athena:ListDatabases", "athena:ListDataCatalogs", "athena:ListTableMetadata", "athena:ListWorkGroups", "athena:GetQueryExecution", "athena:GetQueryResults", "athena:GetWorkGroup", "athena:StartQueryExecution", "athena:StopQueryExecution", "glue:GetDatabase", "glue:GetDatabases", "glue:GetTable", "glue:GetTables", "glue:GetPartition", "glue:GetPartitions", "glue:BatchGetPartition", "s3:GetBucketLocation", "s3:GetObject", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListMultipartUploadParts", "s3:AbortMultipartUpload", "s3:CreateBucket", "s3:PutObject", "s3:PutBucketPublicAccessBlock" ], "malformed": false, "name": "AmazonGrafanaAthenaAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-11-22T17:11:11+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForImageBuilder", "createdate": "2023-10-19T21:30:10Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:RunInstances", "ec2:RunInstances", "iam:PassRole", "ec2:StopInstances", "ec2:StartInstances", "ec2:TerminateInstances", "ec2:CopyImage", "ec2:CreateImage", "ec2:CreateLaunchTemplate", "ec2:DeregisterImage", "ec2:DescribeImages", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceStatus", "ec2:DescribeInstances", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:ModifyImageAttribute", "ec2:DescribeImportImageTasks", "ec2:DescribeExportImageTasks", "ec2:DescribeSnapshots", "ec2:DescribeHosts", "ec2:ModifySnapshotAttribute", "ec2:CreateTags", "ec2:CreateTags", "ec2:CreateTags", "license-manager:UpdateLicenseSpecificationsForResource", "sns:Publish", "ssm:ListCommands", "ssm:ListCommandInvocations", "ssm:AddTagsToResource", "ssm:DescribeInstanceInformation", "ssm:GetAutomationExecution", "ssm:StopAutomationExecution", "ssm:ListInventoryEntries", "ssm:SendAutomationSignal", "ssm:DescribeInstanceAssociationsStatus", "ssm:DescribeAssociationExecutions", "ssm:GetCommandInvocation", "ssm:SendCommand", "ssm:SendCommand", "ssm:StartAutomationExecution", "ssm:CreateAssociation", "ssm:DeleteAssociation", "kms:Encrypt", "kms:Decrypt", "kms:ReEncryptFrom", "kms:ReEncryptTo", "kms:GenerateDataKeyWithoutPlaintext", "kms:DescribeKey", "kms:CreateGrant", "sts:AssumeRole", "logs:CreateLogStream", "logs:CreateLogGroup", "logs:PutLogEvents", "ec2:CreateLaunchTemplateVersion", "ec2:DescribeLaunchTemplates", "ec2:ModifyLaunchTemplate", "ec2:DescribeLaunchTemplateVersions", "ec2:ExportImage", "ec2:ExportImage", "ec2:CancelExportTask", "iam:CreateServiceLinkedRole", "ec2:EnableFastLaunch", "inspector2:ListCoverage", "inspector2:ListFindings", "ecr:CreateRepository", "ecr:TagResource", "ecr:BatchDeleteImage", "events:DeleteRule", "events:DescribeRule", "events:PutRule", "events:PutTargets", "events:RemoveTargets" ], "malformed": false, "name": "AWSServiceRoleForImageBuilder", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-10-19T21:30:10+00:00", "version": "v19" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonESCognitoAccess", "createdate": "2021-12-20T14:04:44Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "cognito-idp:DescribeUserPool", "cognito-idp:CreateUserPoolClient", "cognito-idp:DeleteUserPoolClient", "cognito-idp:UpdateUserPoolClient", "cognito-idp:DescribeUserPoolClient", "cognito-idp:AdminInitiateAuth", "cognito-idp:AdminUserGlobalSignOut", "cognito-idp:ListUserPoolClients", "cognito-identity:DescribeIdentityPool", "cognito-identity:UpdateIdentityPool", "cognito-identity:SetIdentityPoolRoles", "cognito-identity:GetIdentityPoolRoles", "iam:PassRole" ], "malformed": false, "name": "AmazonESCognitoAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-12-20T14:04:44+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSM2ServicePolicy", "createdate": "2022-06-07T20:26:39Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeSubnets", "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:DescribeNetworkInterfaces", "ec2:CreateNetworkInterfacePermission", "ec2:ModifyNetworkInterfaceAttribute", "elasticfilesystem:DescribeMountTargets", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:DeregisterTargets", "fsx:DescribeFileSystems", "cloudwatch:PutMetricData" ], "malformed": false, "name": "AWSM2ServicePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-06-07T20:26:39+00:00", "version": "v1" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonSQSReadOnlyAccess", "createdate": "2023-06-15T15:37:35Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "sqs:ListDeadLetterSourceQueues", "sqs:ListQueues", "sqs:ListMessageMoveTasks" ], "malformed": false, "name": "AmazonSQSReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-06-15T15:37:35+00:00", "version": "v3" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryAgentInstallationPolicy", "createdate": "2023-11-27T12:38:51Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "drs:GetAgentInstallationAssetsForDrs", "drs:SendClientLogsForDrs", "drs:SendClientMetricsForDrs", "drs:CreateSourceServerForDrs", "drs:CreateRecoveryInstanceForDrs", "drs:DescribeRecoveryInstances", "drs:CreateSourceNetwork", "drs:TagResource", "drs:TagResource", "drs:TagResource", "drs:IssueAgentCertificateForDrs" ], "malformed": false, "name": "AWSElasticDisasterRecoveryAgentInstallationPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-27T12:38:51+00:00", "version": "v6" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/ComprehendReadOnly", "createdate": "2022-04-26T21:32:41Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "comprehend:DetectDominantLanguage", "comprehend:BatchDetectDominantLanguage", "comprehend:DetectEntities", "comprehend:BatchDetectEntities", "comprehend:DetectKeyPhrases", "comprehend:BatchDetectKeyPhrases", "comprehend:DetectPiiEntities", "comprehend:ContainsPiiEntities", "comprehend:DetectSentiment", "comprehend:BatchDetectSentiment", "comprehend:DetectSyntax", "comprehend:BatchDetectSyntax", "comprehend:ClassifyDocument", "comprehend:DescribeTopicsDetectionJob", "comprehend:ListTopicsDetectionJobs", "comprehend:DescribeDominantLanguageDetectionJob", "comprehend:ListDominantLanguageDetectionJobs", "comprehend:DescribeEntitiesDetectionJob", "comprehend:ListEntitiesDetectionJobs", "comprehend:DescribeKeyPhrasesDetectionJob", "comprehend:ListKeyPhrasesDetectionJobs", "comprehend:DescribePiiEntitiesDetectionJob", "comprehend:ListPiiEntitiesDetectionJobs", "comprehend:DescribeSentimentDetectionJob", "comprehend:DescribeTargetedSentimentDetectionJob", "comprehend:ListSentimentDetectionJobs", "comprehend:ListTargetedSentimentDetectionJobs", "comprehend:DescribeDocumentClassifier", "comprehend:ListDocumentClassifiers", "comprehend:DescribeDocumentClassificationJob", "comprehend:ListDocumentClassificationJobs", "comprehend:DescribeEntityRecognizer", "comprehend:ListEntityRecognizers", "comprehend:ListTagsForResource", "comprehend:DescribeEndpoint", "comprehend:ListEndpoints", "comprehend:ListDocumentClassifierSummaries", "comprehend:ListEntityRecognizerSummaries", "comprehend:DescribeResourcePolicy" ], "malformed": false, "name": "ComprehendReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-04-26T21:32:41+00:00", "version": "v11" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSPrivateCAUser", "createdate": "2023-02-14T18:16:08Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "acm-pca:IssueCertificate", "acm-pca:RevokeCertificate", "acm-pca:GetCertificate", "acm-pca:ListPermissions", "acm-pca:ListCertificateAuthorities" ], "malformed": false, "name": "AWSPrivateCAUser", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-02-14T18:16:08+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSLambdaSQSQueueExecutionRole", "createdate": "2018-06-14T21:50:45Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "sqs:ReceiveMessage", "sqs:DeleteMessage", "sqs:GetQueueAttributes", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "malformed": false, "name": "AWSLambdaSQSQueueExecutionRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-06-14T21:50:45+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonMQApiFullAccess", "createdate": "2020-11-04T16:45:35Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mq:CreateBroker", "mq:CreateConfiguration", "mq:CreateReplicaBroker", "mq:CreateTags", "mq:CreateUser", "mq:DeleteBroker", "mq:DeleteTags", "mq:DeleteUser", "mq:DescribeBroker", "mq:DescribeBrokerEngineTypes", "mq:DescribeBrokerInstanceOptions", "mq:DescribeConfiguration", "mq:DescribeConfigurationRevision", "mq:DescribeUser", "mq:ListBrokers", "mq:ListConfigurationRevisions", "mq:ListConfigurations", "mq:ListTags", "mq:ListUsers", "mq:Promote", "mq:RebootBroker", "mq:UpdateBroker", "mq:UpdateConfiguration", "mq:UpdateUser", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DetachNetworkInterface", "ec2:DescribeInternetGateways", "ec2:DescribeNetworkInterfaces", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "logs:CreateLogGroup", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonMQApiFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-11-04T16:45:35+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/ComputeOptimizerServiceRolePolicy", "createdate": "2022-06-13T19:05:04Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "compute-optimizer:DeleteRecommendationPreferences", "compute-optimizer:DescribeRecommendationExportJobs", "compute-optimizer:ExportAutoScalingGroupRecommendations", "compute-optimizer:ExportEBSVolumeRecommendations", "compute-optimizer:ExportEC2InstanceRecommendations", "compute-optimizer:ExportECSServiceRecommendations", "compute-optimizer:ExportLambdaFunctionRecommendations", "compute-optimizer:ExportLicenseRecommendations", "compute-optimizer:GetAutoScalingGroupRecommendations", "compute-optimizer:GetEBSVolumeRecommendations", "compute-optimizer:GetEC2InstanceRecommendations", "compute-optimizer:GetEC2RecommendationProjectedMetrics", "compute-optimizer:GetECSServiceRecommendationProjectedMetrics", "compute-optimizer:GetECSServiceRecommendations", "compute-optimizer:GetEffectiveRecommendationPreferences", "compute-optimizer:GetEnrollmentStatus", "compute-optimizer:GetEnrollmentStatusesForOrganization", "compute-optimizer:GetLambdaFunctionRecommendations", "compute-optimizer:GetLicenseRecommendations", "compute-optimizer:GetRecommendationPreferences", "compute-optimizer:GetRecommendationSummaries", "compute-optimizer:PutRecommendationPreferences", "compute-optimizer:UpdateEnrollmentStatus", "organizations:DescribeOrganization", "organizations:ListAccounts", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListDelegatedAdministrators", "cloudwatch:GetMetricData", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingGroups", "ec2:DescribeInstances", "ec2:DescribeVolumes" ], "malformed": false, "name": "ComputeOptimizerServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-06-13T19:05:04+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAPrivilegedUser", "createdate": "2019-06-20T17:43:13Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "acm-pca:IssueCertificate", "acm-pca:RevokeCertificate", "acm-pca:GetCertificate", "acm-pca:ListPermissions", "acm-pca:ListCertificateAuthorities" ], "malformed": false, "name": "AWSCertificateManagerPrivateCAPrivilegedUser", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-20T17:43:13+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonMacieServiceRole", "createdate": "2017-08-14T14:53:26Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource" ], "malformed": false, "name": "AmazonMacieServiceRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-08-14T14:53:26+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSApplicationMigrationVCenterClientPolicy", "createdate": "2021-11-08T12:53:08Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mgn:CreateVcenterClientForMgn", "mgn:DescribeVcenterClients", "mgn:GetVcenterClientCommandsForMgn", "mgn:SendVcenterClientCommandResultForMgn", "mgn:SendVcenterClientLogsForMgn", "mgn:SendVcenterClientMetricsForMgn", "mgn:DeleteVcenterClient", "mgn:TagResource", "mgn:NotifyVcenterClientStartedForMgn" ], "malformed": false, "name": "AWSApplicationMigrationVCenterClientPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-11-08T12:53:08+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSSSOMemberAccountAdministrator", "createdate": "2022-10-20T20:32:45Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "ds:DescribeDirectories", "ds:AuthorizeApplication", "ds:UnauthorizeApplication", "ds:DescribeTrusts", "iam:ListPolicies", "organizations:EnableAWSServiceAccess", "organizations:DescribeOrganization", "organizations:DescribeAccount", "organizations:ListRoots", "organizations:ListAccounts", "organizations:ListAccountsForParent", "organizations:ListParents", "organizations:ListChildren", "organizations:ListOrganizationalUnitsForParent", "organizations:ListDelegatedAdministrators", "sso:AssociateDirectory", "sso:AssociateProfile", "sso:AttachCustomerManagedPolicyReferenceToPermissionSet", "sso:AttachManagedPolicyToPermissionSet", "sso:CreateAccountAssignment", "sso:CreateApplication", "sso:CreateApplicationAssignment", "sso:CreateApplicationInstance", "sso:CreateApplicationInstanceCertificate", "sso:CreateInstance", "sso:CreateInstanceAccessControlAttributeConfiguration", "sso:CreateManagedApplicationInstance", "sso:CreatePermissionSet", "sso:CreateProfile", "sso:CreateTrust", "sso:CreateTrustedTokenIssuer", "sso:DeleteAccountAssignment", "sso:DeleteApplication", "sso:DeleteApplicationAccessScope", "sso:DeleteApplicationAssignment", "sso:DeleteApplicationAuthenticationMethod", "sso:DeleteApplicationGrant", "sso:DeleteApplicationInstance", "sso:DeleteApplicationInstanceCertificate", "sso:DeleteInlinePolicyFromPermissionSet", "sso:DeleteInstance", "sso:DeleteInstanceAccessControlAttributeConfiguration", "sso:DeleteManagedApplicationInstance", "sso:DeletePermissionSet", "sso:DeletePermissionsBoundaryFromPermissionSet", "sso:DeletePermissionsPolicy", "sso:DeleteProfile", "sso:DeleteTrustedTokenIssuer", "sso:DescribeAccountAssignmentCreationStatus", "sso:DescribeAccountAssignmentDeletionStatus", "sso:DescribeApplication", "sso:DescribeApplicationAssignment", "sso:DescribeApplicationProvider", "sso:DescribeDirectories", "sso:DescribeInstance", "sso:DescribeInstanceAccessControlAttributeConfiguration", "sso:DescribePermissionSet", "sso:DescribePermissionSetProvisioningStatus", "sso:DescribePermissionsPolicies", "sso:DescribeRegisteredRegions", "sso:DescribeTrustedTokenIssuer", "sso:DescribeTrusts", "sso:DetachCustomerManagedPolicyReferenceFromPermissionSet", "sso:DetachManagedPolicyFromPermissionSet", "sso:DisassociateDirectory", "sso:DisassociateProfile", "sso:GetApplicationAccessScope", "sso:GetApplicationAssignmentConfiguration", "sso:GetApplicationAuthenticationMethod", "sso:GetApplicationGrant", "sso:GetApplicationInstance", "sso:GetApplicationTemplate", "sso:GetInlinePolicyForPermissionSet", "sso:GetManagedApplicationInstance", "sso:GetMfaDeviceManagementForDirectory", "sso:GetPermissionSet", "sso:GetPermissionsBoundaryForPermissionSet", "sso:GetPermissionsPolicy", "sso:GetProfile", "sso:GetSSOStatus", "sso:GetSharedSsoConfiguration", "sso:GetSsoConfiguration", "sso:GetTrust", "sso:ImportApplicationInstanceServiceProviderMetadata", "sso:ListAccountAssignmentCreationStatus", "sso:ListAccountAssignmentDeletionStatus", "sso:ListAccountAssignments", "sso:ListAccountAssignmentsForPrincipal", "sso:ListAccountsForProvisionedPermissionSet", "sso:ListApplicationAccessScopes", "sso:ListApplicationAssignments", "sso:ListApplicationAssignmentsForPrincipal", "sso:ListApplicationAuthenticationMethods", "sso:ListApplicationGrants", "sso:ListApplicationInstanceCertificates", "sso:ListApplicationInstances", "sso:ListApplicationProviders", "sso:ListApplicationTemplates", "sso:ListApplications", "sso:ListCustomerManagedPolicyReferencesInPermissionSet", "sso:ListDirectoryAssociations", "sso:ListInstances", "sso:ListManagedPoliciesInPermissionSet", "sso:ListPermissionSetProvisioningStatus", "sso:ListPermissionSets", "sso:ListPermissionSetsProvisionedToAccount", "sso:ListProfileAssociations", "sso:ListProfiles", "sso:ListTagsForResource", "sso:ListTrustedTokenIssuers", "sso:ProvisionPermissionSet", "sso:PutApplicationAccessScope", "sso:PutApplicationAssignmentConfiguration", "sso:PutApplicationAuthenticationMethod", "sso:PutApplicationGrant", "sso:PutInlinePolicyToPermissionSet", "sso:PutMfaDeviceManagementForDirectory", "sso:PutPermissionsBoundaryToPermissionSet", "sso:PutPermissionsPolicy", "sso:SearchGroups", "sso:SearchUsers", "sso:StartSSO", "sso:TagResource", "sso:UntagResource", "sso:UpdateApplication", "sso:UpdateApplicationInstanceActiveCertificate", "sso:UpdateApplicationInstanceDisplayData", "sso:UpdateApplicationInstanceResponseConfiguration", "sso:UpdateApplicationInstanceResponseSchemaConfiguration", "sso:UpdateApplicationInstanceSecurityConfiguration", "sso:UpdateApplicationInstanceServiceProviderConfiguration", "sso:UpdateApplicationInstanceStatus", "sso:UpdateDirectoryAssociation", "sso:UpdateInstance", "sso:UpdateInstanceAccessControlAttributeConfiguration", "sso:UpdateManagedApplicationInstanceStatus", "sso:UpdatePermissionSet", "sso:UpdateProfile", "sso:UpdateSSOConfiguration", "sso:UpdateTrust", "sso:UpdateTrustedTokenIssuer", "sso-directory:AddMemberToGroup", "sso-directory:CompleteVirtualMfaDeviceRegistration", "sso-directory:CompleteWebAuthnDeviceRegistration", "sso-directory:CreateAlias", "sso-directory:CreateBearerToken", "sso-directory:CreateExternalIdPConfigurationForDirectory", "sso-directory:CreateGroup", "sso-directory:CreateProvisioningTenant", "sso-directory:CreateUser", "sso-directory:DeleteBearerToken", "sso-directory:DeleteExternalIdPCertificate", "sso-directory:DeleteExternalIdPConfigurationForDirectory", "sso-directory:DeleteGroup", "sso-directory:DeleteMfaDeviceForUser", "sso-directory:DeleteProvisioningTenant", "sso-directory:DeleteUser", "sso-directory:DescribeDirectory", "sso-directory:DescribeGroup", "sso-directory:DescribeGroups", "sso-directory:DescribeProvisioningTenant", "sso-directory:DescribeUser", "sso-directory:DescribeUserByUniqueAttribute", "sso-directory:DescribeUsers", "sso-directory:DisableExternalIdPConfigurationForDirectory", "sso-directory:DisableUser", "sso-directory:EnableExternalIdPConfigurationForDirectory", "sso-directory:EnableUser", "sso-directory:GetAWSSPConfigurationForDirectory", "sso-directory:GetUserPoolInfo", "sso-directory:ImportExternalIdPCertificate", "sso-directory:IsMemberInGroup", "sso-directory:ListBearerTokens", "sso-directory:ListExternalIdPCertificates", "sso-directory:ListExternalIdPConfigurationsForDirectory", "sso-directory:ListGroupsForMember", "sso-directory:ListGroupsForUser", "sso-directory:ListMembersInGroup", "sso-directory:ListMfaDevicesForUser", "sso-directory:ListProvisioningTenants", "sso-directory:RemoveMemberFromGroup", "sso-directory:SearchGroups", "sso-directory:SearchUsers", "sso-directory:StartVirtualMfaDeviceRegistration", "sso-directory:StartWebAuthnDeviceRegistration", "sso-directory:UpdateExternalIdPConfigurationForDirectory", "sso-directory:UpdateGroup", "sso-directory:UpdateGroupDisplayName", "sso-directory:UpdateMfaDeviceForUser", "sso-directory:UpdatePassword", "sso-directory:UpdateUser", "sso-directory:UpdateUserName", "sso-directory:VerifyEmail", "identitystore:CreateGroup", "identitystore:CreateGroupMembership", "identitystore:CreateUser", "identitystore:DeleteGroup", "identitystore:DeleteGroupMembership", "identitystore:DeleteUser", "identitystore:DescribeGroup", "identitystore:DescribeGroupMembership", "identitystore:DescribeUser", "identitystore:GetGroupId", "identitystore:GetGroupMembershipId", "identitystore:GetUserId", "identitystore:IsMemberInGroups", "identitystore:ListGroupMemberships", "identitystore:ListGroupMembershipsForMember", "identitystore:ListGroups", "identitystore:ListUsers", "identitystore:UpdateGroup", "identitystore:UpdateUser", "identitystore-auth:BatchDeleteSession", "identitystore-auth:BatchGetSession", "identitystore-auth:ListSessions", "ds:CreateAlias", "access-analyzer:ValidatePolicy", "organizations:RegisterDelegatedAdministrator", "organizations:DeregisterDelegatedAdministrator" ], "malformed": false, "name": "AWSSSOMemberAccountAdministrator", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-10-20T20:32:45+00:00", "version": "v7" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSThinkboxDeadlineSpotEventPluginAdminPolicy", "createdate": "2020-05-27T19:38:34Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CancelSpotFleetRequests", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequests", "ec2:ModifySpotFleetRequest", "ec2:RequestSpotFleet", "ec2:CreateTags", "ec2:RunInstances", "ec2:TerminateInstances", "iam:CreateServiceLinkedRole", "iam:GetInstanceProfile", "iam:GetRole", "iam:GetUser", "iam:PassRole" ], "malformed": false, "name": "AWSThinkboxDeadlineSpotEventPluginAdminPolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-05-27T19:38:34+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSBackupServiceRolePolicyForS3Backup", "createdate": "2022-09-01T16:52:33Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudwatch:GetMetricData", "events:DeleteRule", "events:PutTargets", "events:DescribeRule", "events:EnableRule", "events:PutRule", "events:RemoveTargets", "events:ListTargetsByRule", "events:DisableRule", "events:ListRules", "kms:Decrypt", "kms:DescribeKey", "s3:GetBucketTagging", "s3:GetInventoryConfiguration", "s3:ListBucketVersions", "s3:ListBucket", "s3:GetBucketVersioning", "s3:GetBucketLocation", "s3:GetBucketAcl", "s3:PutInventoryConfiguration", "s3:GetBucketNotification", "s3:PutBucketNotification", "s3:GetObjectAcl", "s3:GetObject", "s3:GetObjectVersionTagging", "s3:GetObjectVersionAcl", "s3:GetObjectTagging", "s3:GetObjectVersion", "s3:ListAllMyBuckets" ], "malformed": false, "name": "AWSBackupServiceRolePolicyForS3Backup", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-09-01T16:52:33+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonCloudWatchRUMFullAccess", "createdate": "2021-11-29T15:46:12Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "rum:BatchCreateRumMetricDefinitions", "rum:BatchDeleteRumMetricDefinitions", "rum:BatchGetRumMetricDefinitions", "rum:CreateAppMonitor", "rum:DeleteAppMonitor", "rum:DeleteRumMetricsDestination", "rum:GetAppMonitor", "rum:GetAppMonitorData", "rum:ListAppMonitors", "rum:ListRumMetricsDestinations", "rum:ListTagsForResource", "rum:PutRumEvents", "rum:PutRumMetricsDestination", "rum:TagResource", "rum:UntagResource", "rum:UpdateAppMonitor", "rum:UpdateRumMetricDefinition", "iam:GetRole", "iam:CreateServiceLinkedRole", "iam:PassRole", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "cloudwatch:DescribeAlarms", "cognito-identity:CreateIdentityPool", "cognito-identity:ListIdentityPools", "cognito-identity:DescribeIdentityPool", "cognito-identity:GetIdentityPoolRoles", "cognito-identity:SetIdentityPoolRoles", "logs:CreateLogGroup", "logs:DeleteLogGroup", "logs:PutRetentionPolicy", "logs:CreateLogStream", "logs:CreateLogDelivery", "logs:GetLogDelivery", "logs:UpdateLogDelivery", "logs:DeleteLogDelivery", "logs:ListLogDeliveries", "logs:DescribeResourcePolicies", "logs:DescribeLogGroups", "synthetics:DescribeCanaries", "synthetics:DescribeCanariesLastRun" ], "malformed": false, "name": "AmazonCloudWatchRUMFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-11-29T15:46:12+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/AWSDeadlineCloud-WorkerHost", "createdate": "2024-04-01T17:28:28Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "deadline:CreateWorker", "deadline:AssumeFleetRoleForWorker" ], "malformed": false, "name": "AWSDeadlineCloud-WorkerHost", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-01T17:28:28+00:00", "version": "v1" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/EC2FastLaunchServiceRolePolicy", "createdate": "2022-01-10T13:08:21Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:RunInstances", "ec2:RunInstances", "iam:PassRole", "ec2:StopInstances", "ec2:TerminateInstances", "ec2:CreateSnapshot", "ec2:CreateSnapshot", "ec2:CreateLaunchTemplate", "ec2:CreateTags", "ec2:DeleteSnapshot", "ec2:DescribeImages", "ec2:DescribeSnapshots", "ec2:DescribeSubnets", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceStatus", "ec2:DescribeInstances", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "cloudwatch:PutMetricData" ], "malformed": false, "name": "EC2FastLaunchServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-01-10T13:08:21+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/WAFV2LoggingServiceRolePolicy", "createdate": "2020-07-23T17:04:25Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "firehose:PutRecord", "firehose:PutRecordBatch", "organizations:DescribeOrganization" ], "malformed": false, "name": "WAFV2LoggingServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-07-23T17:04:25+00:00", "version": "v2" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonDocDB-ElasticServiceRolePolicy", "createdate": "2022-11-30T14:17:05Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:PutMetricData" ], "malformed": false, "name": "AmazonDocDB-ElasticServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-30T14:17:05+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSElasticBeanstalkManagedUpdatesServiceRolePolicy", "createdate": "2023-03-24T00:18:43Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "iam:PassRole", "ec2:ReleaseAddress", "ec2:AllocateAddress", "ec2:DisassociateAddress", "ec2:AssociateAddress", "ecs:RegisterTaskDefinition", "ecs:DeregisterTaskDefinition", "ecs:ListAccountSettings", "ecs:ListAttributes", "ecs:ListClusters", "ecs:ListContainerInstances", "ecs:ListServices", "ecs:ListServicesByNamespace", "ecs:ListTagsForResource", "ecs:ListTaskDefinitionFamilies", "ecs:ListTaskDefinitions", "ecs:ListTasks", "ecs:DescribeCapacityProviders", "ecs:DescribeClusters", "ecs:DescribeContainerInstances", "ecs:DescribeServices", "ecs:DescribeTaskDefinition", "ecs:DescribeTaskSets", "ecs:DescribeTasks", "elasticbeanstalk:AbortEnvironmentUpdate", "elasticbeanstalk:AddTags", "elasticbeanstalk:ApplyEnvironmentManagedAction", "elasticbeanstalk:AssociateEnvironmentOperationsRole", "elasticbeanstalk:CheckDNSAvailability", "elasticbeanstalk:ComposeEnvironments", "elasticbeanstalk:CreateApplication", "elasticbeanstalk:CreateApplicationVersion", "elasticbeanstalk:CreateConfigurationTemplate", "elasticbeanstalk:CreateEnvironment", "elasticbeanstalk:CreatePlatformVersion", "elasticbeanstalk:CreateStorageLocation", "elasticbeanstalk:DeleteApplication", "elasticbeanstalk:DeleteApplicationVersion", "elasticbeanstalk:DeleteConfigurationTemplate", "elasticbeanstalk:DeleteEnvironmentConfiguration", "elasticbeanstalk:DeletePlatformVersion", "elasticbeanstalk:DescribeAccountAttributes", "elasticbeanstalk:DescribeApplicationVersions", "elasticbeanstalk:DescribeApplications", "elasticbeanstalk:DescribeConfigurationOptions", "elasticbeanstalk:DescribeConfigurationSettings", "elasticbeanstalk:DescribeEnvironmentHealth", "elasticbeanstalk:DescribeEnvironmentManagedActionHistory", "elasticbeanstalk:DescribeEnvironmentManagedActions", "elasticbeanstalk:DescribeEnvironmentResources", "elasticbeanstalk:DescribeEnvironments", "elasticbeanstalk:DescribeEvents", "elasticbeanstalk:DescribeInstancesHealth", "elasticbeanstalk:DescribePlatformVersion", "elasticbeanstalk:DisassociateEnvironmentOperationsRole", "elasticbeanstalk:ListAvailableSolutionStacks", "elasticbeanstalk:ListPlatformBranches", "elasticbeanstalk:ListPlatformVersions", "elasticbeanstalk:ListTagsForResource", "elasticbeanstalk:PutInstanceStatistics", "elasticbeanstalk:RebuildEnvironment", "elasticbeanstalk:RemoveTags", "elasticbeanstalk:RequestEnvironmentInfo", "elasticbeanstalk:RestartAppServer", "elasticbeanstalk:RetrieveEnvironmentInfo", "elasticbeanstalk:SwapEnvironmentCNAMEs", "elasticbeanstalk:TerminateEnvironment", "elasticbeanstalk:UpdateApplication", "elasticbeanstalk:UpdateApplicationResourceLifecycle", "elasticbeanstalk:UpdateApplicationVersion", "elasticbeanstalk:UpdateConfigurationTemplate", "elasticbeanstalk:UpdateEnvironment", "elasticbeanstalk:UpdateTagsForResource", "elasticbeanstalk:ValidateConfigurationSettings", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeChangeSet", "cloudformation:DescribeChangeSetHooks", "cloudformation:DescribeGeneratedTemplate", "cloudformation:DescribeOrganizationsAccess", "cloudformation:DescribePublisher", "cloudformation:DescribeResourceScan", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:DescribeType", "cloudformation:DescribeTypeRegistration", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "logs:DescribeLogGroups", "sns:GetTopicAttributes", "sns:ListSubscriptionsByTopic", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstances", "autoscaling:AttachInstances", "autoscaling:CreateAutoScalingGroup", "autoscaling:CreateLaunchConfiguration", "autoscaling:CreateOrUpdateTags", "autoscaling:DeleteAutoScalingGroup", "autoscaling:DeleteLaunchConfiguration", "autoscaling:DeleteScheduledAction", "autoscaling:DetachInstances", "autoscaling:PutNotificationConfiguration", "autoscaling:PutScalingPolicy", "autoscaling:PutScheduledUpdateGroupAction", "autoscaling:ResumeProcesses", "autoscaling:SuspendProcesses", "autoscaling:TerminateInstanceInAutoScalingGroup", "autoscaling:UpdateAutoScalingGroup", "cloudformation:CreateStack", "cloudformation:CancelUpdateStack", "cloudformation:DeleteStack", "cloudformation:GetTemplate", "cloudformation:UpdateStack", "ec2:TerminateInstances", "s3:DeleteObject", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectVersionAcl", "s3:GetBucketLocation", "s3:GetBucketPolicy", "s3:ListBucket", "s3:PutBucketPolicy", "logs:CreateLogGroup", "logs:DeleteLogGroup", "logs:PutRetentionPolicy", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:DeregisterTargets", "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "sns:CreateTopic", "ec2:CreateLaunchTemplate", "ec2:DeleteLaunchTemplate", "ec2:CreateLaunchTemplateVersion", "ec2:DeleteLaunchTemplateVersions", "ec2:RunInstances", "ecs:TagResource" ], "malformed": false, "name": "AWSElasticBeanstalkManagedUpdatesServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-24T00:18:43+00:00", "version": "v8" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSAgentlessDiscoveryService", "createdate": "2020-02-24T23:08:23Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "awsconnector:RegisterConnector", "awsconnector:GetConnectorHealth", "iam:GetUser", "s3:GetObject", "s3:ListBucket", "s3:PutObject", "s3:PutObjectAcl", "sns:Publish", "discovery:AssociateConfigurationItemsToApplication", "discovery:BatchDeleteAgents", "discovery:BatchDeleteImportData", "discovery:CreateApplication", "discovery:CreateTags", "discovery:DeleteApplications", "discovery:DeleteTags", "discovery:DescribeAgents", "discovery:DescribeBatchDeleteConfigurationTask", "discovery:DescribeConfigurations", "discovery:DescribeContinuousExports", "discovery:DescribeExportConfigurations", "discovery:DescribeExportTasks", "discovery:DescribeImportTasks", "discovery:DescribeTags", "discovery:DisassociateConfigurationItemsFromApplication", "discovery:ExportConfigurations", "discovery:GetDiscoverySummary", "discovery:GetNetworkConnectionGraph", "discovery:ListConfigurations", "discovery:ListServerNeighbors", "discovery:StartBatchDeleteConfigurationTask", "discovery:StartContinuousExport", "discovery:StartDataCollectionByAgentIds", "discovery:StartExportTask", "discovery:StartImportTask", "discovery:StopContinuousExport", "discovery:StopDataCollectionByAgentIds", "discovery:UpdateApplication", "arsenal:RegisterOnPremisesAgent", "mgh:GetHomeRegion" ], "malformed": false, "name": "AWSAgentlessDiscoveryService", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-02-24T23:08:23+00:00", "version": "v2" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AWSMigrationHubOrchestratorInstanceRolePolicy", "createdate": "2022-04-20T02:43:50Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "secretsmanager:GetSecretValue", "s3:GetObject" ], "malformed": false, "name": "AWSMigrationHubOrchestratorInstanceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-04-20T02:43:50+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSMigrationHubStrategyCollector", "createdate": "2024-04-01T16:21:02Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:GetObject", "s3:PutObject", "s3:GetBucketAcl", "s3:CreateBucket", "s3:PutEncryptionConfiguration", "s3:PutBucketPublicAccessBlock", "s3:PutBucketVersioning", "s3:PutLifecycleConfiguration", "s3:ListBucket", "s3:GetBucketLocation", "s3:ListAllMyBuckets", "application-transformation:PutMetricData", "application-transformation:PutLogData", "application-transformation:StartPortingCompatibilityAssessment", "application-transformation:GetPortingCompatibilityAssessment", "application-transformation:StartPortingRecommendationAssessment", "application-transformation:GetPortingRecommendationAssessment", "execute-api:Invoke", "execute-api:ManageConnections", "migrationhub-strategy:RegisterCollector", "migrationhub-strategy:GetAntiPattern", "migrationhub-strategy:GetMessage", "migrationhub-strategy:SendMessage", "migrationhub-strategy:ListAntiPatterns", "migrationhub-strategy:ListJarArtifacts", "migrationhub-strategy:UpdateCollectorConfiguration", "migrationhub-strategy:PutLogData", "migrationhub-strategy:PutMetricData", "secretsmanager:GetSecretValue" ], "malformed": false, "name": "AWSMigrationHubStrategyCollector", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-01T16:21:02+00:00", "version": "v6" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSWAFConsoleFullAccess", "createdate": "2023-06-05T20:56:03Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "apigateway:GET", "apigateway:SetWebACL", "cloudfront:ListDistributions", "cloudfront:ListDistributionsByWebACLId", "cloudfront:UpdateDistribution", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "ec2:DescribeRegions", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:SetWebAcl", "appsync:ListGraphqlApis", "appsync:SetWebACL", "waf-regional:AssociateWebACL", "waf-regional:CreateByteMatchSet", "waf-regional:CreateGeoMatchSet", "waf-regional:CreateIPSet", "waf-regional:CreateRateBasedRule", "waf-regional:CreateRegexMatchSet", "waf-regional:CreateRegexPatternSet", "waf-regional:CreateRule", "waf-regional:CreateRuleGroup", "waf-regional:CreateSizeConstraintSet", "waf-regional:CreateSqlInjectionMatchSet", "waf-regional:CreateWebACL", "waf-regional:CreateWebACLMigrationStack", "waf-regional:CreateXssMatchSet", "waf-regional:DeleteByteMatchSet", "waf-regional:DeleteGeoMatchSet", "waf-regional:DeleteIPSet", "waf-regional:DeleteLoggingConfiguration", "waf-regional:DeletePermissionPolicy", "waf-regional:DeleteRateBasedRule", "waf-regional:DeleteRegexMatchSet", "waf-regional:DeleteRegexPatternSet", "waf-regional:DeleteRule", "waf-regional:DeleteRuleGroup", "waf-regional:DeleteSizeConstraintSet", "waf-regional:DeleteSqlInjectionMatchSet", "waf-regional:DeleteWebACL", "waf-regional:DeleteXssMatchSet", "waf-regional:DisassociateWebACL", "waf-regional:GetByteMatchSet", "waf-regional:GetChangeToken", "waf-regional:GetChangeTokenStatus", "waf-regional:GetGeoMatchSet", "waf-regional:GetIPSet", "waf-regional:GetLoggingConfiguration", "waf-regional:GetPermissionPolicy", "waf-regional:GetRateBasedRule", "waf-regional:GetRateBasedRuleManagedKeys", "waf-regional:GetRegexMatchSet", "waf-regional:GetRegexPatternSet", "waf-regional:GetRule", "waf-regional:GetRuleGroup", "waf-regional:GetSampledRequests", "waf-regional:GetSizeConstraintSet", "waf-regional:GetSqlInjectionMatchSet", "waf-regional:GetWebACL", "waf-regional:GetWebACLForResource", "waf-regional:GetXssMatchSet", "waf-regional:ListActivatedRulesInRuleGroup", "waf-regional:ListByteMatchSets", "waf-regional:ListGeoMatchSets", "waf-regional:ListIPSets", "waf-regional:ListLoggingConfigurations", "waf-regional:ListRateBasedRules", "waf-regional:ListRegexMatchSets", "waf-regional:ListRegexPatternSets", "waf-regional:ListResourcesForWebACL", "waf-regional:ListRuleGroups", "waf-regional:ListRules", "waf-regional:ListSizeConstraintSets", "waf-regional:ListSqlInjectionMatchSets", "waf-regional:ListSubscribedRuleGroups", "waf-regional:ListTagsForResource", "waf-regional:ListWebACLs", "waf-regional:ListXssMatchSets", "waf-regional:PutLoggingConfiguration", "waf-regional:PutPermissionPolicy", "waf-regional:TagResource", "waf-regional:UntagResource", "waf-regional:UpdateByteMatchSet", "waf-regional:UpdateGeoMatchSet", "waf-regional:UpdateIPSet", "waf-regional:UpdateRateBasedRule", "waf-regional:UpdateRegexMatchSet", "waf-regional:UpdateRegexPatternSet", "waf-regional:UpdateRule", "waf-regional:UpdateRuleGroup", "waf-regional:UpdateSizeConstraintSet", "waf-regional:UpdateSqlInjectionMatchSet", "waf-regional:UpdateWebACL", "waf-regional:UpdateXssMatchSet", "waf:CreateByteMatchSet", "waf:CreateGeoMatchSet", "waf:CreateIPSet", "waf:CreateRateBasedRule", "waf:CreateRegexMatchSet", "waf:CreateRegexPatternSet", "waf:CreateRule", "waf:CreateRuleGroup", "waf:CreateSizeConstraintSet", "waf:CreateSqlInjectionMatchSet", "waf:CreateWebACL", "waf:CreateWebACLMigrationStack", "waf:CreateXssMatchSet", "waf:DeleteByteMatchSet", "waf:DeleteGeoMatchSet", "waf:DeleteIPSet", "waf:DeleteLoggingConfiguration", "waf:DeletePermissionPolicy", "waf:DeleteRateBasedRule", "waf:DeleteRegexMatchSet", "waf:DeleteRegexPatternSet", "waf:DeleteRule", "waf:DeleteRuleGroup", "waf:DeleteSizeConstraintSet", "waf:DeleteSqlInjectionMatchSet", "waf:DeleteWebACL", "waf:DeleteXssMatchSet", "waf:GetByteMatchSet", "waf:GetChangeToken", "waf:GetChangeTokenStatus", "waf:GetGeoMatchSet", "waf:GetIPSet", "waf:GetLoggingConfiguration", "waf:GetPermissionPolicy", "waf:GetRateBasedRule", "waf:GetRateBasedRuleManagedKeys", "waf:GetRegexMatchSet", "waf:GetRegexPatternSet", "waf:GetRule", "waf:GetRuleGroup", "waf:GetSampledRequests", "waf:GetSizeConstraintSet", "waf:GetSqlInjectionMatchSet", "waf:GetWebACL", "waf:GetXssMatchSet", "waf:ListActivatedRulesInRuleGroup", "waf:ListByteMatchSets", "waf:ListGeoMatchSets", "waf:ListIPSets", "waf:ListLoggingConfigurations", "waf:ListRateBasedRules", "waf:ListRegexMatchSets", "waf:ListRegexPatternSets", "waf:ListRuleGroups", "waf:ListRules", "waf:ListSizeConstraintSets", "waf:ListSqlInjectionMatchSets", "waf:ListSubscribedRuleGroups", "waf:ListTagsForResource", "waf:ListWebACLs", "waf:ListXssMatchSets", "waf:PutLoggingConfiguration", "waf:PutPermissionPolicy", "waf:TagResource", "waf:UntagResource", "waf:UpdateByteMatchSet", "waf:UpdateGeoMatchSet", "waf:UpdateIPSet", "waf:UpdateRateBasedRule", "waf:UpdateRegexMatchSet", "waf:UpdateRegexPatternSet", "waf:UpdateRule", "waf:UpdateRuleGroup", "waf:UpdateSizeConstraintSet", "waf:UpdateSqlInjectionMatchSet", "waf:UpdateWebACL", "waf:UpdateXssMatchSet", "wafv2:AssociateWebACL", "wafv2:CheckCapacity", "wafv2:CreateAPIKey", "wafv2:CreateIPSet", "wafv2:CreateRegexPatternSet", "wafv2:CreateRuleGroup", "wafv2:CreateWebACL", "wafv2:DeleteAPIKey", "wafv2:DeleteFirewallManagerRuleGroups", "wafv2:DeleteIPSet", "wafv2:DeleteLoggingConfiguration", "wafv2:DeletePermissionPolicy", "wafv2:DeleteRegexPatternSet", "wafv2:DeleteRuleGroup", "wafv2:DeleteWebACL", "wafv2:DescribeAllManagedProducts", "wafv2:DescribeManagedProductsByVendor", "wafv2:DescribeManagedRuleGroup", "wafv2:DisassociateFirewallManager", "wafv2:DisassociateWebACL", "wafv2:GenerateMobileSdkReleaseUrl", "wafv2:GetDecryptedAPIKey", "wafv2:GetIPSet", "wafv2:GetLoggingConfiguration", "wafv2:GetManagedRuleSet", "wafv2:GetMobileSdkRelease", "wafv2:GetPermissionPolicy", "wafv2:GetRateBasedStatementManagedKeys", "wafv2:GetRegexPatternSet", "wafv2:GetRuleGroup", "wafv2:GetSampledRequests", "wafv2:GetWebACL", "wafv2:GetWebACLForResource", "wafv2:ListAPIKeys", "wafv2:ListAvailableManagedRuleGroupVersions", "wafv2:ListAvailableManagedRuleGroups", "wafv2:ListIPSets", "wafv2:ListLoggingConfigurations", "wafv2:ListManagedRuleSets", "wafv2:ListMobileSdkReleases", "wafv2:ListRegexPatternSets", "wafv2:ListResourcesForWebACL", "wafv2:ListRuleGroups", "wafv2:ListTagsForResource", "wafv2:ListWebACLs", "wafv2:PutFirewallManagerRuleGroups", "wafv2:PutLoggingConfiguration", "wafv2:PutManagedRuleSetVersions", "wafv2:PutPermissionPolicy", "wafv2:TagResource", "wafv2:UntagResource", "wafv2:UpdateIPSet", "wafv2:UpdateManagedRuleSetVersionExpiryDate", "wafv2:UpdateRegexPatternSet", "wafv2:UpdateRuleGroup", "wafv2:UpdateWebACL", "s3:ListAllMyBuckets", "logs:DescribeResourcePolicies", "logs:DescribeLogGroups", "cognito-idp:ListUserPools", "cognito-idp:AssociateWebACL", "cognito-idp:DisassociateWebACL", "cognito-idp:ListResourcesForWebACL", "cognito-idp:GetWebACLForResource", "apprunner:AssociateWebAcl", "apprunner:DisassociateWebAcl", "apprunner:DescribeWebAclForService", "apprunner:ListServices", "apprunner:ListAssociatedServicesForWebAcl", "ec2:AssociateVerifiedAccessInstanceWebAcl", "ec2:DisassociateVerifiedAccessInstanceWebAcl", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:GetVerifiedAccessInstanceWebAcl", "ec2:DescribeVerifiedAccessInstances", "logs:CreateLogDelivery", "logs:DeleteLogDelivery", "s3:PutBucketPolicy", "s3:GetBucketPolicy", "logs:PutResourcePolicy" ], "malformed": false, "name": "AWSWAFConsoleFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-06-05T20:56:03+00:00", "version": "v8" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSBudgetsActions_RolePolicyForResourceAdministrationWithSSM", "createdate": "2022-05-25T19:03:30Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeInstanceStatus", "ec2:StartInstances", "ec2:StopInstances", "rds:DescribeDBInstances", "rds:StartDBInstance", "rds:StopDBInstance", "ssm:StartAutomationExecution" ], "malformed": false, "name": "AWSBudgetsActions_RolePolicyForResourceAdministrationWithSSM", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-05-25T19:03:30+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonSecurityLakeAdministrator", "createdate": "2024-02-23T16:01:57Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "securitylake:CreateAwsLogSource", "securitylake:CreateCustomLogSource", "securitylake:CreateDataLake", "securitylake:CreateDataLakeExceptionSubscription", "securitylake:CreateDataLakeOrganizationConfiguration", "securitylake:CreateSubscriber", "securitylake:CreateSubscriberNotification", "securitylake:DeleteAwsLogSource", "securitylake:DeleteCustomLogSource", "securitylake:DeleteDataLake", "securitylake:DeleteDataLakeExceptionSubscription", "securitylake:DeleteDataLakeOrganizationConfiguration", "securitylake:DeleteSubscriber", "securitylake:DeleteSubscriberNotification", "securitylake:DeregisterDataLakeDelegatedAdministrator", "securitylake:GetDataLakeExceptionSubscription", "securitylake:GetDataLakeOrganizationConfiguration", "securitylake:GetDataLakeSources", "securitylake:GetSubscriber", "securitylake:ListDataLakeExceptions", "securitylake:ListDataLakes", "securitylake:ListLogSources", "securitylake:ListSubscribers", "securitylake:ListTagsForResource", "securitylake:RegisterDataLakeDelegatedAdministrator", "securitylake:TagResource", "securitylake:UntagResource", "securitylake:UpdateDataLake", "securitylake:UpdateDataLakeExceptionSubscription", "securitylake:UpdateSubscriber", "securitylake:UpdateSubscriberNotification", "organizations:DescribeOrganization", "organizations:ListDelegatedServicesForAccount", "organizations:ListAccounts", "iam:ListRoles", "ram:GetResourceShareAssociations", "glue:CreateCrawler", "glue:StopCrawlerSchedule", "lambda:CreateEventSourceMapping", "lakeformation:GrantPermissions", "lakeformation:ListPermissions", "lakeformation:RegisterResource", "lakeformation:RevokePermissions", "lakeformation:GetDataLakeSettings", "events:ListConnections", "events:ListApiDestinations", "iam:GetRole", "iam:ListAttachedRolePolicies", "kms:DescribeKey", "s3:CreateBucket", "s3:PutBucketPolicy", "s3:PutBucketPublicAccessBlock", "s3:PutBucketNotification", "s3:PutBucketTagging", "s3:PutEncryptionConfiguration", "s3:PutBucketVersioning", "s3:PutReplicationConfiguration", "s3:PutLifecycleConfiguration", "s3:ListBucket", "s3:PutObject", "s3:GetBucketNotification", "lambda:CreateFunction", "lambda:AddPermission", "glue:CreateDatabase", "glue:GetDatabase", "glue:CreateTable", "glue:GetTable", "events:PutTargets", "events:PutRule", "events:DescribeRule", "events:CreateApiDestination", "events:CreateConnection", "events:UpdateConnection", "events:UpdateApiDestination", "events:DeleteConnection", "events:DeleteApiDestination", "events:ListTargetsByRule", "events:RemoveTargets", "events:DeleteRule", "sqs:CreateQueue", "sqs:SetQueueAttributes", "sqs:GetQueueUrl", "sqs:AddPermission", "sqs:GetQueueAttributes", "sqs:DeleteQueue", "kms:CreateGrant", "ram:CreateResourceShare", "ram:AssociateResourceShare", "ram:UpdateResourceShare", "ram:GetResourceShares", "ram:DisassociateResourceShare", "ram:DeleteResourceShare", "secretsmanager:CreateSecret", "secretsmanager:GetSecretValue", "secretsmanager:PutSecretValue", "iam:PassRole", "iam:PassRole", "iam:PassRole", "iam:PassRole", "iam:PassRole", "iam:PassRole", "iam:PassRole", "iam:PassRole", "iam:CreateServiceLinkedRole", "iam:CreateRole", "iam:PutRolePolicy", "iam:DeleteRolePolicy", "iam:PutRolePolicy", "iam:GetRolePolicy", "iam:ListRolePolicies", "iam:DeleteRole", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:GetObject", "s3:GetObjectVersion", "s3:GetAccountPublicAccessBlock", "s3:ListAccessPoints", "s3:ListAllMyBuckets" ], "malformed": false, "name": "AmazonSecurityLakeAdministrator", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-23T16:01:57+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonMachineLearningCreateOnlyAccess", "createdate": "2016-06-29T20:55:03Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "machinelearning:AddTags", "machinelearning:CreateBatchPrediction", "machinelearning:CreateDataSourceFromRDS", "machinelearning:CreateDataSourceFromRedshift", "machinelearning:CreateDataSourceFromS3", "machinelearning:CreateEvaluation", "machinelearning:CreateMLModel", "machinelearning:CreateRealtimeEndpoint", "machinelearning:DeleteBatchPrediction", "machinelearning:DeleteDataSource", "machinelearning:DeleteEvaluation", "machinelearning:DeleteMLModel", "machinelearning:DeleteRealtimeEndpoint", "machinelearning:DeleteTags", "machinelearning:DescribeBatchPredictions", "machinelearning:DescribeDataSources", "machinelearning:DescribeEvaluations", "machinelearning:DescribeMLModels", "machinelearning:DescribeTags", "machinelearning:GetBatchPrediction", "machinelearning:GetDataSource", "machinelearning:GetEvaluation", "machinelearning:GetMLModel" ], "malformed": false, "name": "AmazonMachineLearningCreateOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2016-06-29T20:55:03+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSGlueSchemaRegistryFullAccess", "createdate": "2020-11-20T00:19:00Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "glue:CreateRegistry", "glue:UpdateRegistry", "glue:DeleteRegistry", "glue:GetRegistry", "glue:ListRegistries", "glue:CreateSchema", "glue:UpdateSchema", "glue:DeleteSchema", "glue:GetSchema", "glue:ListSchemas", "glue:RegisterSchemaVersion", "glue:DeleteSchemaVersions", "glue:GetSchemaByDefinition", "glue:GetSchemaVersion", "glue:GetSchemaVersionsDiff", "glue:ListSchemaVersions", "glue:CheckSchemaVersionValidity", "glue:PutSchemaVersionMetadata", "glue:RemoveSchemaVersionMetadata", "glue:QuerySchemaVersionMetadata", "glue:GetTags", "glue:TagResource", "glue:UntagResource" ], "malformed": false, "name": "AWSGlueSchemaRegistryFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-11-20T00:19:00+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSConfigUserAccess", "createdate": "2019-03-18T20:27:47Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "config:GetAggregateComplianceDetailsByConfigRule", "config:GetAggregateConfigRuleComplianceSummary", "config:GetAggregateConformancePackComplianceSummary", "config:GetAggregateDiscoveredResourceCounts", "config:GetAggregateResourceConfig", "config:GetComplianceDetailsByConfigRule", "config:GetComplianceDetailsByResource", "config:GetComplianceSummaryByConfigRule", "config:GetComplianceSummaryByResourceType", "config:GetConformancePackComplianceDetails", "config:GetConformancePackComplianceSummary", "config:GetCustomRulePolicy", "config:GetDiscoveredResourceCounts", "config:GetOrganizationConfigRuleDetailedStatus", "config:GetOrganizationConformancePackDetailedStatus", "config:GetOrganizationCustomRulePolicy", "config:GetResourceConfigHistory", "config:GetResourceEvaluationSummary", "config:GetStoredQuery", "config:DescribeAggregateComplianceByConfigRules", "config:DescribeAggregateComplianceByConformancePacks", "config:DescribeAggregationAuthorizations", "config:DescribeComplianceByConfigRule", "config:DescribeComplianceByResource", "config:DescribeConfigRuleEvaluationStatus", "config:DescribeConfigRules", "config:DescribeConfigurationAggregatorSourcesStatus", "config:DescribeConfigurationAggregators", "config:DescribeConfigurationRecorderStatus", "config:DescribeConfigurationRecorders", "config:DescribeConformancePackCompliance", "config:DescribeConformancePackStatus", "config:DescribeConformancePacks", "config:DescribeDeliveryChannelStatus", "config:DescribeDeliveryChannels", "config:DescribeOrganizationConfigRuleStatuses", "config:DescribeOrganizationConfigRules", "config:DescribeOrganizationConformancePackStatuses", "config:DescribeOrganizationConformancePacks", "config:DescribePendingAggregationRequests", "config:DescribeRemediationConfigurations", "config:DescribeRemediationExceptions", "config:DescribeRemediationExecutionStatus", "config:DescribeRetentionConfigurations", "config:DeliverConfigSnapshot", "config:ListAggregateDiscoveredResources", "config:ListConformancePackComplianceScores", "config:ListDiscoveredResources", "config:ListResourceEvaluations", "config:ListStoredQueries", "config:ListTagsForResource", "config:SelectAggregateResourceConfig", "config:SelectResourceConfig", "tag:GetResources", "tag:GetTagKeys", "cloudtrail:DescribeTrails", "cloudtrail:GetTrailStatus", "cloudtrail:LookupEvents" ], "malformed": false, "name": "AWSConfigUserAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-03-18T20:27:47+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSAppSyncSchemaAuthor", "createdate": "2023-02-01T18:36:20Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "appsync:GraphQL", "appsync:CreateResolver", "appsync:CreateType", "appsync:DeleteResolver", "appsync:DeleteType", "appsync:GetResolver", "appsync:GetType", "appsync:GetDataSource", "appsync:GetSchemaCreationStatus", "appsync:GetIntrospectionSchema", "appsync:GetGraphqlApi", "appsync:ListTypes", "appsync:ListApiKeys", "appsync:ListResolvers", "appsync:ListDataSources", "appsync:ListGraphqlApis", "appsync:StartSchemaCreation", "appsync:UpdateResolver", "appsync:UpdateType", "appsync:TagResource", "appsync:UntagResource", "appsync:ListTagsForResource", "appsync:CreateFunction", "appsync:UpdateFunction", "appsync:GetFunction", "appsync:DeleteFunction", "appsync:ListFunctions", "appsync:ListResolversByFunction", "appsync:EvaluateMappingTemplate", "appsync:EvaluateCode" ], "malformed": false, "name": "AWSAppSyncSchemaAuthor", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-02-01T18:36:20+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSConfigRole", "createdate": "2022-02-10T18:33:55Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "access-analyzer:GetAnalyzer", "access-analyzer:GetArchiveRule", "access-analyzer:ListAnalyzers", "access-analyzer:ListArchiveRules", "access-analyzer:ListTagsForResource", "account:GetAlternateContact", "acm:DescribeCertificate", "acm:ListCertificates", "acm:ListTagsForCertificate", "apigateway:GET", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingPolicies", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribePolicies", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "backup:DescribeBackupVault", "backup:DescribeRecoveryPoint", "backup:GetBackupPlan", "backup:GetBackupSelection", "backup:GetBackupVaultAccessPolicy", "backup:GetBackupVaultNotifications", "backup:ListBackupPlans", "backup:ListBackupSelections", "backup:ListBackupVaults", "backup:ListRecoveryPointsByBackupVault", "backup:ListTags", "cloudformation:DescribeType", "cloudformation:ListTypes", "cloudfront:ListDistributions", "cloudfront:ListTagsForResource", "cloudtrail:DescribeTrails", "cloudtrail:GetEventSelectors", "cloudtrail:GetTrailStatus", "cloudtrail:ListTags", "cloudwatch:DescribeAlarms", "codedeploy:GetDeploymentConfig", "codepipeline:GetPipeline", "codepipeline:GetPipelineState", "codepipeline:ListPipelines", "config:BatchGetAggregateResourceConfig", "config:BatchGetResourceConfig", "config:DescribeAggregateComplianceByConfigRules", "config:DescribeAggregateComplianceByConformancePacks", "config:DescribeAggregationAuthorizations", "config:DescribeComplianceByConfigRule", "config:DescribeComplianceByResource", "config:DescribeConfigRuleEvaluationStatus", "config:DescribeConfigRules", "config:DescribeConfigurationAggregatorSourcesStatus", "config:DescribeConfigurationAggregators", "config:DescribeConfigurationRecorderStatus", "config:DescribeConfigurationRecorders", "config:DescribeConformancePackCompliance", "config:DescribeConformancePackStatus", "config:DescribeConformancePacks", "config:DescribeDeliveryChannelStatus", "config:DescribeDeliveryChannels", "config:DescribeOrganizationConfigRuleStatuses", "config:DescribeOrganizationConfigRules", "config:DescribeOrganizationConformancePackStatuses", "config:DescribeOrganizationConformancePacks", "config:DescribePendingAggregationRequests", "config:DescribeRemediationConfigurations", "config:DescribeRemediationExceptions", "config:DescribeRemediationExecutionStatus", "config:DescribeRetentionConfigurations", "config:GetAggregateComplianceDetailsByConfigRule", "config:GetAggregateConfigRuleComplianceSummary", "config:GetAggregateConformancePackComplianceSummary", "config:GetAggregateDiscoveredResourceCounts", "config:GetAggregateResourceConfig", "config:GetComplianceDetailsByConfigRule", "config:GetComplianceDetailsByResource", "config:GetComplianceSummaryByConfigRule", "config:GetComplianceSummaryByResourceType", "config:GetConformancePackComplianceDetails", "config:GetConformancePackComplianceSummary", "config:GetCustomRulePolicy", "config:GetDiscoveredResourceCounts", "config:GetOrganizationConfigRuleDetailedStatus", "config:GetOrganizationConformancePackDetailedStatus", "config:GetOrganizationCustomRulePolicy", "config:GetResourceConfigHistory", "config:GetResourceEvaluationSummary", "config:GetStoredQuery", "config:ListAggregateDiscoveredResources", "config:ListConformancePackComplianceScores", "config:ListDiscoveredResources", "config:ListResourceEvaluations", "config:ListStoredQueries", "config:ListTagsForResource", "config:PutAggregationAuthorization", "config:PutConfigRule", "config:PutConfigurationAggregator", "config:PutConfigurationRecorder", "config:PutConformancePack", "config:PutDeliveryChannel", "config:PutEvaluations", "config:PutExternalEvaluation", "config:PutOrganizationConfigRule", "config:PutOrganizationConformancePack", "config:PutRemediationConfigurations", "config:PutRemediationExceptions", "config:PutResourceConfig", "config:PutRetentionConfiguration", "config:PutStoredQuery", "config:SelectAggregateResourceConfig", "config:SelectResourceConfig", "dax:DescribeClusters", "dms:DescribeEventSubscriptions", "dms:DescribeReplicationInstances", "dms:DescribeReplicationSubnetGroups", "dms:ListTagsForResource", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeLimits", "dynamodb:DescribeTable", "dynamodb:ListTables", "dynamodb:ListTagsOfResource", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:GetEbsEncryptionByDefault", "ecr-public:DescribeRepositories", "ecr-public:GetRepositoryCatalogData", "ecr-public:GetRepositoryPolicy", "ecr-public:ListTagsForResource", "ecr:DescribeRepositories", "ecr:GetLifecyclePolicy", "ecr:GetRepositoryPolicy", "ecr:ListTagsForResource", "ecs:DescribeClusters", "ecs:DescribeServices", "ecs:DescribeTaskDefinition", "ecs:DescribeTaskSets", "ecs:ListClusters", "ecs:ListServices", "ecs:ListTagsForResource", "ecs:ListTaskDefinitionFamilies", "ecs:ListTaskDefinitions", "eks:DescribeCluster", "eks:DescribeNodegroup", "eks:ListClusters", "eks:ListNodegroups", "elasticache:DescribeCacheClusters", "elasticache:DescribeCacheParameterGroups", "elasticache:DescribeCacheSubnetGroups", "elasticache:DescribeReplicationGroups", "elasticache:DescribeSnapshots", "elasticache:ListTagsForResource", "elasticbeanstalk:DescribeConfigurationSettings", "elasticbeanstalk:DescribeEnvironments", "elasticfilesystem:DescribeAccessPoints", "elasticfilesystem:DescribeBackupPolicy", "elasticfilesystem:DescribeFileSystemPolicy", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeLifecycleConfiguration", "elasticfilesystem:DescribeMountTargets", "elasticfilesystem:DescribeMountTargetSecurityGroups", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeTags", "elasticmapreduce:DescribeCluster", "elasticmapreduce:DescribeSecurityConfiguration", "elasticmapreduce:DescribeStep", "elasticmapreduce:GetBlockPublicAccessConfiguration", "elasticmapreduce:GetManagedScalingPolicy", "elasticmapreduce:ListClusters", "elasticmapreduce:ListInstanceFleets", "elasticmapreduce:ListInstanceGroups", "elasticmapreduce:ListInstances", "elasticmapreduce:ListSecurityConfigurations", "elasticmapreduce:ListSteps", "es:DescribeDomain", "es:DescribeDomains", "es:DescribeElasticsearchDomain", "es:DescribeElasticsearchDomains", "es:GetCompatibleElasticsearchVersions", "es:GetCompatibleVersions", "es:ListDomainNames", "es:ListTags", "firehose:DescribeDeliveryStream", "firehose:ListDeliveryStreams", "firehose:ListTagsForDeliveryStream", "fsx:DescribeFileSystems", "globalaccelerator:DescribeAccelerator", "globalaccelerator:DescribeEndpointGroup", "globalaccelerator:DescribeListener", "globalaccelerator:ListAccelerators", "globalaccelerator:ListEndpointGroups", "globalaccelerator:ListListeners", "globalaccelerator:ListTagsForResource", "guardduty:GetDetector", "guardduty:GetFindings", "guardduty:GetMasterAccount", "guardduty:ListDetectors", "guardduty:ListFindings", "iam:GenerateCredentialReport", "iam:GetAccountAuthorizationDetails", "iam:GetAccountPasswordPolicy", "iam:GetAccountSummary", "iam:GetCredentialReport", "iam:GetGroup", "iam:GetGroupPolicy", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:GetRole", "iam:GetRolePolicy", "iam:GetUser", "iam:GetUserPolicy", "iam:ListAttachedGroupPolicies", "iam:ListAttachedRolePolicies", "iam:ListAttachedUserPolicies", "iam:ListEntitiesForPolicy", "iam:ListGroupPolicies", "iam:ListGroupsForUser", "iam:ListInstanceProfilesForRole", "iam:ListPolicyVersions", "iam:ListRolePolicies", "iam:ListUserPolicies", "iam:ListVirtualMFADevices", "kafka:DescribeCluster", "kafka:ListClusters", "kinesis:DescribeStreamConsumer", "kinesis:DescribeStreamSummary", "kinesis:ListStreamConsumers", "kinesis:ListStreams", "kinesis:ListTagsForStream", "kms:DescribeKey", "kms:GetKeyPolicy", "kms:GetKeyRotationStatus", "kms:ListKeys", "kms:ListResourceTags", "lambda:GetAlias", "lambda:GetFunction", "lambda:GetFunctionCodeSigningConfig", "lambda:GetPolicy", "lambda:ListAliases", "lambda:ListFunctions", "lambda:ListVersionsByFunction", "logs:DescribeLogGroups", "logs:ListTagsLogGroup", "network-firewall:DescribeLoggingConfiguration", "network-firewall:ListFirewalls", "organizations:DescribeOrganization", "organizations:DescribePolicy", "organizations:ListParents", "organizations:ListPoliciesForTarget", "rds:DescribeDBClusters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstances", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBSecurityGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeEventSubscriptions", "rds:DescribeOptionGroups", "rds:ListTagsForResource", "redshift:DescribeClusterParameterGroups", "redshift:DescribeClusterParameters", "redshift:DescribeClusters", "redshift:DescribeClusterSecurityGroups", "redshift:DescribeClusterSnapshots", "redshift:DescribeClusterSubnetGroups", "redshift:DescribeEventSubscriptions", "redshift:DescribeLoggingStatus", "route53:GetHealthCheck", "route53:GetHostedZone", "route53:ListHealthChecks", "route53:ListHostedZones", "route53:ListHostedZonesByName", "route53:ListQueryLoggingConfigs", "route53:ListResourceRecordSets", "route53:ListTagsForResource", "route53resolver:GetResolverEndpoint", "route53resolver:GetResolverRule", "route53resolver:GetResolverRuleAssociation", "route53resolver:ListResolverEndpointIpAddresses", "route53resolver:ListResolverEndpoints", "route53resolver:ListResolverRuleAssociations", "route53resolver:ListResolverRules", "route53resolver:ListTagsForResource", "s3:GetAccelerateConfiguration", "s3:GetAccessPoint", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyStatus", "s3:GetAccountPublicAccessBlock", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketPolicy", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetEncryptionConfiguration", "s3:GetLifecycleConfiguration", "s3:GetObject", "s3:GetReplicationConfiguration", "s3:ListAccessPoints", "s3:ListAllMyBuckets", "s3:ListBucket", "sagemaker:DescribeCodeRepository", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeModel", "sagemaker:DescribeMonitoringSchedule", "sagemaker:DescribeNotebookInstance", "sagemaker:DescribeNotebookInstanceLifecycleConfig", "sagemaker:DescribeWorkteam", "sagemaker:ListCodeRepositories", "sagemaker:ListEndpointConfigs", "sagemaker:ListEndpoints", "sagemaker:ListModels", "sagemaker:ListMonitoringSchedules", "sagemaker:ListNotebookInstanceLifecycleConfigs", "sagemaker:ListNotebookInstances", "sagemaker:ListTags", "sagemaker:ListWorkteams", "secretsmanager:ListSecrets", "secretsmanager:ListSecretVersionIds", "securityhub:DescribeHub", "shield:DescribeDRTAccess", "shield:DescribeProtection", "shield:DescribeSubscription", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "sqs:GetQueueAttributes", "sqs:ListQueues", "sqs:ListQueueTags", "ssm:DescribeAutomationExecutions", "ssm:DescribeDocument", "ssm:DescribeDocumentPermission", "ssm:GetAutomationExecution", "ssm:GetDocument", "ssm:ListDocuments", "states:DescribeStateMachine", "states:ListStateMachines", "states:ListTagsForResource", "storagegateway:ListGateways", "storagegateway:ListTagsForResource", "storagegateway:ListVolumes", "support:DescribeCases", "tag:GetResources", "waf-regional:GetLoggingConfiguration", "waf-regional:GetWebACL", "waf-regional:GetWebACLForResource", "waf:GetLoggingConfiguration", "waf:GetWebACL", "wafv2:GetLoggingConfiguration" ], "malformed": false, "name": "AWSConfigRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-02-10T18:33:55+00:00", "version": "v42" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonKeyspacesReadOnlyAccess_v2", "createdate": "2023-09-12T17:01:45Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cassandra:Select", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingActivities", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:DescribeScheduledActions", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricData", "kms:DescribeKey", "kms:ListAliases", "ec2:DescribeNetworkInterfaces", "ec2:DescribeVpcEndpoints" ], "malformed": false, "name": "AmazonKeyspacesReadOnlyAccess_v2", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-09-12T17:01:45+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSAppMeshReadOnly", "createdate": "2021-01-07T19:53:16Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "appmesh:DescribeGatewayRoute", "appmesh:DescribeMesh", "appmesh:DescribeRoute", "appmesh:DescribeVirtualGateway", "appmesh:DescribeVirtualNode", "appmesh:DescribeVirtualRouter", "appmesh:DescribeVirtualService", "appmesh:ListGatewayRoutes", "appmesh:ListMeshes", "appmesh:ListRoutes", "appmesh:ListTagsForResource", "appmesh:ListVirtualGateways", "appmesh:ListVirtualNodes", "appmesh:ListVirtualRouters", "appmesh:ListVirtualServices", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "acm:ListCertificates", "acm:DescribeCertificate", "acm-pca:DescribeCertificateAuthority", "acm-pca:ListCertificateAuthorities", "servicediscovery:ListNamespaces", "servicediscovery:ListServices", "servicediscovery:ListInstances" ], "malformed": false, "name": "AWSAppMeshReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-01-07T19:53:16+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonLookoutMetricsFullAccess", "createdate": "2021-05-07T00:43:38Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "lookoutmetrics:ActivateAnomalyDetector", "lookoutmetrics:BackTestAnomalyDetector", "lookoutmetrics:CreateAlert", "lookoutmetrics:CreateAnomalyDetector", "lookoutmetrics:CreateMetricSet", "lookoutmetrics:DeactivateAnomalyDetector", "lookoutmetrics:DeleteAlert", "lookoutmetrics:DeleteAnomalyDetector", "lookoutmetrics:DescribeAlert", "lookoutmetrics:DescribeAnomalyDetectionExecutions", "lookoutmetrics:DescribeAnomalyDetector", "lookoutmetrics:DescribeMetricSet", "lookoutmetrics:DetectMetricSetConfig", "lookoutmetrics:GetAnomalyGroup", "lookoutmetrics:GetDataQualityMetrics", "lookoutmetrics:GetFeedback", "lookoutmetrics:GetSampleData", "lookoutmetrics:ListAlerts", "lookoutmetrics:ListAnomalyDetectors", "lookoutmetrics:ListAnomalyGroupRelatedMetrics", "lookoutmetrics:ListAnomalyGroupSummaries", "lookoutmetrics:ListAnomalyGroupTimeSeries", "lookoutmetrics:ListMetricSets", "lookoutmetrics:ListTagsForResource", "lookoutmetrics:PutFeedback", "lookoutmetrics:TagResource", "lookoutmetrics:UntagResource", "lookoutmetrics:UpdateAlert", "lookoutmetrics:UpdateAnomalyDetector", "lookoutmetrics:UpdateMetricSet", "iam:PassRole" ], "malformed": false, "name": "AmazonLookoutMetricsFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-05-07T00:43:38+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management", "Unknown" ], "arn": "arn:aws:iam::aws:policy/AmazonS3FullAccess", "createdate": "2021-09-27T20:16:37Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:AbortMultipartUpload", "s3:AssociateAccessGrantsIdentityCenter", "s3:BypassGovernanceRetention", "s3:CreateAccessGrant", "s3:CreateAccessGrantsInstance", "s3:CreateAccessGrantsLocation", "s3:CreateAccessPoint", "s3:CreateAccessPointForObjectLambda", "s3:CreateBucket", "s3:CreateJob", "s3:CreateMultiRegionAccessPoint", "s3:CreateStorageLensGroup", "s3:DeleteAccessGrant", "s3:DeleteAccessGrantsInstance", "s3:DeleteAccessGrantsInstanceResourcePolicy", "s3:DeleteAccessGrantsLocation", "s3:DeleteAccessPoint", "s3:DeleteAccessPointForObjectLambda", "s3:DeleteAccessPointPolicy", "s3:DeleteAccessPointPolicyForObjectLambda", "s3:DeleteBucket", "s3:DeleteBucketPolicy", "s3:DeleteBucketWebsite", "s3:DeleteIntelligentTieringConfiguration", "s3:DeleteJobTagging", "s3:DeleteMultiRegionAccessPoint", "s3:DeleteObject", "s3:DeleteObjectTagging", "s3:DeleteObjectVersion", "s3:DeleteObjectVersionTagging", "s3:DeleteStorageLensConfiguration", "s3:DeleteStorageLensConfigurationTagging", "s3:DeleteStorageLensGroup", "s3:DescribeJob", "s3:DescribeMultiRegionAccessPointOperation", "s3:DissociateAccessGrantsIdentityCenter", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:InitiateReplication", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:ObjectOwnerOverrideToBucketOwner", "s3:PutAccelerateConfiguration", "s3:PutAccessGrantsInstanceResourcePolicy", "s3:PutAccessPointConfigurationForObjectLambda", "s3:PutAccessPointPolicy", "s3:PutAccessPointPolicyForObjectLambda", "s3:PutAccessPointPublicAccessBlock", "s3:PutAccountPublicAccessBlock", "s3:PutAnalyticsConfiguration", "s3:PutBucketAcl", "s3:PutBucketCORS", "s3:PutBucketLogging", "s3:PutBucketNotification", "s3:PutBucketObjectLockConfiguration", "s3:PutBucketOwnershipControls", "s3:PutBucketPolicy", "s3:PutBucketPublicAccessBlock", "s3:PutBucketRequestPayment", "s3:PutBucketTagging", "s3:PutBucketVersioning", "s3:PutBucketWebsite", "s3:PutEncryptionConfiguration", "s3:PutIntelligentTieringConfiguration", "s3:PutInventoryConfiguration", "s3:PutJobTagging", "s3:PutLifecycleConfiguration", "s3:PutMetricsConfiguration", "s3:PutMultiRegionAccessPointPolicy", "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionAcl", "s3:PutObjectVersionTagging", "s3:PutReplicationConfiguration", "s3:PutStorageLensConfiguration", "s3:PutStorageLensConfigurationTagging", "s3:ReplicateDelete", "s3:ReplicateObject", "s3:ReplicateTags", "s3:RestoreObject", "s3:SubmitMultiRegionAccessPointRoutes", "s3:TagResource", "s3:UntagResource", "s3:UpdateAccessGrantsLocation", "s3:UpdateJobPriority", "s3:UpdateJobStatus", "s3:UpdateStorageLensGroup", "s3-object-lambda:AbortMultipartUpload", "s3-object-lambda:DeleteObject", "s3-object-lambda:DeleteObjectTagging", "s3-object-lambda:DeleteObjectVersion", "s3-object-lambda:DeleteObjectVersionTagging", "s3-object-lambda:GetObject", "s3-object-lambda:GetObjectAcl", "s3-object-lambda:GetObjectLegalHold", "s3-object-lambda:GetObjectRetention", "s3-object-lambda:GetObjectTagging", "s3-object-lambda:GetObjectVersion", "s3-object-lambda:GetObjectVersionAcl", "s3-object-lambda:GetObjectVersionTagging", "s3-object-lambda:ListBucket", "s3-object-lambda:ListBucketMultipartUploads", "s3-object-lambda:ListBucketVersions", "s3-object-lambda:ListMultipartUploadParts", "s3-object-lambda:PutObject", "s3-object-lambda:PutObjectAcl", "s3-object-lambda:PutObjectLegalHold", "s3-object-lambda:PutObjectRetention", "s3-object-lambda:PutObjectTagging", "s3-object-lambda:PutObjectVersionAcl", "s3-object-lambda:PutObjectVersionTagging", "s3-object-lambda:RestoreObject", "s3-object-lambda:WriteGetObjectResponse" ], "malformed": false, "name": "AmazonS3FullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": true, "unknown_actions": false, "updatedate": "2021-09-27T20:16:37+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonRoute53AutoNamingRegistrantAccess", "createdate": "2018-03-12T22:33:20Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "route53:GetHostedZone", "route53:ListHostedZonesByName", "route53:ChangeResourceRecordSets", "route53:CreateHealthCheck", "route53:GetHealthCheck", "route53:DeleteHealthCheck", "route53:UpdateHealthCheck", "servicediscovery:GetInstance", "servicediscovery:GetInstancesHealthStatus", "servicediscovery:GetNamespace", "servicediscovery:GetOperation", "servicediscovery:GetService", "servicediscovery:ListInstances", "servicediscovery:ListNamespaces", "servicediscovery:ListOperations", "servicediscovery:ListServices", "servicediscovery:ListTagsForResource", "servicediscovery:RegisterInstance", "servicediscovery:DeregisterInstance" ], "malformed": false, "name": "AmazonRoute53AutoNamingRegistrantAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-03-12T22:33:20+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/CloudWatchApplicationInsightsFullAccess", "createdate": "2022-01-25T17:51:29Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "applicationinsights:AddWorkload", "applicationinsights:CreateApplication", "applicationinsights:CreateComponent", "applicationinsights:CreateLogPattern", "applicationinsights:DeleteApplication", "applicationinsights:DeleteComponent", "applicationinsights:DeleteLogPattern", "applicationinsights:DescribeApplication", "applicationinsights:DescribeComponent", "applicationinsights:DescribeComponentConfiguration", "applicationinsights:DescribeComponentConfigurationRecommendation", "applicationinsights:DescribeLogPattern", "applicationinsights:DescribeObservation", "applicationinsights:DescribeProblem", "applicationinsights:DescribeProblemObservations", "applicationinsights:DescribeWorkload", "applicationinsights:Link", "applicationinsights:ListApplications", "applicationinsights:ListComponents", "applicationinsights:ListConfigurationHistory", "applicationinsights:ListLogPatternSets", "applicationinsights:ListLogPatterns", "applicationinsights:ListProblems", "applicationinsights:ListTagsForResource", "applicationinsights:ListWorkloads", "applicationinsights:RemoveWorkload", "applicationinsights:TagResource", "applicationinsights:UntagResource", "applicationinsights:UpdateApplication", "applicationinsights:UpdateComponent", "applicationinsights:UpdateComponentConfiguration", "applicationinsights:UpdateLogPattern", "applicationinsights:UpdateProblem", "applicationinsights:UpdateWorkload", "ec2:DescribeInstances", "ec2:DescribeVolumes", "rds:DescribeDBInstances", "rds:DescribeDBClusters", "sqs:ListQueues", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "autoscaling:DescribeAutoScalingGroups", "lambda:ListFunctions", "dynamodb:ListTables", "s3:ListAllMyBuckets", "sns:ListTopics", "states:ListStateMachines", "apigateway:GET", "ecs:ListClusters", "ecs:DescribeTaskDefinition", "ecs:ListServices", "ecs:ListTasks", "eks:ListClusters", "eks:ListNodegroups", "fsx:DescribeFileSystems", "logs:DescribeLogGroups", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "CloudWatchApplicationInsightsFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-01-25T17:51:29+00:00", "version": "v4" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSIoTRuleActions", "createdate": "2018-01-16T19:28:19Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "dynamodb:PutItem", "kinesis:PutRecord", "iot:Publish", "s3:PutObject", "sns:Publish", "sqs:SendMessage", "cloudwatch:SetAlarmState", "cloudwatch:PutMetricData", "es:ESHttpPut", "firehose:PutRecord" ], "malformed": false, "name": "AWSIoTRuleActions", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-01-16T19:28:19+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSMSKReplicatorExecutionRole", "createdate": "2024-03-25T21:36:08Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "kafka-cluster:Connect", "kafka-cluster:DescribeCluster", "kafka-cluster:AlterCluster", "kafka-cluster:DescribeTopic", "kafka-cluster:CreateTopic", "kafka-cluster:AlterTopic", "kafka-cluster:WriteData", "kafka-cluster:ReadData", "kafka-cluster:AlterGroup", "kafka-cluster:DescribeGroup", "kafka-cluster:DescribeTopicDynamicConfiguration", "kafka-cluster:AlterTopicDynamicConfiguration", "kafka-cluster:WriteDataIdempotently", "kafka-cluster:DescribeTopic", "kafka-cluster:CreateTopic", "kafka-cluster:AlterTopic", "kafka-cluster:WriteData", "kafka-cluster:ReadData", "kafka-cluster:DescribeTopicDynamicConfiguration", "kafka-cluster:AlterTopicDynamicConfiguration", "kafka-cluster:AlterCluster", "kafka-cluster:AlterGroup", "kafka-cluster:DescribeGroup" ], "malformed": false, "name": "AWSMSKReplicatorExecutionRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-25T21:36:08+00:00", "version": "v2" }, { "access_levels": [ "List", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSDeviceFarmTestGridServiceRolePolicy", "createdate": "2021-05-26T22:01:35Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeNetworkInterfaces", "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterface", "ec2:CreateTags", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterface", "ec2:ModifyNetworkInterfaceAttribute", "ec2:ModifyNetworkInterfaceAttribute" ], "malformed": false, "name": "AWSDeviceFarmTestGridServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-05-26T22:01:35+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSElasticLoadBalancingClassicServiceRolePolicy", "createdate": "2019-10-07T23:04:27Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeAddresses", "ec2:DescribeInstances", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "ec2:DescribeVpcs", "ec2:DescribeInternetGateways", "ec2:DescribeAccountAttributes", "ec2:DescribeClassicLinkInstances", "ec2:DescribeVpcClassicLink", "ec2:CreateSecurityGroup", "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:ModifyNetworkInterfaceAttribute", "ec2:AuthorizeSecurityGroupIngress", "ec2:AssociateAddress", "ec2:DisassociateAddress", "ec2:AttachNetworkInterface", "ec2:DetachNetworkInterface", "ec2:AssignPrivateIpAddresses", "ec2:AssignIpv6Addresses", "ec2:UnassignIpv6Addresses" ], "malformed": false, "name": "AWSElasticLoadBalancingClassicServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-10-07T23:04:27+00:00", "version": "v2" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSSupportAppFullAccess", "createdate": "2022-08-22T16:53:41Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "servicequotas:GetRequestedServiceQuotaChange", "servicequotas:GetServiceQuota", "servicequotas:RequestServiceQuotaIncrease", "support:AddAttachmentsToSet", "support:AddCommunicationToCase", "support:CreateCase", "support:DescribeCases", "support:DescribeCommunications", "support:DescribeSeverityLevels", "support:InitiateChatForCase", "support:ResolveCase", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSSupportAppFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-08-22T16:53:41+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingElastiCacheRGPolicy", "createdate": "2021-08-17T23:41:42Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elasticache:DescribeReplicationGroups", "elasticache:ModifyReplicationGroupShardConfiguration", "elasticache:IncreaseReplicaCount", "elasticache:DecreaseReplicaCount", "elasticache:DescribeCacheClusters", "elasticache:DescribeCacheParameters", "cloudwatch:DescribeAlarms", "cloudwatch:PutMetricAlarm", "cloudwatch:DeleteAlarms" ], "malformed": false, "name": "AWSApplicationAutoscalingElastiCacheRGPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-08-17T23:41:42+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSDeadlineCloud-FleetWorker", "createdate": "2024-04-01T17:21:47Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "deadline:AssumeFleetRoleForWorker", "deadline:UpdateWorker", "deadline:UpdateWorkerSchedule", "deadline:BatchGetJobEntity", "deadline:AssumeQueueRoleForWorker" ], "malformed": false, "name": "AWSDeadlineCloud-FleetWorker", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-01T17:21:47+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": null, "createdate": "2019-09-23T18:37:42Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [ "worklink:AssociateDomain", "worklink:AssociateWebsiteAuthorizationProvider", "worklink:AssociateWebsiteCertificateAuthority", "worklink:CreateFleet", "worklink:DeleteFleet", "worklink:DescribeAuditStreamConfiguration", "worklink:DescribeCompanyNetworkConfiguration", "worklink:DescribeDevice", "worklink:DescribeDevicePolicyConfiguration", "worklink:DescribeDomain", "worklink:DescribeFleetMetadata", "worklink:DescribeIdentityProviderConfiguration", "worklink:DescribeWebsiteCertificateAuthority", "worklink:DisassociateDomain", "worklink:DisassociateWebsiteAuthorizationProvider", "worklink:DisassociateWebsiteCertificateAuthority", "worklink:ListDevices", "worklink:ListDomains", "worklink:ListFleets", "worklink:ListTagsForResource", "worklink:ListWebsiteAuthorizationProviders", "worklink:ListWebsiteCertificateAuthorities", "worklink:RestoreDomainAccess", "worklink:RevokeDomainAccess", "worklink:SearchEntity", "worklink:SignOutUser", "worklink:TagResource", "worklink:UntagResource", "worklink:UpdateAuditStreamConfiguration", "worklink:UpdateCompanyNetworkConfiguration", "worklink:UpdateDevicePolicyConfiguration", "worklink:UpdateDomainMetadata", "worklink:UpdateFleetMetadata", "worklink:UpdateIdentityProviderConfiguration" ], "malformed": false, "name": "AmazonWorkLinkFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v2" }, { "access_levels": [ "Write", "Permissions management" ], "arn": null, "createdate": "2020-02-07T20:48:49Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [ "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:CreateNetworkInterfacePermission", "ec2:ModifyNetworkInterfaceAttribute", "ec2:DeleteNetworkInterface", "kinesis:PutRecord", "kinesis:PutRecords", "elasticloadbalancing:ModifyListener", "elasticloadbalancing:AddListenerCertificates", "elasticloadbalancing:RemoveListenerCertificates" ], "malformed": false, "name": "AmazonWorkLinkServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSGreengrassFullAccess", "createdate": "2017-05-03T00:47:37Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "greengrass:AssociateServiceRoleToAccount", "greengrass:BatchAssociateClientDeviceWithCoreDevice", "greengrass:BatchDisassociateClientDeviceFromCoreDevice", "greengrass:CancelDeployment", "greengrass:CreateComponentVersion", "greengrass:CreateDeployment", "greengrass:DeleteComponent", "greengrass:DeleteCoreDevice", "greengrass:DeleteDeployment", "greengrass:DescribeComponent", "greengrass:DisassociateServiceRoleFromAccount", "greengrass:GetComponent", "greengrass:GetComponentVersionArtifact", "greengrass:GetConnectivityInfo", "greengrass:GetCoreDevice", "greengrass:GetDeployment", "greengrass:GetServiceRoleForAccount", "greengrass:ListClientDevicesAssociatedWithCoreDevice", "greengrass:ListComponentVersions", "greengrass:ListComponents", "greengrass:ListCoreDevices", "greengrass:ListDeployments", "greengrass:ListEffectiveDeployments", "greengrass:ListInstalledComponents", "greengrass:ListTagsForResource", "greengrass:ResolveComponentCandidates", "greengrass:TagResource", "greengrass:UntagResource", "greengrass:UpdateConnectivityInfo", "greengrass:AssociateRoleToGroup", "greengrass:CreateConnectorDefinition", "greengrass:CreateConnectorDefinitionVersion", "greengrass:CreateCoreDefinition", "greengrass:CreateCoreDefinitionVersion", "greengrass:CreateDeviceDefinition", "greengrass:CreateDeviceDefinitionVersion", "greengrass:CreateFunctionDefinition", "greengrass:CreateFunctionDefinitionVersion", "greengrass:CreateGroup", "greengrass:CreateGroupCertificateAuthority", "greengrass:CreateGroupVersion", "greengrass:CreateLoggerDefinition", "greengrass:CreateLoggerDefinitionVersion", "greengrass:CreateResourceDefinition", "greengrass:CreateResourceDefinitionVersion", "greengrass:CreateSoftwareUpdateJob", "greengrass:CreateSubscriptionDefinition", "greengrass:CreateSubscriptionDefinitionVersion", "greengrass:DeleteConnectorDefinition", "greengrass:DeleteCoreDefinition", "greengrass:DeleteDeviceDefinition", "greengrass:DeleteFunctionDefinition", "greengrass:DeleteGroup", "greengrass:DeleteLoggerDefinition", "greengrass:DeleteResourceDefinition", "greengrass:DeleteSubscriptionDefinition", "greengrass:DisassociateRoleFromGroup", "greengrass:Discover", "greengrass:GetAssociatedRole", "greengrass:GetBulkDeploymentStatus", "greengrass:GetConnectorDefinition", "greengrass:GetConnectorDefinitionVersion", "greengrass:GetCoreDefinition", "greengrass:GetCoreDefinitionVersion", "greengrass:GetDeploymentStatus", "greengrass:GetDeviceDefinition", "greengrass:GetDeviceDefinitionVersion", "greengrass:GetFunctionDefinition", "greengrass:GetFunctionDefinitionVersion", "greengrass:GetGroup", "greengrass:GetGroupCertificateAuthority", "greengrass:GetGroupCertificateConfiguration", "greengrass:GetGroupVersion", "greengrass:GetLoggerDefinition", "greengrass:GetLoggerDefinitionVersion", "greengrass:GetResourceDefinition", "greengrass:GetResourceDefinitionVersion", "greengrass:GetSubscriptionDefinition", "greengrass:GetSubscriptionDefinitionVersion", "greengrass:GetThingRuntimeConfiguration", "greengrass:ListBulkDeploymentDetailedReports", "greengrass:ListBulkDeployments", "greengrass:ListConnectorDefinitionVersions", "greengrass:ListConnectorDefinitions", "greengrass:ListCoreDefinitionVersions", "greengrass:ListCoreDefinitions", "greengrass:ListDeviceDefinitionVersions", "greengrass:ListDeviceDefinitions", "greengrass:ListFunctionDefinitionVersions", "greengrass:ListFunctionDefinitions", "greengrass:ListGroupCertificateAuthorities", "greengrass:ListGroupVersions", "greengrass:ListGroups", "greengrass:ListLoggerDefinitionVersions", "greengrass:ListLoggerDefinitions", "greengrass:ListResourceDefinitionVersions", "greengrass:ListResourceDefinitions", "greengrass:ListSubscriptionDefinitionVersions", "greengrass:ListSubscriptionDefinitions", "greengrass:ResetDeployments", "greengrass:StartBulkDeployment", "greengrass:StopBulkDeployment", "greengrass:UpdateConnectorDefinition", "greengrass:UpdateCoreDefinition", "greengrass:UpdateDeviceDefinition", "greengrass:UpdateFunctionDefinition", "greengrass:UpdateGroup", "greengrass:UpdateGroupCertificateConfiguration", "greengrass:UpdateLoggerDefinition", "greengrass:UpdateResourceDefinition", "greengrass:UpdateSubscriptionDefinition", "greengrass:UpdateThingRuntimeConfiguration" ], "malformed": false, "name": "AWSGreengrassFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-05-03T00:47:37+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management", "Unknown" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforDataPipelineRole", "createdate": "2016-02-22T17:24:05Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudwatch:BatchGetServiceLevelIndicatorReport", "cloudwatch:BatchGetServiceLevelObjectiveBudgetReport", "cloudwatch:CreateServiceLevelObjective", "cloudwatch:DeleteAlarms", "cloudwatch:DeleteAnomalyDetector", "cloudwatch:DeleteDashboards", "cloudwatch:DeleteInsightRules", "cloudwatch:DeleteMetricStream", "cloudwatch:DeleteServiceLevelObjective", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:DisableAlarmActions", "cloudwatch:DisableInsightRules", "cloudwatch:EnableAlarmActions", "cloudwatch:EnableInsightRules", "cloudwatch:EnableTopologyDiscovery", "cloudwatch:GenerateQuery", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:Link", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "cloudwatch:PutAnomalyDetector", "cloudwatch:PutCompositeAlarm", "cloudwatch:PutDashboard", "cloudwatch:PutInsightRule", "cloudwatch:PutManagedInsightRules", "cloudwatch:PutMetricAlarm", "cloudwatch:PutMetricData", "cloudwatch:PutMetricStream", "cloudwatch:SetAlarmState", "cloudwatch:StartMetricStreams", "cloudwatch:StopMetricStreams", "cloudwatch:TagResource", "cloudwatch:UntagResource", "cloudwatch:UpdateServiceLevelObjective", "datapipeline:ActivatePipeline", "datapipeline:AddTags", "datapipeline:CreatePipeline", "datapipeline:DeactivatePipeline", "datapipeline:DeletePipeline", "datapipeline:DescribeObjects", "datapipeline:DescribePipelines", "datapipeline:EvaluateExpression", "datapipeline:GetAccountLimits", "datapipeline:GetPipelineDefinition", "datapipeline:ListPipelines", "datapipeline:PollForTask", "datapipeline:PutAccountLimits", "datapipeline:PutPipelineDefinition", "datapipeline:QueryObjects", "datapipeline:RemoveTags", "datapipeline:ReportTaskProgress", "datapipeline:ReportTaskRunnerHeartbeat", "datapipeline:SetStatus", "datapipeline:SetTaskStatus", "datapipeline:ValidatePipelineDefinition", "dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:ConditionCheckItem", "dynamodb:CreateBackup", "dynamodb:CreateGlobalTable", "dynamodb:CreateTable", "dynamodb:CreateTableReplica", "dynamodb:DeleteBackup", "dynamodb:DeleteItem", "dynamodb:DeleteResourcePolicy", "dynamodb:DeleteTable", "dynamodb:DeleteTableReplica", "dynamodb:DescribeBackup", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeContributorInsights", "dynamodb:DescribeEndpoints", "dynamodb:DescribeExport", "dynamodb:DescribeGlobalTable", "dynamodb:DescribeGlobalTableSettings", "dynamodb:DescribeImport", "dynamodb:DescribeKinesisStreamingDestination", "dynamodb:DescribeLimits", "dynamodb:DescribeReservedCapacity", "dynamodb:DescribeReservedCapacityOfferings", "dynamodb:DescribeStream", "dynamodb:DescribeTable", "dynamodb:DescribeTableReplicaAutoScaling", "dynamodb:DescribeTimeToLive", "dynamodb:DisableKinesisStreamingDestination", "dynamodb:EnableKinesisStreamingDestination", "dynamodb:ExportTableToPointInTime", "dynamodb:GetItem", "dynamodb:GetRecords", "dynamodb:GetResourcePolicy", "dynamodb:GetShardIterator", "dynamodb:ImportTable", "dynamodb:ListBackups", "dynamodb:ListContributorInsights", "dynamodb:ListExports", "dynamodb:ListGlobalTables", "dynamodb:ListImports", "dynamodb:ListStreams", "dynamodb:ListTables", "dynamodb:ListTagsOfResource", "dynamodb:PartiQLDelete", "dynamodb:PartiQLInsert", "dynamodb:PartiQLSelect", "dynamodb:PartiQLUpdate", "dynamodb:PurchaseReservedCapacityOfferings", "dynamodb:PutItem", "dynamodb:PutResourcePolicy", "dynamodb:Query", "dynamodb:RestoreTableFromAwsBackup", "dynamodb:RestoreTableFromBackup", "dynamodb:RestoreTableToPointInTime", "dynamodb:Scan", "dynamodb:StartAwsBackupJob", "dynamodb:TagResource", "dynamodb:UntagResource", "dynamodb:UpdateContinuousBackups", "dynamodb:UpdateContributorInsights", "dynamodb:UpdateGlobalTable", "dynamodb:UpdateGlobalTableSettings", "dynamodb:UpdateGlobalTableVersion", "dynamodb:UpdateItem", "dynamodb:UpdateKinesisStreamingDestination", "dynamodb:UpdateTable", "dynamodb:UpdateTableReplicaAutoScaling", "dynamodb:UpdateTimeToLive", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "elasticmapreduce:AddJobFlowSteps", "elasticmapreduce:DescribeCluster", "elasticmapreduce:DescribeEditor", "elasticmapreduce:DescribeJobFlows", "elasticmapreduce:DescribeNotebookExecution", "elasticmapreduce:DescribePersistentAppUI", "elasticmapreduce:DescribeReleaseLabel", "elasticmapreduce:DescribeRepository", "elasticmapreduce:DescribeSecurityConfiguration", "elasticmapreduce:DescribeStep", "elasticmapreduce:DescribeStudio", "elasticmapreduce:ListInstanceFleets", "elasticmapreduce:ListInstanceGroups", "elasticmapreduce:ListInstances", "elasticmapreduce:ModifyInstanceGroups", "rds:DescribeAccountAttributes", "rds:DescribeBlueGreenDeployments", "rds:DescribeCertificates", "rds:DescribeDBClusterAutomatedBackups", "rds:DescribeDBClusterBacktracks", "rds:DescribeDBClusterEndpoints", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBProxies", "rds:DescribeDBProxyEndpoints", "rds:DescribeDBProxyTargetGroups", "rds:DescribeDBProxyTargets", "rds:DescribeDBRecommendations", "rds:DescribeDBSecurityGroups", "rds:DescribeDBShardGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeDbSnapshotTenantDatabases", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeExportTasks", "rds:DescribeGlobalClusters", "rds:DescribeIntegrations", "rds:DescribeOptionGroupOptions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeRecommendationGroups", "rds:DescribeRecommendations", "rds:DescribeReservedDBInstances", "rds:DescribeReservedDBInstancesOfferings", "rds:DescribeSourceRegions", "rds:DescribeTenantDatabases", "rds:DescribeValidDBInstanceModifications", "redshift:DescribeClusters", "redshift:DescribeClusterSecurityGroups", "s3:AbortMultipartUpload", "s3:AssociateAccessGrantsIdentityCenter", "s3:BypassGovernanceRetention", "s3:CreateAccessGrant", "s3:CreateAccessGrantsInstance", "s3:CreateAccessGrantsLocation", "s3:CreateAccessPoint", "s3:CreateAccessPointForObjectLambda", "s3:CreateBucket", "s3:CreateJob", "s3:CreateMultiRegionAccessPoint", "s3:CreateStorageLensGroup", "s3:DeleteAccessGrant", "s3:DeleteAccessGrantsInstance", "s3:DeleteAccessGrantsInstanceResourcePolicy", "s3:DeleteAccessGrantsLocation", "s3:DeleteAccessPoint", "s3:DeleteAccessPointForObjectLambda", "s3:DeleteAccessPointPolicy", "s3:DeleteAccessPointPolicyForObjectLambda", "s3:DeleteBucket", "s3:DeleteBucketPolicy", "s3:DeleteBucketWebsite", "s3:DeleteIntelligentTieringConfiguration", "s3:DeleteJobTagging", "s3:DeleteMultiRegionAccessPoint", "s3:DeleteObject", "s3:DeleteObjectTagging", "s3:DeleteObjectVersion", "s3:DeleteObjectVersionTagging", "s3:DeleteStorageLensConfiguration", "s3:DeleteStorageLensConfigurationTagging", "s3:DeleteStorageLensGroup", "s3:DescribeJob", "s3:DescribeMultiRegionAccessPointOperation", "s3:DissociateAccessGrantsIdentityCenter", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:InitiateReplication", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:ObjectOwnerOverrideToBucketOwner", "s3:PutAccelerateConfiguration", "s3:PutAccessGrantsInstanceResourcePolicy", "s3:PutAccessPointConfigurationForObjectLambda", "s3:PutAccessPointPolicy", "s3:PutAccessPointPolicyForObjectLambda", "s3:PutAccessPointPublicAccessBlock", "s3:PutAccountPublicAccessBlock", "s3:PutAnalyticsConfiguration", "s3:PutBucketAcl", "s3:PutBucketCORS", "s3:PutBucketLogging", "s3:PutBucketNotification", "s3:PutBucketObjectLockConfiguration", "s3:PutBucketOwnershipControls", "s3:PutBucketPolicy", "s3:PutBucketPublicAccessBlock", "s3:PutBucketRequestPayment", "s3:PutBucketTagging", "s3:PutBucketVersioning", "s3:PutBucketWebsite", "s3:PutEncryptionConfiguration", "s3:PutIntelligentTieringConfiguration", "s3:PutInventoryConfiguration", "s3:PutJobTagging", "s3:PutLifecycleConfiguration", "s3:PutMetricsConfiguration", "s3:PutMultiRegionAccessPointPolicy", "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionAcl", "s3:PutObjectVersionTagging", "s3:PutReplicationConfiguration", "s3:PutStorageLensConfiguration", "s3:PutStorageLensConfigurationTagging", "s3:ReplicateDelete", "s3:ReplicateObject", "s3:ReplicateTags", "s3:RestoreObject", "s3:SubmitMultiRegionAccessPointRoutes", "s3:TagResource", "s3:UntagResource", "s3:UpdateAccessGrantsLocation", "s3:UpdateJobPriority", "s3:UpdateJobStatus", "s3:UpdateStorageLensGroup", "sdb:BatchDeleteAttributes", "sdb:BatchPutAttributes", "sdb:CreateDomain", "sdb:DeleteAttributes", "sdb:DeleteDomain", "sdb:DomainMetadata", "sdb:GetAttributes", "sdb:ListDomains", "sdb:PutAttributes", "sdb:Select", "sns:AddPermission", "sns:CheckIfPhoneNumberIsOptedOut", "sns:ConfirmSubscription", "sns:CreatePlatformApplication", "sns:CreatePlatformEndpoint", "sns:CreateSMSSandboxPhoneNumber", "sns:CreateTopic", "sns:DeleteEndpoint", "sns:DeletePlatformApplication", "sns:DeleteSMSSandboxPhoneNumber", "sns:DeleteTopic", "sns:GetDataProtectionPolicy", "sns:GetEndpointAttributes", "sns:GetPlatformApplicationAttributes", "sns:GetSMSAttributes", "sns:GetSMSSandboxAccountStatus", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:ListEndpointsByPlatformApplication", "sns:ListOriginationNumbers", "sns:ListPhoneNumbersOptedOut", "sns:ListPlatformApplications", "sns:ListSMSSandboxPhoneNumbers", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "sns:OptInPhoneNumber", "sns:Publish", "sns:PutDataProtectionPolicy", "sns:RemovePermission", "sns:SetEndpointAttributes", "sns:SetPlatformApplicationAttributes", "sns:SetSMSAttributes", "sns:SetSubscriptionAttributes", "sns:SetTopicAttributes", "sns:Subscribe", "sns:TagResource", "sns:Unsubscribe", "sns:UntagResource", "sns:VerifySMSSandboxPhoneNumber", "sqs:AddPermission", "sqs:CancelMessageMoveTask", "sqs:ChangeMessageVisibility", "sqs:CreateQueue", "sqs:DeleteMessage", "sqs:DeleteQueue", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "sqs:ListDeadLetterSourceQueues", "sqs:ListMessageMoveTasks", "sqs:ListQueueTags", "sqs:ListQueues", "sqs:PurgeQueue", "sqs:ReceiveMessage", "sqs:RemovePermission", "sqs:SendMessage", "sqs:SetQueueAttributes", "sqs:StartMessageMoveTask", "sqs:TagQueue", "sqs:UntagQueue" ], "malformed": false, "name": "AmazonEC2RoleforDataPipelineRole", "privesc": false, "resource_exposure": true, "undocumented_actions": true, "unknown_actions": false, "updatedate": "2016-02-22T17:24:05+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSNetworkManagerServiceRolePolicy", "createdate": "2022-07-27T19:41:29Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "directconnect:DescribeDirectConnectGateways", "directconnect:DescribeConnections", "directconnect:DescribeDirectConnectGatewayAttachments", "directconnect:DescribeLocations", "directconnect:DescribeVirtualInterfaces", "ec2:DescribeCustomerGateways", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGateways", "ec2:DescribeVpnConnections", "ec2:DescribeVpcs", "ec2:GetTransitGatewayRouteTableAssociations", "ec2:GetTransitGatewayRouteTablePropagations", "ec2:SearchTransitGatewayRoutes", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeRegions", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListAccounts", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListDelegatedAdministrators", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayPolicyTables", "ec2:GetTransitGatewayPolicyTableAssociations", "ec2:GetTransitGatewayPolicyTableEntries" ], "malformed": false, "name": "AWSNetworkManagerServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-07-27T19:41:29+00:00", "version": "v8" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonTextractServiceRole", "createdate": "2018-11-28T19:12:16Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "sns:Publish" ], "malformed": false, "name": "AmazonTextractServiceRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-11-28T19:12:16+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonAppStreamFullAccess", "createdate": "2020-08-28T17:24:35Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "appstream:AssociateAppBlockBuilderAppBlock", "appstream:AssociateApplicationFleet", "appstream:AssociateApplicationToEntitlement", "appstream:AssociateFleet", "appstream:BatchAssociateUserStack", "appstream:BatchDisassociateUserStack", "appstream:CopyImage", "appstream:CreateAppBlock", "appstream:CreateAppBlockBuilder", "appstream:CreateAppBlockBuilderStreamingURL", "appstream:CreateApplication", "appstream:CreateDirectoryConfig", "appstream:CreateEntitlement", "appstream:CreateFleet", "appstream:CreateImageBuilder", "appstream:CreateImageBuilderStreamingURL", "appstream:CreateStack", "appstream:CreateStreamingURL", "appstream:CreateUpdatedImage", "appstream:CreateUsageReportSubscription", "appstream:CreateUser", "appstream:DeleteAppBlock", "appstream:DeleteAppBlockBuilder", "appstream:DeleteApplication", "appstream:DeleteDirectoryConfig", "appstream:DeleteEntitlement", "appstream:DeleteFleet", "appstream:DeleteImage", "appstream:DeleteImageBuilder", "appstream:DeleteImagePermissions", "appstream:DeleteStack", "appstream:DeleteUsageReportSubscription", "appstream:DeleteUser", "appstream:DescribeAppBlockBuilderAppBlockAssociations", "appstream:DescribeAppBlockBuilders", "appstream:DescribeAppBlocks", "appstream:DescribeApplicationFleetAssociations", "appstream:DescribeApplications", "appstream:DescribeDirectoryConfigs", "appstream:DescribeEntitlements", "appstream:DescribeFleets", "appstream:DescribeImageBuilders", "appstream:DescribeImagePermissions", "appstream:DescribeImages", "appstream:DescribeSessions", "appstream:DescribeStacks", "appstream:DescribeUsageReportSubscriptions", "appstream:DescribeUserStackAssociations", "appstream:DescribeUsers", "appstream:DisableUser", "appstream:DisassociateAppBlockBuilderAppBlock", "appstream:DisassociateApplicationFleet", "appstream:DisassociateApplicationFromEntitlement", "appstream:DisassociateFleet", "appstream:EnableUser", "appstream:ExpireSession", "appstream:ListAssociatedFleets", "appstream:ListAssociatedStacks", "appstream:ListEntitledApplications", "appstream:ListTagsForResource", "appstream:StartAppBlockBuilder", "appstream:StartFleet", "appstream:StartImageBuilder", "appstream:StopAppBlockBuilder", "appstream:StopFleet", "appstream:StopImageBuilder", "appstream:Stream", "appstream:TagResource", "appstream:UntagResource", "appstream:UpdateAppBlockBuilder", "appstream:UpdateApplication", "appstream:UpdateDirectoryConfig", "appstream:UpdateEntitlement", "appstream:UpdateFleet", "appstream:UpdateImagePermissions", "appstream:UpdateStack", "application-autoscaling:DeleteScalingPolicy", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:PutScalingPolicy", "application-autoscaling:RegisterScalableTarget", "application-autoscaling:DescribeScheduledActions", "application-autoscaling:PutScheduledAction", "application-autoscaling:DeleteScheduledAction", "cloudwatch:DeleteAlarms", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricStatistics", "cloudwatch:PutMetricAlarm", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeVpcEndpoints", "iam:ListRoles", "iam:PassRole", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonAppStreamFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-08-28T17:24:35+00:00", "version": "v6" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": null, "createdate": "2017-12-22T23:43:28Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "cloudwatch:BatchGetServiceLevelIndicatorReport", "cloudwatch:BatchGetServiceLevelObjectiveBudgetReport", "cloudwatch:CreateServiceLevelObjective", "cloudwatch:DeleteAlarms", "cloudwatch:DeleteAnomalyDetector", "cloudwatch:DeleteDashboards", "cloudwatch:DeleteInsightRules", "cloudwatch:DeleteMetricStream", "cloudwatch:DeleteServiceLevelObjective", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:DisableAlarmActions", "cloudwatch:DisableInsightRules", "cloudwatch:EnableAlarmActions", "cloudwatch:EnableInsightRules", "cloudwatch:EnableTopologyDiscovery", "cloudwatch:GenerateQuery", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:Link", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "cloudwatch:PutAnomalyDetector", "cloudwatch:PutCompositeAlarm", "cloudwatch:PutDashboard", "cloudwatch:PutInsightRule", "cloudwatch:PutManagedInsightRules", "cloudwatch:PutMetricAlarm", "cloudwatch:PutMetricData", "cloudwatch:PutMetricStream", "cloudwatch:SetAlarmState", "cloudwatch:StartMetricStreams", "cloudwatch:StopMetricStreams", "cloudwatch:TagResource", "cloudwatch:UntagResource", "cloudwatch:UpdateServiceLevelObjective", "datapipeline:DescribeObjects", "datapipeline:EvaluateExpression", "dynamodb:BatchGetItem", "dynamodb:DescribeTable", "dynamodb:GetItem", "dynamodb:Query", "dynamodb:Scan", "dynamodb:UpdateTable", "ec2:AuthorizeSecurityGroupIngress", "ec2:CancelSpotInstanceRequests", "ec2:CreateSecurityGroup", "ec2:CreateTags", "ec2:DeleteTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:ModifyImageAttribute", "ec2:ModifyInstanceAttribute", "ec2:RequestSpotInstances", "ec2:RunInstances", "ec2:StartInstances", "ec2:StopInstances", "ec2:TerminateInstances", "ec2:AuthorizeSecurityGroupEgress", "ec2:DeleteSecurityGroup", "ec2:RevokeSecurityGroupEgress", "ec2:DescribeNetworkInterfaces", "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:DetachNetworkInterface", "elasticmapreduce:AddInstanceFleet", "elasticmapreduce:AddInstanceGroups", "elasticmapreduce:AddJobFlowSteps", "elasticmapreduce:AddTags", "elasticmapreduce:AttachEditor", "elasticmapreduce:CancelSteps", "elasticmapreduce:CreateEditor", "elasticmapreduce:CreatePersistentAppUI", "elasticmapreduce:CreateRepository", "elasticmapreduce:CreateSecurityConfiguration", "elasticmapreduce:CreateStudio", "elasticmapreduce:CreateStudioPresignedUrl", "elasticmapreduce:CreateStudioSessionMapping", "elasticmapreduce:DeleteEditor", "elasticmapreduce:DeleteRepository", "elasticmapreduce:DeleteSecurityConfiguration", "elasticmapreduce:DeleteStudio", "elasticmapreduce:DeleteStudioSessionMapping", "elasticmapreduce:DeleteWorkspaceAccess", "elasticmapreduce:DescribeCluster", "elasticmapreduce:DescribeEditor", "elasticmapreduce:DescribeJobFlows", "elasticmapreduce:DescribeNotebookExecution", "elasticmapreduce:DescribePersistentAppUI", "elasticmapreduce:DescribeReleaseLabel", "elasticmapreduce:DescribeRepository", "elasticmapreduce:DescribeSecurityConfiguration", "elasticmapreduce:DescribeStep", "elasticmapreduce:DescribeStudio", "elasticmapreduce:DetachEditor", "elasticmapreduce:GetAutoTerminationPolicy", "elasticmapreduce:GetBlockPublicAccessConfiguration", "elasticmapreduce:GetClusterSessionCredentials", "elasticmapreduce:GetManagedScalingPolicy", "elasticmapreduce:GetOnClusterAppUIPresignedURL", "elasticmapreduce:GetPersistentAppUIPresignedURL", "elasticmapreduce:GetStudioSessionMapping", "elasticmapreduce:LinkRepository", "elasticmapreduce:ListBootstrapActions", "elasticmapreduce:ListClusters", "elasticmapreduce:ListEditors", "elasticmapreduce:ListInstanceFleets", "elasticmapreduce:ListInstanceGroups", "elasticmapreduce:ListInstances", "elasticmapreduce:ListNotebookExecutions", "elasticmapreduce:ListReleaseLabels", "elasticmapreduce:ListRepositories", "elasticmapreduce:ListSecurityConfigurations", "elasticmapreduce:ListSteps", "elasticmapreduce:ListStudioSessionMappings", "elasticmapreduce:ListStudios", "elasticmapreduce:ListSupportedInstanceTypes", "elasticmapreduce:ListWorkspaceAccessIdentities", "elasticmapreduce:ModifyCluster", "elasticmapreduce:ModifyInstanceFleet", "elasticmapreduce:ModifyInstanceGroups", "elasticmapreduce:OpenEditorInConsole", "elasticmapreduce:PutAutoScalingPolicy", "elasticmapreduce:PutAutoTerminationPolicy", "elasticmapreduce:PutBlockPublicAccessConfiguration", "elasticmapreduce:PutManagedScalingPolicy", "elasticmapreduce:PutWorkspaceAccess", "elasticmapreduce:RemoveAutoScalingPolicy", "elasticmapreduce:RemoveAutoTerminationPolicy", "elasticmapreduce:RemoveManagedScalingPolicy", "elasticmapreduce:RemoveTags", "elasticmapreduce:RunJobFlow", "elasticmapreduce:SetKeepJobFlowAliveWhenNoSteps", "elasticmapreduce:SetTerminationProtection", "elasticmapreduce:SetUnhealthyNodeReplacement", "elasticmapreduce:SetVisibleToAllUsers", "elasticmapreduce:StartEditor", "elasticmapreduce:StartNotebookExecution", "elasticmapreduce:StopEditor", "elasticmapreduce:StopNotebookExecution", "elasticmapreduce:TerminateJobFlows", "elasticmapreduce:UnlinkRepository", "elasticmapreduce:UpdateEditor", "elasticmapreduce:UpdateRepository", "elasticmapreduce:UpdateStudio", "elasticmapreduce:UpdateStudioSessionMapping", "elasticmapreduce:ViewEventsFromAllClustersInConsole", "iam:GetInstanceProfile", "iam:GetRole", "iam:GetRolePolicy", "iam:ListAttachedRolePolicies", "iam:ListRolePolicies", "iam:ListInstanceProfiles", "iam:PassRole", "rds:DescribeDBInstances", "rds:DescribeDBSecurityGroups", "redshift:DescribeClusters", "redshift:DescribeClusterSecurityGroups", "s3:CreateBucket", "s3:DeleteObject", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:PutAccelerateConfiguration", "s3:PutAccessGrantsInstanceResourcePolicy", "s3:PutAccessPointConfigurationForObjectLambda", "s3:PutAccessPointPolicy", "s3:PutAccessPointPolicyForObjectLambda", "s3:PutAccessPointPublicAccessBlock", "s3:PutAccountPublicAccessBlock", "s3:PutAnalyticsConfiguration", "s3:PutBucketAcl", "s3:PutBucketCORS", "s3:PutBucketLogging", "s3:PutBucketNotification", "s3:PutBucketObjectLockConfiguration", "s3:PutBucketOwnershipControls", "s3:PutBucketPolicy", "s3:PutBucketPublicAccessBlock", "s3:PutBucketRequestPayment", "s3:PutBucketTagging", "s3:PutBucketVersioning", "s3:PutBucketWebsite", "s3:PutEncryptionConfiguration", "s3:PutIntelligentTieringConfiguration", "s3:PutInventoryConfiguration", "s3:PutJobTagging", "s3:PutLifecycleConfiguration", "s3:PutMetricsConfiguration", "s3:PutMultiRegionAccessPointPolicy", "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionAcl", "s3:PutObjectVersionTagging", "s3:PutReplicationConfiguration", "s3:PutStorageLensConfiguration", "s3:PutStorageLensConfigurationTagging", "sdb:BatchPutAttributes", "sdb:Select", "sns:GetTopicAttributes", "sns:ListTopics", "sns:Publish", "sns:Subscribe", "sns:Unsubscribe", "sqs:CreateQueue", "sqs:DeleteMessage", "sqs:DeleteQueue", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "sqs:PurgeQueue", "sqs:ReceiveMessage", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSDataPipelineRole", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v6" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSPanoramaServiceRolePolicy", "createdate": "2020-12-01T13:14:43Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "iot:CreateThing", "iot:DeleteThing", "iot:DeleteThingShadow", "iot:DescribeThing", "iot:GetThingShadow", "iot:UpdateThing", "iot:UpdateThingShadow", "iot:AttachThingPrincipal", "iot:DetachThingPrincipal", "iot:UpdateCertificate", "iot:DeleteCertificate", "iot:AttachPrincipalPolicy", "iot:DetachPrincipalPolicy", "iot:CreateKeysAndCertificate", "iot:CreatePolicy", "iot:CreatePolicyVersion", "iot:DescribeJobExecution", "iot:CreateJob", "iot:DeleteJob", "iot:DescribeEndpoint", "panorama:DescribeApplicationInstance", "panorama:DescribeApplicationInstanceDetails", "panorama:DescribeDevice", "panorama:DescribeDeviceJob", "panorama:DescribeNode", "panorama:DescribeNodeFromTemplateJob", "panorama:DescribePackage", "panorama:DescribePackageImportJob", "panorama:DescribePackageVersion", "panorama:DescribeSoftware", "panorama:ListApplicationInstanceDependencies", "panorama:ListApplicationInstanceNodeInstances", "panorama:ListApplicationInstances", "panorama:ListDevices", "panorama:ListDevicesJobs", "panorama:ListNodeFromTemplateJobs", "panorama:ListNodes", "panorama:ListPackageImportJobs", "panorama:ListPackages", "panorama:ListTagsForResource", "panorama:GetWebSocketURL", "s3:GetObject", "s3:PutObject", "s3:DeleteObject", "s3:DeleteBucket", "s3:ListBucket", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:CreateBucket", "iam:PassRole", "iam:PassRole", "iam:PassRole", "greengrass:AssociateRoleToGroup", "greengrass:AssociateServiceRoleToAccount", "greengrass:CreateResourceDefinition", "greengrass:CreateResourceDefinitionVersion", "greengrass:CreateCoreDefinition", "greengrass:CreateCoreDefinitionVersion", "greengrass:CreateDeployment", "greengrass:CreateFunctionDefinition", "greengrass:CreateFunctionDefinitionVersion", "greengrass:CreateGroup", "greengrass:CreateGroupCertificateAuthority", "greengrass:CreateGroupVersion", "greengrass:CreateLoggerDefinition", "greengrass:CreateLoggerDefinitionVersion", "greengrass:CreateSubscriptionDefinition", "greengrass:CreateSubscriptionDefinitionVersion", "greengrass:DeleteCoreDefinition", "greengrass:DeleteFunctionDefinition", "greengrass:DeleteResourceDefinition", "greengrass:DeleteGroup", "greengrass:DeleteLoggerDefinition", "greengrass:DeleteSubscriptionDefinition", "greengrass:DisassociateRoleFromGroup", "greengrass:DisassociateServiceRoleFromAccount", "greengrass:GetAssociatedRole", "greengrass:GetConnectivityInfo", "greengrass:GetCoreDefinition", "greengrass:GetCoreDefinitionVersion", "greengrass:GetDeploymentStatus", "greengrass:GetDeviceDefinition", "greengrass:GetDeviceDefinitionVersion", "greengrass:GetFunctionDefinition", "greengrass:GetFunctionDefinitionVersion", "greengrass:GetGroup", "greengrass:GetGroupCertificateAuthority", "greengrass:GetGroupCertificateConfiguration", "greengrass:GetGroupVersion", "greengrass:GetLoggerDefinition", "greengrass:GetLoggerDefinitionVersion", "greengrass:GetResourceDefinition", "greengrass:GetServiceRoleForAccount", "greengrass:GetSubscriptionDefinition", "greengrass:GetSubscriptionDefinitionVersion", "greengrass:ListCoreDefinitionVersions", "greengrass:ListCoreDefinitions", "greengrass:ListDeployments", "greengrass:ListDeviceDefinitionVersions", "greengrass:ListDeviceDefinitions", "greengrass:ListFunctionDefinitionVersions", "greengrass:ListFunctionDefinitions", "greengrass:ListGroupCertificateAuthorities", "greengrass:ListGroupVersions", "greengrass:ListGroups", "greengrass:ListLoggerDefinitionVersions", "greengrass:ListLoggerDefinitions", "greengrass:ListSubscriptionDefinitionVersions", "greengrass:ListSubscriptionDefinitions", "greengrass:ResetDeployments", "greengrass:UpdateConnectivityInfo", "greengrass:UpdateCoreDefinition", "greengrass:UpdateDeviceDefinition", "greengrass:UpdateFunctionDefinition", "greengrass:UpdateGroup", "greengrass:UpdateGroupCertificateConfiguration", "greengrass:UpdateLoggerDefinition", "greengrass:UpdateSubscriptionDefinition", "greengrass:UpdateResourceDefinition", "lambda:GetFunction", "lambda:GetFunctionConfiguration", "lambda:ListFunctions", "lambda:ListVersionsByFunction", "sagemaker:CreateTrainingJob", "sagemaker:StopTrainingJob", "sagemaker:CreateCompilationJob", "sagemaker:DescribeCompilationJob", "sagemaker:StopCompilationJob", "sagemaker:ListCompilationJobs", "sagemaker:DescribeTrainingJob", "iot:AttachPolicy", "iot:CreateRoleAlias" ], "malformed": false, "name": "AWSPanoramaServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-01T13:14:43+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSElementalMediaTailorReadOnly", "createdate": "2021-11-23T00:05:01Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mediatailor:ListAlerts", "mediatailor:ListChannels", "mediatailor:ListLiveSources", "mediatailor:ListPlaybackConfigurations", "mediatailor:ListPrefetchSchedules", "mediatailor:ListSourceLocations", "mediatailor:ListTagsForResource", "mediatailor:ListVodSources", "mediatailor:DescribeChannel", "mediatailor:DescribeLiveSource", "mediatailor:DescribeProgram", "mediatailor:DescribeSourceLocation", "mediatailor:DescribeVodSource", "mediatailor:GetChannelPolicy", "mediatailor:GetChannelSchedule", "mediatailor:GetPlaybackConfiguration", "mediatailor:GetPrefetchSchedule" ], "malformed": false, "name": "AWSElementalMediaTailorReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-11-23T00:05:01+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup", "createdate": "2019-05-20T21:05:39Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "a4b:RegisterDevice", "a4b:CompleteRegistration", "a4b:SearchDevices", "a4b:SearchNetworkProfiles", "a4b:GetNetworkProfile", "a4b:PutDeviceSetupEvents", "secretsmanager:GetSecretValue" ], "malformed": false, "name": "AlexaForBusinessDeviceSetup", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-05-20T21:05:39+00:00", "version": "v2" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AWSBudgetsReadOnlyAccess", "createdate": "2020-10-15T17:18:28Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "aws-portal:ViewBilling", "budgets:ViewBudget", "budgets:DescribeBudgetAction", "budgets:DescribeBudgetActionHistories", "budgets:DescribeBudgetActionsForAccount", "budgets:DescribeBudgetActionsForBudget" ], "malformed": false, "name": "AWSBudgetsReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-10-15T17:18:28+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/ROSAImageRegistryOperatorPolicy", "createdate": "2023-12-12T19:53:12Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:CreateBucket", "s3:DeleteBucket", "s3:GetBucketTagging", "s3:GetBucketPublicAccessBlock", "s3:GetEncryptionConfiguration", "s3:GetLifecycleConfiguration", "s3:GetBucketLocation", "s3:PutBucketPublicAccessBlock", "s3:PutBucketTagging", "s3:PutEncryptionConfiguration", "s3:PutLifecycleConfiguration", "s3:AbortMultipartUpload", "s3:DeleteObject", "s3:GetObject", "s3:ListMultipartUploadParts", "s3:PutObject" ], "malformed": false, "name": "ROSAImageRegistryOperatorPolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-12T19:53:12+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSGreengrassReadOnlyAccess", "createdate": "2018-10-30T16:01:43Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "greengrass:ListClientDevicesAssociatedWithCoreDevice", "greengrass:ListComponentVersions", "greengrass:ListComponents", "greengrass:ListCoreDevices", "greengrass:ListDeployments", "greengrass:ListEffectiveDeployments", "greengrass:ListInstalledComponents", "greengrass:ListTagsForResource", "greengrass:ListBulkDeploymentDetailedReports", "greengrass:ListBulkDeployments", "greengrass:ListConnectorDefinitionVersions", "greengrass:ListConnectorDefinitions", "greengrass:ListCoreDefinitionVersions", "greengrass:ListCoreDefinitions", "greengrass:ListDeviceDefinitionVersions", "greengrass:ListDeviceDefinitions", "greengrass:ListFunctionDefinitionVersions", "greengrass:ListFunctionDefinitions", "greengrass:ListGroupCertificateAuthorities", "greengrass:ListGroupVersions", "greengrass:ListGroups", "greengrass:ListLoggerDefinitionVersions", "greengrass:ListLoggerDefinitions", "greengrass:ListResourceDefinitionVersions", "greengrass:ListResourceDefinitions", "greengrass:ListSubscriptionDefinitionVersions", "greengrass:ListSubscriptionDefinitions", "greengrass:GetComponent", "greengrass:GetComponentVersionArtifact", "greengrass:GetConnectivityInfo", "greengrass:GetCoreDevice", "greengrass:GetDeployment", "greengrass:GetServiceRoleForAccount", "greengrass:GetAssociatedRole", "greengrass:GetBulkDeploymentStatus", "greengrass:GetConnectorDefinition", "greengrass:GetConnectorDefinitionVersion", "greengrass:GetCoreDefinition", "greengrass:GetCoreDefinitionVersion", "greengrass:GetDeploymentStatus", "greengrass:GetDeviceDefinition", "greengrass:GetDeviceDefinitionVersion", "greengrass:GetFunctionDefinition", "greengrass:GetFunctionDefinitionVersion", "greengrass:GetGroup", "greengrass:GetGroupCertificateAuthority", "greengrass:GetGroupCertificateConfiguration", "greengrass:GetGroupVersion", "greengrass:GetLoggerDefinition", "greengrass:GetLoggerDefinitionVersion", "greengrass:GetResourceDefinition", "greengrass:GetResourceDefinitionVersion", "greengrass:GetSubscriptionDefinition", "greengrass:GetSubscriptionDefinitionVersion", "greengrass:GetThingRuntimeConfiguration" ], "malformed": false, "name": "AWSGreengrassReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-10-30T16:01:43+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSIoTOTAUpdate", "createdate": "2017-12-20T20:36:53Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iot:CreateJob", "signer:DescribeSigningJob" ], "malformed": false, "name": "AWSIoTOTAUpdate", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-12-20T20:36:53+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management", "Unknown" ], "arn": "arn:aws:iam::aws:policy/service-role/AwsGlueSessionUserRestrictedServiceRole", "createdate": "2022-04-14T21:30:07Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "glue:BatchCreatePartition", "glue:BatchDeleteConnection", "glue:BatchDeletePartition", "glue:BatchDeleteTable", "glue:BatchDeleteTableVersion", "glue:BatchGetBlueprints", "glue:BatchGetCrawlers", "glue:BatchGetCustomEntityTypes", "glue:BatchGetDevEndpoints", "glue:BatchGetJobs", "glue:BatchGetPartition", "glue:BatchGetStageFiles", "glue:BatchGetTableOptimizer", "glue:BatchGetTriggers", "glue:BatchGetWorkflows", "glue:BatchStopJobRun", "glue:BatchUpdatePartition", "glue:CancelDataQualityRuleRecommendationRun", "glue:CancelDataQualityRulesetEvaluationRun", "glue:CancelMLTaskRun", "glue:CancelStatement", "glue:CheckSchemaVersionValidity", "glue:CreateBlueprint", "glue:CreateClassifier", "glue:CreateConnection", "glue:CreateCrawler", "glue:CreateCustomEntityType", "glue:CreateDataQualityRuleset", "glue:CreateDatabase", "glue:CreateDevEndpoint", "glue:CreateJob", "glue:CreateMLTransform", "glue:CreatePartition", "glue:CreatePartitionIndex", "glue:CreateRegistry", "glue:CreateSchema", "glue:CreateScript", "glue:CreateSecurityConfiguration", "glue:CreateSession", "glue:CreateTable", "glue:CreateTableOptimizer", "glue:CreateTrigger", "glue:CreateUserDefinedFunction", "glue:CreateWorkflow", "glue:DeleteBlueprint", "glue:DeleteClassifier", "glue:DeleteColumnStatisticsForPartition", "glue:DeleteColumnStatisticsForTable", "glue:DeleteConnection", "glue:DeleteCrawler", "glue:DeleteCustomEntityType", "glue:DeleteDataQualityRuleset", "glue:DeleteDatabase", "glue:DeleteDevEndpoint", "glue:DeleteJob", "glue:DeleteMLTransform", "glue:DeletePartition", "glue:DeletePartitionIndex", "glue:DeleteRegistry", "glue:DeleteResourcePolicy", "glue:DeleteSchema", "glue:DeleteSchemaVersions", "glue:DeleteSecurityConfiguration", "glue:DeleteSession", "glue:DeleteTable", "glue:DeleteTableOptimizer", "glue:DeleteTableVersion", "glue:DeleteTrigger", "glue:DeleteUserDefinedFunction", "glue:DeleteWorkflow", "glue:DeregisterDataPreview", "glue:GetBlueprint", "glue:GetBlueprintRun", "glue:GetBlueprintRuns", "glue:GetCatalogImportStatus", "glue:GetClassifier", "glue:GetClassifiers", "glue:GetColumnStatisticsForPartition", "glue:GetColumnStatisticsForTable", "glue:GetColumnStatisticsTaskRun", "glue:GetColumnStatisticsTaskRuns", "glue:GetCompletion", "glue:GetConnection", "glue:GetConnections", "glue:GetCrawler", "glue:GetCrawlerMetrics", "glue:GetCrawlers", "glue:GetCustomEntityType", "glue:GetDataCatalogEncryptionSettings", "glue:GetDataPreviewStatement", "glue:GetDataQualityResult", "glue:GetDataQualityRuleRecommendationRun", "glue:GetDataQualityRuleset", "glue:GetDataQualityRulesetEvaluationRun", "glue:GetDatabase", "glue:GetDatabases", "glue:GetDataflowGraph", "glue:GetDevEndpoint", "glue:GetDevEndpoints", "glue:GetEnvironment", "glue:GetExecutors", "glue:GetExecutorsThreads", "glue:GetJob", "glue:GetJobBookmark", "glue:GetJobRun", "glue:GetJobRuns", "glue:GetJobs", "glue:GetLogParsingStatus", "glue:GetMLTaskRun", "glue:GetMLTaskRuns", "glue:GetMLTransform", "glue:GetMLTransforms", "glue:GetMapping", "glue:GetNotebookInstanceStatus", "glue:GetPartition", "glue:GetPartitionIndexes", "glue:GetPartitionMetadata", "glue:GetPartitions", "glue:GetPlan", "glue:GetQueries", "glue:GetQuery", "glue:GetRegistry", "glue:GetResourcePolicies", "glue:GetResourcePolicy", "glue:GetSchema", "glue:GetSchemaByDefinition", "glue:GetSchemaVersion", "glue:GetSchemaVersionsDiff", "glue:GetSecurityConfiguration", "glue:GetSecurityConfigurations", "glue:GetSession", "glue:GetStage", "glue:GetStageAttempt", "glue:GetStageAttemptTaskList", "glue:GetStageAttemptTaskSummary", "glue:GetStageFiles", "glue:GetStages", "glue:GetStatement", "glue:GetStorage", "glue:GetStorageUnit", "glue:GetTable", "glue:GetTableOptimizer", "glue:GetTableVersion", "glue:GetTableVersions", "glue:GetTables", "glue:GetTags", "glue:GetTrigger", "glue:GetTriggers", "glue:GetUserDefinedFunction", "glue:GetUserDefinedFunctions", "glue:GetWorkflow", "glue:GetWorkflowRun", "glue:GetWorkflowRunProperties", "glue:GetWorkflowRuns", "glue:GlueNotebookAuthorize", "glue:GlueNotebookRefreshCredentials", "glue:ImportCatalogToGlue", "glue:ListBlueprints", "glue:ListColumnStatisticsTaskRuns", "glue:ListCrawlers", "glue:ListCrawls", "glue:ListCustomEntityTypes", "glue:ListDataQualityResults", "glue:ListDataQualityRuleRecommendationRuns", "glue:ListDataQualityRulesetEvaluationRuns", "glue:ListDataQualityRulesets", "glue:ListDevEndpoints", "glue:ListJobs", "glue:ListMLTransforms", "glue:ListRegistries", "glue:ListSchemaVersions", "glue:ListSchemas", "glue:ListSessions", "glue:ListStatements", "glue:ListTableOptimizerRuns", "glue:ListTriggers", "glue:ListWorkflows", "glue:NotifyEvent", "glue:PassConnection", "glue:PublishDataQuality", "glue:PutDataCatalogEncryptionSettings", "glue:PutResourcePolicy", "glue:PutSchemaVersionMetadata", "glue:PutWorkflowRunProperties", "glue:QuerySchemaVersionMetadata", "glue:RegisterSchemaVersion", "glue:RemoveSchemaVersionMetadata", "glue:RequestLogParsing", "glue:ResetJobBookmark", "glue:ResumeWorkflowRun", "glue:RunDataPreviewStatement", "glue:RunStatement", "glue:SearchTables", "glue:SendFeedback", "glue:StartBlueprintRun", "glue:StartColumnStatisticsTaskRun", "glue:StartCompletion", "glue:StartCrawler", "glue:StartCrawlerSchedule", "glue:StartDataQualityRuleRecommendationRun", "glue:StartDataQualityRulesetEvaluationRun", "glue:StartExportLabelsTaskRun", "glue:StartImportLabelsTaskRun", "glue:StartJobRun", "glue:StartMLEvaluationTaskRun", "glue:StartMLLabelingSetGenerationTaskRun", "glue:StartNotebook", "glue:StartTrigger", "glue:StartWorkflowRun", "glue:StopColumnStatisticsTaskRun", "glue:StopCrawler", "glue:StopCrawlerSchedule", "glue:StopSession", "glue:StopTrigger", "glue:StopWorkflowRun", "glue:TagResource", "glue:TerminateNotebook", "glue:TestConnection", "glue:UntagResource", "glue:UpdateBlueprint", "glue:UpdateClassifier", "glue:UpdateColumnStatisticsForPartition", "glue:UpdateColumnStatisticsForTable", "glue:UpdateConnection", "glue:UpdateCrawler", "glue:UpdateCrawlerSchedule", "glue:UpdateDataQualityRuleset", "glue:UpdateDatabase", "glue:UpdateDevEndpoint", "glue:UpdateJob", "glue:UpdateJobFromSourceControl", "glue:UpdateMLTransform", "glue:UpdatePartition", "glue:UpdateRegistry", "glue:UpdateSchema", "glue:UpdateSourceControlFromJob", "glue:UpdateTable", "glue:UpdateTableOptimizer", "glue:UpdateTrigger", "glue:UpdateUserDefinedFunction", "glue:UpdateWorkflow", "glue:UseGlueStudio", "glue:UseMLTransforms", "glue:CreateSession", "glue:RunStatement", "glue:GetStatement", "glue:ListStatements", "glue:CancelStatement", "glue:StopSession", "glue:DeleteSession", "glue:GetSession", "glue:ListSessions", "s3:CreateBucket", "s3:GetObject", "s3:PutObject", "s3:DeleteObject", "s3:GetObject", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "ec2:CreateTags", "ec2:DeleteTags" ], "malformed": false, "name": "AwsGlueSessionUserRestrictedServiceRole", "privesc": true, "resource_exposure": true, "undocumented_actions": true, "unknown_actions": false, "updatedate": "2022-04-14T21:30:07+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSQuickSightAssetBundleImportPolicy", "createdate": "2024-03-27T21:40:34Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "quicksight:ListTagsForResource", "quicksight:TagResource", "quicksight:UntagResource", "quicksight:CreateDashboard", "quicksight:DeleteDashboard", "quicksight:DescribeDashboard", "quicksight:UpdateDashboard", "quicksight:UpdateDashboardPublishedVersion", "quicksight:DescribeDashboardPermissions", "quicksight:UpdateDashboardPermissions", "quicksight:UpdateDashboardLinks", "quicksight:CreateAnalysis", "quicksight:DeleteAnalysis", "quicksight:DescribeAnalysis", "quicksight:UpdateAnalysis", "quicksight:DescribeAnalysisPermissions", "quicksight:UpdateAnalysisPermissions", "quicksight:CreateDataSet", "quicksight:DeleteDataSet", "quicksight:DescribeDataSet", "quicksight:PassDataSet", "quicksight:UpdateDataSet", "quicksight:DeleteDataSetRefreshProperties", "quicksight:DescribeDataSetRefreshProperties", "quicksight:PutDataSetRefreshProperties", "quicksight:UpdateDataSetPermissions", "quicksight:DescribeDataSetPermissions", "quicksight:ListRefreshSchedules", "quicksight:CreateDataSource", "quicksight:DescribeDataSource", "quicksight:DeleteDataSource", "quicksight:PassDataSource", "quicksight:UpdateDataSource", "quicksight:UpdateDataSourcePermissions", "quicksight:DescribeDataSourcePermissions", "quicksight:CreateTheme", "quicksight:DeleteTheme", "quicksight:DescribeTheme", "quicksight:UpdateTheme", "quicksight:DescribeThemePermissions", "quicksight:UpdateThemePermissions", "quicksight:CreateRefreshSchedule", "quicksight:DescribeRefreshSchedule", "quicksight:DeleteRefreshSchedule", "quicksight:UpdateRefreshSchedule", "quicksight:ListVPCConnections", "quicksight:CreateVPCConnection", "quicksight:DescribeVPCConnection", "quicksight:DeleteVPCConnection", "quicksight:UpdateVPCConnection", "quicksight:DescribeAssetBundleImportJob", "quicksight:ListAssetBundleImportJobs", "quicksight:StartAssetBundleImportJob" ], "malformed": false, "name": "AWSQuickSightAssetBundleImportPolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-27T21:40:34+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonNimbleStudio-StudioAdmin", "createdate": "2023-09-22T17:40:41Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "nimble:CreateStreamingSession", "nimble:GetStreamingSession", "nimble:StartStreamingSession", "nimble:StopStreamingSession", "nimble:CreateStreamingSessionStream", "nimble:GetStreamingSessionStream", "nimble:DeleteStreamingSession", "nimble:ListStreamingSessionBackups", "nimble:GetStreamingSessionBackup", "nimble:ListEulas", "nimble:ListEulaAcceptances", "nimble:GetEula", "nimble:AcceptEulas", "nimble:ListStudioMembers", "nimble:GetStudioMember", "nimble:ListStreamingSessions", "nimble:GetStreamingImage", "nimble:ListStreamingImages", "nimble:GetLaunchProfileInitialization", "nimble:GetLaunchProfileDetails", "nimble:GetFeatureMap", "nimble:PutStudioLogEvents", "nimble:ListLaunchProfiles", "nimble:GetLaunchProfile", "nimble:GetLaunchProfileMember", "nimble:ListLaunchProfileMembers", "nimble:PutLaunchProfileMembers", "nimble:UpdateLaunchProfileMember", "nimble:DeleteLaunchProfileMember", "sso-directory:DescribeUsers", "sso-directory:SearchUsers", "identitystore:DescribeUser", "identitystore:ListUsers", "ds:CreateComputer", "ds:DescribeDirectories", "ec2:DescribeSubnets", "ec2:CreateNetworkInterface", "ec2:DescribeNetworkInterfaces", "ec2:DeleteNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterfacePermission", "ec2:DescribeSecurityGroups", "fsx:DescribeFileSystems" ], "malformed": false, "name": "AmazonNimbleStudio-StudioAdmin", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-09-22T17:40:41+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonElasticFileSystemServiceRolePolicy", "createdate": "2022-01-10T19:27:33Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "backup-storage:MountCapsule", "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeNetworkInterfaceAttribute", "ec2:ModifyNetworkInterfaceAttribute", "tag:GetResources", "kms:DescribeKey", "backup:CreateBackupVault", "backup:PutBackupVaultAccessPolicy", "backup:CreateBackupPlan", "backup:CreateBackupSelection", "iam:CreateServiceLinkedRole", "iam:PassRole", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:CreateReplicationConfiguration", "elasticfilesystem:DescribeReplicationConfigurations", "elasticfilesystem:DeleteReplicationConfiguration" ], "malformed": false, "name": "AmazonElasticFileSystemServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-01-10T19:27:33+00:00", "version": "v4" }, { "access_levels": [ "List", "Read" ], "arn": null, "createdate": "2020-06-18T00:38:49Z", "credentials_exposure": true, "data_access": true, "deprecated": true, "effective_action_names": [ "codeartifact:DescribeDomain", "codeartifact:DescribePackage", "codeartifact:DescribePackageGroup", "codeartifact:DescribePackageVersion", "codeartifact:DescribeRepository", "codeartifact:GetAssociatedPackageGroup", "codeartifact:GetAuthorizationToken", "codeartifact:GetDomainPermissionsPolicy", "codeartifact:GetPackageVersionAsset", "codeartifact:GetPackageVersionReadme", "codeartifact:GetRepositoryEndpoint", "codeartifact:GetRepositoryPermissionsPolicy", "codeartifact:ListAllowedRepositoriesForGroup", "codeartifact:ListAssociatedPackages", "codeartifact:ListDomains", "codeartifact:ListPackageGroups", "codeartifact:ListPackageVersionAssets", "codeartifact:ListPackageVersionDependencies", "codeartifact:ListPackageVersions", "codeartifact:ListPackages", "codeartifact:ListRepositories", "codeartifact:ListRepositoriesInDomain", "codeartifact:ListSubPackageGroups", "codeartifact:ListTagsForResource", "codeartifact:ReadFromRepository", "sts:GetServiceBearerToken" ], "malformed": false, "name": "AWSCodeArtifactReadOnlyAccess.json", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": null, "createdate": "2020-10-15T17:20:48Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [ "ec2:DescribeInstanceStatus", "ec2:StartInstances", "ec2:StopInstances", "rds:DescribeDBInstances", "rds:StartDBInstance", "rds:StopDBInstance", "ssm:StartAutomationExecution" ], "malformed": false, "name": "AWSBudgetsActionsRolePolicyForResourceAdministrationWithSSM", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonDynamoDBReadOnlyAccess", "createdate": "2024-03-20T15:45:01Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingActivities", "application-autoscaling:DescribeScalingPolicies", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "cloudwatch:GetMetricData", "datapipeline:DescribeObjects", "datapipeline:DescribePipelines", "datapipeline:GetPipelineDefinition", "datapipeline:ListPipelines", "datapipeline:QueryObjects", "dynamodb:BatchGetItem", "dynamodb:DescribeBackup", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeContributorInsights", "dynamodb:DescribeEndpoints", "dynamodb:DescribeExport", "dynamodb:DescribeGlobalTable", "dynamodb:DescribeGlobalTableSettings", "dynamodb:DescribeImport", "dynamodb:DescribeKinesisStreamingDestination", "dynamodb:DescribeLimits", "dynamodb:DescribeReservedCapacity", "dynamodb:DescribeReservedCapacityOfferings", "dynamodb:DescribeStream", "dynamodb:DescribeTable", "dynamodb:DescribeTableReplicaAutoScaling", "dynamodb:DescribeTimeToLive", "dynamodb:ListBackups", "dynamodb:ListContributorInsights", "dynamodb:ListExports", "dynamodb:ListGlobalTables", "dynamodb:ListImports", "dynamodb:ListStreams", "dynamodb:ListTables", "dynamodb:ListTagsOfResource", "dynamodb:GetItem", "dynamodb:GetResourcePolicy", "dynamodb:Query", "dynamodb:Scan", "dynamodb:PartiQLSelect", "dax:DescribeClusters", "dax:DescribeDefaultParameters", "dax:DescribeEvents", "dax:DescribeParameterGroups", "dax:DescribeParameters", "dax:DescribeSubnetGroups", "dax:ListTags", "dax:GetItem", "dax:BatchGetItem", "dax:Query", "dax:Scan", "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "iam:GetRole", "iam:ListRoles", "kms:DescribeKey", "kms:ListAliases", "sns:ListSubscriptionsByTopic", "sns:ListTopics", "lambda:ListFunctions", "lambda:ListEventSourceMappings", "lambda:GetFunctionConfiguration", "resource-groups:ListGroups", "resource-groups:ListGroupResources", "resource-groups:GetGroup", "resource-groups:GetGroupQuery", "tag:GetResources", "kinesis:ListStreams", "kinesis:DescribeStream", "kinesis:DescribeStreamSummary", "cloudwatch:GetInsightRuleReport" ], "malformed": false, "name": "AmazonDynamoDBReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-20T15:45:01+00:00", "version": "v14" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSAppRunnerReadOnlyAccess", "createdate": "2022-02-24T21:24:15Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "apprunner:ListAssociatedServicesForWebAcl", "apprunner:ListAutoScalingConfigurations", "apprunner:ListConnections", "apprunner:ListObservabilityConfigurations", "apprunner:ListOperations", "apprunner:ListServices", "apprunner:ListServicesForAutoScalingConfiguration", "apprunner:ListTagsForResource", "apprunner:ListVpcConnectors", "apprunner:ListVpcIngressConnections", "apprunner:DescribeAutoScalingConfiguration", "apprunner:DescribeCustomDomains", "apprunner:DescribeObservabilityConfiguration", "apprunner:DescribeOperation", "apprunner:DescribeService", "apprunner:DescribeVpcConnector", "apprunner:DescribeVpcIngressConnection", "apprunner:DescribeWebAclForService" ], "malformed": false, "name": "AWSAppRunnerReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-02-24T21:24:15+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonManagedBlockchainServiceRolePolicy", "createdate": "2020-01-17T19:51:28Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogStreams" ], "malformed": false, "name": "AmazonManagedBlockchainServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-01-17T19:51:28+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/ROSASRESupportPolicy", "createdate": "2024-04-10T20:51:37Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ec2:DescribeAvailabilityZones", "ec2:DescribeRegions", "sts:DecodeAuthorizationMessage", "route53:GetHostedZone", "route53:GetHostedZoneCount", "route53:ListHostedZones", "route53:ListHostedZonesByName", "route53:ListResourceRecordSets", "iam:GetRole", "iam:ListRoles", "ec2:DescribeInstances", "ec2:DescribeInstanceStatus", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeReservedInstances", "ec2:DescribeScheduledInstances", "ec2:DescribeDhcpOptions", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSubnets", "ec2:DescribeRouteTables", "cloudtrail:DescribeTrails", "cloudtrail:LookupEvents", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVolumeStatus", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpoints", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeAddressesAttribute", "iam:GetInstanceProfile", "ec2:DescribeSpotFleetInstances", "ec2:DescribeVolumeAttribute", "ec2:RebootInstances", "ec2:StartInstances", "ec2:StopInstances", "ec2:TerminateInstances" ], "malformed": false, "name": "ROSASRESupportPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-10T20:51:37+00:00", "version": "v3" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/CustomerProfilesServiceLinkedRolePolicy", "createdate": "2023-03-07T22:56:52Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:PutMetricData", "iam:DeleteRole" ], "malformed": false, "name": "CustomerProfilesServiceLinkedRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-07T22:56:52+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSIncidentManagerResolverAccess", "createdate": "2021-05-10T06:12:34Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ssm-incidents:StartIncident", "ssm-incidents:ListResponsePlans", "ssm-incidents:GetResponsePlan", "ssm-incidents:ListIncidentRecords", "ssm-incidents:GetIncidentRecord", "ssm-incidents:UpdateIncidentRecord", "ssm-incidents:ListTimelineEvents", "ssm-incidents:CreateTimelineEvent", "ssm-incidents:GetTimelineEvent", "ssm-incidents:UpdateTimelineEvent", "ssm-incidents:DeleteTimelineEvent", "ssm-incidents:ListRelatedItems", "ssm-incidents:UpdateRelatedItems" ], "malformed": false, "name": "AWSIncidentManagerResolverAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-05-10T06:12:34+00:00", "version": "v1" }, { "access_levels": [ "List", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSDeviceFarmServiceRolePolicy", "createdate": "2022-09-20T21:02:28Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeNetworkInterfaces", "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterface", "ec2:CreateTags", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterface", "ec2:ModifyNetworkInterfaceAttribute", "ec2:ModifyNetworkInterfaceAttribute" ], "malformed": false, "name": "AWSDeviceFarmServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-09-20T21:02:28+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonDevOpsGuruOrganizationsAccess", "createdate": "2021-11-15T23:50:52Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "devops-guru:DescribeOrganizationHealth", "devops-guru:DescribeOrganizationResourceCollectionHealth", "devops-guru:DescribeOrganizationOverview", "devops-guru:ListOrganizationInsights", "devops-guru:SearchOrganizationInsights", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListAccounts", "organizations:ListChildren", "organizations:ListOrganizationalUnitsForParent", "organizations:ListRoots", "organizations:DeregisterDelegatedAdministrator", "organizations:RegisterDelegatedAdministrator", "organizations:ListDelegatedAdministrators", "organizations:EnableAWSServiceAccess", "organizations:DisableAWSServiceAccess" ], "malformed": false, "name": "AmazonDevOpsGuruOrganizationsAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-11-15T23:50:52+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": null, "createdate": "2020-06-24T22:01:10Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [ "sns:Publish" ], "malformed": false, "name": "AWSServiceRoleForCodeGuruProfiler", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/IAMUserSSHKeys", "createdate": "2015-07-09T17:08:54Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:DeleteSSHPublicKey", "iam:GetSSHPublicKey", "iam:ListSSHPublicKeys", "iam:UpdateSSHPublicKey", "iam:UploadSSHPublicKey" ], "malformed": false, "name": "IAMUserSSHKeys", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-07-09T17:08:54+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSPrivateCAReadOnly", "createdate": "2023-02-14T18:30:50Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "acm-pca:DescribeCertificateAuthority", "acm-pca:DescribeCertificateAuthorityAuditReport", "acm-pca:ListCertificateAuthorities", "acm-pca:GetCertificateAuthorityCsr", "acm-pca:GetCertificateAuthorityCertificate", "acm-pca:GetCertificate", "acm-pca:GetPolicy", "acm-pca:ListPermissions", "acm-pca:ListTags" ], "malformed": false, "name": "AWSPrivateCAReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-02-14T18:30:50+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonCloudWatchRUMServiceRolePolicy", "createdate": "2023-02-22T20:35:15Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "xray:PutTraceSegments", "cloudwatch:PutMetricData" ], "malformed": false, "name": "AmazonCloudWatchRUMServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-02-22T20:35:15+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonTranscribeFullAccess", "createdate": "2018-04-04T16:06:16Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "transcribe:CreateCallAnalyticsCategory", "transcribe:CreateLanguageModel", "transcribe:CreateMedicalVocabulary", "transcribe:CreateVocabulary", "transcribe:CreateVocabularyFilter", "transcribe:DeleteCallAnalyticsCategory", "transcribe:DeleteCallAnalyticsJob", "transcribe:DeleteLanguageModel", "transcribe:DeleteMedicalScribeJob", "transcribe:DeleteMedicalTranscriptionJob", "transcribe:DeleteMedicalVocabulary", "transcribe:DeleteTranscriptionJob", "transcribe:DeleteVocabulary", "transcribe:DeleteVocabularyFilter", "transcribe:DescribeLanguageModel", "transcribe:GetCallAnalyticsCategory", "transcribe:GetCallAnalyticsJob", "transcribe:GetMedicalScribeJob", "transcribe:GetMedicalTranscriptionJob", "transcribe:GetMedicalVocabulary", "transcribe:GetTranscriptionJob", "transcribe:GetVocabulary", "transcribe:GetVocabularyFilter", "transcribe:ListCallAnalyticsCategories", "transcribe:ListCallAnalyticsJobs", "transcribe:ListLanguageModels", "transcribe:ListMedicalScribeJobs", "transcribe:ListMedicalTranscriptionJobs", "transcribe:ListMedicalVocabularies", "transcribe:ListTagsForResource", "transcribe:ListTranscriptionJobs", "transcribe:ListVocabularies", "transcribe:ListVocabularyFilters", "transcribe:StartCallAnalyticsJob", "transcribe:StartCallAnalyticsStreamTranscription", "transcribe:StartCallAnalyticsStreamTranscriptionWebSocket", "transcribe:StartMedicalScribeJob", "transcribe:StartMedicalStreamTranscription", "transcribe:StartMedicalStreamTranscriptionWebSocket", "transcribe:StartMedicalTranscriptionJob", "transcribe:StartStreamTranscription", "transcribe:StartStreamTranscriptionWebSocket", "transcribe:StartTranscriptionJob", "transcribe:TagResource", "transcribe:UntagResource", "transcribe:UpdateCallAnalyticsCategory", "transcribe:UpdateMedicalVocabulary", "transcribe:UpdateVocabulary", "transcribe:UpdateVocabularyFilter", "s3:GetObject" ], "malformed": false, "name": "AmazonTranscribeFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-04-04T16:06:16+00:00", "version": "v1" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy", "createdate": "2022-11-18T14:42:46Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateSnapshot", "ec2:AttachVolume", "ec2:DetachVolume", "ec2:ModifyVolume", "ec2:DescribeAvailabilityZones", "ec2:DescribeInstances", "ec2:DescribeSnapshots", "ec2:DescribeTags", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:CreateTags", "ec2:DeleteTags", "ec2:CreateVolume", "ec2:CreateVolume", "ec2:DeleteVolume", "ec2:DeleteVolume", "ec2:DeleteVolume", "ec2:DeleteSnapshot", "ec2:DeleteSnapshot" ], "malformed": false, "name": "AmazonEBSCSIDriverPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-18T14:42:46+00:00", "version": "v2" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSNetworkManagerCloudWANServiceRolePolicy", "createdate": "2022-07-12T12:17:49Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateTransitGatewayRouteTableAnnouncement", "ec2:DeleteTransitGatewayRouteTableAnnouncement", "ec2:EnableTransitGatewayRouteTablePropagation", "ec2:DisableTransitGatewayRouteTablePropagation" ], "malformed": false, "name": "AWSNetworkManagerCloudWANServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-07-12T12:17:49+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSOpsWorks_FullAccess", "createdate": "2021-01-22T16:29:08Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:GetMetricStatistics", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", "ec2:DescribeInstances", "ec2:DescribeKeyPairs", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancers", "iam:GetRolePolicy", "iam:ListInstanceProfiles", "iam:ListRoles", "iam:ListUsers", "opsworks:AssignInstance", "opsworks:AssignVolume", "opsworks:AssociateElasticIp", "opsworks:AttachElasticLoadBalancer", "opsworks:CloneStack", "opsworks:CreateApp", "opsworks:CreateDeployment", "opsworks:CreateInstance", "opsworks:CreateLayer", "opsworks:CreateStack", "opsworks:CreateUserProfile", "opsworks:DeleteApp", "opsworks:DeleteInstance", "opsworks:DeleteLayer", "opsworks:DeleteStack", "opsworks:DeleteUserProfile", "opsworks:DeregisterEcsCluster", "opsworks:DeregisterElasticIp", "opsworks:DeregisterInstance", "opsworks:DeregisterRdsDbInstance", "opsworks:DeregisterVolume", "opsworks:DescribeAgentVersions", "opsworks:DescribeApps", "opsworks:DescribeCommands", "opsworks:DescribeDeployments", "opsworks:DescribeEcsClusters", "opsworks:DescribeElasticIps", "opsworks:DescribeElasticLoadBalancers", "opsworks:DescribeInstances", "opsworks:DescribeLayers", "opsworks:DescribeLoadBasedAutoScaling", "opsworks:DescribeMyUserProfile", "opsworks:DescribeOperatingSystems", "opsworks:DescribePermissions", "opsworks:DescribeRaidArrays", "opsworks:DescribeRdsDbInstances", "opsworks:DescribeServiceErrors", "opsworks:DescribeStackProvisioningParameters", "opsworks:DescribeStackSummary", "opsworks:DescribeStacks", "opsworks:DescribeTimeBasedAutoScaling", "opsworks:DescribeUserProfiles", "opsworks:DescribeVolumes", "opsworks:DetachElasticLoadBalancer", "opsworks:DisassociateElasticIp", "opsworks:GetHostnameSuggestion", "opsworks:GrantAccess", "opsworks:ListTags", "opsworks:RebootInstance", "opsworks:RegisterEcsCluster", "opsworks:RegisterElasticIp", "opsworks:RegisterInstance", "opsworks:RegisterRdsDbInstance", "opsworks:RegisterVolume", "opsworks:SetLoadBasedAutoScaling", "opsworks:SetPermission", "opsworks:SetTimeBasedAutoScaling", "opsworks:StartInstance", "opsworks:StartStack", "opsworks:StopInstance", "opsworks:StopStack", "opsworks:TagResource", "opsworks:UnassignInstance", "opsworks:UnassignVolume", "opsworks:UntagResource", "opsworks:UpdateApp", "opsworks:UpdateElasticIp", "opsworks:UpdateInstance", "opsworks:UpdateLayer", "opsworks:UpdateMyUserProfile", "opsworks:UpdateRdsDbInstance", "opsworks:UpdateStack", "opsworks:UpdateUserProfile", "opsworks:UpdateVolume", "iam:PassRole" ], "malformed": false, "name": "AWSOpsWorks_FullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-01-22T16:29:08+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonEMRCleanupPolicy", "createdate": "2020-09-29T21:11:54Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeInstances", "ec2:DescribeLaunchTemplates", "ec2:DescribeSpotInstanceRequests", "ec2:DeleteLaunchTemplate", "ec2:ModifyInstanceAttribute", "ec2:TerminateInstances", "ec2:CancelSpotInstanceRequests", "ec2:DeleteNetworkInterface", "ec2:DescribeInstanceAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DetachVolume", "ec2:DeleteVolume", "ec2:DescribePlacementGroups", "ec2:DeletePlacementGroup" ], "malformed": false, "name": "AmazonEMRCleanupPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-09-29T21:11:54+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/WellArchitectedConsoleReadOnlyAccess", "createdate": "2023-06-29T17:16:13Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "wellarchitected:GetAnswer", "wellarchitected:GetConsolidatedReport", "wellarchitected:GetGlobalSettings", "wellarchitected:GetLens", "wellarchitected:GetLensReview", "wellarchitected:GetLensReviewReport", "wellarchitected:GetLensVersionDifference", "wellarchitected:GetMilestone", "wellarchitected:GetProfile", "wellarchitected:GetProfileTemplate", "wellarchitected:GetReviewTemplate", "wellarchitected:GetReviewTemplateAnswer", "wellarchitected:GetReviewTemplateLensReview", "wellarchitected:GetWorkload", "wellarchitected:ListAnswers", "wellarchitected:ListCheckDetails", "wellarchitected:ListCheckSummaries", "wellarchitected:ListLensReviewImprovements", "wellarchitected:ListLensReviews", "wellarchitected:ListLensShares", "wellarchitected:ListLenses", "wellarchitected:ListMilestones", "wellarchitected:ListNotifications", "wellarchitected:ListProfileNotifications", "wellarchitected:ListProfileShares", "wellarchitected:ListProfiles", "wellarchitected:ListReviewTemplateAnswers", "wellarchitected:ListReviewTemplates", "wellarchitected:ListShareInvitations", "wellarchitected:ListTagsForResource", "wellarchitected:ListTemplateShares", "wellarchitected:ListWorkloadShares", "wellarchitected:ListWorkloads", "wellarchitected:ExportLens" ], "malformed": false, "name": "WellArchitectedConsoleReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-06-29T17:16:13+00:00", "version": "v2" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/CloudWatch-CrossAccountAccess", "createdate": "2019-07-23T09:59:27Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "sts:AssumeRole" ], "malformed": false, "name": "CloudWatch-CrossAccountAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-07-23T09:59:27+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonInspectorReadOnlyAccess", "createdate": "2019-10-01T15:17:54Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "inspector:DescribeAssessmentRuns", "inspector:DescribeAssessmentTargets", "inspector:DescribeAssessmentTemplates", "inspector:DescribeCrossAccountAccessRole", "inspector:DescribeExclusions", "inspector:DescribeFindings", "inspector:DescribeResourceGroups", "inspector:DescribeRulesPackages", "inspector:GetAssessmentReport", "inspector:GetExclusionsPreview", "inspector:GetTelemetryMetadata", "inspector:ListAssessmentRunAgents", "inspector:ListAssessmentRuns", "inspector:ListAssessmentTargets", "inspector:ListAssessmentTemplates", "inspector:ListEventSubscriptions", "inspector:ListExclusions", "inspector:ListFindings", "inspector:ListRulesPackages", "inspector:ListTagsForResource", "inspector:PreviewAgents", "ec2:DescribeInstances", "ec2:DescribeTags", "sns:ListTopics", "events:DescribeRule", "events:ListRuleNamesByTarget" ], "malformed": false, "name": "AmazonInspectorReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-10-01T15:17:54+00:00", "version": "v4" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSEC2CapacityReservationFleetRolePolicy", "createdate": "2021-09-29T14:43:09Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeCapacityReservations", "ec2:DescribeInstances", "ec2:CreateCapacityReservation", "ec2:CancelCapacityReservation", "ec2:ModifyCapacityReservation", "ec2:CreateTags" ], "malformed": false, "name": "AWSEC2CapacityReservationFleetRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-09-29T14:43:09+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonVPCReadOnlyAccess", "createdate": "2024-02-08T17:08:19Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeFlowLogs", "ec2:DescribeInternetGateways", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePrefixLists", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:GetSecurityGroupsForVpc" ], "malformed": false, "name": "AmazonVPCReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-08T17:08:19+00:00", "version": "v9" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSHealthImagingFullAccess", "createdate": "2023-07-25T23:39:40Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "medical-imaging:CopyImageSet", "medical-imaging:CreateDatastore", "medical-imaging:DeleteDatastore", "medical-imaging:DeleteImageSet", "medical-imaging:GetDICOMImportJob", "medical-imaging:GetDatastore", "medical-imaging:GetImageFrame", "medical-imaging:GetImageSet", "medical-imaging:GetImageSetMetadata", "medical-imaging:ListDICOMImportJobs", "medical-imaging:ListDatastores", "medical-imaging:ListImageSetVersions", "medical-imaging:ListTagsForResource", "medical-imaging:SearchImageSets", "medical-imaging:StartDICOMImportJob", "medical-imaging:TagResource", "medical-imaging:UntagResource", "medical-imaging:UpdateImageSetMetadata", "iam:PassRole" ], "malformed": false, "name": "AWSHealthImagingFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-07-25T23:39:40+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSMigrationHubRefactorSpaces-SSMAutomationPolicy", "createdate": "2023-08-10T15:08:14Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ec2:DescribeInstanceStatus", "ec2:DescribeInstances", "ec2:ModifyInstanceAttribute", "ec2:ModifyInstanceAttribute", "ec2:CreateTags", "ec2:DeleteTags", "ssm:GetParameters" ], "malformed": false, "name": "AWSMigrationHubRefactorSpaces-SSMAutomationPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-08-10T15:08:14+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": null, "createdate": "2020-06-05T21:38:20Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [ "logs:CreateLogDelivery", "logs:GetLogDelivery", "logs:UpdateLogDelivery", "logs:DeleteLogDelivery", "logs:ListLogDeliveries", "logs:DescribeResourcePolicies", "logs:DescribeLogGroups", "s3:GetBucketPolicy" ], "malformed": false, "name": "CheesepuffsServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSCloud9Administrator", "createdate": "2023-10-11T12:59:29Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "cloud9:ActivateEC2Remote", "cloud9:CreateEnvironmentEC2", "cloud9:CreateEnvironmentMembership", "cloud9:CreateEnvironmentSSH", "cloud9:CreateEnvironmentToken", "cloud9:DeleteEnvironment", "cloud9:DeleteEnvironmentMembership", "cloud9:DescribeEC2Remote", "cloud9:DescribeEnvironmentMemberships", "cloud9:DescribeEnvironmentStatus", "cloud9:DescribeEnvironments", "cloud9:DescribeSSHRemote", "cloud9:GetEnvironmentConfig", "cloud9:GetEnvironmentSettings", "cloud9:GetMembershipSettings", "cloud9:GetMigrationExperiences", "cloud9:GetUserPublicKey", "cloud9:GetUserSettings", "cloud9:ListEnvironments", "cloud9:ListTagsForResource", "cloud9:ModifyTemporaryCredentialsOnEnvironmentEC2", "cloud9:TagResource", "cloud9:UntagResource", "cloud9:UpdateEnvironment", "cloud9:UpdateEnvironmentMembership", "cloud9:UpdateEnvironmentSettings", "cloud9:UpdateMembershipSettings", "cloud9:UpdateSSHRemote", "cloud9:UpdateUserSettings", "cloud9:ValidateEnvironmentName", "iam:GetUser", "iam:ListUsers", "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeRouteTables", "iam:CreateServiceLinkedRole", "ssm:StartSession", "ssm:GetConnectionStatus", "ssm:StartSession" ], "malformed": false, "name": "AWSCloud9Administrator", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-10-11T12:59:29+00:00", "version": "v4" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSElasticBeanstalkReadOnly", "createdate": "2021-01-22T19:02:37Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "acm:ListCertificates", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScheduledActions", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResources", "cloudformation:DescribeStacks", "cloudformation:GetTemplate", "cloudformation:ListStackResources", "cloudformation:ListStacks", "cloudformation:ValidateTemplate", "cloudtrail:LookupEvents", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DescribeImages", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstances", "ec2:DescribeInstanceStatus", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshots", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeAvailabilityZones", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "elasticbeanstalk:CheckDNSAvailability", "elasticbeanstalk:DescribeAccountAttributes", "elasticbeanstalk:DescribeApplicationVersions", "elasticbeanstalk:DescribeApplications", "elasticbeanstalk:DescribeConfigurationOptions", "elasticbeanstalk:DescribeConfigurationSettings", "elasticbeanstalk:DescribeEnvironmentHealth", "elasticbeanstalk:DescribeEnvironmentManagedActionHistory", "elasticbeanstalk:DescribeEnvironmentManagedActions", "elasticbeanstalk:DescribeEnvironmentResources", "elasticbeanstalk:DescribeEnvironments", "elasticbeanstalk:DescribeEvents", "elasticbeanstalk:DescribeInstancesHealth", "elasticbeanstalk:DescribePlatformVersion", "elasticbeanstalk:ListAvailableSolutionStacks", "elasticbeanstalk:ListPlatformBranches", "elasticbeanstalk:ListPlatformVersions", "elasticbeanstalk:ListTagsForResource", "elasticbeanstalk:RequestEnvironmentInfo", "elasticbeanstalk:RetrieveEnvironmentInfo", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "iam:GetRole", "iam:ListAttachedRolePolicies", "iam:ListInstanceProfiles", "iam:ListRolePolicies", "iam:ListRoles", "iam:ListServerCertificates", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstances", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribeDBSnapshots", "s3:ListAllMyBuckets", "sns:ListSubscriptionsByTopic", "sns:ListTopics", "sqs:ListQueues", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetBucketLocation", "s3:GetBucketPolicy", "s3:ListBucket" ], "malformed": false, "name": "AWSElasticBeanstalkReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-01-22T19:02:37+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AlexaForBusinessGatewayExecution", "createdate": "2017-11-30T16:47:19Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "a4b:SendAnnouncement", "a4b:SendInvitation", "a4b:GetAddressBook", "a4b:GetConferencePreference", "a4b:GetConferenceProvider", "a4b:GetContact", "a4b:GetDevice", "a4b:GetGateway", "a4b:GetGatewayGroup", "a4b:GetInvitationConfiguration", "a4b:GetNetworkProfile", "a4b:GetProfile", "a4b:GetRoom", "a4b:GetRoomSkillParameter", "a4b:GetSkillGroup", "sqs:ReceiveMessage", "sqs:DeleteMessage", "a4b:ListBusinessReportSchedules", "a4b:ListConferenceProviders", "a4b:ListDeviceEvents", "a4b:ListGatewayGroups", "a4b:ListGateways", "a4b:ListSkills", "a4b:ListSkillsStoreCategories", "a4b:ListSkillsStoreSkillsByCategory", "a4b:ListSmartHomeAppliances", "a4b:ListTags", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DescribeLogGroups", "logs:PutLogEvents" ], "malformed": false, "name": "AlexaForBusinessGatewayExecution", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-11-30T16:47:19+00:00", "version": "v1" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerPartnerServiceCatalogProductsCloudFormationServiceRolePolicy", "createdate": "2023-08-01T15:06:46Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "iam:PassRole", "iam:PassRole", "lambda:DeleteFunction", "lambda:UpdateFunctionCode", "lambda:ListTags", "lambda:InvokeFunction", "lambda:CreateFunction", "lambda:TagResource", "lambda:PublishLayerVersion", "lambda:GetLayerVersion", "lambda:DeleteLayerVersion", "lambda:GetFunction", "apigateway:GET", "apigateway:DELETE", "apigateway:PATCH", "apigateway:POST", "apigateway:PUT", "apigateway:POST", "apigateway:PUT", "s3:GetObject" ], "malformed": false, "name": "AmazonSageMakerPartnerServiceCatalogProductsCloudFormationServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-08-01T15:06:46+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": null, "createdate": "2018-11-26T05:28:10Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "s3:GetObject", "robomaker:BatchDeleteWorlds", "robomaker:BatchDescribeSimulationJob", "robomaker:CancelDeploymentJob", "robomaker:CancelSimulationJob", "robomaker:CancelSimulationJobBatch", "robomaker:CancelWorldExportJob", "robomaker:CancelWorldGenerationJob", "robomaker:CreateDeploymentJob", "robomaker:CreateFleet", "robomaker:CreateRobot", "robomaker:CreateRobotApplication", "robomaker:CreateRobotApplicationVersion", "robomaker:CreateSimulationApplication", "robomaker:CreateSimulationApplicationVersion", "robomaker:CreateSimulationJob", "robomaker:CreateWorldExportJob", "robomaker:CreateWorldGenerationJob", "robomaker:CreateWorldTemplate", "robomaker:DeleteFleet", "robomaker:DeleteRobot", "robomaker:DeleteRobotApplication", "robomaker:DeleteSimulationApplication", "robomaker:DeleteWorldTemplate", "robomaker:DeregisterRobot", "robomaker:DescribeDeploymentJob", "robomaker:DescribeFleet", "robomaker:DescribeRobot", "robomaker:DescribeRobotApplication", "robomaker:DescribeSimulationApplication", "robomaker:DescribeSimulationJob", "robomaker:DescribeSimulationJobBatch", "robomaker:DescribeWorld", "robomaker:DescribeWorldExportJob", "robomaker:DescribeWorldGenerationJob", "robomaker:DescribeWorldTemplate", "robomaker:GetWorldTemplateBody", "robomaker:ListDeploymentJobs", "robomaker:ListFleets", "robomaker:ListRobotApplications", "robomaker:ListRobots", "robomaker:ListSimulationApplications", "robomaker:ListSimulationJobBatches", "robomaker:ListSimulationJobs", "robomaker:ListSupportedAvailabilityZones", "robomaker:ListTagsForResource", "robomaker:ListWorldExportJobs", "robomaker:ListWorldGenerationJobs", "robomaker:ListWorldTemplates", "robomaker:ListWorlds", "robomaker:RegisterRobot", "robomaker:RestartSimulationJob", "robomaker:StartSimulationJobBatch", "robomaker:SyncDeploymentJob", "robomaker:TagResource", "robomaker:UntagResource", "robomaker:UpdateRobotApplication", "robomaker:UpdateRobotDeployment", "robomaker:UpdateSimulationApplication", "robomaker:UpdateWorldTemplate", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSRoboMakerFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSDMSServerlessServiceRolePolicy", "createdate": "2023-05-18T20:28:05Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "dms:CreateReplicationInstance", "dms:CreateReplicationTask", "dms:DescribeReplicationInstances", "dms:DescribeReplicationTasks", "dms:StartReplicationTask", "dms:StopReplicationTask", "dms:DeleteReplicationTask", "dms:DeleteReplicationInstance", "dms:TestConnection", "dms:DeleteConnection" ], "malformed": false, "name": "AWSDMSServerlessServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-05-18T20:28:05+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSServiceCatalogAdminReadOnlyAccess", "createdate": "2019-10-25T18:53:38Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudformation:DescribeStackEvents", "cloudformation:DescribeStacks", "cloudformation:DescribeChangeSet", "cloudformation:ListChangeSets", "cloudformation:ListStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackSetOperation", "cloudformation:ListStackInstances", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSetOperationResults", "cloudformation:GetTemplateSummary", "iam:GetGroup", "iam:GetRole", "iam:GetUser", "iam:ListGroups", "iam:ListRoles", "iam:ListUsers", "servicecatalog:GetAWSOrganizationsAccessStatus", "servicecatalog:GetApplication", "servicecatalog:GetAssociatedResource", "servicecatalog:GetAttributeGroup", "servicecatalog:GetConfiguration", "servicecatalog:GetProvisionedProductOutputs", "servicecatalog:ListAcceptedPortfolioShares", "servicecatalog:ListApplications", "servicecatalog:ListAssociatedAttributeGroups", "servicecatalog:ListAssociatedResources", "servicecatalog:ListAttributeGroups", "servicecatalog:ListAttributeGroupsForApplication", "servicecatalog:ListBudgetsForResource", "servicecatalog:ListConstraintsForPortfolio", "servicecatalog:ListLaunchPaths", "servicecatalog:ListOrganizationPortfolioAccess", "servicecatalog:ListPortfolioAccess", "servicecatalog:ListPortfolios", "servicecatalog:ListPortfoliosForProduct", "servicecatalog:ListPrincipalsForPortfolio", "servicecatalog:ListProvisionedProductPlans", "servicecatalog:ListProvisioningArtifacts", "servicecatalog:ListProvisioningArtifactsForServiceAction", "servicecatalog:ListRecordHistory", "servicecatalog:ListResourcesForTagOption", "servicecatalog:ListServiceActions", "servicecatalog:ListServiceActionsForProvisioningArtifact", "servicecatalog:ListStackInstancesForProvisionedProduct", "servicecatalog:ListTagOptions", "servicecatalog:ListTagsForResource", "servicecatalog:DescribeConstraint", "servicecatalog:DescribeCopyProductStatus", "servicecatalog:DescribePortfolio", "servicecatalog:DescribePortfolioShareStatus", "servicecatalog:DescribePortfolioShares", "servicecatalog:DescribeProduct", "servicecatalog:DescribeProductAsAdmin", "servicecatalog:DescribeProductView", "servicecatalog:DescribeProvisionedProduct", "servicecatalog:DescribeProvisionedProductPlan", "servicecatalog:DescribeProvisioningArtifact", "servicecatalog:DescribeProvisioningParameters", "servicecatalog:DescribeRecord", "servicecatalog:DescribeServiceAction", "servicecatalog:DescribeServiceActionExecutionParameters", "servicecatalog:DescribeTagOption", "servicecatalog:ScanProvisionedProducts", "servicecatalog:SearchProducts", "servicecatalog:SearchProductsAsAdmin", "servicecatalog:SearchProvisionedProducts", "ssm:DescribeDocument", "ssm:GetAutomationExecution", "ssm:ListDocuments", "ssm:ListDocumentVersions", "config:DescribeConfigurationRecorders", "config:DescribeConfigurationRecorderStatus" ], "malformed": false, "name": "AWSServiceCatalogAdminReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-10-25T18:53:38+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management", "Unknown" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSCodeStarServiceRole", "createdate": "2021-09-20T19:11:03Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "events:PutTargets", "events:RemoveTargets", "events:PutRule", "events:DeleteRule", "events:DescribeRule", "cloudformation:CancelUpdateStack", "cloudformation:CreateStack", "cloudformation:CreateStackInstances", "cloudformation:CreateStackSet", "cloudformation:DeleteStack", "cloudformation:DeleteStackInstances", "cloudformation:DeleteStackSet", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:DetectStackDrift", "cloudformation:DetectStackResourceDrift", "cloudformation:DetectStackSetDrift", "cloudformation:GetStackPolicy", "cloudformation:ImportStacksToStackSet", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:RollbackStack", "cloudformation:SetStackPolicy", "cloudformation:StopStackSetOperation", "cloudformation:UpdateStack", "cloudformation:UpdateStackInstances", "cloudformation:UpdateStackSet", "cloudformation:CreateChangeSet", "cloudformation:ExecuteChangeSet", "cloudformation:DeleteChangeSet", "cloudformation:GetTemplate", "cloudformation:GetTemplateSummary", "cloudformation:DescribeChangeSet", "s3:GetObject", "s3:AbortMultipartUpload", "s3:AssociateAccessGrantsIdentityCenter", "s3:BypassGovernanceRetention", "s3:CreateAccessGrant", "s3:CreateAccessGrantsInstance", "s3:CreateAccessGrantsLocation", "s3:CreateAccessPoint", "s3:CreateAccessPointForObjectLambda", "s3:CreateBucket", "s3:CreateJob", "s3:CreateMultiRegionAccessPoint", "s3:CreateStorageLensGroup", "s3:DeleteAccessGrant", "s3:DeleteAccessGrantsInstance", "s3:DeleteAccessGrantsInstanceResourcePolicy", "s3:DeleteAccessGrantsLocation", "s3:DeleteAccessPoint", "s3:DeleteAccessPointForObjectLambda", "s3:DeleteAccessPointPolicy", "s3:DeleteAccessPointPolicyForObjectLambda", "s3:DeleteBucket", "s3:DeleteBucketPolicy", "s3:DeleteBucketWebsite", "s3:DeleteIntelligentTieringConfiguration", "s3:DeleteJobTagging", "s3:DeleteMultiRegionAccessPoint", "s3:DeleteObject", "s3:DeleteObjectTagging", "s3:DeleteObjectVersion", "s3:DeleteObjectVersionTagging", "s3:DeleteStorageLensConfiguration", "s3:DeleteStorageLensConfigurationTagging", "s3:DeleteStorageLensGroup", "s3:DescribeJob", "s3:DescribeMultiRegionAccessPointOperation", "s3:DissociateAccessGrantsIdentityCenter", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:InitiateReplication", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:ObjectOwnerOverrideToBucketOwner", "s3:PutAccelerateConfiguration", "s3:PutAccessGrantsInstanceResourcePolicy", "s3:PutAccessPointConfigurationForObjectLambda", "s3:PutAccessPointPolicy", "s3:PutAccessPointPolicyForObjectLambda", "s3:PutAccessPointPublicAccessBlock", "s3:PutAccountPublicAccessBlock", "s3:PutAnalyticsConfiguration", "s3:PutBucketAcl", "s3:PutBucketCORS", "s3:PutBucketLogging", "s3:PutBucketNotification", "s3:PutBucketObjectLockConfiguration", "s3:PutBucketOwnershipControls", "s3:PutBucketPolicy", "s3:PutBucketPublicAccessBlock", "s3:PutBucketRequestPayment", "s3:PutBucketTagging", "s3:PutBucketVersioning", "s3:PutBucketWebsite", "s3:PutEncryptionConfiguration", "s3:PutIntelligentTieringConfiguration", "s3:PutInventoryConfiguration", "s3:PutJobTagging", "s3:PutLifecycleConfiguration", "s3:PutMetricsConfiguration", "s3:PutMultiRegionAccessPointPolicy", "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionAcl", "s3:PutObjectVersionTagging", "s3:PutReplicationConfiguration", "s3:PutStorageLensConfiguration", "s3:PutStorageLensConfigurationTagging", "s3:ReplicateDelete", "s3:ReplicateObject", "s3:ReplicateTags", "s3:RestoreObject", "s3:SubmitMultiRegionAccessPointRoutes", "s3:TagResource", "s3:UntagResource", "s3:UpdateAccessGrantsLocation", "s3:UpdateJobPriority", "s3:UpdateJobStatus", "s3:UpdateStorageLensGroup", "codestar:AssociateTeamMember", "codestar:CreateProject", "codestar:CreateUserProfile", "codestar:DeleteExtendedAccess", "codestar:DeleteProject", "codestar:DeleteUserProfile", "codestar:DescribeProject", "codestar:DescribeUserProfile", "codestar:DisassociateTeamMember", "codestar:GetExtendedAccess", "codestar:ListProjects", "codestar:ListResources", "codestar:ListTagsForProject", "codestar:ListTeamMembers", "codestar:ListUserProfiles", "codestar:PutExtendedAccess", "codestar:TagProject", "codestar:UntagProject", "codestar:UpdateProject", "codestar:UpdateTeamMember", "codestar:UpdateUserProfile", "codestar:VerifyServiceRole", "codecommit:AssociateApprovalRuleTemplateWithRepository", "codecommit:BatchAssociateApprovalRuleTemplateWithRepositories", "codecommit:BatchDescribeMergeConflicts", "codecommit:BatchDisassociateApprovalRuleTemplateFromRepositories", "codecommit:BatchGetCommits", "codecommit:BatchGetPullRequests", "codecommit:BatchGetRepositories", "codecommit:CancelUploadArchive", "codecommit:CreateApprovalRuleTemplate", "codecommit:CreateBranch", "codecommit:CreateCommit", "codecommit:CreatePullRequest", "codecommit:CreatePullRequestApprovalRule", "codecommit:CreateRepository", "codecommit:CreateUnreferencedMergeCommit", "codecommit:DeleteApprovalRuleTemplate", "codecommit:DeleteBranch", "codecommit:DeleteCommentContent", "codecommit:DeleteFile", "codecommit:DeletePullRequestApprovalRule", "codecommit:DeleteRepository", "codecommit:DescribeMergeConflicts", "codecommit:DescribePullRequestEvents", "codecommit:DisassociateApprovalRuleTemplateFromRepository", "codecommit:EvaluatePullRequestApprovalRules", "codecommit:GetApprovalRuleTemplate", "codecommit:GetBlob", "codecommit:GetBranch", "codecommit:GetComment", "codecommit:GetCommentReactions", "codecommit:GetCommentsForComparedCommit", "codecommit:GetCommentsForPullRequest", "codecommit:GetCommit", "codecommit:GetCommitHistory", "codecommit:GetCommitsFromMergeBase", "codecommit:GetDifferences", "codecommit:GetFile", "codecommit:GetFolder", "codecommit:GetMergeCommit", "codecommit:GetMergeConflicts", "codecommit:GetMergeOptions", "codecommit:GetObjectIdentifier", "codecommit:GetPullRequest", "codecommit:GetPullRequestApprovalStates", "codecommit:GetPullRequestOverrideState", "codecommit:GetReferences", "codecommit:GetRepository", "codecommit:GetRepositoryTriggers", "codecommit:GetTree", "codecommit:GetUploadArchiveStatus", "codecommit:GitPull", "codecommit:GitPush", "codecommit:ListApprovalRuleTemplates", "codecommit:ListAssociatedApprovalRuleTemplatesForRepository", "codecommit:ListBranches", "codecommit:ListFileCommitHistory", "codecommit:ListPullRequests", "codecommit:ListRepositories", "codecommit:ListRepositoriesForApprovalRuleTemplate", "codecommit:ListTagsForResource", "codecommit:MergeBranchesByFastForward", "codecommit:MergeBranchesBySquash", "codecommit:MergeBranchesByThreeWay", "codecommit:MergePullRequestByFastForward", "codecommit:MergePullRequestBySquash", "codecommit:MergePullRequestByThreeWay", "codecommit:OverridePullRequestApprovalRules", "codecommit:PostCommentForComparedCommit", "codecommit:PostCommentForPullRequest", "codecommit:PostCommentReply", "codecommit:PutCommentReaction", "codecommit:PutFile", "codecommit:PutRepositoryTriggers", "codecommit:TagResource", "codecommit:TestRepositoryTriggers", "codecommit:UntagResource", "codecommit:UpdateApprovalRuleTemplateContent", "codecommit:UpdateApprovalRuleTemplateDescription", "codecommit:UpdateApprovalRuleTemplateName", "codecommit:UpdateComment", "codecommit:UpdateDefaultBranch", "codecommit:UpdatePullRequestApprovalRuleContent", "codecommit:UpdatePullRequestApprovalState", "codecommit:UpdatePullRequestDescription", "codecommit:UpdatePullRequestStatus", "codecommit:UpdatePullRequestTitle", "codecommit:UpdateRepositoryDescription", "codecommit:UpdateRepositoryEncryptionKey", "codecommit:UpdateRepositoryName", "codecommit:UploadArchive", "codepipeline:AcknowledgeJob", "codepipeline:AcknowledgeThirdPartyJob", "codepipeline:CreateCustomActionType", "codepipeline:CreatePipeline", "codepipeline:DeleteCustomActionType", "codepipeline:DeletePipeline", "codepipeline:DeleteWebhook", "codepipeline:DeregisterWebhookWithThirdParty", "codepipeline:DisableStageTransition", "codepipeline:EnableStageTransition", "codepipeline:GetActionType", "codepipeline:GetJobDetails", "codepipeline:GetPipeline", "codepipeline:GetPipelineExecution", "codepipeline:GetPipelineState", "codepipeline:GetThirdPartyJobDetails", "codepipeline:ListActionExecutions", "codepipeline:ListActionTypes", "codepipeline:ListPipelineExecutions", "codepipeline:ListPipelines", "codepipeline:ListTagsForResource", "codepipeline:ListWebhooks", "codepipeline:PollForJobs", "codepipeline:PollForThirdPartyJobs", "codepipeline:PutActionRevision", "codepipeline:PutApprovalResult", "codepipeline:PutJobFailureResult", "codepipeline:PutJobSuccessResult", "codepipeline:PutThirdPartyJobFailureResult", "codepipeline:PutThirdPartyJobSuccessResult", "codepipeline:PutWebhook", "codepipeline:RegisterWebhookWithThirdParty", "codepipeline:RetryStageExecution", "codepipeline:StartPipelineExecution", "codepipeline:StopPipelineExecution", "codepipeline:TagResource", "codepipeline:UntagResource", "codepipeline:UpdateActionType", "codepipeline:UpdatePipeline", "codedeploy:AddTagsToOnPremisesInstances", "codedeploy:BatchGetApplicationRevisions", "codedeploy:BatchGetApplications", "codedeploy:BatchGetDeploymentGroups", "codedeploy:BatchGetDeploymentInstances", "codedeploy:BatchGetDeploymentTargets", "codedeploy:BatchGetDeployments", "codedeploy:BatchGetOnPremisesInstances", "codedeploy:ContinueDeployment", "codedeploy:CreateApplication", "codedeploy:CreateCloudFormationDeployment", "codedeploy:CreateDeployment", "codedeploy:CreateDeploymentConfig", "codedeploy:CreateDeploymentGroup", "codedeploy:DeleteApplication", "codedeploy:DeleteDeploymentConfig", "codedeploy:DeleteDeploymentGroup", "codedeploy:DeleteGitHubAccountToken", "codedeploy:DeleteResourcesByExternalId", "codedeploy:DeregisterOnPremisesInstance", "codedeploy:GetApplication", "codedeploy:GetApplicationRevision", "codedeploy:GetDeployment", "codedeploy:GetDeploymentConfig", "codedeploy:GetDeploymentGroup", "codedeploy:GetDeploymentInstance", "codedeploy:GetDeploymentTarget", "codedeploy:GetOnPremisesInstance", "codedeploy:ListApplicationRevisions", "codedeploy:ListApplications", "codedeploy:ListDeploymentConfigs", "codedeploy:ListDeploymentGroups", "codedeploy:ListDeploymentInstances", "codedeploy:ListDeploymentTargets", "codedeploy:ListDeployments", "codedeploy:ListGitHubAccountTokenNames", "codedeploy:ListOnPremisesInstances", "codedeploy:ListTagsForResource", "codedeploy:PutLifecycleEventHookExecutionStatus", "codedeploy:RegisterApplicationRevision", "codedeploy:RegisterOnPremisesInstance", "codedeploy:RemoveTagsFromOnPremisesInstances", "codedeploy:SkipWaitTimeForInstanceTermination", "codedeploy:StopDeployment", "codedeploy:TagResource", "codedeploy:UntagResource", "codedeploy:UpdateApplication", "codedeploy:UpdateDeploymentGroup", "codebuild:BatchDeleteBuilds", "codebuild:BatchGetBuildBatches", "codebuild:BatchGetBuilds", "codebuild:BatchGetFleets", "codebuild:BatchGetProjects", "codebuild:BatchGetReportGroups", "codebuild:BatchGetReports", "codebuild:BatchPutCodeCoverages", "codebuild:BatchPutTestCases", "codebuild:CreateFleet", "codebuild:CreateProject", "codebuild:CreateReport", "codebuild:CreateReportGroup", "codebuild:CreateWebhook", "codebuild:DeleteBuildBatch", "codebuild:DeleteFleet", "codebuild:DeleteOAuthToken", "codebuild:DeleteProject", "codebuild:DeleteReport", "codebuild:DeleteReportGroup", "codebuild:DeleteResourcePolicy", "codebuild:DeleteSourceCredentials", "codebuild:DeleteWebhook", "codebuild:DescribeCodeCoverages", "codebuild:DescribeTestCases", "codebuild:GetReportGroupTrend", "codebuild:GetResourcePolicy", "codebuild:ImportSourceCredentials", "codebuild:InvalidateProjectCache", "codebuild:ListBuildBatches", "codebuild:ListBuildBatchesForProject", "codebuild:ListBuilds", "codebuild:ListBuildsForProject", "codebuild:ListConnectedOAuthAccounts", "codebuild:ListCuratedEnvironmentImages", "codebuild:ListFleets", "codebuild:ListProjects", "codebuild:ListReportGroups", "codebuild:ListReports", "codebuild:ListReportsForReportGroup", "codebuild:ListRepositories", "codebuild:ListSharedProjects", "codebuild:ListSharedReportGroups", "codebuild:ListSourceCredentials", "codebuild:PersistOAuthToken", "codebuild:PutResourcePolicy", "codebuild:RetryBuild", "codebuild:RetryBuildBatch", "codebuild:StartBuild", "codebuild:StartBuildBatch", "codebuild:StopBuild", "codebuild:StopBuildBatch", "codebuild:UpdateFleet", "codebuild:UpdateProject", "codebuild:UpdateProjectVisibility", "codebuild:UpdateReport", "codebuild:UpdateReportGroup", "codebuild:UpdateWebhook", "autoscaling:AttachInstances", "autoscaling:AttachLoadBalancerTargetGroups", "autoscaling:AttachLoadBalancers", "autoscaling:AttachTrafficSources", "autoscaling:BatchDeleteScheduledAction", "autoscaling:BatchPutScheduledUpdateGroupAction", "autoscaling:CancelInstanceRefresh", "autoscaling:CompleteLifecycleAction", "autoscaling:CreateAutoScalingGroup", "autoscaling:CreateLaunchConfiguration", "autoscaling:CreateOrUpdateTags", "autoscaling:DeleteAutoScalingGroup", "autoscaling:DeleteLaunchConfiguration", "autoscaling:DeleteLifecycleHook", "autoscaling:DeleteNotificationConfiguration", "autoscaling:DeletePolicy", "autoscaling:DeleteScheduledAction", "autoscaling:DeleteTags", "autoscaling:DeleteWarmPool", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "autoscaling:DetachInstances", "autoscaling:DetachLoadBalancerTargetGroups", "autoscaling:DetachLoadBalancers", "autoscaling:DetachTrafficSources", "autoscaling:DisableMetricsCollection", "autoscaling:EnableMetricsCollection", "autoscaling:EnterStandby", "autoscaling:ExecutePolicy", "autoscaling:ExitStandby", "autoscaling:GetPredictiveScalingForecast", "autoscaling:PutLifecycleHook", "autoscaling:PutNotificationConfiguration", "autoscaling:PutScalingPolicy", "autoscaling:PutScheduledUpdateGroupAction", "autoscaling:PutWarmPool", "autoscaling:RecordLifecycleActionHeartbeat", "autoscaling:ResumeProcesses", "autoscaling:RollbackInstanceRefresh", "autoscaling:SetDesiredCapacity", "autoscaling:SetInstanceHealth", "autoscaling:SetInstanceProtection", "autoscaling:StartInstanceRefresh", "autoscaling:SuspendProcesses", "autoscaling:TerminateInstanceInAutoScalingGroup", "autoscaling:UpdateAutoScalingGroup", "cloudwatch:PutAnomalyDetector", "cloudwatch:PutCompositeAlarm", "cloudwatch:PutDashboard", "cloudwatch:PutInsightRule", "cloudwatch:PutManagedInsightRules", "cloudwatch:PutMetricAlarm", "cloudwatch:PutMetricData", "cloudwatch:PutMetricStream", "ec2:AcceptAddressTransfer", "ec2:AcceptReservedInstancesExchangeQuote", "ec2:AcceptTransitGatewayMulticastDomainAssociations", "ec2:AcceptTransitGatewayPeeringAttachment", "ec2:AcceptTransitGatewayVpcAttachment", "ec2:AcceptVpcEndpointConnections", "ec2:AcceptVpcPeeringConnection", "ec2:AdvertiseByoipCidr", "ec2:AllocateAddress", "ec2:AllocateHosts", "ec2:AllocateIpamPoolCidr", "ec2:ApplySecurityGroupsToClientVpnTargetNetwork", "ec2:AssignIpv6Addresses", "ec2:AssignPrivateIpAddresses", "ec2:AssignPrivateNatGatewayAddress", "ec2:AssociateAddress", "ec2:AssociateClientVpnTargetNetwork", "ec2:AssociateDhcpOptions", "ec2:AssociateEnclaveCertificateIamRole", "ec2:AssociateIamInstanceProfile", "ec2:AssociateInstanceEventWindow", "ec2:AssociateIpamByoasn", "ec2:AssociateIpamResourceDiscovery", "ec2:AssociateNatGatewayAddress", "ec2:AssociateRouteTable", "ec2:AssociateSubnetCidrBlock", "ec2:AssociateTransitGatewayMulticastDomain", "ec2:AssociateTransitGatewayPolicyTable", "ec2:AssociateTransitGatewayRouteTable", "ec2:AssociateTrunkInterface", "ec2:AssociateVerifiedAccessInstanceWebAcl", "ec2:AssociateVpcCidrBlock", "ec2:AttachClassicLinkVpc", "ec2:AttachInternetGateway", "ec2:AttachNetworkInterface", "ec2:AttachVerifiedAccessTrustProvider", "ec2:AttachVolume", "ec2:AttachVpnGateway", "ec2:AuthorizeClientVpnIngress", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:BundleInstance", "ec2:CancelBundleTask", "ec2:CancelCapacityReservation", "ec2:CancelCapacityReservationFleets", "ec2:CancelConversionTask", "ec2:CancelExportTask", "ec2:CancelImageLaunchPermission", "ec2:CancelImportTask", "ec2:CancelReservedInstancesListing", "ec2:CancelSpotFleetRequests", "ec2:CancelSpotInstanceRequests", "ec2:ConfirmProductInstance", "ec2:CopyFpgaImage", "ec2:CopyImage", "ec2:CopySnapshot", "ec2:CreateCapacityReservation", "ec2:CreateCapacityReservationFleet", "ec2:CreateCarrierGateway", "ec2:CreateClientVpnEndpoint", "ec2:CreateClientVpnRoute", "ec2:CreateCoipCidr", "ec2:CreateCoipPool", "ec2:CreateCoipPoolPermission", "ec2:CreateCustomerGateway", "ec2:CreateDefaultSubnet", "ec2:CreateDefaultVpc", "ec2:CreateDhcpOptions", "ec2:CreateEgressOnlyInternetGateway", "ec2:CreateFleet", "ec2:CreateFlowLogs", "ec2:CreateFpgaImage", "ec2:CreateImage", "ec2:CreateInstanceConnectEndpoint", "ec2:CreateInstanceEventWindow", "ec2:CreateInstanceExportTask", "ec2:CreateInternetGateway", "ec2:CreateIpam", "ec2:CreateIpamPool", "ec2:CreateIpamResourceDiscovery", "ec2:CreateIpamScope", "ec2:CreateKeyPair", "ec2:CreateLaunchTemplate", "ec2:CreateLaunchTemplateVersion", "ec2:CreateLocalGatewayRoute", "ec2:CreateLocalGatewayRouteTable", "ec2:CreateLocalGatewayRouteTablePermission", "ec2:CreateLocalGatewayRouteTableVirtualInterfaceGroupAssociation", "ec2:CreateLocalGatewayRouteTableVpcAssociation", "ec2:CreateManagedPrefixList", "ec2:CreateNatGateway", "ec2:CreateNetworkAcl", "ec2:CreateNetworkAclEntry", "ec2:CreateNetworkInsightsAccessScope", "ec2:CreateNetworkInsightsPath", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:CreatePlacementGroup", "ec2:CreatePublicIpv4Pool", "ec2:CreateReplaceRootVolumeTask", "ec2:CreateReservedInstancesListing", "ec2:CreateRestoreImageTask", "ec2:CreateRoute", "ec2:CreateRouteTable", "ec2:CreateSecurityGroup", "ec2:CreateSnapshot", "ec2:CreateSnapshots", "ec2:CreateSpotDatafeedSubscription", "ec2:CreateStoreImageTask", "ec2:CreateSubnet", "ec2:CreateSubnetCidrReservation", "ec2:CreateTags", "ec2:CreateTrafficMirrorFilter", "ec2:CreateTrafficMirrorFilterRule", "ec2:CreateTrafficMirrorSession", "ec2:CreateTrafficMirrorTarget", "ec2:CreateTransitGateway", "ec2:CreateTransitGatewayConnect", "ec2:CreateTransitGatewayConnectPeer", "ec2:CreateTransitGatewayMulticastDomain", "ec2:CreateTransitGatewayPeeringAttachment", "ec2:CreateTransitGatewayPolicyTable", "ec2:CreateTransitGatewayPrefixListReference", "ec2:CreateTransitGatewayRoute", "ec2:CreateTransitGatewayRouteTable", "ec2:CreateTransitGatewayRouteTableAnnouncement", "ec2:CreateTransitGatewayVpcAttachment", "ec2:CreateVerifiedAccessEndpoint", "ec2:CreateVerifiedAccessGroup", "ec2:CreateVerifiedAccessInstance", "ec2:CreateVerifiedAccessTrustProvider", "ec2:CreateVolume", "ec2:CreateVpc", "ec2:CreateVpcEndpoint", "ec2:CreateVpcEndpointConnectionNotification", "ec2:CreateVpcEndpointServiceConfiguration", "ec2:CreateVpcPeeringConnection", "ec2:CreateVpnConnection", "ec2:CreateVpnConnectionRoute", "ec2:CreateVpnGateway", "ec2:DeleteCarrierGateway", "ec2:DeleteClientVpnEndpoint", "ec2:DeleteClientVpnRoute", "ec2:DeleteCoipCidr", "ec2:DeleteCoipPool", "ec2:DeleteCoipPoolPermission", "ec2:DeleteCustomerGateway", "ec2:DeleteDhcpOptions", "ec2:DeleteEgressOnlyInternetGateway", "ec2:DeleteFleets", "ec2:DeleteFlowLogs", "ec2:DeleteFpgaImage", "ec2:DeleteInstanceConnectEndpoint", "ec2:DeleteInstanceEventWindow", "ec2:DeleteInternetGateway", "ec2:DeleteIpam", "ec2:DeleteIpamPool", "ec2:DeleteIpamResourceDiscovery", "ec2:DeleteIpamScope", "ec2:DeleteKeyPair", "ec2:DeleteLaunchTemplate", "ec2:DeleteLaunchTemplateVersions", "ec2:DeleteLocalGatewayRoute", "ec2:DeleteLocalGatewayRouteTable", "ec2:DeleteLocalGatewayRouteTablePermission", "ec2:DeleteLocalGatewayRouteTableVirtualInterfaceGroupAssociation", "ec2:DeleteLocalGatewayRouteTableVpcAssociation", "ec2:DeleteManagedPrefixList", "ec2:DeleteNatGateway", "ec2:DeleteNetworkAcl", "ec2:DeleteNetworkAclEntry", "ec2:DeleteNetworkInsightsAccessScope", "ec2:DeleteNetworkInsightsAccessScopeAnalysis", "ec2:DeleteNetworkInsightsAnalysis", "ec2:DeleteNetworkInsightsPath", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DeletePlacementGroup", "ec2:DeletePublicIpv4Pool", "ec2:DeleteQueuedReservedInstances", "ec2:DeleteResourcePolicy", "ec2:DeleteRoute", "ec2:DeleteRouteTable", "ec2:DeleteSecurityGroup", "ec2:DeleteSnapshot", "ec2:DeleteSpotDatafeedSubscription", "ec2:DeleteSubnet", "ec2:DeleteSubnetCidrReservation", "ec2:DeleteTags", "ec2:DeleteTrafficMirrorFilter", "ec2:DeleteTrafficMirrorFilterRule", "ec2:DeleteTrafficMirrorSession", "ec2:DeleteTrafficMirrorTarget", "ec2:DeleteTransitGateway", "ec2:DeleteTransitGatewayConnect", "ec2:DeleteTransitGatewayConnectPeer", "ec2:DeleteTransitGatewayMulticastDomain", "ec2:DeleteTransitGatewayPeeringAttachment", "ec2:DeleteTransitGatewayPolicyTable", "ec2:DeleteTransitGatewayPrefixListReference", "ec2:DeleteTransitGatewayRoute", "ec2:DeleteTransitGatewayRouteTable", "ec2:DeleteTransitGatewayRouteTableAnnouncement", "ec2:DeleteTransitGatewayVpcAttachment", "ec2:DeleteVerifiedAccessEndpoint", "ec2:DeleteVerifiedAccessGroup", "ec2:DeleteVerifiedAccessInstance", "ec2:DeleteVerifiedAccessTrustProvider", "ec2:DeleteVolume", "ec2:DeleteVpc", "ec2:DeleteVpcEndpointConnectionNotifications", "ec2:DeleteVpcEndpointServiceConfigurations", "ec2:DeleteVpcEndpoints", "ec2:DeleteVpcPeeringConnection", "ec2:DeleteVpnConnection", "ec2:DeleteVpnConnectionRoute", "ec2:DeleteVpnGateway", "ec2:DeprovisionByoipCidr", "ec2:DeprovisionIpamByoasn", "ec2:DeprovisionIpamPoolCidr", "ec2:DeprovisionPublicIpv4PoolCidr", "ec2:DeregisterImage", "ec2:DeregisterInstanceEventNotificationAttributes", "ec2:DeregisterTransitGatewayMulticastGroupMembers", "ec2:DeregisterTransitGatewayMulticastGroupSources", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:DetachClassicLinkVpc", "ec2:DetachInternetGateway", "ec2:DetachNetworkInterface", "ec2:DetachVerifiedAccessTrustProvider", "ec2:DetachVolume", "ec2:DetachVpnGateway", "ec2:DisableAddressTransfer", "ec2:DisableAwsNetworkPerformanceMetricSubscription", "ec2:DisableEbsEncryptionByDefault", "ec2:DisableFastLaunch", "ec2:DisableFastSnapshotRestores", "ec2:DisableImage", "ec2:DisableImageBlockPublicAccess", "ec2:DisableImageDeprecation", "ec2:DisableIpamOrganizationAdminAccount", "ec2:DisableSerialConsoleAccess", "ec2:DisableSnapshotBlockPublicAccess", "ec2:DisableTransitGatewayRouteTablePropagation", "ec2:DisableVgwRoutePropagation", "ec2:DisableVpcClassicLink", "ec2:DisableVpcClassicLinkDnsSupport", "ec2:DisassociateAddress", "ec2:DisassociateClientVpnTargetNetwork", "ec2:DisassociateEnclaveCertificateIamRole", "ec2:DisassociateIamInstanceProfile", "ec2:DisassociateInstanceEventWindow", "ec2:DisassociateIpamByoasn", "ec2:DisassociateIpamResourceDiscovery", "ec2:DisassociateNatGatewayAddress", "ec2:DisassociateRouteTable", "ec2:DisassociateSubnetCidrBlock", "ec2:DisassociateTransitGatewayMulticastDomain", "ec2:DisassociateTransitGatewayPolicyTable", "ec2:DisassociateTransitGatewayRouteTable", "ec2:DisassociateTrunkInterface", "ec2:DisassociateVerifiedAccessInstanceWebAcl", "ec2:DisassociateVpcCidrBlock", "ec2:EnableAddressTransfer", "ec2:EnableAwsNetworkPerformanceMetricSubscription", "ec2:EnableEbsEncryptionByDefault", "ec2:EnableFastLaunch", "ec2:EnableFastSnapshotRestores", "ec2:EnableImage", "ec2:EnableImageBlockPublicAccess", "ec2:EnableImageDeprecation", "ec2:EnableIpamOrganizationAdminAccount", "ec2:EnableReachabilityAnalyzerOrganizationSharing", "ec2:EnableSerialConsoleAccess", "ec2:EnableSnapshotBlockPublicAccess", "ec2:EnableTransitGatewayRouteTablePropagation", "ec2:EnableVgwRoutePropagation", "ec2:EnableVolumeIO", "ec2:EnableVpcClassicLink", "ec2:EnableVpcClassicLinkDnsSupport", "ec2:ExportClientVpnClientCertificateRevocationList", "ec2:ExportClientVpnClientConfiguration", "ec2:ExportImage", "ec2:ExportTransitGatewayRoutes", "ec2:GetAssociatedEnclaveCertificateIamRoles", "ec2:GetAssociatedIpv6PoolCidrs", "ec2:GetAwsNetworkPerformanceData", "ec2:GetCapacityReservationUsage", "ec2:GetCoipPoolUsage", "ec2:GetConsoleOutput", "ec2:GetConsoleScreenshot", "ec2:GetDefaultCreditSpecification", "ec2:GetEbsDefaultKmsKeyId", "ec2:GetEbsEncryptionByDefault", "ec2:GetFlowLogsIntegrationTemplate", "ec2:GetGroupsForCapacityReservation", "ec2:GetHostReservationPurchasePreview", "ec2:GetImageBlockPublicAccessState", "ec2:GetInstanceMetadataDefaults", "ec2:GetInstanceTypesFromInstanceRequirements", "ec2:GetInstanceUefiData", "ec2:GetIpamAddressHistory", "ec2:GetIpamDiscoveredAccounts", "ec2:GetIpamDiscoveredPublicAddresses", "ec2:GetIpamDiscoveredResourceCidrs", "ec2:GetIpamPoolAllocations", "ec2:GetIpamPoolCidrs", "ec2:GetIpamResourceCidrs", "ec2:GetLaunchTemplateData", "ec2:GetManagedPrefixListAssociations", "ec2:GetManagedPrefixListEntries", "ec2:GetNetworkInsightsAccessScopeAnalysisFindings", "ec2:GetNetworkInsightsAccessScopeContent", "ec2:GetPasswordData", "ec2:GetReservedInstancesExchangeQuote", "ec2:GetResourcePolicy", "ec2:GetSecurityGroupsForVpc", "ec2:GetSerialConsoleAccessStatus", "ec2:GetSnapshotBlockPublicAccessState", "ec2:GetSpotPlacementScores", "ec2:GetSubnetCidrReservations", "ec2:GetTransitGatewayAttachmentPropagations", "ec2:GetTransitGatewayMulticastDomainAssociations", "ec2:GetTransitGatewayPolicyTableAssociations", "ec2:GetTransitGatewayPolicyTableEntries", "ec2:GetTransitGatewayPrefixListReferences", "ec2:GetTransitGatewayRouteTableAssociations", "ec2:GetTransitGatewayRouteTablePropagations", "ec2:GetVerifiedAccessEndpointPolicy", "ec2:GetVerifiedAccessGroupPolicy", "ec2:GetVerifiedAccessInstanceWebAcl", "ec2:GetVpnConnectionDeviceSampleConfiguration", "ec2:GetVpnConnectionDeviceTypes", "ec2:GetVpnTunnelReplacementStatus", "ec2:ImportByoipCidrToIpam", "ec2:ImportClientVpnClientCertificateRevocationList", "ec2:ImportImage", "ec2:ImportInstance", "ec2:ImportKeyPair", "ec2:ImportSnapshot", "ec2:ImportVolume", "ec2:InjectApiError", "ec2:ListImagesInRecycleBin", "ec2:ListSnapshotsInRecycleBin", "ec2:LockSnapshot", "ec2:ModifyAddressAttribute", "ec2:ModifyAvailabilityZoneGroup", "ec2:ModifyCapacityReservation", "ec2:ModifyCapacityReservationFleet", "ec2:ModifyClientVpnEndpoint", "ec2:ModifyDefaultCreditSpecification", "ec2:ModifyEbsDefaultKmsKeyId", "ec2:ModifyFleet", "ec2:ModifyFpgaImageAttribute", "ec2:ModifyHosts", "ec2:ModifyIdFormat", "ec2:ModifyIdentityIdFormat", "ec2:ModifyImageAttribute", "ec2:ModifyInstanceAttribute", "ec2:ModifyInstanceCapacityReservationAttributes", "ec2:ModifyInstanceCreditSpecification", "ec2:ModifyInstanceEventStartTime", "ec2:ModifyInstanceEventWindow", "ec2:ModifyInstanceMaintenanceOptions", "ec2:ModifyInstanceMetadataDefaults", "ec2:ModifyInstanceMetadataOptions", "ec2:ModifyInstancePlacement", "ec2:ModifyIpam", "ec2:ModifyIpamPool", "ec2:ModifyIpamResourceCidr", "ec2:ModifyIpamResourceDiscovery", "ec2:ModifyIpamScope", "ec2:ModifyLaunchTemplate", "ec2:ModifyLocalGatewayRoute", "ec2:ModifyManagedPrefixList", "ec2:ModifyNetworkInterfaceAttribute", "ec2:ModifyPrivateDnsNameOptions", "ec2:ModifyReservedInstances", "ec2:ModifySecurityGroupRules", "ec2:ModifySnapshotAttribute", "ec2:ModifySnapshotTier", "ec2:ModifySpotFleetRequest", "ec2:ModifySubnetAttribute", "ec2:ModifyTrafficMirrorFilterNetworkServices", "ec2:ModifyTrafficMirrorFilterRule", "ec2:ModifyTrafficMirrorSession", "ec2:ModifyTransitGateway", "ec2:ModifyTransitGatewayPrefixListReference", "ec2:ModifyTransitGatewayVpcAttachment", "ec2:ModifyVerifiedAccessEndpoint", "ec2:ModifyVerifiedAccessEndpointPolicy", "ec2:ModifyVerifiedAccessGroup", "ec2:ModifyVerifiedAccessGroupPolicy", "ec2:ModifyVerifiedAccessInstance", "ec2:ModifyVerifiedAccessInstanceLoggingConfiguration", "ec2:ModifyVerifiedAccessTrustProvider", "ec2:ModifyVolume", "ec2:ModifyVolumeAttribute", "ec2:ModifyVpcAttribute", "ec2:ModifyVpcEndpoint", "ec2:ModifyVpcEndpointConnectionNotification", "ec2:ModifyVpcEndpointServiceConfiguration", "ec2:ModifyVpcEndpointServicePayerResponsibility", "ec2:ModifyVpcEndpointServicePermissions", "ec2:ModifyVpcPeeringConnectionOptions", "ec2:ModifyVpcTenancy", "ec2:ModifyVpnConnection", "ec2:ModifyVpnConnectionOptions", "ec2:ModifyVpnTunnelCertificate", "ec2:ModifyVpnTunnelOptions", "ec2:MonitorInstances", "ec2:MoveAddressToVpc", "ec2:MoveByoipCidrToIpam", "ec2:PauseVolumeIO", "ec2:ProvisionByoipCidr", "ec2:ProvisionIpamByoasn", "ec2:ProvisionIpamPoolCidr", "ec2:ProvisionPublicIpv4PoolCidr", "ec2:PurchaseCapacityBlock", "ec2:PurchaseHostReservation", "ec2:PurchaseReservedInstancesOffering", "ec2:PurchaseScheduledInstances", "ec2:PutResourcePolicy", "ec2:RebootInstances", "ec2:RegisterImage", "ec2:RegisterInstanceEventNotificationAttributes", "ec2:RegisterTransitGatewayMulticastGroupMembers", "ec2:RegisterTransitGatewayMulticastGroupSources", "ec2:RejectTransitGatewayMulticastDomainAssociations", "ec2:RejectTransitGatewayPeeringAttachment", "ec2:RejectTransitGatewayVpcAttachment", "ec2:RejectVpcEndpointConnections", "ec2:RejectVpcPeeringConnection", "ec2:ReleaseAddress", "ec2:ReleaseHosts", "ec2:ReleaseIpamPoolAllocation", "ec2:ReplaceIamInstanceProfileAssociation", "ec2:ReplaceNetworkAclAssociation", "ec2:ReplaceNetworkAclEntry", "ec2:ReplaceRoute", "ec2:ReplaceRouteTableAssociation", "ec2:ReplaceTransitGatewayRoute", "ec2:ReplaceVpnTunnel", "ec2:ReportInstanceStatus", "ec2:RequestSpotFleet", "ec2:RequestSpotInstances", "ec2:ResetAddressAttribute", "ec2:ResetEbsDefaultKmsKeyId", "ec2:ResetFpgaImageAttribute", "ec2:ResetImageAttribute", "ec2:ResetInstanceAttribute", "ec2:ResetNetworkInterfaceAttribute", "ec2:ResetSnapshotAttribute", "ec2:RestoreAddressToClassic", "ec2:RestoreImageFromRecycleBin", "ec2:RestoreManagedPrefixListVersion", "ec2:RestoreSnapshotFromRecycleBin", "ec2:RestoreSnapshotTier", "ec2:RevokeClientVpnIngress", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:RunInstances", "ec2:RunScheduledInstances", "ec2:SearchLocalGatewayRoutes", "ec2:SearchTransitGatewayMulticastGroups", "ec2:SearchTransitGatewayRoutes", "ec2:SendDiagnosticInterrupt", "ec2:SendSpotInstanceInterruptions", "ec2:StartInstances", "ec2:StartNetworkInsightsAccessScopeAnalysis", "ec2:StartNetworkInsightsAnalysis", "ec2:StartVpcEndpointServicePrivateDnsVerification", "ec2:StopInstances", "ec2:TerminateClientVpnConnections", "ec2:TerminateInstances", "ec2:UnassignIpv6Addresses", "ec2:UnassignPrivateIpAddresses", "ec2:UnassignPrivateNatGatewayAddress", "ec2:UnlockSnapshot", "ec2:UnmonitorInstances", "ec2:UpdateSecurityGroupRuleDescriptionsEgress", "ec2:UpdateSecurityGroupRuleDescriptionsIngress", "ec2:WithdrawByoipCidr", "elasticbeanstalk:AbortEnvironmentUpdate", "elasticbeanstalk:AddTags", "elasticbeanstalk:ApplyEnvironmentManagedAction", "elasticbeanstalk:AssociateEnvironmentOperationsRole", "elasticbeanstalk:CheckDNSAvailability", "elasticbeanstalk:ComposeEnvironments", "elasticbeanstalk:CreateApplication", "elasticbeanstalk:CreateApplicationVersion", "elasticbeanstalk:CreateConfigurationTemplate", "elasticbeanstalk:CreateEnvironment", "elasticbeanstalk:CreatePlatformVersion", "elasticbeanstalk:CreateStorageLocation", "elasticbeanstalk:DeleteApplication", "elasticbeanstalk:DeleteApplicationVersion", "elasticbeanstalk:DeleteConfigurationTemplate", "elasticbeanstalk:DeleteEnvironmentConfiguration", "elasticbeanstalk:DeletePlatformVersion", "elasticbeanstalk:DescribeAccountAttributes", "elasticbeanstalk:DescribeApplicationVersions", "elasticbeanstalk:DescribeApplications", "elasticbeanstalk:DescribeConfigurationOptions", "elasticbeanstalk:DescribeConfigurationSettings", "elasticbeanstalk:DescribeEnvironmentHealth", "elasticbeanstalk:DescribeEnvironmentManagedActionHistory", "elasticbeanstalk:DescribeEnvironmentManagedActions", "elasticbeanstalk:DescribeEnvironmentResources", "elasticbeanstalk:DescribeEnvironments", "elasticbeanstalk:DescribeEvents", "elasticbeanstalk:DescribeInstancesHealth", "elasticbeanstalk:DescribePlatformVersion", "elasticbeanstalk:DisassociateEnvironmentOperationsRole", "elasticbeanstalk:ListAvailableSolutionStacks", "elasticbeanstalk:ListPlatformBranches", "elasticbeanstalk:ListPlatformVersions", "elasticbeanstalk:ListTagsForResource", "elasticbeanstalk:PutInstanceStatistics", "elasticbeanstalk:RebuildEnvironment", "elasticbeanstalk:RemoveTags", "elasticbeanstalk:RequestEnvironmentInfo", "elasticbeanstalk:RestartAppServer", "elasticbeanstalk:RetrieveEnvironmentInfo", "elasticbeanstalk:SwapEnvironmentCNAMEs", "elasticbeanstalk:TerminateEnvironment", "elasticbeanstalk:UpdateApplication", "elasticbeanstalk:UpdateApplicationResourceLifecycle", "elasticbeanstalk:UpdateApplicationVersion", "elasticbeanstalk:UpdateConfigurationTemplate", "elasticbeanstalk:UpdateEnvironment", "elasticbeanstalk:UpdateTagsForResource", "elasticbeanstalk:ValidateConfigurationSettings", "elasticloadbalancing:AddTags", "elasticloadbalancing:ApplySecurityGroupsToLoadBalancer", "elasticloadbalancing:AttachLoadBalancerToSubnets", "elasticloadbalancing:ConfigureHealthCheck", "elasticloadbalancing:CreateAppCookieStickinessPolicy", "elasticloadbalancing:CreateLBCookieStickinessPolicy", "elasticloadbalancing:CreateLoadBalancer", "elasticloadbalancing:CreateLoadBalancerListeners", "elasticloadbalancing:CreateLoadBalancerPolicy", "elasticloadbalancing:DeleteLoadBalancer", "elasticloadbalancing:DeleteLoadBalancerListeners", "elasticloadbalancing:DeleteLoadBalancerPolicy", "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DetachLoadBalancerFromSubnets", "elasticloadbalancing:DisableAvailabilityZonesForLoadBalancer", "elasticloadbalancing:EnableAvailabilityZonesForLoadBalancer", "elasticloadbalancing:ModifyLoadBalancerAttributes", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:RemoveTags", "elasticloadbalancing:SetLoadBalancerListenerSSLCertificate", "elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer", "elasticloadbalancing:SetLoadBalancerPoliciesOfListener", "elasticloadbalancing:AddListenerCertificates", "elasticloadbalancing:AddTrustStoreRevocations", "elasticloadbalancing:CreateListener", "elasticloadbalancing:CreateRule", "elasticloadbalancing:CreateTargetGroup", "elasticloadbalancing:CreateTrustStore", "elasticloadbalancing:DeleteListener", "elasticloadbalancing:DeleteRule", "elasticloadbalancing:DeleteTargetGroup", "elasticloadbalancing:DeleteTrustStore", "elasticloadbalancing:DeregisterTargets", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "elasticloadbalancing:GetTrustStoreCaCertificatesBundle", "elasticloadbalancing:GetTrustStoreRevocationContent", "elasticloadbalancing:ModifyListener", "elasticloadbalancing:ModifyRule", "elasticloadbalancing:ModifyTargetGroup", "elasticloadbalancing:ModifyTargetGroupAttributes", "elasticloadbalancing:ModifyTrustStore", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:RemoveListenerCertificates", "elasticloadbalancing:RemoveTrustStoreRevocations", "elasticloadbalancing:SetIpAddressType", "elasticloadbalancing:SetRulePriorities", "elasticloadbalancing:SetSecurityGroups", "elasticloadbalancing:SetSubnets", "elasticloadbalancing:SetWebAcl", "iam:ListRoles", "logs:AssociateKmsKey", "logs:CancelExportTask", "logs:CreateDelivery", "logs:CreateExportTask", "logs:CreateLogAnomalyDetector", "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteAccountPolicy", "logs:DeleteDataProtectionPolicy", "logs:DeleteDelivery", "logs:DeleteDeliveryDestination", "logs:DeleteDeliveryDestinationPolicy", "logs:DeleteDeliverySource", "logs:DeleteDestination", "logs:DeleteLogAnomalyDetector", "logs:DeleteLogDelivery", "logs:DeleteLogGroup", "logs:DeleteLogStream", "logs:DeleteMetricFilter", "logs:DeleteQueryDefinition", "logs:DeleteResourcePolicy", "logs:DeleteRetentionPolicy", "logs:DeleteSubscriptionFilter", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:DisassociateKmsKey", "logs:FilterLogEvents", "logs:GetDataProtectionPolicy", "logs:GetDelivery", "logs:GetDeliveryDestination", "logs:GetDeliveryDestinationPolicy", "logs:GetDeliverySource", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetLogRecord", "logs:GetQueryResults", "logs:Link", "logs:ListAnomalies", "logs:ListLogAnomalyDetectors", "logs:ListLogDeliveries", "logs:ListTagsForResource", "logs:ListTagsLogGroup", "logs:PutAccountPolicy", "logs:PutDataProtectionPolicy", "logs:PutDeliveryDestination", "logs:PutDeliveryDestinationPolicy", "logs:PutDeliverySource", "logs:PutDestination", "logs:PutDestinationPolicy", "logs:PutLogEvents", "logs:PutMetricFilter", "logs:PutQueryDefinition", "logs:PutResourcePolicy", "logs:PutRetentionPolicy", "logs:PutSubscriptionFilter", "logs:StartLiveTail", "logs:StartQuery", "logs:StopLiveTail", "logs:StopQuery", "logs:TagLogGroup", "logs:TagResource", "logs:TestMetricFilter", "logs:Unmask", "logs:UntagLogGroup", "logs:UntagResource", "logs:UpdateAnomaly", "logs:UpdateLogAnomalyDetector", "logs:UpdateLogDelivery", "sns:AddPermission", "sns:CheckIfPhoneNumberIsOptedOut", "sns:ConfirmSubscription", "sns:CreatePlatformApplication", "sns:CreatePlatformEndpoint", "sns:CreateSMSSandboxPhoneNumber", "sns:CreateTopic", "sns:DeleteEndpoint", "sns:DeletePlatformApplication", "sns:DeleteSMSSandboxPhoneNumber", "sns:DeleteTopic", "sns:GetDataProtectionPolicy", "sns:GetEndpointAttributes", "sns:GetPlatformApplicationAttributes", "sns:GetSMSAttributes", "sns:GetSMSSandboxAccountStatus", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:ListEndpointsByPlatformApplication", "sns:ListOriginationNumbers", "sns:ListPhoneNumbersOptedOut", "sns:ListPlatformApplications", "sns:ListSMSSandboxPhoneNumbers", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "sns:OptInPhoneNumber", "sns:Publish", "sns:PutDataProtectionPolicy", "sns:RemovePermission", "sns:SetEndpointAttributes", "sns:SetPlatformApplicationAttributes", "sns:SetSMSAttributes", "sns:SetSubscriptionAttributes", "sns:SetTopicAttributes", "sns:Subscribe", "sns:TagResource", "sns:Unsubscribe", "sns:UntagResource", "sns:VerifySMSSandboxPhoneNumber", "cloud9:CreateEnvironmentEC2", "cloud9:DeleteEnvironment", "cloud9:DescribeEnvironmentMemberships", "cloud9:DescribeEnvironmentStatus", "cloud9:DescribeEnvironments", "cloud9:ListEnvironments", "iam:AttachRolePolicy", "iam:CreateRole", "iam:DeleteRole", "iam:DeleteRolePolicy", "iam:DetachRolePolicy", "iam:GetRole", "iam:PassRole", "iam:GetRolePolicy", "iam:PutRolePolicy", "iam:SetDefaultPolicyVersion", "iam:CreatePolicy", "iam:DeletePolicy", "iam:AddRoleToInstanceProfile", "iam:CreateInstanceProfile", "iam:DeleteInstanceProfile", "iam:RemoveRoleFromInstanceProfile", "iam:AttachUserPolicy", "iam:DetachUserPolicy", "iam:CreatePolicy", "iam:DeletePolicy", "iam:CreatePolicyVersion", "iam:DeletePolicyVersion", "iam:ListEntitiesForPolicy", "iam:ListPolicyVersions", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:ListAttachedRolePolicies", "iam:CreateServiceLinkedRole", "config:DescribeConfigRules", "codestar-connections:UseConnection", "codestar-connections:GetConnection", "codestar-connections:PassConnection" ], "malformed": false, "name": "AWSCodeStarServiceRole", "privesc": true, "resource_exposure": true, "undocumented_actions": true, "unknown_actions": false, "updatedate": "2021-09-20T19:11:03+00:00", "version": "v11" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSCleanRoomsFullAccess", "createdate": "2024-03-21T15:35:13Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cleanrooms:BatchGetCollaborationAnalysisTemplate", "cleanrooms:BatchGetSchema", "cleanrooms:BatchGetSchemaAnalysisRule", "cleanrooms:CreateAnalysisTemplate", "cleanrooms:CreateCollaboration", "cleanrooms:CreateConfiguredAudienceModelAssociation", "cleanrooms:CreateConfiguredTable", "cleanrooms:CreateConfiguredTableAnalysisRule", "cleanrooms:CreateConfiguredTableAssociation", "cleanrooms:CreateMembership", "cleanrooms:CreatePrivacyBudgetTemplate", "cleanrooms:DeleteAnalysisTemplate", "cleanrooms:DeleteCollaboration", "cleanrooms:DeleteConfiguredAudienceModelAssociation", "cleanrooms:DeleteConfiguredTable", "cleanrooms:DeleteConfiguredTableAnalysisRule", "cleanrooms:DeleteConfiguredTableAssociation", "cleanrooms:DeleteMember", "cleanrooms:DeleteMembership", "cleanrooms:DeletePrivacyBudgetTemplate", "cleanrooms:GetAnalysisTemplate", "cleanrooms:GetCollaboration", "cleanrooms:GetCollaborationAnalysisTemplate", "cleanrooms:GetCollaborationConfiguredAudienceModelAssociation", "cleanrooms:GetCollaborationPrivacyBudgetTemplate", "cleanrooms:GetConfiguredAudienceModelAssociation", "cleanrooms:GetConfiguredTable", "cleanrooms:GetConfiguredTableAnalysisRule", "cleanrooms:GetConfiguredTableAssociation", "cleanrooms:GetMembership", "cleanrooms:GetPrivacyBudgetTemplate", "cleanrooms:GetProtectedQuery", "cleanrooms:GetSchema", "cleanrooms:GetSchemaAnalysisRule", "cleanrooms:ListAnalysisTemplates", "cleanrooms:ListCollaborationAnalysisTemplates", "cleanrooms:ListCollaborationConfiguredAudienceModelAssociations", "cleanrooms:ListCollaborationPrivacyBudgetTemplates", "cleanrooms:ListCollaborationPrivacyBudgets", "cleanrooms:ListCollaborations", "cleanrooms:ListConfiguredAudienceModelAssociations", "cleanrooms:ListConfiguredTableAssociations", "cleanrooms:ListConfiguredTables", "cleanrooms:ListMembers", "cleanrooms:ListMemberships", "cleanrooms:ListPrivacyBudgetTemplates", "cleanrooms:ListPrivacyBudgets", "cleanrooms:ListProtectedQueries", "cleanrooms:ListSchemas", "cleanrooms:ListTagsForResource", "cleanrooms:PreviewPrivacyImpact", "cleanrooms:StartProtectedQuery", "cleanrooms:TagResource", "cleanrooms:UntagResource", "cleanrooms:UpdateAnalysisTemplate", "cleanrooms:UpdateCollaboration", "cleanrooms:UpdateConfiguredAudienceModelAssociation", "cleanrooms:UpdateConfiguredTable", "cleanrooms:UpdateConfiguredTableAnalysisRule", "cleanrooms:UpdateConfiguredTableAssociation", "cleanrooms:UpdateMembership", "cleanrooms:UpdatePrivacyBudgetTemplate", "cleanrooms:UpdateProtectedQuery", "iam:PassRole", "iam:ListRoles", "iam:GetRole", "iam:ListRolePolicies", "iam:ListAttachedRolePolicies", "iam:ListPolicies", "iam:GetPolicy", "iam:GetPolicyVersion", "glue:GetDatabase", "glue:GetDatabases", "glue:GetTable", "glue:GetTables", "glue:GetPartition", "glue:GetPartitions", "glue:GetSchema", "glue:GetSchemaVersion", "glue:BatchGetPartition", "s3:ListAllMyBuckets", "s3:GetBucketLocation", "s3:ListBucketVersions", "s3:ListBucket", "s3:PutObject", "s3:GetObject", "logs:CreateLogDelivery", "logs:GetLogDelivery", "logs:UpdateLogDelivery", "logs:DeleteLogDelivery", "logs:ListLogDeliveries", "logs:DescribeLogGroups", "logs:CreateLogGroup", "logs:DescribeResourcePolicies", "logs:PutResourcePolicy", "logs:StartQuery", "logs:GetQueryResults" ], "malformed": false, "name": "AWSCleanRoomsFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-21T15:35:13+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSMigrationHubSMSAccess", "createdate": "2019-10-07T18:01:22Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mgh:CreateProgressUpdateStream", "mgh:AssociateCreatedArtifact", "mgh:DescribeMigrationTask", "mgh:DisassociateCreatedArtifact", "mgh:ImportMigrationTask", "mgh:ListCreatedArtifacts", "mgh:NotifyMigrationTaskState", "mgh:PutResourceAttributes", "mgh:NotifyApplicationState", "mgh:DescribeApplicationState", "mgh:AssociateDiscoveredResource", "mgh:DisassociateDiscoveredResource", "mgh:ListDiscoveredResources", "mgh:ListMigrationTasks", "mgh:GetHomeRegion" ], "malformed": false, "name": "AWSMigrationHubSMSAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-10-07T18:01:22+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSDeadlineCloud-UserAccessQueues", "createdate": "2024-04-01T17:10:03Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "identitystore:DescribeGroup", "identitystore:DescribeUser", "identitystore:ListGroupMembershipsForMember", "deadline:GetApplicationVersion", "ec2:DescribeInstanceTypes", "identitystore:ListUsers", "deadline:AssociateMemberToJob", "deadline:AssociateMemberToQueue", "deadline:DisassociateMemberFromJob", "deadline:DisassociateMemberFromQueue", "deadline:AssociateMemberToJob", "deadline:AssociateMemberToQueue", "deadline:DisassociateMemberFromJob", "deadline:DisassociateMemberFromQueue", "deadline:ListJobMembers", "deadline:ListQueueMembers", "deadline:UpdateJob", "deadline:UpdateSession", "deadline:UpdateStep", "deadline:UpdateTask", "deadline:AssumeQueueRoleForUser", "deadline:CreateJob", "deadline:AssumeQueueRoleForRead", "deadline:GetJob", "deadline:GetQueue", "deadline:GetQueueEnvironment", "deadline:GetQueueFleetAssociation", "deadline:GetSession", "deadline:GetSessionAction", "deadline:GetStep", "deadline:GetStorageProfileForQueue", "deadline:GetTask", "deadline:ListQueueEnvironments", "deadline:ListQueueFleetAssociations", "deadline:ListSessionActions", "deadline:ListSessions", "deadline:ListStepConsumers", "deadline:ListStepDependencies", "deadline:ListSteps", "deadline:ListStorageProfilesForQueue", "deadline:ListTasks", "deadline:SearchJobs", "deadline:SearchSteps", "deadline:SearchTasks", "deadline:ListJobs", "deadline:ListQueues" ], "malformed": false, "name": "AWSDeadlineCloud-UserAccessQueues", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-01T17:10:03+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonOneEnterpriseInstallerAccess", "createdate": "2023-11-28T05:00:39Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "one:CreateDeviceActivationQrCode", "one:GetDeviceInstance", "one:GetSite", "one:GetSiteAddress", "one:ListDeviceInstances", "one:ListSites" ], "malformed": false, "name": "AmazonOneEnterpriseInstallerAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-28T05:00:39+00:00", "version": "v1" }, { "access_levels": [ "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceEventsRole", "createdate": "2023-03-06T22:25:12Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ecs:RunTask", "iam:PassRole", "ecs:TagResource" ], "malformed": false, "name": "AmazonEC2ContainerServiceEventsRole", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-06T22:25:12+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration", "createdate": "2020-10-05T19:20:12Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iot:AddThingToThingGroup", "iot:AttachPolicy", "iot:AttachPrincipalPolicy", "iot:AttachThingPrincipal", "iot:CreateCertificateFromCsr", "iot:CreatePolicy", "iot:CreateThing", "iot:DescribeCertificate", "iot:DescribeThing", "iot:DescribeThingGroup", "iot:DescribeThingType", "iot:DetachPolicy", "iot:DetachThingPrincipal", "iot:GetPolicy", "iot:ListAttachedPolicies", "iot:ListPolicyPrincipals", "iot:ListPrincipalPolicies", "iot:ListPrincipalThings", "iot:ListTargetsForPolicy", "iot:ListThingGroupsForThing", "iot:ListThingPrincipals", "iot:RegisterCertificate", "iot:RegisterThing", "iot:RemoveThingFromThingGroup", "iot:UpdateCertificate", "iot:UpdateThing", "iot:UpdateThingGroupsForThing", "iot:AddThingToBillingGroup", "iot:DescribeBillingGroup", "iot:RemoveThingFromBillingGroup" ], "malformed": false, "name": "AWSIoTThingsRegistration", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-10-05T19:20:12+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSRefactoringToolkitSidecarPolicy", "createdate": "2022-10-29T22:15:51Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ssmmessages:OpenControlChannel", "ssmmessages:CreateControlChannel", "ssmmessages:OpenDataChannel", "ssmmessages:CreateDataChannel", "s3:GetObject", "s3:ListBucket" ], "malformed": false, "name": "AWSRefactoringToolkitSidecarPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-10-29T22:15:51+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonKeyspacesFullAccess", "createdate": "2023-10-03T19:12:30Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cassandra:Alter", "cassandra:AlterMultiRegionResource", "cassandra:Create", "cassandra:CreateMultiRegionResource", "cassandra:Drop", "cassandra:DropMultiRegionResource", "cassandra:Modify", "cassandra:ModifyMultiRegionResource", "cassandra:Restore", "cassandra:RestoreMultiRegionTable", "cassandra:Select", "cassandra:SelectMultiRegionResource", "cassandra:TagMultiRegionResource", "cassandra:TagResource", "cassandra:UnTagMultiRegionResource", "cassandra:UntagResource", "cassandra:UpdatePartitioner", "application-autoscaling:DeleteScalingPolicy", "application-autoscaling:DeleteScheduledAction", "application-autoscaling:DeregisterScalableTarget", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingActivities", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:DescribeScheduledActions", "application-autoscaling:PutScheduledAction", "application-autoscaling:PutScalingPolicy", "application-autoscaling:RegisterScalableTarget", "kms:DescribeKey", "kms:ListAliases", "cloudwatch:DeleteAlarms", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricData", "cloudwatch:PutMetricAlarm", "iam:CreateServiceLinkedRole", "iam:CreateServiceLinkedRole", "ec2:DescribeNetworkInterfaces", "ec2:DescribeVpcEndpoints" ], "malformed": false, "name": "AmazonKeyspacesFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-10-03T19:12:30+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/CloudWatchActionsEC2Access", "createdate": "2015-07-07T00:00:33Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:RebootInstances", "ec2:StopInstances", "ec2:TerminateInstances" ], "malformed": false, "name": "CloudWatchActionsEC2Access", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-07-07T00:00:33+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSPrivateCAFullAccess", "createdate": "2023-02-14T18:20:59Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "acm-pca:CreateCertificateAuthority", "acm-pca:CreateCertificateAuthorityAuditReport", "acm-pca:CreatePermission", "acm-pca:DeleteCertificateAuthority", "acm-pca:DeletePermission", "acm-pca:DeletePolicy", "acm-pca:DescribeCertificateAuthority", "acm-pca:DescribeCertificateAuthorityAuditReport", "acm-pca:GetCertificate", "acm-pca:GetCertificateAuthorityCertificate", "acm-pca:GetCertificateAuthorityCsr", "acm-pca:GetPolicy", "acm-pca:ImportCertificateAuthorityCertificate", "acm-pca:IssueCertificate", "acm-pca:ListCertificateAuthorities", "acm-pca:ListPermissions", "acm-pca:ListTags", "acm-pca:PutPolicy", "acm-pca:RestoreCertificateAuthority", "acm-pca:RevokeCertificate", "acm-pca:TagCertificateAuthority", "acm-pca:UntagCertificateAuthority", "acm-pca:UpdateCertificateAuthority" ], "malformed": false, "name": "AWSPrivateCAFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-02-14T18:20:59+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSCloudWatchAlarms_ActionSSMIncidentsServiceRolePolicy", "createdate": "2021-04-27T13:30:52Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ssm-incidents:StartIncident" ], "malformed": false, "name": "AWSCloudWatchAlarms_ActionSSMIncidentsServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-04-27T13:30:52+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSOrganizationsServiceTrustPolicy", "createdate": "2017-11-01T06:01:18Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:DeleteRole", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSOrganizationsServiceTrustPolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-11-01T06:01:18+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSPrivateMarketplaceAdminFullAccess", "createdate": "2024-02-14T22:05:08Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "aws-marketplace:AssociateProductsWithPrivateMarketplace", "aws-marketplace:DisassociateProductsFromPrivateMarketplace", "aws-marketplace:ListPrivateMarketplaceRequests", "aws-marketplace:DescribePrivateMarketplaceRequests", "aws-marketplace:ListEntities", "aws-marketplace:DescribeEntity", "aws-marketplace:StartChangeSet", "aws-marketplace:ListChangeSets", "aws-marketplace:DescribeChangeSet", "aws-marketplace:CancelChangeSet", "aws-marketplace:TagResource", "aws-marketplace:UntagResource", "aws-marketplace:ListTagsForResource", "organizations:DescribeOrganization", "organizations:DescribeOrganizationalUnit", "organizations:DescribeAccount", "organizations:ListRoots", "organizations:ListParents", "organizations:ListOrganizationalUnitsForParent", "organizations:ListAccountsForParent", "organizations:ListAccounts", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListDelegatedAdministrators" ], "malformed": false, "name": "AWSPrivateMarketplaceAdminFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-14T22:05:08+00:00", "version": "v6" }, { "access_levels": [ "List", "Read", "Tagging" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSMigrationHubDiscoveryAccess", "createdate": "2020-08-06T17:34:42Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "discovery:ListConfigurations", "discovery:DescribeConfigurations", "ec2:CreateTags", "dms:AddTagsToResource", "ec2:DescribeInstanceAttribute" ], "malformed": false, "name": "AWSMigrationHubDiscoveryAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-08-06T17:34:42+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonSecurityLakeMetastoreManager", "createdate": "2024-04-01T20:04:24Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "logs:CreateLogStream", "logs:PutLogEvents", "logs:CreateLogGroup", "glue:CreatePartition", "glue:BatchCreatePartition", "glue:GetTable", "glue:UpdateTable", "sqs:ReceiveMessage", "sqs:DeleteMessage", "sqs:GetQueueAttributes", "s3:ListBucket", "s3:PutObject", "s3:GetObject", "s3:DeleteObject" ], "malformed": false, "name": "AmazonSecurityLakeMetastoreManager", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-01T20:04:24+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSPanoramaApplianceServiceRolePolicy", "createdate": "2023-01-17T21:32:36Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "logs:CreateLogStream", "logs:DescribeLogStreams", "logs:PutLogEvents", "logs:CreateLogGroup", "cloudwatch:PutMetricData", "s3:GetObject", "s3:ListBucket", "s3:GetObjectVersion" ], "malformed": false, "name": "AWSPanoramaApplianceServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-01-17T21:32:36+00:00", "version": "v2" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonSNSRole", "createdate": "2015-02-06T18:41:30Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "logs:PutMetricFilter", "logs:PutRetentionPolicy" ], "malformed": false, "name": "AmazonSNSRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:41:30+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSCleanRoomsReadOnlyAccess", "createdate": "2023-01-12T16:10:48Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cleanrooms:BatchGetCollaborationAnalysisTemplate", "cleanrooms:BatchGetSchema", "cleanrooms:BatchGetSchemaAnalysisRule", "cleanrooms:GetAnalysisTemplate", "cleanrooms:GetCollaboration", "cleanrooms:GetCollaborationAnalysisTemplate", "cleanrooms:GetCollaborationConfiguredAudienceModelAssociation", "cleanrooms:GetCollaborationPrivacyBudgetTemplate", "cleanrooms:GetConfiguredAudienceModelAssociation", "cleanrooms:GetConfiguredTable", "cleanrooms:GetConfiguredTableAnalysisRule", "cleanrooms:GetConfiguredTableAssociation", "cleanrooms:GetMembership", "cleanrooms:GetPrivacyBudgetTemplate", "cleanrooms:GetProtectedQuery", "cleanrooms:GetSchema", "cleanrooms:GetSchemaAnalysisRule", "cleanrooms:ListAnalysisTemplates", "cleanrooms:ListCollaborationAnalysisTemplates", "cleanrooms:ListCollaborationConfiguredAudienceModelAssociations", "cleanrooms:ListCollaborationPrivacyBudgetTemplates", "cleanrooms:ListCollaborationPrivacyBudgets", "cleanrooms:ListCollaborations", "cleanrooms:ListConfiguredAudienceModelAssociations", "cleanrooms:ListConfiguredTableAssociations", "cleanrooms:ListConfiguredTables", "cleanrooms:ListMembers", "cleanrooms:ListMemberships", "cleanrooms:ListPrivacyBudgetTemplates", "cleanrooms:ListPrivacyBudgets", "cleanrooms:ListProtectedQueries", "cleanrooms:ListSchemas", "cleanrooms:ListTagsForResource", "glue:GetDatabase", "glue:GetDatabases", "glue:GetTable", "glue:GetTables", "glue:GetPartition", "glue:GetPartitions", "glue:GetSchema", "glue:GetSchemaVersion", "glue:BatchGetPartition", "logs:StartQuery", "logs:GetQueryResults" ], "malformed": false, "name": "AWSCleanRoomsReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-01-12T16:10:48+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSCloudMapRegisterInstanceAccess", "createdate": "2023-09-20T21:47:06Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "route53:GetHostedZone", "route53:ListHostedZonesByName", "route53:ChangeResourceRecordSets", "route53:CreateHealthCheck", "route53:GetHealthCheck", "route53:DeleteHealthCheck", "route53:UpdateHealthCheck", "servicediscovery:GetInstance", "servicediscovery:GetInstancesHealthStatus", "servicediscovery:GetNamespace", "servicediscovery:GetOperation", "servicediscovery:GetService", "servicediscovery:ListInstances", "servicediscovery:ListNamespaces", "servicediscovery:ListOperations", "servicediscovery:ListServices", "servicediscovery:ListTagsForResource", "servicediscovery:RegisterInstance", "servicediscovery:DeregisterInstance", "servicediscovery:DiscoverInstances", "servicediscovery:DiscoverInstancesRevision", "ec2:DescribeInstances" ], "malformed": false, "name": "AWSCloudMapRegisterInstanceAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-09-20T21:47:06+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSFMMemberReadOnlyAccess", "createdate": "2018-05-09T21:05:29Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "fms:GetAdminAccount", "waf:GetByteMatchSet", "waf:GetChangeToken", "waf:GetChangeTokenStatus", "waf:GetGeoMatchSet", "waf:GetIPSet", "waf:GetLoggingConfiguration", "waf:GetPermissionPolicy", "waf:GetRateBasedRule", "waf:GetRateBasedRuleManagedKeys", "waf:GetRegexMatchSet", "waf:GetRegexPatternSet", "waf:GetRule", "waf:GetRuleGroup", "waf:GetSampledRequests", "waf:GetSizeConstraintSet", "waf:GetSqlInjectionMatchSet", "waf:GetWebACL", "waf:GetXssMatchSet", "waf:ListActivatedRulesInRuleGroup", "waf:ListByteMatchSets", "waf:ListGeoMatchSets", "waf:ListIPSets", "waf:ListLoggingConfigurations", "waf:ListRateBasedRules", "waf:ListRegexMatchSets", "waf:ListRegexPatternSets", "waf:ListRuleGroups", "waf:ListRules", "waf:ListSizeConstraintSets", "waf:ListSqlInjectionMatchSets", "waf:ListSubscribedRuleGroups", "waf:ListTagsForResource", "waf:ListWebACLs", "waf:ListXssMatchSets", "waf-regional:GetByteMatchSet", "waf-regional:GetChangeToken", "waf-regional:GetChangeTokenStatus", "waf-regional:GetGeoMatchSet", "waf-regional:GetIPSet", "waf-regional:GetLoggingConfiguration", "waf-regional:GetPermissionPolicy", "waf-regional:GetRateBasedRule", "waf-regional:GetRateBasedRuleManagedKeys", "waf-regional:GetRegexMatchSet", "waf-regional:GetRegexPatternSet", "waf-regional:GetRule", "waf-regional:GetRuleGroup", "waf-regional:GetSampledRequests", "waf-regional:GetSizeConstraintSet", "waf-regional:GetSqlInjectionMatchSet", "waf-regional:GetWebACL", "waf-regional:GetWebACLForResource", "waf-regional:GetXssMatchSet", "waf-regional:ListActivatedRulesInRuleGroup", "waf-regional:ListByteMatchSets", "waf-regional:ListGeoMatchSets", "waf-regional:ListIPSets", "waf-regional:ListLoggingConfigurations", "waf-regional:ListRateBasedRules", "waf-regional:ListRegexMatchSets", "waf-regional:ListRegexPatternSets", "waf-regional:ListResourcesForWebACL", "waf-regional:ListRuleGroups", "waf-regional:ListRules", "waf-regional:ListSizeConstraintSets", "waf-regional:ListSqlInjectionMatchSets", "waf-regional:ListSubscribedRuleGroups", "waf-regional:ListTagsForResource", "waf-regional:ListWebACLs", "waf-regional:ListXssMatchSets", "organizations:DescribeOrganization" ], "malformed": false, "name": "AWSFMMemberReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-05-09T21:05:29+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSMarketplaceFullAccess", "createdate": "2022-03-04T17:04:00Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "aws-marketplace:AssociateProductsWithPrivateMarketplace", "aws-marketplace:CreatePrivateMarketplaceRequests", "aws-marketplace:DescribePrivateMarketplaceRequests", "aws-marketplace:DisassociateProductsFromPrivateMarketplace", "aws-marketplace:ListPrivateMarketplaceRequests", "aws-marketplace:GetSellerDashboard", "aws-marketplace:AcceptAgreementApprovalRequest", "aws-marketplace:AcceptAgreementRequest", "aws-marketplace:CancelAgreement", "aws-marketplace:CancelAgreementRequest", "aws-marketplace:CreateAgreementRequest", "aws-marketplace:DescribeAgreement", "aws-marketplace:GetAgreementApprovalRequest", "aws-marketplace:GetAgreementRequest", "aws-marketplace:GetAgreementTerms", "aws-marketplace:ListAgreementApprovalRequests", "aws-marketplace:ListAgreementRequests", "aws-marketplace:ListEntitlementDetails", "aws-marketplace:RejectAgreementApprovalRequest", "aws-marketplace:SearchAgreements", "aws-marketplace:Subscribe", "aws-marketplace:Unsubscribe", "aws-marketplace:UpdateAgreementApprovalRequest", "aws-marketplace:ViewSubscriptions", "aws-marketplace:ListTagsForResource", "aws-marketplace:PutDeploymentParameter", "aws-marketplace:TagResource", "aws-marketplace:UntagResource", "aws-marketplace:CancelChangeSet", "aws-marketplace:CompleteTask", "aws-marketplace:DeleteResourcePolicy", "aws-marketplace:DescribeAssessment", "aws-marketplace:DescribeChangeSet", "aws-marketplace:DescribeEntity", "aws-marketplace:DescribeTask", "aws-marketplace:GetResourcePolicy", "aws-marketplace:ListAssessments", "aws-marketplace:ListChangeSets", "aws-marketplace:ListEntities", "aws-marketplace:ListTasks", "aws-marketplace:PutResourcePolicy", "aws-marketplace:StartChangeSet", "aws-marketplace:UpdateTask", "aws-marketplace:BatchMeterUsage", "aws-marketplace:MeterUsage", "aws-marketplace:RegisterUsage", "aws-marketplace:ResolveCustomer", "aws-marketplace:DescribeProcurementSystemConfiguration", "aws-marketplace:PutProcurementSystemConfiguration", "aws-marketplace:DescribeBuilds", "aws-marketplace:ListBuilds", "aws-marketplace:StartBuild", "aws-marketplace:ListPrivateListings", "aws-marketplace:GetEntitlements", "cloudformation:CreateStack", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResources", "cloudformation:DescribeStacks", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateSecurityGroup", "ec2:CreateTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DeleteSecurityGroup", "ec2:DescribeAccountAttributes", "ec2:DescribeImages", "ec2:DescribeInstances", "ec2:DescribeKeyPairs", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeVpcs", "ec2:RunInstances", "ec2:StartInstances", "ec2:StopInstances", "ec2:TerminateInstances", "ec2:CopyImage", "ec2:DeregisterImage", "ec2:DescribeSnapshots", "ec2:DeleteSnapshot", "ec2:CreateImage", "ec2:DescribeInstanceStatus", "ssm:GetAutomationExecution", "ssm:ListDocuments", "ssm:DescribeDocument", "sns:ListTopics", "sns:GetTopicAttributes", "sns:CreateTopic", "iam:GetRole", "iam:GetInstanceProfile", "iam:ListRoles", "iam:ListInstanceProfiles", "s3:ListBucket", "s3:GetObject", "sns:Publish", "sns:SetTopicAttributes", "iam:PassRole", "ssm:StartAutomationExecution", "iam:PassRole" ], "malformed": false, "name": "AWSMarketplaceFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-03-04T17:04:00+00:00", "version": "v4" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonCognitoIdpEmailServiceRolePolicy", "createdate": "2019-03-21T21:32:25Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ses:SendEmail", "ses:SendRawEmail" ], "malformed": false, "name": "AmazonCognitoIdpEmailServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-03-21T21:32:25+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonWorkMailReadOnlyAccess", "createdate": "2019-07-25T08:24:50Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ses:DescribeActiveReceiptRuleSet", "ses:DescribeConfigurationSet", "ses:DescribeReceiptRule", "ses:DescribeReceiptRuleSet", "ses:GetAccount", "ses:GetBlacklistReports", "ses:GetConfigurationSet", "ses:GetConfigurationSetEventDestinations", "ses:GetDedicatedIp", "ses:GetDedicatedIps", "ses:GetDeliverabilityDashboardOptions", "ses:GetDeliverabilityTestReport", "ses:GetDomainDeliverabilityCampaign", "ses:GetDomainStatisticsReport", "ses:GetEmailIdentity", "ses:GetAccountSendingEnabled", "ses:GetCustomVerificationEmailTemplate", "ses:GetIdentityDkimAttributes", "ses:GetIdentityMailFromDomainAttributes", "ses:GetIdentityNotificationAttributes", "ses:GetIdentityPolicies", "ses:GetIdentityVerificationAttributes", "ses:GetSendQuota", "ses:GetSendStatistics", "ses:GetTemplate", "ses:GetContact", "ses:GetContactList", "ses:GetDedicatedIpPool", "ses:GetEmailIdentityPolicies", "ses:GetEmailTemplate", "ses:GetExportJob", "ses:GetImportJob", "ses:GetMessageInsights", "ses:GetSuppressedDestination", "workmail:DescribeDirectories", "workmail:DescribeEmailMonitoringConfiguration", "workmail:DescribeEntity", "workmail:DescribeGroup", "workmail:DescribeInboundDmarcSettings", "workmail:DescribeInboundMailFlowRule", "workmail:DescribeKmsKeys", "workmail:DescribeMailDomains", "workmail:DescribeMailGroups", "workmail:DescribeMailUsers", "workmail:DescribeMailboxExportJob", "workmail:DescribeOrganization", "workmail:DescribeOrganizations", "workmail:DescribeOutboundMailFlowRule", "workmail:DescribeResource", "workmail:DescribeSmtpGateway", "workmail:DescribeUser", "workmail:GetAccessControlEffect", "workmail:GetDefaultRetentionPolicy", "workmail:GetImpersonationRole", "workmail:GetImpersonationRoleEffect", "workmail:GetJournalingRules", "workmail:GetMailDomain", "workmail:GetMailDomainDetails", "workmail:GetMailGroupDetails", "workmail:GetMailboxDetails", "workmail:GetMobileDeviceAccessEffect", "workmail:GetMobileDeviceAccessOverride", "workmail:GetMobileDeviceDetails", "workmail:GetMobileDevicesForUser", "workmail:GetMobilePolicyDetails", "workmail:ListAccessControlRules", "workmail:ListAliases", "workmail:ListAvailabilityConfigurations", "workmail:ListGroupMembers", "workmail:ListGroups", "workmail:ListGroupsForEntity", "workmail:ListImpersonationRoles", "workmail:ListInboundMailFlowRules", "workmail:ListMailDomains", "workmail:ListMailboxExportJobs", "workmail:ListMailboxPermissions", "workmail:ListMembersInMailGroup", "workmail:ListMobileDeviceAccessOverrides", "workmail:ListMobileDeviceAccessRules", "workmail:ListOrganizations", "workmail:ListOutboundMailFlowRules", "workmail:ListResourceDelegates", "workmail:ListResources", "workmail:ListSmtpGateways", "workmail:ListTagsForResource", "workmail:ListUsers", "workmail:SearchMembers", "lambda:ListFunctions", "iam:ListRoles", "logs:DescribeLogGroups", "cloudwatch:GetMetricData" ], "malformed": false, "name": "AmazonWorkMailReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-07-25T08:24:50+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonVPCFullAccess", "createdate": "2024-02-08T16:03:24Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:AcceptVpcPeeringConnection", "ec2:AcceptVpcEndpointConnections", "ec2:AllocateAddress", "ec2:AssignIpv6Addresses", "ec2:AssignPrivateIpAddresses", "ec2:AssociateAddress", "ec2:AssociateDhcpOptions", "ec2:AssociateRouteTable", "ec2:AssociateSubnetCidrBlock", "ec2:AssociateVpcCidrBlock", "ec2:AttachClassicLinkVpc", "ec2:AttachInternetGateway", "ec2:AttachNetworkInterface", "ec2:AttachVpnGateway", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateCarrierGateway", "ec2:CreateCustomerGateway", "ec2:CreateDefaultSubnet", "ec2:CreateDefaultVpc", "ec2:CreateDhcpOptions", "ec2:CreateEgressOnlyInternetGateway", "ec2:CreateFlowLogs", "ec2:CreateInternetGateway", "ec2:CreateLocalGatewayRouteTableVpcAssociation", "ec2:CreateNatGateway", "ec2:CreateNetworkAcl", "ec2:CreateNetworkAclEntry", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:CreateRoute", "ec2:CreateRouteTable", "ec2:CreateSecurityGroup", "ec2:CreateSubnet", "ec2:CreateTags", "ec2:CreateVpc", "ec2:CreateVpcEndpoint", "ec2:CreateVpcEndpointConnectionNotification", "ec2:CreateVpcEndpointServiceConfiguration", "ec2:CreateVpcPeeringConnection", "ec2:CreateVpnConnection", "ec2:CreateVpnConnectionRoute", "ec2:CreateVpnGateway", "ec2:DeleteCarrierGateway", "ec2:DeleteCustomerGateway", "ec2:DeleteDhcpOptions", "ec2:DeleteEgressOnlyInternetGateway", "ec2:DeleteFlowLogs", "ec2:DeleteInternetGateway", "ec2:DeleteLocalGatewayRouteTableVpcAssociation", "ec2:DeleteNatGateway", "ec2:DeleteNetworkAcl", "ec2:DeleteNetworkAclEntry", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DeleteRoute", "ec2:DeleteRouteTable", "ec2:DeleteSecurityGroup", "ec2:DeleteSubnet", "ec2:DeleteTags", "ec2:DeleteVpc", "ec2:DeleteVpcEndpoints", "ec2:DeleteVpcEndpointConnectionNotifications", "ec2:DeleteVpcEndpointServiceConfigurations", "ec2:DeleteVpcPeeringConnection", "ec2:DeleteVpnConnection", "ec2:DeleteVpnConnectionRoute", "ec2:DeleteVpnGateway", "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DescribeAvailabilityZones", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeFlowLogs", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpv6Pools", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeKeyPairs", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePrefixLists", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:DetachClassicLinkVpc", "ec2:DetachInternetGateway", "ec2:DetachNetworkInterface", "ec2:DetachVpnGateway", "ec2:DisableVgwRoutePropagation", "ec2:DisableVpcClassicLink", "ec2:DisableVpcClassicLinkDnsSupport", "ec2:DisassociateAddress", "ec2:DisassociateRouteTable", "ec2:DisassociateSubnetCidrBlock", "ec2:DisassociateVpcCidrBlock", "ec2:EnableVgwRoutePropagation", "ec2:EnableVpcClassicLink", "ec2:EnableVpcClassicLinkDnsSupport", "ec2:GetSecurityGroupsForVpc", "ec2:ModifyNetworkInterfaceAttribute", "ec2:ModifySecurityGroupRules", "ec2:ModifySubnetAttribute", "ec2:ModifyVpcAttribute", "ec2:ModifyVpcEndpoint", "ec2:ModifyVpcEndpointConnectionNotification", "ec2:ModifyVpcEndpointServiceConfiguration", "ec2:ModifyVpcEndpointServicePermissions", "ec2:ModifyVpcPeeringConnectionOptions", "ec2:ModifyVpcTenancy", "ec2:MoveAddressToVpc", "ec2:RejectVpcEndpointConnections", "ec2:RejectVpcPeeringConnection", "ec2:ReleaseAddress", "ec2:ReplaceNetworkAclAssociation", "ec2:ReplaceNetworkAclEntry", "ec2:ReplaceRoute", "ec2:ReplaceRouteTableAssociation", "ec2:ResetNetworkInterfaceAttribute", "ec2:RestoreAddressToClassic", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:UnassignIpv6Addresses", "ec2:UnassignPrivateIpAddresses", "ec2:UpdateSecurityGroupRuleDescriptionsEgress", "ec2:UpdateSecurityGroupRuleDescriptionsIngress" ], "malformed": false, "name": "AmazonVPCFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-08T16:03:24+00:00", "version": "v10" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonKinesisFirehoseReadOnlyAccess", "createdate": "2015-10-07T18:43:39Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "firehose:DescribeDeliveryStream", "firehose:ListDeliveryStreams", "firehose:ListTagsForDeliveryStream" ], "malformed": false, "name": "AmazonKinesisFirehoseReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-10-07T18:43:39+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonRedshiftDataFullAccess", "createdate": "2023-04-07T18:18:32Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "redshift-data:BatchExecuteStatement", "redshift-data:ExecuteStatement", "redshift-data:CancelStatement", "redshift-data:ListStatements", "redshift-data:GetStatementResult", "redshift-data:DescribeStatement", "redshift-data:ListDatabases", "redshift-data:ListSchemas", "redshift-data:ListTables", "redshift-data:DescribeTable", "secretsmanager:GetSecretValue", "redshift:GetClusterCredentials", "redshift:GetClusterCredentialsWithIAM", "redshift-serverless:GetCredentials", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonRedshiftDataFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-07T18:18:32+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonKinesisFullAccess", "createdate": "2015-02-06T18:40:29Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "kinesis:AddTagsToStream", "kinesis:CreateStream", "kinesis:DecreaseStreamRetentionPeriod", "kinesis:DeleteResourcePolicy", "kinesis:DeleteStream", "kinesis:DeregisterStreamConsumer", "kinesis:DescribeLimits", "kinesis:DescribeStream", "kinesis:DescribeStreamConsumer", "kinesis:DescribeStreamSummary", "kinesis:DisableEnhancedMonitoring", "kinesis:EnableEnhancedMonitoring", "kinesis:GetRecords", "kinesis:GetResourcePolicy", "kinesis:GetShardIterator", "kinesis:IncreaseStreamRetentionPeriod", "kinesis:ListShards", "kinesis:ListStreamConsumers", "kinesis:ListStreams", "kinesis:ListTagsForStream", "kinesis:MergeShards", "kinesis:PutRecord", "kinesis:PutRecords", "kinesis:PutResourcePolicy", "kinesis:RegisterStreamConsumer", "kinesis:RemoveTagsFromStream", "kinesis:SplitShard", "kinesis:StartStreamEncryption", "kinesis:StopStreamEncryption", "kinesis:SubscribeToShard", "kinesis:UpdateShardCount", "kinesis:UpdateStreamMode" ], "malformed": false, "name": "AmazonKinesisFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:40:29+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSSystemsManagerForSAPReadOnlyAccess", "createdate": "2022-11-17T02:11:44Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ssm-sap:GetApplication", "ssm-sap:GetComponent", "ssm-sap:GetDatabase", "ssm-sap:GetOperation", "ssm-sap:GetResourcePermission", "ssm-sap:ListApplications", "ssm-sap:ListComponents", "ssm-sap:ListDatabases", "ssm-sap:ListOperations", "ssm-sap:ListTagsForResource" ], "malformed": false, "name": "AWSSystemsManagerForSAPReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-17T02:11:44+00:00", "version": "v1" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSSSMOpsInsightsServiceRolePolicy", "createdate": "2021-06-16T20:12:52Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ssm:CreateOpsItem", "ssm:AddTagsToResource", "ssm:UpdateOpsItem", "ssm:GetOpsItem" ], "malformed": false, "name": "AWSSSMOpsInsightsServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-06-16T20:12:52+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSIoTSiteWiseReadOnlyAccess", "createdate": "2022-09-16T19:05:20Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iotsitewise:DescribeAccessPolicy", "iotsitewise:DescribeAction", "iotsitewise:DescribeAsset", "iotsitewise:DescribeAssetCompositeModel", "iotsitewise:DescribeAssetModel", "iotsitewise:DescribeAssetModelCompositeModel", "iotsitewise:DescribeAssetProperty", "iotsitewise:DescribeBulkImportJob", "iotsitewise:DescribeDashboard", "iotsitewise:DescribeDefaultEncryptionConfiguration", "iotsitewise:DescribeGateway", "iotsitewise:DescribeGatewayCapabilityConfiguration", "iotsitewise:DescribeLoggingOptions", "iotsitewise:DescribePortal", "iotsitewise:DescribeProject", "iotsitewise:DescribeStorageConfiguration", "iotsitewise:DescribeTimeSeries", "iotsitewise:ListAccessPolicies", "iotsitewise:ListActions", "iotsitewise:ListAssetModelCompositeModels", "iotsitewise:ListAssetModelProperties", "iotsitewise:ListAssetModels", "iotsitewise:ListAssetProperties", "iotsitewise:ListAssetRelationships", "iotsitewise:ListAssets", "iotsitewise:ListAssociatedAssets", "iotsitewise:ListBulkImportJobs", "iotsitewise:ListCompositionRelationships", "iotsitewise:ListDashboards", "iotsitewise:ListGateways", "iotsitewise:ListPortals", "iotsitewise:ListProjectAssets", "iotsitewise:ListProjects", "iotsitewise:ListTagsForResource", "iotsitewise:ListTimeSeries", "iotsitewise:GetAssetPropertyAggregates", "iotsitewise:GetAssetPropertyValue", "iotsitewise:GetAssetPropertyValueHistory", "iotsitewise:GetInterpolatedAssetPropertyValues", "iotsitewise:BatchGetAssetPropertyAggregates", "iotsitewise:BatchGetAssetPropertyValue", "iotsitewise:BatchGetAssetPropertyValueHistory" ], "malformed": false, "name": "AWSIoTSiteWiseReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-09-16T19:05:20+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonMQFullAccess", "createdate": "2020-11-04T16:34:09Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mq:CreateBroker", "mq:CreateConfiguration", "mq:CreateReplicaBroker", "mq:CreateTags", "mq:CreateUser", "mq:DeleteBroker", "mq:DeleteTags", "mq:DeleteUser", "mq:DescribeBroker", "mq:DescribeBrokerEngineTypes", "mq:DescribeBrokerInstanceOptions", "mq:DescribeConfiguration", "mq:DescribeConfigurationRevision", "mq:DescribeUser", "mq:ListBrokers", "mq:ListConfigurationRevisions", "mq:ListConfigurations", "mq:ListTags", "mq:ListUsers", "mq:Promote", "mq:RebootBroker", "mq:UpdateBroker", "mq:UpdateConfiguration", "mq:UpdateUser", "cloudformation:CreateStack", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DetachNetworkInterface", "ec2:DescribeInternetGateways", "ec2:DescribeNetworkInterfaces", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:CreateSecurityGroup", "ec2:AuthorizeSecurityGroupIngress", "logs:CreateLogGroup", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonMQFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-11-04T16:34:09+00:00", "version": "v5" }, { "access_levels": [ "List", "Read" ], "arn": null, "createdate": "2020-03-26T16:07:17Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "codepipeline:GetPipeline", "codepipeline:GetPipelineState", "codepipeline:GetPipelineExecution", "codepipeline:ListPipelineExecutions", "codepipeline:ListActionExecutions", "codepipeline:ListActionTypes", "codepipeline:ListPipelines", "codepipeline:ListTagsForResource", "iam:ListRoles", "s3:GetBucketPolicy", "s3:GetObject", "s3:ListAllMyBuckets", "s3:ListBucket", "codecommit:ListBranches", "codecommit:ListRepositories", "codedeploy:GetApplication", "codedeploy:GetDeploymentGroup", "codedeploy:ListApplications", "codedeploy:ListDeploymentGroups", "elasticbeanstalk:DescribeApplications", "elasticbeanstalk:DescribeEnvironments", "lambda:GetFunctionConfiguration", "lambda:ListFunctions", "opsworks:DescribeApps", "opsworks:DescribeLayers", "opsworks:DescribeStacks", "codestar-notifications:ListNotificationRules", "codestar-notifications:ListEventTypes", "codestar-notifications:ListTargets", "codestar-notifications:DescribeNotificationRule" ], "malformed": false, "name": "AWSCodePipelineReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v9" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSVendorInsightsAssessorFullAccess", "createdate": "2022-12-01T00:51:44Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "vendor-insights:GetProfileAccessTerms", "vendor-insights:ListEntitledSecurityProfiles", "vendor-insights:GetEntitledSecurityProfileSnapshot", "vendor-insights:ListEntitledSecurityProfileSnapshots", "aws-marketplace:CreateAgreementRequest", "aws-marketplace:GetAgreementRequest", "aws-marketplace:AcceptAgreementRequest", "aws-marketplace:CancelAgreementRequest", "aws-marketplace:ListAgreementRequests", "aws-marketplace:SearchAgreements", "aws-marketplace:CancelAgreement", "artifact:GetReport", "artifact:GetReportMetadata", "artifact:GetTermForReport", "artifact:ListReports" ], "malformed": false, "name": "AWSVendorInsightsAssessorFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-12-01T00:51:44+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonKinesisReadOnlyAccess", "createdate": "2015-02-06T18:40:30Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "kinesis:GetRecords", "kinesis:GetResourcePolicy", "kinesis:GetShardIterator", "kinesis:ListShards", "kinesis:ListStreamConsumers", "kinesis:ListStreams", "kinesis:ListTagsForStream", "kinesis:DescribeLimits", "kinesis:DescribeStream", "kinesis:DescribeStreamConsumer", "kinesis:DescribeStreamSummary" ], "malformed": false, "name": "AmazonKinesisReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:40:30+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSThinkboxAWSPortalGatewayPolicy", "createdate": "2020-06-30T16:02:07Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "logs:PutLogEvents", "logs:DescribeLogStreams", "logs:DescribeLogGroups", "logs:CreateLogStream", "logs:CreateLogGroup", "s3:GetObject", "s3:PutObject", "s3:ListBucket", "dynamodb:Scan", "s3:ListBucket", "s3:GetObject", "s3:PutObject", "secretsmanager:GetSecretValue" ], "malformed": false, "name": "AWSThinkboxAWSPortalGatewayPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-06-30T16:02:07+00:00", "version": "v2" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSECRPullThroughCache_ServiceRolePolicy", "createdate": "2023-11-13T15:23:16Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "ecr:GetAuthorizationToken", "ecr:BatchCheckLayerAvailability", "ecr:InitiateLayerUpload", "ecr:UploadLayerPart", "ecr:CompleteLayerUpload", "ecr:PutImage", "secretsmanager:GetSecretValue" ], "malformed": false, "name": "AWSECRPullThroughCache_ServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-13T15:23:16+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonRedshiftQueryEditorV2NoSharing", "createdate": "2024-02-21T17:25:07Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "redshift:DescribeClusters", "redshift-serverless:ListNamespaces", "redshift-serverless:ListWorkgroups", "secretsmanager:CreateSecret", "secretsmanager:GetSecretValue", "secretsmanager:DeleteSecret", "secretsmanager:TagResource", "tag:GetResources", "sqlworkbench:CreateFolder", "sqlworkbench:PutTab", "sqlworkbench:BatchDeleteFolder", "sqlworkbench:DeleteTab", "sqlworkbench:GenerateSession", "sqlworkbench:GetAccountInfo", "sqlworkbench:GetAccountSettings", "sqlworkbench:GetUserInfo", "sqlworkbench:GetUserWorkspaceSettings", "sqlworkbench:PutUserWorkspaceSettings", "sqlworkbench:ListConnections", "sqlworkbench:ListFiles", "sqlworkbench:ListTabs", "sqlworkbench:UpdateFolder", "sqlworkbench:ListRedshiftClusters", "sqlworkbench:DriverExecute", "sqlworkbench:ListTaggedResources", "sqlworkbench:ListQueryExecutionHistory", "sqlworkbench:GetQueryExecutionHistory", "sqlworkbench:ListNotebooks", "sqlworkbench:GetSchemaInference", "sqlworkbench:GetAutocompletionMetadata", "sqlworkbench:GetAutocompletionResource", "sqlworkbench:CreateConnection", "sqlworkbench:CreateSavedQuery", "sqlworkbench:CreateChart", "sqlworkbench:CreateNotebook", "sqlworkbench:DuplicateNotebook", "sqlworkbench:CreateNotebookFromVersion", "sqlworkbench:ImportNotebook", "sqlworkbench:DeleteChart", "sqlworkbench:DeleteConnection", "sqlworkbench:DeleteSavedQuery", "sqlworkbench:GetChart", "sqlworkbench:GetConnection", "sqlworkbench:GetSavedQuery", "sqlworkbench:ListSavedQueryVersions", "sqlworkbench:UpdateChart", "sqlworkbench:UpdateConnection", "sqlworkbench:UpdateSavedQuery", "sqlworkbench:AssociateConnectionWithTab", "sqlworkbench:AssociateQueryWithTab", "sqlworkbench:AssociateConnectionWithChart", "sqlworkbench:AssociateNotebookWithTab", "sqlworkbench:UpdateFileFolder", "sqlworkbench:ListTagsForResource", "sqlworkbench:GetNotebook", "sqlworkbench:UpdateNotebook", "sqlworkbench:DeleteNotebook", "sqlworkbench:DuplicateNotebook", "sqlworkbench:CreateNotebookCell", "sqlworkbench:DeleteNotebookCell", "sqlworkbench:UpdateNotebookCellContent", "sqlworkbench:UpdateNotebookCellLayout", "sqlworkbench:BatchGetNotebookCell", "sqlworkbench:ListNotebookVersions", "sqlworkbench:CreateNotebookVersion", "sqlworkbench:GetNotebookVersion", "sqlworkbench:DeleteNotebookVersion", "sqlworkbench:RestoreNotebookVersion", "sqlworkbench:CreateNotebookFromVersion", "sqlworkbench:ExportNotebook", "sqlworkbench:ImportNotebook", "sqlworkbench:TagResource" ], "malformed": false, "name": "AmazonRedshiftQueryEditorV2NoSharing", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-21T17:25:07+00:00", "version": "v9" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSAppSyncServiceRolePolicy", "createdate": "2020-01-21T19:56:53Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "xray:PutTraceSegments", "xray:PutTelemetryRecords", "xray:GetSamplingTargets", "xray:GetSamplingRules", "xray:GetSamplingStatisticSummaries" ], "malformed": false, "name": "AWSAppSyncServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-01-21T19:56:53+00:00", "version": "v1" }, { "access_levels": [ "List", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonTimestreamInfluxDBServiceRolePolicy", "createdate": "2024-03-14T18:53:21Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeNetworkInterfaces", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterface", "ec2:CreateTags", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterface", "cloudwatch:PutMetricData", "secretsmanager:CreateSecret", "secretsmanager:DeleteSecret" ], "malformed": false, "name": "AmazonTimestreamInfluxDBServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-14T18:53:21+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsEventsServiceRolePolicy", "createdate": "2022-02-22T09:53:59Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "codepipeline:StartPipelineExecution" ], "malformed": false, "name": "AmazonSageMakerServiceCatalogProductsEventsServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-02-22T09:53:59+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerUserSubscriptionsServiceRolePolicy", "createdate": "2022-11-21T19:51:42Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ds:DescribeDirectories", "ds:GetAuthorizedApplicationDetails", "ssm:GetInventory", "ssm:GetCommandInvocation", "ssm:ListCommandInvocations", "ssm:DescribeInstanceInformation", "ec2:DescribeInstances", "ec2:DescribeVpcPeeringConnections", "ec2:TerminateInstances", "ec2:CreateTags", "ssm:SendCommand", "ssm:SendCommand" ], "malformed": false, "name": "AWSLicenseManagerUserSubscriptionsServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-21T19:51:42+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonSSMFullAccess", "createdate": "2019-11-20T20:08:56Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudwatch:PutMetricData", "ds:CreateComputer", "ds:DescribeDirectories", "ec2:DescribeInstanceStatus", "logs:AssociateKmsKey", "logs:CancelExportTask", "logs:CreateDelivery", "logs:CreateExportTask", "logs:CreateLogAnomalyDetector", "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteAccountPolicy", "logs:DeleteDataProtectionPolicy", "logs:DeleteDelivery", "logs:DeleteDeliveryDestination", "logs:DeleteDeliveryDestinationPolicy", "logs:DeleteDeliverySource", "logs:DeleteDestination", "logs:DeleteLogAnomalyDetector", "logs:DeleteLogDelivery", "logs:DeleteLogGroup", "logs:DeleteLogStream", "logs:DeleteMetricFilter", "logs:DeleteQueryDefinition", "logs:DeleteResourcePolicy", "logs:DeleteRetentionPolicy", "logs:DeleteSubscriptionFilter", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:DisassociateKmsKey", "logs:FilterLogEvents", "logs:GetDataProtectionPolicy", "logs:GetDelivery", "logs:GetDeliveryDestination", "logs:GetDeliveryDestinationPolicy", "logs:GetDeliverySource", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetLogRecord", "logs:GetQueryResults", "logs:Link", "logs:ListAnomalies", "logs:ListLogAnomalyDetectors", "logs:ListLogDeliveries", "logs:ListTagsForResource", "logs:ListTagsLogGroup", "logs:PutAccountPolicy", "logs:PutDataProtectionPolicy", "logs:PutDeliveryDestination", "logs:PutDeliveryDestinationPolicy", "logs:PutDeliverySource", "logs:PutDestination", "logs:PutDestinationPolicy", "logs:PutLogEvents", "logs:PutMetricFilter", "logs:PutQueryDefinition", "logs:PutResourcePolicy", "logs:PutRetentionPolicy", "logs:PutSubscriptionFilter", "logs:StartLiveTail", "logs:StartQuery", "logs:StopLiveTail", "logs:StopQuery", "logs:TagLogGroup", "logs:TagResource", "logs:TestMetricFilter", "logs:Unmask", "logs:UntagLogGroup", "logs:UntagResource", "logs:UpdateAnomaly", "logs:UpdateLogAnomalyDetector", "logs:UpdateLogDelivery", "ssm:AddTagsToResource", "ssm:AssociateOpsItemRelatedItem", "ssm:CancelCommand", "ssm:CancelMaintenanceWindowExecution", "ssm:CreateActivation", "ssm:CreateAssociation", "ssm:CreateAssociationBatch", "ssm:CreateDocument", "ssm:CreateMaintenanceWindow", "ssm:CreateOpsItem", "ssm:CreateOpsMetadata", "ssm:CreatePatchBaseline", "ssm:CreateResourceDataSync", "ssm:DeleteActivation", "ssm:DeleteAssociation", "ssm:DeleteDocument", "ssm:DeleteInventory", "ssm:DeleteMaintenanceWindow", "ssm:DeleteOpsItem", "ssm:DeleteOpsMetadata", "ssm:DeleteParameter", "ssm:DeleteParameters", "ssm:DeletePatchBaseline", "ssm:DeleteResourceDataSync", "ssm:DeleteResourcePolicy", "ssm:DeregisterManagedInstance", "ssm:DeregisterPatchBaselineForPatchGroup", "ssm:DeregisterTargetFromMaintenanceWindow", "ssm:DeregisterTaskFromMaintenanceWindow", "ssm:DescribeActivations", "ssm:DescribeAssociation", "ssm:DescribeAssociationExecutionTargets", "ssm:DescribeAssociationExecutions", "ssm:DescribeAutomationExecutions", "ssm:DescribeAutomationStepExecutions", "ssm:DescribeAvailablePatches", "ssm:DescribeDocument", "ssm:DescribeDocumentParameters", "ssm:DescribeDocumentPermission", "ssm:DescribeEffectiveInstanceAssociations", "ssm:DescribeEffectivePatchesForPatchBaseline", "ssm:DescribeInstanceAssociationsStatus", "ssm:DescribeInstanceInformation", "ssm:DescribeInstancePatchStates", "ssm:DescribeInstancePatchStatesForPatchGroup", "ssm:DescribeInstancePatches", "ssm:DescribeInstanceProperties", "ssm:DescribeInventoryDeletions", "ssm:DescribeMaintenanceWindowExecutionTaskInvocations", "ssm:DescribeMaintenanceWindowExecutionTasks", "ssm:DescribeMaintenanceWindowExecutions", "ssm:DescribeMaintenanceWindowSchedule", "ssm:DescribeMaintenanceWindowTargets", "ssm:DescribeMaintenanceWindowTasks", "ssm:DescribeMaintenanceWindows", "ssm:DescribeMaintenanceWindowsForTarget", "ssm:DescribeOpsItems", "ssm:DescribeParameters", "ssm:DescribePatchBaselines", "ssm:DescribePatchGroupState", "ssm:DescribePatchGroups", "ssm:DescribePatchProperties", "ssm:DescribeSessions", "ssm:DisassociateOpsItemRelatedItem", "ssm:GetAutomationExecution", "ssm:GetCalendar", "ssm:GetCalendarState", "ssm:GetCommandInvocation", "ssm:GetConnectionStatus", "ssm:GetDefaultPatchBaseline", "ssm:GetDeployablePatchSnapshotForInstance", "ssm:GetDocument", "ssm:GetInventory", "ssm:GetInventorySchema", "ssm:GetMaintenanceWindow", "ssm:GetMaintenanceWindowExecution", "ssm:GetMaintenanceWindowExecutionTask", "ssm:GetMaintenanceWindowExecutionTaskInvocation", "ssm:GetMaintenanceWindowTask", "ssm:GetManifest", "ssm:GetOpsItem", "ssm:GetOpsMetadata", "ssm:GetOpsSummary", "ssm:GetParameter", "ssm:GetParameterHistory", "ssm:GetParameters", "ssm:GetParametersByPath", "ssm:GetPatchBaseline", "ssm:GetPatchBaselineForPatchGroup", "ssm:GetResourcePolicies", "ssm:GetServiceSetting", "ssm:LabelParameterVersion", "ssm:ListAssociationVersions", "ssm:ListAssociations", "ssm:ListCommandInvocations", "ssm:ListCommands", "ssm:ListComplianceItems", "ssm:ListComplianceSummaries", "ssm:ListDocumentMetadataHistory", "ssm:ListDocumentVersions", "ssm:ListDocuments", "ssm:ListInstanceAssociations", "ssm:ListInventoryEntries", "ssm:ListOpsItemEvents", "ssm:ListOpsItemRelatedItems", "ssm:ListOpsMetadata", "ssm:ListResourceComplianceSummaries", "ssm:ListResourceDataSync", "ssm:ListTagsForResource", "ssm:ModifyDocumentPermission", "ssm:PutCalendar", "ssm:PutComplianceItems", "ssm:PutConfigurePackageResult", "ssm:PutInventory", "ssm:PutParameter", "ssm:PutResourcePolicy", "ssm:RegisterDefaultPatchBaseline", "ssm:RegisterManagedInstance", "ssm:RegisterPatchBaselineForPatchGroup", "ssm:RegisterTargetWithMaintenanceWindow", "ssm:RegisterTaskWithMaintenanceWindow", "ssm:RemoveTagsFromResource", "ssm:ResetServiceSetting", "ssm:ResumeSession", "ssm:SendAutomationSignal", "ssm:SendCommand", "ssm:StartAssociationsOnce", "ssm:StartAutomationExecution", "ssm:StartChangeRequestExecution", "ssm:StartSession", "ssm:StopAutomationExecution", "ssm:TerminateSession", "ssm:UnlabelParameterVersion", "ssm:UpdateAssociation", "ssm:UpdateAssociationStatus", "ssm:UpdateDocument", "ssm:UpdateDocumentDefaultVersion", "ssm:UpdateDocumentMetadata", "ssm:UpdateInstanceAssociationStatus", "ssm:UpdateInstanceInformation", "ssm:UpdateMaintenanceWindow", "ssm:UpdateMaintenanceWindowTarget", "ssm:UpdateMaintenanceWindowTask", "ssm:UpdateManagedInstanceRole", "ssm:UpdateOpsItem", "ssm:UpdateOpsMetadata", "ssm:UpdatePatchBaseline", "ssm:UpdateResourceDataSync", "ssm:UpdateServiceSetting", "ec2messages:AcknowledgeMessage", "ec2messages:DeleteMessage", "ec2messages:FailMessage", "ec2messages:GetEndpoint", "ec2messages:GetMessages", "ec2messages:SendReply", "iam:CreateServiceLinkedRole", "iam:DeleteServiceLinkedRole", "iam:GetServiceLinkedRoleDeletionStatus", "ssmmessages:CreateControlChannel", "ssmmessages:CreateDataChannel", "ssmmessages:OpenControlChannel", "ssmmessages:OpenDataChannel" ], "malformed": false, "name": "AmazonSSMFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-11-20T20:08:56+00:00", "version": "v4" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AutoScalingNotificationAccessRole", "createdate": "2015-02-06T18:41:22Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "sqs:SendMessage", "sqs:GetQueueUrl", "sns:Publish" ], "malformed": false, "name": "AutoScalingNotificationAccessRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:41:22+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", "createdate": "2015-04-09T15:03:43Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "malformed": false, "name": "AWSLambdaBasicExecutionRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-04-09T15:03:43+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonRDSFullAccess", "createdate": "2023-08-17T23:00:17Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "rds:AddRoleToDBCluster", "rds:AddRoleToDBInstance", "rds:AddSourceIdentifierToSubscription", "rds:AddTagsToResource", "rds:ApplyPendingMaintenanceAction", "rds:AuthorizeDBSecurityGroupIngress", "rds:BacktrackDBCluster", "rds:CancelExportTask", "rds:CopyDBClusterParameterGroup", "rds:CopyDBClusterSnapshot", "rds:CopyDBParameterGroup", "rds:CopyDBSnapshot", "rds:CopyOptionGroup", "rds:CreateBlueGreenDeployment", "rds:CreateCustomDBEngineVersion", "rds:CreateDBCluster", "rds:CreateDBClusterEndpoint", "rds:CreateDBClusterParameterGroup", "rds:CreateDBClusterSnapshot", "rds:CreateDBInstance", "rds:CreateDBInstanceReadReplica", "rds:CreateDBParameterGroup", "rds:CreateDBProxy", "rds:CreateDBProxyEndpoint", "rds:CreateDBSecurityGroup", "rds:CreateDBShardGroup", "rds:CreateDBSnapshot", "rds:CreateDBSubnetGroup", "rds:CreateEventSubscription", "rds:CreateGlobalCluster", "rds:CreateIntegration", "rds:CreateOptionGroup", "rds:CreateTenantDatabase", "rds:CrossRegionCommunication", "rds:DeleteBlueGreenDeployment", "rds:DeleteCustomDBEngineVersion", "rds:DeleteDBCluster", "rds:DeleteDBClusterAutomatedBackup", "rds:DeleteDBClusterEndpoint", "rds:DeleteDBClusterParameterGroup", "rds:DeleteDBClusterSnapshot", "rds:DeleteDBInstance", "rds:DeleteDBInstanceAutomatedBackup", "rds:DeleteDBParameterGroup", "rds:DeleteDBProxy", "rds:DeleteDBProxyEndpoint", "rds:DeleteDBSecurityGroup", "rds:DeleteDBShardGroup", "rds:DeleteDBSnapshot", "rds:DeleteDBSubnetGroup", "rds:DeleteEventSubscription", "rds:DeleteGlobalCluster", "rds:DeleteIntegration", "rds:DeleteOptionGroup", "rds:DeleteTenantDatabase", "rds:DeregisterDBProxyTargets", "rds:DescribeAccountAttributes", "rds:DescribeBlueGreenDeployments", "rds:DescribeCertificates", "rds:DescribeDBClusterAutomatedBackups", "rds:DescribeDBClusterBacktracks", "rds:DescribeDBClusterEndpoints", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBProxies", "rds:DescribeDBProxyEndpoints", "rds:DescribeDBProxyTargetGroups", "rds:DescribeDBProxyTargets", "rds:DescribeDBRecommendations", "rds:DescribeDBSecurityGroups", "rds:DescribeDBShardGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeDbSnapshotTenantDatabases", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeExportTasks", "rds:DescribeGlobalClusters", "rds:DescribeIntegrations", "rds:DescribeOptionGroupOptions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeRecommendationGroups", "rds:DescribeRecommendations", "rds:DescribeReservedDBInstances", "rds:DescribeReservedDBInstancesOfferings", "rds:DescribeSourceRegions", "rds:DescribeTenantDatabases", "rds:DescribeValidDBInstanceModifications", "rds:DisableHttpEndpoint", "rds:DownloadCompleteDBLogFile", "rds:DownloadDBLogFilePortion", "rds:EnableHttpEndpoint", "rds:FailoverDBCluster", "rds:FailoverGlobalCluster", "rds:ListTagsForResource", "rds:ModifyActivityStream", "rds:ModifyCertificates", "rds:ModifyCurrentDBClusterCapacity", "rds:ModifyCustomDBEngineVersion", "rds:ModifyDBCluster", "rds:ModifyDBClusterEndpoint", "rds:ModifyDBClusterParameterGroup", "rds:ModifyDBClusterSnapshotAttribute", "rds:ModifyDBInstance", "rds:ModifyDBParameterGroup", "rds:ModifyDBProxy", "rds:ModifyDBProxyEndpoint", "rds:ModifyDBProxyTargetGroup", "rds:ModifyDBRecommendation", "rds:ModifyDBShardGroup", "rds:ModifyDBSnapshot", "rds:ModifyDBSnapshotAttribute", "rds:ModifyDBSubnetGroup", "rds:ModifyEventSubscription", "rds:ModifyGlobalCluster", "rds:ModifyIntegration", "rds:ModifyOptionGroup", "rds:ModifyRecommendation", "rds:ModifyTenantDatabase", "rds:PromoteReadReplica", "rds:PromoteReadReplicaDBCluster", "rds:PurchaseReservedDBInstancesOffering", "rds:RebootDBCluster", "rds:RebootDBInstance", "rds:RebootDBShardGroup", "rds:RegisterDBProxyTargets", "rds:RemoveFromGlobalCluster", "rds:RemoveRoleFromDBCluster", "rds:RemoveRoleFromDBInstance", "rds:RemoveSourceIdentifierFromSubscription", "rds:RemoveTagsFromResource", "rds:ResetDBClusterParameterGroup", "rds:ResetDBParameterGroup", "rds:RestoreDBClusterFromS3", "rds:RestoreDBClusterFromSnapshot", "rds:RestoreDBClusterToPointInTime", "rds:RestoreDBInstanceFromDBSnapshot", "rds:RestoreDBInstanceFromS3", "rds:RestoreDBInstanceToPointInTime", "rds:RevokeDBSecurityGroupIngress", "rds:StartActivityStream", "rds:StartDBCluster", "rds:StartDBInstance", "rds:StartDBInstanceAutomatedBackupsReplication", "rds:StartExportTask", "rds:StopActivityStream", "rds:StopDBCluster", "rds:StopDBInstance", "rds:StopDBInstanceAutomatedBackupsReplication", "rds:SwitchoverBlueGreenDeployment", "rds:SwitchoverGlobalCluster", "rds:SwitchoverReadReplica", "application-autoscaling:DeleteScalingPolicy", "application-autoscaling:DeregisterScalableTarget", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingActivities", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:PutScalingPolicy", "application-autoscaling:RegisterScalableTarget", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricStatistics", "cloudwatch:PutMetricAlarm", "cloudwatch:DeleteAlarms", "cloudwatch:ListMetrics", "cloudwatch:GetMetricData", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", "ec2:DescribeCoipPools", "ec2:DescribeInternetGateways", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGateways", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcs", "ec2:GetCoipPoolUsage", "sns:ListSubscriptions", "sns:ListTopics", "sns:Publish", "logs:DescribeLogStreams", "logs:GetLogEvents", "outposts:GetOutpostInstanceTypes", "devops-guru:GetResourceCollection", "pi:CreatePerformanceAnalysisReport", "pi:DeletePerformanceAnalysisReport", "pi:DescribeDimensionKeys", "pi:GetDimensionKeyDetails", "pi:GetPerformanceAnalysisReport", "pi:GetResourceMetadata", "pi:GetResourceMetrics", "pi:ListAvailableResourceDimensions", "pi:ListAvailableResourceMetrics", "pi:ListPerformanceAnalysisReports", "pi:ListTagsForResource", "pi:TagResource", "pi:UntagResource", "iam:CreateServiceLinkedRole", "devops-guru:SearchInsights", "devops-guru:ListAnomaliesForInsight" ], "malformed": false, "name": "AmazonRDSFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-08-17T23:00:17+00:00", "version": "v14" }, { "access_levels": [ "List", "Read" ], "arn": null, "createdate": "2017-08-08T18:58:57Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "s3:GetObject", "servicecatalog:DescribeProduct", "servicecatalog:DescribeProductView", "servicecatalog:DescribeProvisioningParameters", "servicecatalog:ListLaunchPaths", "servicecatalog:SearchProducts", "servicecatalog:ListRecordHistory", "servicecatalog:DescribeProvisionedProduct", "servicecatalog:DescribeRecord", "servicecatalog:ScanProvisionedProducts" ], "malformed": false, "name": "ServiceCatalogEndUserAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": true, "updatedate": null, "version": "v4" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSCodeDeployDeployerAccess", "createdate": "2020-04-02T16:16:11Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "codedeploy:BatchGetApplicationRevisions", "codedeploy:BatchGetApplications", "codedeploy:BatchGetDeploymentGroups", "codedeploy:BatchGetDeploymentInstances", "codedeploy:BatchGetDeploymentTargets", "codedeploy:BatchGetDeployments", "codedeploy:BatchGetOnPremisesInstances", "codedeploy:CreateDeployment", "codedeploy:GetApplication", "codedeploy:GetApplicationRevision", "codedeploy:GetDeployment", "codedeploy:GetDeploymentConfig", "codedeploy:GetDeploymentGroup", "codedeploy:GetDeploymentInstance", "codedeploy:GetDeploymentTarget", "codedeploy:GetOnPremisesInstance", "codedeploy:ListApplicationRevisions", "codedeploy:ListApplications", "codedeploy:ListDeploymentConfigs", "codedeploy:ListDeploymentGroups", "codedeploy:ListDeploymentInstances", "codedeploy:ListDeploymentTargets", "codedeploy:ListDeployments", "codedeploy:ListGitHubAccountTokenNames", "codedeploy:ListOnPremisesInstances", "codedeploy:ListTagsForResource", "codedeploy:RegisterApplicationRevision", "codestar-notifications:CreateNotificationRule", "codestar-notifications:DescribeNotificationRule", "codestar-notifications:UpdateNotificationRule", "codestar-notifications:Subscribe", "codestar-notifications:Unsubscribe", "codestar-notifications:ListNotificationRules", "codestar-notifications:ListTargets", "codestar-notifications:ListTagsForResource", "codestar-notifications:ListEventTypes", "chatbot:DescribeSlackChannelConfigurations", "sns:ListTopics" ], "malformed": false, "name": "AWSCodeDeployDeployerAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-04-02T16:16:11+00:00", "version": "v3" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryFailbackInstallationPolicy", "createdate": "2023-11-27T13:43:08Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "drs:SendClientLogsForDrs", "drs:SendClientMetricsForDrs", "drs:DescribeRecoveryInstances", "drs:DescribeSourceServers", "drs:TagResource", "drs:IssueAgentCertificateForDrs", "drs:AssociateFailbackClientToRecoveryInstanceForDrs", "drs:GetSuggestedFailbackClientDeviceMappingForDrs", "drs:UpdateAgentReplicationInfoForDrs", "drs:UpdateFailbackClientDeviceMappingForDrs" ], "malformed": false, "name": "AWSElasticDisasterRecoveryFailbackInstallationPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-27T13:43:08+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorNetworkAccess", "createdate": "2024-01-25T16:07:44Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateTags", "ec2:CreateNetworkAcl", "ec2:CreateNetworkAclEntry", "ec2:DeleteNetworkAcl", "ec2:CreateNetworkAcl", "ec2:DescribeVpcs", "ec2:DescribeManagedPrefixLists", "ec2:DescribeSubnets", "ec2:DescribeNetworkAcls", "ec2:DescribeVpcEndpoints", "ec2:DescribeNetworkInterfaces", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeRouteTables", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGateways", "ec2:ReplaceNetworkAclAssociation", "ec2:GetManagedPrefixListEntries", "ec2:CreateRouteTable", "ec2:CreateRouteTable", "ec2:CreateTags", "ec2:CreateTags", "ec2:CreateTags", "ec2:DeleteRouteTable", "ec2:CreateRoute", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:CreateManagedPrefixList", "ec2:DeleteManagedPrefixList", "ec2:ModifyManagedPrefixList", "ec2:ReplaceRouteTableAssociation", "ec2:AssociateRouteTable", "ec2:DisassociateRouteTable", "ec2:DisassociateRouteTable", "ec2:ModifyVpcEndpoint", "ec2:ModifyVpcEndpoint", "ec2:DisassociateTransitGatewayRouteTable", "ec2:AssociateTransitGatewayRouteTable" ], "malformed": false, "name": "AWSFaultInjectionSimulatorNetworkAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-25T16:07:44+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/VPCLatticeReadOnlyAccess", "createdate": "2023-03-30T02:47:25Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "vpc-lattice:GetAccessLogSubscription", "vpc-lattice:GetAuthPolicy", "vpc-lattice:GetListener", "vpc-lattice:GetResourcePolicy", "vpc-lattice:GetRule", "vpc-lattice:GetService", "vpc-lattice:GetServiceNetwork", "vpc-lattice:GetServiceNetworkServiceAssociation", "vpc-lattice:GetServiceNetworkVpcAssociation", "vpc-lattice:GetTargetGroup", "vpc-lattice:ListAccessLogSubscriptions", "vpc-lattice:ListListeners", "vpc-lattice:ListRules", "vpc-lattice:ListServiceNetworkServiceAssociations", "vpc-lattice:ListServiceNetworkVpcAssociations", "vpc-lattice:ListServiceNetworks", "vpc-lattice:ListServices", "vpc-lattice:ListTagsForResource", "vpc-lattice:ListTargetGroups", "vpc-lattice:ListTargets", "acm:DescribeCertificate", "acm:ListCertificates", "cloudwatch:GetMetricData", "ec2:DescribeInstances", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcs", "elasticloadbalancing:DescribeLoadBalancers", "firehose:DescribeDeliveryStream", "firehose:ListDeliveryStreams", "lambda:ListAliases", "lambda:ListFunctions", "lambda:ListVersionsByFunction", "logs:DescribeLogGroups", "logs:GetLogDelivery", "logs:ListLogDeliveries", "s3:ListAllMyBuckets" ], "malformed": false, "name": "VPCLatticeReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-30T02:47:25+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSEntityResolutionConsoleReadOnlyAccess", "createdate": "2023-08-17T18:18:36Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "entityresolution:GetIdMappingJob", "entityresolution:GetIdMappingWorkflow", "entityresolution:GetIdNamespace", "entityresolution:GetMatchId", "entityresolution:GetMatchingJob", "entityresolution:GetMatchingWorkflow", "entityresolution:GetPolicy", "entityresolution:GetProviderService", "entityresolution:GetSchemaMapping", "entityresolution:ListIdMappingJobs", "entityresolution:ListIdMappingWorkflows", "entityresolution:ListIdNamespaces", "entityresolution:ListMatchingJobs", "entityresolution:ListMatchingWorkflows", "entityresolution:ListProviderServices", "entityresolution:ListSchemaMappings", "entityresolution:ListTagsForResource" ], "malformed": false, "name": "AWSEntityResolutionConsoleReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-08-17T18:18:36+00:00", "version": "v1" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AppRunnerNetworkingServiceRolePolicy", "createdate": "2022-01-12T21:02:40Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeNetworkInterfaces", "ec2:DescribeVpcs", "ec2:DescribeDhcpOptions", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "ec2:CreateNetworkInterface", "ec2:CreateTags", "ec2:DeleteNetworkInterface" ], "malformed": false, "name": "AppRunnerNetworkingServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-01-12T21:02:40+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSTransferLoggingAccess", "createdate": "2019-01-14T15:32:50Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:CreateLogStream", "logs:DescribeLogStreams", "logs:CreateLogGroup", "logs:PutLogEvents" ], "malformed": false, "name": "AWSTransferLoggingAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-01-14T15:32:50+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AwsGlueSessionUserRestrictedPolicy", "createdate": "2022-04-14T21:31:01Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "glue:CreateSession", "glue:RunStatement", "glue:GetStatement", "glue:ListStatements", "glue:CancelStatement", "glue:StopSession", "glue:DeleteSession", "glue:GetSession", "glue:ListSessions", "iam:PassRole" ], "malformed": false, "name": "AwsGlueSessionUserRestrictedPolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-04-14T21:31:01+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/MigrationHubServiceRolePolicy", "createdate": "2020-08-06T18:08:46Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "discovery:ListConfigurations", "discovery:DescribeConfigurations", "ec2:CreateTags", "dms:AddTagsToResource", "ec2:DescribeInstanceAttribute" ], "malformed": false, "name": "MigrationHubServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-08-06T18:08:46+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonCodeCatalystReadOnlyAccess", "createdate": "2023-04-20T16:49:12Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "codecatalyst:GetBillingAuthorization", "codecatalyst:GetConnection", "codecatalyst:GetIdentityCenterApplication", "codecatalyst:GetPendingConnection", "codecatalyst:ListConnections", "codecatalyst:ListIamRolesForConnection", "codecatalyst:ListIdentityCenterApplications", "codecatalyst:ListIdentityCenterApplicationsForSpace", "codecatalyst:ListSpacesForIdentityCenterApplication", "codecatalyst:ListTagsForResource" ], "malformed": false, "name": "AmazonCodeCatalystReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-20T16:49:12+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderAddThingsToThingGroupMitigationAction", "createdate": "2019-08-07T17:55:37Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iot:ListPrincipalThings", "iot:AddThingToThingGroup" ], "malformed": false, "name": "AWSIoTDeviceDefenderAddThingsToThingGroupMitigationAction", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-08-07T17:55:37+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonSESFullAccess", "createdate": "2015-02-06T18:41:02Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ses:CreateConfigurationSet", "ses:CreateConfigurationSetEventDestination", "ses:CreateDedicatedIpPool", "ses:CreateDeliverabilityTestReport", "ses:CreateEmailIdentity", "ses:DeleteConfigurationSet", "ses:DeleteConfigurationSetEventDestination", "ses:DeleteDedicatedIpPool", "ses:DeleteEmailIdentity", "ses:GetAccount", "ses:GetBlacklistReports", "ses:GetConfigurationSet", "ses:GetConfigurationSetEventDestinations", "ses:GetDedicatedIp", "ses:GetDedicatedIps", "ses:GetDeliverabilityDashboardOptions", "ses:GetDeliverabilityTestReport", "ses:GetDomainDeliverabilityCampaign", "ses:GetDomainStatisticsReport", "ses:GetEmailIdentity", "ses:ListConfigurationSets", "ses:ListDedicatedIpPools", "ses:ListDeliverabilityTestReports", "ses:ListDomainDeliverabilityCampaigns", "ses:ListEmailIdentities", "ses:ListTagsForResource", "ses:PutAccountDedicatedIpWarmupAttributes", "ses:PutAccountSendingAttributes", "ses:PutConfigurationSetDeliveryOptions", "ses:PutConfigurationSetReputationOptions", "ses:PutConfigurationSetSendingOptions", "ses:PutConfigurationSetTrackingOptions", "ses:PutDedicatedIpInPool", "ses:PutDedicatedIpWarmupAttributes", "ses:PutDeliverabilityDashboardOption", "ses:PutEmailIdentityDkimAttributes", "ses:PutEmailIdentityFeedbackAttributes", "ses:PutEmailIdentityMailFromAttributes", "ses:SendEmail", "ses:TagResource", "ses:UntagResource", "ses:UpdateConfigurationSetEventDestination", "ses:CloneReceiptRuleSet", "ses:CreateConfigurationSetTrackingOptions", "ses:CreateCustomVerificationEmailTemplate", "ses:CreateReceiptFilter", "ses:CreateReceiptRule", "ses:CreateReceiptRuleSet", "ses:CreateTemplate", "ses:DeleteConfigurationSetTrackingOptions", "ses:DeleteCustomVerificationEmailTemplate", "ses:DeleteIdentity", "ses:DeleteIdentityPolicy", "ses:DeleteReceiptFilter", "ses:DeleteReceiptRule", "ses:DeleteReceiptRuleSet", "ses:DeleteTemplate", "ses:DeleteVerifiedEmailAddress", "ses:DescribeActiveReceiptRuleSet", "ses:DescribeConfigurationSet", "ses:DescribeReceiptRule", "ses:DescribeReceiptRuleSet", "ses:GetAccountSendingEnabled", "ses:GetCustomVerificationEmailTemplate", "ses:GetIdentityDkimAttributes", "ses:GetIdentityMailFromDomainAttributes", "ses:GetIdentityNotificationAttributes", "ses:GetIdentityPolicies", "ses:GetIdentityVerificationAttributes", "ses:GetSendQuota", "ses:GetSendStatistics", "ses:GetTemplate", "ses:ListCustomVerificationEmailTemplates", "ses:ListIdentities", "ses:ListIdentityPolicies", "ses:ListReceiptFilters", "ses:ListReceiptRuleSets", "ses:ListTemplates", "ses:ListVerifiedEmailAddresses", "ses:PutIdentityPolicy", "ses:ReorderReceiptRuleSet", "ses:SendBounce", "ses:SendBulkTemplatedEmail", "ses:SendCustomVerificationEmail", "ses:SendRawEmail", "ses:SendTemplatedEmail", "ses:SetActiveReceiptRuleSet", "ses:SetIdentityDkimEnabled", "ses:SetIdentityFeedbackForwardingEnabled", "ses:SetIdentityHeadersInNotificationsEnabled", "ses:SetIdentityMailFromDomain", "ses:SetIdentityNotificationTopic", "ses:SetReceiptRulePosition", "ses:TestRenderTemplate", "ses:UpdateAccountSendingEnabled", "ses:UpdateConfigurationSetReputationMetricsEnabled", "ses:UpdateConfigurationSetSendingEnabled", "ses:UpdateConfigurationSetTrackingOptions", "ses:UpdateCustomVerificationEmailTemplate", "ses:UpdateReceiptRule", "ses:UpdateTemplate", "ses:VerifyDomainDkim", "ses:VerifyDomainIdentity", "ses:VerifyEmailAddress", "ses:VerifyEmailIdentity", "ses:BatchGetMetricData", "ses:CancelExportJob", "ses:CreateContact", "ses:CreateContactList", "ses:CreateEmailIdentityPolicy", "ses:CreateEmailTemplate", "ses:CreateExportJob", "ses:CreateImportJob", "ses:DeleteContact", "ses:DeleteContactList", "ses:DeleteEmailIdentityPolicy", "ses:DeleteEmailTemplate", "ses:DeleteSuppressedDestination", "ses:GetContact", "ses:GetContactList", "ses:GetDedicatedIpPool", "ses:GetEmailIdentityPolicies", "ses:GetEmailTemplate", "ses:GetExportJob", "ses:GetImportJob", "ses:GetMessageInsights", "ses:GetSuppressedDestination", "ses:ListContactLists", "ses:ListContacts", "ses:ListEmailTemplates", "ses:ListExportJobs", "ses:ListImportJobs", "ses:ListRecommendations", "ses:ListSuppressedDestinations", "ses:PutAccountDetails", "ses:PutAccountSuppressionAttributes", "ses:PutAccountVdmAttributes", "ses:PutConfigurationSetSuppressionOptions", "ses:PutConfigurationSetVdmOptions", "ses:PutDedicatedIpPoolScalingAttributes", "ses:PutEmailIdentityConfigurationSetAttributes", "ses:PutEmailIdentityDkimSigningAttributes", "ses:PutSuppressedDestination", "ses:SendBulkEmail", "ses:TestRenderEmailTemplate", "ses:UpdateContact", "ses:UpdateContactList", "ses:UpdateEmailIdentityPolicy", "ses:UpdateEmailTemplate" ], "malformed": false, "name": "AmazonSESFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:41:02+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSSecurityHubOrganizationsAccess", "createdate": "2023-11-16T21:13:44Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:ListAccounts", "organizations:DescribeOrganization", "organizations:ListRoots", "organizations:ListDelegatedAdministrators", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListOrganizationalUnitsForParent", "organizations:ListAccountsForParent", "organizations:DescribeAccount", "organizations:DescribeOrganizationalUnit", "organizations:EnableAWSServiceAccess", "organizations:RegisterDelegatedAdministrator", "organizations:DeregisterDelegatedAdministrator" ], "malformed": false, "name": "AWSSecurityHubOrganizationsAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-16T21:13:44+00:00", "version": "v2" }, { "access_levels": [ "List" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/LakeFormationDataAccessServiceRolePolicy", "createdate": "2024-02-06T18:37:31Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "s3:ListAllMyBuckets" ], "malformed": false, "name": "LakeFormationDataAccessServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-06T18:37:31+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonSageMakerFullAccess", "createdate": "2024-03-29T17:35:49Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "sagemaker:AddAssociation", "sagemaker:AddTags", "sagemaker:AssociateTrialComponent", "sagemaker:BatchDescribeModelPackage", "sagemaker:BatchGetMetrics", "sagemaker:BatchGetRecord", "sagemaker:BatchPutMetrics", "sagemaker:CreateAction", "sagemaker:CreateAlgorithm", "sagemaker:CreateApp", "sagemaker:CreateAppImageConfig", "sagemaker:CreateArtifact", "sagemaker:CreateAutoMLJob", "sagemaker:CreateAutoMLJobV2", "sagemaker:CreateCluster", "sagemaker:CreateCodeRepository", "sagemaker:CreateCompilationJob", "sagemaker:CreateContext", "sagemaker:CreateDataQualityJobDefinition", "sagemaker:CreateDeviceFleet", "sagemaker:CreateDomain", "sagemaker:CreateEdgeDeploymentPlan", "sagemaker:CreateEdgeDeploymentStage", "sagemaker:CreateEdgePackagingJob", "sagemaker:CreateEndpoint", "sagemaker:CreateEndpointConfig", "sagemaker:CreateExperiment", "sagemaker:CreateFeatureGroup", "sagemaker:CreateFlowDefinition", "sagemaker:CreateHub", "sagemaker:CreateHumanTaskUi", "sagemaker:CreateHyperParameterTuningJob", "sagemaker:CreateImage", "sagemaker:CreateImageVersion", "sagemaker:CreateInferenceComponent", "sagemaker:CreateInferenceExperiment", "sagemaker:CreateInferenceRecommendationsJob", "sagemaker:CreateLabelingJob", "sagemaker:CreateLineageGroupPolicy", "sagemaker:CreateModel", "sagemaker:CreateModelBiasJobDefinition", "sagemaker:CreateModelCard", "sagemaker:CreateModelCardExportJob", "sagemaker:CreateModelExplainabilityJobDefinition", "sagemaker:CreateModelPackage", "sagemaker:CreateModelPackageGroup", "sagemaker:CreateModelQualityJobDefinition", "sagemaker:CreateMonitoringSchedule", "sagemaker:CreateNotebookInstance", "sagemaker:CreateNotebookInstanceLifecycleConfig", "sagemaker:CreatePipeline", "sagemaker:CreatePresignedDomainUrl", "sagemaker:CreatePresignedNotebookInstanceUrl", "sagemaker:CreateProcessingJob", "sagemaker:CreateProject", "sagemaker:CreateSharedModel", "sagemaker:CreateSpace", "sagemaker:CreateStudioLifecycleConfig", "sagemaker:CreateTrainingJob", "sagemaker:CreateTransformJob", "sagemaker:CreateTrial", "sagemaker:CreateTrialComponent", "sagemaker:CreateUserProfile", "sagemaker:CreateWorkforce", "sagemaker:CreateWorkteam", "sagemaker:DeleteAction", "sagemaker:DeleteAlgorithm", "sagemaker:DeleteApp", "sagemaker:DeleteAppImageConfig", "sagemaker:DeleteArtifact", "sagemaker:DeleteAssociation", "sagemaker:DeleteCluster", "sagemaker:DeleteCodeRepository", "sagemaker:DeleteCompilationJob", "sagemaker:DeleteContext", "sagemaker:DeleteDataQualityJobDefinition", "sagemaker:DeleteDeviceFleet", "sagemaker:DeleteDomain", "sagemaker:DeleteEdgeDeploymentPlan", "sagemaker:DeleteEdgeDeploymentStage", "sagemaker:DeleteEndpoint", "sagemaker:DeleteEndpointConfig", "sagemaker:DeleteExperiment", "sagemaker:DeleteFeatureGroup", "sagemaker:DeleteFlowDefinition", "sagemaker:DeleteHub", "sagemaker:DeleteHubContent", "sagemaker:DeleteHumanLoop", "sagemaker:DeleteHumanTaskUi", "sagemaker:DeleteHyperParameterTuningJob", "sagemaker:DeleteImage", "sagemaker:DeleteImageVersion", "sagemaker:DeleteInferenceComponent", "sagemaker:DeleteInferenceExperiment", "sagemaker:DeleteLineageGroupPolicy", "sagemaker:DeleteModel", "sagemaker:DeleteModelBiasJobDefinition", "sagemaker:DeleteModelCard", "sagemaker:DeleteModelExplainabilityJobDefinition", "sagemaker:DeleteModelPackage", "sagemaker:DeleteModelPackageGroup", "sagemaker:DeleteModelPackageGroupPolicy", "sagemaker:DeleteModelQualityJobDefinition", "sagemaker:DeleteMonitoringSchedule", "sagemaker:DeleteNotebookInstance", "sagemaker:DeleteNotebookInstanceLifecycleConfig", "sagemaker:DeletePipeline", "sagemaker:DeleteProject", "sagemaker:DeleteRecord", "sagemaker:DeleteResourcePolicy", "sagemaker:DeleteSpace", "sagemaker:DeleteStudioLifecycleConfig", "sagemaker:DeleteTags", "sagemaker:DeleteTrial", "sagemaker:DeleteTrialComponent", "sagemaker:DeleteUserProfile", "sagemaker:DeleteWorkforce", "sagemaker:DeleteWorkteam", "sagemaker:DeregisterDevices", "sagemaker:DescribeAction", "sagemaker:DescribeAlgorithm", "sagemaker:DescribeApp", "sagemaker:DescribeAppImageConfig", "sagemaker:DescribeArtifact", "sagemaker:DescribeAutoMLJob", "sagemaker:DescribeAutoMLJobV2", "sagemaker:DescribeCluster", "sagemaker:DescribeClusterNode", "sagemaker:DescribeCodeRepository", "sagemaker:DescribeCompilationJob", "sagemaker:DescribeContext", "sagemaker:DescribeDataQualityJobDefinition", "sagemaker:DescribeDevice", "sagemaker:DescribeDeviceFleet", "sagemaker:DescribeDomain", "sagemaker:DescribeEdgeDeploymentPlan", "sagemaker:DescribeEdgePackagingJob", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeExperiment", "sagemaker:DescribeFeatureGroup", "sagemaker:DescribeFeatureMetadata", "sagemaker:DescribeFlowDefinition", "sagemaker:DescribeHub", "sagemaker:DescribeHubContent", "sagemaker:DescribeHumanLoop", "sagemaker:DescribeHumanTaskUi", "sagemaker:DescribeHyperParameterTuningJob", "sagemaker:DescribeImage", "sagemaker:DescribeImageVersion", "sagemaker:DescribeInferenceComponent", "sagemaker:DescribeInferenceExperiment", "sagemaker:DescribeInferenceRecommendationsJob", "sagemaker:DescribeLabelingJob", "sagemaker:DescribeLineageGroup", "sagemaker:DescribeModel", "sagemaker:DescribeModelBiasJobDefinition", "sagemaker:DescribeModelCard", "sagemaker:DescribeModelCardExportJob", "sagemaker:DescribeModelExplainabilityJobDefinition", "sagemaker:DescribeModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:DescribeModelQualityJobDefinition", "sagemaker:DescribeMonitoringSchedule", "sagemaker:DescribeNotebookInstance", "sagemaker:DescribeNotebookInstanceLifecycleConfig", "sagemaker:DescribePipeline", "sagemaker:DescribePipelineDefinitionForExecution", "sagemaker:DescribePipelineExecution", "sagemaker:DescribeProcessingJob", "sagemaker:DescribeProject", "sagemaker:DescribeSharedModel", "sagemaker:DescribeSpace", "sagemaker:DescribeStudioLifecycleConfig", "sagemaker:DescribeSubscribedWorkteam", "sagemaker:DescribeTrainingJob", "sagemaker:DescribeTransformJob", "sagemaker:DescribeTrial", "sagemaker:DescribeTrialComponent", "sagemaker:DescribeUserProfile", "sagemaker:DescribeWorkforce", "sagemaker:DescribeWorkteam", "sagemaker:DisableSagemakerServicecatalogPortfolio", "sagemaker:DisassociateTrialComponent", "sagemaker:EnableSagemakerServicecatalogPortfolio", "sagemaker:GetDeployments", "sagemaker:GetDeviceFleetReport", "sagemaker:GetDeviceRegistration", "sagemaker:GetLineageGroupPolicy", "sagemaker:GetModelPackageGroupPolicy", "sagemaker:GetRecord", "sagemaker:GetResourcePolicy", "sagemaker:GetSagemakerServicecatalogPortfolioStatus", "sagemaker:GetScalingConfigurationRecommendation", "sagemaker:GetSearchSuggestions", "sagemaker:ImportHubContent", "sagemaker:InvokeEndpoint", "sagemaker:InvokeEndpointAsync", "sagemaker:InvokeEndpointWithResponseStream", "sagemaker:ListActions", "sagemaker:ListAlgorithms", "sagemaker:ListAliases", "sagemaker:ListAppImageConfigs", "sagemaker:ListApps", "sagemaker:ListArtifacts", "sagemaker:ListAssociations", "sagemaker:ListAutoMLJobs", "sagemaker:ListCandidatesForAutoMLJob", "sagemaker:ListClusterNodes", "sagemaker:ListClusters", "sagemaker:ListCodeRepositories", "sagemaker:ListCompilationJobs", "sagemaker:ListContexts", "sagemaker:ListDataQualityJobDefinitions", "sagemaker:ListDeviceFleets", "sagemaker:ListDevices", "sagemaker:ListDomains", "sagemaker:ListEdgeDeploymentPlans", "sagemaker:ListEdgePackagingJobs", "sagemaker:ListEndpointConfigs", "sagemaker:ListEndpoints", "sagemaker:ListExperiments", "sagemaker:ListFeatureGroups", "sagemaker:ListFlowDefinitions", "sagemaker:ListHubContentVersions", "sagemaker:ListHubContents", "sagemaker:ListHubs", "sagemaker:ListHumanLoops", "sagemaker:ListHumanTaskUis", "sagemaker:ListHyperParameterTuningJobs", "sagemaker:ListImageVersions", "sagemaker:ListImages", "sagemaker:ListInferenceComponents", "sagemaker:ListInferenceExperiments", "sagemaker:ListInferenceRecommendationsJobSteps", "sagemaker:ListInferenceRecommendationsJobs", "sagemaker:ListLabelingJobs", "sagemaker:ListLabelingJobsForWorkteam", "sagemaker:ListLineageGroups", "sagemaker:ListModelBiasJobDefinitions", "sagemaker:ListModelCardExportJobs", "sagemaker:ListModelCardVersions", "sagemaker:ListModelCards", "sagemaker:ListModelExplainabilityJobDefinitions", "sagemaker:ListModelMetadata", "sagemaker:ListModelPackageGroups", "sagemaker:ListModelPackages", "sagemaker:ListModelQualityJobDefinitions", "sagemaker:ListModels", "sagemaker:ListMonitoringAlertHistory", "sagemaker:ListMonitoringAlerts", "sagemaker:ListMonitoringExecutions", "sagemaker:ListMonitoringSchedules", "sagemaker:ListNotebookInstanceLifecycleConfigs", "sagemaker:ListNotebookInstances", "sagemaker:ListPipelineExecutionSteps", "sagemaker:ListPipelineExecutions", "sagemaker:ListPipelineParametersForExecution", "sagemaker:ListPipelines", "sagemaker:ListProcessingJobs", "sagemaker:ListProjects", "sagemaker:ListResourceCatalogs", "sagemaker:ListSharedModelEvents", "sagemaker:ListSharedModelVersions", "sagemaker:ListSharedModels", "sagemaker:ListSpaces", "sagemaker:ListStageDevices", "sagemaker:ListStudioLifecycleConfigs", "sagemaker:ListSubscribedWorkteams", "sagemaker:ListTags", "sagemaker:ListTrainingJobs", "sagemaker:ListTrainingJobsForHyperParameterTuningJob", "sagemaker:ListTransformJobs", "sagemaker:ListTrialComponents", "sagemaker:ListTrials", "sagemaker:ListUserProfiles", "sagemaker:ListWorkforces", "sagemaker:ListWorkteams", "sagemaker:PutLineageGroupPolicy", "sagemaker:PutModelPackageGroupPolicy", "sagemaker:PutRecord", "sagemaker:PutResourcePolicy", "sagemaker:QueryLineage", "sagemaker:RegisterDevices", "sagemaker:RenderUiTemplate", "sagemaker:RetryPipelineExecution", "sagemaker:Search", "sagemaker:SendHeartbeat", "sagemaker:SendPipelineExecutionStepFailure", "sagemaker:SendPipelineExecutionStepSuccess", "sagemaker:SendSharedModelEvent", "sagemaker:StartEdgeDeploymentStage", "sagemaker:StartHumanLoop", "sagemaker:StartInferenceExperiment", "sagemaker:StartMonitoringSchedule", "sagemaker:StartNotebookInstance", "sagemaker:StartPipelineExecution", "sagemaker:StopAutoMLJob", "sagemaker:StopCompilationJob", "sagemaker:StopEdgeDeploymentStage", "sagemaker:StopEdgePackagingJob", "sagemaker:StopHumanLoop", "sagemaker:StopHyperParameterTuningJob", "sagemaker:StopInferenceExperiment", "sagemaker:StopInferenceRecommendationsJob", "sagemaker:StopLabelingJob", "sagemaker:StopMonitoringSchedule", "sagemaker:StopNotebookInstance", "sagemaker:StopPipelineExecution", "sagemaker:StopProcessingJob", "sagemaker:StopTrainingJob", "sagemaker:StopTransformJob", "sagemaker:UpdateAction", "sagemaker:UpdateAppImageConfig", "sagemaker:UpdateArtifact", "sagemaker:UpdateCluster", "sagemaker:UpdateClusterSoftware", "sagemaker:UpdateCodeRepository", "sagemaker:UpdateContext", "sagemaker:UpdateDeviceFleet", "sagemaker:UpdateDevices", "sagemaker:UpdateDomain", "sagemaker:UpdateEndpoint", "sagemaker:UpdateEndpointWeightsAndCapacities", "sagemaker:UpdateExperiment", "sagemaker:UpdateFeatureGroup", "sagemaker:UpdateFeatureMetadata", "sagemaker:UpdateHub", "sagemaker:UpdateImage", "sagemaker:UpdateImageVersion", "sagemaker:UpdateInferenceComponent", "sagemaker:UpdateInferenceComponentRuntimeConfig", "sagemaker:UpdateInferenceExperiment", "sagemaker:UpdateModelCard", "sagemaker:UpdateModelPackage", "sagemaker:UpdateMonitoringAlert", "sagemaker:UpdateMonitoringSchedule", "sagemaker:UpdateNotebookInstance", "sagemaker:UpdateNotebookInstanceLifecycleConfig", "sagemaker:UpdatePipeline", "sagemaker:UpdatePipelineExecution", "sagemaker:UpdateProject", "sagemaker:UpdateSharedModel", "sagemaker:UpdateSpace", "sagemaker:UpdateTrainingJob", "sagemaker:UpdateTrial", "sagemaker:UpdateTrialComponent", "sagemaker:UpdateUserProfile", "sagemaker:UpdateWorkforce", "sagemaker:UpdateWorkteam", "sagemaker-geospatial:DeleteEarthObservationJob", "sagemaker-geospatial:DeleteVectorEnrichmentJob", "sagemaker-geospatial:ExportEarthObservationJob", "sagemaker-geospatial:ExportVectorEnrichmentJob", "sagemaker-geospatial:GetEarthObservationJob", "sagemaker-geospatial:GetRasterDataCollection", "sagemaker-geospatial:GetTile", "sagemaker-geospatial:GetVectorEnrichmentJob", "sagemaker-geospatial:ListEarthObservationJobs", "sagemaker-geospatial:ListRasterDataCollections", "sagemaker-geospatial:ListTagsForResource", "sagemaker-geospatial:ListVectorEnrichmentJobs", "sagemaker-geospatial:SearchRasterDataCollection", "sagemaker-geospatial:StartEarthObservationJob", "sagemaker-geospatial:StartVectorEnrichmentJob", "sagemaker-geospatial:StopEarthObservationJob", "sagemaker-geospatial:StopVectorEnrichmentJob", "sagemaker-geospatial:TagResource", "sagemaker-geospatial:UntagResource", "sagemaker:AddTags", "sagemaker:AddTags", "sagemaker:CreatePresignedDomainUrl", "sagemaker:DescribeDomain", "sagemaker:ListDomains", "sagemaker:DescribeUserProfile", "sagemaker:ListUserProfiles", "sagemaker:DescribeSpace", "sagemaker:ListSpaces", "sagemaker:DescribeApp", "sagemaker:ListApps", "sagemaker:CreateApp", "sagemaker:DeleteApp", "sagemaker:CreateApp", "sagemaker:DeleteApp", "sagemaker:CreateSpace", "sagemaker:UpdateSpace", "sagemaker:DeleteSpace", "sagemaker:CreateSpace", "sagemaker:UpdateSpace", "sagemaker:DeleteSpace", "sagemaker:CreateApp", "sagemaker:DeleteApp", "sagemaker:AddAssociation", "sagemaker:AddTags", "sagemaker:AssociateTrialComponent", "sagemaker:BatchDescribeModelPackage", "sagemaker:BatchGetMetrics", "sagemaker:BatchGetRecord", "sagemaker:BatchPutMetrics", "sagemaker:CreateAction", "sagemaker:CreateAlgorithm", "sagemaker:CreateApp", "sagemaker:CreateAppImageConfig", "sagemaker:CreateArtifact", "sagemaker:CreateAutoMLJob", "sagemaker:CreateAutoMLJobV2", "sagemaker:CreateCluster", "sagemaker:CreateCodeRepository", "sagemaker:CreateCompilationJob", "sagemaker:CreateContext", "sagemaker:CreateDataQualityJobDefinition", "sagemaker:CreateDeviceFleet", "sagemaker:CreateDomain", "sagemaker:CreateEdgeDeploymentPlan", "sagemaker:CreateEdgeDeploymentStage", "sagemaker:CreateEdgePackagingJob", "sagemaker:CreateEndpoint", "sagemaker:CreateEndpointConfig", "sagemaker:CreateExperiment", "sagemaker:CreateFeatureGroup", "sagemaker:CreateFlowDefinition", "sagemaker:CreateHub", "sagemaker:CreateHumanTaskUi", "sagemaker:CreateHyperParameterTuningJob", "sagemaker:CreateImage", "sagemaker:CreateImageVersion", "sagemaker:CreateInferenceComponent", "sagemaker:CreateInferenceExperiment", "sagemaker:CreateInferenceRecommendationsJob", "sagemaker:CreateLabelingJob", "sagemaker:CreateLineageGroupPolicy", "sagemaker:CreateModel", "sagemaker:CreateModelBiasJobDefinition", "sagemaker:CreateModelCard", "sagemaker:CreateModelCardExportJob", "sagemaker:CreateModelExplainabilityJobDefinition", "sagemaker:CreateModelPackage", "sagemaker:CreateModelPackageGroup", "sagemaker:CreateModelQualityJobDefinition", "sagemaker:CreateMonitoringSchedule", "sagemaker:CreateNotebookInstance", "sagemaker:CreateNotebookInstanceLifecycleConfig", "sagemaker:CreatePipeline", "sagemaker:CreatePresignedDomainUrl", "sagemaker:CreatePresignedNotebookInstanceUrl", "sagemaker:CreateProcessingJob", "sagemaker:CreateProject", "sagemaker:CreateSharedModel", "sagemaker:CreateSpace", "sagemaker:CreateStudioLifecycleConfig", "sagemaker:CreateTrainingJob", "sagemaker:CreateTransformJob", "sagemaker:CreateTrial", "sagemaker:CreateTrialComponent", "sagemaker:CreateUserProfile", "sagemaker:CreateWorkforce", "sagemaker:CreateWorkteam", "sagemaker:DeleteAction", "sagemaker:DeleteAlgorithm", "sagemaker:DeleteApp", "sagemaker:DeleteAppImageConfig", "sagemaker:DeleteArtifact", "sagemaker:DeleteAssociation", "sagemaker:DeleteCluster", "sagemaker:DeleteCodeRepository", "sagemaker:DeleteCompilationJob", "sagemaker:DeleteContext", "sagemaker:DeleteDataQualityJobDefinition", "sagemaker:DeleteDeviceFleet", "sagemaker:DeleteDomain", "sagemaker:DeleteEdgeDeploymentPlan", "sagemaker:DeleteEdgeDeploymentStage", "sagemaker:DeleteEndpoint", "sagemaker:DeleteEndpointConfig", "sagemaker:DeleteExperiment", "sagemaker:DeleteFeatureGroup", "sagemaker:DeleteFlowDefinition", "sagemaker:DeleteHub", "sagemaker:DeleteHubContent", "sagemaker:DeleteHumanLoop", "sagemaker:DeleteHumanTaskUi", "sagemaker:DeleteHyperParameterTuningJob", "sagemaker:DeleteImage", "sagemaker:DeleteImageVersion", "sagemaker:DeleteInferenceComponent", "sagemaker:DeleteInferenceExperiment", "sagemaker:DeleteLineageGroupPolicy", "sagemaker:DeleteModel", "sagemaker:DeleteModelBiasJobDefinition", "sagemaker:DeleteModelCard", "sagemaker:DeleteModelExplainabilityJobDefinition", "sagemaker:DeleteModelPackage", "sagemaker:DeleteModelPackageGroup", "sagemaker:DeleteModelPackageGroupPolicy", "sagemaker:DeleteModelQualityJobDefinition", "sagemaker:DeleteMonitoringSchedule", "sagemaker:DeleteNotebookInstance", "sagemaker:DeleteNotebookInstanceLifecycleConfig", "sagemaker:DeletePipeline", "sagemaker:DeleteProject", "sagemaker:DeleteRecord", "sagemaker:DeleteResourcePolicy", "sagemaker:DeleteSpace", "sagemaker:DeleteStudioLifecycleConfig", "sagemaker:DeleteTags", "sagemaker:DeleteTrial", "sagemaker:DeleteTrialComponent", "sagemaker:DeleteUserProfile", "sagemaker:DeleteWorkforce", "sagemaker:DeleteWorkteam", "sagemaker:DeregisterDevices", "sagemaker:DescribeAction", "sagemaker:DescribeAlgorithm", "sagemaker:DescribeApp", "sagemaker:DescribeAppImageConfig", "sagemaker:DescribeArtifact", "sagemaker:DescribeAutoMLJob", "sagemaker:DescribeAutoMLJobV2", "sagemaker:DescribeCluster", "sagemaker:DescribeClusterNode", "sagemaker:DescribeCodeRepository", "sagemaker:DescribeCompilationJob", "sagemaker:DescribeContext", "sagemaker:DescribeDataQualityJobDefinition", "sagemaker:DescribeDevice", "sagemaker:DescribeDeviceFleet", "sagemaker:DescribeDomain", "sagemaker:DescribeEdgeDeploymentPlan", "sagemaker:DescribeEdgePackagingJob", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeExperiment", "sagemaker:DescribeFeatureGroup", "sagemaker:DescribeFeatureMetadata", "sagemaker:DescribeFlowDefinition", "sagemaker:DescribeHub", "sagemaker:DescribeHubContent", "sagemaker:DescribeHumanLoop", "sagemaker:DescribeHumanTaskUi", "sagemaker:DescribeHyperParameterTuningJob", "sagemaker:DescribeImage", "sagemaker:DescribeImageVersion", "sagemaker:DescribeInferenceComponent", "sagemaker:DescribeInferenceExperiment", "sagemaker:DescribeInferenceRecommendationsJob", "sagemaker:DescribeLabelingJob", "sagemaker:DescribeLineageGroup", "sagemaker:DescribeModel", "sagemaker:DescribeModelBiasJobDefinition", "sagemaker:DescribeModelCard", "sagemaker:DescribeModelCardExportJob", "sagemaker:DescribeModelExplainabilityJobDefinition", "sagemaker:DescribeModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:DescribeModelQualityJobDefinition", "sagemaker:DescribeMonitoringSchedule", "sagemaker:DescribeNotebookInstance", "sagemaker:DescribeNotebookInstanceLifecycleConfig", "sagemaker:DescribePipeline", "sagemaker:DescribePipelineDefinitionForExecution", "sagemaker:DescribePipelineExecution", "sagemaker:DescribeProcessingJob", "sagemaker:DescribeProject", "sagemaker:DescribeSharedModel", "sagemaker:DescribeSpace", "sagemaker:DescribeStudioLifecycleConfig", "sagemaker:DescribeSubscribedWorkteam", "sagemaker:DescribeTrainingJob", "sagemaker:DescribeTransformJob", "sagemaker:DescribeTrial", "sagemaker:DescribeTrialComponent", "sagemaker:DescribeUserProfile", "sagemaker:DescribeWorkforce", "sagemaker:DescribeWorkteam", "sagemaker:DisableSagemakerServicecatalogPortfolio", "sagemaker:DisassociateTrialComponent", "sagemaker:EnableSagemakerServicecatalogPortfolio", "sagemaker:GetDeployments", "sagemaker:GetDeviceFleetReport", "sagemaker:GetDeviceRegistration", "sagemaker:GetLineageGroupPolicy", "sagemaker:GetModelPackageGroupPolicy", "sagemaker:GetRecord", "sagemaker:GetResourcePolicy", "sagemaker:GetSagemakerServicecatalogPortfolioStatus", "sagemaker:GetScalingConfigurationRecommendation", "sagemaker:GetSearchSuggestions", "sagemaker:ImportHubContent", "sagemaker:InvokeEndpoint", "sagemaker:InvokeEndpointAsync", "sagemaker:InvokeEndpointWithResponseStream", "sagemaker:ListActions", "sagemaker:ListAlgorithms", "sagemaker:ListAliases", "sagemaker:ListAppImageConfigs", "sagemaker:ListApps", "sagemaker:ListArtifacts", "sagemaker:ListAssociations", "sagemaker:ListAutoMLJobs", "sagemaker:ListCandidatesForAutoMLJob", "sagemaker:ListClusterNodes", "sagemaker:ListClusters", "sagemaker:ListCodeRepositories", "sagemaker:ListCompilationJobs", "sagemaker:ListContexts", "sagemaker:ListDataQualityJobDefinitions", "sagemaker:ListDeviceFleets", "sagemaker:ListDevices", "sagemaker:ListDomains", "sagemaker:ListEdgeDeploymentPlans", "sagemaker:ListEdgePackagingJobs", "sagemaker:ListEndpointConfigs", "sagemaker:ListEndpoints", "sagemaker:ListExperiments", "sagemaker:ListFeatureGroups", "sagemaker:ListFlowDefinitions", "sagemaker:ListHubContentVersions", "sagemaker:ListHubContents", "sagemaker:ListHubs", "sagemaker:ListHumanLoops", "sagemaker:ListHumanTaskUis", "sagemaker:ListHyperParameterTuningJobs", "sagemaker:ListImageVersions", "sagemaker:ListImages", "sagemaker:ListInferenceComponents", "sagemaker:ListInferenceExperiments", "sagemaker:ListInferenceRecommendationsJobSteps", "sagemaker:ListInferenceRecommendationsJobs", "sagemaker:ListLabelingJobs", "sagemaker:ListLabelingJobsForWorkteam", "sagemaker:ListLineageGroups", "sagemaker:ListModelBiasJobDefinitions", "sagemaker:ListModelCardExportJobs", "sagemaker:ListModelCardVersions", "sagemaker:ListModelCards", "sagemaker:ListModelExplainabilityJobDefinitions", "sagemaker:ListModelMetadata", "sagemaker:ListModelPackageGroups", "sagemaker:ListModelPackages", "sagemaker:ListModelQualityJobDefinitions", "sagemaker:ListModels", "sagemaker:ListMonitoringAlertHistory", "sagemaker:ListMonitoringAlerts", "sagemaker:ListMonitoringExecutions", "sagemaker:ListMonitoringSchedules", "sagemaker:ListNotebookInstanceLifecycleConfigs", "sagemaker:ListNotebookInstances", "sagemaker:ListPipelineExecutionSteps", "sagemaker:ListPipelineExecutions", "sagemaker:ListPipelineParametersForExecution", "sagemaker:ListPipelines", "sagemaker:ListProcessingJobs", "sagemaker:ListProjects", "sagemaker:ListResourceCatalogs", "sagemaker:ListSharedModelEvents", "sagemaker:ListSharedModelVersions", "sagemaker:ListSharedModels", "sagemaker:ListSpaces", "sagemaker:ListStageDevices", "sagemaker:ListStudioLifecycleConfigs", "sagemaker:ListSubscribedWorkteams", "sagemaker:ListTags", "sagemaker:ListTrainingJobs", "sagemaker:ListTrainingJobsForHyperParameterTuningJob", "sagemaker:ListTransformJobs", "sagemaker:ListTrialComponents", "sagemaker:ListTrials", "sagemaker:ListUserProfiles", "sagemaker:ListWorkforces", "sagemaker:ListWorkteams", "sagemaker:PutLineageGroupPolicy", "sagemaker:PutModelPackageGroupPolicy", "sagemaker:PutRecord", "sagemaker:PutResourcePolicy", "sagemaker:QueryLineage", "sagemaker:RegisterDevices", "sagemaker:RenderUiTemplate", "sagemaker:RetryPipelineExecution", "sagemaker:Search", "sagemaker:SendHeartbeat", "sagemaker:SendPipelineExecutionStepFailure", "sagemaker:SendPipelineExecutionStepSuccess", "sagemaker:SendSharedModelEvent", "sagemaker:StartEdgeDeploymentStage", "sagemaker:StartHumanLoop", "sagemaker:StartInferenceExperiment", "sagemaker:StartMonitoringSchedule", "sagemaker:StartNotebookInstance", "sagemaker:StartPipelineExecution", "sagemaker:StopAutoMLJob", "sagemaker:StopCompilationJob", "sagemaker:StopEdgeDeploymentStage", "sagemaker:StopEdgePackagingJob", "sagemaker:StopHumanLoop", "sagemaker:StopHyperParameterTuningJob", "sagemaker:StopInferenceExperiment", "sagemaker:StopInferenceRecommendationsJob", "sagemaker:StopLabelingJob", "sagemaker:StopMonitoringSchedule", "sagemaker:StopNotebookInstance", "sagemaker:StopPipelineExecution", "sagemaker:StopProcessingJob", "sagemaker:StopTrainingJob", "sagemaker:StopTransformJob", "sagemaker:UpdateAction", "sagemaker:UpdateAppImageConfig", "sagemaker:UpdateArtifact", "sagemaker:UpdateCluster", "sagemaker:UpdateClusterSoftware", "sagemaker:UpdateCodeRepository", "sagemaker:UpdateContext", "sagemaker:UpdateDeviceFleet", "sagemaker:UpdateDevices", "sagemaker:UpdateDomain", "sagemaker:UpdateEndpoint", "sagemaker:UpdateEndpointWeightsAndCapacities", "sagemaker:UpdateExperiment", "sagemaker:UpdateFeatureGroup", "sagemaker:UpdateFeatureMetadata", "sagemaker:UpdateHub", "sagemaker:UpdateImage", "sagemaker:UpdateImageVersion", "sagemaker:UpdateInferenceComponent", "sagemaker:UpdateInferenceComponentRuntimeConfig", "sagemaker:UpdateInferenceExperiment", "sagemaker:UpdateModelCard", "sagemaker:UpdateModelPackage", "sagemaker:UpdateMonitoringAlert", "sagemaker:UpdateMonitoringSchedule", "sagemaker:UpdateNotebookInstance", "sagemaker:UpdateNotebookInstanceLifecycleConfig", "sagemaker:UpdatePipeline", "sagemaker:UpdatePipelineExecution", "sagemaker:UpdateProject", "sagemaker:UpdateSharedModel", "sagemaker:UpdateSpace", "sagemaker:UpdateTrainingJob", "sagemaker:UpdateTrial", "sagemaker:UpdateTrialComponent", "sagemaker:UpdateUserProfile", "sagemaker:UpdateWorkforce", "sagemaker:UpdateWorkteam", "application-autoscaling:DeleteScalingPolicy", "application-autoscaling:DeleteScheduledAction", "application-autoscaling:DeregisterScalableTarget", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingActivities", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:DescribeScheduledActions", "application-autoscaling:PutScalingPolicy", "application-autoscaling:PutScheduledAction", "application-autoscaling:RegisterScalableTarget", "aws-marketplace:ViewSubscriptions", "cloudformation:GetTemplateSummary", "cloudwatch:DeleteAlarms", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "cloudwatch:PutMetricAlarm", "cloudwatch:PutMetricData", "codecommit:BatchGetRepositories", "codecommit:CreateRepository", "codecommit:GetRepository", "codecommit:ListApprovalRuleTemplates", "codecommit:ListAssociatedApprovalRuleTemplatesForRepository", "codecommit:ListBranches", "codecommit:ListFileCommitHistory", "codecommit:ListPullRequests", "codecommit:ListRepositories", "codecommit:ListRepositoriesForApprovalRuleTemplate", "codecommit:ListTagsForResource", "cognito-idp:AdminAddUserToGroup", "cognito-idp:AdminCreateUser", "cognito-idp:AdminDeleteUser", "cognito-idp:AdminDisableUser", "cognito-idp:AdminEnableUser", "cognito-idp:AdminRemoveUserFromGroup", "cognito-idp:CreateGroup", "cognito-idp:CreateUserPool", "cognito-idp:CreateUserPoolClient", "cognito-idp:CreateUserPoolDomain", "cognito-idp:DescribeUserPool", "cognito-idp:DescribeUserPoolClient", "cognito-idp:ListDevices", "cognito-idp:ListGroups", "cognito-idp:ListIdentityProviders", "cognito-idp:ListResourceServers", "cognito-idp:ListResourcesForWebACL", "cognito-idp:ListTagsForResource", "cognito-idp:ListUserImportJobs", "cognito-idp:ListUserPoolClients", "cognito-idp:ListUserPools", "cognito-idp:ListUsers", "cognito-idp:ListUsersInGroup", "cognito-idp:UpdateUserPool", "cognito-idp:UpdateUserPoolClient", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:CreateVpcEndpoint", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DescribeDhcpOptions", "ec2:DescribeNetworkInterfaces", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcs", "ecr:BatchCheckLayerAvailability", "ecr:BatchGetImage", "ecr:CreateRepository", "ecr:DescribeImageReplicationStatus", "ecr:DescribeImageScanFindings", "ecr:DescribeImages", "ecr:DescribePullThroughCacheRules", "ecr:DescribeRegistry", "ecr:DescribeRepositories", "ecr:DescribeRepositoryCreationTemplate", "ecr:GetAuthorizationToken", "ecr:GetDownloadUrlForLayer", "ecr:StartImageScan", "elastic-inference:Connect", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeMountTargets", "fsx:DescribeFileSystems", "glue:CreateJob", "glue:DeleteJob", "glue:GetJob", "glue:GetJobBookmark", "glue:GetJobRun", "glue:GetJobRuns", "glue:GetJobs", "glue:GetTable", "glue:GetTableOptimizer", "glue:GetTableVersion", "glue:GetTableVersions", "glue:GetTables", "glue:GetWorkflowRun", "glue:ResetJobBookmark", "glue:StartJobRun", "glue:StartWorkflowRun", "glue:UpdateJob", "groundtruthlabeling:AssociatePatchToManifestJob", "groundtruthlabeling:CreateBatch", "groundtruthlabeling:CreateIntakeForm", "groundtruthlabeling:CreateProject", "groundtruthlabeling:CreateWorkflowDefinition", "groundtruthlabeling:DescribeConsoleJob", "groundtruthlabeling:GenerateLIDARPreviewTaskConfigJob", "groundtruthlabeling:GetBatch", "groundtruthlabeling:GetIntakeFormStatus", "groundtruthlabeling:ListBatches", "groundtruthlabeling:ListDatasetObjects", "groundtruthlabeling:ListProjects", "groundtruthlabeling:RunFilterOrSampleDatasetJob", "groundtruthlabeling:RunGenerateManifestByCrawlingJob", "groundtruthlabeling:RunGenerateManifestMetricsJob", "groundtruthlabeling:UpdateBatch", "iam:ListRoles", "kms:DescribeKey", "kms:ListAliases", "lambda:ListFunctions", "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteLogDelivery", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:ListLogDeliveries", "logs:PutLogEvents", "logs:PutResourcePolicy", "logs:UpdateLogDelivery", "robomaker:CreateSimulationApplication", "robomaker:DescribeSimulationApplication", "robomaker:DeleteSimulationApplication", "robomaker:CreateSimulationJob", "robomaker:DescribeSimulationJob", "robomaker:CancelSimulationJob", "secretsmanager:ListSecrets", "servicecatalog:DescribeConstraint", "servicecatalog:DescribeCopyProductStatus", "servicecatalog:DescribePortfolio", "servicecatalog:DescribePortfolioShareStatus", "servicecatalog:DescribePortfolioShares", "servicecatalog:DescribeProduct", "servicecatalog:DescribeProductAsAdmin", "servicecatalog:DescribeProductView", "servicecatalog:DescribeProvisionedProduct", "servicecatalog:DescribeProvisionedProductPlan", "servicecatalog:DescribeProvisioningArtifact", "servicecatalog:DescribeProvisioningParameters", "servicecatalog:DescribeRecord", "servicecatalog:DescribeServiceAction", "servicecatalog:DescribeServiceActionExecutionParameters", "servicecatalog:DescribeTagOption", "servicecatalog:ListAcceptedPortfolioShares", "servicecatalog:ListApplications", "servicecatalog:ListAssociatedAttributeGroups", "servicecatalog:ListAssociatedResources", "servicecatalog:ListAttributeGroups", "servicecatalog:ListAttributeGroupsForApplication", "servicecatalog:ListBudgetsForResource", "servicecatalog:ListConstraintsForPortfolio", "servicecatalog:ListLaunchPaths", "servicecatalog:ListOrganizationPortfolioAccess", "servicecatalog:ListPortfolioAccess", "servicecatalog:ListPortfolios", "servicecatalog:ListPortfoliosForProduct", "servicecatalog:ListPrincipalsForPortfolio", "servicecatalog:ListProvisionedProductPlans", "servicecatalog:ListProvisioningArtifacts", "servicecatalog:ListProvisioningArtifactsForServiceAction", "servicecatalog:ListRecordHistory", "servicecatalog:ListResourcesForTagOption", "servicecatalog:ListServiceActions", "servicecatalog:ListServiceActionsForProvisioningArtifact", "servicecatalog:ListStackInstancesForProvisionedProduct", "servicecatalog:ListTagOptions", "servicecatalog:ListTagsForResource", "servicecatalog:ScanProvisionedProducts", "servicecatalog:SearchProducts", "servicecatalog:SearchProvisionedProducts", "sns:ListTopics", "tag:GetResources", "ecr:SetRepositoryPolicy", "ecr:CompleteLayerUpload", "ecr:BatchDeleteImage", "ecr:UploadLayerPart", "ecr:DeleteRepositoryPolicy", "ecr:InitiateLayerUpload", "ecr:DeleteRepository", "ecr:PutImage", "codecommit:GitPull", "codecommit:GitPush", "codebuild:BatchGetBuilds", "codebuild:StartBuild", "states:DescribeExecution", "states:GetExecutionHistory", "states:StartExecution", "states:StopExecution", "states:UpdateStateMachine", "secretsmanager:DescribeSecret", "secretsmanager:GetSecretValue", "secretsmanager:CreateSecret", "secretsmanager:DescribeSecret", "secretsmanager:GetSecretValue", "servicecatalog:ProvisionProduct", "servicecatalog:TerminateProvisionedProduct", "servicecatalog:UpdateProvisionedProduct", "s3:GetObject", "s3:PutObject", "s3:DeleteObject", "s3:AbortMultipartUpload", "s3:GetObject", "s3:GetObject", "s3:CreateBucket", "s3:GetBucketLocation", "s3:ListBucket", "s3:ListAllMyBuckets", "s3:GetBucketCORS", "s3:PutBucketCORS", "s3:GetBucketAcl", "s3:PutObjectAcl", "lambda:InvokeFunction", "iam:CreateServiceLinkedRole", "iam:CreateServiceLinkedRole", "sns:Subscribe", "sns:CreateTopic", "sns:Publish", "iam:PassRole", "iam:PassRole", "athena:ListDataCatalogs", "athena:ListDatabases", "athena:ListTableMetadata", "athena:GetQueryExecution", "athena:GetQueryResults", "athena:StartQueryExecution", "athena:StopQueryExecution", "glue:CreateTable", "glue:UpdateTable", "glue:DeleteTable", "glue:GetDatabases", "glue:GetTable", "glue:GetTables", "glue:CreateDatabase", "glue:GetDatabase", "redshift-data:ExecuteStatement", "redshift-data:DescribeStatement", "redshift-data:CancelStatement", "redshift-data:GetStatementResult", "redshift-data:ListSchemas", "redshift-data:ListTables", "redshift:GetClusterCredentials", "sagemaker:ListTags", "cloudformation:ListStackResources", "s3express:CreateSession", "s3express:CreateBucket", "s3express:ListAllMyDirectoryBuckets" ], "malformed": false, "name": "AmazonSageMakerFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-29T17:35:49+00:00", "version": "v26" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSHealth_EventProcessorServiceRolePolicy", "createdate": "2023-01-13T19:24:56Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "events:DeleteRule", "events:PutTargets", "events:PutRule", "events:RemoveTargets", "events:DescribeRule", "events:ListTargetsByRule" ], "malformed": false, "name": "AWSHealth_EventProcessorServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-01-13T19:24:56+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonDetectiveMemberAccess", "createdate": "2023-01-17T15:16:14Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "detective:AcceptInvitation", "detective:BatchGetMembershipDatasources", "detective:DisassociateMembership", "detective:GetFreeTrialEligibility", "detective:GetPricingInformation", "detective:GetUsageInformation", "detective:ListInvitations", "detective:RejectInvitation" ], "malformed": false, "name": "AmazonDetectiveMemberAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-01-17T15:16:14+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryStagingAccountPolicy", "createdate": "2023-11-27T13:07:49Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "drs:DescribeSourceServers", "drs:DescribeRecoverySnapshots", "drs:CreateConvertedSnapshotForDrs", "drs:GetReplicationConfiguration", "drs:DescribeJobs", "drs:DescribeJobLogItems", "ec2:ModifySnapshotAttribute" ], "malformed": false, "name": "AWSElasticDisasterRecoveryStagingAccountPolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-27T13:07:49+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/GlobalAcceleratorFullAccess", "createdate": "2020-12-04T19:17:26Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "globalaccelerator:AddCustomRoutingEndpoints", "globalaccelerator:AddEndpoints", "globalaccelerator:AdvertiseByoipCidr", "globalaccelerator:AllowCustomRoutingTraffic", "globalaccelerator:CreateAccelerator", "globalaccelerator:CreateCrossAccountAttachment", "globalaccelerator:CreateCustomRoutingAccelerator", "globalaccelerator:CreateCustomRoutingEndpointGroup", "globalaccelerator:CreateCustomRoutingListener", "globalaccelerator:CreateEndpointGroup", "globalaccelerator:CreateListener", "globalaccelerator:DeleteAccelerator", "globalaccelerator:DeleteCrossAccountAttachment", "globalaccelerator:DeleteCustomRoutingAccelerator", "globalaccelerator:DeleteCustomRoutingEndpointGroup", "globalaccelerator:DeleteCustomRoutingListener", "globalaccelerator:DeleteEndpointGroup", "globalaccelerator:DeleteListener", "globalaccelerator:DenyCustomRoutingTraffic", "globalaccelerator:DeprovisionByoipCidr", "globalaccelerator:DescribeAccelerator", "globalaccelerator:DescribeAcceleratorAttributes", "globalaccelerator:DescribeCrossAccountAttachment", "globalaccelerator:DescribeCustomRoutingAccelerator", "globalaccelerator:DescribeCustomRoutingAcceleratorAttributes", "globalaccelerator:DescribeCustomRoutingEndpointGroup", "globalaccelerator:DescribeCustomRoutingListener", "globalaccelerator:DescribeEndpointGroup", "globalaccelerator:DescribeListener", "globalaccelerator:ListAccelerators", "globalaccelerator:ListByoipCidrs", "globalaccelerator:ListCrossAccountAttachments", "globalaccelerator:ListCrossAccountResourceAccounts", "globalaccelerator:ListCrossAccountResources", "globalaccelerator:ListCustomRoutingAccelerators", "globalaccelerator:ListCustomRoutingEndpointGroups", "globalaccelerator:ListCustomRoutingListeners", "globalaccelerator:ListCustomRoutingPortMappings", "globalaccelerator:ListCustomRoutingPortMappingsByDestination", "globalaccelerator:ListEndpointGroups", "globalaccelerator:ListListeners", "globalaccelerator:ListTagsForResource", "globalaccelerator:ProvisionByoipCidr", "globalaccelerator:RemoveCustomRoutingEndpoints", "globalaccelerator:RemoveEndpoints", "globalaccelerator:TagResource", "globalaccelerator:UntagResource", "globalaccelerator:UpdateAccelerator", "globalaccelerator:UpdateAcceleratorAttributes", "globalaccelerator:UpdateCrossAccountAttachment", "globalaccelerator:UpdateCustomRoutingAccelerator", "globalaccelerator:UpdateCustomRoutingAcceleratorAttributes", "globalaccelerator:UpdateCustomRoutingListener", "globalaccelerator:UpdateEndpointGroup", "globalaccelerator:UpdateListener", "globalaccelerator:WithdrawByoipCidr", "elasticloadbalancing:DescribeLoadBalancers", "ec2:DescribeAddresses", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeRegions", "ec2:DescribeSubnets", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "GlobalAcceleratorFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-04T19:17:26+00:00", "version": "v6" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management", "Unknown" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleCore", "createdate": "2020-09-09T20:31:14Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ec2:TerminateInstances", "ec2:ReleaseAddress", "ec2:AllocateAddress", "ec2:DisassociateAddress", "ec2:AssociateAddress", "ec2:CreateTags", "ec2:DeleteTags", "ec2:CreateSecurityGroup", "ec2:DeleteSecurityGroup", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:CreateLaunchTemplate", "ec2:CreateLaunchTemplateVersion", "ec2:DeleteLaunchTemplate", "ec2:DeleteLaunchTemplateVersions", "ec2:RunInstances", "autoscaling:AttachInstances", "autoscaling:AttachLoadBalancerTargetGroups", "autoscaling:AttachLoadBalancers", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DetachLoadBalancerTargetGroups", "autoscaling:DetachLoadBalancers", "autoscaling:CreateAutoScalingGroup", "autoscaling:DeleteAutoScalingGroup", "autoscaling:TerminateInstanceInAutoScalingGroup", "autoscaling:UpdateAutoScalingGroup", "autoscaling:CreateLaunchConfiguration", "autoscaling:DeleteLaunchConfiguration", "autoscaling:DeleteScheduledAction", "autoscaling:DetachInstances", "autoscaling:PutNotificationConfiguration", "autoscaling:PutScalingPolicy", "autoscaling:PutScheduledUpdateGroupAction", "autoscaling:ResumeProcesses", "autoscaling:SuspendProcesses", "autoscaling:CreateOrUpdateTags", "autoscaling:DeleteTags", "autoscaling:DescribeTags", "autoscaling:DeletePolicy", "iam:CreateServiceLinkedRole", "s3:DeleteAccessGrant", "s3:DeleteAccessGrantsInstance", "s3:DeleteAccessGrantsInstanceResourcePolicy", "s3:DeleteAccessGrantsLocation", "s3:DeleteAccessPoint", "s3:DeleteAccessPointForObjectLambda", "s3:DeleteAccessPointPolicy", "s3:DeleteAccessPointPolicyForObjectLambda", "s3:DeleteBucket", "s3:DeleteBucketPolicy", "s3:DeleteBucketWebsite", "s3:DeleteIntelligentTieringConfiguration", "s3:DeleteJobTagging", "s3:DeleteMultiRegionAccessPoint", "s3:DeleteObject", "s3:DeleteObjectTagging", "s3:DeleteObjectVersion", "s3:DeleteObjectVersionTagging", "s3:DeleteStorageLensConfiguration", "s3:DeleteStorageLensConfigurationTagging", "s3:DeleteStorageLensGroup", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:PutAccelerateConfiguration", "s3:PutAccessGrantsInstanceResourcePolicy", "s3:PutAccessPointConfigurationForObjectLambda", "s3:PutAccessPointPolicy", "s3:PutAccessPointPolicyForObjectLambda", "s3:PutAccessPointPublicAccessBlock", "s3:PutAccountPublicAccessBlock", "s3:PutAnalyticsConfiguration", "s3:PutBucketAcl", "s3:PutBucketCORS", "s3:PutBucketLogging", "s3:PutBucketNotification", "s3:PutBucketObjectLockConfiguration", "s3:PutBucketOwnershipControls", "s3:PutBucketPolicy", "s3:PutBucketPublicAccessBlock", "s3:PutBucketRequestPayment", "s3:PutBucketTagging", "s3:PutBucketVersioning", "s3:PutBucketWebsite", "s3:PutEncryptionConfiguration", "s3:PutIntelligentTieringConfiguration", "s3:PutInventoryConfiguration", "s3:PutJobTagging", "s3:PutLifecycleConfiguration", "s3:PutMetricsConfiguration", "s3:PutMultiRegionAccessPointPolicy", "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionAcl", "s3:PutObjectVersionTagging", "s3:PutReplicationConfiguration", "s3:PutStorageLensConfiguration", "s3:PutStorageLensConfigurationTagging", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:ListBucket", "s3:PutBucketPolicy", "cloudformation:CreateStack", "cloudformation:DeleteStack", "cloudformation:GetTemplate", "cloudformation:ListStackResources", "cloudformation:UpdateStack", "cloudformation:ContinueUpdateRollback", "cloudformation:CancelUpdateStack", "cloudwatch:PutMetricAlarm", "cloudwatch:DeleteAlarms", "elasticloadbalancing:CreateAppCookieStickinessPolicy", "elasticloadbalancing:CreateLBCookieStickinessPolicy", "elasticloadbalancing:CreateLoadBalancer", "elasticloadbalancing:CreateLoadBalancerListeners", "elasticloadbalancing:CreateLoadBalancerPolicy", "elasticloadbalancing:CreateListener", "elasticloadbalancing:CreateRule", "elasticloadbalancing:CreateTargetGroup", "elasticloadbalancing:CreateTrustStore", "elasticloadbalancing:DeleteLoadBalancer", "elasticloadbalancing:DeleteLoadBalancerListeners", "elasticloadbalancing:DeleteLoadBalancerPolicy", "elasticloadbalancing:DeleteListener", "elasticloadbalancing:DeleteRule", "elasticloadbalancing:DeleteTargetGroup", "elasticloadbalancing:DeleteTrustStore", "elasticloadbalancing:ModifyLoadBalancerAttributes", "elasticloadbalancing:ModifyListener", "elasticloadbalancing:ModifyRule", "elasticloadbalancing:ModifyTargetGroup", "elasticloadbalancing:ModifyTargetGroupAttributes", "elasticloadbalancing:ModifyTrustStore", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:DeregisterTargets", "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:AddTags", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:RemoveTags", "elasticloadbalancing:ConfigureHealthCheck", "elasticloadbalancing:SetRulePriorities", "elasticloadbalancing:SetLoadBalancerPoliciesOfListener", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeChangeSet", "cloudformation:DescribeChangeSetHooks", "cloudformation:DescribeGeneratedTemplate", "cloudformation:DescribeOrganizationsAccess", "cloudformation:DescribePublisher", "cloudformation:DescribeResourceScan", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:DescribeType", "cloudformation:DescribeTypeRegistration", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ecs:DescribeCapacityProviders", "ecs:DescribeClusters", "ecs:DescribeContainerInstances", "ecs:DescribeServices", "ecs:DescribeTaskDefinition", "ecs:DescribeTaskSets", "ecs:DescribeTasks", "ecs:ListAccountSettings", "ecs:ListAttributes", "ecs:ListClusters", "ecs:ListContainerInstances", "ecs:ListServices", "ecs:ListServicesByNamespace", "ecs:ListTagsForResource", "ecs:ListTaskDefinitionFamilies", "ecs:ListTaskDefinitions", "ecs:ListTasks", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "rds:DescribeAccountAttributes", "rds:DescribeBlueGreenDeployments", "rds:DescribeCertificates", "rds:DescribeDBClusterAutomatedBackups", "rds:DescribeDBClusterBacktracks", "rds:DescribeDBClusterEndpoints", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBProxies", "rds:DescribeDBProxyEndpoints", "rds:DescribeDBProxyTargetGroups", "rds:DescribeDBProxyTargets", "rds:DescribeDBRecommendations", "rds:DescribeDBSecurityGroups", "rds:DescribeDBShardGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeDbSnapshotTenantDatabases", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeExportTasks", "rds:DescribeGlobalClusters", "rds:DescribeIntegrations", "rds:DescribeOptionGroupOptions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeRecommendationGroups", "rds:DescribeRecommendations", "rds:DescribeReservedDBInstances", "rds:DescribeReservedDBInstancesOfferings", "rds:DescribeSourceRegions", "rds:DescribeTenantDatabases", "rds:DescribeValidDBInstanceModifications", "sns:ListEndpointsByPlatformApplication", "sns:ListOriginationNumbers", "sns:ListPhoneNumbersOptedOut", "sns:ListPlatformApplications", "sns:ListSMSSandboxPhoneNumbers", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "iam:ListAccessKeys", "iam:ListAccountAliases", "iam:ListAttachedGroupPolicies", "iam:ListAttachedRolePolicies", "iam:ListAttachedUserPolicies", "iam:ListCloudFrontPublicKeys", "iam:ListEntitiesForPolicy", "iam:ListGroupPolicies", "iam:ListGroups", "iam:ListGroupsForUser", "iam:ListInstanceProfileTags", "iam:ListInstanceProfiles", "iam:ListInstanceProfilesForRole", "iam:ListMFADeviceTags", "iam:ListMFADevices", "iam:ListOpenIDConnectProviderTags", "iam:ListOpenIDConnectProviders", "iam:ListPolicies", "iam:ListPoliciesGrantingServiceAccess", "iam:ListPolicyTags", "iam:ListPolicyVersions", "iam:ListRolePolicies", "iam:ListRoleTags", "iam:ListRoles", "iam:ListSAMLProviderTags", "iam:ListSAMLProviders", "iam:ListSSHPublicKeys", "iam:ListSTSRegionalEndpointsStatus", "iam:ListServerCertificateTags", "iam:ListServerCertificates", "iam:ListServiceSpecificCredentials", "iam:ListSigningCertificates", "iam:ListUserPolicies", "iam:ListUserTags", "iam:ListUsers", "iam:ListVirtualMFADevices", "acm:DescribeCertificate", "acm:ListCertificates", "acm:ListTagsForCertificate", "iam:PassRole" ], "malformed": false, "name": "AWSElasticBeanstalkRoleCore", "privesc": true, "resource_exposure": true, "undocumented_actions": true, "unknown_actions": false, "updatedate": "2020-09-09T20:31:14+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonElasticTranscoderRole", "createdate": "2019-06-13T22:48:22Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:ListBucket", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:PutObject", "s3:PutObjectAcl", "s3:AbortMultipartUpload", "s3:ListBucketMultipartUploads", "s3:ListMultipartUploadParts", "sns:Publish" ], "malformed": false, "name": "AmazonElasticTranscoderRole", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-13T22:48:22+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": null, "createdate": "2023-02-22T17:25:14Z", "credentials_exposure": true, "data_access": true, "deprecated": true, "effective_action_names": [ "applicationinsights:AddWorkload", "applicationinsights:CreateApplication", "applicationinsights:CreateComponent", "applicationinsights:CreateLogPattern", "applicationinsights:DeleteApplication", "applicationinsights:DeleteComponent", "applicationinsights:DeleteLogPattern", "applicationinsights:DescribeApplication", "applicationinsights:DescribeComponent", "applicationinsights:DescribeComponentConfiguration", "applicationinsights:DescribeComponentConfigurationRecommendation", "applicationinsights:DescribeLogPattern", "applicationinsights:DescribeObservation", "applicationinsights:DescribeProblem", "applicationinsights:DescribeProblemObservations", "applicationinsights:DescribeWorkload", "applicationinsights:Link", "applicationinsights:ListApplications", "applicationinsights:ListComponents", "applicationinsights:ListConfigurationHistory", "applicationinsights:ListLogPatternSets", "applicationinsights:ListLogPatterns", "applicationinsights:ListProblems", "applicationinsights:ListTagsForResource", "applicationinsights:ListWorkloads", "applicationinsights:RemoveWorkload", "applicationinsights:TagResource", "applicationinsights:UntagResource", "applicationinsights:UpdateApplication", "applicationinsights:UpdateComponent", "applicationinsights:UpdateComponentConfiguration", "applicationinsights:UpdateLogPattern", "applicationinsights:UpdateProblem", "applicationinsights:UpdateWorkload", "resource-groups:ListGroupResources", "resource-groups:ListGroups", "resource-groups:ListResourceTypes", "route53:ChangeResourceRecordSets", "route53:GetChange", "route53:ListResourceRecordSets", "route53:ListHostedZones", "route53:ListHostedZonesByName", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:GetBucketLocation", "kms:ListKeys", "kms:ListAliases", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "ec2:CreateInternetGateway", "ec2:CreateNatGateway", "ec2:CreateVpc", "ec2:CreateKeyPair", "ec2:CreateRoute", "ec2:CreateRouteTable", "ec2:CreateSubnet", "ec2:AllocateAddress", "ec2:AllocateHosts", "ec2:AssignPrivateIpAddresses", "ec2:AssociateAddress", "ec2:CreateDhcpOptions", "ec2:CreateEgressOnlyInternetGateway", "ec2:CreateNetworkInterface", "ec2:CreateVolume", "ec2:CreateVpcEndpoint", "ec2:CreateTags", "ec2:DeleteTags", "ec2:RunInstances", "ec2:StartInstances", "ec2:ModifyInstanceAttribute", "ec2:ModifySubnetAttribute", "ec2:ModifyVolumeAttribute", "ec2:ModifyVpcAttribute", "ec2:AssociateDhcpOptions", "ec2:AssociateSubnetCidrBlock", "ec2:AttachInternetGateway", "ec2:AttachNetworkInterface", "ec2:AttachVolume", "ec2:DeleteDhcpOptions", "ec2:DeleteInternetGateway", "ec2:DeleteKeyPair", "ec2:DeleteNatGateway", "ec2:DeleteSecurityGroup", "ec2:DeleteVolume", "ec2:DeleteVpc", "ec2:DetachInternetGateway", "ec2:DetachVolume", "ec2:DeleteSnapshot", "ec2:AssociateRouteTable", "ec2:AssociateVpcCidrBlock", "ec2:DeleteNetworkAcl", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DeleteRoute", "ec2:DeleteRouteTable", "ec2:DeleteSubnet", "ec2:DetachNetworkInterface", "ec2:DisassociateAddress", "ec2:DisassociateVpcCidrBlock", "ec2:GetLaunchTemplateData", "ec2:ModifyNetworkInterfaceAttribute", "ec2:ModifyVolume", "ec2:AuthorizeSecurityGroupEgress", "ec2:GetConsoleOutput", "ec2:GetPasswordData", "ec2:ReleaseAddress", "ec2:ReplaceRoute", "ec2:ReplaceRouteTableAssociation", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:DisassociateIamInstanceProfile", "ec2:DisassociateRouteTable", "ec2:DisassociateSubnetCidrBlock", "ec2:ModifyInstancePlacement", "ec2:DeletePlacementGroup", "ec2:CreatePlacementGroup", "elasticfilesystem:DeleteFileSystem", "elasticfilesystem:DeleteMountTarget", "ds:AddIpRoutes", "ds:CreateComputer", "ds:CreateMicrosoftAD", "ds:DeleteDirectory", "servicecatalog:AssociateProductWithPortfolio", "cloudformation:GetTemplateSummary", "sts:GetCallerIdentity", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:GetResource", "cloudformation:GetResourceRequestStatus", "cloudformation:GetGeneratedTemplate", "cloudformation:GetStackPolicy", "cloudformation:GetTemplate", "cloudformation:GetTemplateSummary", "cloudformation:ListStacks", "cloudformation:SignalResource", "cloudformation:DeleteStack", "ec2:StopInstances", "ec2:TerminateInstances", "iam:CreateInstanceProfile", "iam:DeleteInstanceProfile", "iam:RemoveRoleFromInstanceProfile", "iam:AddRoleToInstanceProfile", "iam:PassRole", "autoscaling:AttachInstances", "autoscaling:CreateAutoScalingGroup", "autoscaling:CreateLaunchConfiguration", "autoscaling:DeleteAutoScalingGroup", "autoscaling:DeleteLaunchConfiguration", "autoscaling:UpdateAutoScalingGroup", "autoscaling:CreateOrUpdateTags", "logs:CreateLogStream", "logs:DeleteLogGroup", "logs:DeleteLogStream", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:PutLogEvents", "resource-groups:CreateGroup", "resource-groups:DeleteGroup", "sns:ListSubscriptionsByTopic", "sns:Publish", "ssm:DeleteDocument", "ssm:DeleteParameter", "ssm:DeleteParameters", "ssm:DescribeDocument", "ssm:DescribeDocumentParameters", "ssm:DescribeDocumentPermission", "ssm:GetDocument", "ssm:PutParameter", "ssm:GetDocument", "ssm:SendCommand", "ssm:SendCommand", "logs:DeleteLogStream", "logs:GetLogEvents", "logs:PutLogEvents", "ssm:AddTagsToResource", "ssm:DescribeDocument", "ssm:GetDocument", "ssm:ListTagsForResource", "ssm:RemoveTagsFromResource", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "cloudformation:ValidateTemplate", "ds:DescribeCertificate", "ds:DescribeClientAuthenticationSettings", "ds:DescribeConditionalForwarders", "ds:DescribeDirectories", "ds:DescribeDomainControllers", "ds:DescribeEventTopics", "ds:DescribeLDAPSSettings", "ds:DescribeRegions", "ds:DescribeSettings", "ds:DescribeSharedDirectories", "ds:DescribeSnapshots", "ds:DescribeTrusts", "ds:DescribeUpdateDirectory", "ds:ListAuthorizedApplications", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:GetAssociatedEnclaveCertificateIamRoles", "ec2:GetAssociatedIpv6PoolCidrs", "ec2:GetAwsNetworkPerformanceData", "ec2:GetCapacityReservationUsage", "ec2:GetCoipPoolUsage", "ec2:GetConsoleOutput", "ec2:GetConsoleScreenshot", "ec2:GetDefaultCreditSpecification", "ec2:GetEbsDefaultKmsKeyId", "ec2:GetEbsEncryptionByDefault", "ec2:GetFlowLogsIntegrationTemplate", "ec2:GetGroupsForCapacityReservation", "ec2:GetHostReservationPurchasePreview", "ec2:GetImageBlockPublicAccessState", "ec2:GetInstanceMetadataDefaults", "ec2:GetInstanceTypesFromInstanceRequirements", "ec2:GetInstanceUefiData", "ec2:GetIpamAddressHistory", "ec2:GetIpamDiscoveredAccounts", "ec2:GetIpamDiscoveredPublicAddresses", "ec2:GetIpamDiscoveredResourceCidrs", "ec2:GetIpamPoolAllocations", "ec2:GetIpamPoolCidrs", "ec2:GetIpamResourceCidrs", "ec2:GetLaunchTemplateData", "ec2:GetManagedPrefixListAssociations", "ec2:GetManagedPrefixListEntries", "ec2:GetNetworkInsightsAccessScopeAnalysisFindings", "ec2:GetNetworkInsightsAccessScopeContent", "ec2:GetPasswordData", "ec2:GetReservedInstancesExchangeQuote", "ec2:GetResourcePolicy", "ec2:GetSecurityGroupsForVpc", "ec2:GetSerialConsoleAccessStatus", "ec2:GetSnapshotBlockPublicAccessState", "ec2:GetSpotPlacementScores", "ec2:GetSubnetCidrReservations", "ec2:GetTransitGatewayAttachmentPropagations", "ec2:GetTransitGatewayMulticastDomainAssociations", "ec2:GetTransitGatewayPolicyTableAssociations", "ec2:GetTransitGatewayPolicyTableEntries", "ec2:GetTransitGatewayPrefixListReferences", "ec2:GetTransitGatewayRouteTableAssociations", "ec2:GetTransitGatewayRouteTablePropagations", "ec2:GetVerifiedAccessEndpointPolicy", "ec2:GetVerifiedAccessGroupPolicy", "ec2:GetVerifiedAccessInstanceWebAcl", "ec2:GetVpnConnectionDeviceSampleConfiguration", "ec2:GetVpnConnectionDeviceTypes", "ec2:GetVpnTunnelReplacementStatus", "iam:GetRole", "iam:GetRolePolicy", "iam:GetUser", "iam:GetPolicyVersion", "iam:GetPolicy", "iam:ListAccessKeys", "iam:ListAccountAliases", "iam:ListAttachedGroupPolicies", "iam:ListAttachedRolePolicies", "iam:ListAttachedUserPolicies", "iam:ListCloudFrontPublicKeys", "iam:ListEntitiesForPolicy", "iam:ListGroupPolicies", "iam:ListGroups", "iam:ListGroupsForUser", "iam:ListInstanceProfileTags", "iam:ListInstanceProfiles", "iam:ListInstanceProfilesForRole", "iam:ListMFADeviceTags", "iam:ListMFADevices", "iam:ListOpenIDConnectProviderTags", "iam:ListOpenIDConnectProviders", "iam:ListPolicies", "iam:ListPoliciesGrantingServiceAccess", "iam:ListPolicyTags", "iam:ListPolicyVersions", "iam:ListRolePolicies", "iam:ListRoleTags", "iam:ListRoles", "iam:ListSAMLProviderTags", "iam:ListSAMLProviders", "iam:ListSSHPublicKeys", "iam:ListSTSRegionalEndpointsStatus", "iam:ListServerCertificateTags", "iam:ListServerCertificates", "iam:ListServiceSpecificCredentials", "iam:ListSigningCertificates", "iam:ListUserPolicies", "iam:ListUserTags", "iam:ListUsers", "iam:ListVirtualMFADevices", "logs:CreateLogGroup", "logs:GetLogDelivery", "logs:GetLogRecord", "logs:ListLogDeliveries", "resource-groups:GetAccountSettings", "resource-groups:GetGroup", "resource-groups:GetGroupConfiguration", "resource-groups:GetGroupPolicy", "resource-groups:GetGroupQuery", "resource-groups:GetTags", "resource-groups:ListGroupResources", "resource-groups:ListGroups", "resource-groups:ListResourceTypes", "servicequotas:GetServiceQuota", "servicequotas:ListServiceQuotas", "sns:ListSubscriptions", "sns:ListTopics", "ssm:CreateDocument", "ssm:DescribeAutomationExecutions", "ssm:DescribeAutomationStepExecutions", "ssm:DescribeInstanceInformation", "ssm:DescribeParameters", "ssm:GetAutomationExecution", "ssm:GetCommandInvocation", "ssm:GetParameter", "ssm:GetParameterHistory", "ssm:GetParameters", "ssm:GetParametersByPath", "ssm:GetConnectionStatus", "ssm:ListCommandInvocations", "ssm:ListCommands", "ssm:ListDocumentMetadataHistory", "ssm:ListDocumentVersions", "ssm:ListDocuments", "ssm:ListInstanceAssociations", "ssm:SendAutomationSignal", "tag:GetComplianceSummary", "tag:GetResources", "tag:GetTagKeys", "tag:GetTagValues", "ssm:StartAutomationExecution", "ssm:StopAutomationExecution", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetLogRecord", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeChangeSet", "cloudformation:DescribeChangeSetHooks", "cloudformation:DescribeGeneratedTemplate", "cloudformation:DescribeOrganizationsAccess", "cloudformation:DescribePublisher", "cloudformation:DescribeResourceScan", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:DescribeType", "cloudformation:DescribeTypeRegistration", "iam:CreateServiceLinkedRole", "launchwizard:CreateAdditionalNode", "launchwizard:CreateDeployment", "launchwizard:CreateSettingsSet", "launchwizard:DeleteAdditionalNode", "launchwizard:DeleteApp", "launchwizard:DeleteDeployment", "launchwizard:DeleteSettingsSet", "launchwizard:DescribeAdditionalNode", "launchwizard:DescribeProvisionedApp", "launchwizard:DescribeProvisioningEvents", "launchwizard:DescribeSettingsSet", "launchwizard:GetDeployment", "launchwizard:GetInfrastructureSuggestion", "launchwizard:GetIpAddress", "launchwizard:GetResourceCostEstimate", "launchwizard:GetResourceRecommendation", "launchwizard:GetSettingsSet", "launchwizard:GetWorkload", "launchwizard:GetWorkloadAsset", "launchwizard:GetWorkloadAssets", "launchwizard:ListAdditionalNodes", "launchwizard:ListAllowedResources", "launchwizard:ListDeploymentEvents", "launchwizard:ListDeployments", "launchwizard:ListProvisionedApps", "launchwizard:ListResourceCostEstimates", "launchwizard:ListSettingsSets", "launchwizard:ListWorkloadDeploymentOptions", "launchwizard:ListWorkloadDeploymentPatterns", "launchwizard:ListWorkloads", "launchwizard:PutSettingsSet", "launchwizard:StartProvisioning", "launchwizard:UpdateSettingsSet", "sqs:TagQueue", "sqs:GetQueueUrl", "sqs:AddPermission", "sqs:ListQueues", "sqs:DeleteQueue", "sqs:GetQueueAttributes", "sqs:ListQueueTags", "sqs:CreateQueue", "sqs:SetQueueAttributes", "cloudwatch:PutMetricAlarm", "iam:GetInstanceProfile", "cloudwatch:DeleteAlarms", "cloudwatch:DescribeAlarms", "cloudformation:CreateStack", "route53:ListHostedZones", "ec2:CreateSecurityGroup", "ec2:AuthorizeSecurityGroupIngress", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:CreateFileSystem", "elasticfilesystem:CreateMountTarget", "elasticfilesystem:DescribeMountTargets", "elasticfilesystem:DescribeMountTargetSecurityGroups", "s3:GetObject", "s3:PutObject", "cloudformation:TagResource", "s3:CreateBucket", "s3:PutBucketVersioning", "s3:DeleteBucket", "lambda:CreateFunction", "lambda:DeleteFunction", "lambda:GetFunction", "lambda:GetFunctionConfiguration", "lambda:InvokeFunction", "dynamodb:CreateTable", "dynamodb:DescribeTable", "dynamodb:DeleteTable", "secretsmanager:CreateSecret", "secretsmanager:DeleteSecret", "secretsmanager:TagResource", "secretsmanager:UntagResource", "secretsmanager:PutResourcePolicy", "secretsmanager:DeleteResourcePolicy", "secretsmanager:ListSecretVersionIds", "secretsmanager:GetSecretValue", "secretsmanager:GetRandomPassword", "secretsmanager:ListSecrets", "ssm:CreateOpsMetadata", "ssm:DeleteOpsMetadata", "sns:CreateTopic", "sns:DeleteTopic", "sns:Subscribe", "sns:Unsubscribe", "fsx:UntagResource", "fsx:TagResource", "fsx:DeleteFileSystem", "fsx:ListTagsForResource", "fsx:CreateFileSystem", "fsx:DescribeFileSystems", "servicecatalog:CreatePortfolio", "servicecatalog:DescribePortfolio", "servicecatalog:CreateConstraint", "servicecatalog:CreateProduct", "servicecatalog:AssociatePrincipalWithPortfolio", "servicecatalog:CreateProvisioningArtifact", "servicecatalog:TagResource", "servicecatalog:UntagResource", "ssm:CreateAssociation", "ssm:DeleteAssociation", "elasticfilesystem:UntagResource", "elasticfilesystem:TagResource", "logs:TagResource", "logs:UntagResource" ], "malformed": false, "name": "AmazonLaunchWizard_Fullaccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v15" }, { "access_levels": [ "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSVPCVerifiedAccessServiceRolePolicy", "createdate": "2023-11-17T21:03:13Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:ModifyNetworkInterfaceAttribute", "ec2:DeleteNetworkInterface", "ec2:ModifyNetworkInterfaceAttribute", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterface", "ec2:CreateTags" ], "malformed": false, "name": "AWSVPCVerifiedAccessServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-17T21:03:13+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonQLDBReadOnly", "createdate": "2021-07-02T02:17:25Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "qldb:ListLedgers", "qldb:DescribeLedger", "qldb:ListJournalS3Exports", "qldb:ListJournalS3ExportsForLedger", "qldb:DescribeJournalS3Export", "qldb:DescribeJournalKinesisStream", "qldb:ListJournalKinesisStreamsForLedger", "qldb:GetBlock", "qldb:GetDigest", "qldb:GetRevision", "qldb:ListTagsForResource" ], "malformed": false, "name": "AmazonQLDBReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-07-02T02:17:25+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonCognitoPowerUser", "createdate": "2021-05-27T22:48:53Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "cognito-identity:CreateIdentityPool", "cognito-identity:DeleteIdentities", "cognito-identity:DeleteIdentityPool", "cognito-identity:DescribeIdentity", "cognito-identity:DescribeIdentityPool", "cognito-identity:GetCredentialsForIdentity", "cognito-identity:GetId", "cognito-identity:GetIdentityPoolAnalytics", "cognito-identity:GetIdentityPoolDailyAnalytics", "cognito-identity:GetIdentityPoolRoles", "cognito-identity:GetIdentityProviderDailyAnalytics", "cognito-identity:GetOpenIdToken", "cognito-identity:GetOpenIdTokenForDeveloperIdentity", "cognito-identity:GetPrincipalTagAttributeMap", "cognito-identity:ListIdentities", "cognito-identity:ListIdentityPools", "cognito-identity:ListTagsForResource", "cognito-identity:LookupDeveloperIdentity", "cognito-identity:MergeDeveloperIdentities", "cognito-identity:SetIdentityPoolRoles", "cognito-identity:SetPrincipalTagAttributeMap", "cognito-identity:TagResource", "cognito-identity:UnlinkDeveloperIdentity", "cognito-identity:UnlinkIdentity", "cognito-identity:UntagResource", "cognito-identity:UpdateIdentityPool", "cognito-idp:AddCustomAttributes", "cognito-idp:AdminAddUserToGroup", "cognito-idp:AdminConfirmSignUp", "cognito-idp:AdminCreateUser", "cognito-idp:AdminDeleteUser", "cognito-idp:AdminDeleteUserAttributes", "cognito-idp:AdminDisableProviderForUser", "cognito-idp:AdminDisableUser", "cognito-idp:AdminEnableUser", "cognito-idp:AdminForgetDevice", "cognito-idp:AdminGetDevice", "cognito-idp:AdminGetUser", "cognito-idp:AdminInitiateAuth", "cognito-idp:AdminLinkProviderForUser", "cognito-idp:AdminListDevices", "cognito-idp:AdminListGroupsForUser", "cognito-idp:AdminListUserAuthEvents", "cognito-idp:AdminRemoveUserFromGroup", "cognito-idp:AdminResetUserPassword", "cognito-idp:AdminRespondToAuthChallenge", "cognito-idp:AdminSetUserMFAPreference", "cognito-idp:AdminSetUserPassword", "cognito-idp:AdminSetUserSettings", "cognito-idp:AdminUpdateAuthEventFeedback", "cognito-idp:AdminUpdateDeviceStatus", "cognito-idp:AdminUpdateUserAttributes", "cognito-idp:AdminUserGlobalSignOut", "cognito-idp:AssociateSoftwareToken", "cognito-idp:AssociateWebACL", "cognito-idp:ChangePassword", "cognito-idp:ConfirmDevice", "cognito-idp:ConfirmForgotPassword", "cognito-idp:ConfirmSignUp", "cognito-idp:CreateGroup", "cognito-idp:CreateIdentityProvider", "cognito-idp:CreateResourceServer", "cognito-idp:CreateUserImportJob", "cognito-idp:CreateUserPool", "cognito-idp:CreateUserPoolClient", "cognito-idp:CreateUserPoolDomain", "cognito-idp:DeleteGroup", "cognito-idp:DeleteIdentityProvider", "cognito-idp:DeleteResourceServer", "cognito-idp:DeleteUser", "cognito-idp:DeleteUserAttributes", "cognito-idp:DeleteUserPool", "cognito-idp:DeleteUserPoolClient", "cognito-idp:DeleteUserPoolDomain", "cognito-idp:DescribeIdentityProvider", "cognito-idp:DescribeResourceServer", "cognito-idp:DescribeRiskConfiguration", "cognito-idp:DescribeUserImportJob", "cognito-idp:DescribeUserPool", "cognito-idp:DescribeUserPoolClient", "cognito-idp:DescribeUserPoolDomain", "cognito-idp:DisassociateWebACL", "cognito-idp:ForgetDevice", "cognito-idp:ForgotPassword", "cognito-idp:GetCSVHeader", "cognito-idp:GetDevice", "cognito-idp:GetGroup", "cognito-idp:GetIdentityProviderByIdentifier", "cognito-idp:GetLogDeliveryConfiguration", "cognito-idp:GetSigningCertificate", "cognito-idp:GetUICustomization", "cognito-idp:GetUser", "cognito-idp:GetUserAttributeVerificationCode", "cognito-idp:GetUserPoolMfaConfig", "cognito-idp:GetWebACLForResource", "cognito-idp:GlobalSignOut", "cognito-idp:InitiateAuth", "cognito-idp:ListDevices", "cognito-idp:ListGroups", "cognito-idp:ListIdentityProviders", "cognito-idp:ListResourceServers", "cognito-idp:ListResourcesForWebACL", "cognito-idp:ListTagsForResource", "cognito-idp:ListUserImportJobs", "cognito-idp:ListUserPoolClients", "cognito-idp:ListUserPools", "cognito-idp:ListUsers", "cognito-idp:ListUsersInGroup", "cognito-idp:ResendConfirmationCode", "cognito-idp:RespondToAuthChallenge", "cognito-idp:RevokeToken", "cognito-idp:SetLogDeliveryConfiguration", "cognito-idp:SetRiskConfiguration", "cognito-idp:SetUICustomization", "cognito-idp:SetUserMFAPreference", "cognito-idp:SetUserPoolMfaConfig", "cognito-idp:SetUserSettings", "cognito-idp:SignUp", "cognito-idp:StartUserImportJob", "cognito-idp:StopUserImportJob", "cognito-idp:TagResource", "cognito-idp:UntagResource", "cognito-idp:UpdateAuthEventFeedback", "cognito-idp:UpdateDeviceStatus", "cognito-idp:UpdateGroup", "cognito-idp:UpdateIdentityProvider", "cognito-idp:UpdateResourceServer", "cognito-idp:UpdateUserAttributes", "cognito-idp:UpdateUserPool", "cognito-idp:UpdateUserPoolClient", "cognito-idp:UpdateUserPoolDomain", "cognito-idp:VerifySoftwareToken", "cognito-idp:VerifyUserAttribute", "cognito-sync:BulkPublish", "cognito-sync:DeleteDataset", "cognito-sync:DescribeDataset", "cognito-sync:DescribeIdentityPoolUsage", "cognito-sync:DescribeIdentityUsage", "cognito-sync:GetBulkPublishDetails", "cognito-sync:GetCognitoEvents", "cognito-sync:GetIdentityPoolConfiguration", "cognito-sync:ListDatasets", "cognito-sync:ListIdentityPoolUsage", "cognito-sync:ListRecords", "cognito-sync:QueryRecords", "cognito-sync:RegisterDevice", "cognito-sync:SetCognitoEvents", "cognito-sync:SetDatasetConfiguration", "cognito-sync:SetIdentityPoolConfiguration", "cognito-sync:SubscribeToDataset", "cognito-sync:UnsubscribeFromDataset", "cognito-sync:UpdateRecords", "iam:ListRoles", "iam:ListOpenIDConnectProviders", "iam:GetRole", "iam:ListSAMLProviders", "iam:GetSAMLProvider", "kinesis:ListStreams", "lambda:GetPolicy", "lambda:ListFunctions", "sns:GetSMSSandboxAccountStatus", "sns:ListPlatformApplications", "ses:ListIdentities", "ses:GetIdentityVerificationAttributes", "mobiletargeting:GetApps", "acm:ListCertificates", "iam:CreateServiceLinkedRole", "iam:DeleteServiceLinkedRole", "iam:GetServiceLinkedRoleDeletionStatus" ], "malformed": false, "name": "AmazonCognitoPowerUser", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-06-01T17:33:32+00:00", "version": "v6" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management", "Unknown" ], "arn": "arn:aws:iam::aws:policy/job-function/SystemAdministrator", "createdate": "2020-08-24T20:05:29Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "acm:DescribeCertificate", "acm:GetAccountConfiguration", "acm:GetCertificate", "acm:ListCertificates", "acm:ListTagsForCertificate", "acm:RequestCertificate", "acm:ResendValidationEmail", "autoscaling:AttachInstances", "autoscaling:AttachLoadBalancerTargetGroups", "autoscaling:AttachLoadBalancers", "autoscaling:AttachTrafficSources", "autoscaling:BatchDeleteScheduledAction", "autoscaling:BatchPutScheduledUpdateGroupAction", "autoscaling:CancelInstanceRefresh", "autoscaling:CompleteLifecycleAction", "autoscaling:CreateAutoScalingGroup", "autoscaling:CreateLaunchConfiguration", "autoscaling:CreateOrUpdateTags", "autoscaling:DeleteAutoScalingGroup", "autoscaling:DeleteLaunchConfiguration", "autoscaling:DeleteLifecycleHook", "autoscaling:DeleteNotificationConfiguration", "autoscaling:DeletePolicy", "autoscaling:DeleteScheduledAction", "autoscaling:DeleteTags", "autoscaling:DeleteWarmPool", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "autoscaling:DetachInstances", "autoscaling:DetachLoadBalancerTargetGroups", "autoscaling:DetachLoadBalancers", "autoscaling:DetachTrafficSources", "autoscaling:DisableMetricsCollection", "autoscaling:EnableMetricsCollection", "autoscaling:EnterStandby", "autoscaling:ExecutePolicy", "autoscaling:ExitStandby", "autoscaling:GetPredictiveScalingForecast", "autoscaling:PutLifecycleHook", "autoscaling:PutNotificationConfiguration", "autoscaling:PutScalingPolicy", "autoscaling:PutScheduledUpdateGroupAction", "autoscaling:PutWarmPool", "autoscaling:RecordLifecycleActionHeartbeat", "autoscaling:ResumeProcesses", "autoscaling:RollbackInstanceRefresh", "autoscaling:SetDesiredCapacity", "autoscaling:SetInstanceHealth", "autoscaling:SetInstanceProtection", "autoscaling:StartInstanceRefresh", "autoscaling:SuspendProcesses", "autoscaling:TerminateInstanceInAutoScalingGroup", "autoscaling:UpdateAutoScalingGroup", "cloudtrail:DescribeTrails", "cloudtrail:GetTrailStatus", "cloudtrail:ListPublicKeys", "cloudtrail:ListTags", "cloudtrail:LookupEvents", "cloudtrail:StartLogging", "cloudtrail:StopLogging", "cloudwatch:BatchGetServiceLevelIndicatorReport", "cloudwatch:BatchGetServiceLevelObjectiveBudgetReport", "cloudwatch:CreateServiceLevelObjective", "cloudwatch:DeleteAlarms", "cloudwatch:DeleteAnomalyDetector", "cloudwatch:DeleteDashboards", "cloudwatch:DeleteInsightRules", "cloudwatch:DeleteMetricStream", "cloudwatch:DeleteServiceLevelObjective", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:DisableAlarmActions", "cloudwatch:DisableInsightRules", "cloudwatch:EnableAlarmActions", "cloudwatch:EnableInsightRules", "cloudwatch:EnableTopologyDiscovery", "cloudwatch:GenerateQuery", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:Link", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "cloudwatch:PutAnomalyDetector", "cloudwatch:PutCompositeAlarm", "cloudwatch:PutDashboard", "cloudwatch:PutInsightRule", "cloudwatch:PutManagedInsightRules", "cloudwatch:PutMetricAlarm", "cloudwatch:PutMetricData", "cloudwatch:PutMetricStream", "cloudwatch:SetAlarmState", "cloudwatch:StartMetricStreams", "cloudwatch:StopMetricStreams", "cloudwatch:TagResource", "cloudwatch:UntagResource", "cloudwatch:UpdateServiceLevelObjective", "codecommit:BatchGetRepositories", "codecommit:CreateBranch", "codecommit:CreateRepository", "codecommit:GetApprovalRuleTemplate", "codecommit:GetBlob", "codecommit:GetBranch", "codecommit:GetComment", "codecommit:GetCommentReactions", "codecommit:GetCommentsForComparedCommit", "codecommit:GetCommentsForPullRequest", "codecommit:GetCommit", "codecommit:GetCommitHistory", "codecommit:GetCommitsFromMergeBase", "codecommit:GetDifferences", "codecommit:GetFile", "codecommit:GetFolder", "codecommit:GetMergeCommit", "codecommit:GetMergeConflicts", "codecommit:GetMergeOptions", "codecommit:GetObjectIdentifier", "codecommit:GetPullRequest", "codecommit:GetPullRequestApprovalStates", "codecommit:GetPullRequestOverrideState", "codecommit:GetReferences", "codecommit:GetRepository", "codecommit:GetRepositoryTriggers", "codecommit:GetTree", "codecommit:GetUploadArchiveStatus", "codecommit:GitPull", "codecommit:GitPush", "codecommit:ListApprovalRuleTemplates", "codecommit:ListAssociatedApprovalRuleTemplatesForRepository", "codecommit:ListBranches", "codecommit:ListFileCommitHistory", "codecommit:ListPullRequests", "codecommit:ListRepositories", "codecommit:ListRepositoriesForApprovalRuleTemplate", "codecommit:ListTagsForResource", "codecommit:PutCommentReaction", "codecommit:PutFile", "codecommit:PutRepositoryTriggers", "codecommit:TestRepositoryTriggers", "codecommit:UpdateApprovalRuleTemplateContent", "codecommit:UpdateApprovalRuleTemplateDescription", "codecommit:UpdateApprovalRuleTemplateName", "codecommit:UpdateComment", "codecommit:UpdateDefaultBranch", "codecommit:UpdatePullRequestApprovalRuleContent", "codecommit:UpdatePullRequestApprovalState", "codecommit:UpdatePullRequestDescription", "codecommit:UpdatePullRequestStatus", "codecommit:UpdatePullRequestTitle", "codecommit:UpdateRepositoryDescription", "codecommit:UpdateRepositoryEncryptionKey", "codecommit:UpdateRepositoryName", "codedeploy:AddTagsToOnPremisesInstances", "codedeploy:BatchGetApplicationRevisions", "codedeploy:BatchGetApplications", "codedeploy:BatchGetDeploymentGroups", "codedeploy:BatchGetDeploymentInstances", "codedeploy:BatchGetDeploymentTargets", "codedeploy:BatchGetDeployments", "codedeploy:BatchGetOnPremisesInstances", "codedeploy:ContinueDeployment", "codedeploy:CreateApplication", "codedeploy:CreateCloudFormationDeployment", "codedeploy:CreateDeployment", "codedeploy:CreateDeploymentConfig", "codedeploy:CreateDeploymentGroup", "codedeploy:DeleteApplication", "codedeploy:DeleteDeploymentConfig", "codedeploy:DeleteDeploymentGroup", "codedeploy:DeleteGitHubAccountToken", "codedeploy:DeleteResourcesByExternalId", "codedeploy:DeregisterOnPremisesInstance", "codedeploy:GetApplication", "codedeploy:GetApplicationRevision", "codedeploy:GetDeployment", "codedeploy:GetDeploymentConfig", "codedeploy:GetDeploymentGroup", "codedeploy:GetDeploymentInstance", "codedeploy:GetDeploymentTarget", "codedeploy:GetOnPremisesInstance", "codedeploy:ListApplicationRevisions", "codedeploy:ListApplications", "codedeploy:ListDeploymentConfigs", "codedeploy:ListDeploymentGroups", "codedeploy:ListDeploymentInstances", "codedeploy:ListDeploymentTargets", "codedeploy:ListDeployments", "codedeploy:ListGitHubAccountTokenNames", "codedeploy:ListOnPremisesInstances", "codedeploy:ListTagsForResource", "codedeploy:PutLifecycleEventHookExecutionStatus", "codedeploy:RegisterApplicationRevision", "codedeploy:RegisterOnPremisesInstance", "codedeploy:RemoveTagsFromOnPremisesInstances", "codedeploy:SkipWaitTimeForInstanceTermination", "codedeploy:StopDeployment", "codedeploy:TagResource", "codedeploy:UntagResource", "codedeploy:UpdateApplication", "codedeploy:UpdateDeploymentGroup", "codepipeline:AcknowledgeJob", "codepipeline:AcknowledgeThirdPartyJob", "codepipeline:CreateCustomActionType", "codepipeline:CreatePipeline", "codepipeline:DeleteCustomActionType", "codepipeline:DeletePipeline", "codepipeline:DeleteWebhook", "codepipeline:DeregisterWebhookWithThirdParty", "codepipeline:DisableStageTransition", "codepipeline:EnableStageTransition", "codepipeline:GetActionType", "codepipeline:GetJobDetails", "codepipeline:GetPipeline", "codepipeline:GetPipelineExecution", "codepipeline:GetPipelineState", "codepipeline:GetThirdPartyJobDetails", "codepipeline:ListActionExecutions", "codepipeline:ListActionTypes", "codepipeline:ListPipelineExecutions", "codepipeline:ListPipelines", "codepipeline:ListTagsForResource", "codepipeline:ListWebhooks", "codepipeline:PollForJobs", "codepipeline:PollForThirdPartyJobs", "codepipeline:PutActionRevision", "codepipeline:PutApprovalResult", "codepipeline:PutJobFailureResult", "codepipeline:PutJobSuccessResult", "codepipeline:PutThirdPartyJobFailureResult", "codepipeline:PutThirdPartyJobSuccessResult", "codepipeline:PutWebhook", "codepipeline:RegisterWebhookWithThirdParty", "codepipeline:RetryStageExecution", "codepipeline:StartPipelineExecution", "codepipeline:StopPipelineExecution", "codepipeline:TagResource", "codepipeline:UntagResource", "codepipeline:UpdateActionType", "codepipeline:UpdatePipeline", "config:BatchGetAggregateResourceConfig", "config:BatchGetResourceConfig", "config:DeleteAggregationAuthorization", "config:DeleteConfigRule", "config:DeleteConfigurationAggregator", "config:DeleteConfigurationRecorder", "config:DeleteConformancePack", "config:DeleteDeliveryChannel", "config:DeleteEvaluationResults", "config:DeleteOrganizationConfigRule", "config:DeleteOrganizationConformancePack", "config:DeletePendingAggregationRequest", "config:DeleteRemediationConfiguration", "config:DeleteRemediationExceptions", "config:DeleteResourceConfig", "config:DeleteRetentionConfiguration", "config:DeleteStoredQuery", "config:DeliverConfigSnapshot", "config:DescribeAggregateComplianceByConfigRules", "config:DescribeAggregateComplianceByConformancePacks", "config:DescribeAggregationAuthorizations", "config:DescribeComplianceByConfigRule", "config:DescribeComplianceByResource", "config:DescribeConfigRuleEvaluationStatus", "config:DescribeConfigRules", "config:DescribeConfigurationAggregatorSourcesStatus", "config:DescribeConfigurationAggregators", "config:DescribeConfigurationRecorderStatus", "config:DescribeConfigurationRecorders", "config:DescribeConformancePackCompliance", "config:DescribeConformancePackStatus", "config:DescribeConformancePacks", "config:DescribeDeliveryChannelStatus", "config:DescribeDeliveryChannels", "config:DescribeOrganizationConfigRuleStatuses", "config:DescribeOrganizationConfigRules", "config:DescribeOrganizationConformancePackStatuses", "config:DescribeOrganizationConformancePacks", "config:DescribePendingAggregationRequests", "config:DescribeRemediationConfigurations", "config:DescribeRemediationExceptions", "config:DescribeRemediationExecutionStatus", "config:DescribeRetentionConfigurations", "config:GetAggregateComplianceDetailsByConfigRule", "config:GetAggregateConfigRuleComplianceSummary", "config:GetAggregateConformancePackComplianceSummary", "config:GetAggregateDiscoveredResourceCounts", "config:GetAggregateResourceConfig", "config:GetComplianceDetailsByConfigRule", "config:GetComplianceDetailsByResource", "config:GetComplianceSummaryByConfigRule", "config:GetComplianceSummaryByResourceType", "config:GetConformancePackComplianceDetails", "config:GetConformancePackComplianceSummary", "config:GetCustomRulePolicy", "config:GetDiscoveredResourceCounts", "config:GetOrganizationConfigRuleDetailedStatus", "config:GetOrganizationConformancePackDetailedStatus", "config:GetOrganizationCustomRulePolicy", "config:GetResourceConfigHistory", "config:GetResourceEvaluationSummary", "config:GetStoredQuery", "config:ListAggregateDiscoveredResources", "config:ListConformancePackComplianceScores", "config:ListDiscoveredResources", "config:ListResourceEvaluations", "config:ListStoredQueries", "config:ListTagsForResource", "config:PutAggregationAuthorization", "config:PutConfigRule", "config:PutConfigurationAggregator", "config:PutConfigurationRecorder", "config:PutConformancePack", "config:PutDeliveryChannel", "config:PutEvaluations", "config:PutExternalEvaluation", "config:PutOrganizationConfigRule", "config:PutOrganizationConformancePack", "config:PutRemediationConfigurations", "config:PutRemediationExceptions", "config:PutResourceConfig", "config:PutRetentionConfiguration", "config:PutStoredQuery", "config:SelectAggregateResourceConfig", "config:SelectResourceConfig", "config:StartConfigRulesEvaluation", "config:StartConfigurationRecorder", "config:StartRemediationExecution", "config:StartResourceEvaluation", "config:StopConfigurationRecorder", "config:TagResource", "config:UntagResource", "ds:AcceptSharedDirectory", "ds:AddIpRoutes", "ds:AddRegion", "ds:AddTagsToResource", "ds:AuthorizeApplication", "ds:CancelSchemaExtension", "ds:CheckAlias", "ds:ConnectDirectory", "ds:CreateAlias", "ds:CreateComputer", "ds:CreateConditionalForwarder", "ds:CreateDirectory", "ds:CreateIdentityPoolDirectory", "ds:CreateLogSubscription", "ds:CreateMicrosoftAD", "ds:CreateSnapshot", "ds:CreateTrust", "ds:DeleteConditionalForwarder", "ds:DeleteDirectory", "ds:DeleteLogSubscription", "ds:DeleteSnapshot", "ds:DeleteTrust", "ds:DeregisterCertificate", "ds:DeregisterEventTopic", "ds:DescribeCertificate", "ds:DescribeClientAuthenticationSettings", "ds:DescribeConditionalForwarders", "ds:DescribeDirectories", "ds:DescribeDomainControllers", "ds:DescribeEventTopics", "ds:DescribeLDAPSSettings", "ds:DescribeRegions", "ds:DescribeSettings", "ds:DescribeSharedDirectories", "ds:DescribeSnapshots", "ds:DescribeTrusts", "ds:DescribeUpdateDirectory", "ds:DisableClientAuthentication", "ds:DisableLDAPS", "ds:DisableRadius", "ds:DisableRoleAccess", "ds:DisableSso", "ds:EnableClientAuthentication", "ds:EnableLDAPS", "ds:EnableRadius", "ds:EnableRoleAccess", "ds:EnableSso", "ds:GetAuthorizedApplicationDetails", "ds:GetDirectoryLimits", "ds:GetSnapshotLimits", "ds:ListAuthorizedApplications", "ds:ListCertificates", "ds:ListIpRoutes", "ds:ListLogSubscriptions", "ds:ListSchemaExtensions", "ds:ListTagsForResource", "ds:RegisterCertificate", "ds:RegisterEventTopic", "ds:RejectSharedDirectory", "ds:RemoveIpRoutes", "ds:RemoveRegion", "ds:RemoveTagsFromResource", "ds:ResetUserPassword", "ds:RestoreFromSnapshot", "ds:ShareDirectory", "ds:StartSchemaExtension", "ds:UnauthorizeApplication", "ds:UnshareDirectory", "ds:UpdateAuthorizedApplication", "ds:UpdateConditionalForwarder", "ds:UpdateDirectory", "ds:UpdateDirectorySetup", "ds:UpdateNumberOfDomainControllers", "ds:UpdateRadius", "ds:UpdateSettings", "ds:UpdateTrust", "ds:VerifyTrust", "ec2:AllocateAddress", "ec2:AllocateHosts", "ec2:AllocateIpamPoolCidr", "ec2:AssignPrivateIpAddresses", "ec2:AssociateAddress", "ec2:AssociateClientVpnTargetNetwork", "ec2:AssociateDhcpOptions", "ec2:AssociateEnclaveCertificateIamRole", "ec2:AssociateIamInstanceProfile", "ec2:AssociateInstanceEventWindow", "ec2:AssociateIpamByoasn", "ec2:AssociateIpamResourceDiscovery", "ec2:AssociateNatGatewayAddress", "ec2:AssociateRouteTable", "ec2:AssociateSubnetCidrBlock", "ec2:AssociateTransitGatewayMulticastDomain", "ec2:AssociateTransitGatewayPolicyTable", "ec2:AssociateTransitGatewayRouteTable", "ec2:AssociateTrunkInterface", "ec2:AssociateVerifiedAccessInstanceWebAcl", "ec2:AssociateVpcCidrBlock", "ec2:AllocateAddress", "ec2:AllocateHosts", "ec2:AllocateIpamPoolCidr", "ec2:AttachInternetGateway", "ec2:AttachNetworkInterface", "ec2:AttachVpnGateway", "ec2:BundleInstance", "ec2:CancelBundleTask", "ec2:CancelCapacityReservation", "ec2:CancelCapacityReservationFleets", "ec2:CancelConversionTask", "ec2:CancelExportTask", "ec2:CancelImageLaunchPermission", "ec2:CancelImportTask", "ec2:CancelReservedInstancesListing", "ec2:CancelSpotFleetRequests", "ec2:CancelSpotInstanceRequests", "ec2:CopyFpgaImage", "ec2:CopyImage", "ec2:CopySnapshot", "ec2:CreateCustomerGateway", "ec2:CreateDhcpOptions", "ec2:CreateFlowLogs", "ec2:CreateImage", "ec2:CreateInstanceExportTask", "ec2:CreateInternetGateway", "ec2:CreateKeyPair", "ec2:CreateLaunchTemplate", "ec2:CreateLaunchTemplateVersion", "ec2:CreateNatGateway", "ec2:CreateNetworkInterface", "ec2:CreatePlacementGroup", "ec2:CreateReservedInstancesListing", "ec2:CreateRoute", "ec2:CreateRouteTable", "ec2:CreateSecurityGroup", "ec2:CreateSnapshot", "ec2:CreateSpotDatafeedSubscription", "ec2:CreateSubnet", "ec2:CreateTags", "ec2:CreateVolume", "ec2:CreateVpc", "ec2:CreateVpcEndpoint", "ec2:CreateVpnConnection", "ec2:CreateVpnConnectionRoute", "ec2:CreateVpnGateway", "ec2:DeleteFlowLogs", "ec2:DeleteKeyPair", "ec2:DeleteLaunchTemplate", "ec2:DeleteLaunchTemplateVersions", "ec2:DeleteNatGateway", "ec2:DeleteNetworkInterface", "ec2:DeletePlacementGroup", "ec2:DeleteSnapshot", "ec2:DeleteSpotDatafeedSubscription", "ec2:DeleteSubnet", "ec2:DeleteTags", "ec2:DeleteVpc", "ec2:DeleteVpcEndpoints", "ec2:DeleteVpnConnection", "ec2:DeleteVpnConnectionRoute", "ec2:DeleteVpnGateway", "ec2:DeregisterImage", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:DetachInternetGateway", "ec2:DetachNetworkInterface", "ec2:DetachVpnGateway", "ec2:DisableVgwRoutePropagation", "ec2:DisableVpcClassicLinkDnsSupport", "ec2:DisassociateAddress", "ec2:DisassociateRouteTable", "ec2:EnableVgwRoutePropagation", "ec2:EnableVolumeIO", "ec2:EnableVpcClassicLinkDnsSupport", "ec2:GetConsoleOutput", "ec2:GetHostReservationPurchasePreview", "ec2:GetLaunchTemplateData", "ec2:GetPasswordData", "ec2:ImportByoipCidrToIpam", "ec2:ImportClientVpnClientCertificateRevocationList", "ec2:ImportImage", "ec2:ImportInstance", "ec2:ImportKeyPair", "ec2:ImportSnapshot", "ec2:ImportVolume", "ec2:ModifyAddressAttribute", "ec2:ModifyAvailabilityZoneGroup", "ec2:ModifyCapacityReservation", "ec2:ModifyCapacityReservationFleet", "ec2:ModifyClientVpnEndpoint", "ec2:ModifyDefaultCreditSpecification", "ec2:ModifyEbsDefaultKmsKeyId", "ec2:ModifyFleet", "ec2:ModifyFpgaImageAttribute", "ec2:ModifyHosts", "ec2:ModifyIdFormat", "ec2:ModifyIdentityIdFormat", "ec2:ModifyImageAttribute", "ec2:ModifyInstanceAttribute", "ec2:ModifyInstanceCapacityReservationAttributes", "ec2:ModifyInstanceCreditSpecification", "ec2:ModifyInstanceEventStartTime", "ec2:ModifyInstanceEventWindow", "ec2:ModifyInstanceMaintenanceOptions", "ec2:ModifyInstanceMetadataDefaults", "ec2:ModifyInstanceMetadataOptions", "ec2:ModifyInstancePlacement", "ec2:ModifyIpam", "ec2:ModifyIpamPool", "ec2:ModifyIpamResourceCidr", "ec2:ModifyIpamResourceDiscovery", "ec2:ModifyIpamScope", "ec2:ModifyLaunchTemplate", "ec2:ModifyLocalGatewayRoute", "ec2:ModifyManagedPrefixList", "ec2:ModifyNetworkInterfaceAttribute", "ec2:ModifyPrivateDnsNameOptions", "ec2:ModifyReservedInstances", "ec2:ModifySecurityGroupRules", "ec2:ModifySnapshotAttribute", "ec2:ModifySnapshotTier", "ec2:ModifySpotFleetRequest", "ec2:ModifySubnetAttribute", "ec2:ModifyTrafficMirrorFilterNetworkServices", "ec2:ModifyTrafficMirrorFilterRule", "ec2:ModifyTrafficMirrorSession", "ec2:ModifyTransitGateway", "ec2:ModifyTransitGatewayPrefixListReference", "ec2:ModifyTransitGatewayVpcAttachment", "ec2:ModifyVerifiedAccessEndpoint", "ec2:ModifyVerifiedAccessEndpointPolicy", "ec2:ModifyVerifiedAccessGroup", "ec2:ModifyVerifiedAccessGroupPolicy", "ec2:ModifyVerifiedAccessInstance", "ec2:ModifyVerifiedAccessInstanceLoggingConfiguration", "ec2:ModifyVerifiedAccessTrustProvider", "ec2:ModifyVolume", "ec2:ModifyVolumeAttribute", "ec2:ModifyVpcAttribute", "ec2:ModifyVpcEndpoint", "ec2:ModifyVpcEndpointConnectionNotification", "ec2:ModifyVpcEndpointServiceConfiguration", "ec2:ModifyVpcEndpointServicePayerResponsibility", "ec2:ModifyVpcEndpointServicePermissions", "ec2:ModifyVpcPeeringConnectionOptions", "ec2:ModifyVpcTenancy", "ec2:ModifyVpnConnection", "ec2:ModifyVpnConnectionOptions", "ec2:ModifyVpnTunnelCertificate", "ec2:ModifyVpnTunnelOptions", "ec2:MonitorInstances", "ec2:MoveAddressToVpc", "ec2:PurchaseCapacityBlock", "ec2:PurchaseHostReservation", "ec2:PurchaseReservedInstancesOffering", "ec2:PurchaseScheduledInstances", "ec2:RegisterImage", "ec2:ReleaseAddress", "ec2:ReleaseHosts", "ec2:ReleaseIpamPoolAllocation", "ec2:ReplaceIamInstanceProfileAssociation", "ec2:ReplaceNetworkAclAssociation", "ec2:ReplaceNetworkAclEntry", "ec2:ReplaceRoute", "ec2:ReplaceRouteTableAssociation", "ec2:ReplaceTransitGatewayRoute", "ec2:ReplaceVpnTunnel", "ec2:ReportInstanceStatus", "ec2:RequestSpotFleet", "ec2:RequestSpotInstances", "ec2:ResetAddressAttribute", "ec2:ResetEbsDefaultKmsKeyId", "ec2:ResetFpgaImageAttribute", "ec2:ResetImageAttribute", "ec2:ResetInstanceAttribute", "ec2:ResetNetworkInterfaceAttribute", "ec2:ResetSnapshotAttribute", "ec2:RestoreAddressToClassic", "ec2:RunScheduledInstances", "ec2:UnassignPrivateIpAddresses", "ec2:UnmonitorInstances", "ec2:UpdateSecurityGroupRuleDescriptionsEgress", "ec2:UpdateSecurityGroupRuleDescriptionsIngress", "elasticloadbalancing:AddTags", "elasticloadbalancing:ApplySecurityGroupsToLoadBalancer", "elasticloadbalancing:AttachLoadBalancerToSubnets", "elasticloadbalancing:ConfigureHealthCheck", "elasticloadbalancing:CreateAppCookieStickinessPolicy", "elasticloadbalancing:CreateLBCookieStickinessPolicy", "elasticloadbalancing:CreateLoadBalancer", "elasticloadbalancing:CreateLoadBalancerListeners", "elasticloadbalancing:CreateLoadBalancerPolicy", "elasticloadbalancing:DeleteLoadBalancer", "elasticloadbalancing:DeleteLoadBalancerListeners", "elasticloadbalancing:DeleteLoadBalancerPolicy", "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DetachLoadBalancerFromSubnets", "elasticloadbalancing:DisableAvailabilityZonesForLoadBalancer", "elasticloadbalancing:EnableAvailabilityZonesForLoadBalancer", "elasticloadbalancing:ModifyLoadBalancerAttributes", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:RemoveTags", "elasticloadbalancing:SetLoadBalancerListenerSSLCertificate", "elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer", "elasticloadbalancing:SetLoadBalancerPoliciesOfListener", "elasticloadbalancing:AddListenerCertificates", "elasticloadbalancing:AddTrustStoreRevocations", "elasticloadbalancing:CreateListener", "elasticloadbalancing:CreateRule", "elasticloadbalancing:CreateTargetGroup", "elasticloadbalancing:CreateTrustStore", "elasticloadbalancing:DeleteListener", "elasticloadbalancing:DeleteRule", "elasticloadbalancing:DeleteTargetGroup", "elasticloadbalancing:DeleteTrustStore", "elasticloadbalancing:DeregisterTargets", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "elasticloadbalancing:GetTrustStoreCaCertificatesBundle", "elasticloadbalancing:GetTrustStoreRevocationContent", "elasticloadbalancing:ModifyListener", "elasticloadbalancing:ModifyRule", "elasticloadbalancing:ModifyTargetGroup", "elasticloadbalancing:ModifyTargetGroupAttributes", "elasticloadbalancing:ModifyTrustStore", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:RemoveListenerCertificates", "elasticloadbalancing:RemoveTrustStoreRevocations", "elasticloadbalancing:SetIpAddressType", "elasticloadbalancing:SetRulePriorities", "elasticloadbalancing:SetSecurityGroups", "elasticloadbalancing:SetSubnets", "elasticloadbalancing:SetWebAcl", "events:ActivateEventSource", "events:CancelReplay", "events:CreateApiDestination", "events:CreateArchive", "events:CreateConnection", "events:CreateEndpoint", "events:CreateEventBus", "events:CreatePartnerEventSource", "events:DeactivateEventSource", "events:DeauthorizeConnection", "events:DeleteApiDestination", "events:DeleteArchive", "events:DeleteConnection", "events:DeleteEndpoint", "events:DeleteEventBus", "events:DeletePartnerEventSource", "events:DeleteRule", "events:DescribeApiDestination", "events:DescribeArchive", "events:DescribeConnection", "events:DescribeEndpoint", "events:DescribeEventBus", "events:DescribeEventSource", "events:DescribePartnerEventSource", "events:DescribeReplay", "events:DescribeRule", "events:DisableRule", "events:EnableRule", "events:InvokeApiDestination", "events:ListApiDestinations", "events:ListArchives", "events:ListConnections", "events:ListEndpoints", "events:ListEventBuses", "events:ListEventSources", "events:ListPartnerEventSourceAccounts", "events:ListPartnerEventSources", "events:ListReplays", "events:ListRuleNamesByTarget", "events:ListRules", "events:ListTagsForResource", "events:ListTargetsByRule", "events:PutEvents", "events:PutPartnerEvents", "events:PutPermission", "events:PutRule", "events:PutTargets", "events:RemovePermission", "events:RemoveTargets", "events:RetrieveConnectionCredentials", "events:StartReplay", "events:TagResource", "events:TestEventPattern", "events:UntagResource", "events:UpdateApiDestination", "events:UpdateArchive", "events:UpdateConnection", "events:UpdateEndpoint", "iam:GetAccountAuthorizationDetails", "iam:GetAccountEmailAddress", "iam:GetAccountName", "iam:GetAccountPasswordPolicy", "iam:GetAccountSummary", "iam:GetContextKeysForCustomPolicy", "iam:GetContextKeysForPrincipalPolicy", "iam:GetCredentialReport", "iam:ListAccountAliases", "iam:ListGroups", "iam:ListOpenIDConnectProviders", "iam:ListPolicies", "iam:ListPoliciesGrantingServiceAccess", "iam:ListRoles", "iam:ListSAMLProviders", "iam:ListServerCertificates", "iam:SimulateCustomPolicy", "iam:SimulatePrincipalPolicy", "iam:UpdateServerCertificate", "iam:UpdateSigningCertificate", "kinesis:ListStreams", "kinesis:PutRecord", "kms:CreateAlias", "kms:CreateKey", "kms:DeleteAlias", "kms:DescribeCustomKeyStores", "kms:DescribeKey", "kms:GenerateRandom", "kms:GetKeyPolicy", "kms:GetKeyRotationStatus", "kms:GetParametersForImport", "kms:GetPublicKey", "kms:ListAliases", "kms:ListGrants", "kms:ListKeyPolicies", "kms:ListKeyRotations", "kms:ListKeys", "kms:ListResourceTags", "kms:ListRetirableGrants", "kms:Encrypt", "kms:ReEncryptFrom", "kms:ReEncryptTo", "lambda:CreateAlias", "lambda:CreateCodeSigningConfig", "lambda:CreateEventSourceMapping", "lambda:CreateFunction", "lambda:CreateFunctionUrlConfig", "lambda:DeleteAlias", "lambda:DeleteCodeSigningConfig", "lambda:DeleteEventSourceMapping", "lambda:DeleteFunction", "lambda:DeleteFunctionCodeSigningConfig", "lambda:DeleteFunctionConcurrency", "lambda:DeleteFunctionEventInvokeConfig", "lambda:DeleteFunctionUrlConfig", "lambda:DeleteLayerVersion", "lambda:DeleteProvisionedConcurrencyConfig", "lambda:GetAccountSettings", "lambda:GetAlias", "lambda:GetCodeSigningConfig", "lambda:GetEventSourceMapping", "lambda:GetFunction", "lambda:GetFunctionCodeSigningConfig", "lambda:GetFunctionConcurrency", "lambda:GetFunctionConfiguration", "lambda:GetFunctionEventInvokeConfig", "lambda:GetFunctionUrlConfig", "lambda:GetLayerVersion", "lambda:GetLayerVersionPolicy", "lambda:GetPolicy", "lambda:GetProvisionedConcurrencyConfig", "lambda:GetRuntimeManagementConfig", "lambda:InvokeFunction", "lambda:ListAliases", "lambda:ListCodeSigningConfigs", "lambda:ListEventSourceMappings", "lambda:ListFunctionEventInvokeConfigs", "lambda:ListFunctionUrlConfigs", "lambda:ListFunctions", "lambda:ListFunctionsByCodeSigningConfig", "lambda:ListLayerVersions", "lambda:ListLayers", "lambda:ListProvisionedConcurrencyConfigs", "lambda:ListTags", "lambda:ListVersionsByFunction", "lambda:PublishVersion", "lambda:UpdateAlias", "lambda:UpdateCodeSigningConfig", "lambda:UpdateEventSourceMapping", "lambda:UpdateFunctionCode", "lambda:UpdateFunctionCodeSigningConfig", "lambda:UpdateFunctionConfiguration", "lambda:UpdateFunctionEventInvokeConfig", "lambda:UpdateFunctionUrlConfig", "logs:AssociateKmsKey", "logs:CancelExportTask", "logs:CreateDelivery", "logs:CreateExportTask", "logs:CreateLogAnomalyDetector", "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteAccountPolicy", "logs:DeleteDataProtectionPolicy", "logs:DeleteDelivery", "logs:DeleteDeliveryDestination", "logs:DeleteDeliveryDestinationPolicy", "logs:DeleteDeliverySource", "logs:DeleteDestination", "logs:DeleteLogAnomalyDetector", "logs:DeleteLogDelivery", "logs:DeleteLogGroup", "logs:DeleteLogStream", "logs:DeleteMetricFilter", "logs:DeleteQueryDefinition", "logs:DeleteResourcePolicy", "logs:DeleteRetentionPolicy", "logs:DeleteSubscriptionFilter", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:DisassociateKmsKey", "logs:FilterLogEvents", "logs:GetDataProtectionPolicy", "logs:GetDelivery", "logs:GetDeliveryDestination", "logs:GetDeliveryDestinationPolicy", "logs:GetDeliverySource", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetLogRecord", "logs:GetQueryResults", "logs:Link", "logs:ListAnomalies", "logs:ListLogAnomalyDetectors", "logs:ListLogDeliveries", "logs:ListTagsForResource", "logs:ListTagsLogGroup", "logs:PutAccountPolicy", "logs:PutDataProtectionPolicy", "logs:PutDeliveryDestination", "logs:PutDeliveryDestinationPolicy", "logs:PutDeliverySource", "logs:PutDestination", "logs:PutDestinationPolicy", "logs:PutLogEvents", "logs:PutMetricFilter", "logs:PutQueryDefinition", "logs:PutResourcePolicy", "logs:PutRetentionPolicy", "logs:PutSubscriptionFilter", "logs:StartLiveTail", "logs:StartQuery", "logs:StopLiveTail", "logs:StopQuery", "logs:TagLogGroup", "logs:TagResource", "logs:TestMetricFilter", "logs:Unmask", "logs:UntagLogGroup", "logs:UntagResource", "logs:UpdateAnomaly", "logs:UpdateLogAnomalyDetector", "logs:UpdateLogDelivery", "rds:DescribeAccountAttributes", "rds:DescribeBlueGreenDeployments", "rds:DescribeCertificates", "rds:DescribeDBClusterAutomatedBackups", "rds:DescribeDBClusterBacktracks", "rds:DescribeDBClusterEndpoints", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBProxies", "rds:DescribeDBProxyEndpoints", "rds:DescribeDBProxyTargetGroups", "rds:DescribeDBProxyTargets", "rds:DescribeDBRecommendations", "rds:DescribeDBSecurityGroups", "rds:DescribeDBShardGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeDbSnapshotTenantDatabases", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeExportTasks", "rds:DescribeGlobalClusters", "rds:DescribeIntegrations", "rds:DescribeOptionGroupOptions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeRecommendationGroups", "rds:DescribeRecommendations", "rds:DescribeReservedDBInstances", "rds:DescribeReservedDBInstancesOfferings", "rds:DescribeSourceRegions", "rds:DescribeTenantDatabases", "rds:DescribeValidDBInstanceModifications", "rds:ListTagsForResource", "route53:ActivateKeySigningKey", "route53:AssociateVPCWithHostedZone", "route53:ChangeCidrCollection", "route53:ChangeResourceRecordSets", "route53:ChangeTagsForResource", "route53:CreateCidrCollection", "route53:CreateHealthCheck", "route53:CreateHostedZone", "route53:CreateKeySigningKey", "route53:CreateQueryLoggingConfig", "route53:CreateReusableDelegationSet", "route53:CreateTrafficPolicy", "route53:CreateTrafficPolicyInstance", "route53:CreateTrafficPolicyVersion", "route53:CreateVPCAssociationAuthorization", "route53:DeactivateKeySigningKey", "route53:DeleteCidrCollection", "route53:DeleteHealthCheck", "route53:DeleteHostedZone", "route53:DeleteKeySigningKey", "route53:DeleteQueryLoggingConfig", "route53:DeleteReusableDelegationSet", "route53:DeleteTrafficPolicy", "route53:DeleteTrafficPolicyInstance", "route53:DeleteVPCAssociationAuthorization", "route53:DisableHostedZoneDNSSEC", "route53:DisassociateVPCFromHostedZone", "route53:EnableHostedZoneDNSSEC", "route53:GetAccountLimit", "route53:GetChange", "route53:GetCheckerIpRanges", "route53:GetDNSSEC", "route53:GetGeoLocation", "route53:GetHealthCheck", "route53:GetHealthCheckCount", "route53:GetHealthCheckLastFailureReason", "route53:GetHealthCheckStatus", "route53:GetHostedZone", "route53:GetHostedZoneCount", "route53:GetHostedZoneLimit", "route53:GetQueryLoggingConfig", "route53:GetReusableDelegationSet", "route53:GetReusableDelegationSetLimit", "route53:GetTrafficPolicy", "route53:GetTrafficPolicyInstance", "route53:GetTrafficPolicyInstanceCount", "route53:ListCidrBlocks", "route53:ListCidrCollections", "route53:ListCidrLocations", "route53:ListGeoLocations", "route53:ListHealthChecks", "route53:ListHostedZones", "route53:ListHostedZonesByName", "route53:ListHostedZonesByVPC", "route53:ListQueryLoggingConfigs", "route53:ListResourceRecordSets", "route53:ListReusableDelegationSets", "route53:ListTagsForResource", "route53:ListTagsForResources", "route53:ListTrafficPolicies", "route53:ListTrafficPolicyInstances", "route53:ListTrafficPolicyInstancesByHostedZone", "route53:ListTrafficPolicyInstancesByPolicy", "route53:ListTrafficPolicyVersions", "route53:ListVPCAssociationAuthorizations", "route53:TestDNSAnswer", "route53:UpdateHealthCheck", "route53:UpdateHostedZoneComment", "route53:UpdateTrafficPolicyComment", "route53:UpdateTrafficPolicyInstance", "route53domains:AcceptDomainTransferFromAnotherAwsAccount", "route53domains:AssociateDelegationSignerToDomain", "route53domains:CancelDomainTransferToAnotherAwsAccount", "route53domains:CheckDomainAvailability", "route53domains:CheckDomainTransferability", "route53domains:DeleteDomain", "route53domains:DeleteTagsForDomain", "route53domains:DisableDomainAutoRenew", "route53domains:DisableDomainTransferLock", "route53domains:DisassociateDelegationSignerFromDomain", "route53domains:EnableDomainAutoRenew", "route53domains:EnableDomainTransferLock", "route53domains:GetContactReachabilityStatus", "route53domains:GetDomainDetail", "route53domains:GetDomainSuggestions", "route53domains:GetOperationDetail", "route53domains:ListDomains", "route53domains:ListOperations", "route53domains:ListPrices", "route53domains:ListTagsForDomain", "route53domains:PushDomain", "route53domains:RegisterDomain", "route53domains:RejectDomainTransferFromAnotherAwsAccount", "route53domains:RenewDomain", "route53domains:ResendContactReachabilityEmail", "route53domains:ResendOperationAuthorization", "route53domains:RetrieveDomainAuthCode", "route53domains:TransferDomain", "route53domains:TransferDomainToAnotherAwsAccount", "route53domains:UpdateDomainContact", "route53domains:UpdateDomainContactPrivacy", "route53domains:UpdateDomainNameservers", "route53domains:UpdateTagsForDomain", "route53domains:ViewBilling", "ses:CreateConfigurationSet", "ses:CreateConfigurationSetEventDestination", "ses:CreateDedicatedIpPool", "ses:CreateDeliverabilityTestReport", "ses:CreateEmailIdentity", "ses:DeleteConfigurationSet", "ses:DeleteConfigurationSetEventDestination", "ses:DeleteDedicatedIpPool", "ses:DeleteEmailIdentity", "ses:GetAccount", "ses:GetBlacklistReports", "ses:GetConfigurationSet", "ses:GetConfigurationSetEventDestinations", "ses:GetDedicatedIp", "ses:GetDedicatedIps", "ses:GetDeliverabilityDashboardOptions", "ses:GetDeliverabilityTestReport", "ses:GetDomainDeliverabilityCampaign", "ses:GetDomainStatisticsReport", "ses:GetEmailIdentity", "ses:ListConfigurationSets", "ses:ListDedicatedIpPools", "ses:ListDeliverabilityTestReports", "ses:ListDomainDeliverabilityCampaigns", "ses:ListEmailIdentities", "ses:ListTagsForResource", "ses:PutAccountDedicatedIpWarmupAttributes", "ses:PutAccountSendingAttributes", "ses:PutConfigurationSetDeliveryOptions", "ses:PutConfigurationSetReputationOptions", "ses:PutConfigurationSetSendingOptions", "ses:PutConfigurationSetTrackingOptions", "ses:PutDedicatedIpInPool", "ses:PutDedicatedIpWarmupAttributes", "ses:PutDeliverabilityDashboardOption", "ses:PutEmailIdentityDkimAttributes", "ses:PutEmailIdentityFeedbackAttributes", "ses:PutEmailIdentityMailFromAttributes", "ses:SendEmail", "ses:TagResource", "ses:UntagResource", "ses:UpdateConfigurationSetEventDestination", "ses:CloneReceiptRuleSet", "ses:CreateConfigurationSetTrackingOptions", "ses:CreateCustomVerificationEmailTemplate", "ses:CreateReceiptFilter", "ses:CreateReceiptRule", "ses:CreateReceiptRuleSet", "ses:CreateTemplate", "ses:DeleteConfigurationSetTrackingOptions", "ses:DeleteCustomVerificationEmailTemplate", "ses:DeleteIdentity", "ses:DeleteIdentityPolicy", "ses:DeleteReceiptFilter", "ses:DeleteReceiptRule", "ses:DeleteReceiptRuleSet", "ses:DeleteTemplate", "ses:DeleteVerifiedEmailAddress", "ses:DescribeActiveReceiptRuleSet", "ses:DescribeConfigurationSet", "ses:DescribeReceiptRule", "ses:DescribeReceiptRuleSet", "ses:GetAccountSendingEnabled", "ses:GetCustomVerificationEmailTemplate", "ses:GetIdentityDkimAttributes", "ses:GetIdentityMailFromDomainAttributes", "ses:GetIdentityNotificationAttributes", "ses:GetIdentityPolicies", "ses:GetIdentityVerificationAttributes", "ses:GetSendQuota", "ses:GetSendStatistics", "ses:GetTemplate", "ses:ListCustomVerificationEmailTemplates", "ses:ListIdentities", "ses:ListIdentityPolicies", "ses:ListReceiptFilters", "ses:ListReceiptRuleSets", "ses:ListTemplates", "ses:ListVerifiedEmailAddresses", "ses:PutIdentityPolicy", "ses:ReorderReceiptRuleSet", "ses:SendBounce", "ses:SendBulkTemplatedEmail", "ses:SendCustomVerificationEmail", "ses:SendRawEmail", "ses:SendTemplatedEmail", "ses:SetActiveReceiptRuleSet", "ses:SetIdentityDkimEnabled", "ses:SetIdentityFeedbackForwardingEnabled", "ses:SetIdentityHeadersInNotificationsEnabled", "ses:SetIdentityMailFromDomain", "ses:SetIdentityNotificationTopic", "ses:SetReceiptRulePosition", "ses:TestRenderTemplate", "ses:UpdateAccountSendingEnabled", "ses:UpdateConfigurationSetReputationMetricsEnabled", "ses:UpdateConfigurationSetSendingEnabled", "ses:UpdateConfigurationSetTrackingOptions", "ses:UpdateCustomVerificationEmailTemplate", "ses:UpdateReceiptRule", "ses:UpdateTemplate", "ses:VerifyDomainDkim", "ses:VerifyDomainIdentity", "ses:VerifyEmailAddress", "ses:VerifyEmailIdentity", "ses:BatchGetMetricData", "ses:CancelExportJob", "ses:CreateContact", "ses:CreateContactList", "ses:CreateEmailIdentityPolicy", "ses:CreateEmailTemplate", "ses:CreateExportJob", "ses:CreateImportJob", "ses:DeleteContact", "ses:DeleteContactList", "ses:DeleteEmailIdentityPolicy", "ses:DeleteEmailTemplate", "ses:DeleteSuppressedDestination", "ses:GetContact", "ses:GetContactList", "ses:GetDedicatedIpPool", "ses:GetEmailIdentityPolicies", "ses:GetEmailTemplate", "ses:GetExportJob", "ses:GetImportJob", "ses:GetMessageInsights", "ses:GetSuppressedDestination", "ses:ListContactLists", "ses:ListContacts", "ses:ListEmailTemplates", "ses:ListExportJobs", "ses:ListImportJobs", "ses:ListRecommendations", "ses:ListSuppressedDestinations", "ses:PutAccountDetails", "ses:PutAccountSuppressionAttributes", "ses:PutAccountVdmAttributes", "ses:PutConfigurationSetSuppressionOptions", "ses:PutConfigurationSetVdmOptions", "ses:PutDedicatedIpPoolScalingAttributes", "ses:PutEmailIdentityConfigurationSetAttributes", "ses:PutEmailIdentityDkimSigningAttributes", "ses:PutSuppressedDestination", "ses:SendBulkEmail", "ses:TestRenderEmailTemplate", "ses:UpdateContact", "ses:UpdateContactList", "ses:UpdateEmailIdentityPolicy", "ses:UpdateEmailTemplate", "sns:AddPermission", "sns:CheckIfPhoneNumberIsOptedOut", "sns:ConfirmSubscription", "sns:CreatePlatformApplication", "sns:CreatePlatformEndpoint", "sns:CreateSMSSandboxPhoneNumber", "sns:CreateTopic", "sns:DeleteEndpoint", "sns:DeletePlatformApplication", "sns:DeleteSMSSandboxPhoneNumber", "sns:DeleteTopic", "sns:GetDataProtectionPolicy", "sns:GetEndpointAttributes", "sns:GetPlatformApplicationAttributes", "sns:GetSMSAttributes", "sns:GetSMSSandboxAccountStatus", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:ListEndpointsByPlatformApplication", "sns:ListOriginationNumbers", "sns:ListPhoneNumbersOptedOut", "sns:ListPlatformApplications", "sns:ListSMSSandboxPhoneNumbers", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "sns:OptInPhoneNumber", "sns:Publish", "sns:PutDataProtectionPolicy", "sns:RemovePermission", "sns:SetEndpointAttributes", "sns:SetPlatformApplicationAttributes", "sns:SetSMSAttributes", "sns:SetSubscriptionAttributes", "sns:SetTopicAttributes", "sns:Subscribe", "sns:TagResource", "sns:Unsubscribe", "sns:UntagResource", "sns:VerifySMSSandboxPhoneNumber", "sqs:AddPermission", "sqs:CancelMessageMoveTask", "sqs:ChangeMessageVisibility", "sqs:CreateQueue", "sqs:DeleteMessage", "sqs:DeleteQueue", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "sqs:ListDeadLetterSourceQueues", "sqs:ListMessageMoveTasks", "sqs:ListQueueTags", "sqs:ListQueues", "sqs:PurgeQueue", "sqs:ReceiveMessage", "sqs:RemovePermission", "sqs:SendMessage", "sqs:SetQueueAttributes", "sqs:StartMessageMoveTask", "sqs:TagQueue", "sqs:UntagQueue", "trustedadvisor:CreateEngagement", "trustedadvisor:CreateEngagementAttachment", "trustedadvisor:CreateEngagementCommunication", "trustedadvisor:DeleteNotificationConfigurationForDelegatedAdmin", "trustedadvisor:DescribeAccount", "trustedadvisor:DescribeAccountAccess", "trustedadvisor:DescribeCheckItems", "trustedadvisor:DescribeCheckRefreshStatuses", "trustedadvisor:DescribeCheckStatusHistoryChanges", "trustedadvisor:DescribeCheckSummaries", "trustedadvisor:DescribeChecks", "trustedadvisor:DescribeNotificationConfigurations", "trustedadvisor:DescribeNotificationPreferences", "trustedadvisor:DescribeOrganization", "trustedadvisor:DescribeOrganizationAccounts", "trustedadvisor:DescribeReports", "trustedadvisor:DescribeRisk", "trustedadvisor:DescribeRiskResources", "trustedadvisor:DescribeRisks", "trustedadvisor:DescribeServiceMetadata", "trustedadvisor:DownloadRisk", "trustedadvisor:ExcludeCheckItems", "trustedadvisor:GenerateReport", "trustedadvisor:GetEngagement", "trustedadvisor:GetEngagementAttachment", "trustedadvisor:GetEngagementType", "trustedadvisor:GetOrganizationRecommendation", "trustedadvisor:GetRecommendation", "trustedadvisor:IncludeCheckItems", "trustedadvisor:ListAccountsForParent", "trustedadvisor:ListChecks", "trustedadvisor:ListEngagementCommunications", "trustedadvisor:ListEngagementTypes", "trustedadvisor:ListEngagements", "trustedadvisor:ListOrganizationRecommendationAccounts", "trustedadvisor:ListOrganizationRecommendationResources", "trustedadvisor:ListOrganizationRecommendations", "trustedadvisor:ListOrganizationalUnitsForParent", "trustedadvisor:ListRecommendationResources", "trustedadvisor:ListRecommendations", "trustedadvisor:ListRoots", "trustedadvisor:RefreshCheck", "trustedadvisor:SetAccountAccess", "trustedadvisor:SetOrganizationAccess", "trustedadvisor:UpdateEngagement", "trustedadvisor:UpdateEngagementStatus", "trustedadvisor:UpdateNotificationConfigurations", "trustedadvisor:UpdateNotificationPreferences", "trustedadvisor:UpdateOrganizationRecommendationLifecycle", "trustedadvisor:UpdateRecommendationLifecycle", "trustedadvisor:UpdateRiskStatus", "ec2:AcceptVpcPeeringConnection", "ec2:AttachClassicLinkVpc", "ec2:AttachVolume", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateVpcPeeringConnection", "ec2:DeleteCustomerGateway", "ec2:DeleteDhcpOptions", "ec2:DeleteInternetGateway", "ec2:DeleteNetworkAcl", "ec2:DeleteNetworkAclEntry", "ec2:DeleteRoute", "ec2:DeleteRouteTable", "ec2:DeleteSecurityGroup", "ec2:DeleteVolume", "ec2:DeleteVpcPeeringConnection", "ec2:DetachClassicLinkVpc", "ec2:DetachVolume", "ec2:DisableVpcClassicLink", "ec2:EnableVpcClassicLink", "ec2:GetConsoleScreenshot", "ec2:RebootInstances", "ec2:RejectVpcPeeringConnection", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:RunInstances", "ec2:StartInstances", "ec2:StopInstances", "ec2:TerminateInstances", "s3:AbortMultipartUpload", "s3:AssociateAccessGrantsIdentityCenter", "s3:BypassGovernanceRetention", "s3:CreateAccessGrant", "s3:CreateAccessGrantsInstance", "s3:CreateAccessGrantsLocation", "s3:CreateAccessPoint", "s3:CreateAccessPointForObjectLambda", "s3:CreateBucket", "s3:CreateJob", "s3:CreateMultiRegionAccessPoint", "s3:CreateStorageLensGroup", "s3:DeleteAccessGrant", "s3:DeleteAccessGrantsInstance", "s3:DeleteAccessGrantsInstanceResourcePolicy", "s3:DeleteAccessGrantsLocation", "s3:DeleteAccessPoint", "s3:DeleteAccessPointForObjectLambda", "s3:DeleteAccessPointPolicy", "s3:DeleteAccessPointPolicyForObjectLambda", "s3:DeleteBucket", "s3:DeleteBucketPolicy", "s3:DeleteBucketWebsite", "s3:DeleteIntelligentTieringConfiguration", "s3:DeleteJobTagging", "s3:DeleteMultiRegionAccessPoint", "s3:DeleteObject", "s3:DeleteObjectTagging", "s3:DeleteObjectVersion", "s3:DeleteObjectVersionTagging", "s3:DeleteStorageLensConfiguration", "s3:DeleteStorageLensConfigurationTagging", "s3:DeleteStorageLensGroup", "s3:DescribeJob", "s3:DescribeMultiRegionAccessPointOperation", "s3:DissociateAccessGrantsIdentityCenter", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:InitiateReplication", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:ObjectOwnerOverrideToBucketOwner", "s3:PutAccelerateConfiguration", "s3:PutAccessGrantsInstanceResourcePolicy", "s3:PutAccessPointConfigurationForObjectLambda", "s3:PutAccessPointPolicy", "s3:PutAccessPointPolicyForObjectLambda", "s3:PutAccessPointPublicAccessBlock", "s3:PutAccountPublicAccessBlock", "s3:PutAnalyticsConfiguration", "s3:PutBucketAcl", "s3:PutBucketCORS", "s3:PutBucketLogging", "s3:PutBucketNotification", "s3:PutBucketObjectLockConfiguration", "s3:PutBucketOwnershipControls", "s3:PutBucketPolicy", "s3:PutBucketPublicAccessBlock", "s3:PutBucketRequestPayment", "s3:PutBucketTagging", "s3:PutBucketVersioning", "s3:PutBucketWebsite", "s3:PutEncryptionConfiguration", "s3:PutIntelligentTieringConfiguration", "s3:PutInventoryConfiguration", "s3:PutJobTagging", "s3:PutLifecycleConfiguration", "s3:PutMetricsConfiguration", "s3:PutMultiRegionAccessPointPolicy", "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionAcl", "s3:PutObjectVersionTagging", "s3:PutReplicationConfiguration", "s3:PutStorageLensConfiguration", "s3:PutStorageLensConfigurationTagging", "s3:ReplicateDelete", "s3:ReplicateObject", "s3:ReplicateTags", "s3:RestoreObject", "s3:SubmitMultiRegionAccessPointRoutes", "s3:TagResource", "s3:UntagResource", "s3:UpdateAccessGrantsLocation", "s3:UpdateJobPriority", "s3:UpdateJobStatus", "s3:UpdateStorageLensGroup", "iam:GetAccessKeyLastUsed", "iam:GetGroup", "iam:GetGroupPolicy", "iam:GetInstanceProfile", "iam:GetLoginProfile", "iam:GetOpenIDConnectProvider", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:GetRole", "iam:GetRolePolicy", "iam:GetSAMLProvider", "iam:GetSSHPublicKey", "iam:GetServerCertificate", "iam:GetServiceLastAccessedDetails", "iam:GetServiceLastAccessedDetailsWithEntities", "iam:GetUser", "iam:GetUserPolicy", "iam:ListAccessKeys", "iam:ListAttachedGroupPolicies", "iam:ListAttachedRolePolicies", "iam:ListAttachedUserPolicies", "iam:ListEntitiesForPolicy", "iam:ListGroupPolicies", "iam:ListGroupsForUser", "iam:ListInstanceProfiles", "iam:ListInstanceProfilesForRole", "iam:ListMFADevices", "iam:ListPolicyVersions", "iam:ListRolePolicies", "iam:ListSSHPublicKeys", "iam:ListSigningCertificates", "iam:ListUserPolicies", "iam:UploadCloudFrontPublicKey", "iam:UploadSSHPublicKey", "iam:UploadServerCertificate", "iam:UploadSigningCertificate", "iam:GetRole", "iam:ListRoles", "iam:PassRole" ], "malformed": false, "name": "SystemAdministrator", "privesc": true, "resource_exposure": true, "undocumented_actions": true, "unknown_actions": false, "updatedate": "2020-08-24T20:05:29+00:00", "version": "v6" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSElasticDisasterRecoveryServiceRolePolicy", "createdate": "2024-01-17T13:49:07Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "drs:ListTagsForResource", "drs:TagResource", "drs:CreateRecoveryInstanceForDrs", "drs:TagResource", "iam:GetInstanceProfile", "kms:ListRetirableGrants", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", "ec2:DescribeImages", "ec2:DescribeInstances", "ec2:DescribeInstanceTypes", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceStatus", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshots", "ec2:DescribeSubnets", "ec2:DescribeVolumes", "ec2:DescribeVolumeAttribute", "ec2:GetEbsDefaultKmsKeyId", "ec2:GetEbsEncryptionByDefault", "ec2:DescribeVpcAttribute", "ec2:DescribeInternetGateways", "ec2:DescribeVpcs", "ec2:DescribeNetworkAcls", "ec2:DescribeRouteTables", "ec2:DescribeDhcpOptions", "ec2:DescribeManagedPrefixLists", "ec2:GetManagedPrefixListEntries", "ec2:GetManagedPrefixListAssociations", "ec2:RegisterImage", "ec2:DeregisterImage", "ec2:DeleteSnapshot", "ec2:CreateLaunchTemplateVersion", "ec2:ModifyLaunchTemplate", "ec2:DeleteLaunchTemplate", "ec2:DeleteLaunchTemplateVersions", "ec2:DeleteVolume", "ec2:ModifyVolume", "ec2:StartInstances", "ec2:StopInstances", "ec2:TerminateInstances", "ec2:ModifyInstanceAttribute", "ec2:GetConsoleOutput", "ec2:GetConsoleScreenshot", "ec2:RevokeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:AuthorizeSecurityGroupEgress", "ec2:CreateVolume", "ec2:CreateSecurityGroup", "ec2:CreateSecurityGroup", "ec2:CreateLaunchTemplate", "ec2:CreateSnapshot", "ec2:CreateSnapshot", "ec2:DetachVolume", "ec2:AttachVolume", "ec2:AttachVolume", "ec2:DetachVolume", "ec2:RunInstances", "ec2:RunInstances", "iam:PassRole", "ec2:CreateTags", "ec2:CreateTags", "cloudwatch:GetMetricData" ], "malformed": false, "name": "AWSElasticDisasterRecoveryServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-17T13:49:07+00:00", "version": "v7" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonDevOpsGuruServiceRolePolicy", "createdate": "2023-01-10T14:36:48Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "autoscaling:DescribeAutoScalingGroups", "cloudtrail:LookupEvents", "cloudwatch:GetMetricData", "cloudwatch:ListMetrics", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeAlarms", "cloudwatch:ListDashboards", "cloudwatch:GetDashboard", "cloudformation:GetTemplate", "cloudformation:ListStacks", "cloudformation:ListStackResources", "cloudformation:DescribeStacks", "cloudformation:ListImports", "codedeploy:BatchGetDeployments", "codedeploy:GetDeploymentGroup", "codedeploy:ListDeployments", "config:DescribeConfigurationRecorderStatus", "config:GetResourceConfigHistory", "events:ListRuleNamesByTarget", "xray:GetServiceGraph", "organizations:ListRoots", "organizations:ListChildren", "organizations:ListDelegatedAdministrators", "pi:GetResourceMetrics", "tag:GetResources", "lambda:GetFunction", "lambda:GetFunctionConcurrency", "lambda:GetAccountSettings", "lambda:ListProvisionedConcurrencyConfigs", "lambda:ListAliases", "lambda:ListEventSourceMappings", "lambda:GetPolicy", "ec2:DescribeSubnets", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingPolicies", "sqs:GetQueueAttributes", "kinesis:DescribeStream", "kinesis:DescribeLimits", "dynamodb:DescribeTable", "dynamodb:DescribeLimits", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeStream", "dynamodb:ListStreams", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeLoadBalancerAttributes", "rds:DescribeDBInstances", "rds:DescribeDBClusters", "rds:DescribeOptionGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeAccountAttributes", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "s3:GetBucketNotification", "s3:GetBucketPolicy", "s3:GetBucketPublicAccessBlock", "s3:GetBucketTagging", "s3:GetBucketWebsite", "s3:GetIntelligentTieringConfiguration", "s3:GetLifecycleConfiguration", "s3:GetReplicationConfiguration", "s3:ListAllMyBuckets", "s3:ListStorageLensConfigurations", "servicequotas:GetServiceQuota", "servicequotas:ListRequestedServiceQuotaChangeHistory", "servicequotas:ListServiceQuotas", "events:PutTargets", "events:PutRule", "ssm:CreateOpsItem", "ssm:AddTagsToResource", "ssm:GetOpsItem", "ssm:UpdateOpsItem", "events:PutRule", "events:DescribeRule", "events:ListTargetsByRule", "events:DeleteRule", "events:EnableRule", "events:DisableRule", "events:PutTargets", "events:RemoveTargets", "logs:FilterLogEvents", "apigateway:GET" ], "malformed": false, "name": "AmazonDevOpsGuruServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-01-10T14:36:48+00:00", "version": "v9" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAReadOnly", "createdate": "2020-08-17T22:54:22Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "acm-pca:DescribeCertificateAuthority", "acm-pca:DescribeCertificateAuthorityAuditReport", "acm-pca:ListCertificateAuthorities", "acm-pca:GetCertificateAuthorityCsr", "acm-pca:GetCertificateAuthorityCertificate", "acm-pca:GetCertificate", "acm-pca:GetPolicy", "acm-pca:ListPermissions", "acm-pca:ListTags" ], "malformed": false, "name": "AWSCertificateManagerPrivateCAReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-08-17T22:54:22+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonFSxConsoleFullAccess", "createdate": "2024-01-10T20:07:09Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricData", "ds:DescribeDirectories", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:GetSecurityGroupsForVpc", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "firehose:ListDeliveryStreams", "kms:ListAliases", "logs:DescribeLogGroups", "s3:ListBucket", "fsx:AssociateFileGateway", "fsx:AssociateFileSystemAliases", "fsx:CancelDataRepositoryTask", "fsx:CopyBackup", "fsx:CopySnapshotAndUpdateVolume", "fsx:CreateBackup", "fsx:CreateDataRepositoryAssociation", "fsx:CreateDataRepositoryTask", "fsx:CreateFileCache", "fsx:CreateFileSystem", "fsx:CreateFileSystemFromBackup", "fsx:CreateSnapshot", "fsx:CreateStorageVirtualMachine", "fsx:CreateVolume", "fsx:CreateVolumeFromBackup", "fsx:DeleteBackup", "fsx:DeleteDataRepositoryAssociation", "fsx:DeleteFileCache", "fsx:DeleteFileSystem", "fsx:DeleteSnapshot", "fsx:DeleteStorageVirtualMachine", "fsx:DeleteVolume", "fsx:DescribeAssociatedFileGateways", "fsx:DescribeBackups", "fsx:DescribeDataRepositoryAssociations", "fsx:DescribeDataRepositoryTasks", "fsx:DescribeFileCaches", "fsx:DescribeFileSystemAliases", "fsx:DescribeFileSystems", "fsx:DescribeSharedVpcConfiguration", "fsx:DescribeSnapshots", "fsx:DescribeStorageVirtualMachines", "fsx:DescribeVolumes", "fsx:DisassociateFileGateway", "fsx:DisassociateFileSystemAliases", "fsx:ListTagsForResource", "fsx:ManageBackupPrincipalAssociations", "fsx:ReleaseFileSystemNfsV3Locks", "fsx:RestoreVolumeFromSnapshot", "fsx:TagResource", "fsx:UntagResource", "fsx:UpdateDataRepositoryAssociation", "fsx:UpdateFileCache", "fsx:UpdateFileSystem", "fsx:UpdateSharedVpcConfiguration", "fsx:UpdateSnapshot", "fsx:UpdateStorageVirtualMachine", "fsx:UpdateVolume", "iam:CreateServiceLinkedRole", "iam:CreateServiceLinkedRole", "ec2:CreateTags", "fsx:PutResourcePolicy", "fsx:GetResourcePolicy", "fsx:DeleteResourcePolicy" ], "malformed": false, "name": "AmazonFSxConsoleFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-10T20:07:09+00:00", "version": "v11" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonOneEnterpriseReadOnlyAccess", "createdate": "2023-11-28T04:59:23Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "one:GetDeviceConfigurationTemplate", "one:GetDeviceInstance", "one:GetDeviceInstanceConfiguration", "one:GetSite", "one:GetSiteAddress", "one:ListDeviceConfigurationTemplates", "one:ListDeviceInstances", "one:ListSites", "one:ListTagsForResource", "one:ListUsers" ], "malformed": false, "name": "AmazonOneEnterpriseReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-28T04:59:23+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSManagedServices_EventsServiceRolePolicy", "createdate": "2023-02-07T18:41:22Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "events:DeleteRule", "events:PutTargets", "events:PutRule", "events:RemoveTargets", "events:DescribeRule", "events:ListTargetsByRule" ], "malformed": false, "name": "AWSManagedServices_EventsServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-02-07T18:41:22+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonOmicsFullAccess", "createdate": "2023-02-24T00:59:33Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "omics:AbortMultipartReadSetUpload", "omics:AcceptShare", "omics:BatchDeleteReadSet", "omics:CancelAnnotationImportJob", "omics:CancelRun", "omics:CancelVariantImportJob", "omics:CompleteMultipartReadSetUpload", "omics:CreateAnnotationStore", "omics:CreateAnnotationStoreVersion", "omics:CreateMultipartReadSetUpload", "omics:CreateReferenceStore", "omics:CreateRunGroup", "omics:CreateSequenceStore", "omics:CreateShare", "omics:CreateVariantStore", "omics:CreateWorkflow", "omics:DeleteAnnotationStore", "omics:DeleteAnnotationStoreVersions", "omics:DeleteReference", "omics:DeleteReferenceStore", "omics:DeleteRun", "omics:DeleteRunGroup", "omics:DeleteSequenceStore", "omics:DeleteShare", "omics:DeleteVariantStore", "omics:DeleteWorkflow", "omics:GetAnnotationImportJob", "omics:GetAnnotationStore", "omics:GetAnnotationStoreVersion", "omics:GetReadSet", "omics:GetReadSetActivationJob", "omics:GetReadSetExportJob", "omics:GetReadSetImportJob", "omics:GetReadSetMetadata", "omics:GetReference", "omics:GetReferenceImportJob", "omics:GetReferenceMetadata", "omics:GetReferenceStore", "omics:GetRun", "omics:GetRunGroup", "omics:GetRunTask", "omics:GetSequenceStore", "omics:GetShare", "omics:GetVariantImportJob", "omics:GetVariantStore", "omics:GetWorkflow", "omics:ListAnnotationImportJobs", "omics:ListAnnotationStoreVersions", "omics:ListAnnotationStores", "omics:ListMultipartReadSetUploads", "omics:ListReadSetActivationJobs", "omics:ListReadSetExportJobs", "omics:ListReadSetImportJobs", "omics:ListReadSetUploadParts", "omics:ListReadSets", "omics:ListReferenceImportJobs", "omics:ListReferenceStores", "omics:ListReferences", "omics:ListRunGroups", "omics:ListRunTasks", "omics:ListRuns", "omics:ListSequenceStores", "omics:ListShares", "omics:ListTagsForResource", "omics:ListVariantImportJobs", "omics:ListVariantStores", "omics:ListWorkflows", "omics:StartAnnotationImportJob", "omics:StartReadSetActivationJob", "omics:StartReadSetExportJob", "omics:StartReadSetImportJob", "omics:StartReferenceImportJob", "omics:StartRun", "omics:StartVariantImportJob", "omics:TagResource", "omics:UntagResource", "omics:UpdateAnnotationStore", "omics:UpdateAnnotationStoreVersion", "omics:UpdateRunGroup", "omics:UpdateVariantStore", "omics:UpdateWorkflow", "omics:UploadReadSetPart", "ram:AcceptResourceShareInvitation", "ram:GetResourceShareInvitations", "iam:PassRole" ], "malformed": false, "name": "AmazonOmicsFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-02-24T00:59:33+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonRedshiftAllCommandsFullAccess", "createdate": "2021-11-25T02:27:31Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "sagemaker:CreateTrainingJob", "sagemaker:CreateAutoMLJob", "sagemaker:CreateCompilationJob", "sagemaker:CreateEndpoint", "sagemaker:DescribeAutoMLJob", "sagemaker:DescribeTrainingJob", "sagemaker:DescribeCompilationJob", "sagemaker:DescribeProcessingJob", "sagemaker:DescribeTransformJob", "sagemaker:ListCandidatesForAutoMLJob", "sagemaker:StopAutoMLJob", "sagemaker:StopCompilationJob", "sagemaker:StopTrainingJob", "sagemaker:DescribeEndpoint", "sagemaker:InvokeEndpoint", "sagemaker:StopProcessingJob", "sagemaker:CreateModel", "sagemaker:CreateProcessingJob", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DescribeLogStreams", "logs:PutLogEvents", "cloudwatch:PutMetricData", "ecr:BatchCheckLayerAvailability", "ecr:BatchGetImage", "ecr:GetAuthorizationToken", "ecr:GetDownloadUrlForLayer", "s3:GetObject", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetEncryptionConfiguration", "s3:GetBucketLocation", "s3:ListBucket", "s3:ListAllMyBuckets", "s3:ListMultipartUploadParts", "s3:ListBucketMultipartUploads", "s3:PutObject", "s3:PutBucketAcl", "s3:PutBucketCORS", "s3:DeleteObject", "s3:AbortMultipartUpload", "s3:CreateBucket", "s3:GetObject", "dynamodb:Scan", "dynamodb:DescribeTable", "dynamodb:GetItem", "elasticmapreduce:ListInstances", "elasticmapreduce:ListInstances", "lambda:InvokeFunction", "glue:CreateDatabase", "glue:DeleteDatabase", "glue:GetDatabase", "glue:GetDatabases", "glue:UpdateDatabase", "glue:CreateTable", "glue:DeleteTable", "glue:BatchDeleteTable", "glue:UpdateTable", "glue:GetTable", "glue:GetTables", "glue:BatchCreatePartition", "glue:CreatePartition", "glue:DeletePartition", "glue:BatchDeletePartition", "glue:UpdatePartition", "glue:GetPartition", "glue:GetPartitions", "glue:BatchGetPartition", "secretsmanager:GetResourcePolicy", "secretsmanager:GetSecretValue", "secretsmanager:DescribeSecret", "secretsmanager:ListSecretVersionIds", "secretsmanager:GetRandomPassword", "secretsmanager:ListSecrets", "iam:PassRole" ], "malformed": false, "name": "AmazonRedshiftAllCommandsFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-11-25T02:27:31+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSArtifactServiceRolePolicy", "createdate": "2023-08-21T20:27:31Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:ListAccounts", "organizations:DescribeOrganization", "organizations:DescribeAccount", "organizations:ListAWSServiceAccessForOrganization" ], "malformed": false, "name": "AWSArtifactServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-08-21T20:27:31+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonRekognitionServiceRole", "createdate": "2017-11-29T16:52:13Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "sns:Publish", "kinesis:PutRecord", "kinesis:PutRecords", "kinesisvideo:GetDataEndpoint", "kinesisvideo:GetMedia" ], "malformed": false, "name": "AmazonRekognitionServiceRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-11-29T16:52:13+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSDirectoryServiceFullAccess", "createdate": "2024-04-02T20:38:17Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ds:AcceptSharedDirectory", "ds:AddIpRoutes", "ds:AddRegion", "ds:AddTagsToResource", "ds:AuthorizeApplication", "ds:CancelSchemaExtension", "ds:CheckAlias", "ds:ConnectDirectory", "ds:CreateAlias", "ds:CreateComputer", "ds:CreateConditionalForwarder", "ds:CreateDirectory", "ds:CreateIdentityPoolDirectory", "ds:CreateLogSubscription", "ds:CreateMicrosoftAD", "ds:CreateSnapshot", "ds:CreateTrust", "ds:DeleteConditionalForwarder", "ds:DeleteDirectory", "ds:DeleteLogSubscription", "ds:DeleteSnapshot", "ds:DeleteTrust", "ds:DeregisterCertificate", "ds:DeregisterEventTopic", "ds:DescribeCertificate", "ds:DescribeClientAuthenticationSettings", "ds:DescribeConditionalForwarders", "ds:DescribeDirectories", "ds:DescribeDomainControllers", "ds:DescribeEventTopics", "ds:DescribeLDAPSSettings", "ds:DescribeRegions", "ds:DescribeSettings", "ds:DescribeSharedDirectories", "ds:DescribeSnapshots", "ds:DescribeTrusts", "ds:DescribeUpdateDirectory", "ds:DisableClientAuthentication", "ds:DisableLDAPS", "ds:DisableRadius", "ds:DisableRoleAccess", "ds:DisableSso", "ds:EnableClientAuthentication", "ds:EnableLDAPS", "ds:EnableRadius", "ds:EnableRoleAccess", "ds:EnableSso", "ds:GetAuthorizedApplicationDetails", "ds:GetDirectoryLimits", "ds:GetSnapshotLimits", "ds:ListAuthorizedApplications", "ds:ListCertificates", "ds:ListIpRoutes", "ds:ListLogSubscriptions", "ds:ListSchemaExtensions", "ds:ListTagsForResource", "ds:RegisterCertificate", "ds:RegisterEventTopic", "ds:RejectSharedDirectory", "ds:RemoveIpRoutes", "ds:RemoveRegion", "ds:RemoveTagsFromResource", "ds:ResetUserPassword", "ds:RestoreFromSnapshot", "ds:ShareDirectory", "ds:StartSchemaExtension", "ds:UnauthorizeApplication", "ds:UnshareDirectory", "ds:UpdateAuthorizedApplication", "ds:UpdateConditionalForwarder", "ds:UpdateDirectory", "ds:UpdateDirectorySetup", "ds:UpdateNumberOfDomainControllers", "ds:UpdateRadius", "ds:UpdateSettings", "ds:UpdateTrust", "ds:VerifyTrust", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateNetworkInterface", "ec2:CreateSecurityGroup", "ec2:DeleteNetworkInterface", "ec2:DeleteSecurityGroup", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:DescribeSecurityGroups", "sns:GetTopicAttributes", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTopics", "iam:ListRoles", "organizations:ListAccountsForParent", "organizations:ListRoots", "organizations:ListAccounts", "organizations:DescribeOrganization", "organizations:DescribeAccount", "organizations:ListOrganizationalUnitsForParent", "organizations:ListAWSServiceAccessForOrganization", "sns:CreateTopic", "sns:DeleteTopic", "sns:SetTopicAttributes", "sns:Subscribe", "sns:Unsubscribe", "organizations:EnableAWSServiceAccess", "organizations:DisableAWSServiceAccess", "ec2:CreateTags", "ec2:DeleteTags" ], "malformed": false, "name": "AWSDirectoryServiceFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-02T20:38:17+00:00", "version": "v6" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSSSOServiceRolePolicy", "createdate": "2022-10-20T20:05:47Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:AttachRolePolicy", "iam:CreateRole", "iam:PutRolePolicy", "iam:UpdateRole", "iam:UpdateRoleDescription", "iam:UpdateAssumeRolePolicy", "iam:PutRolePermissionsBoundary", "iam:DeleteRolePermissionsBoundary", "iam:GetRole", "iam:ListRoles", "iam:DeleteRole", "iam:DeleteRolePolicy", "iam:DetachRolePolicy", "iam:ListRolePolicies", "iam:ListAttachedRolePolicies", "iam:DeleteServiceLinkedRole", "iam:GetServiceLinkedRoleDeletionStatus", "iam:DeleteRole", "iam:GetRole", "iam:CreateSAMLProvider", "iam:UpdateSAMLProvider", "iam:DeleteSAMLProvider", "iam:GetSAMLProvider", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListAccounts", "organizations:ListDelegatedAdministrators", "organizations:ListAWSServiceAccessForOrganization", "ds:UnauthorizeApplication", "ds:DescribeDirectories", "ds:DescribeTrusts", "identitystore:DescribeUser", "identitystore:DescribeGroup", "identitystore:ListGroups", "identitystore:ListUsers" ], "malformed": false, "name": "AWSSSOServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-10-20T20:05:47+00:00", "version": "v17" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSCodeDeployReadOnlyAccess", "createdate": "2020-04-02T16:20:09Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "codedeploy:BatchGetApplicationRevisions", "codedeploy:BatchGetApplications", "codedeploy:BatchGetDeploymentGroups", "codedeploy:BatchGetDeploymentInstances", "codedeploy:BatchGetDeploymentTargets", "codedeploy:BatchGetDeployments", "codedeploy:BatchGetOnPremisesInstances", "codedeploy:GetApplication", "codedeploy:GetApplicationRevision", "codedeploy:GetDeployment", "codedeploy:GetDeploymentConfig", "codedeploy:GetDeploymentGroup", "codedeploy:GetDeploymentInstance", "codedeploy:GetDeploymentTarget", "codedeploy:GetOnPremisesInstance", "codedeploy:ListApplicationRevisions", "codedeploy:ListApplications", "codedeploy:ListDeploymentConfigs", "codedeploy:ListDeploymentGroups", "codedeploy:ListDeploymentInstances", "codedeploy:ListDeploymentTargets", "codedeploy:ListDeployments", "codedeploy:ListGitHubAccountTokenNames", "codedeploy:ListOnPremisesInstances", "codedeploy:ListTagsForResource", "codestar-notifications:DescribeNotificationRule", "codestar-notifications:ListNotificationRules", "codestar-notifications:ListEventTypes", "codestar-notifications:ListTargets" ], "malformed": false, "name": "AWSCodeDeployReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-04-02T16:20:09+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/service-role/QuickSightAccessForS3StorageManagementAnalyticsReadOnly", "createdate": "2019-10-08T23:53:11Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:GetObject", "s3:GetAnalyticsConfiguration", "s3:ListAllMyBuckets", "s3:GetBucketLocation" ], "malformed": false, "name": "QuickSightAccessForS3StorageManagementAnalyticsReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-10-08T23:53:11+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryFullAccess", "createdate": "2020-12-05T00:04:19Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "ecr:BatchCheckLayerAvailability", "ecr:BatchDeleteImage", "ecr:BatchGetImage", "ecr:BatchGetRepositoryScanningConfiguration", "ecr:BatchImportUpstreamImage", "ecr:CompleteLayerUpload", "ecr:CreatePullThroughCacheRule", "ecr:CreateRepository", "ecr:CreateRepositoryCreationTemplate", "ecr:DeleteLifecyclePolicy", "ecr:DeletePullThroughCacheRule", "ecr:DeleteRegistryPolicy", "ecr:DeleteRepository", "ecr:DeleteRepositoryCreationTemplate", "ecr:DeleteRepositoryPolicy", "ecr:DescribeImageReplicationStatus", "ecr:DescribeImageScanFindings", "ecr:DescribeImages", "ecr:DescribePullThroughCacheRules", "ecr:DescribeRegistry", "ecr:DescribeRepositories", "ecr:DescribeRepositoryCreationTemplate", "ecr:GetAuthorizationToken", "ecr:GetDownloadUrlForLayer", "ecr:GetLifecyclePolicy", "ecr:GetLifecyclePolicyPreview", "ecr:GetRegistryPolicy", "ecr:GetRegistryScanningConfiguration", "ecr:GetRepositoryPolicy", "ecr:InitiateLayerUpload", "ecr:ListImages", "ecr:ListTagsForResource", "ecr:PutImage", "ecr:PutImageScanningConfiguration", "ecr:PutImageTagMutability", "ecr:PutLifecyclePolicy", "ecr:PutRegistryPolicy", "ecr:PutRegistryScanningConfiguration", "ecr:PutReplicationConfiguration", "ecr:ReplicateImage", "ecr:SetRepositoryPolicy", "ecr:StartImageScan", "ecr:StartLifecyclePolicyPreview", "ecr:TagResource", "ecr:UntagResource", "ecr:UpdatePullThroughCacheRule", "ecr:UploadLayerPart", "ecr:ValidatePullThroughCacheRule", "cloudtrail:LookupEvents", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonEC2ContainerRegistryFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-05T00:04:19+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/VPCLatticeFullAccess", "createdate": "2023-03-30T02:49:02Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "vpc-lattice:CreateAccessLogSubscription", "vpc-lattice:CreateListener", "vpc-lattice:CreateRule", "vpc-lattice:CreateService", "vpc-lattice:CreateServiceNetwork", "vpc-lattice:CreateServiceNetworkServiceAssociation", "vpc-lattice:CreateServiceNetworkVpcAssociation", "vpc-lattice:CreateTargetGroup", "vpc-lattice:DeleteAccessLogSubscription", "vpc-lattice:DeleteAuthPolicy", "vpc-lattice:DeleteListener", "vpc-lattice:DeleteResourcePolicy", "vpc-lattice:DeleteRule", "vpc-lattice:DeleteService", "vpc-lattice:DeleteServiceNetwork", "vpc-lattice:DeleteServiceNetworkServiceAssociation", "vpc-lattice:DeleteServiceNetworkVpcAssociation", "vpc-lattice:DeleteTargetGroup", "vpc-lattice:DeregisterTargets", "vpc-lattice:GetAccessLogSubscription", "vpc-lattice:GetAuthPolicy", "vpc-lattice:GetListener", "vpc-lattice:GetResourcePolicy", "vpc-lattice:GetRule", "vpc-lattice:GetService", "vpc-lattice:GetServiceNetwork", "vpc-lattice:GetServiceNetworkServiceAssociation", "vpc-lattice:GetServiceNetworkVpcAssociation", "vpc-lattice:GetTargetGroup", "vpc-lattice:ListAccessLogSubscriptions", "vpc-lattice:ListListeners", "vpc-lattice:ListRules", "vpc-lattice:ListServiceNetworkServiceAssociations", "vpc-lattice:ListServiceNetworkVpcAssociations", "vpc-lattice:ListServiceNetworks", "vpc-lattice:ListServices", "vpc-lattice:ListTagsForResource", "vpc-lattice:ListTargetGroups", "vpc-lattice:ListTargets", "vpc-lattice:PutAuthPolicy", "vpc-lattice:PutResourcePolicy", "vpc-lattice:RegisterTargets", "vpc-lattice:TagResource", "vpc-lattice:UntagResource", "vpc-lattice:UpdateAccessLogSubscription", "vpc-lattice:UpdateListener", "vpc-lattice:UpdateRule", "vpc-lattice:UpdateService", "vpc-lattice:UpdateServiceNetwork", "vpc-lattice:UpdateServiceNetworkVpcAssociation", "vpc-lattice:UpdateTargetGroup", "acm:DescribeCertificate", "acm:ListCertificates", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "ec2:DescribeInstances", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcs", "elasticloadbalancing:DescribeLoadBalancers", "firehose:DescribeDeliveryStream", "firehose:ListDeliveryStreams", "logs:DescribeLogGroups", "s3:ListAllMyBuckets", "lambda:ListAliases", "lambda:ListFunctions", "lambda:ListVersionsByFunction", "logs:CreateLogDelivery", "logs:DeleteLogDelivery", "logs:GetLogDelivery", "logs:ListLogDeliveries", "logs:UpdateLogDelivery", "logs:DescribeResourcePolicies", "iam:CreateServiceLinkedRole", "iam:CreateServiceLinkedRole", "iam:DeleteServiceLinkedRole", "iam:GetServiceLinkedRoleDeletionStatus" ], "malformed": false, "name": "VPCLatticeFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-30T02:49:02+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/GameLiftGameServerGroupPolicy", "createdate": "2020-05-13T17:27:43Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:TerminateInstances", "autoscaling:CompleteLifecycleAction", "autoscaling:ResumeProcesses", "autoscaling:EnterStandby", "autoscaling:SetInstanceProtection", "autoscaling:UpdateAutoScalingGroup", "autoscaling:SuspendProcesses", "autoscaling:DetachInstances", "ec2:DescribeImages", "ec2:DescribeInstances", "autoscaling:DescribeAutoScalingGroups", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeSubnets", "sns:Publish", "cloudwatch:PutMetricData" ], "malformed": false, "name": "GameLiftGameServerGroupPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-05-13T17:27:43+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonS3OutpostsFullAccess", "createdate": "2020-10-02T17:26:30Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "s3-outposts:AbortMultipartUpload", "s3-outposts:CreateAccessPoint", "s3-outposts:CreateBucket", "s3-outposts:CreateEndpoint", "s3-outposts:DeleteAccessPoint", "s3-outposts:DeleteAccessPointPolicy", "s3-outposts:DeleteBucket", "s3-outposts:DeleteBucketPolicy", "s3-outposts:DeleteEndpoint", "s3-outposts:DeleteObject", "s3-outposts:DeleteObjectTagging", "s3-outposts:DeleteObjectVersion", "s3-outposts:DeleteObjectVersionTagging", "s3-outposts:GetAccessPoint", "s3-outposts:GetAccessPointPolicy", "s3-outposts:GetBucket", "s3-outposts:GetBucketPolicy", "s3-outposts:GetBucketTagging", "s3-outposts:GetBucketVersioning", "s3-outposts:GetLifecycleConfiguration", "s3-outposts:GetObject", "s3-outposts:GetObjectTagging", "s3-outposts:GetObjectVersion", "s3-outposts:GetObjectVersionForReplication", "s3-outposts:GetObjectVersionTagging", "s3-outposts:GetReplicationConfiguration", "s3-outposts:ListAccessPoints", "s3-outposts:ListBucket", "s3-outposts:ListBucketMultipartUploads", "s3-outposts:ListBucketVersions", "s3-outposts:ListEndpoints", "s3-outposts:ListMultipartUploadParts", "s3-outposts:ListOutpostsWithS3", "s3-outposts:ListRegionalBuckets", "s3-outposts:ListSharedEndpoints", "s3-outposts:PutAccessPointPolicy", "s3-outposts:PutBucketPolicy", "s3-outposts:PutBucketTagging", "s3-outposts:PutBucketVersioning", "s3-outposts:PutLifecycleConfiguration", "s3-outposts:PutObject", "s3-outposts:PutObjectAcl", "s3-outposts:PutObjectTagging", "s3-outposts:PutObjectVersionTagging", "s3-outposts:PutReplicationConfiguration", "s3-outposts:ReplicateDelete", "s3-outposts:ReplicateObject", "s3-outposts:ReplicateTags", "datasync:ListTasks", "datasync:ListLocations", "datasync:DescribeTask", "datasync:DescribeLocationAzureBlob", "datasync:DescribeLocationEfs", "datasync:DescribeLocationFsxLustre", "datasync:DescribeLocationFsxOntap", "datasync:DescribeLocationFsxOpenZfs", "datasync:DescribeLocationFsxWindows", "datasync:DescribeLocationHdfs", "datasync:DescribeLocationNfs", "datasync:DescribeLocationObjectStorage", "datasync:DescribeLocationS3", "datasync:DescribeLocationSmb", "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "ec2:DescribeNetworkInterfaces", "outposts:ListOutposts", "outposts:GetOutpost" ], "malformed": false, "name": "AmazonS3OutpostsFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-10-02T17:26:30+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AutoScalingFullAccess", "createdate": "2018-02-06T21:59:13Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "autoscaling:AttachInstances", "autoscaling:AttachLoadBalancerTargetGroups", "autoscaling:AttachLoadBalancers", "autoscaling:AttachTrafficSources", "autoscaling:BatchDeleteScheduledAction", "autoscaling:BatchPutScheduledUpdateGroupAction", "autoscaling:CancelInstanceRefresh", "autoscaling:CompleteLifecycleAction", "autoscaling:CreateAutoScalingGroup", "autoscaling:CreateLaunchConfiguration", "autoscaling:CreateOrUpdateTags", "autoscaling:DeleteAutoScalingGroup", "autoscaling:DeleteLaunchConfiguration", "autoscaling:DeleteLifecycleHook", "autoscaling:DeleteNotificationConfiguration", "autoscaling:DeletePolicy", "autoscaling:DeleteScheduledAction", "autoscaling:DeleteTags", "autoscaling:DeleteWarmPool", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "autoscaling:DetachInstances", "autoscaling:DetachLoadBalancerTargetGroups", "autoscaling:DetachLoadBalancers", "autoscaling:DetachTrafficSources", "autoscaling:DisableMetricsCollection", "autoscaling:EnableMetricsCollection", "autoscaling:EnterStandby", "autoscaling:ExecutePolicy", "autoscaling:ExitStandby", "autoscaling:GetPredictiveScalingForecast", "autoscaling:PutLifecycleHook", "autoscaling:PutNotificationConfiguration", "autoscaling:PutScalingPolicy", "autoscaling:PutScheduledUpdateGroupAction", "autoscaling:PutWarmPool", "autoscaling:RecordLifecycleActionHeartbeat", "autoscaling:ResumeProcesses", "autoscaling:RollbackInstanceRefresh", "autoscaling:SetDesiredCapacity", "autoscaling:SetInstanceHealth", "autoscaling:SetInstanceProtection", "autoscaling:StartInstanceRefresh", "autoscaling:SuspendProcesses", "autoscaling:TerminateInstanceInAutoScalingGroup", "autoscaling:UpdateAutoScalingGroup", "cloudwatch:PutMetricAlarm", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", "ec2:DescribeImages", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstances", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribePlacementGroups", "ec2:DescribeSecurityGroups", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSubnets", "ec2:DescribeVpcClassicLink", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTargetGroups", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AutoScalingFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-02-06T21:59:13+00:00", "version": "v2" }, { "access_levels": [], "arn": null, "createdate": "2015-02-06T18:40:16Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [], "malformed": false, "name": "AmazonEC2ReportsAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": true, "updatedate": null, "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonQFullAccess", "createdate": "2023-11-28T16:00:24Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "q:GetConversation", "q:GetIdentityMetadata", "q:GetTroubleshootingResults", "q:ListConversations", "q:PassRequest", "q:SendMessage", "q:StartConversation", "q:StartTroubleshootingAnalysis", "q:StartTroubleshootingResolutionExplanation", "q:UpdateTroubleshootingCommandResult" ], "malformed": false, "name": "AmazonQFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-28T16:00:24+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForCloudWatchAlarmsActionSSMServiceRolePolicy", "createdate": "2020-10-01T09:49:01Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ssm:CreateOpsItem" ], "malformed": false, "name": "AWSServiceRoleForCloudWatchAlarmsActionSSMServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-10-01T09:49:01+00:00", "version": "v1" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSSystemsManagerOpsDataSyncServiceRolePolicy", "createdate": "2023-06-28T22:53:43Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ssm:GetOpsItem", "ssm:UpdateOpsItem", "ssm:CreateOpsItem", "ssm:AddTagsToResource", "ssm:UpdateServiceSetting", "ssm:GetServiceSetting", "securityhub:GetFindings", "securityhub:BatchUpdateFindings" ], "malformed": false, "name": "AWSSystemsManagerOpsDataSyncServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-06-28T22:53:43+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorSSMAccess", "createdate": "2023-06-02T22:55:18Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:PassRole", "ssm:StartAutomationExecution", "ssm:GetAutomationExecution", "ssm:StopAutomationExecution", "ssm:SendCommand", "ssm:ListCommands", "ssm:CancelCommand" ], "malformed": false, "name": "AWSFaultInjectionSimulatorSSMAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-06-02T22:55:18+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/ElastiCacheServiceRolePolicy", "createdate": "2023-11-28T03:05:37Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateNetworkInterface", "ec2:CreateSecurityGroup", "ec2:DeleteNetworkInterface", "ec2:DeleteSecurityGroup", "ec2:DescribeAvailabilityZones", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeVpcEndpoints", "ec2:ModifyNetworkInterfaceAttribute", "ec2:RevokeSecurityGroupIngress", "cloudwatch:PutMetricData", "outposts:GetOutpost", "outposts:GetOutpostInstanceTypes", "outposts:ListOutposts", "outposts:ListSites", "ec2:CreateVpcEndpoint", "ec2:DeleteVpcEndpoints", "ec2:CreateTags", "ec2:ModifyVpcEndpoint", "ec2:CreateVpcEndpoint", "ec2:ModifyVpcEndpoint" ], "malformed": false, "name": "ElastiCacheServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-28T03:05:37+00:00", "version": "v4" }, { "access_levels": [ "List", "Read" ], "arn": null, "createdate": "2019-11-20T21:06:49Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "s3:GetObject", "s3:GetBucketLocation", "cloudtrail:GetTrail", "cloudtrail:GetTrailStatus", "cloudtrail:DescribeTrails", "cloudtrail:ListTrails", "cloudtrail:LookupEvents", "cloudtrail:ListTags", "cloudtrail:ListPublicKeys", "cloudtrail:GetEventSelectors", "cloudtrail:GetInsightSelectors", "s3:ListAllMyBuckets", "kms:ListAliases", "lambda:ListFunctions" ], "malformed": false, "name": "AWSCloudTrailReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v9" }, { "access_levels": [ "List", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/CloudWatchNetworkMonitorServiceRolePolicy", "createdate": "2023-12-21T18:53:19Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:PutMetricData", "ec2:DescribeNetworkInterfaces", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeVpcs", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "ec2:AuthorizeSecurityGroupEgress", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterfacePermission", "ec2:RevokeSecurityGroupEgress", "ec2:ModifyNetworkInterfaceAttribute", "ec2:DeleteNetworkInterface", "ec2:DeleteSecurityGroup" ], "malformed": false, "name": "CloudWatchNetworkMonitorServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-21T18:53:19+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingLambdaConcurrencyPolicy", "createdate": "2019-10-21T20:04:17Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "lambda:PutProvisionedConcurrencyConfig", "lambda:GetProvisionedConcurrencyConfig", "lambda:DeleteProvisionedConcurrencyConfig", "cloudwatch:PutMetricAlarm", "cloudwatch:DescribeAlarms", "cloudwatch:DeleteAlarms" ], "malformed": false, "name": "AWSApplicationAutoscalingLambdaConcurrencyPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-10-21T20:04:17+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForCodeGuru-Profiler", "createdate": "2020-06-26T22:04:26Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "sns:Publish" ], "malformed": false, "name": "AWSServiceRoleForCodeGuru-Profiler", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-06-26T22:04:26+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AlexaForBusinessLifesizeDelegatedAccessPolicy", "createdate": "2020-06-12T20:31:59Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "a4b:DisassociateDeviceFromRoom", "a4b:DeleteDevice", "a4b:UpdateDevice", "a4b:GetDevice", "a4b:RegisterAVSDevice", "a4b:SearchDevices", "a4b:AssociateDeviceWithRoom", "a4b:GetRoom", "a4b:GetAddressBook", "a4b:SearchRooms", "a4b:CreateContact", "a4b:CreateRoom", "a4b:UpdateContact", "a4b:ListConferenceProviders", "a4b:DeleteRoom", "a4b:CreateAddressBook", "a4b:DisassociateContactFromAddressBook", "a4b:CreateConferenceProvider", "a4b:PutConferencePreference", "a4b:DeleteAddressBook", "a4b:AssociateContactWithAddressBook", "a4b:DeleteContact", "a4b:SearchProfiles", "a4b:UpdateProfile", "a4b:GetContact", "kms:DescribeKey" ], "malformed": false, "name": "AlexaForBusinessLifesizeDelegatedAccessPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-06-12T20:31:59+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSCleanRoomsMLFullAccess", "createdate": "2023-11-29T21:02:06Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cleanrooms-ml:CreateAudienceModel", "cleanrooms-ml:CreateConfiguredAudienceModel", "cleanrooms-ml:CreateTrainingDataset", "cleanrooms-ml:DeleteAudienceGenerationJob", "cleanrooms-ml:DeleteAudienceModel", "cleanrooms-ml:DeleteConfiguredAudienceModel", "cleanrooms-ml:DeleteConfiguredAudienceModelPolicy", "cleanrooms-ml:DeleteTrainingDataset", "cleanrooms-ml:GetAudienceGenerationJob", "cleanrooms-ml:GetAudienceModel", "cleanrooms-ml:GetConfiguredAudienceModel", "cleanrooms-ml:GetConfiguredAudienceModelPolicy", "cleanrooms-ml:GetTrainingDataset", "cleanrooms-ml:ListAudienceExportJobs", "cleanrooms-ml:ListAudienceGenerationJobs", "cleanrooms-ml:ListAudienceModels", "cleanrooms-ml:ListConfiguredAudienceModels", "cleanrooms-ml:ListTagsForResource", "cleanrooms-ml:ListTrainingDatasets", "cleanrooms-ml:PutConfiguredAudienceModelPolicy", "cleanrooms-ml:StartAudienceExportJob", "cleanrooms-ml:StartAudienceGenerationJob", "cleanrooms-ml:TagResource", "cleanrooms-ml:UnTagResource", "cleanrooms-ml:UpdateConfiguredAudienceModel", "iam:PassRole", "cleanrooms:GetCollaboration", "cleanrooms:GetConfiguredAudienceModelAssociation", "cleanrooms:GetMembership", "cleanrooms:ListAnalysisTemplates", "cleanrooms:ListCollaborationAnalysisTemplates", "cleanrooms:ListCollaborationConfiguredAudienceModelAssociations", "cleanrooms:ListCollaborations", "cleanrooms:ListConfiguredTableAssociations", "cleanrooms:ListConfiguredTables", "cleanrooms:ListMembers", "cleanrooms:ListMemberships", "cleanrooms:ListProtectedQueries", "cleanrooms:ListSchemas", "cleanrooms:ListTagsForResource", "cleanrooms:ListMembers", "cleanrooms:CreateConfiguredAudienceModelAssociation", "cleanrooms:TagResource", "iam:ListRoles", "iam:GetRole", "iam:ListRolePolicies", "iam:ListAttachedRolePolicies", "iam:ListPolicies", "iam:GetPolicy", "iam:GetPolicyVersion", "glue:GetDatabase", "glue:GetDatabases", "glue:GetTable", "glue:GetTables", "glue:GetPartition", "glue:GetPartitions", "glue:GetSchema", "glue:GetSchemaVersion", "glue:BatchGetPartition", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:GetBucketLocation" ], "malformed": false, "name": "AWSCleanRoomsMLFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-29T21:02:06+00:00", "version": "v1" }, { "access_levels": [ "List", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSOpsWorksRegisterCLI_OnPremises", "createdate": "2019-06-18T15:33:16Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "opsworks:AssignInstance", "opsworks:CreateLayer", "opsworks:DeregisterInstance", "opsworks:DescribeInstances", "opsworks:DescribeStackProvisioningParameters", "opsworks:DescribeStacks", "opsworks:UnassignInstance", "ec2:DescribeInstances", "iam:CreateGroup", "iam:AddUserToGroup", "iam:CreateUser", "iam:CreateAccessKey", "iam:AttachUserPolicy" ], "malformed": false, "name": "AWSOpsWorksRegisterCLI_OnPremises", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-18T15:33:16+00:00", "version": "v1" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerEdgeDeviceFleetPolicy", "createdate": "2020-12-08T16:17:22Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "s3:PutObject", "s3:GetBucketLocation", "sagemaker:SendHeartbeat", "sagemaker:GetDeviceRegistration", "iot:CreateRoleAlias", "iot:DescribeRoleAlias", "iot:UpdateRoleAlias", "iot:ListTagsForResource", "iot:TagResource", "iam:GetRole", "iam:PassRole" ], "malformed": false, "name": "AmazonSageMakerEdgeDeviceFleetPolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-08T16:17:22+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSBackupRestoreAccessForSAPHANA", "createdate": "2022-11-10T22:43:27Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "backup:GetBackupPlan", "backup:GetBackupPlanFromJSON", "backup:GetBackupPlanFromTemplate", "backup:GetBackupSelection", "backup:GetBackupVaultAccessPolicy", "backup:GetBackupVaultNotifications", "backup:GetBackupVaultSharingPolicy", "backup:GetLegalHold", "backup:GetRecoveryPointRestoreMetadata", "backup:GetRestoreJobMetadata", "backup:GetRestoreTestingInferredMetadata", "backup:GetRestoreTestingPlan", "backup:GetRestoreTestingSelection", "backup:GetSupportedResourceTypes", "backup:ListBackupJobSummaries", "backup:ListBackupJobs", "backup:ListBackupPlanTemplates", "backup:ListBackupPlanVersions", "backup:ListBackupPlans", "backup:ListBackupSelections", "backup:ListBackupVaults", "backup:ListCopyJobSummaries", "backup:ListCopyJobs", "backup:ListFrameworks", "backup:ListLegalHolds", "backup:ListProtectedResources", "backup:ListProtectedResourcesByBackupVault", "backup:ListRecoveryPointsByBackupVault", "backup:ListRecoveryPointsByLegalHold", "backup:ListRecoveryPointsByResource", "backup:ListReportJobs", "backup:ListReportPlans", "backup:ListRestoreJobSummaries", "backup:ListRestoreJobs", "backup:ListRestoreJobsByProtectedResource", "backup:ListRestoreTestingPlans", "backup:ListRestoreTestingSelections", "backup:ListTags", "backup:DescribeBackupJob", "backup:DescribeBackupVault", "backup:DescribeCopyJob", "backup:DescribeFramework", "backup:DescribeGlobalSettings", "backup:DescribeProtectedResource", "backup:DescribeRecoveryPoint", "backup:DescribeRegionSettings", "backup:DescribeReportJob", "backup:DescribeReportPlan", "backup:DescribeRestoreJob", "backup:StartBackupJob", "backup:StartRestoreJob", "ssm-sap:GetOperation", "ssm-sap:ListDatabases", "ssm-sap:BackupDatabase", "ssm-sap:RestoreDatabase", "ssm-sap:UpdateHANABackupSettings", "ssm-sap:GetDatabase", "ssm-sap:ListTagsForResource" ], "malformed": false, "name": "AWSBackupRestoreAccessForSAPHANA", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-10T22:43:27+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSIoTTwinMakerServiceRolePolicy", "createdate": "2023-11-13T18:59:42Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iotsitewise:DescribeAsset", "iotsitewise:DescribeAssetModel", "iotsitewise:ListAssets", "iotsitewise:ListAssetModels", "iottwinmaker:GetEntity", "iottwinmaker:CreateEntity", "iottwinmaker:UpdateEntity", "iottwinmaker:DeleteEntity", "iottwinmaker:ListEntities", "iottwinmaker:GetComponentType", "iottwinmaker:CreateComponentType", "iottwinmaker:UpdateComponentType", "iottwinmaker:DeleteComponentType", "iottwinmaker:ListComponentTypes" ], "malformed": false, "name": "AWSIoTTwinMakerServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-13T18:59:42+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/MigrationHubDMSAccessServiceRolePolicy", "createdate": "2019-10-07T17:57:44Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mgh:CreateProgressUpdateStream", "mgh:DescribeMigrationTask", "mgh:AssociateDiscoveredResource", "mgh:ListDiscoveredResources", "mgh:ImportMigrationTask", "mgh:ListCreatedArtifacts", "mgh:DisassociateDiscoveredResource", "mgh:AssociateCreatedArtifact", "mgh:NotifyMigrationTaskState", "mgh:DisassociateCreatedArtifact", "mgh:PutResourceAttributes", "mgh:ListMigrationTasks", "mgh:NotifyApplicationState", "mgh:DescribeApplicationState", "mgh:GetHomeRegion" ], "malformed": false, "name": "MigrationHubDMSAccessServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-10-07T17:57:44+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSLambda_ReadOnlyAccess", "createdate": "2023-07-27T17:32:05Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudformation:DescribeStacks", "cloudformation:ListStacks", "cloudformation:ListStackResources", "cloudwatch:GetMetricData", "cloudwatch:ListMetrics", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "kms:ListAliases", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:GetRole", "iam:GetRolePolicy", "iam:ListAttachedRolePolicies", "iam:ListRolePolicies", "iam:ListRoles", "logs:DescribeLogGroups", "lambda:GetAccountSettings", "lambda:GetAlias", "lambda:GetCodeSigningConfig", "lambda:GetEventSourceMapping", "lambda:GetFunction", "lambda:GetFunctionCodeSigningConfig", "lambda:GetFunctionConcurrency", "lambda:GetFunctionConfiguration", "lambda:GetFunctionEventInvokeConfig", "lambda:GetFunctionUrlConfig", "lambda:GetLayerVersion", "lambda:GetLayerVersionPolicy", "lambda:GetPolicy", "lambda:GetProvisionedConcurrencyConfig", "lambda:GetRuntimeManagementConfig", "lambda:ListAliases", "lambda:ListCodeSigningConfigs", "lambda:ListEventSourceMappings", "lambda:ListFunctionEventInvokeConfigs", "lambda:ListFunctionUrlConfigs", "lambda:ListFunctions", "lambda:ListFunctionsByCodeSigningConfig", "lambda:ListLayerVersions", "lambda:ListLayers", "lambda:ListProvisionedConcurrencyConfigs", "lambda:ListTags", "lambda:ListVersionsByFunction", "states:DescribeStateMachine", "states:ListStateMachines", "tag:GetResources", "xray:GetTraceSummaries", "xray:BatchGetTraces", "logs:DescribeLogStreams", "logs:GetLogEvents", "logs:FilterLogEvents", "logs:StartQuery", "logs:StopQuery", "logs:DescribeQueries", "logs:GetLogGroupFields", "logs:GetLogRecord", "logs:GetQueryResults" ], "malformed": false, "name": "AWSLambda_ReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-07-27T17:32:05+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonKinesisVideoStreamsFullAccess", "createdate": "2017-12-01T23:27:18Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "kinesisvideo:ConnectAsMaster", "kinesisvideo:ConnectAsViewer", "kinesisvideo:CreateSignalingChannel", "kinesisvideo:CreateStream", "kinesisvideo:DeleteEdgeConfiguration", "kinesisvideo:DeleteSignalingChannel", "kinesisvideo:DeleteStream", "kinesisvideo:DescribeEdgeConfiguration", "kinesisvideo:DescribeImageGenerationConfiguration", "kinesisvideo:DescribeMappedResourceConfiguration", "kinesisvideo:DescribeMediaStorageConfiguration", "kinesisvideo:DescribeNotificationConfiguration", "kinesisvideo:DescribeSignalingChannel", "kinesisvideo:DescribeStream", "kinesisvideo:GetClip", "kinesisvideo:GetDASHStreamingSessionURL", "kinesisvideo:GetDataEndpoint", "kinesisvideo:GetHLSStreamingSessionURL", "kinesisvideo:GetIceServerConfig", "kinesisvideo:GetImages", "kinesisvideo:GetMedia", "kinesisvideo:GetMediaForFragmentList", "kinesisvideo:GetSignalingChannelEndpoint", "kinesisvideo:JoinStorageSession", "kinesisvideo:ListEdgeAgentConfigurations", "kinesisvideo:ListFragments", "kinesisvideo:ListSignalingChannels", "kinesisvideo:ListStreams", "kinesisvideo:ListTagsForResource", "kinesisvideo:ListTagsForStream", "kinesisvideo:PutMedia", "kinesisvideo:SendAlexaOfferToMaster", "kinesisvideo:StartEdgeConfigurationUpdate", "kinesisvideo:TagResource", "kinesisvideo:TagStream", "kinesisvideo:UntagResource", "kinesisvideo:UntagStream", "kinesisvideo:UpdateDataRetention", "kinesisvideo:UpdateImageGenerationConfiguration", "kinesisvideo:UpdateMediaStorageConfiguration", "kinesisvideo:UpdateNotificationConfiguration", "kinesisvideo:UpdateSignalingChannel", "kinesisvideo:UpdateStream" ], "malformed": false, "name": "AmazonKinesisVideoStreamsFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-12-01T23:27:18+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonChimeTranscriptionServiceLinkedRolePolicy", "createdate": "2021-08-04T21:47:41Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "transcribe:StartStreamTranscription", "transcribe:StartMedicalStreamTranscription" ], "malformed": false, "name": "AmazonChimeTranscriptionServiceLinkedRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-08-04T21:47:41+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSCodePipelineApproverAccess", "createdate": "2017-08-02T17:24:58Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "codepipeline:GetPipeline", "codepipeline:GetPipelineState", "codepipeline:GetPipelineExecution", "codepipeline:ListPipelineExecutions", "codepipeline:ListPipelines", "codepipeline:PutApprovalResult" ], "malformed": false, "name": "AWSCodePipelineApproverAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-08-02T17:24:58+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSBillingReadOnlyAccess", "createdate": "2024-01-17T18:15:35Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "account:GetAccountInformation", "aws-portal:ViewBilling", "billing:GetBillingData", "billing:GetBillingDetails", "billing:GetBillingNotifications", "billing:GetBillingPreferences", "billing:GetCredits", "billing:GetContractInformation", "billing:GetIAMAccessPreference", "billing:GetSellerOfRecord", "billing:ListBillingViews", "budgets:ViewBudget", "budgets:DescribeBudgetActionsForBudget", "budgets:DescribeBudgetAction", "budgets:DescribeBudgetActionsForAccount", "budgets:DescribeBudgetActionHistories", "ce:DescribeCostCategoryDefinition", "ce:GetCostAndUsage", "ce:ListCostCategoryDefinitions", "ce:ListTagsForResource", "ce:ListCostAllocationTags", "consolidatedbilling:ListLinkedAccounts", "consolidatedbilling:GetAccountBillingRole", "cur:GetClassicReport", "cur:GetClassicReportPreferences", "cur:GetUsageReport", "cur:DescribeReportDefinitions", "freetier:GetFreeTierAlertPreference", "freetier:GetFreeTierUsage", "invoicing:GetInvoiceEmailDeliveryPreferences", "invoicing:GetInvoicePDF", "invoicing:ListInvoiceSummaries", "payments:GetPaymentInstrument", "payments:GetPaymentStatus", "payments:ListPaymentPreferences", "purchase-orders:GetPurchaseOrder", "purchase-orders:ViewPurchaseOrders", "purchase-orders:ListPurchaseOrderInvoices", "purchase-orders:ListPurchaseOrders", "purchase-orders:ListTagsForResource", "sustainability:GetCarbonFootprintSummary", "tax:GetTaxRegistrationDocument", "tax:GetTaxInheritance", "tax:ListTaxRegistrations" ], "malformed": false, "name": "AWSBillingReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-17T18:15:35+00:00", "version": "v5" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSDataSyncDiscoveryServiceRolePolicy", "createdate": "2023-03-20T22:19:51Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "secretsmanager:GetSecretValue", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "malformed": false, "name": "AWSDataSyncDiscoveryServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-20T22:19:51+00:00", "version": "v1" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/CloudWatchLogsCrossAccountSharingConfiguration", "createdate": "2022-11-27T13:55:22Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:Link", "oam:ListLinks", "oam:DeleteLink", "oam:GetLink", "oam:TagResource", "oam:CreateLink", "oam:UpdateLink" ], "malformed": false, "name": "CloudWatchLogsCrossAccountSharingConfiguration", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-27T13:55:22+00:00", "version": "v1" }, { "access_levels": [ "List", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonSageMakerCoreServiceRolePolicy", "createdate": "2020-12-21T21:40:47Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:CreateNetworkInterfacePermission", "ec2:DescribeDhcpOptions", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs" ], "malformed": false, "name": "AmazonSageMakerCoreServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-21T21:40:47+00:00", "version": "v1" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/EMRDescribeClusterPolicyForEMRWAL", "createdate": "2023-06-15T23:30:22Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elasticmapreduce:DescribeCluster" ], "malformed": false, "name": "EMRDescribeClusterPolicyForEMRWAL", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-06-15T23:30:22+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonGuardDutyFullAccess", "createdate": "2023-11-16T23:04:21Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "guardduty:AcceptAdministratorInvitation", "guardduty:AcceptInvitation", "guardduty:ArchiveFindings", "guardduty:CreateDetector", "guardduty:CreateFilter", "guardduty:CreateIPSet", "guardduty:CreateMembers", "guardduty:CreatePublishingDestination", "guardduty:CreateSampleFindings", "guardduty:CreateThreatIntelSet", "guardduty:DeclineInvitations", "guardduty:DeleteDetector", "guardduty:DeleteFilter", "guardduty:DeleteIPSet", "guardduty:DeleteInvitations", "guardduty:DeleteMembers", "guardduty:DeletePublishingDestination", "guardduty:DeleteThreatIntelSet", "guardduty:DescribeMalwareScans", "guardduty:DescribeOrganizationConfiguration", "guardduty:DescribePublishingDestination", "guardduty:DisableOrganizationAdminAccount", "guardduty:DisassociateFromAdministratorAccount", "guardduty:DisassociateFromMasterAccount", "guardduty:DisassociateMembers", "guardduty:EnableOrganizationAdminAccount", "guardduty:GetAdministratorAccount", "guardduty:GetCoverageStatistics", "guardduty:GetDetector", "guardduty:GetFilter", "guardduty:GetFindings", "guardduty:GetFindingsStatistics", "guardduty:GetIPSet", "guardduty:GetInvitationsCount", "guardduty:GetMalwareScanSettings", "guardduty:GetMasterAccount", "guardduty:GetMemberDetectors", "guardduty:GetMembers", "guardduty:GetOrganizationStatistics", "guardduty:GetRemainingFreeTrialDays", "guardduty:GetThreatIntelSet", "guardduty:GetUsageStatistics", "guardduty:InviteMembers", "guardduty:ListCoverage", "guardduty:ListDetectors", "guardduty:ListFilters", "guardduty:ListFindings", "guardduty:ListIPSets", "guardduty:ListInvitations", "guardduty:ListMembers", "guardduty:ListOrganizationAdminAccounts", "guardduty:ListPublishingDestinations", "guardduty:ListTagsForResource", "guardduty:ListThreatIntelSets", "guardduty:SendSecurityTelemetry", "guardduty:StartMalwareScan", "guardduty:StartMonitoringMembers", "guardduty:StopMonitoringMembers", "guardduty:TagResource", "guardduty:UnarchiveFindings", "guardduty:UntagResource", "guardduty:UpdateDetector", "guardduty:UpdateFilter", "guardduty:UpdateFindingsFeedback", "guardduty:UpdateIPSet", "guardduty:UpdateMalwareScanSettings", "guardduty:UpdateMemberDetectors", "guardduty:UpdateOrganizationConfiguration", "guardduty:UpdatePublishingDestination", "guardduty:UpdateThreatIntelSet", "iam:CreateServiceLinkedRole", "organizations:EnableAWSServiceAccess", "organizations:RegisterDelegatedAdministrator", "organizations:ListDelegatedAdministrators", "organizations:ListAWSServiceAccessForOrganization", "organizations:DescribeOrganizationalUnit", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListAccounts", "iam:GetRole" ], "malformed": false, "name": "AmazonGuardDutyFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-16T23:04:21+00:00", "version": "v5" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonCodeGuruReviewerReadOnlyAccess", "createdate": "2020-08-29T04:15:32Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "codeguru:GetCodeGuruFreeTrialSummary", "codeguru-reviewer:ListCodeReviews", "codeguru-reviewer:ListRecommendationFeedback", "codeguru-reviewer:ListRecommendations", "codeguru-reviewer:ListRepositoryAssociations", "codeguru-reviewer:ListTagsForResource", "codeguru-reviewer:ListThirdPartyRepositories", "codeguru-reviewer:DescribeCodeReview", "codeguru-reviewer:DescribeRecommendationFeedback", "codeguru-reviewer:DescribeRepositoryAssociation", "codeguru-reviewer:GetMetricsData" ], "malformed": false, "name": "AmazonCodeGuruReviewerReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-08-29T04:15:32+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonOpenSearchServiceFullAccess", "createdate": "2021-09-08T05:33:47Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "es:AcceptInboundConnection", "es:AcceptInboundCrossClusterSearchConnection", "es:AddDataSource", "es:AddTags", "es:AssociatePackage", "es:AuthorizeVpcEndpointAccess", "es:CancelDomainConfigChange", "es:CancelElasticsearchServiceSoftwareUpdate", "es:CancelServiceSoftwareUpdate", "es:CreateDomain", "es:CreateElasticsearchDomain", "es:CreateElasticsearchServiceRole", "es:CreateOutboundConnection", "es:CreateOutboundCrossClusterSearchConnection", "es:CreatePackage", "es:CreateServiceRole", "es:CreateVpcEndpoint", "es:DeleteDataSource", "es:DeleteDomain", "es:DeleteElasticsearchDomain", "es:DeleteElasticsearchServiceRole", "es:DeleteInboundConnection", "es:DeleteInboundCrossClusterSearchConnection", "es:DeleteOutboundConnection", "es:DeleteOutboundCrossClusterSearchConnection", "es:DeletePackage", "es:DeleteVpcEndpoint", "es:DescribeDomain", "es:DescribeDomainAutoTunes", "es:DescribeDomainChangeProgress", "es:DescribeDomainConfig", "es:DescribeDomainHealth", "es:DescribeDomainNodes", "es:DescribeDomains", "es:DescribeDryRunProgress", "es:DescribeElasticsearchDomain", "es:DescribeElasticsearchDomainConfig", "es:DescribeElasticsearchDomains", "es:DescribeElasticsearchInstanceTypeLimits", "es:DescribeInboundConnections", "es:DescribeInboundCrossClusterSearchConnections", "es:DescribeInstanceTypeLimits", "es:DescribeOutboundConnections", "es:DescribeOutboundCrossClusterSearchConnections", "es:DescribePackages", "es:DescribeReservedElasticsearchInstanceOfferings", "es:DescribeReservedElasticsearchInstances", "es:DescribeReservedInstanceOfferings", "es:DescribeReservedInstances", "es:DescribeVpcEndpoints", "es:DissociatePackage", "es:ESCrossClusterGet", "es:ESHttpDelete", "es:ESHttpGet", "es:ESHttpHead", "es:ESHttpPatch", "es:ESHttpPost", "es:ESHttpPut", "es:GetCompatibleElasticsearchVersions", "es:GetCompatibleVersions", "es:GetDataSource", "es:GetDomainMaintenanceStatus", "es:GetPackageVersionHistory", "es:GetUpgradeHistory", "es:GetUpgradeStatus", "es:ListDataSources", "es:ListDomainMaintenances", "es:ListDomainNames", "es:ListDomainsForPackage", "es:ListElasticsearchInstanceTypeDetails", "es:ListElasticsearchInstanceTypes", "es:ListElasticsearchVersions", "es:ListInstanceTypeDetails", "es:ListPackagesForDomain", "es:ListScheduledActions", "es:ListTags", "es:ListVersions", "es:ListVpcEndpointAccess", "es:ListVpcEndpoints", "es:ListVpcEndpointsForDomain", "es:PurchaseReservedElasticsearchInstanceOffering", "es:PurchaseReservedInstanceOffering", "es:RejectInboundConnection", "es:RejectInboundCrossClusterSearchConnection", "es:RemoveTags", "es:RevokeVpcEndpointAccess", "es:StartDomainMaintenance", "es:StartElasticsearchServiceSoftwareUpdate", "es:StartServiceSoftwareUpdate", "es:UpdateDataSource", "es:UpdateDomainConfig", "es:UpdateElasticsearchDomainConfig", "es:UpdatePackage", "es:UpdateScheduledAction", "es:UpdateVpcEndpoint", "es:UpgradeDomain", "es:UpgradeElasticsearchDomain" ], "malformed": false, "name": "AmazonOpenSearchServiceFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-09-08T05:33:47+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSThinkboxAWSPortalWorkerPolicy", "createdate": "2020-12-07T23:27:47Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ec2:DescribeTags", "ec2:TerminateInstances", "s3:GetObject", "s3:PutObject", "s3:ListBucket", "s3:GetObject", "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogStreams", "logs:DescribeLogGroups", "logs:CreateLogGroup", "sqs:SendMessage", "sqs:GetQueueUrl" ], "malformed": false, "name": "AWSThinkboxAWSPortalWorkerPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-07T23:27:47+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSProtonServiceGitSyncServiceRolePolicy", "createdate": "2023-04-04T15:55:48Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "proton:GetService", "proton:UpdateService", "proton:UpdateServicePipeline", "proton:GetServiceInstance", "proton:CreateServiceInstance", "proton:UpdateServiceInstance", "proton:ListServiceInstances", "proton:GetComponent", "proton:CreateComponent", "proton:ListComponents", "proton:UpdateComponent", "proton:GetEnvironment", "proton:CreateEnvironment", "proton:ListEnvironments", "proton:UpdateEnvironment" ], "malformed": false, "name": "AWSProtonServiceGitSyncServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-04T15:55:48+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonMacieHandshakeRole", "createdate": "2018-06-28T15:46:10Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonMacieHandshakeRole", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-06-28T15:46:10+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": null, "createdate": "2018-09-28T21:08:53Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [ "iam:PassRole" ], "malformed": false, "name": "AmazonMechanicalTurkCrowdFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": true, "updatedate": null, "version": "v2" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSCloudShellFullAccess", "createdate": "2020-12-15T18:07:44Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudshell:CreateEnvironment", "cloudshell:CreateSession", "cloudshell:DeleteEnvironment", "cloudshell:GetEnvironmentStatus", "cloudshell:GetFileDownloadUrls", "cloudshell:GetFileUploadUrls", "cloudshell:PutCredentials", "cloudshell:StartEnvironment", "cloudshell:StopEnvironment" ], "malformed": false, "name": "AWSCloudShellFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-15T18:07:44+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSQuickSightDescribeRDS", "createdate": "2015-11-10T23:24:50Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "rds:DescribeAccountAttributes", "rds:DescribeBlueGreenDeployments", "rds:DescribeCertificates", "rds:DescribeDBClusterAutomatedBackups", "rds:DescribeDBClusterBacktracks", "rds:DescribeDBClusterEndpoints", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBProxies", "rds:DescribeDBProxyEndpoints", "rds:DescribeDBProxyTargetGroups", "rds:DescribeDBProxyTargets", "rds:DescribeDBRecommendations", "rds:DescribeDBSecurityGroups", "rds:DescribeDBShardGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeDbSnapshotTenantDatabases", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeExportTasks", "rds:DescribeGlobalClusters", "rds:DescribeIntegrations", "rds:DescribeOptionGroupOptions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeRecommendationGroups", "rds:DescribeRecommendations", "rds:DescribeReservedDBInstances", "rds:DescribeReservedDBInstancesOfferings", "rds:DescribeSourceRegions", "rds:DescribeTenantDatabases", "rds:DescribeValidDBInstanceModifications" ], "malformed": false, "name": "AWSQuickSightDescribeRDS", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-11-10T23:24:50+00:00", "version": "v1" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonOpenSearchIngestionServiceRolePolicy", "createdate": "2022-11-18T16:49:50Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "ec2:DescribeVpcEndpoints", "ec2:CreateVpcEndpoint", "ec2:CreateVpcEndpoint", "ec2:DeleteVpcEndpoints", "ec2:CreateTags", "cloudwatch:PutMetricData" ], "malformed": false, "name": "AmazonOpenSearchIngestionServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-18T16:49:50+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonAppFlowReadOnlyAccess", "createdate": "2022-02-28T20:42:58Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "appflow:DescribeConnector", "appflow:DescribeConnectors", "appflow:DescribeConnectorProfiles", "appflow:DescribeFlows", "appflow:DescribeFlowExecution", "appflow:DescribeConnectorFields", "appflow:ListConnectors", "appflow:ListConnectorFields", "appflow:ListTagsForResource" ], "malformed": false, "name": "AmazonAppFlowReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-02-28T20:42:58+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSCloudMapReadOnlyAccess", "createdate": "2023-09-20T21:47:45Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "servicediscovery:GetInstance", "servicediscovery:GetInstancesHealthStatus", "servicediscovery:GetNamespace", "servicediscovery:GetOperation", "servicediscovery:GetService", "servicediscovery:ListInstances", "servicediscovery:ListNamespaces", "servicediscovery:ListOperations", "servicediscovery:ListServices", "servicediscovery:ListTagsForResource", "servicediscovery:DiscoverInstances", "servicediscovery:DiscoverInstancesRevision" ], "malformed": false, "name": "AWSCloudMapReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-09-20T21:47:45+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonChimeFullAccess", "createdate": "2020-12-14T21:00:52Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "chime:AcceptDelegate", "chime:ActivateUsers", "chime:AddDomain", "chime:AddOrUpdateGroups", "chime:AssociateChannelFlow", "chime:AssociatePhoneNumberWithUser", "chime:AssociatePhoneNumbersWithVoiceConnector", "chime:AssociatePhoneNumbersWithVoiceConnectorGroup", "chime:AssociateSigninDelegateGroupsWithAccount", "chime:AuthorizeDirectory", "chime:BatchCreateAttendee", "chime:BatchCreateChannelMembership", "chime:BatchCreateRoomMembership", "chime:BatchDeletePhoneNumber", "chime:BatchSuspendUser", "chime:BatchUnsuspendUser", "chime:BatchUpdateAttendeeCapabilitiesExcept", "chime:BatchUpdatePhoneNumber", "chime:BatchUpdateUser", "chime:ChannelFlowCallback", "chime:Connect", "chime:ConnectDirectory", "chime:CreateAccount", "chime:CreateApiKey", "chime:CreateAppInstance", "chime:CreateAppInstanceAdmin", "chime:CreateAppInstanceBot", "chime:CreateAppInstanceUser", "chime:CreateAttendee", "chime:CreateBot", "chime:CreateCDRBucket", "chime:CreateChannel", "chime:CreateChannelBan", "chime:CreateChannelFlow", "chime:CreateChannelMembership", "chime:CreateChannelModerator", "chime:CreateMediaCapturePipeline", "chime:CreateMediaConcatenationPipeline", "chime:CreateMediaInsightsPipeline", "chime:CreateMediaInsightsPipelineConfiguration", "chime:CreateMediaLiveConnectorPipeline", "chime:CreateMediaPipelineKinesisVideoStreamPool", "chime:CreateMediaStreamPipeline", "chime:CreateMeeting", "chime:CreateMeetingDialOut", "chime:CreateMeetingWithAttendees", "chime:CreatePhoneNumberOrder", "chime:CreateProxySession", "chime:CreateRoom", "chime:CreateRoomMembership", "chime:CreateSipMediaApplication", "chime:CreateSipMediaApplicationCall", "chime:CreateSipRule", "chime:CreateUser", "chime:CreateVoiceConnector", "chime:CreateVoiceConnectorGroup", "chime:CreateVoiceProfile", "chime:CreateVoiceProfileDomain", "chime:DeleteAccount", "chime:DeleteAccountOpenIdConfig", "chime:DeleteApiKey", "chime:DeleteAppInstance", "chime:DeleteAppInstanceAdmin", "chime:DeleteAppInstanceBot", "chime:DeleteAppInstanceStreamingConfigurations", "chime:DeleteAppInstanceUser", "chime:DeleteAttendee", "chime:DeleteCDRBucket", "chime:DeleteChannel", "chime:DeleteChannelBan", "chime:DeleteChannelFlow", "chime:DeleteChannelMembership", "chime:DeleteChannelMessage", "chime:DeleteChannelModerator", "chime:DeleteDelegate", "chime:DeleteDomain", "chime:DeleteEventsConfiguration", "chime:DeleteGroups", "chime:DeleteMediaCapturePipeline", "chime:DeleteMediaInsightsPipelineConfiguration", "chime:DeleteMediaPipeline", "chime:DeleteMediaPipelineKinesisVideoStreamPool", "chime:DeleteMeeting", "chime:DeleteMessagingStreamingConfigurations", "chime:DeletePhoneNumber", "chime:DeleteProxySession", "chime:DeleteRoom", "chime:DeleteRoomMembership", "chime:DeleteSipMediaApplication", "chime:DeleteSipRule", "chime:DeleteVoiceConnector", "chime:DeleteVoiceConnectorEmergencyCallingConfiguration", "chime:DeleteVoiceConnectorGroup", "chime:DeleteVoiceConnectorOrigination", "chime:DeleteVoiceConnectorProxy", "chime:DeleteVoiceConnectorStreamingConfiguration", "chime:DeleteVoiceConnectorTermination", "chime:DeleteVoiceConnectorTerminationCredentials", "chime:DeleteVoiceProfile", "chime:DeleteVoiceProfileDomain", "chime:DeregisterAppInstanceUserEndpoint", "chime:DescribeAppInstance", "chime:DescribeAppInstanceAdmin", "chime:DescribeAppInstanceBot", "chime:DescribeAppInstanceUser", "chime:DescribeAppInstanceUserEndpoint", "chime:DescribeChannel", "chime:DescribeChannelBan", "chime:DescribeChannelFlow", "chime:DescribeChannelMembership", "chime:DescribeChannelMembershipForAppInstanceUser", "chime:DescribeChannelModeratedByAppInstanceUser", "chime:DescribeChannelModerator", "chime:DisassociateChannelFlow", "chime:DisassociatePhoneNumberFromUser", "chime:DisassociatePhoneNumbersFromVoiceConnector", "chime:DisassociatePhoneNumbersFromVoiceConnectorGroup", "chime:DisassociateSigninDelegateGroupsFromAccount", "chime:DisconnectDirectory", "chime:GetAccount", "chime:GetAccountResource", "chime:GetAccountSettings", "chime:GetAccountWithOpenIdConfig", "chime:GetAppInstanceRetentionSettings", "chime:GetAppInstanceStreamingConfigurations", "chime:GetAttendee", "chime:GetBot", "chime:GetCDRBucket", "chime:GetChannelMembershipPreferences", "chime:GetChannelMessage", "chime:GetChannelMessageStatus", "chime:GetDomain", "chime:GetEventsConfiguration", "chime:GetGlobalSettings", "chime:GetMediaCapturePipeline", "chime:GetMediaInsightsPipelineConfiguration", "chime:GetMediaPipeline", "chime:GetMediaPipelineKinesisVideoStreamPool", "chime:GetMeeting", "chime:GetMeetingDetail", "chime:GetMessagingSessionEndpoint", "chime:GetMessagingStreamingConfigurations", "chime:GetPhoneNumber", "chime:GetPhoneNumberOrder", "chime:GetPhoneNumberSettings", "chime:GetProxySession", "chime:GetRetentionSettings", "chime:GetRoom", "chime:GetSipMediaApplication", "chime:GetSipMediaApplicationAlexaSkillConfiguration", "chime:GetSipMediaApplicationLoggingConfiguration", "chime:GetSipRule", "chime:GetSpeakerSearchTask", "chime:GetTelephonyLimits", "chime:GetUser", "chime:GetUserActivityReportData", "chime:GetUserByEmail", "chime:GetUserSettings", "chime:GetVoiceConnector", "chime:GetVoiceConnectorEmergencyCallingConfiguration", "chime:GetVoiceConnectorGroup", "chime:GetVoiceConnectorLoggingConfiguration", "chime:GetVoiceConnectorOrigination", "chime:GetVoiceConnectorProxy", "chime:GetVoiceConnectorStreamingConfiguration", "chime:GetVoiceConnectorTermination", "chime:GetVoiceConnectorTerminationHealth", "chime:GetVoiceProfile", "chime:GetVoiceProfileDomain", "chime:GetVoiceToneAnalysisTask", "chime:InviteDelegate", "chime:InviteUsers", "chime:InviteUsersFromProvider", "chime:ListAccountUsageReportData", "chime:ListAccounts", "chime:ListApiKeys", "chime:ListAppInstanceAdmins", "chime:ListAppInstanceBots", "chime:ListAppInstanceUserEndpoints", "chime:ListAppInstanceUsers", "chime:ListAppInstances", "chime:ListAttendeeTags", "chime:ListAttendees", "chime:ListAvailableVoiceConnectorRegions", "chime:ListBots", "chime:ListCDRBucket", "chime:ListCallingRegions", "chime:ListChannelBans", "chime:ListChannelFlows", "chime:ListChannelMemberships", "chime:ListChannelMembershipsForAppInstanceUser", "chime:ListChannelMessages", "chime:ListChannelModerators", "chime:ListChannels", "chime:ListChannelsAssociatedWithChannelFlow", "chime:ListChannelsModeratedByAppInstanceUser", "chime:ListDelegates", "chime:ListDirectories", "chime:ListDomains", "chime:ListGroups", "chime:ListMediaCapturePipelines", "chime:ListMediaInsightsPipelineConfigurations", "chime:ListMediaPipelineKinesisVideoStreamPools", "chime:ListMediaPipelines", "chime:ListMeetingEvents", "chime:ListMeetingTags", "chime:ListMeetings", "chime:ListMeetingsReportData", "chime:ListPhoneNumberOrders", "chime:ListPhoneNumbers", "chime:ListProxySessions", "chime:ListRoomMemberships", "chime:ListRooms", "chime:ListSipMediaApplications", "chime:ListSipRules", "chime:ListSubChannels", "chime:ListSupportedPhoneNumberCountries", "chime:ListTagsForResource", "chime:ListUsers", "chime:ListVoiceConnectorGroups", "chime:ListVoiceConnectorTerminationCredentials", "chime:ListVoiceConnectors", "chime:ListVoiceProfileDomains", "chime:ListVoiceProfiles", "chime:LogoutUser", "chime:PutAppInstanceRetentionSettings", "chime:PutAppInstanceStreamingConfigurations", "chime:PutAppInstanceUserExpirationSettings", "chime:PutChannelExpirationSettings", "chime:PutChannelMembershipPreferences", "chime:PutEventsConfiguration", "chime:PutMessagingStreamingConfigurations", "chime:PutRetentionSettings", "chime:PutSipMediaApplicationAlexaSkillConfiguration", "chime:PutSipMediaApplicationLoggingConfiguration", "chime:PutVoiceConnectorEmergencyCallingConfiguration", "chime:PutVoiceConnectorLoggingConfiguration", "chime:PutVoiceConnectorOrigination", "chime:PutVoiceConnectorProxy", "chime:PutVoiceConnectorStreamingConfiguration", "chime:PutVoiceConnectorTermination", "chime:PutVoiceConnectorTerminationCredentials", "chime:RedactChannelMessage", "chime:RedactConversationMessage", "chime:RedactRoomMessage", "chime:RegenerateSecurityToken", "chime:RegisterAppInstanceUserEndpoint", "chime:RenameAccount", "chime:RenewDelegate", "chime:ResetAccountResource", "chime:ResetPersonalPIN", "chime:RestorePhoneNumber", "chime:RetrieveDataExports", "chime:SearchAvailablePhoneNumbers", "chime:SearchChannels", "chime:SendChannelMessage", "chime:StartDataExport", "chime:StartMeetingTranscription", "chime:StartSpeakerSearchTask", "chime:StartVoiceToneAnalysisTask", "chime:StopMeetingTranscription", "chime:StopSpeakerSearchTask", "chime:StopVoiceToneAnalysisTask", "chime:SubmitSupportRequest", "chime:SuspendUsers", "chime:TagAttendee", "chime:TagMeeting", "chime:TagResource", "chime:UnauthorizeDirectory", "chime:UntagAttendee", "chime:UntagMeeting", "chime:UntagResource", "chime:UpdateAccount", "chime:UpdateAccountOpenIdConfig", "chime:UpdateAccountResource", "chime:UpdateAccountSettings", "chime:UpdateAppInstance", "chime:UpdateAppInstanceBot", "chime:UpdateAppInstanceUser", "chime:UpdateAppInstanceUserEndpoint", "chime:UpdateAttendeeCapabilities", "chime:UpdateBot", "chime:UpdateCDRSettings", "chime:UpdateChannel", "chime:UpdateChannelFlow", "chime:UpdateChannelMessage", "chime:UpdateChannelReadMarker", "chime:UpdateGlobalSettings", "chime:UpdateMediaInsightsPipelineConfiguration", "chime:UpdateMediaInsightsPipelineStatus", "chime:UpdateMediaPipelineKinesisVideoStreamPool", "chime:UpdatePhoneNumber", "chime:UpdatePhoneNumberSettings", "chime:UpdateProxySession", "chime:UpdateRoom", "chime:UpdateRoomMembership", "chime:UpdateSipMediaApplication", "chime:UpdateSipMediaApplicationCall", "chime:UpdateSipRule", "chime:UpdateSupportedLicenses", "chime:UpdateUser", "chime:UpdateUserLicenses", "chime:UpdateUserSettings", "chime:UpdateVoiceConnector", "chime:UpdateVoiceConnectorGroup", "chime:UpdateVoiceProfile", "chime:UpdateVoiceProfileDomain", "chime:ValidateAccountResource", "chime:ValidateE911Address", "s3:ListBucket", "s3:ListAllMyBuckets", "s3:GetBucketAcl", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "logs:CreateLogDelivery", "logs:DeleteLogDelivery", "logs:GetLogDelivery", "logs:ListLogDeliveries", "logs:DescribeResourcePolicies", "logs:PutResourcePolicy", "logs:CreateLogGroup", "logs:DescribeLogGroups", "sns:CreateTopic", "sns:GetTopicAttributes", "sqs:GetQueueAttributes", "sqs:CreateQueue", "kinesis:ListStreams", "kinesis:DescribeStream", "s3:GetEncryptionConfiguration", "s3:ListBucket" ], "malformed": false, "name": "AmazonChimeFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-14T21:00:52+00:00", "version": "v3" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSAppMeshServiceRolePolicy", "createdate": "2023-10-10T16:46:37Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "servicediscovery:DiscoverInstances", "servicediscovery:DiscoverInstancesRevision", "acm:DescribeCertificate" ], "malformed": false, "name": "AWSAppMeshServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-10-10T16:46:37+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonMachineLearningReadOnlyAccess", "createdate": "2015-04-09T17:40:02Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "machinelearning:DescribeBatchPredictions", "machinelearning:DescribeDataSources", "machinelearning:DescribeEvaluations", "machinelearning:DescribeMLModels", "machinelearning:DescribeTags", "machinelearning:GetBatchPrediction", "machinelearning:GetDataSource", "machinelearning:GetEvaluation", "machinelearning:GetMLModel" ], "malformed": false, "name": "AmazonMachineLearningReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-04-09T17:40:02+00:00", "version": "v1" }, { "access_levels": [ "List", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSMarketplaceAmiIngestion", "createdate": "2020-09-25T20:55:10Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:ModifySnapshotAttribute", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeSnapshotAttribute", "ec2:ModifyImageAttribute" ], "malformed": false, "name": "AWSMarketplaceAmiIngestion", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-09-25T20:55:10+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSTrustedAdvisorPriorityReadOnlyAccess", "createdate": "2022-08-16T16:35:12Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "trustedadvisor:DescribeAccount", "trustedadvisor:DescribeAccountAccess", "trustedadvisor:DescribeOrganization", "trustedadvisor:DescribeRisk", "trustedadvisor:DescribeRiskResources", "trustedadvisor:DescribeRisks", "trustedadvisor:DownloadRisk", "trustedadvisor:DescribeNotificationConfigurations", "organizations:DescribeOrganization", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListDelegatedAdministrators" ], "malformed": false, "name": "AWSTrustedAdvisorPriorityReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-08-16T16:35:12+00:00", "version": "v1" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AWSPriceListServiceFullAccess", "createdate": "2017-11-22T00:36:27Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "pricing:DescribeServices", "pricing:GetAttributeValues", "pricing:GetPriceListFileUrl", "pricing:GetProducts", "pricing:ListPriceLists" ], "malformed": false, "name": "AWSPriceListServiceFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-11-22T00:36:27+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonPollyReadOnlyAccess", "createdate": "2018-07-17T16:41:07Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "polly:DescribeVoices", "polly:GetLexicon", "polly:GetSpeechSynthesisTask", "polly:ListLexicons", "polly:ListSpeechSynthesisTasks", "polly:SynthesizeSpeech" ], "malformed": false, "name": "AmazonPollyReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-07-17T16:41:07+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonAugmentedAIFullAccess", "createdate": "2019-12-03T16:21:56Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "sagemaker:DeleteHumanLoop", "sagemaker:DescribeHumanLoop", "sagemaker:StartHumanLoop", "sagemaker:StopHumanLoop", "sagemaker:ListHumanLoops", "sagemaker:CreateFlowDefinition", "sagemaker:DeleteFlowDefinition", "sagemaker:DescribeFlowDefinition", "sagemaker:ListFlowDefinitions", "sagemaker:CreateHumanTaskUi", "sagemaker:DeleteHumanTaskUi", "sagemaker:DescribeHumanTaskUi", "sagemaker:ListHumanTaskUis", "iam:PassRole" ], "malformed": false, "name": "AmazonAugmentedAIFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-12-03T16:21:56+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSIoTWirelessLogging", "createdate": "2020-12-15T15:32:40Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:PutLogEvents" ], "malformed": false, "name": "AWSIoTWirelessLogging", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-15T15:32:40+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonSSMPatchAssociation", "createdate": "2020-05-13T16:00:42Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ssm:DescribeEffectivePatchesForPatchBaseline", "ssm:GetPatchBaseline", "tag:GetResources", "ssm:DescribePatchBaselines" ], "malformed": false, "name": "AmazonSSMPatchAssociation", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-05-13T16:00:42+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSBackupServiceLinkedRolePolicyForBackupTest", "createdate": "2020-05-12T17:37:29Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elasticfilesystem:Backup", "elasticfilesystem:DescribeTags", "tag:GetResources" ], "malformed": false, "name": "AWSBackupServiceLinkedRolePolicyForBackupTest", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-05-12T17:37:29+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSIoTEventsReadOnlyAccess", "createdate": "2019-09-23T17:22:04Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iotevents:DescribeAlarm", "iotevents:DescribeAlarmModel", "iotevents:DescribeDetector", "iotevents:DescribeDetectorModel", "iotevents:DescribeDetectorModelAnalysis", "iotevents:DescribeInput", "iotevents:DescribeLoggingOptions", "iotevents:ListAlarmModelVersions", "iotevents:ListAlarmModels", "iotevents:ListAlarms", "iotevents:ListDetectorModelVersions", "iotevents:ListDetectorModels", "iotevents:ListDetectors", "iotevents:ListInputRoutings", "iotevents:ListInputs", "iotevents:ListTagsForResource" ], "malformed": false, "name": "AWSIoTEventsReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-09-23T17:22:04+00:00", "version": "v2" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonWorkSpacesApplicationManagerAdminAccess", "createdate": "2015-04-09T14:03:18Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "wam:AuthenticatePackager" ], "malformed": false, "name": "AmazonWorkSpacesApplicationManagerAdminAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-04-09T14:03:18+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonOneEnterpriseFullAccess", "createdate": "2023-11-28T04:58:21Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "one:CreateDeviceActivationQrCode", "one:CreateDeviceConfigurationTemplate", "one:CreateDeviceInstance", "one:CreateDeviceInstanceConfiguration", "one:CreateSite", "one:DeleteAssociatedDevice", "one:DeleteDeviceConfigurationTemplate", "one:DeleteDeviceInstance", "one:DeleteSite", "one:DeleteUser", "one:GetDeviceConfigurationTemplate", "one:GetDeviceInstance", "one:GetDeviceInstanceConfiguration", "one:GetSite", "one:GetSiteAddress", "one:ListDeviceConfigurationTemplates", "one:ListDeviceInstances", "one:ListSites", "one:ListTagsForResource", "one:ListUsers", "one:RebootDevice", "one:TagResource", "one:UntagResource", "one:UpdateDeviceConfigurationTemplate", "one:UpdateDeviceInstance", "one:UpdateSite", "one:UpdateSiteAddress" ], "malformed": false, "name": "AmazonOneEnterpriseFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-28T04:58:21+00:00", "version": "v1" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonRoute53RecoveryReadinessReadOnlyAccess", "createdate": "2021-11-09T20:14:51Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "route53-recovery-readiness:GetCell", "route53-recovery-readiness:GetReadinessCheck", "route53-recovery-readiness:GetReadinessCheckResourceStatus", "route53-recovery-readiness:GetReadinessCheckStatus", "route53-recovery-readiness:GetRecoveryGroup", "route53-recovery-readiness:GetRecoveryGroupReadinessSummary", "route53-recovery-readiness:GetResourceSet", "route53-recovery-readiness:ListCells", "route53-recovery-readiness:ListCrossAccountAuthorizations", "route53-recovery-readiness:ListReadinessChecks", "route53-recovery-readiness:ListRecoveryGroups", "route53-recovery-readiness:ListResourceSets", "route53-recovery-readiness:ListRules", "route53-recovery-readiness:ListTagsForResources", "route53-recovery-readiness:GetArchitectureRecommendations", "route53-recovery-readiness:GetCellReadinessSummary" ], "malformed": false, "name": "AmazonRoute53RecoveryReadinessReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-11-09T20:14:51+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSNetworkManagerFullAccess", "createdate": "2019-12-03T17:37:58Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "networkmanager:AcceptAttachment", "networkmanager:AssociateConnectPeer", "networkmanager:AssociateCustomerGateway", "networkmanager:AssociateLink", "networkmanager:AssociateTransitGatewayConnectPeer", "networkmanager:CreateConnectAttachment", "networkmanager:CreateConnectPeer", "networkmanager:CreateConnection", "networkmanager:CreateCoreNetwork", "networkmanager:CreateDevice", "networkmanager:CreateGlobalNetwork", "networkmanager:CreateLink", "networkmanager:CreateSite", "networkmanager:CreateSiteToSiteVpnAttachment", "networkmanager:CreateTransitGatewayPeering", "networkmanager:CreateTransitGatewayRouteTableAttachment", "networkmanager:CreateVpcAttachment", "networkmanager:DeleteAttachment", "networkmanager:DeleteConnectPeer", "networkmanager:DeleteConnection", "networkmanager:DeleteCoreNetwork", "networkmanager:DeleteCoreNetworkPolicyVersion", "networkmanager:DeleteDevice", "networkmanager:DeleteGlobalNetwork", "networkmanager:DeleteLink", "networkmanager:DeletePeering", "networkmanager:DeleteResourcePolicy", "networkmanager:DeleteSite", "networkmanager:DeregisterTransitGateway", "networkmanager:DescribeGlobalNetworks", "networkmanager:DisassociateConnectPeer", "networkmanager:DisassociateCustomerGateway", "networkmanager:DisassociateLink", "networkmanager:DisassociateTransitGatewayConnectPeer", "networkmanager:ExecuteCoreNetworkChangeSet", "networkmanager:GetConnectAttachment", "networkmanager:GetConnectPeer", "networkmanager:GetConnectPeerAssociations", "networkmanager:GetConnections", "networkmanager:GetCoreNetwork", "networkmanager:GetCoreNetworkChangeEvents", "networkmanager:GetCoreNetworkChangeSet", "networkmanager:GetCoreNetworkPolicy", "networkmanager:GetCustomerGatewayAssociations", "networkmanager:GetDevices", "networkmanager:GetLinkAssociations", "networkmanager:GetLinks", "networkmanager:GetNetworkResourceCounts", "networkmanager:GetNetworkResourceRelationships", "networkmanager:GetNetworkResources", "networkmanager:GetNetworkRoutes", "networkmanager:GetNetworkTelemetry", "networkmanager:GetResourcePolicy", "networkmanager:GetRouteAnalysis", "networkmanager:GetSiteToSiteVpnAttachment", "networkmanager:GetSites", "networkmanager:GetTransitGatewayConnectPeerAssociations", "networkmanager:GetTransitGatewayPeering", "networkmanager:GetTransitGatewayRegistrations", "networkmanager:GetTransitGatewayRouteTableAttachment", "networkmanager:GetVpcAttachment", "networkmanager:ListAttachments", "networkmanager:ListConnectPeers", "networkmanager:ListCoreNetworkPolicyVersions", "networkmanager:ListCoreNetworks", "networkmanager:ListOrganizationServiceAccessStatus", "networkmanager:ListPeerings", "networkmanager:ListTagsForResource", "networkmanager:PutCoreNetworkPolicy", "networkmanager:PutResourcePolicy", "networkmanager:RegisterTransitGateway", "networkmanager:RejectAttachment", "networkmanager:RestoreCoreNetworkPolicyVersion", "networkmanager:StartOrganizationServiceAccessUpdate", "networkmanager:StartRouteAnalysis", "networkmanager:TagResource", "networkmanager:UntagResource", "networkmanager:UpdateConnection", "networkmanager:UpdateCoreNetwork", "networkmanager:UpdateDevice", "networkmanager:UpdateGlobalNetwork", "networkmanager:UpdateLink", "networkmanager:UpdateNetworkResourceMetadata", "networkmanager:UpdateSite", "networkmanager:UpdateVpcAttachment", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSNetworkManagerFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-12-03T17:37:58+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonFSxFullAccess", "createdate": "2024-01-10T20:16:00Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ds:DescribeDirectories", "fsx:AssociateFileGateway", "fsx:AssociateFileSystemAliases", "fsx:CancelDataRepositoryTask", "fsx:CopyBackup", "fsx:CopySnapshotAndUpdateVolume", "fsx:CreateBackup", "fsx:CreateDataRepositoryAssociation", "fsx:CreateDataRepositoryTask", "fsx:CreateFileCache", "fsx:CreateFileSystem", "fsx:CreateFileSystemFromBackup", "fsx:CreateSnapshot", "fsx:CreateStorageVirtualMachine", "fsx:CreateVolume", "fsx:CreateVolumeFromBackup", "fsx:DeleteBackup", "fsx:DeleteDataRepositoryAssociation", "fsx:DeleteFileCache", "fsx:DeleteFileSystem", "fsx:DeleteSnapshot", "fsx:DeleteStorageVirtualMachine", "fsx:DeleteVolume", "fsx:DescribeAssociatedFileGateways", "fsx:DescribeBackups", "fsx:DescribeDataRepositoryAssociations", "fsx:DescribeDataRepositoryTasks", "fsx:DescribeFileCaches", "fsx:DescribeFileSystemAliases", "fsx:DescribeFileSystems", "fsx:DescribeSharedVpcConfiguration", "fsx:DescribeSnapshots", "fsx:DescribeStorageVirtualMachines", "fsx:DescribeVolumes", "fsx:DisassociateFileGateway", "fsx:DisassociateFileSystemAliases", "fsx:ListTagsForResource", "fsx:ManageBackupPrincipalAssociations", "fsx:ReleaseFileSystemNfsV3Locks", "fsx:RestoreVolumeFromSnapshot", "fsx:TagResource", "fsx:UntagResource", "fsx:UpdateDataRepositoryAssociation", "fsx:UpdateFileCache", "fsx:UpdateFileSystem", "fsx:UpdateSharedVpcConfiguration", "fsx:UpdateSnapshot", "fsx:UpdateStorageVirtualMachine", "fsx:UpdateVolume", "iam:CreateServiceLinkedRole", "iam:CreateServiceLinkedRole", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "firehose:PutRecord", "ec2:CreateTags", "ec2:DescribeSecurityGroups", "ec2:GetSecurityGroupsForVpc", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeRouteTables", "fsx:PutResourcePolicy", "fsx:GetResourcePolicy", "fsx:DeleteResourcePolicy" ], "malformed": false, "name": "AmazonFSxFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-10T20:16:00+00:00", "version": "v10" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AlexaForBusinessReadOnlyAccess", "createdate": "2019-11-20T00:25:33Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "a4b:GetAddressBook", "a4b:GetConferencePreference", "a4b:GetConferenceProvider", "a4b:GetContact", "a4b:GetDevice", "a4b:GetGateway", "a4b:GetGatewayGroup", "a4b:GetInvitationConfiguration", "a4b:GetNetworkProfile", "a4b:GetProfile", "a4b:GetRoom", "a4b:GetRoomSkillParameter", "a4b:GetSkillGroup", "a4b:ListBusinessReportSchedules", "a4b:ListConferenceProviders", "a4b:ListDeviceEvents", "a4b:ListGatewayGroups", "a4b:ListGateways", "a4b:ListSkills", "a4b:ListSkillsStoreCategories", "a4b:ListSkillsStoreSkillsByCategory", "a4b:ListSmartHomeAppliances", "a4b:ListTags", "a4b:SearchAddressBooks", "a4b:SearchContacts", "a4b:SearchDevices", "a4b:SearchNetworkProfiles", "a4b:SearchProfiles", "a4b:SearchRooms", "a4b:SearchSkillGroups", "a4b:SearchUsers" ], "malformed": false, "name": "AlexaForBusinessReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-11-20T00:25:33+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSCertificateManagerReadOnly", "createdate": "2021-03-15T16:25:21Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "acm:DescribeCertificate", "acm:ListCertificates", "acm:GetCertificate", "acm:ListTagsForCertificate", "acm:GetAccountConfiguration" ], "malformed": false, "name": "AWSCertificateManagerReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-03-15T16:25:21+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSNetworkFirewallServiceRolePolicy", "createdate": "2023-03-30T17:19:09Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:CreateVpcEndpoint", "ec2:DescribeVpcEndpoints", "ec2:DescribeInstances", "ec2:DescribeNetworkInterfaces", "acm:DescribeCertificate", "resource-groups:ListGroupResources", "tag:GetResources", "ec2:CreateTags", "ec2:DeleteVpcEndpoints" ], "malformed": false, "name": "AWSNetworkFirewallServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-30T17:19:09+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonLaunchWizardFullAccessV2", "createdate": "2023-09-01T17:14:56Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "applicationinsights:AddWorkload", "applicationinsights:CreateApplication", "applicationinsights:CreateComponent", "applicationinsights:CreateLogPattern", "applicationinsights:DeleteApplication", "applicationinsights:DeleteComponent", "applicationinsights:DeleteLogPattern", "applicationinsights:DescribeApplication", "applicationinsights:DescribeComponent", "applicationinsights:DescribeComponentConfiguration", "applicationinsights:DescribeComponentConfigurationRecommendation", "applicationinsights:DescribeLogPattern", "applicationinsights:DescribeObservation", "applicationinsights:DescribeProblem", "applicationinsights:DescribeProblemObservations", "applicationinsights:DescribeWorkload", "applicationinsights:Link", "applicationinsights:ListApplications", "applicationinsights:ListComponents", "applicationinsights:ListConfigurationHistory", "applicationinsights:ListLogPatternSets", "applicationinsights:ListLogPatterns", "applicationinsights:ListProblems", "applicationinsights:ListTagsForResource", "applicationinsights:ListWorkloads", "applicationinsights:RemoveWorkload", "applicationinsights:TagResource", "applicationinsights:UntagResource", "applicationinsights:UpdateApplication", "applicationinsights:UpdateComponent", "applicationinsights:UpdateComponentConfiguration", "applicationinsights:UpdateLogPattern", "applicationinsights:UpdateProblem", "applicationinsights:UpdateWorkload", "resource-groups:ListGroupResources", "resource-groups:ListGroups", "resource-groups:ListResourceTypes", "route53:ChangeResourceRecordSets", "route53:GetChange", "route53:ListResourceRecordSets", "route53:ListHostedZones", "route53:ListHostedZonesByName", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:GetBucketLocation", "kms:ListKeys", "kms:ListAliases", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "ec2:CreateInternetGateway", "ec2:CreateNatGateway", "ec2:CreateVpc", "ec2:CreateKeyPair", "ec2:CreateRoute", "ec2:CreateRouteTable", "ec2:CreateSubnet", "ec2:AllocateAddress", "ec2:AllocateHosts", "ec2:AssignPrivateIpAddresses", "ec2:AssociateAddress", "ec2:CreateDhcpOptions", "ec2:CreateEgressOnlyInternetGateway", "ec2:CreateNetworkInterface", "ec2:CreateVolume", "ec2:CreateVpcEndpoint", "ec2:CreateTags", "ec2:DeleteTags", "ec2:RunInstances", "ec2:StartInstances", "ec2:ModifyInstanceAttribute", "ec2:ModifySubnetAttribute", "ec2:ModifyVolumeAttribute", "ec2:ModifyVpcAttribute", "ec2:AssociateDhcpOptions", "ec2:AssociateSubnetCidrBlock", "ec2:AttachInternetGateway", "ec2:AttachNetworkInterface", "ec2:AttachVolume", "ec2:DeleteDhcpOptions", "ec2:DeleteInternetGateway", "ec2:DeleteKeyPair", "ec2:DeleteNatGateway", "ec2:DeleteSecurityGroup", "ec2:DeleteVolume", "ec2:DeleteVpc", "ec2:DetachInternetGateway", "ec2:DetachVolume", "ec2:DeleteSnapshot", "ec2:AssociateRouteTable", "ec2:AssociateVpcCidrBlock", "ec2:DeleteNetworkAcl", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DeleteRoute", "ec2:DeleteRouteTable", "ec2:DeleteSubnet", "ec2:DetachNetworkInterface", "ec2:DisassociateAddress", "ec2:DisassociateVpcCidrBlock", "ec2:GetLaunchTemplateData", "ec2:ModifyNetworkInterfaceAttribute", "ec2:ModifyVolume", "ec2:AuthorizeSecurityGroupEgress", "ec2:GetConsoleOutput", "ec2:GetPasswordData", "ec2:ReleaseAddress", "ec2:ReplaceRoute", "ec2:ReplaceRouteTableAssociation", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:DisassociateIamInstanceProfile", "ec2:DisassociateRouteTable", "ec2:DisassociateSubnetCidrBlock", "ec2:ModifyInstancePlacement", "ec2:DeletePlacementGroup", "ec2:CreatePlacementGroup", "elasticfilesystem:DeleteFileSystem", "elasticfilesystem:DeleteMountTarget", "ds:AddIpRoutes", "ds:CreateComputer", "ds:CreateMicrosoftAD", "ds:DeleteDirectory", "servicecatalog:AssociateProductWithPortfolio", "cloudformation:GetTemplateSummary", "sts:GetCallerIdentity", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:GetResource", "cloudformation:GetResourceRequestStatus", "cloudformation:GetGeneratedTemplate", "cloudformation:GetStackPolicy", "cloudformation:GetTemplate", "cloudformation:GetTemplateSummary", "cloudformation:ListStacks", "cloudformation:SignalResource", "cloudformation:DeleteStack", "ec2:StopInstances", "ec2:TerminateInstances", "iam:CreateInstanceProfile", "iam:DeleteInstanceProfile", "iam:RemoveRoleFromInstanceProfile", "iam:AddRoleToInstanceProfile", "iam:PassRole", "autoscaling:AttachInstances", "autoscaling:CreateAutoScalingGroup", "autoscaling:CreateLaunchConfiguration", "autoscaling:DeleteAutoScalingGroup", "autoscaling:DeleteLaunchConfiguration", "autoscaling:UpdateAutoScalingGroup", "autoscaling:CreateOrUpdateTags", "resource-groups:CreateGroup", "resource-groups:DeleteGroup", "sns:ListSubscriptionsByTopic", "sns:Publish", "ssm:DeleteDocument", "ssm:DeleteParameter", "ssm:DeleteParameters", "ssm:DescribeDocument", "ssm:DescribeDocumentParameters", "ssm:DescribeDocumentPermission", "ssm:GetDocument", "ssm:PutParameter", "ssm:GetDocument", "ssm:SendCommand", "ssm:SendCommand", "ssm:AddTagsToResource", "ssm:DescribeDocument", "ssm:GetDocument", "ssm:ListTagsForResource", "ssm:RemoveTagsFromResource", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "cloudformation:ValidateTemplate", "ds:DescribeCertificate", "ds:DescribeClientAuthenticationSettings", "ds:DescribeConditionalForwarders", "ds:DescribeDirectories", "ds:DescribeDomainControllers", "ds:DescribeEventTopics", "ds:DescribeLDAPSSettings", "ds:DescribeRegions", "ds:DescribeSettings", "ds:DescribeSharedDirectories", "ds:DescribeSnapshots", "ds:DescribeTrusts", "ds:DescribeUpdateDirectory", "ds:ListAuthorizedApplications", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:GetAssociatedEnclaveCertificateIamRoles", "ec2:GetAssociatedIpv6PoolCidrs", "ec2:GetAwsNetworkPerformanceData", "ec2:GetCapacityReservationUsage", "ec2:GetCoipPoolUsage", "ec2:GetConsoleOutput", "ec2:GetConsoleScreenshot", "ec2:GetDefaultCreditSpecification", "ec2:GetEbsDefaultKmsKeyId", "ec2:GetEbsEncryptionByDefault", "ec2:GetFlowLogsIntegrationTemplate", "ec2:GetGroupsForCapacityReservation", "ec2:GetHostReservationPurchasePreview", "ec2:GetImageBlockPublicAccessState", "ec2:GetInstanceMetadataDefaults", "ec2:GetInstanceTypesFromInstanceRequirements", "ec2:GetInstanceUefiData", "ec2:GetIpamAddressHistory", "ec2:GetIpamDiscoveredAccounts", "ec2:GetIpamDiscoveredPublicAddresses", "ec2:GetIpamDiscoveredResourceCidrs", "ec2:GetIpamPoolAllocations", "ec2:GetIpamPoolCidrs", "ec2:GetIpamResourceCidrs", "ec2:GetLaunchTemplateData", "ec2:GetManagedPrefixListAssociations", "ec2:GetManagedPrefixListEntries", "ec2:GetNetworkInsightsAccessScopeAnalysisFindings", "ec2:GetNetworkInsightsAccessScopeContent", "ec2:GetPasswordData", "ec2:GetReservedInstancesExchangeQuote", "ec2:GetResourcePolicy", "ec2:GetSecurityGroupsForVpc", "ec2:GetSerialConsoleAccessStatus", "ec2:GetSnapshotBlockPublicAccessState", "ec2:GetSpotPlacementScores", "ec2:GetSubnetCidrReservations", "ec2:GetTransitGatewayAttachmentPropagations", "ec2:GetTransitGatewayMulticastDomainAssociations", "ec2:GetTransitGatewayPolicyTableAssociations", "ec2:GetTransitGatewayPolicyTableEntries", "ec2:GetTransitGatewayPrefixListReferences", "ec2:GetTransitGatewayRouteTableAssociations", "ec2:GetTransitGatewayRouteTablePropagations", "ec2:GetVerifiedAccessEndpointPolicy", "ec2:GetVerifiedAccessGroupPolicy", "ec2:GetVerifiedAccessInstanceWebAcl", "ec2:GetVpnConnectionDeviceSampleConfiguration", "ec2:GetVpnConnectionDeviceTypes", "ec2:GetVpnTunnelReplacementStatus", "iam:GetRole", "iam:GetRolePolicy", "iam:GetUser", "iam:GetPolicyVersion", "iam:GetPolicy", "iam:ListAccessKeys", "iam:ListAccountAliases", "iam:ListAttachedGroupPolicies", "iam:ListAttachedRolePolicies", "iam:ListAttachedUserPolicies", "iam:ListCloudFrontPublicKeys", "iam:ListEntitiesForPolicy", "iam:ListGroupPolicies", "iam:ListGroups", "iam:ListGroupsForUser", "iam:ListInstanceProfileTags", "iam:ListInstanceProfiles", "iam:ListInstanceProfilesForRole", "iam:ListMFADeviceTags", "iam:ListMFADevices", "iam:ListOpenIDConnectProviderTags", "iam:ListOpenIDConnectProviders", "iam:ListPolicies", "iam:ListPoliciesGrantingServiceAccess", "iam:ListPolicyTags", "iam:ListPolicyVersions", "iam:ListRolePolicies", "iam:ListRoleTags", "iam:ListRoles", "iam:ListSAMLProviderTags", "iam:ListSAMLProviders", "iam:ListSSHPublicKeys", "iam:ListSTSRegionalEndpointsStatus", "iam:ListServerCertificateTags", "iam:ListServerCertificates", "iam:ListServiceSpecificCredentials", "iam:ListSigningCertificates", "iam:ListUserPolicies", "iam:ListUserTags", "iam:ListUsers", "iam:ListVirtualMFADevices", "resource-groups:GetAccountSettings", "resource-groups:GetGroup", "resource-groups:GetGroupConfiguration", "resource-groups:GetGroupPolicy", "resource-groups:GetGroupQuery", "resource-groups:GetTags", "resource-groups:ListGroupResources", "resource-groups:ListGroups", "resource-groups:ListResourceTypes", "servicequotas:GetServiceQuota", "servicequotas:ListServiceQuotas", "sns:ListSubscriptions", "sns:ListTopics", "ssm:CreateDocument", "ssm:DescribeAutomationExecutions", "ssm:DescribeAutomationStepExecutions", "ssm:DescribeInstanceInformation", "ssm:DescribeParameters", "ssm:GetAutomationExecution", "ssm:GetCommandInvocation", "ssm:GetParameter", "ssm:GetParameterHistory", "ssm:GetParameters", "ssm:GetParametersByPath", "ssm:GetConnectionStatus", "ssm:ListCommandInvocations", "ssm:ListCommands", "ssm:ListDocumentMetadataHistory", "ssm:ListDocumentVersions", "ssm:ListDocuments", "ssm:ListInstanceAssociations", "ssm:SendAutomationSignal", "tag:GetComplianceSummary", "tag:GetResources", "tag:GetTagKeys", "tag:GetTagValues", "ssm:StartAutomationExecution", "ssm:StopAutomationExecution", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeChangeSet", "cloudformation:DescribeChangeSetHooks", "cloudformation:DescribeGeneratedTemplate", "cloudformation:DescribeOrganizationsAccess", "cloudformation:DescribePublisher", "cloudformation:DescribeResourceScan", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:DescribeType", "cloudformation:DescribeTypeRegistration", "iam:CreateServiceLinkedRole", "launchwizard:CreateAdditionalNode", "launchwizard:CreateDeployment", "launchwizard:CreateSettingsSet", "launchwizard:DeleteAdditionalNode", "launchwizard:DeleteApp", "launchwizard:DeleteDeployment", "launchwizard:DeleteSettingsSet", "launchwizard:DescribeAdditionalNode", "launchwizard:DescribeProvisionedApp", "launchwizard:DescribeProvisioningEvents", "launchwizard:DescribeSettingsSet", "launchwizard:GetDeployment", "launchwizard:GetInfrastructureSuggestion", "launchwizard:GetIpAddress", "launchwizard:GetResourceCostEstimate", "launchwizard:GetResourceRecommendation", "launchwizard:GetSettingsSet", "launchwizard:GetWorkload", "launchwizard:GetWorkloadAsset", "launchwizard:GetWorkloadAssets", "launchwizard:ListAdditionalNodes", "launchwizard:ListAllowedResources", "launchwizard:ListDeploymentEvents", "launchwizard:ListDeployments", "launchwizard:ListProvisionedApps", "launchwizard:ListResourceCostEstimates", "launchwizard:ListSettingsSets", "launchwizard:ListWorkloadDeploymentOptions", "launchwizard:ListWorkloadDeploymentPatterns", "launchwizard:ListWorkloads", "launchwizard:PutSettingsSet", "launchwizard:StartProvisioning", "launchwizard:UpdateSettingsSet", "sqs:TagQueue", "sqs:GetQueueUrl", "sqs:AddPermission", "sqs:ListQueues", "sqs:DeleteQueue", "sqs:GetQueueAttributes", "sqs:ListQueueTags", "sqs:CreateQueue", "sqs:SetQueueAttributes", "cloudwatch:PutMetricAlarm", "iam:GetInstanceProfile", "cloudwatch:DeleteAlarms", "cloudwatch:DescribeAlarms", "cloudformation:CreateStack", "route53:ListHostedZones", "ec2:CreateSecurityGroup", "ec2:AuthorizeSecurityGroupIngress", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:CreateFileSystem", "elasticfilesystem:CreateMountTarget", "elasticfilesystem:DescribeMountTargets", "elasticfilesystem:DescribeMountTargetSecurityGroups", "s3:GetObject", "s3:PutObject", "cloudformation:TagResource", "s3:CreateBucket", "s3:PutBucketVersioning", "s3:DeleteBucket", "lambda:CreateFunction", "lambda:DeleteFunction", "lambda:GetFunction", "lambda:GetFunctionConfiguration", "lambda:InvokeFunction", "dynamodb:CreateTable", "dynamodb:DescribeTable", "dynamodb:DeleteTable", "secretsmanager:CreateSecret", "secretsmanager:DeleteSecret", "secretsmanager:TagResource", "secretsmanager:UntagResource", "secretsmanager:PutResourcePolicy", "secretsmanager:DeleteResourcePolicy", "secretsmanager:ListSecretVersionIds", "secretsmanager:GetSecretValue", "secretsmanager:GetRandomPassword", "secretsmanager:ListSecrets", "ssm:CreateOpsMetadata", "ssm:DeleteOpsMetadata", "sns:CreateTopic", "sns:DeleteTopic", "sns:Subscribe", "sns:Unsubscribe", "fsx:UntagResource", "fsx:TagResource", "fsx:DeleteFileSystem", "fsx:ListTagsForResource", "fsx:CreateFileSystem", "fsx:DescribeFileSystems", "servicecatalog:CreatePortfolio", "servicecatalog:DescribePortfolio", "servicecatalog:CreateConstraint", "servicecatalog:CreateProduct", "servicecatalog:AssociatePrincipalWithPortfolio", "servicecatalog:CreateProvisioningArtifact", "servicecatalog:TagResource", "servicecatalog:UntagResource", "ssm:CreateAssociation", "ssm:DeleteAssociation", "elasticfilesystem:UntagResource", "elasticfilesystem:TagResource", "logs:CreateLogStream", "logs:DeleteLogGroup", "logs:DescribeLogStreams", "logs:UntagResource", "logs:TagResource", "logs:CreateLogGroup", "logs:DeleteLogStream", "logs:PutLogEvents", "logs:GetLogEvents", "logs:GetLogDelivery", "logs:GetLogGroupFields", "logs:GetLogRecord", "logs:ListLogDeliveries", "logs:DescribeLogGroups", "fsx:CreateStorageVirtualMachine", "fsx:CreateVolume", "fsx:DescribeStorageVirtualMachines", "fsx:DescribeVolumes", "fsx:DeleteStorageVirtualMachine", "fsx:DeleteVolume" ], "malformed": false, "name": "AmazonLaunchWizardFullAccessV2", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-09-01T17:14:56+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSIoTFleetHubFederationAccess", "createdate": "2022-04-04T18:03:01Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iot:DescribeIndex", "iot:DescribeThingGroup", "iot:GetBucketsAggregation", "iot:GetCardinality", "iot:GetIndexingConfiguration", "iot:GetPercentiles", "iot:GetStatistics", "iot:SearchIndex", "iot:CreateFleetMetric", "iot:ListFleetMetrics", "iot:DeleteFleetMetric", "iot:DescribeFleetMetric", "iot:UpdateFleetMetric", "iot:DescribeCustomMetric", "iot:ListCustomMetrics", "iot:ListDimensions", "iot:ListMetricValues", "iot:ListThingGroups", "iot:ListThingsInThingGroup", "iot:ListJobTemplates", "iot:DescribeJobTemplate", "iot:ListJobs", "iot:CreateJob", "iot:CancelJob", "iot:DescribeJob", "iot:ListJobExecutionsForJob", "iot:ListJobExecutionsForThing", "iot:DescribeJobExecution", "iot:ListSecurityProfiles", "iot:DescribeSecurityProfile", "iot:ListActiveViolations", "iot:GetThingShadow", "iot:ListNamedShadowsForThing", "iot:CancelJobExecution", "iot:DescribeEndpoint", "iotfleethub:DescribeApplication", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricData", "cloudwatch:ListMetrics", "sns:ListTopics", "sns:CreateTopic", "sns:DeleteTopic", "sns:ListSubscriptionsByTopic", "sns:Subscribe", "sns:Unsubscribe", "cloudwatch:PutMetricAlarm", "cloudwatch:DeleteAlarms", "cloudwatch:DescribeAlarmHistory" ], "malformed": false, "name": "AWSIoTFleetHubFederationAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-04-04T18:03:01+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSMigrationHubDMSAccess", "createdate": "2019-10-07T17:51:53Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mgh:CreateProgressUpdateStream", "mgh:AssociateCreatedArtifact", "mgh:DescribeMigrationTask", "mgh:DisassociateCreatedArtifact", "mgh:ImportMigrationTask", "mgh:ListCreatedArtifacts", "mgh:NotifyMigrationTaskState", "mgh:PutResourceAttributes", "mgh:NotifyApplicationState", "mgh:DescribeApplicationState", "mgh:AssociateDiscoveredResource", "mgh:DisassociateDiscoveredResource", "mgh:ListDiscoveredResources", "mgh:ListMigrationTasks", "mgh:GetHomeRegion" ], "malformed": false, "name": "AWSMigrationHubDMSAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-10-07T17:51:53+00:00", "version": "v2" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSEC2VssSnapshotPolicy", "createdate": "2024-03-27T16:32:53Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeInstanceAttribute", "ec2:CreateSnapshots", "ec2:CreateSnapshots", "ec2:CreateSnapshots", "ec2:CreateImage", "ec2:CreateImage", "ec2:CreateTags", "ec2:CreateTags", "ec2:DescribeImages", "ec2:DescribeSnapshots" ], "malformed": false, "name": "AWSEC2VssSnapshotPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-27T16:32:53+00:00", "version": "v1" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AWSElementalMediaPackageReadOnly", "createdate": "2017-12-30T00:04:29Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mediapackage:ListChannels", "mediapackage:ListHarvestJobs", "mediapackage:ListOriginEndpoints", "mediapackage:ListTagsForResource", "mediapackage:DescribeChannel", "mediapackage:DescribeHarvestJob", "mediapackage:DescribeOriginEndpoint" ], "malformed": false, "name": "AWSElementalMediaPackageReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-12-30T00:04:29+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSMigrationHubStrategyServiceRolePolicy", "createdate": "2021-10-19T20:02:37Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "discovery:ListConfigurations", "discovery:DescribeConfigurations", "mgh:GetHomeRegion", "s3:ListAllMyBuckets", "s3:GetBucketAcl", "s3:GetBucketLocation", "s3:GetObject", "s3:ListBucket", "s3:PutObject", "s3:PutObjectAcl" ], "malformed": false, "name": "AWSMigrationHubStrategyServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-10-19T20:02:37+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleCWL", "createdate": "2020-06-05T21:49:06Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:CreateLogGroup", "logs:DeleteLogGroup", "logs:PutRetentionPolicy" ], "malformed": false, "name": "AWSElasticBeanstalkRoleCWL", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-06-05T21:49:06+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSDataExchangeFullAccess", "createdate": "2021-12-02T16:14:27Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "dataexchange:CancelJob", "dataexchange:CreateAsset", "dataexchange:CreateDataSet", "dataexchange:CreateEventAction", "dataexchange:CreateJob", "dataexchange:CreateRevision", "dataexchange:DeleteAsset", "dataexchange:DeleteDataSet", "dataexchange:DeleteEventAction", "dataexchange:DeleteRevision", "dataexchange:GetAsset", "dataexchange:GetDataSet", "dataexchange:GetEventAction", "dataexchange:GetJob", "dataexchange:GetRevision", "dataexchange:ListDataSetRevisions", "dataexchange:ListDataSets", "dataexchange:ListEventActions", "dataexchange:ListJobs", "dataexchange:ListRevisionAssets", "dataexchange:ListTagsForResource", "dataexchange:PublishDataSet", "dataexchange:RevokeRevision", "dataexchange:SendApiAsset", "dataexchange:SendDataSetNotification", "dataexchange:StartJob", "dataexchange:TagResource", "dataexchange:UntagResource", "dataexchange:UpdateAsset", "dataexchange:UpdateDataSet", "dataexchange:UpdateEventAction", "dataexchange:UpdateRevision", "s3:GetObject", "s3:GetObject", "s3:PutObject", "s3:PutObjectAcl", "s3:GetBucketLocation", "s3:ListBucket", "s3:ListAllMyBuckets", "aws-marketplace:DescribeEntity", "aws-marketplace:ListEntities", "aws-marketplace:StartChangeSet", "aws-marketplace:ListChangeSets", "aws-marketplace:DescribeChangeSet", "aws-marketplace:CancelChangeSet", "aws-marketplace:GetAgreementApprovalRequest", "aws-marketplace:ListAgreementApprovalRequests", "aws-marketplace:AcceptAgreementApprovalRequest", "aws-marketplace:RejectAgreementApprovalRequest", "aws-marketplace:UpdateAgreementApprovalRequest", "aws-marketplace:SearchAgreements", "aws-marketplace:GetAgreementTerms", "aws-marketplace:Subscribe", "aws-marketplace:Unsubscribe", "aws-marketplace:ViewSubscriptions", "aws-marketplace:GetAgreementRequest", "aws-marketplace:ListAgreementRequests", "aws-marketplace:CancelAgreementRequest", "kms:DescribeKey", "kms:ListAliases", "kms:ListKeys", "redshift:AuthorizeDataShare", "redshift:DescribeDataSharesForProducer", "redshift:DescribeDataShares", "apigateway:GET" ], "malformed": false, "name": "AWSDataExchangeFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-12-02T16:14:27+00:00", "version": "v6" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": null, "createdate": "2019-06-11T00:01:30Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateSecurityGroup", "ec2:DescribeInternetGateways", "ec2:DescribeSecurityGroups", "ec2:RevokeSecurityGroupIngress", "redshift:AuthorizeClusterSecurityGroupIngress", "redshift:CreateClusterSecurityGroup", "redshift:DescribeClusters", "redshift:DescribeClusterSecurityGroups", "redshift:ModifyCluster", "redshift:RevokeClusterSecurityGroupIngress", "s3:GetBucketLocation", "s3:GetBucketPolicy", "s3:GetObject", "s3:PutObject", "s3:PutBucketPolicy" ], "malformed": false, "name": "AmazonMachineLearningRoleforRedshiftDataSourceV2", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonElasticTranscoder_JobsSubmitter", "createdate": "2019-06-10T22:49:34Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elastictranscoder:ReadJob", "elastictranscoder:ReadPipeline", "elastictranscoder:ReadPreset", "elastictranscoder:ListJobsByPipeline", "elastictranscoder:ListJobsByStatus", "elastictranscoder:ListPipelines", "elastictranscoder:ListPresets", "elastictranscoder:CancelJob", "elastictranscoder:CreateJob", "elastictranscoder:ReadJob", "elastictranscoder:CreatePreset", "elastictranscoder:DeletePreset", "elastictranscoder:ReadPreset", "s3:ListAllMyBuckets", "s3:ListBucket", "iam:ListRoles", "sns:ListTopics" ], "malformed": false, "name": "AmazonElasticTranscoder_JobsSubmitter", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-10T22:49:34+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management", "Unknown" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkService", "createdate": "2023-05-10T19:29:34Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudformation:CancelResourceRequest", "cloudformation:CreateResource", "cloudformation:DeleteResource", "cloudformation:GetResource", "cloudformation:GetResourceRequestStatus", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:UpdateResource", "cloudformation:ActivateOrganizationsAccess", "cloudformation:ActivateType", "cloudformation:BatchDescribeTypeConfigurations", "cloudformation:CancelUpdateStack", "cloudformation:ContinueUpdateRollback", "cloudformation:CreateChangeSet", "cloudformation:CreateGeneratedTemplate", "cloudformation:CreateStack", "cloudformation:CreateStackInstances", "cloudformation:CreateStackSet", "cloudformation:CreateUploadBucket", "cloudformation:DeactivateOrganizationsAccess", "cloudformation:DeactivateType", "cloudformation:DeleteChangeSet", "cloudformation:DeleteGeneratedTemplate", "cloudformation:DeleteStack", "cloudformation:DeleteStackInstances", "cloudformation:DeleteStackSet", "cloudformation:DeregisterType", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeChangeSet", "cloudformation:DescribeChangeSetHooks", "cloudformation:DescribeGeneratedTemplate", "cloudformation:DescribeOrganizationsAccess", "cloudformation:DescribePublisher", "cloudformation:DescribeResourceScan", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:DescribeType", "cloudformation:DescribeTypeRegistration", "cloudformation:DetectStackDrift", "cloudformation:DetectStackResourceDrift", "cloudformation:DetectStackSetDrift", "cloudformation:EstimateTemplateCost", "cloudformation:ExecuteChangeSet", "cloudformation:GetGeneratedTemplate", "cloudformation:GetStackPolicy", "cloudformation:GetTemplate", "cloudformation:GetTemplateSummary", "cloudformation:ImportStacksToStackSet", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "cloudformation:PublishType", "cloudformation:RecordHandlerProgress", "cloudformation:RegisterPublisher", "cloudformation:RegisterType", "cloudformation:RollbackStack", "cloudformation:SetStackPolicy", "cloudformation:SetTypeConfiguration", "cloudformation:SetTypeDefaultVersion", "cloudformation:SignalResource", "cloudformation:StartResourceScan", "cloudformation:StopStackSetOperation", "cloudformation:TagResource", "cloudformation:TestType", "cloudformation:UntagResource", "cloudformation:UpdateGeneratedTemplate", "cloudformation:UpdateStack", "cloudformation:UpdateStackInstances", "cloudformation:UpdateStackSet", "cloudformation:UpdateTerminationProtection", "cloudformation:ValidateTemplate", "logs:DeleteLogGroup", "ecs:TagResource", "s3:AbortMultipartUpload", "s3:AssociateAccessGrantsIdentityCenter", "s3:BypassGovernanceRetention", "s3:CreateAccessGrant", "s3:CreateAccessGrantsInstance", "s3:CreateAccessGrantsLocation", "s3:CreateAccessPoint", "s3:CreateAccessPointForObjectLambda", "s3:CreateBucket", "s3:CreateJob", "s3:CreateMultiRegionAccessPoint", "s3:CreateStorageLensGroup", "s3:DeleteAccessGrant", "s3:DeleteAccessGrantsInstance", "s3:DeleteAccessGrantsInstanceResourcePolicy", "s3:DeleteAccessGrantsLocation", "s3:DeleteAccessPoint", "s3:DeleteAccessPointForObjectLambda", "s3:DeleteAccessPointPolicy", "s3:DeleteAccessPointPolicyForObjectLambda", "s3:DeleteBucket", "s3:DeleteBucketPolicy", "s3:DeleteBucketWebsite", "s3:DeleteIntelligentTieringConfiguration", "s3:DeleteJobTagging", "s3:DeleteMultiRegionAccessPoint", "s3:DeleteObject", "s3:DeleteObjectTagging", "s3:DeleteObjectVersion", "s3:DeleteObjectVersionTagging", "s3:DeleteStorageLensConfiguration", "s3:DeleteStorageLensConfigurationTagging", "s3:DeleteStorageLensGroup", "s3:DescribeJob", "s3:DescribeMultiRegionAccessPointOperation", "s3:DissociateAccessGrantsIdentityCenter", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:InitiateReplication", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:ObjectOwnerOverrideToBucketOwner", "s3:PutAccelerateConfiguration", "s3:PutAccessGrantsInstanceResourcePolicy", "s3:PutAccessPointConfigurationForObjectLambda", "s3:PutAccessPointPolicy", "s3:PutAccessPointPolicyForObjectLambda", "s3:PutAccessPointPublicAccessBlock", "s3:PutAccountPublicAccessBlock", "s3:PutAnalyticsConfiguration", "s3:PutBucketAcl", "s3:PutBucketCORS", "s3:PutBucketLogging", "s3:PutBucketNotification", "s3:PutBucketObjectLockConfiguration", "s3:PutBucketOwnershipControls", "s3:PutBucketPolicy", "s3:PutBucketPublicAccessBlock", "s3:PutBucketRequestPayment", "s3:PutBucketTagging", "s3:PutBucketVersioning", "s3:PutBucketWebsite", "s3:PutEncryptionConfiguration", "s3:PutIntelligentTieringConfiguration", "s3:PutInventoryConfiguration", "s3:PutJobTagging", "s3:PutLifecycleConfiguration", "s3:PutMetricsConfiguration", "s3:PutMultiRegionAccessPointPolicy", "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionAcl", "s3:PutObjectVersionTagging", "s3:PutReplicationConfiguration", "s3:PutStorageLensConfiguration", "s3:PutStorageLensConfigurationTagging", "s3:ReplicateDelete", "s3:ReplicateObject", "s3:ReplicateTags", "s3:RestoreObject", "s3:SubmitMultiRegionAccessPointRoutes", "s3:TagResource", "s3:UntagResource", "s3:UpdateAccessGrantsLocation", "s3:UpdateJobPriority", "s3:UpdateJobStatus", "s3:UpdateStorageLensGroup", "ec2:RunInstances", "elasticloadbalancing:AddTags", "autoscaling:AttachInstances", "autoscaling:CreateAutoScalingGroup", "autoscaling:CreateLaunchConfiguration", "autoscaling:CreateOrUpdateTags", "autoscaling:DeleteLaunchConfiguration", "autoscaling:DeleteAutoScalingGroup", "autoscaling:DeleteScheduledAction", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScheduledActions", "autoscaling:DetachInstances", "autoscaling:DeletePolicy", "autoscaling:PutScalingPolicy", "autoscaling:PutScheduledUpdateGroupAction", "autoscaling:PutNotificationConfiguration", "autoscaling:ResumeProcesses", "autoscaling:SetDesiredCapacity", "autoscaling:SuspendProcesses", "autoscaling:TerminateInstanceInAutoScalingGroup", "autoscaling:UpdateAutoScalingGroup", "cloudwatch:PutMetricAlarm", "ec2:AssociateAddress", "ec2:AllocateAddress", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateLaunchTemplate", "ec2:CreateLaunchTemplateVersion", "ec2:DescribeLaunchTemplates", "ec2:DescribeLaunchTemplateVersions", "ec2:DeleteLaunchTemplate", "ec2:DeleteLaunchTemplateVersions", "ec2:CreateSecurityGroup", "ec2:DeleteSecurityGroup", "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DescribeImages", "ec2:DescribeInstances", "ec2:DescribeKeyPairs", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshots", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeInstanceAttribute", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeVpcClassicLink", "ec2:DisassociateAddress", "ec2:ReleaseAddress", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:TerminateInstances", "ecs:CreateCluster", "ecs:DeleteCluster", "ecs:DescribeClusters", "ecs:RegisterTaskDefinition", "elasticbeanstalk:AbortEnvironmentUpdate", "elasticbeanstalk:AddTags", "elasticbeanstalk:ApplyEnvironmentManagedAction", "elasticbeanstalk:AssociateEnvironmentOperationsRole", "elasticbeanstalk:CheckDNSAvailability", "elasticbeanstalk:ComposeEnvironments", "elasticbeanstalk:CreateApplication", "elasticbeanstalk:CreateApplicationVersion", "elasticbeanstalk:CreateConfigurationTemplate", "elasticbeanstalk:CreateEnvironment", "elasticbeanstalk:CreatePlatformVersion", "elasticbeanstalk:CreateStorageLocation", "elasticbeanstalk:DeleteApplication", "elasticbeanstalk:DeleteApplicationVersion", "elasticbeanstalk:DeleteConfigurationTemplate", "elasticbeanstalk:DeleteEnvironmentConfiguration", "elasticbeanstalk:DeletePlatformVersion", "elasticbeanstalk:DescribeAccountAttributes", "elasticbeanstalk:DescribeApplicationVersions", "elasticbeanstalk:DescribeApplications", "elasticbeanstalk:DescribeConfigurationOptions", "elasticbeanstalk:DescribeConfigurationSettings", "elasticbeanstalk:DescribeEnvironmentHealth", "elasticbeanstalk:DescribeEnvironmentManagedActionHistory", "elasticbeanstalk:DescribeEnvironmentManagedActions", "elasticbeanstalk:DescribeEnvironmentResources", "elasticbeanstalk:DescribeEnvironments", "elasticbeanstalk:DescribeEvents", "elasticbeanstalk:DescribeInstancesHealth", "elasticbeanstalk:DescribePlatformVersion", "elasticbeanstalk:DisassociateEnvironmentOperationsRole", "elasticbeanstalk:ListAvailableSolutionStacks", "elasticbeanstalk:ListPlatformBranches", "elasticbeanstalk:ListPlatformVersions", "elasticbeanstalk:ListTagsForResource", "elasticbeanstalk:PutInstanceStatistics", "elasticbeanstalk:RebuildEnvironment", "elasticbeanstalk:RemoveTags", "elasticbeanstalk:RequestEnvironmentInfo", "elasticbeanstalk:RestartAppServer", "elasticbeanstalk:RetrieveEnvironmentInfo", "elasticbeanstalk:SwapEnvironmentCNAMEs", "elasticbeanstalk:TerminateEnvironment", "elasticbeanstalk:UpdateApplication", "elasticbeanstalk:UpdateApplicationResourceLifecycle", "elasticbeanstalk:UpdateApplicationVersion", "elasticbeanstalk:UpdateConfigurationTemplate", "elasticbeanstalk:UpdateEnvironment", "elasticbeanstalk:UpdateTagsForResource", "elasticbeanstalk:ValidateConfigurationSettings", "elasticloadbalancing:ApplySecurityGroupsToLoadBalancer", "elasticloadbalancing:ConfigureHealthCheck", "elasticloadbalancing:CreateLoadBalancer", "elasticloadbalancing:DeleteLoadBalancer", "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:DeregisterTargets", "iam:ListRoles", "iam:PassRole", "logs:CreateLogGroup", "logs:PutRetentionPolicy", "logs:DescribeLogGroups", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstances", "rds:DescribeOrderableDBInstanceOptions", "s3:GetObject", "s3:GetObjectAcl", "s3:ListBucket", "sns:CreateTopic", "sns:GetTopicAttributes", "sns:ListSubscriptionsByTopic", "sns:Subscribe", "sns:SetTopicAttributes", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "codebuild:CreateProject", "codebuild:DeleteProject", "codebuild:BatchGetBuilds", "codebuild:StartBuild" ], "malformed": false, "name": "AWSElasticBeanstalkService", "privesc": true, "resource_exposure": true, "undocumented_actions": true, "unknown_actions": false, "updatedate": "2023-05-10T19:29:34+00:00", "version": "v17" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSImportExportFullAccess", "createdate": "2015-02-06T18:40:43Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "importexport:CancelJob", "importexport:CreateJob", "importexport:GetShippingLabel", "importexport:GetStatus", "importexport:ListJobs", "importexport:UpdateJob" ], "malformed": false, "name": "AWSImportExportFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:40:43+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess", "createdate": "2023-08-10T21:31:39Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:DescribeJob", "s3:DescribeMultiRegionAccessPointOperation", "s3-object-lambda:GetObject", "s3-object-lambda:GetObjectAcl", "s3-object-lambda:GetObjectLegalHold", "s3-object-lambda:GetObjectRetention", "s3-object-lambda:GetObjectTagging", "s3-object-lambda:GetObjectVersion", "s3-object-lambda:GetObjectVersionAcl", "s3-object-lambda:GetObjectVersionTagging", "s3-object-lambda:ListBucket", "s3-object-lambda:ListBucketMultipartUploads", "s3-object-lambda:ListBucketVersions", "s3-object-lambda:ListMultipartUploadParts" ], "malformed": false, "name": "AmazonS3ReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-08-10T21:31:39+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSHealthImagingReadOnlyAccess", "createdate": "2023-08-01T15:18:49Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "medical-imaging:GetDICOMImportJob", "medical-imaging:GetDatastore", "medical-imaging:GetImageFrame", "medical-imaging:GetImageSet", "medical-imaging:GetImageSetMetadata", "medical-imaging:ListDICOMImportJobs", "medical-imaging:ListDatastores", "medical-imaging:ListImageSetVersions", "medical-imaging:ListTagsForResource", "medical-imaging:SearchImageSets" ], "malformed": false, "name": "AWSHealthImagingReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-08-01T15:18:49+00:00", "version": "v2" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonLexRunBotsOnly", "createdate": "2021-08-18T00:15:48Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "lex:PostContent", "lex:PostText", "lex:PutSession", "lex:GetSession", "lex:DeleteSession", "lex:RecognizeText", "lex:RecognizeUtterance", "lex:StartConversation" ], "malformed": false, "name": "AmazonLexRunBotsOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-08-18T00:15:48+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryConsoleFullAccess_v2", "createdate": "2023-11-27T13:35:19Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "drs:AssociateFailbackClientToRecoveryInstanceForDrs", "drs:AssociateSourceNetworkStack", "drs:BatchCreateVolumeSnapshotGroupForDrs", "drs:BatchDeleteSnapshotRequestForDrs", "drs:CreateConvertedSnapshotForDrs", "drs:CreateExtendedSourceServer", "drs:CreateLaunchConfigurationTemplate", "drs:CreateRecoveryInstanceForDrs", "drs:CreateReplicationConfigurationTemplate", "drs:CreateSourceNetwork", "drs:CreateSourceServerForDrs", "drs:DeleteJob", "drs:DeleteLaunchAction", "drs:DeleteLaunchConfigurationTemplate", "drs:DeleteRecoveryInstance", "drs:DeleteReplicationConfigurationTemplate", "drs:DeleteSourceNetwork", "drs:DeleteSourceServer", "drs:DescribeJobLogItems", "drs:DescribeJobs", "drs:DescribeLaunchConfigurationTemplates", "drs:DescribeRecoveryInstances", "drs:DescribeRecoverySnapshots", "drs:DescribeReplicationConfigurationTemplates", "drs:DescribeReplicationServerAssociationsForDrs", "drs:DescribeSnapshotRequestsForDrs", "drs:DescribeSourceNetworks", "drs:DescribeSourceServers", "drs:DisconnectRecoveryInstance", "drs:DisconnectSourceServer", "drs:ExportSourceNetworkCfnTemplate", "drs:GetAgentCommandForDrs", "drs:GetAgentConfirmedResumeInfoForDrs", "drs:GetAgentInstallationAssetsForDrs", "drs:GetAgentReplicationInfoForDrs", "drs:GetAgentRuntimeConfigurationForDrs", "drs:GetAgentSnapshotCreditsForDrs", "drs:GetChannelCommandsForDrs", "drs:GetFailbackCommandForDrs", "drs:GetFailbackLaunchRequestedForDrs", "drs:GetFailbackReplicationConfiguration", "drs:GetLaunchConfiguration", "drs:GetReplicationConfiguration", "drs:GetSuggestedFailbackClientDeviceMappingForDrs", "drs:InitializeService", "drs:IssueAgentCertificateForDrs", "drs:ListExtensibleSourceServers", "drs:ListLaunchActions", "drs:ListStagingAccounts", "drs:ListTagsForResource", "drs:NotifyAgentAuthenticationForDrs", "drs:NotifyAgentConnectedForDrs", "drs:NotifyAgentDisconnectedForDrs", "drs:NotifyAgentReplicationProgressForDrs", "drs:NotifyConsistencyAttainedForDrs", "drs:NotifyReplicationServerAuthenticationForDrs", "drs:NotifyVolumeEventForDrs", "drs:PutLaunchAction", "drs:RetryDataReplication", "drs:ReverseReplication", "drs:SendAgentLogsForDrs", "drs:SendAgentMetricsForDrs", "drs:SendChannelCommandResultForDrs", "drs:SendClientLogsForDrs", "drs:SendClientMetricsForDrs", "drs:SendVolumeStatsForDrs", "drs:StartFailbackLaunch", "drs:StartRecovery", "drs:StartReplication", "drs:StartSourceNetworkRecovery", "drs:StartSourceNetworkReplication", "drs:StopFailback", "drs:StopReplication", "drs:StopSourceNetworkReplication", "drs:TagResource", "drs:TerminateRecoveryInstances", "drs:UntagResource", "drs:UpdateAgentBacklogForDrs", "drs:UpdateAgentConversionInfoForDrs", "drs:UpdateAgentReplicationInfoForDrs", "drs:UpdateAgentReplicationProcessStateForDrs", "drs:UpdateAgentSourcePropertiesForDrs", "drs:UpdateFailbackClientDeviceMappingForDrs", "drs:UpdateFailbackClientLastSeenForDrs", "drs:UpdateFailbackReplicationConfiguration", "drs:UpdateLaunchConfiguration", "drs:UpdateLaunchConfigurationTemplate", "drs:UpdateReplicationCertificateForDrs", "drs:UpdateReplicationConfiguration", "drs:UpdateReplicationConfigurationTemplate", "kms:ListAliases", "kms:DescribeKey", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", "ec2:DescribeImages", "ec2:DescribeInstances", "ec2:DescribeInstanceTypes", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshots", "ec2:DescribeSubnets", "ec2:DescribeVolumes", "ec2:GetEbsEncryptionByDefault", "ec2:GetEbsDefaultKmsKeyId", "ec2:DescribeKeyPairs", "ec2:DescribeCapacityReservations", "ec2:DescribeHosts", "license-manager:ListLicenseConfigurations", "resource-groups:ListGroups", "elasticloadbalancing:DescribeLoadBalancers", "iam:ListInstanceProfiles", "iam:ListRoles", "iam:PassRole", "ec2:DeleteSnapshot", "ec2:CreateLaunchTemplateVersion", "ec2:ModifyLaunchTemplate", "ec2:DeleteLaunchTemplateVersions", "ec2:CreateTags", "ec2:DeleteTags", "ec2:CreateLaunchTemplate", "ec2:DeleteVolume", "ec2:StartInstances", "ec2:StopInstances", "ec2:TerminateInstances", "ec2:ModifyInstanceAttribute", "ec2:GetConsoleOutput", "ec2:GetConsoleScreenshot", "ec2:RevokeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:AuthorizeSecurityGroupEgress", "ec2:CreateVolume", "ec2:CreateSecurityGroup", "ec2:CreateSecurityGroup", "ec2:CreateSnapshot", "ec2:CreateSnapshot", "ec2:DetachVolume", "ec2:AttachVolume", "ec2:DetachVolume", "ec2:AttachVolume", "ec2:StartInstances", "ec2:GetConsoleOutput", "ec2:GetConsoleScreenshot", "ec2:AttachVolume", "ec2:DetachVolume", "ec2:RunInstances", "ec2:RunInstances", "ec2:CreateTags", "ec2:CreateTags", "cloudformation:DescribeStacks", "cloudformation:ListStacks", "s3:GetBucketLocation", "s3:ListAllMyBuckets", "ssm:DescribeInstanceInformation", "ssm:SendCommand", "ssm:StartAutomationExecution", "ssm:SendCommand", "ssm:ListDocuments", "ssm:ListCommandInvocations", "ssm:GetParameter", "ssm:PutParameter", "ssm:DescribeDocument", "ssm:GetDocument", "ssm:GetParameters", "ssm:GetAutomationExecution" ], "malformed": false, "name": "AWSElasticDisasterRecoveryConsoleFullAccess_v2", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-27T13:35:19+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSMediaTailorServiceRolePolicy", "createdate": "2021-09-17T22:27:10Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:PutLogEvents", "logs:CreateLogStream", "logs:CreateLogGroup", "logs:DescribeLogGroups", "logs:DescribeLogStreams" ], "malformed": false, "name": "AWSMediaTailorServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-09-17T22:27:10+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonNimbleStudio-StudioUser", "createdate": "2023-09-22T17:45:14Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ds:CreateComputer", "ec2:DescribeSubnets", "ec2:CreateNetworkInterfacePermission", "ec2:DescribeNetworkInterfaces", "ec2:DeleteNetworkInterfacePermission", "ec2:DeleteNetworkInterface", "ec2:CreateNetworkInterface", "ec2:DescribeSecurityGroups", "fsx:DescribeFileSystems", "ds:DescribeDirectories", "sso-directory:DescribeUsers", "sso-directory:SearchUsers", "identitystore:DescribeUser", "identitystore:ListUsers", "nimble:ListLaunchProfiles", "nimble:ListStudioMembers", "nimble:GetStudioMember", "nimble:ListEulas", "nimble:ListEulaAcceptances", "nimble:GetFeatureMap", "nimble:PutStudioLogEvents", "nimble:DeleteStreamingSession", "nimble:GetStreamingSession", "nimble:StartStreamingSession", "nimble:StopStreamingSession", "nimble:CreateStreamingSessionStream", "nimble:GetStreamingSessionStream", "nimble:ListStreamingSessions", "nimble:ListStreamingSessionBackups", "nimble:GetStreamingSessionBackup" ], "malformed": false, "name": "AmazonNimbleStudio-StudioUser", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-09-22T17:45:14+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSElasticBeanstalkManagedUpdatesCustomerRolePolicy", "createdate": "2023-03-23T23:15:54Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "elasticbeanstalk:AbortEnvironmentUpdate", "elasticbeanstalk:AddTags", "elasticbeanstalk:ApplyEnvironmentManagedAction", "elasticbeanstalk:AssociateEnvironmentOperationsRole", "elasticbeanstalk:CheckDNSAvailability", "elasticbeanstalk:ComposeEnvironments", "elasticbeanstalk:CreateApplication", "elasticbeanstalk:CreateApplicationVersion", "elasticbeanstalk:CreateConfigurationTemplate", "elasticbeanstalk:CreateEnvironment", "elasticbeanstalk:CreatePlatformVersion", "elasticbeanstalk:CreateStorageLocation", "elasticbeanstalk:DeleteApplication", "elasticbeanstalk:DeleteApplicationVersion", "elasticbeanstalk:DeleteConfigurationTemplate", "elasticbeanstalk:DeleteEnvironmentConfiguration", "elasticbeanstalk:DeletePlatformVersion", "elasticbeanstalk:DescribeAccountAttributes", "elasticbeanstalk:DescribeApplicationVersions", "elasticbeanstalk:DescribeApplications", "elasticbeanstalk:DescribeConfigurationOptions", "elasticbeanstalk:DescribeConfigurationSettings", "elasticbeanstalk:DescribeEnvironmentHealth", "elasticbeanstalk:DescribeEnvironmentManagedActionHistory", "elasticbeanstalk:DescribeEnvironmentManagedActions", "elasticbeanstalk:DescribeEnvironmentResources", "elasticbeanstalk:DescribeEnvironments", "elasticbeanstalk:DescribeEvents", "elasticbeanstalk:DescribeInstancesHealth", "elasticbeanstalk:DescribePlatformVersion", "elasticbeanstalk:DisassociateEnvironmentOperationsRole", "elasticbeanstalk:ListAvailableSolutionStacks", "elasticbeanstalk:ListPlatformBranches", "elasticbeanstalk:ListPlatformVersions", "elasticbeanstalk:ListTagsForResource", "elasticbeanstalk:PutInstanceStatistics", "elasticbeanstalk:RebuildEnvironment", "elasticbeanstalk:RemoveTags", "elasticbeanstalk:RequestEnvironmentInfo", "elasticbeanstalk:RestartAppServer", "elasticbeanstalk:RetrieveEnvironmentInfo", "elasticbeanstalk:SwapEnvironmentCNAMEs", "elasticbeanstalk:TerminateEnvironment", "elasticbeanstalk:UpdateApplication", "elasticbeanstalk:UpdateApplicationResourceLifecycle", "elasticbeanstalk:UpdateApplicationVersion", "elasticbeanstalk:UpdateConfigurationTemplate", "elasticbeanstalk:UpdateEnvironment", "elasticbeanstalk:UpdateTagsForResource", "elasticbeanstalk:ValidateConfigurationSettings", "iam:PassRole", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScheduledActions", "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DescribeAvailabilityZones", "ec2:DescribeImages", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstances", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplates", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshots", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSubnets", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcs", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "logs:DescribeLogGroups", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstances", "rds:DescribeOrderableDBInstanceOptions", "sns:ListSubscriptionsByTopic", "ec2:AllocateAddress", "ec2:AssociateAddress", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateLaunchTemplate", "ec2:CreateLaunchTemplateVersion", "ec2:CreateSecurityGroup", "ec2:DeleteLaunchTemplate", "ec2:DeleteLaunchTemplateVersions", "ec2:DeleteSecurityGroup", "ec2:DisassociateAddress", "ec2:ReleaseAddress", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:RunInstances", "ec2:TerminateInstances", "ecs:CreateCluster", "ecs:DescribeClusters", "ecs:RegisterTaskDefinition", "ecs:DeleteCluster", "autoscaling:AttachInstances", "autoscaling:CreateAutoScalingGroup", "autoscaling:CreateLaunchConfiguration", "autoscaling:CreateOrUpdateTags", "autoscaling:DeleteLaunchConfiguration", "autoscaling:DeleteAutoScalingGroup", "autoscaling:DeleteScheduledAction", "autoscaling:DetachInstances", "autoscaling:DeletePolicy", "autoscaling:PutScalingPolicy", "autoscaling:PutScheduledUpdateGroupAction", "autoscaling:PutNotificationConfiguration", "autoscaling:ResumeProcesses", "autoscaling:SetDesiredCapacity", "autoscaling:SuspendProcesses", "autoscaling:TerminateInstanceInAutoScalingGroup", "autoscaling:UpdateAutoScalingGroup", "cloudformation:CancelResourceRequest", "cloudformation:CreateResource", "cloudformation:DeleteResource", "cloudformation:GetResource", "cloudformation:GetResourceRequestStatus", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:UpdateResource", "cloudformation:ActivateOrganizationsAccess", "cloudformation:ActivateType", "cloudformation:BatchDescribeTypeConfigurations", "cloudformation:CancelUpdateStack", "cloudformation:ContinueUpdateRollback", "cloudformation:CreateChangeSet", "cloudformation:CreateGeneratedTemplate", "cloudformation:CreateStack", "cloudformation:CreateStackInstances", "cloudformation:CreateStackSet", "cloudformation:CreateUploadBucket", "cloudformation:DeactivateOrganizationsAccess", "cloudformation:DeactivateType", "cloudformation:DeleteChangeSet", "cloudformation:DeleteGeneratedTemplate", "cloudformation:DeleteStack", "cloudformation:DeleteStackInstances", "cloudformation:DeleteStackSet", "cloudformation:DeregisterType", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeChangeSet", "cloudformation:DescribeChangeSetHooks", "cloudformation:DescribeGeneratedTemplate", "cloudformation:DescribeOrganizationsAccess", "cloudformation:DescribePublisher", "cloudformation:DescribeResourceScan", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:DescribeType", "cloudformation:DescribeTypeRegistration", "cloudformation:DetectStackDrift", "cloudformation:DetectStackResourceDrift", "cloudformation:DetectStackSetDrift", "cloudformation:EstimateTemplateCost", "cloudformation:ExecuteChangeSet", "cloudformation:GetGeneratedTemplate", "cloudformation:GetStackPolicy", "cloudformation:GetTemplate", "cloudformation:GetTemplateSummary", "cloudformation:ImportStacksToStackSet", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "cloudformation:PublishType", "cloudformation:RecordHandlerProgress", "cloudformation:RegisterPublisher", "cloudformation:RegisterType", "cloudformation:RollbackStack", "cloudformation:SetStackPolicy", "cloudformation:SetTypeConfiguration", "cloudformation:SetTypeDefaultVersion", "cloudformation:SignalResource", "cloudformation:StartResourceScan", "cloudformation:StopStackSetOperation", "cloudformation:TagResource", "cloudformation:TestType", "cloudformation:UntagResource", "cloudformation:UpdateGeneratedTemplate", "cloudformation:UpdateStack", "cloudformation:UpdateStackInstances", "cloudformation:UpdateStackSet", "cloudformation:UpdateTerminationProtection", "cloudformation:ValidateTemplate", "elasticloadbalancing:AddTags", "elasticloadbalancing:ApplySecurityGroupsToLoadBalancer", "elasticloadbalancing:ConfigureHealthCheck", "elasticloadbalancing:CreateLoadBalancer", "elasticloadbalancing:DeleteLoadBalancer", "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:DeregisterTargets", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:RegisterTargets", "logs:CreateLogGroup", "logs:DeleteLogGroup", "logs:PutRetentionPolicy", "s3:DeleteObject", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectVersionAcl", "s3:GetBucketLocation", "s3:GetBucketPolicy", "s3:ListBucket", "s3:PutBucketPolicy", "sns:CreateTopic", "sns:GetTopicAttributes", "sns:SetTopicAttributes", "sns:Subscribe", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "cloudwatch:PutMetricAlarm", "ecs:TagResource" ], "malformed": false, "name": "AWSElasticBeanstalkManagedUpdatesCustomerRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-23T23:15:54+00:00", "version": "v6" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management", "Unknown" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforEC2Role", "createdate": "2017-08-11T23:57:30Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudwatch:BatchGetServiceLevelIndicatorReport", "cloudwatch:BatchGetServiceLevelObjectiveBudgetReport", "cloudwatch:CreateServiceLevelObjective", "cloudwatch:DeleteAlarms", "cloudwatch:DeleteAnomalyDetector", "cloudwatch:DeleteDashboards", "cloudwatch:DeleteInsightRules", "cloudwatch:DeleteMetricStream", "cloudwatch:DeleteServiceLevelObjective", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:DisableAlarmActions", "cloudwatch:DisableInsightRules", "cloudwatch:EnableAlarmActions", "cloudwatch:EnableInsightRules", "cloudwatch:EnableTopologyDiscovery", "cloudwatch:GenerateQuery", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:Link", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "cloudwatch:PutAnomalyDetector", "cloudwatch:PutCompositeAlarm", "cloudwatch:PutDashboard", "cloudwatch:PutInsightRule", "cloudwatch:PutManagedInsightRules", "cloudwatch:PutMetricAlarm", "cloudwatch:PutMetricData", "cloudwatch:PutMetricStream", "cloudwatch:SetAlarmState", "cloudwatch:StartMetricStreams", "cloudwatch:StopMetricStreams", "cloudwatch:TagResource", "cloudwatch:UntagResource", "cloudwatch:UpdateServiceLevelObjective", "dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:ConditionCheckItem", "dynamodb:CreateBackup", "dynamodb:CreateGlobalTable", "dynamodb:CreateTable", "dynamodb:CreateTableReplica", "dynamodb:DeleteBackup", "dynamodb:DeleteItem", "dynamodb:DeleteResourcePolicy", "dynamodb:DeleteTable", "dynamodb:DeleteTableReplica", "dynamodb:DescribeBackup", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeContributorInsights", "dynamodb:DescribeEndpoints", "dynamodb:DescribeExport", "dynamodb:DescribeGlobalTable", "dynamodb:DescribeGlobalTableSettings", "dynamodb:DescribeImport", "dynamodb:DescribeKinesisStreamingDestination", "dynamodb:DescribeLimits", "dynamodb:DescribeReservedCapacity", "dynamodb:DescribeReservedCapacityOfferings", "dynamodb:DescribeStream", "dynamodb:DescribeTable", "dynamodb:DescribeTableReplicaAutoScaling", "dynamodb:DescribeTimeToLive", "dynamodb:DisableKinesisStreamingDestination", "dynamodb:EnableKinesisStreamingDestination", "dynamodb:ExportTableToPointInTime", "dynamodb:GetItem", "dynamodb:GetRecords", "dynamodb:GetResourcePolicy", "dynamodb:GetShardIterator", "dynamodb:ImportTable", "dynamodb:ListBackups", "dynamodb:ListContributorInsights", "dynamodb:ListExports", "dynamodb:ListGlobalTables", "dynamodb:ListImports", "dynamodb:ListStreams", "dynamodb:ListTables", "dynamodb:ListTagsOfResource", "dynamodb:PartiQLDelete", "dynamodb:PartiQLInsert", "dynamodb:PartiQLSelect", "dynamodb:PartiQLUpdate", "dynamodb:PurchaseReservedCapacityOfferings", "dynamodb:PutItem", "dynamodb:PutResourcePolicy", "dynamodb:Query", "dynamodb:RestoreTableFromAwsBackup", "dynamodb:RestoreTableFromBackup", "dynamodb:RestoreTableToPointInTime", "dynamodb:Scan", "dynamodb:StartAwsBackupJob", "dynamodb:TagResource", "dynamodb:UntagResource", "dynamodb:UpdateContinuousBackups", "dynamodb:UpdateContributorInsights", "dynamodb:UpdateGlobalTable", "dynamodb:UpdateGlobalTableSettings", "dynamodb:UpdateGlobalTableVersion", "dynamodb:UpdateItem", "dynamodb:UpdateKinesisStreamingDestination", "dynamodb:UpdateTable", "dynamodb:UpdateTableReplicaAutoScaling", "dynamodb:UpdateTimeToLive", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "elasticmapreduce:DescribeCluster", "elasticmapreduce:DescribeEditor", "elasticmapreduce:DescribeJobFlows", "elasticmapreduce:DescribeNotebookExecution", "elasticmapreduce:DescribePersistentAppUI", "elasticmapreduce:DescribeReleaseLabel", "elasticmapreduce:DescribeRepository", "elasticmapreduce:DescribeSecurityConfiguration", "elasticmapreduce:DescribeStep", "elasticmapreduce:DescribeStudio", "elasticmapreduce:ListBootstrapActions", "elasticmapreduce:ListClusters", "elasticmapreduce:ListInstanceGroups", "elasticmapreduce:ListInstances", "elasticmapreduce:ListSteps", "kinesis:CreateStream", "kinesis:DeleteStream", "kinesis:DescribeStream", "kinesis:GetRecords", "kinesis:GetShardIterator", "kinesis:MergeShards", "kinesis:PutRecord", "kinesis:SplitShard", "rds:DescribeAccountAttributes", "rds:DescribeBlueGreenDeployments", "rds:DescribeCertificates", "rds:DescribeDBClusterAutomatedBackups", "rds:DescribeDBClusterBacktracks", "rds:DescribeDBClusterEndpoints", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBProxies", "rds:DescribeDBProxyEndpoints", "rds:DescribeDBProxyTargetGroups", "rds:DescribeDBProxyTargets", "rds:DescribeDBRecommendations", "rds:DescribeDBSecurityGroups", "rds:DescribeDBShardGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeDbSnapshotTenantDatabases", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeExportTasks", "rds:DescribeGlobalClusters", "rds:DescribeIntegrations", "rds:DescribeOptionGroupOptions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeRecommendationGroups", "rds:DescribeRecommendations", "rds:DescribeReservedDBInstances", "rds:DescribeReservedDBInstancesOfferings", "rds:DescribeSourceRegions", "rds:DescribeTenantDatabases", "rds:DescribeValidDBInstanceModifications", "s3:AbortMultipartUpload", "s3:AssociateAccessGrantsIdentityCenter", "s3:BypassGovernanceRetention", "s3:CreateAccessGrant", "s3:CreateAccessGrantsInstance", "s3:CreateAccessGrantsLocation", "s3:CreateAccessPoint", "s3:CreateAccessPointForObjectLambda", "s3:CreateBucket", "s3:CreateJob", "s3:CreateMultiRegionAccessPoint", "s3:CreateStorageLensGroup", "s3:DeleteAccessGrant", "s3:DeleteAccessGrantsInstance", "s3:DeleteAccessGrantsInstanceResourcePolicy", "s3:DeleteAccessGrantsLocation", "s3:DeleteAccessPoint", "s3:DeleteAccessPointForObjectLambda", "s3:DeleteAccessPointPolicy", "s3:DeleteAccessPointPolicyForObjectLambda", "s3:DeleteBucket", "s3:DeleteBucketPolicy", "s3:DeleteBucketWebsite", "s3:DeleteIntelligentTieringConfiguration", "s3:DeleteJobTagging", "s3:DeleteMultiRegionAccessPoint", "s3:DeleteObject", "s3:DeleteObjectTagging", "s3:DeleteObjectVersion", "s3:DeleteObjectVersionTagging", "s3:DeleteStorageLensConfiguration", "s3:DeleteStorageLensConfigurationTagging", "s3:DeleteStorageLensGroup", "s3:DescribeJob", "s3:DescribeMultiRegionAccessPointOperation", "s3:DissociateAccessGrantsIdentityCenter", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:InitiateReplication", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:ObjectOwnerOverrideToBucketOwner", "s3:PutAccelerateConfiguration", "s3:PutAccessGrantsInstanceResourcePolicy", "s3:PutAccessPointConfigurationForObjectLambda", "s3:PutAccessPointPolicy", "s3:PutAccessPointPolicyForObjectLambda", "s3:PutAccessPointPublicAccessBlock", "s3:PutAccountPublicAccessBlock", "s3:PutAnalyticsConfiguration", "s3:PutBucketAcl", "s3:PutBucketCORS", "s3:PutBucketLogging", "s3:PutBucketNotification", "s3:PutBucketObjectLockConfiguration", "s3:PutBucketOwnershipControls", "s3:PutBucketPolicy", "s3:PutBucketPublicAccessBlock", "s3:PutBucketRequestPayment", "s3:PutBucketTagging", "s3:PutBucketVersioning", "s3:PutBucketWebsite", "s3:PutEncryptionConfiguration", "s3:PutIntelligentTieringConfiguration", "s3:PutInventoryConfiguration", "s3:PutJobTagging", "s3:PutLifecycleConfiguration", "s3:PutMetricsConfiguration", "s3:PutMultiRegionAccessPointPolicy", "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionAcl", "s3:PutObjectVersionTagging", "s3:PutReplicationConfiguration", "s3:PutStorageLensConfiguration", "s3:PutStorageLensConfigurationTagging", "s3:ReplicateDelete", "s3:ReplicateObject", "s3:ReplicateTags", "s3:RestoreObject", "s3:SubmitMultiRegionAccessPointRoutes", "s3:TagResource", "s3:UntagResource", "s3:UpdateAccessGrantsLocation", "s3:UpdateJobPriority", "s3:UpdateJobStatus", "s3:UpdateStorageLensGroup", "sdb:BatchDeleteAttributes", "sdb:BatchPutAttributes", "sdb:CreateDomain", "sdb:DeleteAttributes", "sdb:DeleteDomain", "sdb:DomainMetadata", "sdb:GetAttributes", "sdb:ListDomains", "sdb:PutAttributes", "sdb:Select", "sns:AddPermission", "sns:CheckIfPhoneNumberIsOptedOut", "sns:ConfirmSubscription", "sns:CreatePlatformApplication", "sns:CreatePlatformEndpoint", "sns:CreateSMSSandboxPhoneNumber", "sns:CreateTopic", "sns:DeleteEndpoint", "sns:DeletePlatformApplication", "sns:DeleteSMSSandboxPhoneNumber", "sns:DeleteTopic", "sns:GetDataProtectionPolicy", "sns:GetEndpointAttributes", "sns:GetPlatformApplicationAttributes", "sns:GetSMSAttributes", "sns:GetSMSSandboxAccountStatus", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:ListEndpointsByPlatformApplication", "sns:ListOriginationNumbers", "sns:ListPhoneNumbersOptedOut", "sns:ListPlatformApplications", "sns:ListSMSSandboxPhoneNumbers", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "sns:OptInPhoneNumber", "sns:Publish", "sns:PutDataProtectionPolicy", "sns:RemovePermission", "sns:SetEndpointAttributes", "sns:SetPlatformApplicationAttributes", "sns:SetSMSAttributes", "sns:SetSubscriptionAttributes", "sns:SetTopicAttributes", "sns:Subscribe", "sns:TagResource", "sns:Unsubscribe", "sns:UntagResource", "sns:VerifySMSSandboxPhoneNumber", "sqs:AddPermission", "sqs:CancelMessageMoveTask", "sqs:ChangeMessageVisibility", "sqs:CreateQueue", "sqs:DeleteMessage", "sqs:DeleteQueue", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "sqs:ListDeadLetterSourceQueues", "sqs:ListMessageMoveTasks", "sqs:ListQueueTags", "sqs:ListQueues", "sqs:PurgeQueue", "sqs:ReceiveMessage", "sqs:RemovePermission", "sqs:SendMessage", "sqs:SetQueueAttributes", "sqs:StartMessageMoveTask", "sqs:TagQueue", "sqs:UntagQueue", "glue:CreateDatabase", "glue:UpdateDatabase", "glue:DeleteDatabase", "glue:GetDatabase", "glue:GetDatabases", "glue:CreateTable", "glue:UpdateTable", "glue:DeleteTable", "glue:GetTable", "glue:GetTables", "glue:GetTableVersions", "glue:CreatePartition", "glue:BatchCreatePartition", "glue:UpdatePartition", "glue:DeletePartition", "glue:BatchDeletePartition", "glue:GetPartition", "glue:GetPartitions", "glue:BatchGetPartition", "glue:CreateUserDefinedFunction", "glue:UpdateUserDefinedFunction", "glue:DeleteUserDefinedFunction", "glue:GetUserDefinedFunction", "glue:GetUserDefinedFunctions" ], "malformed": false, "name": "AmazonElasticMapReduceforEC2Role", "privesc": false, "resource_exposure": true, "undocumented_actions": true, "unknown_actions": false, "updatedate": "2017-08-11T23:57:30+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonBedrockReadOnly", "createdate": "2023-12-06T15:48:19Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "bedrock:GetFoundationModel", "bedrock:ListFoundationModels", "bedrock:GetModelInvocationLoggingConfiguration", "bedrock:GetProvisionedModelThroughput", "bedrock:ListProvisionedModelThroughputs", "bedrock:GetModelCustomizationJob", "bedrock:ListModelCustomizationJobs", "bedrock:ListCustomModels", "bedrock:GetCustomModel", "bedrock:ListTagsForResource", "bedrock:GetFoundationModelAvailability" ], "malformed": false, "name": "AmazonBedrockReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-06T15:48:19+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonCloudWatchEvidentlyFullAccess", "createdate": "2021-11-29T15:10:14Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "evidently:BatchEvaluateFeature", "evidently:CreateExperiment", "evidently:CreateFeature", "evidently:CreateLaunch", "evidently:CreateProject", "evidently:CreateSegment", "evidently:DeleteExperiment", "evidently:DeleteFeature", "evidently:DeleteLaunch", "evidently:DeleteProject", "evidently:DeleteSegment", "evidently:EvaluateFeature", "evidently:GetExperiment", "evidently:GetExperimentResults", "evidently:GetFeature", "evidently:GetLaunch", "evidently:GetProject", "evidently:GetSegment", "evidently:ListExperiments", "evidently:ListFeatures", "evidently:ListLaunches", "evidently:ListProjects", "evidently:ListSegmentReferences", "evidently:ListSegments", "evidently:ListTagsForResource", "evidently:PutProjectEvents", "evidently:StartExperiment", "evidently:StartLaunch", "evidently:StopExperiment", "evidently:StopLaunch", "evidently:TagResource", "evidently:TestSegmentPattern", "evidently:UntagResource", "evidently:UpdateExperiment", "evidently:UpdateFeature", "evidently:UpdateLaunch", "evidently:UpdateProject", "evidently:UpdateProjectDataDelivery", "iam:ListRoles", "iam:GetRole", "s3:GetBucketLocation", "s3:ListAllMyBuckets", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:ListTagsForResource", "cloudwatch:DescribeAlarms", "cloudwatch:TagResource", "cloudwatch:UntagResource", "cloudtrail:LookupEvents", "cloudwatch:PutMetricAlarm", "sns:ListTopics", "sns:CreateTopic", "sns:Subscribe", "sns:ListSubscriptionsByTopic", "logs:DescribeLogGroups" ], "malformed": false, "name": "AmazonCloudWatchEvidentlyFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-11-29T15:10:14+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonLookoutVisionReadOnlyAccess", "createdate": "2021-12-09T03:01:51Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "lookoutvision:DescribeDataset", "lookoutvision:DescribeModel", "lookoutvision:DescribeProject", "lookoutvision:DescribeModelPackagingJob", "lookoutvision:ListDatasetEntries", "lookoutvision:ListModels", "lookoutvision:ListProjects", "lookoutvision:ListTagsForResource", "lookoutvision:ListModelPackagingJobs" ], "malformed": false, "name": "AmazonLookoutVisionReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-12-09T03:01:51+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSStepFunctionsConsoleFullAccess", "createdate": "2017-01-12T00:19:34Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "states:CreateActivity", "states:CreateStateMachine", "states:CreateStateMachineAlias", "states:DeleteActivity", "states:DeleteStateMachine", "states:DeleteStateMachineAlias", "states:DeleteStateMachineVersion", "states:DescribeActivity", "states:DescribeExecution", "states:DescribeMapRun", "states:DescribeStateMachine", "states:DescribeStateMachineAlias", "states:DescribeStateMachineForExecution", "states:GetActivityTask", "states:GetExecutionHistory", "states:InvokeHTTPEndpoint", "states:ListActivities", "states:ListExecutions", "states:ListMapRuns", "states:ListStateMachineAliases", "states:ListStateMachineVersions", "states:ListStateMachines", "states:ListTagsForResource", "states:PublishStateMachineVersion", "states:RedriveExecution", "states:RevealSecrets", "states:SendTaskFailure", "states:SendTaskHeartbeat", "states:SendTaskSuccess", "states:StartExecution", "states:StartSyncExecution", "states:StopExecution", "states:TagResource", "states:TestState", "states:UntagResource", "states:UpdateMapRun", "states:UpdateStateMachine", "states:UpdateStateMachineAlias", "states:ValidateStateMachineDefinition", "iam:ListRoles", "iam:PassRole", "lambda:ListFunctions" ], "malformed": false, "name": "AWSStepFunctionsConsoleFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-01-12T00:19:34+00:00", "version": "v2" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/FSxDeleteServiceLinkedRoleAccess", "createdate": "2018-11-28T10:40:24Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:DeleteServiceLinkedRole", "iam:GetServiceLinkedRoleDeletionStatus", "iam:GetRole" ], "malformed": false, "name": "FSxDeleteServiceLinkedRoleAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-11-28T10:40:24+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforAutoScalingRole", "createdate": "2016-11-18T01:09:10Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:DescribeAlarms", "elasticmapreduce:ListInstanceGroups", "elasticmapreduce:ModifyInstanceGroups" ], "malformed": false, "name": "AmazonElasticMapReduceforAutoScalingRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2016-11-18T01:09:10+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": null, "createdate": "2018-12-13T18:48:22Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "ec2:CreateNetworkInterfacePermission", "ec2:DescribeNetworkInterfaces", "ec2:DeleteNetworkInterface", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeSecurityGroups", "greengrass:CreateDeployment", "greengrass:CreateGroupVersion", "greengrass:CreateFunctionDefinition", "greengrass:CreateFunctionDefinitionVersion", "greengrass:GetDeploymentStatus", "greengrass:GetGroup", "greengrass:GetGroupVersion", "greengrass:GetCoreDefinitionVersion", "greengrass:GetFunctionDefinitionVersion", "greengrass:GetAssociatedRole", "lambda:CreateFunction", "lambda:UpdateFunctionCode", "lambda:GetFunction", "lambda:UpdateFunctionConfiguration", "iam:PassRole" ], "malformed": false, "name": "AWSB9InternalServicePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSAppFabricReadOnlyAccess", "createdate": "2023-06-27T19:52:02Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "appfabric:GetAppAuthorization", "appfabric:GetAppBundle", "appfabric:GetIngestion", "appfabric:GetIngestionDestination", "appfabric:ListAppAuthorizations", "appfabric:ListAppBundles", "appfabric:ListIngestionDestinations", "appfabric:ListIngestions", "appfabric:ListTagsForResource" ], "malformed": false, "name": "AWSAppFabricReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-06-27T19:52:02+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonKeyspacesReadOnlyAccess", "createdate": "2022-07-07T14:54:05Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cassandra:Select", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingActivities", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:DescribeScheduledActions", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricData", "kms:DescribeKey", "kms:ListAliases" ], "malformed": false, "name": "AmazonKeyspacesReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-07-07T14:54:05+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": null, "createdate": "2019-03-11T22:18:12Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [ "backup:GetBackupPlan", "backup:GetBackupPlanFromJSON", "backup:GetBackupPlanFromTemplate", "backup:GetBackupSelection", "backup:GetBackupVaultAccessPolicy", "backup:GetBackupVaultNotifications", "backup:GetBackupVaultSharingPolicy", "backup:GetLegalHold", "backup:GetRecoveryPointRestoreMetadata", "backup:GetRestoreJobMetadata", "backup:GetRestoreTestingInferredMetadata", "backup:GetRestoreTestingPlan", "backup:GetRestoreTestingSelection", "backup:GetSupportedResourceTypes", "backup:ListBackupJobSummaries", "backup:ListBackupJobs", "backup:ListBackupPlanTemplates", "backup:ListBackupPlanVersions", "backup:ListBackupPlans", "backup:ListBackupSelections", "backup:ListBackupVaults", "backup:ListCopyJobSummaries", "backup:ListCopyJobs", "backup:ListFrameworks", "backup:ListLegalHolds", "backup:ListProtectedResources", "backup:ListProtectedResourcesByBackupVault", "backup:ListRecoveryPointsByBackupVault", "backup:ListRecoveryPointsByLegalHold", "backup:ListRecoveryPointsByResource", "backup:ListReportJobs", "backup:ListReportPlans", "backup:ListRestoreJobSummaries", "backup:ListRestoreJobs", "backup:ListRestoreJobsByProtectedResource", "backup:ListRestoreTestingPlans", "backup:ListRestoreTestingSelections", "backup:ListTags", "backup:DescribeBackupJob", "backup:DescribeBackupVault", "backup:DescribeCopyJob", "backup:DescribeFramework", "backup:DescribeGlobalSettings", "backup:DescribeProtectedResource", "backup:DescribeRecoveryPoint", "backup:DescribeRegionSettings", "backup:DescribeReportJob", "backup:DescribeReportPlan", "backup:DescribeRestoreJob", "backup:CreateBackupSelection", "backup:DeleteBackupSelection", "backup:GetRecoveryPointRestoreMetadata", "backup:StartBackupJob", "backup:StartRestoreJob", "rds:DescribeDBSnapshots", "rds:ListTagsForResource", "rds:DescribeDBInstances", "rds:DescribeDBSnapshots", "rds:DescribeDBEngineVersions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribeDBSubnetGroups", "dynamodb:ListBackups", "dynamodb:ListTables", "elasticfilesystem:DescribeFileSystems", "ec2:DescribeSnapshots", "ec2:DescribeVolumes", "ec2:DescribeAvailabilityZones", "tag:GetTagKeys", "tag:GetTagValues", "tag:GetResources", "storagegateway:DescribeCachediSCSIVolumes", "storagegateway:DescribeStorediSCSIVolumes", "storagegateway:ListGateways", "storagegateway:DescribeGatewayInformation", "storagegateway:ListVolumes", "storagegateway:ListLocalDisks", "iam:ListRoles", "iam:GetRole", "iam:GetUser", "iam:PassRole", "kms:ListKeys", "kms:DescribeKey", "kms:GenerateDataKey", "kms:RetireGrant", "kms:CreateGrant", "kms:ListAliases", "kms:Decrypt" ], "malformed": false, "name": "AWSBackupOperatorPolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSLakeFormationDataAdmin", "createdate": "2024-03-22T18:27:42Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "lakeformation:AddLFTagsToResource", "lakeformation:BatchGrantPermissions", "lakeformation:BatchRevokePermissions", "lakeformation:CancelTransaction", "lakeformation:CommitTransaction", "lakeformation:CreateDataCellsFilter", "lakeformation:CreateLFTag", "lakeformation:CreateLakeFormationIdentityCenterConfiguration", "lakeformation:CreateLakeFormationOptIn", "lakeformation:DeleteDataCellsFilter", "lakeformation:DeleteLFTag", "lakeformation:DeleteLakeFormationIdentityCenterConfiguration", "lakeformation:DeleteLakeFormationOptIn", "lakeformation:DeleteObjectsOnCancel", "lakeformation:DeregisterResource", "lakeformation:DescribeLakeFormationIdentityCenterConfiguration", "lakeformation:DescribeResource", "lakeformation:DescribeTransaction", "lakeformation:ExtendTransaction", "lakeformation:GetDataAccess", "lakeformation:GetDataCellsFilter", "lakeformation:GetDataLakeSettings", "lakeformation:GetEffectivePermissionsForPath", "lakeformation:GetLFTag", "lakeformation:GetQueryState", "lakeformation:GetQueryStatistics", "lakeformation:GetResourceLFTags", "lakeformation:GetTableObjects", "lakeformation:GetWorkUnitResults", "lakeformation:GetWorkUnits", "lakeformation:GrantPermissions", "lakeformation:ListDataCellsFilter", "lakeformation:ListLFTags", "lakeformation:ListLakeFormationOptIns", "lakeformation:ListPermissions", "lakeformation:ListResources", "lakeformation:ListTableStorageOptimizers", "lakeformation:ListTransactions", "lakeformation:PutDataLakeSettings", "lakeformation:RegisterResource", "lakeformation:RemoveLFTagsFromResource", "lakeformation:RevokePermissions", "lakeformation:SearchDatabasesByLFTags", "lakeformation:SearchTablesByLFTags", "lakeformation:StartQueryPlanning", "lakeformation:StartTransaction", "lakeformation:UpdateDataCellsFilter", "lakeformation:UpdateLFTag", "lakeformation:UpdateLakeFormationIdentityCenterConfiguration", "lakeformation:UpdateResource", "lakeformation:UpdateTableObjects", "lakeformation:UpdateTableStorageOptimizer", "cloudtrail:DescribeTrails", "cloudtrail:LookupEvents", "glue:GetDatabase", "glue:GetDatabases", "glue:CreateDatabase", "glue:UpdateDatabase", "glue:DeleteDatabase", "glue:GetConnections", "glue:SearchTables", "glue:GetTable", "glue:CreateTable", "glue:UpdateTable", "glue:DeleteTable", "glue:GetTableVersions", "glue:GetPartitions", "glue:GetTables", "glue:ListWorkflows", "glue:BatchGetWorkflows", "glue:DeleteWorkflow", "glue:GetWorkflowRuns", "glue:StartWorkflowRun", "glue:GetWorkflow", "s3:ListBucket", "s3:GetBucketLocation", "s3:ListAllMyBuckets", "s3:GetBucketAcl", "iam:ListUsers", "iam:ListRoles", "iam:GetRole", "iam:GetRolePolicy" ], "malformed": false, "name": "AWSLakeFormationDataAdmin", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-22T18:27:42+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSGlueDataBrewServiceRole", "createdate": "2024-03-20T23:28:52Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "glue:GetDatabases", "glue:GetPartitions", "glue:GetTable", "glue:GetTables", "glue:GetConnection", "glue:BatchGetCustomEntityTypes", "glue:GetCustomEntityType", "s3:ListBucket", "s3:GetObject", "ec2:DescribeVpcEndpoints", "ec2:DescribeRouteTables", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:CreateTags", "ec2:DeleteTags", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "lakeformation:GetDataAccess", "secretsmanager:GetSecretValue" ], "malformed": false, "name": "AWSGlueDataBrewServiceRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-20T23:28:52+00:00", "version": "v4" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonLookoutEquipmentReadOnlyAccess", "createdate": "2022-11-10T22:04:33Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "lookoutequipment:DescribeDataIngestionJob", "lookoutequipment:DescribeDataset", "lookoutequipment:DescribeInferenceScheduler", "lookoutequipment:DescribeLabelGroup", "lookoutequipment:DescribeModel", "lookoutequipment:DescribeModelVersion", "lookoutequipment:DescribeResourcePolicy", "lookoutequipment:DescribeRetrainingScheduler", "lookoutequipment:Describelabel", "lookoutequipment:ListDataIngestionJobs", "lookoutequipment:ListDatasets", "lookoutequipment:ListInferenceEvents", "lookoutequipment:ListInferenceExecutions", "lookoutequipment:ListInferenceSchedulers", "lookoutequipment:ListLabelGroups", "lookoutequipment:ListLabels", "lookoutequipment:ListModelVersions", "lookoutequipment:ListModels", "lookoutequipment:ListRetrainingSchedulers", "lookoutequipment:ListSensorStatistics", "lookoutequipment:ListTagsForResource" ], "malformed": false, "name": "AmazonLookoutEquipmentReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-10T22:04:33+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/CloudWatchSyntheticsFullAccess", "createdate": "2022-05-06T18:14:01Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "synthetics:AssociateResource", "synthetics:CreateCanary", "synthetics:CreateGroup", "synthetics:DeleteCanary", "synthetics:DeleteGroup", "synthetics:DescribeCanaries", "synthetics:DescribeCanariesLastRun", "synthetics:DescribeRuntimeVersions", "synthetics:DisassociateResource", "synthetics:GetCanary", "synthetics:GetCanaryRuns", "synthetics:GetGroup", "synthetics:ListAssociatedGroups", "synthetics:ListGroupResources", "synthetics:ListGroups", "synthetics:ListTagsForResource", "synthetics:StartCanary", "synthetics:StopCanary", "synthetics:TagResource", "synthetics:UntagResource", "synthetics:UpdateCanary", "s3:CreateBucket", "s3:PutEncryptionConfiguration", "iam:ListRoles", "s3:ListAllMyBuckets", "xray:GetTraceSummaries", "xray:BatchGetTraces", "apigateway:GET", "s3:GetBucketLocation", "s3:GetObject", "s3:ListBucket", "s3:GetObjectVersion", "iam:PassRole", "iam:GetRole", "iam:ListAttachedRolePolicies", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:PutMetricAlarm", "cloudwatch:DeleteAlarms", "cloudwatch:DescribeAlarms", "lambda:CreateFunction", "lambda:AddPermission", "lambda:PublishVersion", "lambda:UpdateFunctionCode", "lambda:UpdateFunctionConfiguration", "lambda:GetFunctionConfiguration", "lambda:DeleteFunction", "lambda:GetLayerVersion", "lambda:PublishLayerVersion", "lambda:DeleteLayerVersion", "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "sns:ListTopics", "sns:CreateTopic", "sns:Subscribe", "sns:ListSubscriptionsByTopic", "kms:ListAliases", "kms:DescribeKey", "kms:Decrypt" ], "malformed": false, "name": "CloudWatchSyntheticsFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-05-06T18:14:01+00:00", "version": "v9" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/ECRReplicationServiceRolePolicy", "createdate": "2020-12-04T22:11:28Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ecr:CreateRepository", "ecr:ReplicateImage" ], "malformed": false, "name": "ECRReplicationServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-04T22:11:28+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonSSMServiceRolePolicy", "createdate": "2022-09-14T19:46:49Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ssm:CancelCommand", "ssm:GetCommandInvocation", "ssm:ListCommandInvocations", "ssm:ListCommands", "ssm:SendCommand", "ssm:GetAutomationExecution", "ssm:GetParameters", "ssm:StartAutomationExecution", "ssm:StopAutomationExecution", "ssm:ListTagsForResource", "ssm:GetCalendarState", "ssm:UpdateServiceSetting", "ssm:GetServiceSetting", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceStatus", "ec2:DescribeInstances", "lambda:InvokeFunction", "states:DescribeExecution", "states:StartExecution", "resource-groups:ListGroups", "resource-groups:ListGroupResources", "resource-groups:GetGroupQuery", "cloudformation:DescribeStacks", "cloudformation:ListStackResources", "tag:GetResources", "config:SelectResourceConfig", "compute-optimizer:GetEC2InstanceRecommendations", "compute-optimizer:GetEnrollmentStatus", "support:DescribeTrustedAdvisorChecks", "support:DescribeTrustedAdvisorCheckSummaries", "support:DescribeTrustedAdvisorCheckResult", "support:DescribeCases", "config:DescribeComplianceByConfigRule", "config:DescribeComplianceByResource", "config:DescribeRemediationConfigurations", "config:DescribeConfigurationRecorders", "cloudwatch:DescribeAlarms", "iam:PassRole", "organizations:DescribeOrganization", "cloudformation:ListStackSets", "cloudformation:ListStackInstances", "cloudformation:DescribeStackSetOperation", "cloudformation:DeleteStackSet", "cloudformation:DeleteStackInstances", "events:PutRule", "events:PutTargets", "events:RemoveTargets", "events:DeleteRule", "events:DescribeRule", "securityhub:DescribeHub" ], "malformed": false, "name": "AmazonSSMServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-09-14T19:46:49+00:00", "version": "v14" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonMobileAnalyticsWriteOnlyAccess", "createdate": "2015-02-06T18:40:37Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mobileanalytics:PutEvents" ], "malformed": false, "name": "AmazonMobileAnalyticsWriteOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:40:37+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": null, "createdate": "2019-09-12T23:08:46Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "sns:AddPermission", "sns:CreateTopic", "sns:DeleteTopic", "sns:ListTopics", "sns:SetTopicAttributes", "sns:GetTopicAttributes", "s3:CreateBucket", "s3:DeleteBucket", "s3:ListAllMyBuckets", "s3:PutBucketPolicy", "s3:ListBucket", "s3:GetObject", "s3:GetBucketLocation", "s3:GetBucketPolicy", "cloudtrail:AddTags", "cloudtrail:CancelQuery", "cloudtrail:CreateChannel", "cloudtrail:CreateEventDataStore", "cloudtrail:CreateServiceLinkedChannel", "cloudtrail:CreateTrail", "cloudtrail:DeleteChannel", "cloudtrail:DeleteEventDataStore", "cloudtrail:DeleteResourcePolicy", "cloudtrail:DeleteServiceLinkedChannel", "cloudtrail:DeleteTrail", "cloudtrail:DeregisterOrganizationDelegatedAdmin", "cloudtrail:DescribeQuery", "cloudtrail:DescribeTrails", "cloudtrail:DisableFederation", "cloudtrail:EnableFederation", "cloudtrail:GetChannel", "cloudtrail:GetEventDataStore", "cloudtrail:GetEventDataStoreData", "cloudtrail:GetEventSelectors", "cloudtrail:GetImport", "cloudtrail:GetInsightSelectors", "cloudtrail:GetQueryResults", "cloudtrail:GetResourcePolicy", "cloudtrail:GetServiceLinkedChannel", "cloudtrail:GetTrail", "cloudtrail:GetTrailStatus", "cloudtrail:ListChannels", "cloudtrail:ListEventDataStores", "cloudtrail:ListImportFailures", "cloudtrail:ListImports", "cloudtrail:ListPublicKeys", "cloudtrail:ListQueries", "cloudtrail:ListServiceLinkedChannels", "cloudtrail:ListTags", "cloudtrail:ListTrails", "cloudtrail:LookupEvents", "cloudtrail:PutEventSelectors", "cloudtrail:PutInsightSelectors", "cloudtrail:PutResourcePolicy", "cloudtrail:RegisterOrganizationDelegatedAdmin", "cloudtrail:RemoveTags", "cloudtrail:RestoreEventDataStore", "cloudtrail:StartEventDataStoreIngestion", "cloudtrail:StartImport", "cloudtrail:StartLogging", "cloudtrail:StartQuery", "cloudtrail:StopEventDataStoreIngestion", "cloudtrail:StopImport", "cloudtrail:StopLogging", "cloudtrail:UpdateChannel", "cloudtrail:UpdateEventDataStore", "cloudtrail:UpdateServiceLinkedChannel", "cloudtrail:UpdateTrail", "logs:CreateLogGroup", "iam:ListRoles", "iam:GetRolePolicy", "iam:GetUser", "iam:PassRole", "kms:ListKeys", "kms:ListAliases", "lambda:ListFunctions" ], "malformed": false, "name": "AWSCloudTrailFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v8" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSElementalMediaPackageV2ReadOnly", "createdate": "2023-07-25T20:31:25Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mediapackagev2:ListChannelGroups", "mediapackagev2:ListChannels", "mediapackagev2:ListOriginEndpoints", "mediapackagev2:ListTagsForResource", "mediapackagev2:GetChannel", "mediapackagev2:GetChannelGroup", "mediapackagev2:GetChannelPolicy", "mediapackagev2:GetHeadObject", "mediapackagev2:GetObject", "mediapackagev2:GetOriginEndpoint", "mediapackagev2:GetOriginEndpointPolicy" ], "malformed": false, "name": "AWSElementalMediaPackageV2ReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-07-25T20:31:25+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSIncidentManagerServiceRolePolicy", "createdate": "2022-12-05T02:11:58Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ssm-incidents:ListIncidentRecords", "ssm-incidents:CreateTimelineEvent", "ssm:CreateOpsItem", "ssm:AssociateOpsItemRelatedItem", "ssm-contacts:StartEngagement", "cloudwatch:PutMetricData" ], "malformed": false, "name": "AWSIncidentManagerServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-12-05T02:11:58+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AwsGlueSessionUserRestrictedNotebookPolicy", "createdate": "2023-11-22T01:32:43Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "glue:CreateSession", "glue:StartCompletion", "glue:GetCompletion", "glue:RunStatement", "glue:GetStatement", "glue:ListStatements", "glue:CancelStatement", "glue:StopSession", "glue:DeleteSession", "glue:GetSession", "glue:ListSessions", "iam:PassRole" ], "malformed": false, "name": "AwsGlueSessionUserRestrictedNotebookPolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-22T01:32:43+00:00", "version": "v2" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/PartnerCentralAccountManagementUserRoleAssociation", "createdate": "2023-11-10T02:03:40Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:PassRole", "iam:ListRoles", "partnercentral-account-management:AssociatePartnerUser", "partnercentral-account-management:DisassociatePartnerUser" ], "malformed": false, "name": "PartnerCentralAccountManagementUserRoleAssociation", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-10T02:03:40+00:00", "version": "v1" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetTaggingRole", "createdate": "2020-04-23T19:30:49Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeImages", "ec2:DescribeSubnets", "ec2:RequestSpotInstances", "ec2:TerminateInstances", "ec2:DescribeInstanceStatus", "ec2:CreateTags", "ec2:RunInstances", "iam:PassRole", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:RegisterTargets" ], "malformed": false, "name": "AmazonEC2SpotFleetTaggingRole", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-04-23T19:30:49+00:00", "version": "v5" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceCatalogOrgsDataSyncServiceRolePolicy", "createdate": "2023-04-10T20:48:28Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListAccounts", "organizations:ListChildren", "organizations:ListParents", "organizations:ListAWSServiceAccessForOrganization" ], "malformed": false, "name": "AWSServiceCatalogOrgsDataSyncServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-10T20:48:28+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonInspector2ManagedCisPolicy", "createdate": "2024-01-24T16:31:43Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "inspector2:StartCisSession", "inspector2:StopCisSession", "inspector2:SendCisSessionTelemetry", "inspector2:SendCisSessionHealth" ], "malformed": false, "name": "AmazonInspector2ManagedCisPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-24T16:31:43+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSResourceAccessManagerServiceRolePolicy", "createdate": "2018-11-14T19:28:28Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:DescribeOrganizationalUnit", "organizations:ListAccounts", "organizations:ListAccountsForParent", "organizations:ListChildren", "organizations:ListOrganizationalUnitsForParent", "organizations:ListParents", "organizations:ListRoots", "iam:DeleteRole" ], "malformed": false, "name": "AWSResourceAccessManagerServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-11-14T19:28:28+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSIoTDeviceTesterForGreengrassFullAccess", "createdate": "2020-06-25T17:01:56Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:PassRole", "lambda:CreateFunction", "iot:DeleteCertificate", "lambda:DeleteFunction", "execute-api:Invoke", "iot:UpdateCertificate", "iot:CreateThing", "iot:DeleteThing", "iot:AttachPolicy", "iot:DetachPolicy", "iot:DeletePolicy", "iot:CreateJob", "iot:DescribeJob", "iot:DescribeJobExecution", "iot:DeleteJob", "iot:DescribeEndpoint", "greengrass:AssociateServiceRoleToAccount", "greengrass:BatchAssociateClientDeviceWithCoreDevice", "greengrass:BatchDisassociateClientDeviceFromCoreDevice", "greengrass:CancelDeployment", "greengrass:CreateComponentVersion", "greengrass:CreateDeployment", "greengrass:DeleteComponent", "greengrass:DeleteCoreDevice", "greengrass:DeleteDeployment", "greengrass:DescribeComponent", "greengrass:DisassociateServiceRoleFromAccount", "greengrass:GetComponent", "greengrass:GetComponentVersionArtifact", "greengrass:GetConnectivityInfo", "greengrass:GetCoreDevice", "greengrass:GetDeployment", "greengrass:GetServiceRoleForAccount", "greengrass:ListClientDevicesAssociatedWithCoreDevice", "greengrass:ListComponentVersions", "greengrass:ListComponents", "greengrass:ListCoreDevices", "greengrass:ListDeployments", "greengrass:ListEffectiveDeployments", "greengrass:ListInstalledComponents", "greengrass:ListTagsForResource", "greengrass:ResolveComponentCandidates", "greengrass:TagResource", "greengrass:UntagResource", "greengrass:UpdateConnectivityInfo", "greengrass:AssociateRoleToGroup", "greengrass:CreateConnectorDefinition", "greengrass:CreateConnectorDefinitionVersion", "greengrass:CreateCoreDefinition", "greengrass:CreateCoreDefinitionVersion", "greengrass:CreateDeviceDefinition", "greengrass:CreateDeviceDefinitionVersion", "greengrass:CreateFunctionDefinition", "greengrass:CreateFunctionDefinitionVersion", "greengrass:CreateGroup", "greengrass:CreateGroupCertificateAuthority", "greengrass:CreateGroupVersion", "greengrass:CreateLoggerDefinition", "greengrass:CreateLoggerDefinitionVersion", "greengrass:CreateResourceDefinition", "greengrass:CreateResourceDefinitionVersion", "greengrass:CreateSoftwareUpdateJob", "greengrass:CreateSubscriptionDefinition", "greengrass:CreateSubscriptionDefinitionVersion", "greengrass:DeleteConnectorDefinition", "greengrass:DeleteCoreDefinition", "greengrass:DeleteDeviceDefinition", "greengrass:DeleteFunctionDefinition", "greengrass:DeleteGroup", "greengrass:DeleteLoggerDefinition", "greengrass:DeleteResourceDefinition", "greengrass:DeleteSubscriptionDefinition", "greengrass:DisassociateRoleFromGroup", "greengrass:Discover", "greengrass:GetAssociatedRole", "greengrass:GetBulkDeploymentStatus", "greengrass:GetConnectorDefinition", "greengrass:GetConnectorDefinitionVersion", "greengrass:GetCoreDefinition", "greengrass:GetCoreDefinitionVersion", "greengrass:GetDeploymentStatus", "greengrass:GetDeviceDefinition", "greengrass:GetDeviceDefinitionVersion", "greengrass:GetFunctionDefinition", "greengrass:GetFunctionDefinitionVersion", "greengrass:GetGroup", "greengrass:GetGroupCertificateAuthority", "greengrass:GetGroupCertificateConfiguration", "greengrass:GetGroupVersion", "greengrass:GetLoggerDefinition", "greengrass:GetLoggerDefinitionVersion", "greengrass:GetResourceDefinition", "greengrass:GetResourceDefinitionVersion", "greengrass:GetSubscriptionDefinition", "greengrass:GetSubscriptionDefinitionVersion", "greengrass:GetThingRuntimeConfiguration", "greengrass:ListBulkDeploymentDetailedReports", "greengrass:ListBulkDeployments", "greengrass:ListConnectorDefinitionVersions", "greengrass:ListConnectorDefinitions", "greengrass:ListCoreDefinitionVersions", "greengrass:ListCoreDefinitions", "greengrass:ListDeviceDefinitionVersions", "greengrass:ListDeviceDefinitions", "greengrass:ListFunctionDefinitionVersions", "greengrass:ListFunctionDefinitions", "greengrass:ListGroupCertificateAuthorities", "greengrass:ListGroupVersions", "greengrass:ListGroups", "greengrass:ListLoggerDefinitionVersions", "greengrass:ListLoggerDefinitions", "greengrass:ListResourceDefinitionVersions", "greengrass:ListResourceDefinitions", "greengrass:ListSubscriptionDefinitionVersions", "greengrass:ListSubscriptionDefinitions", "greengrass:ResetDeployments", "greengrass:StartBulkDeployment", "greengrass:StopBulkDeployment", "greengrass:UpdateConnectorDefinition", "greengrass:UpdateCoreDefinition", "greengrass:UpdateDeviceDefinition", "greengrass:UpdateFunctionDefinition", "greengrass:UpdateGroup", "greengrass:UpdateGroupCertificateConfiguration", "greengrass:UpdateLoggerDefinition", "greengrass:UpdateResourceDefinition", "greengrass:UpdateSubscriptionDefinition", "greengrass:UpdateThingRuntimeConfiguration", "iam:ListAttachedRolePolicies", "iot:CreatePolicy", "iot:GetThingShadow", "iot:CreateKeysAndCertificate", "iot:ListThings", "iot:UpdateThingShadow", "iot:CreateCertificateFromCsr", "iot-device-tester:SendMetrics", "iot-device-tester:SupportedVersion", "iot-device-tester:LatestIdt", "iot-device-tester:CheckVersion", "iot-device-tester:DownloadTestSuite", "iot:DetachThingPrincipal", "iot:AttachThingPrincipal", "s3:PutObject", "s3:DeleteObjectVersion", "s3:ListBucketVersions", "s3:CreateBucket", "s3:DeleteObject", "s3:DeleteBucket" ], "malformed": false, "name": "AWSIoTDeviceTesterForGreengrassFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-06-25T17:01:56+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSDataExchangeSubscriberFullAccess", "createdate": "2021-11-29T23:00:06Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "dataexchange:GetAsset", "dataexchange:GetDataSet", "dataexchange:GetEventAction", "dataexchange:GetJob", "dataexchange:GetRevision", "dataexchange:ListDataSetRevisions", "dataexchange:ListDataSets", "dataexchange:ListEventActions", "dataexchange:ListJobs", "dataexchange:ListRevisionAssets", "dataexchange:ListTagsForResource", "dataexchange:CreateJob", "dataexchange:StartJob", "dataexchange:CancelJob", "dataexchange:CreateEventAction", "dataexchange:UpdateEventAction", "dataexchange:DeleteEventAction", "dataexchange:SendApiAsset", "s3:GetObject", "s3:GetBucketLocation", "s3:ListBucket", "s3:ListAllMyBuckets", "aws-marketplace:Subscribe", "aws-marketplace:Unsubscribe", "aws-marketplace:ViewSubscriptions", "aws-marketplace:GetAgreementRequest", "aws-marketplace:ListAgreementRequests", "aws-marketplace:CancelAgreementRequest", "kms:DescribeKey", "kms:ListAliases", "kms:ListKeys" ], "malformed": false, "name": "AWSDataExchangeSubscriberFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-11-29T23:00:06+00:00", "version": "v6" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/BatchServiceRolePolicy", "createdate": "2023-12-05T22:52:40Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeAccountAttributes", "ec2:DescribeInstances", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceAttribute", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "ec2:DescribeKeyPairs", "ec2:DescribeImages", "ec2:DescribeImageAttribute", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeVpcClassicLink", "ec2:DescribeLaunchTemplateVersions", "ec2:RequestSpotFleet", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeScalingActivities", "eks:DescribeCluster", "ecs:DescribeClusters", "ecs:DescribeContainerInstances", "ecs:DescribeTaskDefinition", "ecs:DescribeTasks", "ecs:ListClusters", "ecs:ListContainerInstances", "ecs:ListTaskDefinitionFamilies", "ecs:ListTaskDefinitions", "ecs:ListTasks", "ecs:DeregisterTaskDefinition", "ecs:TagResource", "ecs:ListAccountSettings", "logs:DescribeLogGroups", "iam:GetInstanceProfile", "iam:GetRole", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "autoscaling:CreateOrUpdateTags", "iam:PassRole", "iam:CreateServiceLinkedRole", "ec2:CreateLaunchTemplate", "ec2:TerminateInstances", "ec2:CancelSpotFleetRequests", "ec2:ModifySpotFleetRequest", "ec2:DeleteLaunchTemplate", "autoscaling:CreateLaunchConfiguration", "autoscaling:DeleteLaunchConfiguration", "autoscaling:CreateAutoScalingGroup", "autoscaling:UpdateAutoScalingGroup", "autoscaling:SetDesiredCapacity", "autoscaling:DeleteAutoScalingGroup", "autoscaling:SuspendProcesses", "autoscaling:PutNotificationConfiguration", "autoscaling:TerminateInstanceInAutoScalingGroup", "ecs:DeleteCluster", "ecs:DeregisterContainerInstance", "ecs:RunTask", "ecs:StartTask", "ecs:StopTask", "ecs:RunTask", "ecs:StartTask", "ecs:StopTask", "ecs:StopTask", "ecs:CreateCluster", "ecs:RegisterTaskDefinition", "ec2:RunInstances", "ec2:RunInstances", "ec2:CreateTags" ], "malformed": false, "name": "BatchServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-05T22:52:40+00:00", "version": "v7" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSVendorInsightsAssessorReadOnly", "createdate": "2022-12-01T00:55:16Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "vendor-insights:ListEntitledSecurityProfiles", "vendor-insights:GetEntitledSecurityProfileSnapshot", "vendor-insights:ListEntitledSecurityProfileSnapshots", "artifact:GetReport", "artifact:GetReportMetadata", "artifact:GetTermForReport", "artifact:ListReports" ], "malformed": false, "name": "AWSVendorInsightsAssessorReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-12-01T00:55:16+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": null, "createdate": "2019-05-10T21:38:33Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [ "organizations:ListAccounts", "organizations:ListAccountsForParent", "organizations:ListChildren", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListRoots", "organizations:ListParents", "organizations:DisableAWSServiceAccess" ], "malformed": false, "name": "TagPoliciesServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/SecurityLakeServiceLinkedRole", "createdate": "2024-04-19T16:00:05Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:ListAccounts", "organizations:DescribeOrganization", "organizations:DescribeAccount", "cloudtrail:CreateServiceLinkedChannel", "cloudtrail:DeleteServiceLinkedChannel", "cloudtrail:GetServiceLinkedChannel", "cloudtrail:UpdateServiceLinkedChannel", "cloudtrail:ListServiceLinkedChannels", "ec2:DescribeVpcs", "organizations:ListDelegatedAdministrators", "wafv2:PutLoggingConfiguration", "wafv2:GetLoggingConfiguration", "wafv2:ListLoggingConfigurations", "wafv2:DeleteLoggingConfiguration", "wafv2:PutLoggingConfiguration", "wafv2:ListWebACLs", "logs:CreateLogDelivery", "logs:DeleteLogDelivery" ], "malformed": false, "name": "SecurityLakeServiceLinkedRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-19T16:00:05+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSDeepRacerRoboMakerAccessPolicy", "createdate": "2019-02-28T21:59:58Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "robomaker:BatchDeleteWorlds", "robomaker:BatchDescribeSimulationJob", "robomaker:CancelDeploymentJob", "robomaker:CancelSimulationJob", "robomaker:CancelSimulationJobBatch", "robomaker:CancelWorldExportJob", "robomaker:CancelWorldGenerationJob", "robomaker:CreateDeploymentJob", "robomaker:CreateFleet", "robomaker:CreateRobot", "robomaker:CreateRobotApplication", "robomaker:CreateRobotApplicationVersion", "robomaker:CreateSimulationApplication", "robomaker:CreateSimulationApplicationVersion", "robomaker:CreateSimulationJob", "robomaker:CreateWorldExportJob", "robomaker:CreateWorldGenerationJob", "robomaker:CreateWorldTemplate", "robomaker:DeleteFleet", "robomaker:DeleteRobot", "robomaker:DeleteRobotApplication", "robomaker:DeleteSimulationApplication", "robomaker:DeleteWorldTemplate", "robomaker:DeregisterRobot", "robomaker:DescribeDeploymentJob", "robomaker:DescribeFleet", "robomaker:DescribeRobot", "robomaker:DescribeRobotApplication", "robomaker:DescribeSimulationApplication", "robomaker:DescribeSimulationJob", "robomaker:DescribeSimulationJobBatch", "robomaker:DescribeWorld", "robomaker:DescribeWorldExportJob", "robomaker:DescribeWorldGenerationJob", "robomaker:DescribeWorldTemplate", "robomaker:GetWorldTemplateBody", "robomaker:ListDeploymentJobs", "robomaker:ListFleets", "robomaker:ListRobotApplications", "robomaker:ListRobots", "robomaker:ListSimulationApplications", "robomaker:ListSimulationJobBatches", "robomaker:ListSimulationJobs", "robomaker:ListSupportedAvailabilityZones", "robomaker:ListTagsForResource", "robomaker:ListWorldExportJobs", "robomaker:ListWorldGenerationJobs", "robomaker:ListWorldTemplates", "robomaker:ListWorlds", "robomaker:RegisterRobot", "robomaker:RestartSimulationJob", "robomaker:StartSimulationJobBatch", "robomaker:SyncDeploymentJob", "robomaker:TagResource", "robomaker:UntagResource", "robomaker:UpdateRobotApplication", "robomaker:UpdateRobotDeployment", "robomaker:UpdateSimulationApplication", "robomaker:UpdateWorldTemplate", "cloudwatch:PutMetricData", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterface", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "ec2:DescribeVpcs", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DescribeLogStreams", "logs:PutLogEvents", "s3:GetObject", "s3:GetBucketLocation", "s3:ListBucket", "s3:ListAllMyBuckets", "s3:PutObject", "s3:GetObject", "kinesisvideo:CreateStream", "kinesisvideo:DescribeStream", "kinesisvideo:GetDataEndpoint", "kinesisvideo:PutMedia", "kinesisvideo:TagStream" ], "malformed": false, "name": "AWSDeepRacerRoboMakerAccessPolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-02-28T21:59:58+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": null, "createdate": "2023-04-03T20:40:05Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [ "proton:GetService", "proton:UpdateService", "proton:UpdateServicePipeline", "proton:GetServiceInstance", "proton:CreateServiceInstance", "proton:UpdateServiceInstance", "proton:ListServiceInstances", "proton:GetComponent", "proton:CreateComponent", "proton:ListComponents", "proton:UpdateComponent", "proton:GetEnvironment", "proton:CreateEnvironment", "proton:ListEnvironments", "proton:UpdateEnvironment" ], "malformed": false, "name": "AWSProtonServiceSyncServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v1" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonMCSReadOnlyAccess", "createdate": "2020-04-17T19:21:34Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cassandra:Select", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingActivities", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:DescribeScheduledActions", "cloudwatch:DescribeAlarms" ], "malformed": false, "name": "AmazonMCSReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-04-17T19:21:34+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSXrayFullAccess", "createdate": "2024-04-11T17:07:36Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "xray:BatchGetTraceSummaryById", "xray:BatchGetTraces", "xray:CreateGroup", "xray:CreateSamplingRule", "xray:DeleteGroup", "xray:DeleteResourcePolicy", "xray:DeleteSamplingRule", "xray:GetDistinctTraceGraphs", "xray:GetEncryptionConfig", "xray:GetGroup", "xray:GetGroups", "xray:GetInsight", "xray:GetInsightEvents", "xray:GetInsightImpactGraph", "xray:GetInsightSummaries", "xray:GetSamplingRules", "xray:GetSamplingStatisticSummaries", "xray:GetSamplingTargets", "xray:GetServiceGraph", "xray:GetTimeSeriesServiceStatistics", "xray:GetTraceGraph", "xray:GetTraceSummaries", "xray:Link", "xray:ListResourcePolicies", "xray:ListTagsForResource", "xray:PutEncryptionConfig", "xray:PutResourcePolicy", "xray:PutTelemetryRecords", "xray:PutTraceSegments", "xray:TagResource", "xray:UntagResource", "xray:UpdateGroup", "xray:UpdateSamplingRule" ], "malformed": false, "name": "AWSXrayFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-11T17:07:36+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonPrometheusScraperServiceRolePolicy", "createdate": "2023-11-26T14:19:52Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:DeleteRole", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "ec2:CreateNetworkInterface", "ec2:CreateTags", "ec2:DeleteNetworkInterface", "ec2:ModifyNetworkInterfaceAttribute", "eks:DescribeCluster", "aps:RemoteWrite" ], "malformed": false, "name": "AmazonPrometheusScraperServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-26T14:19:52+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonPrometheusRemoteWriteAccess", "createdate": "2020-12-19T01:04:32Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "aps:RemoteWrite" ], "malformed": false, "name": "AmazonPrometheusRemoteWriteAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-19T01:04:32+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSElementalMediaTailorFullAccess", "createdate": "2021-11-23T00:04:39Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mediatailor:ConfigureLogsForChannel", "mediatailor:ConfigureLogsForPlaybackConfiguration", "mediatailor:CreateChannel", "mediatailor:CreateLiveSource", "mediatailor:CreatePrefetchSchedule", "mediatailor:CreateProgram", "mediatailor:CreateSourceLocation", "mediatailor:CreateVodSource", "mediatailor:DeleteChannel", "mediatailor:DeleteChannelPolicy", "mediatailor:DeleteLiveSource", "mediatailor:DeletePlaybackConfiguration", "mediatailor:DeletePrefetchSchedule", "mediatailor:DeleteProgram", "mediatailor:DeleteSourceLocation", "mediatailor:DeleteVodSource", "mediatailor:DescribeChannel", "mediatailor:DescribeLiveSource", "mediatailor:DescribeProgram", "mediatailor:DescribeSourceLocation", "mediatailor:DescribeVodSource", "mediatailor:GetChannelPolicy", "mediatailor:GetChannelSchedule", "mediatailor:GetPlaybackConfiguration", "mediatailor:GetPrefetchSchedule", "mediatailor:ListAlerts", "mediatailor:ListChannels", "mediatailor:ListLiveSources", "mediatailor:ListPlaybackConfigurations", "mediatailor:ListPrefetchSchedules", "mediatailor:ListSourceLocations", "mediatailor:ListTagsForResource", "mediatailor:ListVodSources", "mediatailor:PutChannelPolicy", "mediatailor:PutPlaybackConfiguration", "mediatailor:StartChannel", "mediatailor:StopChannel", "mediatailor:TagResource", "mediatailor:UntagResource", "mediatailor:UpdateChannel", "mediatailor:UpdateLiveSource", "mediatailor:UpdateProgram", "mediatailor:UpdateSourceLocation", "mediatailor:UpdateVodSource" ], "malformed": false, "name": "AWSElementalMediaTailorFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-11-23T00:04:39+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSMediaConnectServicePolicy", "createdate": "2023-04-03T22:11:40Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ecs:UpdateService", "ecs:DeleteService", "ecs:CreateService", "ecs:DescribeServices", "ecs:PutAttributes", "ecs:DeleteAttributes", "ecs:RunTask", "ecs:ListTasks", "ecs:StartTask", "ecs:StopTask", "ecs:DescribeTasks", "ecs:DescribeContainerInstances", "ecs:UpdateContainerInstancesState", "ecs:CreateCluster", "ecs:RegisterTaskDefinition", "ecs:UpdateCluster", "ecs:UpdateClusterSettings", "ecs:ListAttributes", "ecs:DescribeClusters", "ecs:DeregisterContainerInstance", "ecs:ListContainerInstances" ], "malformed": false, "name": "AWSMediaConnectServicePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-03T22:11:40+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/Health_OrganizationsServiceRolePolicy", "createdate": "2024-02-06T16:07:08Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:ListAccounts", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListDelegatedAdministrators", "organizations:DescribeOrganization", "organizations:DescribeAccount" ], "malformed": false, "name": "Health_OrganizationsServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-06T16:07:08+00:00", "version": "v4" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderReplaceDefaultPolicyMitigationAction", "createdate": "2019-08-07T17:04:57Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iot:CreatePolicyVersion" ], "malformed": false, "name": "AWSIoTDeviceDefenderReplaceDefaultPolicyMitigationAction", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-08-07T17:04:57+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/EC2ImageBuilderLifecycleExecutionPolicy", "createdate": "2023-11-16T23:23:09Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:EnableImage", "ec2:DeregisterImage", "ec2:EnableImageDeprecation", "ec2:DescribeImageAttribute", "ec2:DisableImage", "ec2:DisableImageDeprecation", "ec2:DeleteSnapshot", "ec2:DeleteTags", "ec2:CreateTags", "ecr:BatchGetImage", "ecr:BatchDeleteImage", "ec2:DescribeImages", "tag:GetResources", "imagebuilder:DeleteImage" ], "malformed": false, "name": "EC2ImageBuilderLifecycleExecutionPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-16T23:23:09+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSSupportServiceRolePolicy", "createdate": "2024-03-25T16:28:02Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "apigateway:GET", "iam:DeleteRole", "access-analyzer:GetAccessPreview", "access-analyzer:GetAnalyzedResource", "access-analyzer:GetAnalyzer", "access-analyzer:GetArchiveRule", "access-analyzer:GetFinding", "access-analyzer:GetGeneratedPolicy", "access-analyzer:ListAccessPreviewFindings", "access-analyzer:ListAccessPreviews", "access-analyzer:ListAnalyzedResources", "access-analyzer:ListAnalyzers", "access-analyzer:ListArchiveRules", "access-analyzer:ListFindings", "access-analyzer:ListPolicyGenerations", "acm-pca:DescribeCertificateAuthority", "acm-pca:DescribeCertificateAuthorityAuditReport", "acm-pca:GetCertificate", "acm-pca:GetCertificateAuthorityCertificate", "acm-pca:GetCertificateAuthorityCsr", "acm-pca:ListCertificateAuthorities", "acm-pca:ListTags", "acm:DescribeCertificate", "acm:GetAccountConfiguration", "acm:GetCertificate", "acm:ListCertificates", "acm:ListTagsForCertificate", "airflow:GetEnvironment", "airflow:ListEnvironments", "airflow:ListTagsForResource", "amplify:GetApp", "amplify:GetBackendEnvironment", "amplify:GetBranch", "amplify:GetDomainAssociation", "amplify:GetJob", "amplify:GetWebHook", "amplify:ListApps", "amplify:ListBackendEnvironments", "amplify:ListBranches", "amplify:ListDomainAssociations", "amplify:ListWebHooks", "amplifyuibuilder:ExportComponents", "amplifyuibuilder:ExportThemes", "appflow:DescribeConnectorEntity", "appflow:DescribeConnectorProfiles", "appflow:DescribeConnectors", "appflow:DescribeFlow", "appflow:DescribeFlowExecutionRecords", "appflow:ListConnectorEntities", "appflow:ListFlows", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingActivities", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:DescribeScheduledActions", "applicationinsights:DescribeApplication", "applicationinsights:DescribeComponent", "applicationinsights:DescribeComponentConfiguration", "applicationinsights:DescribeComponentConfigurationRecommendation", "applicationinsights:DescribeLogPattern", "applicationinsights:DescribeObservation", "applicationinsights:DescribeProblem", "applicationinsights:DescribeProblemObservations", "applicationinsights:ListApplications", "applicationinsights:ListComponents", "applicationinsights:ListConfigurationHistory", "applicationinsights:ListLogPatterns", "applicationinsights:ListLogPatternSets", "applicationinsights:ListProblems", "appmesh:DescribeGatewayRoute", "appmesh:DescribeMesh", "appmesh:DescribeRoute", "appmesh:DescribeVirtualGateway", "appmesh:DescribeVirtualNode", "appmesh:DescribeVirtualRouter", "appmesh:DescribeVirtualService", "appmesh:ListGatewayRoutes", "appmesh:ListMeshes", "appmesh:ListRoutes", "appmesh:ListTagsForResource", "appmesh:ListVirtualGateways", "appmesh:ListVirtualNodes", "appmesh:ListVirtualRouters", "appmesh:ListVirtualServices", "apprunner:DescribeAutoScalingConfiguration", "apprunner:DescribeCustomDomains", "apprunner:DescribeOperation", "apprunner:DescribeService", "apprunner:ListAutoScalingConfigurations", "apprunner:ListConnections", "apprunner:ListOperations", "apprunner:ListServices", "apprunner:ListTagsForResource", "appstream:DescribeAppBlockBuilderAppBlockAssociations", "appstream:DescribeAppBlockBuilders", "appstream:DescribeAppBlocks", "appstream:DescribeApplicationFleetAssociations", "appstream:DescribeApplications", "appstream:DescribeDirectoryConfigs", "appstream:DescribeEntitlements", "appstream:DescribeFleets", "appstream:DescribeImageBuilders", "appstream:DescribeImagePermissions", "appstream:DescribeImages", "appstream:DescribeSessions", "appstream:DescribeStacks", "appstream:DescribeUsageReportSubscriptions", "appstream:DescribeUsers", "appstream:DescribeUserStackAssociations", "appstream:ListAssociatedFleets", "appstream:ListAssociatedStacks", "appstream:ListEntitledApplications", "appstream:ListTagsForResource", "appsync:GetApiAssociation", "appsync:GetApiCache", "appsync:GetDomainName", "appsync:GetFunction", "appsync:GetGraphqlApi", "appsync:GetIntrospectionSchema", "appsync:GetResolver", "appsync:GetSchemaCreationStatus", "appsync:GetSourceApiAssociation", "appsync:GetType", "appsync:ListDataSources", "appsync:ListDomainNames", "appsync:ListFunctions", "appsync:ListGraphqlApis", "appsync:ListResolvers", "appsync:ListResolversByFunction", "appsync:ListSourceApiAssociations", "appsync:ListTypes", "appsync:ListTypesByAssociation", "aps:DescribeAlertManagerDefinition", "aps:DescribeRuleGroupsNamespace", "aps:DescribeScraper", "aps:DescribeWorkspace", "aps:ListRuleGroupsNamespaces", "aps:ListScrapers", "aps:ListWorkspaces", "athena:BatchGetNamedQuery", "athena:BatchGetQueryExecution", "athena:GetCalculationExecution", "athena:GetCalculationExecutionStatus", "athena:GetDataCatalog", "athena:GetNamedQuery", "athena:GetNotebookMetadata", "athena:GetQueryExecution", "athena:GetQueryRuntimeStatistics", "athena:GetSession", "athena:GetSessionStatus", "athena:GetWorkGroup", "athena:ListApplicationDPUSizes", "athena:ListCalculationExecutions", "athena:ListDataCatalogs", "athena:ListEngineVersions", "athena:ListExecutors", "athena:ListNamedQueries", "athena:ListNotebookMetadata", "athena:ListNotebookSessions", "athena:ListQueryExecutions", "athena:ListSessions", "athena:ListTagsForResource", "athena:ListWorkGroups", "auditmanager:GetAccountStatus", "auditmanager:GetDelegations", "auditmanager:ListAssessmentFrameworks", "auditmanager:ListAssessmentReports", "auditmanager:ListAssessments", "auditmanager:ListControls", "auditmanager:ListKeywordsForDataSource", "auditmanager:ListNotifications", "autoscaling-plans:DescribeScalingPlanResources", "autoscaling-plans:DescribeScalingPlans", "autoscaling-plans:GetScalingPlanResourceForecastData", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeWarmPool", "backup:DescribeBackupJob", "backup:DescribeBackupVault", "backup:DescribeCopyJob", "backup:DescribeFramework", "backup:DescribeGlobalSettings", "backup:DescribeProtectedResource", "backup:DescribeRecoveryPoint", "backup:DescribeRegionSettings", "backup:DescribeReportJob", "backup:DescribeReportPlan", "backup:DescribeRestoreJob", "backup:GetBackupPlan", "backup:GetBackupPlanFromJSON", "backup:GetBackupPlanFromTemplate", "backup:GetBackupSelection", "backup:GetBackupVaultAccessPolicy", "backup:GetBackupVaultNotifications", "backup:GetLegalHold", "backup:GetRecoveryPointRestoreMetadata", "backup:GetSupportedResourceTypes", "backup:ListBackupJobs", "backup:ListBackupPlans", "backup:ListBackupPlanTemplates", "backup:ListBackupPlanVersions", "backup:ListBackupSelections", "backup:ListBackupVaults", "backup:ListCopyJobs", "backup:ListFrameworks", "backup:ListLegalHolds", "backup:ListProtectedResources", "backup:ListRecoveryPointsByBackupVault", "backup:ListRecoveryPointsByLegalHold", "backup:ListRecoveryPointsByResource", "backup:ListReportJobs", "backup:ListReportPlans", "backup:ListRestoreJobs", "backup:ListTags", "backup-gateway:GetGateway", "backup-gateway:GetHypervisor", "backup-gateway:GetHypervisorPropertyMappings", "backup-gateway:GetVirtualMachine", "backup-gateway:ListGateways", "backup-gateway:ListHypervisors", "backup-gateway:ListVirtualMachines", "batch:DescribeComputeEnvironments", "batch:DescribeJobDefinitions", "batch:DescribeJobQueues", "batch:DescribeJobs", "batch:ListJobs", "braket:GetDevice", "braket:GetQuantumTask", "braket:SearchDevices", "braket:SearchQuantumTasks", "budgets:ViewBudget", "ce:GetCostAndUsage", "ce:GetCostAndUsageWithResources", "ce:GetCostForecast", "ce:GetDimensionValues", "ce:GetReservationCoverage", "ce:GetReservationPurchaseRecommendation", "ce:GetReservationUtilization", "ce:GetRightsizingRecommendation", "ce:GetSavingsPlansCoverage", "ce:GetSavingsPlansPurchaseRecommendation", "ce:GetSavingsPlansUtilization", "ce:GetSavingsPlansUtilizationDetails", "ce:GetTags", "chime:DescribeAppInstance", "chime:GetAttendee", "chime:GetGlobalSettings", "chime:GetMediaCapturePipeline", "chime:GetMediaPipeline", "chime:GetMeeting", "chime:GetProxySession", "chime:GetSipMediaApplication", "chime:GetSipRule", "chime:GetVoiceConnector", "chime:GetVoiceConnectorGroup", "chime:GetVoiceConnectorLoggingConfiguration", "chime:ListAppInstances", "chime:ListAttendees", "chime:ListChannelBans", "chime:ListChannels", "chime:ListChannelsModeratedByAppInstanceUser", "chime:ListMediaCapturePipelines", "chime:ListMediaPipelines", "chime:ListMeetings", "chime:ListSipMediaApplications", "chime:ListSipRules", "chime:ListVoiceConnectorGroups", "chime:ListVoiceConnectors", "cleanrooms:BatchGetCollaborationAnalysisTemplate", "cleanrooms:BatchGetSchema", "cleanrooms:GetAnalysisTemplate", "cleanrooms:GetCollaboration", "cleanrooms:GetCollaborationAnalysisTemplate", "cleanrooms:GetConfiguredTable", "cleanrooms:GetConfiguredTableAssociation", "cleanrooms:GetMembership", "cleanrooms:GetSchema", "cleanrooms:ListAnalysisTemplates", "cleanrooms:ListCollaborationAnalysisTemplates", "cleanrooms:ListCollaborations", "cleanrooms:ListConfiguredTableAssociations", "cleanrooms:ListConfiguredTables", "cleanrooms:ListMembers", "cleanrooms:ListMemberships", "cleanrooms:ListSchemas", "cloud9:DescribeEnvironmentMemberships", "cloud9:DescribeEnvironments", "cloud9:ListEnvironments", "clouddirectory:GetDirectory", "clouddirectory:ListDirectories", "cloudformation:BatchDescribeTypeConfigurations", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeChangeSet", "cloudformation:DescribeChangeSetHooks", "cloudformation:DescribePublisher", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResources", "cloudformation:DescribeStacks", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeType", "cloudformation:DescribeTypeRegistration", "cloudformation:EstimateTemplateCost", "cloudformation:GetStackPolicy", "cloudformation:GetTemplate", "cloudformation:GetTemplateSummary", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListImports", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStacks", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypes", "cloudformation:ListTypeVersions", "cloudfront:DescribeFunction", "cloudfront:GetCachePolicy", "cloudfront:GetCachePolicyConfig", "cloudfront:GetCloudFrontOriginAccessIdentity", "cloudfront:GetCloudFrontOriginAccessIdentityConfig", "cloudfront:GetContinuousDeploymentPolicy", "cloudfront:GetContinuousDeploymentPolicyConfig", "cloudfront:GetDistribution", "cloudfront:GetDistributionConfig", "cloudfront:GetInvalidation", "cloudfront:GetKeyGroup", "cloudfront:GetKeyGroupConfig", "cloudfront:GetMonitoringSubscription", "cloudfront:GetOriginAccessControl", "cloudfront:GetOriginAccessControlConfig", "cloudfront:GetOriginRequestPolicy", "cloudfront:GetOriginRequestPolicyConfig", "cloudfront:GetPublicKey", "cloudfront:GetPublicKeyConfig", "cloudfront:GetRealtimeLogConfig", "cloudfront:GetStreamingDistribution", "cloudfront:GetStreamingDistributionConfig", "cloudfront:ListCachePolicies", "cloudfront:ListCloudFrontOriginAccessIdentities", "cloudfront:ListContinuousDeploymentPolicies", "cloudfront:ListDistributions", "cloudfront:ListDistributionsByCachePolicyId", "cloudfront:ListDistributionsByKeyGroup", "cloudfront:ListDistributionsByOriginRequestPolicyId", "cloudfront:ListDistributionsByRealtimeLogConfig", "cloudfront:ListDistributionsByResponseHeadersPolicyId", "cloudfront:ListDistributionsByWebACLId", "cloudfront:ListFunctions", "cloudfront:ListInvalidations", "cloudfront:ListKeyGroups", "cloudfront:ListOriginAccessControls", "cloudfront:ListOriginRequestPolicies", "cloudfront:ListPublicKeys", "cloudfront:ListRealtimeLogConfigs", "cloudfront:ListStreamingDistributions", "cloudhsm:DescribeBackups", "cloudhsm:DescribeClusters", "cloudsearch:DescribeAnalysisSchemes", "cloudsearch:DescribeAvailabilityOptions", "cloudsearch:DescribeDomains", "cloudsearch:DescribeExpressions", "cloudsearch:DescribeIndexFields", "cloudsearch:DescribeScalingParameters", "cloudsearch:DescribeServiceAccessPolicies", "cloudsearch:DescribeSuggesters", "cloudsearch:ListDomainNames", "cloudtrail:DescribeTrails", "cloudtrail:GetEventSelectors", "cloudtrail:GetInsightSelectors", "cloudtrail:GetTrail", "cloudtrail:GetTrailStatus", "cloudtrail:ListPublicKeys", "cloudtrail:ListTags", "cloudtrail:ListTrails", "cloudtrail:LookupEvents", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetrics", "cloudwatch:ListMetricStreams", "codeartifact:DescribeDomain", "codeartifact:DescribePackageVersion", "codeartifact:DescribeRepository", "codeartifact:GetDomainPermissionsPolicy", "codeartifact:GetRepositoryEndpoint", "codeartifact:GetRepositoryPermissionsPolicy", "codeartifact:ListDomains", "codeartifact:ListPackages", "codeartifact:ListPackageVersionAssets", "codeartifact:ListPackageVersions", "codeartifact:ListRepositories", "codeartifact:ListRepositoriesInDomain", "codebuild:BatchGetBuildBatches", "codebuild:BatchGetBuilds", "codebuild:BatchGetProjects", "codebuild:ListBuildBatches", "codebuild:ListBuildBatchesForProject", "codebuild:ListBuilds", "codebuild:ListBuildsForProject", "codebuild:ListCuratedEnvironmentImages", "codebuild:ListProjects", "codebuild:ListSourceCredentials", "codecommit:BatchGetRepositories", "codecommit:GetBranch", "codecommit:GetRepository", "codecommit:GetRepositoryTriggers", "codecommit:ListBranches", "codecommit:ListRepositories", "codedeploy:BatchGetApplicationRevisions", "codedeploy:BatchGetApplications", "codedeploy:BatchGetDeploymentGroups", "codedeploy:BatchGetDeploymentInstances", "codedeploy:BatchGetDeployments", "codedeploy:BatchGetDeploymentTargets", "codedeploy:BatchGetOnPremisesInstances", "codedeploy:GetApplication", "codedeploy:GetApplicationRevision", "codedeploy:GetDeployment", "codedeploy:GetDeploymentConfig", "codedeploy:GetDeploymentGroup", "codedeploy:GetDeploymentInstance", "codedeploy:GetDeploymentTarget", "codedeploy:GetOnPremisesInstance", "codedeploy:ListApplicationRevisions", "codedeploy:ListApplications", "codedeploy:ListDeploymentConfigs", "codedeploy:ListDeploymentGroups", "codedeploy:ListDeploymentInstances", "codedeploy:ListDeployments", "codedeploy:ListDeploymentTargets", "codedeploy:ListGitHubAccountTokenNames", "codedeploy:ListOnPremisesInstances", "codepipeline:GetJobDetails", "codepipeline:GetPipeline", "codepipeline:GetPipelineExecution", "codepipeline:GetPipelineState", "codepipeline:ListActionExecutions", "codepipeline:ListActionTypes", "codepipeline:ListPipelineExecutions", "codepipeline:ListPipelines", "codepipeline:ListWebhooks", "codestar:DescribeProject", "codestar:ListProjects", "codestar:ListResources", "codestar:ListTeamMembers", "codestar:ListUserProfiles", "codestar-connections:GetConnection", "codestar-connections:GetHost", "codestar-connections:ListConnections", "codestar-connections:ListHosts", "cognito-identity:DescribeIdentityPool", "cognito-identity:GetIdentityPoolRoles", "cognito-identity:ListIdentities", "cognito-identity:ListIdentityPools", "cognito-idp:DescribeIdentityProvider", "cognito-idp:DescribeResourceServer", "cognito-idp:DescribeRiskConfiguration", "cognito-idp:DescribeUserImportJob", "cognito-idp:DescribeUserPool", "cognito-idp:DescribeUserPoolClient", "cognito-idp:DescribeUserPoolDomain", "cognito-idp:GetGroup", "cognito-idp:GetUICustomization", "cognito-idp:GetUserPoolMfaConfig", "cognito-idp:ListGroups", "cognito-idp:ListIdentityProviders", "cognito-idp:ListResourceServers", "cognito-idp:ListUserImportJobs", "cognito-idp:ListUserPoolClients", "cognito-idp:ListUserPools", "cognito-sync:DescribeDataset", "cognito-sync:DescribeIdentityPoolUsage", "cognito-sync:DescribeIdentityUsage", "cognito-sync:GetCognitoEvents", "cognito-sync:GetIdentityPoolConfiguration", "cognito-sync:ListDatasets", "cognito-sync:ListIdentityPoolUsage", "comprehend:DescribeDocumentClassificationJob", "comprehend:DescribeDocumentClassifier", "comprehend:DescribeDominantLanguageDetectionJob", "comprehend:DescribeEndpoint", "comprehend:DescribeEntitiesDetectionJob", "comprehend:DescribeEntityRecognizer", "comprehend:DescribeEventsDetectionJob", "comprehend:DescribeFlywheel", "comprehend:DescribeFlywheelIteration", "comprehend:DescribeKeyPhrasesDetectionJob", "comprehend:DescribePiiEntitiesDetectionJob", "comprehend:DescribeSentimentDetectionJob", "comprehend:DescribeTargetedSentimentDetectionJob", "comprehend:DescribeTopicsDetectionJob", "comprehend:ListDocumentClassificationJobs", "comprehend:ListDocumentClassifiers", "comprehend:ListDominantLanguageDetectionJobs", "comprehend:ListEndpoints", "comprehend:ListEntitiesDetectionJobs", "comprehend:ListEntityRecognizers", "comprehend:ListEventsDetectionJobs", "comprehend:ListFlywheelIterationHistory", "comprehend:ListFlywheels", "comprehend:ListKeyPhrasesDetectionJobs", "comprehend:ListPiiEntitiesDetectionJobs", "comprehend:ListSentimentDetectionJobs", "comprehend:ListTargetedSentimentDetectionJobs", "comprehend:ListTopicsDetectionJobs", "compute-optimizer:GetAutoScalingGroupRecommendations", "compute-optimizer:GetEBSVolumeRecommendations", "compute-optimizer:GetEC2InstanceRecommendations", "compute-optimizer:GetEC2RecommendationProjectedMetrics", "compute-optimizer:GetECSServiceRecommendations", "compute-optimizer:GetECSServiceRecommendationProjectedMetrics", "compute-optimizer:GetEnrollmentStatus", "compute-optimizer:GetRecommendationSummaries", "config:BatchGetAggregateResourceConfig", "config:BatchGetResourceConfig", "config:DescribeAggregateComplianceByConfigRules", "config:DescribeAggregationAuthorizations", "config:DescribeComplianceByConfigRule", "config:DescribeComplianceByResource", "config:DescribeConfigRuleEvaluationStatus", "config:DescribeConfigRules", "config:DescribeConfigurationAggregators", "config:DescribeConfigurationAggregatorSourcesStatus", "config:DescribeConfigurationRecorders", "config:DescribeConfigurationRecorderStatus", "config:DescribeConformancePackCompliance", "config:DescribeConformancePacks", "config:DescribeConformancePackStatus", "config:DescribeDeliveryChannels", "config:DescribeDeliveryChannelStatus", "config:DescribeOrganizationConfigRules", "config:DescribeOrganizationConfigRuleStatuses", "config:DescribeOrganizationConformancePacks", "config:DescribeOrganizationConformancePackStatuses", "config:DescribePendingAggregationRequests", "config:DescribeRemediationConfigurations", "config:DescribeRemediationExceptions", "config:DescribeRemediationExecutionStatus", "config:DescribeRetentionConfigurations", "config:GetAggregateComplianceDetailsByConfigRule", "config:GetAggregateConfigRuleComplianceSummary", "config:GetAggregateDiscoveredResourceCounts", "config:GetAggregateResourceConfig", "config:GetComplianceDetailsByConfigRule", "config:GetComplianceDetailsByResource", "config:GetComplianceSummaryByConfigRule", "config:GetComplianceSummaryByResourceType", "config:GetConformancePackComplianceDetails", "config:GetConformancePackComplianceSummary", "config:GetDiscoveredResourceCounts", "config:GetOrganizationConfigRuleDetailedStatus", "config:GetOrganizationConformancePackDetailedStatus", "config:GetResourceConfigHistory", "config:ListAggregateDiscoveredResources", "config:ListDiscoveredResources", "config:ListTagsForResource", "connect:DescribeContact", "connect:DescribePhoneNumber", "connect:DescribeQuickConnect", "connect:DescribeUser", "connect:GetCurrentMetricData", "connect:GetMetricData", "connect:ListContactEvaluations", "connect:ListEvaluationForms", "connect:ListEvaluationFormVersions", "connect:ListPhoneNumbersV2", "connect:ListQuickConnects", "connect:ListRoutingProfiles", "connect:ListSecurityProfiles", "connect:ListUsers", "connect:ListViews", "connect:ListViewVersions", "controltower:DescribeAccountFactoryConfig", "controltower:DescribeCoreService", "controltower:DescribeGuardrail", "controltower:DescribeGuardrailForTarget", "controltower:DescribeManagedAccount", "controltower:DescribeSingleSignOn", "controltower:GetAvailableUpdates", "controltower:GetHomeRegion", "controltower:GetLandingZoneStatus", "controltower:ListDirectoryGroups", "controltower:ListGuardrailsForTarget", "controltower:ListGuardrailViolations", "controltower:ListManagedAccounts", "controltower:ListManagedAccountsForGuardrail", "controltower:ListManagedAccountsForParent", "controltower:ListManagedOrganizationalUnits", "controltower:ListManagedOrganizationalUnitsForGuardrail", "databrew:DescribeDataset", "databrew:DescribeJob", "databrew:DescribeProject", "databrew:DescribeRecipe", "databrew:ListDatasets", "databrew:ListJobRuns", "databrew:ListJobs", "databrew:ListProjects", "databrew:ListRecipes", "databrew:ListRecipeVersions", "databrew:ListTagsForResource", "datapipeline:DescribeObjects", "datapipeline:DescribePipelines", "datapipeline:GetPipelineDefinition", "datapipeline:ListPipelines", "datapipeline:QueryObjects", "datasync:DescribeAgent", "datasync:DescribeLocationEfs", "datasync:DescribeLocationFsxLustre", "datasync:DescribeLocationFsxOpenZfs", "datasync:DescribeLocationFsxWindows", "datasync:DescribeLocationHdfs", "datasync:DescribeLocationNfs", "datasync:DescribeLocationObjectStorage", "datasync:DescribeLocationS3", "datasync:DescribeLocationSmb", "datasync:DescribeTask", "datasync:DescribeTaskExecution", "datasync:ListAgents", "datasync:ListLocations", "datasync:ListTaskExecutions", "datasync:ListTasks", "dax:DescribeClusters", "dax:DescribeDefaultParameters", "dax:DescribeEvents", "dax:DescribeParameterGroups", "dax:DescribeParameters", "dax:DescribeSubnetGroups", "detective:GetMembers", "detective:ListGraphs", "detective:ListInvitations", "detective:ListMembers", "devicefarm:GetAccountSettings", "devicefarm:GetDevice", "devicefarm:GetDevicePool", "devicefarm:GetDevicePoolCompatibility", "devicefarm:GetJob", "devicefarm:GetProject", "devicefarm:GetRemoteAccessSession", "devicefarm:GetRun", "devicefarm:GetSuite", "devicefarm:GetTest", "devicefarm:GetTestGridProject", "devicefarm:GetTestGridSession", "devicefarm:GetUpload", "devicefarm:ListArtifacts", "devicefarm:ListDevicePools", "devicefarm:ListDevices", "devicefarm:ListJobs", "devicefarm:ListProjects", "devicefarm:ListRemoteAccessSessions", "devicefarm:ListRuns", "devicefarm:ListSamples", "devicefarm:ListSuites", "devicefarm:ListTestGridProjects", "devicefarm:ListTestGridSessionActions", "devicefarm:ListTestGridSessionArtifacts", "devicefarm:ListTestGridSessions", "devicefarm:ListTests", "devicefarm:ListUniqueProblems", "devicefarm:ListUploads", "directconnect:DescribeConnectionLoa", "directconnect:DescribeConnections", "directconnect:DescribeConnectionsOnInterconnect", "directconnect:DescribeCustomerMetadata", "directconnect:DescribeDirectConnectGatewayAssociationProposals", "directconnect:DescribeDirectConnectGatewayAssociations", "directconnect:DescribeDirectConnectGatewayAttachments", "directconnect:DescribeDirectConnectGateways", "directconnect:DescribeHostedConnections", "directconnect:DescribeInterconnectLoa", "directconnect:DescribeInterconnects", "directconnect:DescribeLags", "directconnect:DescribeLoa", "directconnect:DescribeLocations", "directconnect:DescribeRouterConfiguration", "directconnect:DescribeVirtualGateways", "directconnect:DescribeVirtualInterfaces", "dlm:GetLifecyclePolicies", "dlm:GetLifecyclePolicy", "dms:DescribeAccountAttributes", "dms:DescribeApplicableIndividualAssessments", "dms:DescribeConnections", "dms:DescribeEndpoints", "dms:DescribeEndpointSettings", "dms:DescribeEndpointTypes", "dms:DescribeEventCategories", "dms:DescribeEvents", "dms:DescribeEventSubscriptions", "dms:DescribeFleetAdvisorCollectors", "dms:DescribeFleetAdvisorDatabases", "dms:DescribeFleetAdvisorLsaAnalysis", "dms:DescribeFleetAdvisorSchemaObjectSummary", "dms:DescribeFleetAdvisorSchemas", "dms:DescribeOrderableReplicationInstances", "dms:DescribePendingMaintenanceActions", "dms:DescribeRefreshSchemasStatus", "dms:DescribeReplicationInstances", "dms:DescribeReplicationInstanceTaskLogs", "dms:DescribeReplicationSubnetGroups", "dms:DescribeReplicationTaskAssessmentResults", "dms:DescribeReplicationTaskAssessmentRuns", "dms:DescribeReplicationTaskIndividualAssessments", "dms:DescribeReplicationTasks", "dms:DescribeSchemas", "dms:DescribeTableStatistics", "docdb-elastic:GetCluster", "docdb-elastic:GetClusterSnapshot", "docdb-elastic:ListClusters", "docdb-elastic:ListClusterSnapshots", "drs:DescribeJobLogItems", "drs:DescribeJobs", "drs:DescribeLaunchConfigurationTemplates", "drs:DescribeRecoveryInstances", "drs:DescribeRecoverySnapshots", "drs:DescribeReplicationConfigurationTemplates", "drs:DescribeSourceNetworks", "drs:DescribeSourceServers", "drs:GetLaunchConfiguration", "drs:GetReplicationConfiguration", "drs:ListExtensibleSourceServers", "drs:ListLaunchActions", "drs:ListStagingAccounts", "ds:DescribeClientAuthenticationSettings", "ds:DescribeConditionalForwarders", "ds:DescribeDirectories", "ds:DescribeDomainControllers", "ds:DescribeEventTopics", "ds:DescribeLDAPSSettings", "ds:DescribeSharedDirectories", "ds:DescribeSnapshots", "ds:DescribeTrusts", "ds:GetDirectoryLimits", "ds:GetSnapshotLimits", "ds:ListIpRoutes", "ds:ListSchemaExtensions", "ds:ListTagsForResource", "dynamodb:DescribeBackup", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeContributorInsights", "dynamodb:DescribeExport", "dynamodb:DescribeGlobalTable", "dynamodb:DescribeImport", "dynamodb:DescribeKinesisStreamingDestination", "dynamodb:DescribeLimits", "dynamodb:DescribeStream", "dynamodb:DescribeTable", "dynamodb:DescribeTimeToLive", "dynamodb:ListBackups", "dynamodb:ListContributorInsights", "dynamodb:ListExports", "dynamodb:ListGlobalTables", "dynamodb:ListImports", "dynamodb:ListStreams", "dynamodb:ListTables", "dynamodb:ListTagsOfResource", "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAddressTransfers", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdentityIdFormat", "ec2:DescribeIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstances", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInternetGateways", "ec2:DescribeIpamPools", "ec2:DescribeIpams", "ec2:DescribeIpamScopes", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplates", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGateways", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGateways", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVolumeStatus", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:GetAssociatedIpv6PoolCidrs", "ec2:GetCapacityReservationUsage", "ec2:GetCoipPoolUsage", "ec2:GetConsoleOutput", "ec2:GetConsoleScreenshot", "ec2:GetDefaultCreditSpecification", "ec2:GetEbsDefaultKmsKeyId", "ec2:GetEbsEncryptionByDefault", "ec2:GetGroupsForCapacityReservation", "ec2:GetHostReservationPurchasePreview", "ec2:GetInstanceTypesFromInstanceRequirements", "ec2:GetIpamAddressHistory", "ec2:GetIpamPoolAllocations", "ec2:GetIpamPoolCidrs", "ec2:GetIpamResourceCidrs", "ec2:GetLaunchTemplateData", "ec2:GetManagedPrefixListAssociations", "ec2:GetManagedPrefixListEntries", "ec2:GetReservedInstancesExchangeQuote", "ec2:GetSerialConsoleAccessStatus", "ec2:GetSpotPlacementScores", "ec2:GetTransitGatewayMulticastDomainAssociations", "ec2:GetTransitGatewayPrefixListReferences", "ec2:GetVerifiedAccessEndpointPolicy", "ec2:GetVerifiedAccessGroupPolicy", "ec2:ListImagesInRecycleBin", "ec2:ListSnapshotsInRecycleBin", "ec2:SearchLocalGatewayRoutes", "ec2:SearchTransitGatewayMulticastGroups", "ec2:SearchTransitGatewayRoutes", "ecr-public:DescribeImages", "ecr-public:DescribeImageTags", "ecr-public:DescribeRegistries", "ecr-public:DescribeRepositories", "ecr-public:GetRegistryCatalogData", "ecr-public:GetRepositoryCatalogData", "ecr-public:GetRepositoryPolicy", "ecr-public:ListTagsForResource", "ecr:BatchCheckLayerAvailability", "ecr:BatchGetRepositoryScanningConfiguration", "ecr:DescribeImages", "ecr:DescribeImageReplicationStatus", "ecr:DescribeImageScanFindings", "ecr:DescribePullThroughCacheRules", "ecr:DescribeRegistry", "ecr:DescribeRepositories", "ecr:GetLifecyclePolicy", "ecr:GetLifecyclePolicyPreview", "ecr:GetRegistryPolicy", "ecr:GetRegistryScanningConfiguration", "ecr:GetRepositoryPolicy", "ecr:ListImages", "ecr:ListTagsForResource", "ecs:DescribeCapacityProviders", "ecs:DescribeClusters", "ecs:DescribeContainerInstances", "ecs:DescribeServices", "ecs:DescribeTaskDefinition", "ecs:DescribeTasks", "ecs:DescribeTaskSets", "ecs:GetTaskProtection", "ecs:ListAccountSettings", "ecs:ListAttributes", "ecs:ListClusters", "ecs:ListContainerInstances", "ecs:ListServices", "ecs:ListServicesByNamespace", "ecs:ListTagsForResource", "ecs:ListTaskDefinitionFamilies", "ecs:ListTaskDefinitions", "ecs:ListTasks", "eks:DescribeAccessEntry", "eks:DescribeAddon", "eks:DescribeAddonConfiguration", "eks:DescribeAddonVersions", "eks:DescribeCluster", "eks:DescribeEksAnywhereSubscription", "eks:DescribeFargateProfile", "eks:DescribeIdentityProviderConfig", "eks:DescribeNodegroup", "eks:DescribeUpdate", "eks:ListAccessEntries", "eks:ListAccessPolicies", "eks:ListAddons", "eks:ListAssociatedAccessPolicies", "eks:ListClusters", "eks:ListEksAnywhereSubscriptions", "eks:ListFargateProfiles", "eks:ListIdentityProviderConfigs", "eks:ListNodegroups", "eks:ListUpdates", "elasticache:DescribeCacheClusters", "elasticache:DescribeCacheEngineVersions", "elasticache:DescribeCacheParameterGroups", "elasticache:DescribeCacheParameters", "elasticache:DescribeCacheSecurityGroups", "elasticache:DescribeCacheSubnetGroups", "elasticache:DescribeEngineDefaultParameters", "elasticache:DescribeEvents", "elasticache:DescribeGlobalReplicationGroups", "elasticache:DescribeReplicationGroups", "elasticache:DescribeReservedCacheNodes", "elasticache:DescribeReservedCacheNodesOfferings", "elasticache:DescribeServerlessCaches", "elasticache:DescribeServerlessCacheSnapshots", "elasticache:DescribeServiceUpdates", "elasticache:DescribeSnapshots", "elasticache:DescribeUpdateActions", "elasticache:DescribeUserGroups", "elasticache:DescribeUsers", "elasticache:ListAllowedNodeTypeModifications", "elasticache:ListTagsForResource", "elasticbeanstalk:CheckDNSAvailability", "elasticbeanstalk:DescribeAccountAttributes", "elasticbeanstalk:DescribeApplicationVersions", "elasticbeanstalk:DescribeApplications", "elasticbeanstalk:DescribeConfigurationOptions", "elasticbeanstalk:DescribeEnvironmentHealth", "elasticbeanstalk:DescribeEnvironmentManagedActionHistory", "elasticbeanstalk:DescribeEnvironmentManagedActions", "elasticbeanstalk:DescribeEnvironmentResources", "elasticbeanstalk:DescribeEnvironments", "elasticbeanstalk:DescribeEvents", "elasticbeanstalk:DescribeInstancesHealth", "elasticbeanstalk:DescribePlatformVersion", "elasticbeanstalk:ListAvailableSolutionStacks", "elasticbeanstalk:ListPlatformBranches", "elasticbeanstalk:ListPlatformVersions", "elasticbeanstalk:ValidateConfigurationSettings", "elasticfilesystem:DescribeAccessPoints", "elasticfilesystem:DescribeFileSystemPolicy", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeLifecycleConfiguration", "elasticfilesystem:DescribeMountTargets", "elasticfilesystem:DescribeMountTargetSecurityGroups", "elasticfilesystem:DescribeTags", "elasticfilesystem:ListTagsForResource", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticmapreduce:DescribeCluster", "elasticmapreduce:DescribeNotebookExecution", "elasticmapreduce:DescribeReleaseLabel", "elasticmapreduce:DescribeSecurityConfiguration", "elasticmapreduce:DescribeStep", "elasticmapreduce:DescribeStudio", "elasticmapreduce:GetAutoTerminationPolicy", "elasticmapreduce:GetBlockPublicAccessConfiguration", "elasticmapreduce:GetManagedScalingPolicy", "elasticmapreduce:GetStudioSessionMapping", "elasticmapreduce:ListBootstrapActions", "elasticmapreduce:ListClusters", "elasticmapreduce:ListInstanceFleets", "elasticmapreduce:ListInstanceGroups", "elasticmapreduce:ListInstances", "elasticmapreduce:ListNotebookExecutions", "elasticmapreduce:ListReleaseLabels", "elasticmapreduce:ListSecurityConfigurations", "elasticmapreduce:ListSteps", "elasticmapreduce:ListStudios", "elasticmapreduce:ListStudioSessionMappings", "elastictranscoder:ListJobsByPipeline", "elastictranscoder:ListJobsByStatus", "elastictranscoder:ListPipelines", "elastictranscoder:ListPresets", "elastictranscoder:ReadPipeline", "elastictranscoder:ReadPreset", "emr-containers:DescribeJobRun", "emr-containers:DescribeJobTemplate", "emr-containers:DescribeManagedEndpoint", "emr-containers:DescribeVirtualCluster", "emr-containers:ListJobRuns", "emr-containers:ListJobTemplates", "emr-containers:ListManagedEndpoints", "emr-containers:ListVirtualClusters", "emr-serverless:GetApplication", "emr-serverless:GetJobRun", "emr-serverless:ListApplications", "es:DescribeDomain", "es:DescribeDomainAutoTunes", "es:DescribeDomainChangeProgress", "es:DescribeDomainConfig", "es:DescribeDomains", "es:DescribeDryRunProgress", "es:DescribeElasticsearchDomain", "es:DescribeElasticsearchDomainConfig", "es:DescribeElasticsearchDomains", "es:DescribeInboundConnections", "es:DescribeInstanceTypeLimits", "es:DescribeOutboundConnections", "es:DescribePackages", "es:DescribeReservedInstanceOfferings", "es:DescribeReservedInstances", "es:DescribeVpcEndpoints", "es:GetCompatibleVersions", "es:GetPackageVersionHistory", "es:GetUpgradeHistory", "es:GetUpgradeStatus", "es:ListDomainNames", "es:ListDomainsForPackage", "es:ListInstanceTypeDetails", "es:ListPackagesForDomain", "es:ListScheduledActions", "es:ListTags", "es:ListVersions", "es:ListVpcEndpointAccess", "es:ListVpcEndpoints", "es:ListVpcEndpointsForDomain", "evidently:GetExperiment", "evidently:GetFeature", "evidently:GetLaunch", "evidently:GetProject", "evidently:GetSegment", "evidently:ListExperiments", "evidently:ListFeatures", "evidently:ListLaunches", "evidently:ListProjects", "evidently:ListSegments", "evidently:ListSegmentReferences", "events:DescribeApiDestination", "events:DescribeArchive", "events:DescribeConnection", "events:DescribeEndpoint", "events:DescribeEventBus", "events:DescribeEventSource", "events:DescribePartnerEventSource", "events:DescribeReplay", "events:DescribeRule", "events:ListArchives", "events:ListApiDestinations", "events:ListConnections", "events:ListEndpoints", "events:ListEventBuses", "events:ListEventSources", "events:ListPartnerEventSourceAccounts", "events:ListPartnerEventSources", "events:ListReplays", "events:ListRuleNamesByTarget", "events:ListRules", "events:ListTargetsByRule", "events:TestEventPattern", "firehose:DescribeDeliveryStream", "firehose:ListDeliveryStreams", "fms:GetAdminAccount", "fms:GetComplianceDetail", "fms:GetNotificationChannel", "fms:GetPolicy", "fms:GetProtectionStatus", "fms:ListComplianceStatus", "fms:ListMemberAccounts", "fms:ListPolicies", "forecast:DescribeDataset", "forecast:DescribeDatasetGroup", "forecast:DescribeDatasetImportJob", "forecast:DescribeForecast", "forecast:DescribeForecastExportJob", "forecast:DescribePredictor", "forecast:GetAccuracyMetrics", "forecast:ListDatasetGroups", "forecast:ListDatasetImportJobs", "forecast:ListDatasets", "forecast:ListForecastExportJobs", "forecast:ListForecasts", "forecast:ListPredictors", "fsx:DescribeBackups", "fsx:DescribeDataRepositoryAssociations", "fsx:DescribeDataRepositoryTasks", "fsx:DescribeFileCaches", "fsx:DescribeFileSystems", "fsx:DescribeSnapshots", "fsx:DescribeStorageVirtualMachines", "fsx:DescribeVolumes", "fsx:ListTagsForResource", "gamelift:DescribeAlias", "gamelift:DescribeBuild", "gamelift:DescribeEC2InstanceLimits", "gamelift:DescribeFleetAttributes", "gamelift:DescribeFleetCapacity", "gamelift:DescribeFleetEvents", "gamelift:DescribeFleetLocationAttributes", "gamelift:DescribeFleetLocationCapacity", "gamelift:DescribeFleetLocationUtilization", "gamelift:DescribeFleetPortSettings", "gamelift:DescribeFleetUtilization", "gamelift:DescribeGameServer", "gamelift:DescribeGameServerGroup", "gamelift:DescribeGameSessionDetails", "gamelift:DescribeGameSessionPlacement", "gamelift:DescribeGameSessionQueues", "gamelift:DescribeGameSessions", "gamelift:DescribeInstances", "gamelift:DescribeMatchmaking", "gamelift:DescribeMatchmakingConfigurations", "gamelift:DescribeMatchmakingRuleSets", "gamelift:DescribePlayerSessions", "gamelift:DescribeRuntimeConfiguration", "gamelift:DescribeScalingPolicies", "gamelift:DescribeScript", "gamelift:ListAliases", "gamelift:ListBuilds", "gamelift:ListFleets", "gamelift:ListGameServerGroups", "gamelift:ListGameServers", "gamelift:ListScripts", "gamelift:ResolveAlias", "glacier:DescribeJob", "glacier:DescribeVault", "glacier:GetDataRetrievalPolicy", "glacier:GetVaultAccessPolicy", "glacier:GetVaultLock", "glacier:GetVaultNotifications", "glacier:ListJobs", "glacier:ListTagsForVault", "glacier:ListVaults", "globalaccelerator:DescribeAccelerator", "globalaccelerator:DescribeAcceleratorAttributes", "globalaccelerator:DescribeEndpointGroup", "globalaccelerator:DescribeListener", "globalaccelerator:ListAccelerators", "globalaccelerator:ListEndpointGroups", "globalaccelerator:ListListeners", "glue:BatchGetBlueprints", "glue:BatchGetCrawlers", "glue:BatchGetDevEndpoints", "glue:BatchGetJobs", "glue:BatchGetPartition", "glue:BatchGetTriggers", "glue:BatchGetWorkflows", "glue:CheckSchemaVersionValidity", "glue:GetBlueprint", "glue:GetBlueprintRun", "glue:GetBlueprintRuns", "glue:GetCatalogImportStatus", "glue:GetClassifier", "glue:GetClassifiers", "glue:GetColumnStatisticsForPartition", "glue:GetColumnStatisticsForTable", "glue:GetCrawler", "glue:GetCrawlerMetrics", "glue:GetCrawlers", "glue:GetCustomEntityType", "glue:GetDatabase", "glue:GetDatabases", "glue:GetDataflowGraph", "glue:GetDataQualityResult", "glue:GetDataQualityRuleRecommendationRun", "glue:GetDataQualityRuleset", "glue:GetDataQualityRulesetEvaluationRun", "glue:GetDevEndpoint", "glue:GetDevEndpoints", "glue:GetJob", "glue:GetJobRun", "glue:GetJobRuns", "glue:GetJobs", "glue:GetMapping", "glue:GetMLTaskRun", "glue:GetMLTaskRuns", "glue:GetMLTransform", "glue:GetMLTransforms", "glue:GetPartition", "glue:GetPartitionIndexes", "glue:GetPartitions", "glue:GetRegistry", "glue:GetResourcePolicies", "glue:GetResourcePolicy", "glue:GetSchema", "glue:GetSchemaByDefinition", "glue:GetSchemaVersion", "glue:GetSchemaVersionsDiff", "glue:GetSession", "glue:GetStatement", "glue:GetTable", "glue:GetTables", "glue:GetTableVersions", "glue:GetTrigger", "glue:GetTriggers", "glue:GetUserDefinedFunction", "glue:GetUserDefinedFunctions", "glue:GetWorkflow", "glue:GetWorkflowRun", "glue:GetWorkflowRuns", "glue:ListCrawlers", "glue:ListCrawls", "glue:ListDataQualityResults", "glue:ListDataQualityRuleRecommendationRuns", "glue:ListDataQualityRulesetEvaluationRuns", "glue:ListDataQualityRulesets", "glue:ListDevEndpoints", "glue:ListMLTransforms", "glue:ListRegistries", "glue:ListSchemas", "glue:ListSchemaVersions", "glue:ListSessions", "glue:ListStatements", "glue:QuerySchemaVersionMetadata", "greengrass:GetConnectivityInfo", "greengrass:GetCoreDefinition", "greengrass:GetCoreDefinitionVersion", "greengrass:GetDeploymentStatus", "greengrass:GetDeviceDefinition", "greengrass:GetDeviceDefinitionVersion", "greengrass:GetFunctionDefinition", "greengrass:GetFunctionDefinitionVersion", "greengrass:GetGroup", "greengrass:GetGroupCertificateAuthority", "greengrass:GetGroupVersion", "greengrass:GetLoggerDefinition", "greengrass:GetLoggerDefinitionVersion", "greengrass:GetResourceDefinitionVersion", "greengrass:GetServiceRoleForAccount", "greengrass:GetSubscriptionDefinition", "greengrass:GetSubscriptionDefinitionVersion", "greengrass:ListCoreDefinitions", "greengrass:ListCoreDefinitionVersions", "greengrass:ListDeployments", "greengrass:ListDeviceDefinitions", "greengrass:ListDeviceDefinitionVersions", "greengrass:ListFunctionDefinitions", "greengrass:ListFunctionDefinitionVersions", "greengrass:ListGroups", "greengrass:ListGroupVersions", "greengrass:ListLoggerDefinitions", "greengrass:ListLoggerDefinitionVersions", "greengrass:ListResourceDefinitions", "greengrass:ListResourceDefinitionVersions", "greengrass:ListSubscriptionDefinitions", "greengrass:ListSubscriptionDefinitionVersions", "guardduty:GetDetector", "guardduty:GetFindings", "guardduty:GetFindingsStatistics", "guardduty:GetInvitationsCount", "guardduty:GetIPSet", "guardduty:GetMasterAccount", "guardduty:GetMembers", "guardduty:GetThreatIntelSet", "guardduty:ListDetectors", "guardduty:ListFindings", "guardduty:ListInvitations", "guardduty:ListIPSets", "guardduty:ListMembers", "guardduty:ListThreatIntelSets", "health:DescribeAffectedAccountsForOrganization", "health:DescribeAffectedEntities", "health:DescribeAffectedEntitiesForOrganization", "health:DescribeEntityAggregates", "health:DescribeEntityAggregatesForOrganization", "health:DescribeEventAggregates", "health:DescribeEventDetails", "health:DescribeEventDetailsForOrganization", "health:DescribeEvents", "health:DescribeEventsForOrganization", "health:DescribeEventTypes", "health:DescribeHealthServiceStatusForOrganization", "iam:GetAccessKeyLastUsed", "iam:GetAccountAuthorizationDetails", "iam:GetAccountPasswordPolicy", "iam:GetAccountSummary", "iam:GetContextKeysForCustomPolicy", "iam:GetContextKeysForPrincipalPolicy", "iam:GetCredentialReport", "iam:GetGroup", "iam:GetGroupPolicy", "iam:GetInstanceProfile", "iam:GetLoginProfile", "iam:GetOpenIDConnectProvider", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:GetRole", "iam:GetRolePolicy", "iam:GetSAMLProvider", "iam:GetServerCertificate", "iam:GetServiceLinkedRoleDeletionStatus", "iam:GetSSHPublicKey", "iam:GetUser", "iam:GetUserPolicy", "iam:ListAccessKeys", "iam:ListAccountAliases", "iam:ListAttachedGroupPolicies", "iam:ListAttachedRolePolicies", "iam:ListAttachedUserPolicies", "iam:ListEntitiesForPolicy", "iam:ListGroupPolicies", "iam:ListGroups", "iam:ListGroupsForUser", "iam:ListInstanceProfiles", "iam:ListInstanceProfilesForRole", "iam:ListMFADevices", "iam:ListOpenIDConnectProviders", "iam:ListPolicies", "iam:ListPolicyVersions", "iam:ListRolePolicies", "iam:ListRoles", "iam:ListSAMLProviders", "iam:ListServerCertificates", "iam:ListSigningCertificates", "iam:ListSSHPublicKeys", "iam:ListUserPolicies", "iam:ListUsers", "iam:ListVirtualMFADevices", "iam:SimulateCustomPolicy", "iam:SimulatePrincipalPolicy", "imagebuilder:GetComponent", "imagebuilder:GetComponentPolicy", "imagebuilder:GetContainerRecipe", "imagebuilder:GetDistributionConfiguration", "imagebuilder:GetImage", "imagebuilder:GetImagePipeline", "imagebuilder:GetImagePolicy", "imagebuilder:GetImageRecipe", "imagebuilder:GetImageRecipePolicy", "imagebuilder:GetInfrastructureConfiguration", "imagebuilder:GetLifecycleExecution", "imagebuilder:GetLifecyclePolicy", "imagebuilder:GetWorkflowExecution", "imagebuilder:GetWorkflowStepExecution", "imagebuilder:ListComponentBuildVersions", "imagebuilder:ListComponents", "imagebuilder:ListContainerRecipes", "imagebuilder:ListDistributionConfigurations", "imagebuilder:ListImageBuildVersions", "imagebuilder:ListImagePipelineImages", "imagebuilder:ListImagePipelines", "imagebuilder:ListImageRecipes", "imagebuilder:ListImages", "imagebuilder:ListImageScanFindingAggregations", "imagebuilder:ListInfrastructureConfigurations", "imagebuilder:ListLifecycleExecutions", "imagebuilder:ListLifecycleExecutionResources", "imagebuilder:ListLifecyclePolicies", "imagebuilder:ListWorkflowExecutions", "imagebuilder:ListWorkflowStepExecutions", "imagebuilder:ListTagsForResource", "inspector:DescribeAssessmentRuns", "inspector:DescribeAssessmentTargets", "inspector:DescribeAssessmentTemplates", "inspector:DescribeCrossAccountAccessRole", "inspector:DescribeResourceGroups", "inspector:DescribeRulesPackages", "inspector:GetTelemetryMetadata", "inspector:ListAssessmentRunAgents", "inspector:ListAssessmentRuns", "inspector:ListAssessmentTargets", "inspector:ListAssessmentTemplates", "inspector:ListEventSubscriptions", "inspector:ListRulesPackages", "inspector:ListTagsForResource", "inspector2:BatchGetAccountStatus", "inspector2:BatchGetFreeTrialInfo", "inspector2:DescribeOrganizationConfiguration", "inspector2:GetDelegatedAdminAccount", "inspector2:GetMember", "inspector2:GetSbomExport", "inspector2:ListCoverage", "inspector2:ListDelegatedAdminAccounts", "inspector2:ListFilters", "inspector2:ListFindings", "inspector2:ListMembers", "inspector2:ListUsageTotals", "inspector-scan:ScanSbom", "internetmonitor:GetMonitor", "internetmonitor:ListMonitors", "internetmonitor:GetHealthEvent", "internetmonitor:ListHealthEvents", "iot:DescribeAuthorizer", "iot:DescribeCACertificate", "iot:DescribeCertificate", "iot:DescribeDefaultAuthorizer", "iot:DescribeDomainConfiguration", "iot:DescribeEndpoint", "iot:DescribeIndex", "iot:DescribeJobExecution", "iot:DescribeThing", "iot:DescribeThingGroup", "iot:DescribeTunnel", "iot:GetEffectivePolicies", "iot:GetIndexingConfiguration", "iot:GetLoggingOptions", "iot:GetPolicy", "iot:GetPolicyVersion", "iot:GetTopicRule", "iot:GetV2LoggingOptions", "iot:ListAttachedPolicies", "iot:ListAuthorizers", "iot:ListCACertificates", "iot:ListCertificates", "iot:ListCertificatesByCA", "iot:ListDomainConfigurations", "iot:ListJobExecutionsForJob", "iot:ListJobExecutionsForThing", "iot:ListJobs", "iot:ListNamedShadowsForThing", "iot:ListOutgoingCertificates", "iot:ListPackages", "iot:ListPackageVersions", "iot:ListPolicies", "iot:ListPolicyPrincipals", "iot:ListPolicyVersions", "iot:ListPrincipalPolicies", "iot:ListPrincipalThings", "iot:ListRoleAliases", "iot:ListTargetsForPolicy", "iot:ListThingGroups", "iot:ListThingGroupsForThing", "iot:ListThingPrincipals", "iot:ListThingRegistrationTasks", "iot:ListThings", "iot:ListThingsInThingGroup", "iot:ListThingTypes", "iot:ListTopicRules", "iot:ListTunnels", "iot:ListV2LoggingLevels", "iotevents:DescribeDetector", "iotevents:DescribeDetectorModel", "iotevents:DescribeInput", "iotevents:DescribeLoggingOptions", "iotevents:ListDetectorModels", "iotevents:ListDetectorModelVersions", "iotevents:ListDetectors", "iotevents:ListInputs", "iotfleetwise:GetCampaign", "iotfleetwise:GetDecoderManifest", "iotfleetwise:GetFleet", "iotfleetwise:GetModelManifest", "iotfleetwise:GetSignalCatalog", "iotfleetwise:GetVehicle", "iotfleetwise:GetVehicleStatus", "iotfleetwise:ListCampaigns", "iotfleetwise:ListDecoderManifests", "iotfleetwise:ListDecoderManifestNetworkInterfaces", "iotfleetwise:ListDecoderManifestSignals", "iotfleetwise:ListFleets", "iotfleetwise:ListFleetsForVehicle", "iotfleetwise:ListModelManifests", "iotfleetwise:ListModelManifestNodes", "iotfleetwise:ListSignalCatalogs", "iotfleetwise:ListSignalCatalogNodes", "iotfleetwise:ListVehicles", "iotsitewise:DescribeAccessPolicy", "iotsitewise:DescribeAsset", "iotsitewise:DescribeAssetModel", "iotsitewise:DescribeAssetProperty", "iotsitewise:DescribeDashboard", "iotsitewise:DescribeGateway", "iotsitewise:DescribeGatewayCapabilityConfiguration", "iotsitewise:DescribeLoggingOptions", "iotsitewise:DescribePortal", "iotsitewise:DescribeProject", "iotsitewise:ListAccessPolicies", "iotsitewise:ListAssetModels", "iotsitewise:ListAssets", "iotsitewise:ListAssociatedAssets", "iotsitewise:ListDashboards", "iotsitewise:ListGateways", "iotsitewise:ListPortals", "iotsitewise:ListProjectAssets", "iotsitewise:ListProjects", "iottwinmaker:GetComponentType", "iottwinmaker:GetEntity", "iottwinmaker:GetPricingPlan", "iottwinmaker:GetScene", "iottwinmaker:GetWorkspace", "iottwinmaker:ListComponentTypes", "iottwinmaker:ListEntities", "iottwinmaker:ListScenes", "iottwinmaker:GetSyncJob", "iottwinmaker:ListSyncJobs", "iottwinmaker:ListSyncResources", "iottwinmaker:ListWorkspaces", "iotwireless:GetDestination", "iotwireless:GetDeviceProfile", "iotwireless:GetPartnerAccount", "iotwireless:GetServiceEndpoint", "iotwireless:GetServiceProfile", "iotwireless:GetWirelessDevice", "iotwireless:GetWirelessDeviceStatistics", "iotwireless:GetWirelessGateway", "iotwireless:GetWirelessGatewayCertificate", "iotwireless:GetWirelessGatewayFirmwareInformation", "iotwireless:GetWirelessGatewayStatistics", "iotwireless:GetWirelessGatewayTask", "iotwireless:GetWirelessGatewayTaskDefinition", "iotwireless:ListDestinations", "iotwireless:ListDeviceProfiles", "iotwireless:ListPartnerAccounts", "iotwireless:ListServiceProfiles", "iotwireless:ListTagsForResource", "iotwireless:ListWirelessDevices", "iotwireless:ListWirelessGateways", "iotwireless:ListWirelessGatewayTaskDefinitions", "ivs:GetChannel", "ivs:GetRecordingConfiguration", "ivs:GetStream", "ivs:GetStreamSession", "ivs:ListChannels", "ivs:ListPlaybackKeyPairs", "ivs:ListRecordingConfigurations", "ivs:ListStreamKeys", "ivs:ListStreams", "ivs:ListStreamSessions", "kafka:DescribeCluster", "kafka:DescribeClusterOperation", "kafka:DescribeClusterOperationV2", "kafka:DescribeClusterV2", "kafka:DescribeConfiguration", "kafka:DescribeConfigurationRevision", "kafka:DescribeReplicator", "kafka:DescribeVpcConnection", "kafka:GetBootstrapBrokers", "kafka:GetClusterPolicy", "kafka:ListConfigurations", "kafka:ListConfigurationRevisions", "kafka:ListClientVpcConnections", "kafka:ListClusterOperations", "kafka:ListClusterOperationsV2", "kafka:ListClusters", "kafka:ListClustersV2", "kafka:ListNodes", "kafka:ListReplicators", "kafka:ListScramSecrets", "kafka:ListVpcConnections", "kafkaconnect:DescribeConnector", "kafkaconnect:DescribeCustomPlugin", "kafkaconnect:DescribeWorkerConfiguration", "kafkaconnect:ListConnectors", "kafkaconnect:ListCustomPlugins", "kafkaconnect:ListWorkerConfigurations", "kendra:DescribeDataSource", "kendra:DescribeFaq", "kendra:DescribeIndex", "kendra:ListDataSources", "kendra:ListFaqs", "kendra:ListIndices", "kinesis:DescribeStream", "kinesis:DescribeStreamConsumer", "kinesis:DescribeStreamSummary", "kinesis:ListShards", "kinesis:ListStreams", "kinesis:ListStreamConsumers", "kinesis:ListTagsForStream", "kinesisanalytics:DescribeApplication", "kinesisanalytics:DescribeApplicationSnapshot", "kinesisanalytics:ListApplications", "kinesisanalytics:ListApplicationSnapshots", "kinesisvideo:DescribeImageGenerationConfiguration", "kinesisvideo:DescribeNotificationConfiguration", "kinesisvideo:DescribeSignalingChannel", "kinesisvideo:DescribeStream", "kinesisvideo:GetDataEndpoint", "kinesisvideo:GetIceServerConfig", "kinesisvideo:GetSignalingChannelEndpoint", "kinesisvideo:ListSignalingChannels", "kinesisvideo:ListStreams", "kms:DescribeKey", "kms:GetKeyPolicy", "kms:GetKeyRotationStatus", "kms:ListAliases", "kms:ListGrants", "kms:ListKeyPolicies", "kms:ListKeys", "kms:ListResourceTags", "kms:ListRetirableGrants", "lambda:GetAccountSettings", "lambda:GetAlias", "lambda:GetCodeSigningConfig", "lambda:GetEventSourceMapping", "lambda:GetFunction", "lambda:GetFunctionCodeSigningConfig", "lambda:GetFunctionConcurrency", "lambda:GetFunctionConfiguration", "lambda:GetFunctionEventInvokeConfig", "lambda:GetFunctionUrlConfig", "lambda:GetLayerVersion", "lambda:GetLayerVersionPolicy", "lambda:GetPolicy", "lambda:GetProvisionedConcurrencyConfig", "lambda:GetRuntimeManagementConfig", "lambda:ListAliases", "lambda:ListCodeSigningConfigs", "lambda:ListEventSourceMappings", "lambda:ListFunctionEventInvokeConfigs", "lambda:ListFunctions", "lambda:ListFunctionsByCodeSigningConfig", "lambda:ListFunctionUrlConfigs", "lambda:ListLayers", "lambda:ListLayerVersions", "lambda:ListProvisionedConcurrencyConfigs", "lambda:ListVersionsByFunction", "launchwizard:DescribeProvisionedApp", "launchwizard:DescribeProvisioningEvents", "launchwizard:ListProvisionedApps", "lex:DescribeBot", "lex:DescribeBotAlias", "lex:DescribeBotLocale", "lex:DescribeBotRecommendation", "lex:DescribeBotVersion", "lex:DescribeCustomVocabularyMetadata", "lex:DescribeExport", "lex:DescribeImport", "lex:DescribeIntent", "lex:DescribeResourcePolicy", "lex:DescribeSlot", "lex:DescribeSlotType", "lex:GetBot", "lex:GetBotAlias", "lex:GetBotAliases", "lex:GetBotChannelAssociation", "lex:GetBotChannelAssociations", "lex:GetBots", "lex:GetBotVersions", "lex:GetBuiltinIntent", "lex:GetBuiltinIntents", "lex:GetBuiltinSlotTypes", "lex:GetIntent", "lex:GetIntents", "lex:GetIntentVersions", "lex:GetSlotType", "lex:GetSlotTypes", "lex:GetSlotTypeVersions", "lex:ListBotAliases", "lex:ListBotLocales", "lex:ListBotRecommendations", "lex:ListBots", "lex:ListBotVersions", "lex:ListExports", "lex:ListImports", "lex:ListIntents", "lex:ListRecommendedIntents", "lex:ListSlots", "lex:ListSlotTypes", "license-manager:GetLicenseConfiguration", "license-manager:GetServiceSettings", "license-manager:ListAssociationsForLicenseConfiguration", "license-manager:ListFailuresForLicenseConfigurationOperations", "license-manager:ListLicenseConfigurations", "license-manager:ListLicenseSpecificationsForResource", "license-manager:ListResourceInventory", "license-manager:ListUsageForLicenseConfiguration", "lightsail:GetActiveNames", "lightsail:GetAlarms", "lightsail:GetAutoSnapshots", "lightsail:GetBlueprints", "lightsail:GetBucketBundles", "lightsail:GetBucketMetricData", "lightsail:GetBuckets", "lightsail:GetBundles", "lightsail:GetCertificates", "lightsail:GetContainerImages", "lightsail:GetContainerServiceDeployments", "lightsail:GetContainerServiceMetricData", "lightsail:GetContainerServicePowers", "lightsail:GetContainerServices", "lightsail:GetDisk", "lightsail:GetDisks", "lightsail:GetDiskSnapshot", "lightsail:GetDiskSnapshots", "lightsail:GetDistributionBundles", "lightsail:GetDistributionMetricData", "lightsail:GetDistributions", "lightsail:GetDomain", "lightsail:GetDomains", "lightsail:GetExportSnapshotRecords", "lightsail:GetInstance", "lightsail:GetInstanceMetricData", "lightsail:GetInstancePortStates", "lightsail:GetInstances", "lightsail:GetInstanceSnapshot", "lightsail:GetInstanceSnapshots", "lightsail:GetInstanceState", "lightsail:GetKeyPair", "lightsail:GetKeyPairs", "lightsail:GetLoadBalancer", "lightsail:GetLoadBalancerMetricData", "lightsail:GetLoadBalancers", "lightsail:GetLoadBalancerTlsCertificates", "lightsail:GetOperation", "lightsail:GetOperations", "lightsail:GetOperationsForResource", "lightsail:GetRegions", "lightsail:GetRelationalDatabase", "lightsail:GetRelationalDatabaseMetricData", "lightsail:GetRelationalDatabases", "lightsail:GetRelationalDatabaseSnapshot", "lightsail:GetRelationalDatabaseSnapshots", "lightsail:GetStaticIp", "lightsail:GetStaticIps", "lightsail:IsVpcPeered", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:GetDataProtectionPolicy", "logs:GetDelivery", "logs:GetDeliveryDestination", "logs:GetDeliveryDestinationPolicy", "logs:GetDeliverySource", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogGroupFields", "logs:ListAnomalies", "logs:ListLogAnomalyDetectors", "logs:ListLogDeliveries", "logs:TestMetricFilter", "lookoutequipment:DescribeDataIngestionJob", "lookoutequipment:DescribeDataset", "lookoutequipment:DescribeInferenceScheduler", "lookoutequipment:DescribeModel", "lookoutequipment:ListDataIngestionJobs", "lookoutequipment:ListDatasets", "lookoutequipment:ListInferenceExecutions", "lookoutequipment:ListInferenceSchedulers", "lookoutequipment:ListModels", "lookoutmetrics:DescribeAlert", "lookoutmetrics:DescribeAnomalyDetectionExecutions", "lookoutmetrics:DescribeAnomalyDetector", "lookoutmetrics:DescribeMetricSet", "lookoutmetrics:GetAnomalyGroup", "lookoutmetrics:GetDataQualityMetrics", "lookoutmetrics:GetFeedback", "lookoutmetrics:GetSampleData", "lookoutmetrics:ListAlerts", "lookoutmetrics:ListAnomalyDetectors", "lookoutmetrics:ListAnomalyGroupSummaries", "lookoutmetrics:ListAnomalyGroupTimeSeries", "lookoutmetrics:ListMetricSets", "lookoutmetrics:ListTagsForResource", "machinelearning:DescribeBatchPredictions", "machinelearning:DescribeDataSources", "machinelearning:DescribeEvaluations", "machinelearning:DescribeMLModels", "machinelearning:GetBatchPrediction", "machinelearning:GetDataSource", "machinelearning:GetEvaluation", "machinelearning:GetMLModel", "macie2:GetClassificationExportConfiguration", "macie2:GetCustomDataIdentifier", "macie2:GetFindings", "macie2:GetFindingStatistics", "macie2:ListClassificationJobs", "macie2:ListCustomDataIdentifiers", "macie2:ListFindings", "managedblockchain:GetMember", "managedblockchain:GetNetwork", "managedblockchain:GetNode", "managedblockchain:ListMembers", "managedblockchain:ListNetworks", "managedblockchain:ListNodes", "mediaconnect:DescribeFlow", "mediaconnect:ListEntitlements", "mediaconnect:ListFlows", "mediaconvert:DescribeEndpoints", "mediaconvert:GetJob", "mediaconvert:GetJobTemplate", "mediaconvert:GetPreset", "mediaconvert:GetQueue", "mediaconvert:ListJobs", "mediaconvert:ListJobTemplates", "medialive:DescribeChannel", "medialive:DescribeInput", "medialive:DescribeInputDevice", "medialive:DescribeInputSecurityGroup", "medialive:DescribeMultiplex", "medialive:DescribeOffering", "medialive:DescribeReservation", "medialive:DescribeSchedule", "medialive:ListChannels", "medialive:ListInputDevices", "medialive:ListInputs", "medialive:ListInputSecurityGroups", "medialive:ListMultiplexes", "medialive:ListOfferings", "medialive:ListReservations", "mediapackage:DescribeChannel", "mediapackage:DescribeOriginEndpoint", "mediapackage:ListChannels", "mediapackage:ListOriginEndpoints", "mediastore:DescribeContainer", "mediastore:GetContainerPolicy", "mediastore:GetCorsPolicy", "mediastore:ListContainers", "mediatailor:GetPlaybackConfiguration", "mediatailor:ListPlaybackConfigurations", "medical-imaging:GetDatastore", "medical-imaging:ListDatastores", "mgn:DescribeJobLogItems", "mgn:DescribeJobs", "mgn:DescribeLaunchConfigurationTemplates", "mgn:DescribeReplicationConfigurationTemplates", "mgn:DescribeSourceServers", "mgn:DescribeVcenterClients", "mgn:GetLaunchConfiguration", "mgn:GetReplicationConfiguration", "mgn:ListApplications", "mgn:ListSourceServerActions", "mgn:ListTemplateActions", "mgn:ListWaves", "mobiletargeting:GetAdmChannel", "mobiletargeting:GetApnsChannel", "mobiletargeting:GetApnsSandboxChannel", "mobiletargeting:GetApnsVoipChannel", "mobiletargeting:GetApnsVoipSandboxChannel", "mobiletargeting:GetApp", "mobiletargeting:GetApplicationSettings", "mobiletargeting:GetApps", "mobiletargeting:GetBaiduChannel", "mobiletargeting:GetCampaign", "mobiletargeting:GetCampaignActivities", "mobiletargeting:GetCampaigns", "mobiletargeting:GetCampaignVersion", "mobiletargeting:GetCampaignVersions", "mobiletargeting:GetEmailChannel", "mobiletargeting:GetEndpoint", "mobiletargeting:GetEventStream", "mobiletargeting:GetExportJob", "mobiletargeting:GetExportJobs", "mobiletargeting:GetGcmChannel", "mobiletargeting:GetImportJob", "mobiletargeting:GetImportJobs", "mobiletargeting:GetJourney", "mobiletargeting:GetJourneyExecutionMetrics", "mobiletargeting:GetJourneyExecutionActivityMetrics", "mobiletargeting:GetJourneyRunExecutionActivityMetrics", "mobiletargeting:GetJourneyRunExecutionMetrics", "mobiletargeting:GetJourneyRuns", "mobiletargeting:GetSegment", "mobiletargeting:GetSegmentImportJobs", "mobiletargeting:GetSegments", "mobiletargeting:GetSegmentVersion", "mobiletargeting:GetSegmentVersions", "mobiletargeting:GetSmsChannel", "mobiletargeting:ListJourneys", "mq:DescribeBroker", "mq:DescribeConfiguration", "mq:DescribeConfigurationRevision", "mq:DescribeUser", "mq:ListBrokers", "mq:ListConfigurationRevisions", "mq:ListConfigurations", "mq:ListUsers", "m2:GetApplication", "m2:GetApplicationVersion", "m2:GetBatchJobExecution", "m2:GetDataSetDetails", "m2:GetDataSetImportTask", "m2:GetDeployment", "m2:GetEnvironment", "m2:ListApplications", "m2:ListApplicationVersions", "m2:ListBatchJobDefinitions", "m2:ListBatchJobExecutions", "m2:ListDataSetImportHistory", "m2:ListDataSets", "m2:ListDeployments", "m2:ListEngineVersions", "m2:ListEnvironments", "network-firewall:DescribeFirewall", "network-firewall:DescribeFirewallPolicy", "network-firewall:DescribeLoggingConfiguration", "network-firewall:DescribeRuleGroup", "network-firewall:DescribeTLSInspectionConfiguration", "network-firewall:ListFirewallPolicies", "network-firewall:ListFirewalls", "network-firewall:ListRuleGroups", "network-firewall:ListTLSInspectionConfigurations", "networkmanager:DescribeGlobalNetworks", "networkmanager:GetConnectAttachment", "networkmanager:GetConnections", "networkmanager:GetConnectPeer", "networkmanager:GetConnectPeerAssociations", "networkmanager:GetCoreNetwork", "networkmanager:GetCoreNetworkChangeEvents", "networkmanager:GetCoreNetworkChangeSet", "networkmanager:GetCoreNetworkPolicy", "networkmanager:GetCustomerGatewayAssociations", "networkmanager:GetDevices", "networkmanager:GetLinkAssociations", "networkmanager:GetLinks", "networkmanager:GetNetworkResourceCounts", "networkmanager:GetNetworkResourceRelationships", "networkmanager:GetNetworkResources", "networkmanager:GetNetworkRoutes", "networkmanager:GetNetworkTelemetry", "networkmanager:GetResourcePolicy", "networkmanager:GetRouteAnalysis", "networkmanager:GetSites", "networkmanager:GetSiteToSiteVpnAttachment", "networkmanager:GetTransitGatewayConnectPeerAssociations", "networkmanager:GetTransitGatewayPeering", "networkmanager:GetTransitGatewayRegistrations", "networkmanager:GetTransitGatewayRouteTableAttachment", "networkmanager:GetVpcAttachment", "networkmanager:ListAttachments", "networkmanager:ListConnectPeers", "networkmanager:ListCoreNetworkPolicyVersions", "networkmanager:ListCoreNetworks", "networkmanager:ListOrganizationServiceAccessStatus", "networkmanager:ListPeerings", "networkmanager:ListTagsForResource", "networkmonitor:GetMonitor", "networkmonitor:GetProbe", "networkmonitor:ListMonitors", "nimble:GetEula", "nimble:GetLaunchProfile", "nimble:GetLaunchProfileDetails", "nimble:GetLaunchProfileInitialization", "nimble:GetLaunchProfileMember", "nimble:GetStreamingImage", "nimble:GetStreamingSession", "nimble:GetStreamingSessionStream", "nimble:GetStudio", "nimble:GetStudioComponent", "nimble:ListEulaAcceptances", "nimble:ListEulas", "nimble:ListLaunchProfiles", "nimble:ListStreamingImages", "nimble:ListStreamingSessions", "nimble:ListStudioComponents", "nimble:ListStudios", "notifications:GetEventRule", "notifications:GetNotificationConfiguration", "notifications:GetNotificationEvent", "notifications:ListChannels", "notifications:ListEventRules", "notifications:ListNotificationConfigurations", "notifications:ListNotificationEvents", "notifications:ListNotificationHubs", "notifications-contacts:GetEmailContact", "notifications-contacts:ListEmailContacts", "oam:GetLink", "oam:GetSink", "oam:GetSinkPolicy", "oam:ListAttachedLinks", "oam:ListLinks", "oam:ListSinks", "omics:GetAnnotationImportJob", "omics:GetAnnotationStore", "omics:GetReadSetImportJob", "omics:GetReadSetMetadata", "omics:GetReference", "omics:GetReferenceImportJob", "omics:GetReferenceMetadata", "omics:GetReferenceStore", "omics:GetRun", "omics:GetRunGroup", "omics:GetSequenceStore", "omics:GetVariantImportJob", "omics:GetVariantStore", "omics:GetWorkflow", "omics:ListAnnotationImportJobs", "omics:ListAnnotationStores", "omics:ListMultipartReadSetUploads", "omics:ListReadSetImportJobs", "omics:ListReadSets", "omics:ListReadSetUploadParts", "omics:ListReferenceImportJobs", "omics:ListReferenceStores", "omics:ListReferences", "omics:ListRunGroups", "omics:ListRunTasks", "omics:ListRuns", "omics:ListSequenceStores", "omics:ListVariantImportJobs", "omics:ListVariantStores", "omics:ListWorkflows", "opsworks-cm:DescribeAccountAttributes", "opsworks-cm:DescribeBackups", "opsworks-cm:DescribeEvents", "opsworks-cm:DescribeNodeAssociationStatus", "opsworks-cm:DescribeServers", "opsworks:DescribeAgentVersions", "opsworks:DescribeApps", "opsworks:DescribeCommands", "opsworks:DescribeDeployments", "opsworks:DescribeEcsClusters", "opsworks:DescribeElasticIps", "opsworks:DescribeElasticLoadBalancers", "opsworks:DescribeInstances", "opsworks:DescribeLayers", "opsworks:DescribeLoadBasedAutoScaling", "opsworks:DescribeMyUserProfile", "opsworks:DescribePermissions", "opsworks:DescribeRaidArrays", "opsworks:DescribeRdsDbInstances", "opsworks:DescribeServiceErrors", "opsworks:DescribeStackProvisioningParameters", "opsworks:DescribeStacks", "opsworks:DescribeStackSummary", "opsworks:DescribeTimeBasedAutoScaling", "opsworks:DescribeUserProfiles", "opsworks:DescribeVolumes", "opsworks:GetHostnameSuggestion", "organizations:ListAccounts", "organizations:ListTagsForResource", "outposts:GetCatalogItem", "outposts:GetConnection", "outposts:GetOrder", "outposts:GetOutpost", "outposts:GetOutpostInstanceTypes", "outposts:GetSite", "outposts:ListAssets", "outposts:ListCatalogItems", "outposts:ListOrders", "outposts:ListOutposts", "outposts:ListSites", "personalize:DescribeAlgorithm", "personalize:DescribeBatchInferenceJob", "personalize:DescribeBatchSegmentJob", "personalize:DescribeCampaign", "personalize:DescribeDataset", "personalize:DescribeDatasetExportJob", "personalize:DescribeDatasetGroup", "personalize:DescribeDatasetImportJob", "personalize:DescribeEventTracker", "personalize:DescribeFeatureTransformation", "personalize:DescribeFilter", "personalize:DescribeRecipe", "personalize:DescribeRecommender", "personalize:DescribeSchema", "personalize:DescribeSolution", "personalize:DescribeSolutionVersion", "personalize:GetPersonalizedRanking", "personalize:GetRecommendations", "personalize:GetSolutionMetrics", "personalize:ListBatchInferenceJobs", "personalize:ListBatchSegmentJobs", "personalize:ListCampaigns", "personalize:ListDatasetExportJobs", "personalize:ListDatasetGroups", "personalize:ListDatasetImportJobs", "personalize:ListDatasets", "personalize:ListEventTrackers", "personalize:ListRecipes", "personalize:ListRecommenders", "personalize:ListSchemas", "personalize:ListSolutions", "personalize:ListSolutionVersions", "pipes:DescribePipe", "pipes:ListPipes", "pipes:ListTagsForResource", "polly:DescribeVoices", "polly:GetLexicon", "polly:ListLexicons", "pricing:DescribeServices", "pricing:GetAttributeValues", "pricing:GetProducts", "private-networks:GetDeviceIdentifier", "private-networks:GetNetwork", "private-networks:GetNetworkResource", "private-networks:ListDeviceIdentifiers", "private-networks:ListNetworks", "private-networks:ListNetworkResources", "quicksight:DescribeAccountCustomization", "quicksight:DescribeAccountSettings", "quicksight:DescribeAccountSubscription", "quicksight:DescribeAnalysis", "quicksight:DescribeAnalysisPermissions", "quicksight:DescribeDashboard", "quicksight:DescribeDashboardPermissions", "quicksight:DescribeDataSet", "quicksight:DescribeDataSetPermissions", "quicksight:DescribeDataSetRefreshProperties", "quicksight:DescribeDataSource", "quicksight:DescribeDataSourcePermissions", "quicksight:DescribeFolder", "quicksight:DescribeFolderPermissions", "quicksight:DescribeFolderResolvedPermissions", "quicksight:DescribeGroup", "quicksight:DescribeGroupMembership", "quicksight:DescribeIAMPolicyAssignment", "quicksight:DescribeIngestion", "quicksight:DescribeIpRestriction", "quicksight:DescribeNamespace", "quicksight:DescribeRefreshSchedule", "quicksight:DescribeTemplate", "quicksight:DescribeTemplateAlias", "quicksight:DescribeTemplatePermissions", "quicksight:DescribeTheme", "quicksight:DescribeThemeAlias", "quicksight:DescribeThemePermissions", "quicksight:DescribeTopic", "quicksight:DescribeTopicPermissions", "quicksight:DescribeTopicRefresh", "quicksight:DescribeTopicRefreshSchedule", "quicksight:DescribeUser", "quicksight:DescribeVPCConnection", "quicksight:ListAnalyses", "quicksight:ListDashboards", "quicksight:ListDashboardVersions", "quicksight:ListDataSets", "quicksight:ListDataSources", "quicksight:ListFolderMembers", "quicksight:ListFolders", "quicksight:ListGroupMemberships", "quicksight:ListGroups", "quicksight:ListIAMPolicyAssignments", "quicksight:ListIAMPolicyAssignmentsForUser", "quicksight:ListIngestions", "quicksight:ListNamespaces", "quicksight:ListRefreshSchedules", "quicksight:ListTemplateAliases", "quicksight:ListTemplates", "quicksight:ListTemplateVersions", "quicksight:ListThemeAliases", "quicksight:ListThemes", "quicksight:ListThemeVersions", "quicksight:ListTopicRefreshSchedules", "quicksight:ListTopics", "quicksight:ListUserGroups", "quicksight:ListUsers", "quicksight:ListVPCConnections", "quicksight:SearchAnalyses", "quicksight:SearchDashboards", "quicksight:SearchDataSets", "quicksight:SearchDataSources", "quicksight:SearchFolders", "quicksight:SearchGroups", "ram:GetPermission", "ram:GetResourceShareAssociations", "ram:GetResourceShareInvitations", "ram:GetResourceShares", "ram:ListPendingInvitationResources", "ram:ListPrincipals", "ram:ListResources", "ram:ListResourceSharePermissions", "rbin:GetRule", "rbin:ListRules", "rds:DescribeAccountAttributes", "rds:DescribeBlueGreenDeployments", "rds:DescribeCertificates", "rds:DescribeDBClusterEndpoints", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusters", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBSecurityGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEvents", "rds:DescribeEventSubscriptions", "rds:DescribeExportTasks", "rds:DescribeGlobalClusters", "rds:DescribeIntegrations", "rds:DescribeOptionGroupOptions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeReservedDBInstances", "rds:DescribeReservedDBInstancesOfferings", "rds:DescribeSourceRegions", "rds:DescribeValidDBInstanceModifications", "rds:ListTagsForResource", "redshift-data:DescribeStatement", "redshift-data:ListStatements", "redshift:DescribeClusterParameterGroups", "redshift:DescribeClusterParameters", "redshift:DescribeClusters", "redshift:DescribeClusterSecurityGroups", "redshift:DescribeClusterSnapshots", "redshift:DescribeClusterSubnetGroups", "redshift:DescribeClusterVersions", "redshift:DescribeDataShares", "redshift:DescribeDataSharesForConsumer", "redshift:DescribeDataSharesForProducer", "redshift:DescribeDefaultClusterParameters", "redshift:DescribeEventCategories", "redshift:DescribeEvents", "redshift:DescribeEventSubscriptions", "redshift:DescribeHsmClientCertificates", "redshift:DescribeHsmConfigurations", "redshift:DescribeLoggingStatus", "redshift:DescribeOrderableClusterOptions", "redshift:DescribeReservedNodeOfferings", "redshift:DescribeReservedNodes", "redshift:DescribeResize", "redshift:DescribeSnapshotCopyGrants", "redshift:DescribeStorage", "redshift:DescribeTableRestoreStatus", "redshift:DescribeTags", "redshift-serverless:GetEndpointAccess", "redshift-serverless:GetNamespace", "redshift-serverless:GetRecoveryPoint", "redshift-serverless:GetSnapshot", "redshift-serverless:GetTableRestoreStatus", "redshift-serverless:GetUsageLimit", "redshift-serverless:GetWorkgroup", "redshift-serverless:ListEndpointAccess", "redshift-serverless:ListNamespaces", "redshift-serverless:ListRecoveryPoints", "redshift-serverless:ListSnapshots", "redshift-serverless:ListTableRestoreStatus", "redshift-serverless:ListUsageLimits", "redshift-serverless:ListWorkgroups", "rekognition:ListCollections", "rekognition:ListFaces", "resource-explorer-2:GetAccountLevelServiceConfiguration", "resource-explorer-2:GetIndex", "resource-explorer-2:GetView", "resource-explorer-2:ListIndexes", "resource-explorer-2:ListViews", "resource-explorer-2:Search", "resource-groups:GetGroup", "resource-groups:GetGroupQuery", "resource-groups:GetTags", "resource-groups:ListGroupResources", "resource-groups:ListGroups", "resource-groups:SearchResources", "robomaker:BatchDescribeSimulationJob", "robomaker:DescribeDeploymentJob", "robomaker:DescribeFleet", "robomaker:DescribeRobot", "robomaker:DescribeRobotApplication", "robomaker:DescribeSimulationApplication", "robomaker:DescribeSimulationJob", "robomaker:ListDeploymentJobs", "robomaker:ListFleets", "robomaker:ListRobotApplications", "robomaker:ListRobots", "robomaker:ListSimulationApplications", "robomaker:ListSimulationJobs", "route53-recovery-cluster:GetRoutingControlState", "route53-recovery-cluster:ListRoutingControls", "route53-recovery-control-config:DescribeControlPanel", "route53-recovery-control-config:DescribeRoutingControl", "route53-recovery-control-config:DescribeSafetyRule", "route53-recovery-control-config:ListControlPanels", "route53-recovery-control-config:ListRoutingControls", "route53-recovery-control-config:ListSafetyRules", "route53-recovery-readiness:GetCell", "route53-recovery-readiness:GetCellReadinessSummary", "route53-recovery-readiness:GetReadinessCheck", "route53-recovery-readiness:GetReadinessCheckResourceStatus", "route53-recovery-readiness:GetReadinessCheckStatus", "route53-recovery-readiness:GetRecoveryGroup", "route53-recovery-readiness:GetRecoveryGroupReadinessSummary", "route53-recovery-readiness:ListCells", "route53-recovery-readiness:ListReadinessChecks", "route53-recovery-readiness:ListRecoveryGroups", "route53-recovery-readiness:ListResourceSets", "route53:GetAccountLimit", "route53:GetChange", "route53:GetCheckerIpRanges", "route53:GetDNSSEC", "route53:GetGeoLocation", "route53:GetHealthCheck", "route53:GetHealthCheckCount", "route53:GetHealthCheckLastFailureReason", "route53:GetHealthCheckStatus", "route53:GetHostedZone", "route53:GetHostedZoneCount", "route53:GetHostedZoneLimit", "route53:GetQueryLoggingConfig", "route53:GetReusableDelegationSet", "route53:GetTrafficPolicy", "route53:GetTrafficPolicyInstance", "route53:GetTrafficPolicyInstanceCount", "route53:ListCidrBlocks", "route53:ListCidrCollections", "route53:ListCidrLocations", "route53:ListGeoLocations", "route53:ListHealthChecks", "route53:ListHostedZones", "route53:ListHostedZonesByName", "route53:ListHostedZonesByVPC", "route53:ListQueryLoggingConfigs", "route53:ListResourceRecordSets", "route53:ListReusableDelegationSets", "route53:ListTrafficPolicies", "route53:ListTrafficPolicyInstances", "route53:ListTrafficPolicyInstancesByHostedZone", "route53:ListTrafficPolicyInstancesByPolicy", "route53:ListTrafficPolicyVersions", "route53:ListVPCAssociationAuthorizations", "route53domains:CheckDomainAvailability", "route53domains:GetContactReachabilityStatus", "route53domains:GetDomainDetail", "route53domains:GetOperationDetail", "route53domains:ListDomains", "route53domains:ListOperations", "route53domains:ListPrices", "route53domains:ListTagsForDomain", "route53domains:ViewBilling", "route53resolver:GetFirewallConfig", "route53resolver:GetFirewallDomainList", "route53resolver:GetFirewallRuleGroup", "route53resolver:GetFirewallRuleGroupAssociation", "route53resolver:GetFirewallRuleGroupPolicy", "route53resolver:GetOutpostResolver", "route53resolver:GetResolverDnssecConfig", "route53resolver:GetResolverQueryLogConfig", "route53resolver:GetResolverQueryLogConfigAssociation", "route53resolver:GetResolverQueryLogConfigPolicy", "route53resolver:GetResolverRule", "route53resolver:GetResolverRuleAssociation", "route53resolver:GetResolverRulePolicy", "route53resolver:ListFirewallConfigs", "route53resolver:ListFirewallDomainLists", "route53resolver:ListFirewallDomains", "route53resolver:ListFirewallRuleGroupAssociations", "route53resolver:ListFirewallRuleGroups", "route53resolver:ListFirewallRules", "route53resolver:ListOutpostResolvers", "route53resolver:ListResolverConfigs", "route53resolver:ListResolverDnssecConfigs", "route53resolver:ListResolverEndpointIpAddresses", "route53resolver:ListResolverEndpoints", "route53resolver:ListResolverQueryLogConfigAssociations", "route53resolver:ListResolverQueryLogConfigs", "route53resolver:ListResolverRuleAssociations", "route53resolver:ListResolverRules", "route53resolver:ListTagsForResource", "rum:BatchGetRumMetricDefinitions", "rum:GetAppMonitor", "rum:ListAppMonitors", "rum:ListRumMetricsDestinations", "s3:DescribeJob", "s3:DescribeMultiRegionAccessPointOperation", "s3:GetAccelerateConfiguration", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultipartUploadParts", "s3:ListMultiRegionAccessPoints", "s3:ListStorageLensConfigurations", "s3express:ListAllMyDirectoryBuckets", "sagemaker:DescribeAction", "sagemaker:DescribeAlgorithm", "sagemaker:DescribeApp", "sagemaker:DescribeAppImageConfig", "sagemaker:DescribeArtifact", "sagemaker:DescribeAutoMLJob", "sagemaker:DescribeCodeRepository", "sagemaker:DescribeCompilationJob", "sagemaker:DescribeContext", "sagemaker:DescribeDataQualityJobDefinition", "sagemaker:DescribeDevice", "sagemaker:DescribeDeviceFleet", "sagemaker:DescribeDomain", "sagemaker:DescribeEdgeDeploymentPlan", "sagemaker:DescribeEdgePackagingJob", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeExperiment", "sagemaker:DescribeFeatureGroup", "sagemaker:DescribeFeatureMetadata", "sagemaker:DescribeFlowDefinition", "sagemaker:DescribeHub", "sagemaker:DescribeHubContent", "sagemaker:DescribeHumanTaskUi", "sagemaker:DescribeHyperParameterTuningJob", "sagemaker:DescribeImage", "sagemaker:DescribeImageVersion", "sagemaker:DescribeInferenceExperiment", "sagemaker:DescribeInferenceRecommendationsJob", "sagemaker:DescribeLabelingJob", "sagemaker:DescribeModel", "sagemaker:DescribeModelBiasJobDefinition", "sagemaker:DescribeModelCard", "sagemaker:DescribeModelCardExportJob", "sagemaker:DescribeModelExplainabilityJobDefinition", "sagemaker:DescribeModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:DescribeModelQualityJobDefinition", "sagemaker:DescribeMonitoringSchedule", "sagemaker:DescribeNotebookInstance", "sagemaker:DescribeNotebookInstanceLifecycleConfig", "sagemaker:DescribePipeline", "sagemaker:DescribePipelineDefinitionForExecution", "sagemaker:DescribePipelineExecution", "sagemaker:DescribeProcessingJob", "sagemaker:DescribeProject", "sagemaker:DescribeSpace", "sagemaker:DescribeStudioLifecycleConfig", "sagemaker:DescribeSubscribedWorkteam", "sagemaker:DescribeTrainingJob", "sagemaker:DescribeTransformJob", "sagemaker:DescribeTrial", "sagemaker:DescribeTrialComponent", "sagemaker:DescribeUserProfile", "sagemaker:DescribeWorkforce", "sagemaker:DescribeWorkteam", "sagemaker:GetDeviceFleetReport", "sagemaker:GetModelPackageGroupPolicy", "sagemaker:GetSagemakerServicecatalogPortfolioStatus", "sagemaker:ListActions", "sagemaker:ListAlgorithms", "sagemaker:ListAliases", "sagemaker:ListAppImageConfigs", "sagemaker:ListApps", "sagemaker:ListArtifacts", "sagemaker:ListAssociations", "sagemaker:ListAutoMLJobs", "sagemaker:ListCandidatesForAutoMLJob", "sagemaker:ListCodeRepositories", "sagemaker:ListCompilationJobs", "sagemaker:ListContexts", "sagemaker:ListDataQualityJobDefinitions", "sagemaker:ListDeviceFleets", "sagemaker:ListDevices", "sagemaker:ListDomains", "sagemaker:ListEdgeDeploymentPlans", "sagemaker:ListEdgePackagingJobs", "sagemaker:ListEndpointConfigs", "sagemaker:ListEndpoints", "sagemaker:ListExperiments", "sagemaker:ListFeatureGroups", "sagemaker:ListFlowDefinitions", "sagemaker:ListHubContents", "sagemaker:ListHubContentVersions", "sagemaker:ListHubs", "sagemaker:ListHumanTaskUis", "sagemaker:ListHyperParameterTuningJobs", "sagemaker:ListImages", "sagemaker:ListImageVersions", "sagemaker:ListInferenceExperiments", "sagemaker:ListInferenceRecommendationsJobs", "sagemaker:ListInferenceRecommendationsJobSteps", "sagemaker:ListLabelingJobs", "sagemaker:ListLabelingJobsForWorkteam", "sagemaker:ListLineageGroups", "sagemaker:ListModelBiasJobDefinitions", "sagemaker:ListModelCardExportJobs", "sagemaker:ListModelCards", "sagemaker:ListModelCardVersions", "sagemaker:ListModelExplainabilityJobDefinitions", "sagemaker:ListModelMetadata", "sagemaker:ListModelPackageGroups", "sagemaker:ListModelPackages", "sagemaker:ListModelQualityJobDefinitions", "sagemaker:ListModels", "sagemaker:ListMonitoringAlertHistory", "sagemaker:ListMonitoringAlerts", "sagemaker:ListMonitoringExecutions", "sagemaker:ListMonitoringSchedules", "sagemaker:ListNotebookInstanceLifecycleConfigs", "sagemaker:ListNotebookInstances", "sagemaker:ListPipelineExecutions", "sagemaker:ListPipelineExecutionSteps", "sagemaker:ListPipelineParametersForExecution", "sagemaker:ListPipelines", "sagemaker:ListProcessingJobs", "sagemaker:ListProjects", "sagemaker:ListSpaces", "sagemaker:ListStageDevices", "sagemaker:ListStudioLifecycleConfigs", "sagemaker:ListSubscribedWorkteams", "sagemaker:ListTags", "sagemaker:ListTrainingJobs", "sagemaker:ListTrainingJobsForHyperParameterTuningJob", "sagemaker:ListTransformJobs", "sagemaker:ListTrialComponents", "sagemaker:ListTrials", "sagemaker:ListUserProfiles", "sagemaker:ListWorkforces", "sagemaker:ListWorkteams", "savingsplans:DescribeSavingsPlans", "scheduler:GetSchedule", "scheduler:GetScheduleGroup", "scheduler:ListScheduleGroups", "scheduler:ListSchedules", "schemas:DescribeCodeBinding", "schemas:DescribeDiscoverer", "schemas:DescribeRegistry", "schemas:DescribeSchema", "schemas:GetCodeBindingSource", "schemas:GetDiscoveredSchema", "schemas:GetResourcePolicy", "schemas:ListDiscoverers", "schemas:ListRegistries", "schemas:ListSchemas", "schemas:ListSchemaVersions", "sdb:DomainMetadata", "sdb:ListDomains", "secretsmanager:DescribeSecret", "secretsmanager:GetResourcePolicy", "secretsmanager:ListSecrets", "secretsmanager:ListSecretVersionIds", "securityhub:GetEnabledStandards", "securityhub:GetFindings", "securityhub:GetInsightResults", "securityhub:GetInsights", "securityhub:GetMasterAccount", "securityhub:GetMembers", "securityhub:ListEnabledProductsForImport", "securityhub:ListInvitations", "securityhub:ListMembers", "securitylake:GetDataLakeExceptionSubscription", "securitylake:GetDataLakeOrganizationConfiguration", "securitylake:GetDataLakeSources", "securitylake:GetSubscriber", "securitylake:ListDataLakeExceptions", "securitylake:ListDataLakes", "securitylake:ListLogSources", "securitylake:ListSubscribers", "serverlessrepo:GetApplication", "serverlessrepo:GetApplicationPolicy", "serverlessrepo:GetCloudFormationTemplate", "serverlessrepo:ListApplicationDependencies", "serverlessrepo:ListApplications", "serverlessrepo:ListApplicationVersions", "servicecatalog:DescribeConstraint", "servicecatalog:DescribePortfolio", "servicecatalog:DescribeProduct", "servicecatalog:DescribeProductAsAdmin", "servicecatalog:DescribeProductView", "servicecatalog:DescribeProvisioningArtifact", "servicecatalog:DescribeProvisioningParameters", "servicecatalog:DescribeRecord", "servicecatalog:ListAcceptedPortfolioShares", "servicecatalog:ListConstraintsForPortfolio", "servicecatalog:ListLaunchPaths", "servicecatalog:ListPortfolioAccess", "servicecatalog:ListPortfolios", "servicecatalog:ListPortfoliosForProduct", "servicecatalog:ListPrincipalsForPortfolio", "servicecatalog:ListProvisioningArtifacts", "servicecatalog:ListRecordHistory", "servicecatalog:ScanProvisionedProducts", "servicecatalog:SearchProducts", "servicequotas:GetAssociationForServiceQuotaTemplate", "servicequotas:GetAWSDefaultServiceQuota", "servicequotas:GetRequestedServiceQuotaChange", "servicequotas:GetServiceQuota", "servicequotas:GetServiceQuotaIncreaseRequestFromTemplate", "servicequotas:ListAWSDefaultServiceQuotas", "servicequotas:ListRequestedServiceQuotaChangeHistory", "servicequotas:ListRequestedServiceQuotaChangeHistoryByQuota", "servicequotas:ListServiceQuotaIncreaseRequestsInTemplate", "servicequotas:ListServiceQuotas", "servicequotas:ListServices", "ses:DescribeActiveReceiptRuleSet", "ses:DescribeConfigurationSet", "ses:DescribeReceiptRule", "ses:DescribeReceiptRuleSet", "ses:GetAccount", "ses:GetAccountSendingEnabled", "ses:GetBlacklistReports", "ses:GetConfigurationSet", "ses:GetConfigurationSetEventDestinations", "ses:GetContactList", "ses:GetDedicatedIp", "ses:GetDedicatedIpPool", "ses:GetDedicatedIps", "ses:GetDeliverabilityDashboardOptions", "ses:GetDeliverabilityTestReport", "ses:GetDomainDeliverabilityCampaign", "ses:GetDomainStatisticsReport", "ses:GetEmailIdentity", "ses:GetIdentityDkimAttributes", "ses:GetIdentityMailFromDomainAttributes", "ses:GetIdentityNotificationAttributes", "ses:GetIdentityPolicies", "ses:GetIdentityVerificationAttributes", "ses:GetImportJob", "ses:GetSendQuota", "ses:GetSendStatistics", "ses:ListConfigurationSets", "ses:ListContactLists", "ses:ListContacts", "ses:ListCustomVerificationEmailTemplates", "ses:ListDedicatedIpPools", "ses:ListDeliverabilityTestReports", "ses:ListDomainDeliverabilityCampaigns", "ses:ListEmailIdentities", "ses:ListEmailTemplates", "ses:ListIdentities", "ses:ListIdentityPolicies", "ses:ListImportJobs", "ses:ListReceiptFilters", "ses:ListReceiptRuleSets", "ses:ListRecommendations", "ses:ListTagsForResource", "ses:ListTemplates", "ses:ListVerifiedEmailAddresses", "shield:DescribeAttack", "shield:DescribeProtection", "shield:DescribeSubscription", "shield:ListAttacks", "shield:ListProtections", "sms-voice:GetConfigurationSetEventDestinations", "sms:GetConnectors", "sms:GetReplicationJobs", "sms:GetReplicationRuns", "sms:GetServers", "snowball:DescribeAddress", "snowball:DescribeAddresses", "snowball:DescribeJob", "snowball:GetSnowballUsage", "snowball:ListJobs", "snowball:ListServiceVersions", "sns:CheckIfPhoneNumberIsOptedOut", "sns:GetDataProtectionPolicy", "sns:GetEndpointAttributes", "sns:GetPlatformApplicationAttributes", "sns:GetSMSAttributes", "sns:GetSMSSandboxAccountStatus", "sns:GetSubscriptionAttributes", "sns:GetTopicAttributes", "sns:ListEndpointsByPlatformApplication", "sns:ListOriginationNumbers", "sns:ListPhoneNumbersOptedOut", "sns:ListPlatformApplications", "sns:ListSMSSandboxPhoneNumbers", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTopics", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "sqs:ListDeadLetterSourceQueues", "sqs:ListQueues", "ssm-contacts:DescribeEngagement", "ssm-contacts:DescribePage", "ssm-contacts:GetContact", "ssm-contacts:GetContactChannel", "ssm-contacts:GetContactPolicy", "ssm-contacts:GetRotation", "ssm-contacts:GetRotationOverride", "ssm-contacts:ListContactChannels", "ssm-contacts:ListContacts", "ssm-contacts:ListEngagements", "ssm-contacts:ListPageReceipts", "ssm-contacts:ListPageResolutions", "ssm-contacts:ListPagesByContact", "ssm-contacts:ListPagesByEngagement", "ssm-contacts:ListPreviewRotationShifts", "ssm-contacts:ListRotationOverrides", "ssm-contacts:ListRotations", "ssm-contacts:ListRotationShifts", "ssm-incidents:GetIncidentRecord", "ssm-incidents:GetReplicationSet", "ssm-incidents:GetResourcePolicies", "ssm-incidents:GetResponsePlan", "ssm-incidents:GetTimelineEvent", "ssm-incidents:ListIncidentRecords", "ssm-incidents:ListRelatedItems", "ssm-incidents:ListReplicationSets", "ssm-incidents:ListResponsePlans", "ssm-incidents:ListTimelineEvents", "ssm-sap:GetApplication", "ssm-sap:GetComponent", "ssm-sap:GetDatabase", "ssm-sap:GetOperation", "ssm-sap:GetResourcePermission", "ssm-sap:ListApplications", "ssm-sap:ListComponents", "ssm-sap:ListDatabases", "ssm-sap:ListOperations", "ssm:DescribeActivations", "ssm:DescribeAssociation", "ssm:DescribeAssociationExecutions", "ssm:DescribeAssociationExecutionTargets", "ssm:DescribeAutomationExecutions", "ssm:DescribeAutomationStepExecutions", "ssm:DescribeAvailablePatches", "ssm:DescribeDocument", "ssm:DescribeDocumentPermission", "ssm:DescribeEffectiveInstanceAssociations", "ssm:DescribeEffectivePatchesForPatchBaseline", "ssm:DescribeInstanceAssociationsStatus", "ssm:DescribeInstanceInformation", "ssm:DescribeInstancePatches", "ssm:DescribeInstancePatchStates", "ssm:DescribeInstancePatchStatesForPatchGroup", "ssm:DescribeInventoryDeletions", "ssm:DescribeMaintenanceWindowExecutions", "ssm:DescribeMaintenanceWindowExecutionTaskInvocations", "ssm:DescribeMaintenanceWindowExecutionTasks", "ssm:DescribeMaintenanceWindows", "ssm:DescribeMaintenanceWindowSchedule", "ssm:DescribeMaintenanceWindowsForTarget", "ssm:DescribeMaintenanceWindowTargets", "ssm:DescribeMaintenanceWindowTasks", "ssm:DescribeOpsItems", "ssm:DescribeParameters", "ssm:DescribePatchBaselines", "ssm:DescribePatchGroups", "ssm:DescribePatchGroupState", "ssm:DescribePatchProperties", "ssm:DescribeSessions", "ssm:GetAutomationExecution", "ssm:GetCalendarState", "ssm:GetCommandInvocation", "ssm:GetConnectionStatus", "ssm:GetDefaultPatchBaseline", "ssm:GetDeployablePatchSnapshotForInstance", "ssm:GetInventorySchema", "ssm:GetMaintenanceWindow", "ssm:GetMaintenanceWindowExecution", "ssm:GetMaintenanceWindowExecutionTask", "ssm:GetMaintenanceWindowExecutionTaskInvocation", "ssm:GetMaintenanceWindowTask", "ssm:GetOpsItem", "ssm:GetOpsMetadata", "ssm:GetOpsSummary", "ssm:GetPatchBaseline", "ssm:GetPatchBaselineForPatchGroup", "ssm:GetResourcePolicies", "ssm:GetServiceSetting", "ssm:ListAssociations", "ssm:ListAssociationVersions", "ssm:ListCommandInvocations", "ssm:ListCommands", "ssm:ListComplianceItems", "ssm:ListComplianceSummaries", "ssm:ListDocuments", "ssm:ListDocumentMetadataHistory", "ssm:ListDocumentVersions", "ssm:ListOpsItemEvents", "ssm:ListOpsItemRelatedItems", "ssm:ListOpsMetadata", "ssm:ListResourceComplianceSummaries", "ssm:ListResourceDataSync", "ssm:ListTagsForResource", "sso:DescribeApplicationAssignment", "sso:DescribeApplicationProvider", "sso:DescribeApplication", "sso:DescribeInstance", "sso:DescribeTrustedTokenIssuer", "sso:GetApplicationAccessScope", "sso:GetApplicationAssignmentConfiguration", "sso:GetApplicationAuthenticationMethod", "sso:GetApplicationGrant", "sso:GetApplicationInstance", "sso:GetApplicationTemplate", "sso:GetManagedApplicationInstance", "sso:GetSharedSsoConfiguration", "sso:ListApplicationAccessScopes", "sso:ListApplicationAssignments", "sso:ListApplicationAuthenticationMethods", "sso:ListApplicationGrants", "sso:ListApplicationInstances", "sso:ListApplicationProviders", "sso:ListApplications", "sso:ListApplicationTemplates", "sso:ListDirectoryAssociations", "sso:ListInstances", "sso:ListProfileAssociations", "sso:ListTrustedTokenIssuers", "states:DescribeActivity", "states:DescribeExecution", "states:DescribeMapRun", "states:DescribeStateMachine", "states:DescribeStateMachineAlias", "states:DescribeStateMachineForExecution", "states:GetExecutionHistory", "states:ListActivities", "states:ListExecutions", "states:ListMapRuns", "states:ListStateMachineAliases", "states:ListStateMachines", "states:ListStateMachineVersions", "storagegateway:DescribeBandwidthRateLimit", "storagegateway:DescribeCache", "storagegateway:DescribeCachediSCSIVolumes", "storagegateway:DescribeFileSystemAssociations", "storagegateway:DescribeGatewayInformation", "storagegateway:DescribeMaintenanceStartTime", "storagegateway:DescribeNFSFileShares", "storagegateway:DescribeSMBFileShares", "storagegateway:DescribeSMBSettings", "storagegateway:DescribeSnapshotSchedule", "storagegateway:DescribeStorediSCSIVolumes", "storagegateway:DescribeTapeArchives", "storagegateway:DescribeTapeRecoveryPoints", "storagegateway:DescribeTapes", "storagegateway:DescribeUploadBuffer", "storagegateway:DescribeVTLDevices", "storagegateway:DescribeWorkingStorage", "storagegateway:ListAutomaticTapeCreationPolicies", "storagegateway:ListFileShares", "storagegateway:ListFileSystemAssociations", "storagegateway:ListGateways", "storagegateway:ListLocalDisks", "storagegateway:ListTagsForResource", "storagegateway:ListTapes", "storagegateway:ListVolumeInitiators", "storagegateway:ListVolumeRecoveryPoints", "storagegateway:ListVolumes", "swf:CountClosedWorkflowExecutions", "swf:CountOpenWorkflowExecutions", "swf:CountPendingActivityTasks", "swf:CountPendingDecisionTasks", "swf:DescribeActivityType", "swf:DescribeDomain", "swf:DescribeWorkflowExecution", "swf:DescribeWorkflowType", "swf:GetWorkflowExecutionHistory", "swf:ListActivityTypes", "swf:ListClosedWorkflowExecutions", "swf:ListDomains", "swf:ListOpenWorkflowExecutions", "swf:ListWorkflowTypes", "synthetics:DescribeCanaries", "synthetics:DescribeCanariesLastRun", "synthetics:DescribeRuntimeVersions", "synthetics:GetCanary", "synthetics:GetCanaryRuns", "synthetics:GetGroup", "synthetics:ListAssociatedGroups", "synthetics:ListGroupResources", "synthetics:ListGroups", "tiros:CreateQuery", "tiros:GetQueryAnswer", "tiros:GetQueryExplanation", "transcribe:DescribeLanguageModel", "transcribe:GetCallAnalyticsCategory", "transcribe:GetCallAnalyticsJob", "transcribe:GetMedicalTranscriptionJob", "transcribe:GetMedicalVocabulary", "transcribe:GetTranscriptionJob", "transcribe:GetVocabulary", "transcribe:GetVocabularyFilter", "transcribe:ListCallAnalyticsCategories", "transcribe:ListCallAnalyticsJobs", "transcribe:ListLanguageModels", "transcribe:ListMedicalTranscriptionJobs", "transcribe:ListMedicalVocabularies", "transcribe:ListTranscriptionJobs", "transcribe:ListVocabularies", "transcribe:ListVocabularyFilters", "transfer:DescribeAccess", "transfer:DescribeAgreement", "transfer:DescribeConnector", "transfer:DescribeExecution", "transfer:DescribeProfile", "transfer:DescribeServer", "transfer:DescribeUser", "transfer:DescribeWorkflow", "transfer:ListAccesses", "transfer:ListAgreements", "transfer:ListConnectors", "transfer:ListExecutions", "transfer:ListHostKeys", "transfer:ListProfiles", "transfer:ListServers", "transfer:ListTagsForResource", "transfer:ListUsers", "transfer:ListWorkflows", "transfer:SendWorkflowStepState", "trustedadvisor:GetOrganizationRecommendation", "trustedadvisor:GetRecommendation", "trustedadvisor:ListChecks", "trustedadvisor:ListOrganizationRecommendationAccounts", "trustedadvisor:ListOrganizationRecommendationResources", "trustedadvisor:ListOrganizationRecommendations", "trustedadvisor:ListRecommendationResources", "trustedadvisor:ListRecommendations", "verifiedpermissions:GetIdentitySource", "verifiedpermissions:GetPolicy", "verifiedpermissions:GetPolicyStore", "verifiedpermissions:GetPolicyTemplate", "verifiedpermissions:GetSchema", "verifiedpermissions:ListIdentitySources", "verifiedpermissions:ListPolicies", "verifiedpermissions:ListPolicyStores", "verifiedpermissions:ListPolicyTemplates", "vpc-lattice:GetAccessLogSubscription", "vpc-lattice:GetAuthPolicy", "vpc-lattice:GetListener", "vpc-lattice:GetResourcePolicy", "vpc-lattice:GetRule", "vpc-lattice:GetService", "vpc-lattice:GetServiceNetwork", "vpc-lattice:GetServiceNetworkServiceAssociation", "vpc-lattice:GetServiceNetworkVpcAssociation", "vpc-lattice:GetTargetGroup", "vpc-lattice:ListAccessLogSubscriptions", "vpc-lattice:ListListeners", "vpc-lattice:ListRules", "vpc-lattice:ListServiceNetworks", "vpc-lattice:ListServiceNetworkServiceAssociations", "vpc-lattice:ListServiceNetworkVpcAssociations", "vpc-lattice:ListServices", "vpc-lattice:ListTargetGroups", "vpc-lattice:ListTargets", "waf-regional:GetByteMatchSet", "waf-regional:GetChangeTokenStatus", "waf-regional:GetGeoMatchSet", "waf-regional:GetIPSet", "waf-regional:GetLoggingConfiguration", "waf-regional:GetRateBasedRule", "waf-regional:GetRegexMatchSet", "waf-regional:GetRegexPatternSet", "waf-regional:GetRule", "waf-regional:GetRuleGroup", "waf-regional:GetSqlInjectionMatchSet", "waf-regional:GetWebACL", "waf-regional:GetWebACLForResource", "waf-regional:ListActivatedRulesInRuleGroup", "waf-regional:ListByteMatchSets", "waf-regional:ListGeoMatchSets", "waf-regional:ListIPSets", "waf-regional:ListLoggingConfigurations", "waf-regional:ListRateBasedRules", "waf-regional:ListRegexMatchSets", "waf-regional:ListRegexPatternSets", "waf-regional:ListResourcesForWebACL", "waf-regional:ListRuleGroups", "waf-regional:ListRules", "waf-regional:ListSqlInjectionMatchSets", "waf-regional:ListWebACLs", "waf:GetByteMatchSet", "waf:GetChangeTokenStatus", "waf:GetGeoMatchSet", "waf:GetIPSet", "waf:GetLoggingConfiguration", "waf:GetRateBasedRule", "waf:GetRegexMatchSet", "waf:GetRegexPatternSet", "waf:GetRule", "waf:GetRuleGroup", "waf:GetSampledRequests", "waf:GetSizeConstraintSet", "waf:GetSqlInjectionMatchSet", "waf:GetWebACL", "waf:GetXssMatchSet", "waf:ListActivatedRulesInRuleGroup", "waf:ListByteMatchSets", "waf:ListGeoMatchSets", "waf:ListIPSets", "waf:ListLoggingConfigurations", "waf:ListRateBasedRules", "waf:ListRegexMatchSets", "waf:ListRegexPatternSets", "waf:ListRuleGroups", "waf:ListRules", "waf:ListSizeConstraintSets", "waf:ListSqlInjectionMatchSets", "waf:ListWebACLs", "waf:ListXssMatchSets", "wafv2:CheckCapacity", "wafv2:DescribeManagedRuleGroup", "wafv2:GetIPSet", "wafv2:GetLoggingConfiguration", "wafv2:GetPermissionPolicy", "wafv2:GetRateBasedStatementManagedKeys", "wafv2:GetRegexPatternSet", "wafv2:GetRuleGroup", "wafv2:GetSampledRequests", "wafv2:GetWebACL", "wafv2:GetWebACLForResource", "wafv2:ListAvailableManagedRuleGroups", "wafv2:ListIPSets", "wafv2:ListLoggingConfigurations", "wafv2:ListRegexPatternSets", "wafv2:ListResourcesForWebACL", "wafv2:ListRuleGroups", "wafv2:ListTagsForResource", "wafv2:ListWebACLs", "workdocs:CheckAlias", "workdocs:DescribeAvailableDirectories", "workdocs:DescribeInstances", "workmail:DescribeGroup", "workmail:DescribeOrganization", "workmail:DescribeResource", "workmail:DescribeUser", "workmail:ListAliases", "workmail:ListGroupMembers", "workmail:ListGroups", "workmail:ListMailboxPermissions", "workmail:ListOrganizations", "workmail:ListResourceDelegates", "workmail:ListResources", "workmail:ListUsers", "workspaces-web:GetBrowserSettings", "workspaces-web:GetIdentityProvider", "workspaces-web:GetNetworkSettings", "workspaces-web:GetPortal", "workspaces-web:GetPortalServiceProviderMetadata", "workspaces-web:GetTrustStoreCertificate", "workspaces-web:GetUserSettings", "workspaces-web:ListBrowserSettings", "workspaces-web:ListIdentityProviders", "workspaces-web:ListNetworkSettings", "workspaces-web:ListPortals", "workspaces-web:ListTagsForResource", "workspaces-web:ListTrustStoreCertificates", "workspaces-web:ListTrustStores", "workspaces-web:ListUserSettings", "workspaces:DescribeAccount", "workspaces:DescribeAccountModifications", "workspaces:DescribeIpGroups", "workspaces:DescribeTags", "workspaces:DescribeWorkspaceBundles", "workspaces:DescribeWorkspaceDirectories", "workspaces:DescribeWorkspaceImages", "workspaces:DescribeWorkspaces", "workspaces:DescribeWorkspacesConnectionStatus" ], "malformed": false, "name": "AWSSupportServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-25T16:28:02+00:00", "version": "v35" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonChimeUserManagement", "createdate": "2020-02-18T19:26:10Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "chime:ListAccounts", "chime:GetAccount", "chime:GetAccountSettings", "chime:UpdateAccountSettings", "chime:ListUsers", "chime:GetUser", "chime:GetUserByEmail", "chime:InviteUsers", "chime:InviteUsersFromProvider", "chime:SuspendUsers", "chime:ActivateUsers", "chime:UpdateUserLicenses", "chime:ResetPersonalPIN", "chime:LogoutUser", "chime:ListDomains", "chime:GetDomain", "chime:ListDirectories", "chime:ListGroups", "chime:SubmitSupportRequest", "chime:ListDelegates", "chime:ListAccountUsageReportData", "chime:GetMeetingDetail", "chime:ListMeetingEvents", "chime:ListMeetingsReportData", "chime:GetUserActivityReportData", "chime:UpdateUser", "chime:BatchUpdateUser", "chime:BatchSuspendUser", "chime:BatchUnsuspendUser", "chime:AssociatePhoneNumberWithUser", "chime:DisassociatePhoneNumberFromUser", "chime:GetPhoneNumber", "chime:ListPhoneNumbers", "chime:GetUserSettings", "chime:UpdateUserSettings", "chime:CreateUser", "chime:AssociateSigninDelegateGroupsWithAccount", "chime:DisassociateSigninDelegateGroupsFromAccount" ], "malformed": false, "name": "AmazonChimeUserManagement", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-02-18T19:26:10+00:00", "version": "v8" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSMigrationHubFullAccess", "createdate": "2019-06-19T21:14:41Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mgh:AssociateCreatedArtifact", "mgh:AssociateDiscoveredResource", "mgh:CreateHomeRegionControl", "mgh:CreateProgressUpdateStream", "mgh:DeleteHomeRegionControl", "mgh:DeleteProgressUpdateStream", "mgh:DescribeApplicationState", "mgh:DescribeHomeRegionControls", "mgh:DescribeMigrationTask", "mgh:DisassociateCreatedArtifact", "mgh:DisassociateDiscoveredResource", "mgh:GetHomeRegion", "mgh:ImportMigrationTask", "mgh:ListApplicationStates", "mgh:ListCreatedArtifacts", "mgh:ListDiscoveredResources", "mgh:ListMigrationTasks", "mgh:ListProgressUpdateStreams", "mgh:NotifyApplicationState", "mgh:NotifyMigrationTaskState", "mgh:PutResourceAttributes", "discovery:AssociateConfigurationItemsToApplication", "discovery:BatchDeleteAgents", "discovery:BatchDeleteImportData", "discovery:CreateApplication", "discovery:CreateTags", "discovery:DeleteApplications", "discovery:DeleteTags", "discovery:DescribeAgents", "discovery:DescribeBatchDeleteConfigurationTask", "discovery:DescribeConfigurations", "discovery:DescribeContinuousExports", "discovery:DescribeExportConfigurations", "discovery:DescribeExportTasks", "discovery:DescribeImportTasks", "discovery:DescribeTags", "discovery:DisassociateConfigurationItemsFromApplication", "discovery:ExportConfigurations", "discovery:GetDiscoverySummary", "discovery:GetNetworkConnectionGraph", "discovery:ListConfigurations", "discovery:ListServerNeighbors", "discovery:StartBatchDeleteConfigurationTask", "discovery:StartContinuousExport", "discovery:StartDataCollectionByAgentIds", "discovery:StartExportTask", "discovery:StartImportTask", "discovery:StopContinuousExport", "discovery:StopDataCollectionByAgentIds", "discovery:UpdateApplication", "iam:GetRole", "iam:CreateServiceLinkedRole", "iam:DeleteServiceLinkedRole", "iam:GetServiceLinkedRoleDeletionStatus", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSMigrationHubFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-19T21:14:41+00:00", "version": "v4" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy", "createdate": "2017-11-16T18:48:22Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "ecr:GetAuthorizationToken", "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", "logs:CreateLogStream", "logs:PutLogEvents" ], "malformed": false, "name": "AmazonECSTaskExecutionRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-11-16T18:48:22+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonMachineLearningRoleforRedshiftDataSourceV3", "createdate": "2020-06-24T18:00:09Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateSecurityGroup", "ec2:DescribeInternetGateways", "ec2:DescribeSecurityGroups", "ec2:RevokeSecurityGroupIngress", "redshift:AuthorizeClusterSecurityGroupIngress", "redshift:CreateClusterSecurityGroup", "redshift:DescribeClusters", "redshift:DescribeClusterSecurityGroups", "redshift:ModifyCluster", "redshift:RevokeClusterSecurityGroupIngress", "s3:PutBucketPolicy", "s3:GetBucketLocation", "s3:GetBucketPolicy", "s3:GetObject", "s3:PutObject" ], "malformed": false, "name": "AmazonMachineLearningRoleforRedshiftDataSourceV3", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-06-24T18:00:09+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSGrafanaWorkspacePermissionManagement", "createdate": "2023-03-15T22:17:26Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "grafana:DescribeWorkspace", "grafana:DescribeWorkspaceAuthentication", "grafana:UpdatePermissions", "grafana:ListPermissions", "grafana:ListWorkspaces", "sso:DescribeRegisteredRegions", "sso:GetSharedSsoConfiguration", "sso:ListDirectoryAssociations", "sso:GetManagedApplicationInstance", "sso:ListProfiles", "sso:AssociateProfile", "sso:DisassociateProfile", "sso:GetProfile", "sso:ListProfileAssociations", "sso-directory:DescribeUser", "sso-directory:DescribeGroup" ], "malformed": false, "name": "AWSGrafanaWorkspacePermissionManagement", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-15T22:17:26+00:00", "version": "v4" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSMarketplaceManageSubscriptions", "createdate": "2023-01-19T23:45:29Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "aws-marketplace:ViewSubscriptions", "aws-marketplace:Subscribe", "aws-marketplace:Unsubscribe", "aws-marketplace:CreatePrivateMarketplaceRequests", "aws-marketplace:ListPrivateMarketplaceRequests", "aws-marketplace:DescribePrivateMarketplaceRequests", "aws-marketplace:ListPrivateListings" ], "malformed": false, "name": "AWSMarketplaceManageSubscriptions", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-01-19T23:45:29+00:00", "version": "v3" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AWSAppMeshEnvoyAccess", "createdate": "2019-07-03T21:29:37Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "appmesh:StreamAggregatedResources" ], "malformed": false, "name": "AWSAppMeshEnvoyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-07-03T21:29:37+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/CloudWatchLogsFullAccess", "createdate": "2023-11-26T18:12:09Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "logs:AssociateKmsKey", "logs:CancelExportTask", "logs:CreateDelivery", "logs:CreateExportTask", "logs:CreateLogAnomalyDetector", "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteAccountPolicy", "logs:DeleteDataProtectionPolicy", "logs:DeleteDelivery", "logs:DeleteDeliveryDestination", "logs:DeleteDeliveryDestinationPolicy", "logs:DeleteDeliverySource", "logs:DeleteDestination", "logs:DeleteLogAnomalyDetector", "logs:DeleteLogDelivery", "logs:DeleteLogGroup", "logs:DeleteLogStream", "logs:DeleteMetricFilter", "logs:DeleteQueryDefinition", "logs:DeleteResourcePolicy", "logs:DeleteRetentionPolicy", "logs:DeleteSubscriptionFilter", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:DisassociateKmsKey", "logs:FilterLogEvents", "logs:GetDataProtectionPolicy", "logs:GetDelivery", "logs:GetDeliveryDestination", "logs:GetDeliveryDestinationPolicy", "logs:GetDeliverySource", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetLogRecord", "logs:GetQueryResults", "logs:Link", "logs:ListAnomalies", "logs:ListLogAnomalyDetectors", "logs:ListLogDeliveries", "logs:ListTagsForResource", "logs:ListTagsLogGroup", "logs:PutAccountPolicy", "logs:PutDataProtectionPolicy", "logs:PutDeliveryDestination", "logs:PutDeliveryDestinationPolicy", "logs:PutDeliverySource", "logs:PutDestination", "logs:PutDestinationPolicy", "logs:PutLogEvents", "logs:PutMetricFilter", "logs:PutQueryDefinition", "logs:PutResourcePolicy", "logs:PutRetentionPolicy", "logs:PutSubscriptionFilter", "logs:StartLiveTail", "logs:StartQuery", "logs:StopLiveTail", "logs:StopQuery", "logs:TagLogGroup", "logs:TagResource", "logs:TestMetricFilter", "logs:Unmask", "logs:UntagLogGroup", "logs:UntagResource", "logs:UpdateAnomaly", "logs:UpdateLogAnomalyDetector", "logs:UpdateLogDelivery", "cloudwatch:GenerateQuery" ], "malformed": false, "name": "CloudWatchLogsFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-26T18:12:09+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management", "Unknown" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSGlueServiceRole", "createdate": "2023-09-11T16:39:47Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "glue:BatchCreatePartition", "glue:BatchDeleteConnection", "glue:BatchDeletePartition", "glue:BatchDeleteTable", "glue:BatchDeleteTableVersion", "glue:BatchGetBlueprints", "glue:BatchGetCrawlers", "glue:BatchGetCustomEntityTypes", "glue:BatchGetDevEndpoints", "glue:BatchGetJobs", "glue:BatchGetPartition", "glue:BatchGetStageFiles", "glue:BatchGetTableOptimizer", "glue:BatchGetTriggers", "glue:BatchGetWorkflows", "glue:BatchStopJobRun", "glue:BatchUpdatePartition", "glue:CancelDataQualityRuleRecommendationRun", "glue:CancelDataQualityRulesetEvaluationRun", "glue:CancelMLTaskRun", "glue:CancelStatement", "glue:CheckSchemaVersionValidity", "glue:CreateBlueprint", "glue:CreateClassifier", "glue:CreateConnection", "glue:CreateCrawler", "glue:CreateCustomEntityType", "glue:CreateDataQualityRuleset", "glue:CreateDatabase", "glue:CreateDevEndpoint", "glue:CreateJob", "glue:CreateMLTransform", "glue:CreatePartition", "glue:CreatePartitionIndex", "glue:CreateRegistry", "glue:CreateSchema", "glue:CreateScript", "glue:CreateSecurityConfiguration", "glue:CreateSession", "glue:CreateTable", "glue:CreateTableOptimizer", "glue:CreateTrigger", "glue:CreateUserDefinedFunction", "glue:CreateWorkflow", "glue:DeleteBlueprint", "glue:DeleteClassifier", "glue:DeleteColumnStatisticsForPartition", "glue:DeleteColumnStatisticsForTable", "glue:DeleteConnection", "glue:DeleteCrawler", "glue:DeleteCustomEntityType", "glue:DeleteDataQualityRuleset", "glue:DeleteDatabase", "glue:DeleteDevEndpoint", "glue:DeleteJob", "glue:DeleteMLTransform", "glue:DeletePartition", "glue:DeletePartitionIndex", "glue:DeleteRegistry", "glue:DeleteResourcePolicy", "glue:DeleteSchema", "glue:DeleteSchemaVersions", "glue:DeleteSecurityConfiguration", "glue:DeleteSession", "glue:DeleteTable", "glue:DeleteTableOptimizer", "glue:DeleteTableVersion", "glue:DeleteTrigger", "glue:DeleteUserDefinedFunction", "glue:DeleteWorkflow", "glue:DeregisterDataPreview", "glue:GetBlueprint", "glue:GetBlueprintRun", "glue:GetBlueprintRuns", "glue:GetCatalogImportStatus", "glue:GetClassifier", "glue:GetClassifiers", "glue:GetColumnStatisticsForPartition", "glue:GetColumnStatisticsForTable", "glue:GetColumnStatisticsTaskRun", "glue:GetColumnStatisticsTaskRuns", "glue:GetCompletion", "glue:GetConnection", "glue:GetConnections", "glue:GetCrawler", "glue:GetCrawlerMetrics", "glue:GetCrawlers", "glue:GetCustomEntityType", "glue:GetDataCatalogEncryptionSettings", "glue:GetDataPreviewStatement", "glue:GetDataQualityResult", "glue:GetDataQualityRuleRecommendationRun", "glue:GetDataQualityRuleset", "glue:GetDataQualityRulesetEvaluationRun", "glue:GetDatabase", "glue:GetDatabases", "glue:GetDataflowGraph", "glue:GetDevEndpoint", "glue:GetDevEndpoints", "glue:GetEnvironment", "glue:GetExecutors", "glue:GetExecutorsThreads", "glue:GetJob", "glue:GetJobBookmark", "glue:GetJobRun", "glue:GetJobRuns", "glue:GetJobs", "glue:GetLogParsingStatus", "glue:GetMLTaskRun", "glue:GetMLTaskRuns", "glue:GetMLTransform", "glue:GetMLTransforms", "glue:GetMapping", "glue:GetNotebookInstanceStatus", "glue:GetPartition", "glue:GetPartitionIndexes", "glue:GetPartitionMetadata", "glue:GetPartitions", "glue:GetPlan", "glue:GetQueries", "glue:GetQuery", "glue:GetRegistry", "glue:GetResourcePolicies", "glue:GetResourcePolicy", "glue:GetSchema", "glue:GetSchemaByDefinition", "glue:GetSchemaVersion", "glue:GetSchemaVersionsDiff", "glue:GetSecurityConfiguration", "glue:GetSecurityConfigurations", "glue:GetSession", "glue:GetStage", "glue:GetStageAttempt", "glue:GetStageAttemptTaskList", "glue:GetStageAttemptTaskSummary", "glue:GetStageFiles", "glue:GetStages", "glue:GetStatement", "glue:GetStorage", "glue:GetStorageUnit", "glue:GetTable", "glue:GetTableOptimizer", "glue:GetTableVersion", "glue:GetTableVersions", "glue:GetTables", "glue:GetTags", "glue:GetTrigger", "glue:GetTriggers", "glue:GetUserDefinedFunction", "glue:GetUserDefinedFunctions", "glue:GetWorkflow", "glue:GetWorkflowRun", "glue:GetWorkflowRunProperties", "glue:GetWorkflowRuns", "glue:GlueNotebookAuthorize", "glue:GlueNotebookRefreshCredentials", "glue:ImportCatalogToGlue", "glue:ListBlueprints", "glue:ListColumnStatisticsTaskRuns", "glue:ListCrawlers", "glue:ListCrawls", "glue:ListCustomEntityTypes", "glue:ListDataQualityResults", "glue:ListDataQualityRuleRecommendationRuns", "glue:ListDataQualityRulesetEvaluationRuns", "glue:ListDataQualityRulesets", "glue:ListDevEndpoints", "glue:ListJobs", "glue:ListMLTransforms", "glue:ListRegistries", "glue:ListSchemaVersions", "glue:ListSchemas", "glue:ListSessions", "glue:ListStatements", "glue:ListTableOptimizerRuns", "glue:ListTriggers", "glue:ListWorkflows", "glue:NotifyEvent", "glue:PassConnection", "glue:PublishDataQuality", "glue:PutDataCatalogEncryptionSettings", "glue:PutResourcePolicy", "glue:PutSchemaVersionMetadata", "glue:PutWorkflowRunProperties", "glue:QuerySchemaVersionMetadata", "glue:RegisterSchemaVersion", "glue:RemoveSchemaVersionMetadata", "glue:RequestLogParsing", "glue:ResetJobBookmark", "glue:ResumeWorkflowRun", "glue:RunDataPreviewStatement", "glue:RunStatement", "glue:SearchTables", "glue:SendFeedback", "glue:StartBlueprintRun", "glue:StartColumnStatisticsTaskRun", "glue:StartCompletion", "glue:StartCrawler", "glue:StartCrawlerSchedule", "glue:StartDataQualityRuleRecommendationRun", "glue:StartDataQualityRulesetEvaluationRun", "glue:StartExportLabelsTaskRun", "glue:StartImportLabelsTaskRun", "glue:StartJobRun", "glue:StartMLEvaluationTaskRun", "glue:StartMLLabelingSetGenerationTaskRun", "glue:StartNotebook", "glue:StartTrigger", "glue:StartWorkflowRun", "glue:StopColumnStatisticsTaskRun", "glue:StopCrawler", "glue:StopCrawlerSchedule", "glue:StopSession", "glue:StopTrigger", "glue:StopWorkflowRun", "glue:TagResource", "glue:TerminateNotebook", "glue:TestConnection", "glue:UntagResource", "glue:UpdateBlueprint", "glue:UpdateClassifier", "glue:UpdateColumnStatisticsForPartition", "glue:UpdateColumnStatisticsForTable", "glue:UpdateConnection", "glue:UpdateCrawler", "glue:UpdateCrawlerSchedule", "glue:UpdateDataQualityRuleset", "glue:UpdateDatabase", "glue:UpdateDevEndpoint", "glue:UpdateJob", "glue:UpdateJobFromSourceControl", "glue:UpdateMLTransform", "glue:UpdatePartition", "glue:UpdateRegistry", "glue:UpdateSchema", "glue:UpdateSourceControlFromJob", "glue:UpdateTable", "glue:UpdateTableOptimizer", "glue:UpdateTrigger", "glue:UpdateUserDefinedFunction", "glue:UpdateWorkflow", "glue:UseGlueStudio", "glue:UseMLTransforms", "s3:GetBucketLocation", "s3:ListBucket", "s3:ListAllMyBuckets", "s3:GetBucketAcl", "ec2:DescribeVpcEndpoints", "ec2:DescribeRouteTables", "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcAttribute", "iam:ListRolePolicies", "iam:GetRole", "iam:GetRolePolicy", "cloudwatch:PutMetricData", "s3:CreateBucket", "s3:GetObject", "s3:PutObject", "s3:DeleteObject", "s3:GetObject", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "ec2:CreateTags", "ec2:DeleteTags" ], "malformed": false, "name": "AWSGlueServiceRole", "privesc": true, "resource_exposure": true, "undocumented_actions": true, "unknown_actions": false, "updatedate": "2023-09-11T16:39:47+00:00", "version": "v5" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess", "createdate": "2019-06-27T19:22:52Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "workspaces:RebootWorkspaces", "workspaces:RebuildWorkspaces", "workspaces:ModifyWorkspaceProperties" ], "malformed": false, "name": "AmazonWorkSpacesSelfServiceAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-27T19:22:52+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationMigrationServiceRolePolicy", "createdate": "2023-06-20T09:12:04Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mgn:ListTagsForResource", "kms:ListRetirableGrants", "mgh:AssociateCreatedArtifact", "mgh:CreateProgressUpdateStream", "mgh:DisassociateCreatedArtifact", "mgh:GetHomeRegion", "mgh:ImportMigrationTask", "mgh:NotifyMigrationTaskState", "mgh:PutResourceAttributes", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", "ec2:DescribeImages", "ec2:DescribeInstances", "ec2:DescribeInstanceTypes", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceStatus", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshots", "ec2:DescribeSubnets", "ec2:DescribeVolumes", "ec2:GetEbsDefaultKmsKeyId", "ec2:GetEbsEncryptionByDefault", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListDelegatedAdministrators", "organizations:ListAccounts", "ec2:RegisterImage", "ec2:DeregisterImage", "ec2:DeleteSnapshot", "ec2:CreateLaunchTemplateVersion", "ec2:ModifyLaunchTemplate", "ec2:DeleteLaunchTemplate", "ec2:DeleteLaunchTemplateVersions", "ec2:DeleteVolume", "ec2:StartInstances", "ec2:StopInstances", "ec2:TerminateInstances", "ec2:ModifyInstanceAttribute", "ec2:GetConsoleOutput", "ec2:GetConsoleScreenshot", "ec2:RevokeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:AuthorizeSecurityGroupEgress", "ec2:CreateVolume", "ec2:CreateSecurityGroup", "ec2:CreateSecurityGroup", "ec2:CreateLaunchTemplate", "ec2:CreateSnapshot", "ec2:CreateSnapshot", "ec2:DetachVolume", "ec2:AttachVolume", "ec2:AttachVolume", "ec2:DetachVolume", "ec2:RunInstances", "ec2:RunInstances", "iam:PassRole", "ec2:CreateTags" ], "malformed": false, "name": "AWSApplicationMigrationServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-06-20T09:12:04+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSDirectConnectReadOnlyAccess", "createdate": "2020-05-18T18:48:22Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "directconnect:DescribeConnectionLoa", "directconnect:DescribeConnections", "directconnect:DescribeConnectionsOnInterconnect", "directconnect:DescribeCustomerMetadata", "directconnect:DescribeDirectConnectGatewayAssociationProposals", "directconnect:DescribeDirectConnectGatewayAssociations", "directconnect:DescribeDirectConnectGatewayAttachments", "directconnect:DescribeDirectConnectGateways", "directconnect:DescribeHostedConnections", "directconnect:DescribeInterconnectLoa", "directconnect:DescribeInterconnects", "directconnect:DescribeLags", "directconnect:DescribeLoa", "directconnect:DescribeLocations", "directconnect:DescribeRouterConfiguration", "directconnect:DescribeTags", "directconnect:DescribeVirtualGateways", "directconnect:DescribeVirtualInterfaces", "directconnect:ListVirtualInterfaceTestHistory", "ec2:DescribeVpnGateways", "ec2:DescribeTransitGateways" ], "malformed": false, "name": "AWSDirectConnectReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-05-18T18:48:22+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSBugBustServiceRolePolicy", "createdate": "2021-06-24T06:59:05Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "codeguru-reviewer:ListRecommendations", "codeguru-reviewer:UnTagResource", "codeguru-reviewer:DescribeCodeReview" ], "malformed": false, "name": "AWSBugBustServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-06-24T06:59:05+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSArtifactReportsReadOnlyAccess", "createdate": "2024-01-02T22:42:58Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "artifact:Get", "artifact:GetReport", "artifact:GetReportMetadata", "artifact:GetTermForReport", "artifact:ListReports" ], "malformed": false, "name": "AWSArtifactReportsReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-02T22:42:58+00:00", "version": "v1" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/ElementalActivationsDownloadSoftwareAccess", "createdate": "2020-09-08T17:26:09Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elemental-activations:GetActivation", "elemental-activations:DownloadSoftware" ], "malformed": false, "name": "ElementalActivationsDownloadSoftwareAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-09-08T17:26:09+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSAppFabricServiceRolePolicy", "createdate": "2023-06-26T21:07:45Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:PutMetricData", "s3:PutObject", "firehose:PutRecordBatch" ], "malformed": false, "name": "AWSAppFabricServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-06-26T21:07:45+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonFreeRTOSOTAUpdate", "createdate": "2020-12-18T17:47:30Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:GetObjectVersion", "s3:PutObject", "s3:GetObject", "signer:StartSigningJob", "signer:DescribeSigningJob", "signer:GetSigningProfile", "signer:PutSigningProfile", "s3:ListBucketVersions", "s3:ListBucket", "s3:ListAllMyBuckets", "s3:GetBucketLocation", "iot:DeleteJob", "iot:DescribeJob", "iot:DeleteStream", "iot:CreateStream", "iot:CreateJob" ], "malformed": false, "name": "AmazonFreeRTOSOTAUpdate", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-18T17:47:30+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSDeadlineCloud-UserAccessFarms", "createdate": "2024-04-01T16:54:00Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "identitystore:DescribeGroup", "identitystore:DescribeUser", "identitystore:ListGroupMembershipsForMember", "deadline:GetApplicationVersion", "ec2:DescribeInstanceTypes", "identitystore:ListUsers", "deadline:AssociateMemberToFarm", "deadline:AssociateMemberToFleet", "deadline:AssociateMemberToJob", "deadline:AssociateMemberToQueue", "deadline:CreateBudget", "deadline:DeleteBudget", "deadline:DisassociateMemberFromFarm", "deadline:DisassociateMemberFromFleet", "deadline:DisassociateMemberFromJob", "deadline:DisassociateMemberFromQueue", "deadline:GetBudget", "deadline:GetSessionsStatisticsAggregation", "deadline:ListBudgets", "deadline:StartSessionsStatisticsAggregation", "deadline:UpdateBudget", "deadline:AssociateMemberToFarm", "deadline:AssociateMemberToFleet", "deadline:AssociateMemberToJob", "deadline:AssociateMemberToQueue", "deadline:DisassociateMemberFromFarm", "deadline:DisassociateMemberFromFleet", "deadline:DisassociateMemberFromJob", "deadline:DisassociateMemberFromQueue", "deadline:ListFarmMembers", "deadline:ListFleetMembers", "deadline:ListJobMembers", "deadline:ListQueueMembers", "deadline:UpdateJob", "deadline:UpdateSession", "deadline:UpdateStep", "deadline:UpdateTask", "deadline:AssumeQueueRoleForUser", "deadline:CreateJob", "deadline:AssumeFleetRoleForRead", "deadline:AssumeQueueRoleForRead", "deadline:GetFarm", "deadline:GetFleet", "deadline:GetJob", "deadline:GetQueue", "deadline:GetQueueEnvironment", "deadline:GetQueueFleetAssociation", "deadline:GetSession", "deadline:GetSessionAction", "deadline:GetStep", "deadline:GetStorageProfile", "deadline:GetStorageProfileForQueue", "deadline:GetTask", "deadline:GetWorker", "deadline:ListQueueEnvironments", "deadline:ListQueueFleetAssociations", "deadline:ListSessionActions", "deadline:ListSessions", "deadline:ListSessionsForWorker", "deadline:ListStepConsumers", "deadline:ListStepDependencies", "deadline:ListSteps", "deadline:ListStorageProfiles", "deadline:ListStorageProfilesForQueue", "deadline:ListTasks", "deadline:ListWorkers", "deadline:SearchJobs", "deadline:SearchSteps", "deadline:SearchTasks", "deadline:SearchWorkers", "deadline:ListFarms", "deadline:ListFleets", "deadline:ListJobs", "deadline:ListQueues" ], "malformed": false, "name": "AWSDeadlineCloud-UserAccessFarms", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-01T16:54:00+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSApplicationDiscoveryServiceFullAccess", "createdate": "2019-06-19T21:21:26Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mgh:AssociateCreatedArtifact", "mgh:AssociateDiscoveredResource", "mgh:CreateHomeRegionControl", "mgh:CreateProgressUpdateStream", "mgh:DeleteHomeRegionControl", "mgh:DeleteProgressUpdateStream", "mgh:DescribeApplicationState", "mgh:DescribeHomeRegionControls", "mgh:DescribeMigrationTask", "mgh:DisassociateCreatedArtifact", "mgh:DisassociateDiscoveredResource", "mgh:GetHomeRegion", "mgh:ImportMigrationTask", "mgh:ListApplicationStates", "mgh:ListCreatedArtifacts", "mgh:ListDiscoveredResources", "mgh:ListMigrationTasks", "mgh:ListProgressUpdateStreams", "mgh:NotifyApplicationState", "mgh:NotifyMigrationTaskState", "mgh:PutResourceAttributes", "discovery:AssociateConfigurationItemsToApplication", "discovery:BatchDeleteAgents", "discovery:BatchDeleteImportData", "discovery:CreateApplication", "discovery:CreateTags", "discovery:DeleteApplications", "discovery:DeleteTags", "discovery:DescribeAgents", "discovery:DescribeBatchDeleteConfigurationTask", "discovery:DescribeConfigurations", "discovery:DescribeContinuousExports", "discovery:DescribeExportConfigurations", "discovery:DescribeExportTasks", "discovery:DescribeImportTasks", "discovery:DescribeTags", "discovery:DisassociateConfigurationItemsFromApplication", "discovery:ExportConfigurations", "discovery:GetDiscoverySummary", "discovery:GetNetworkConnectionGraph", "discovery:ListConfigurations", "discovery:ListServerNeighbors", "discovery:StartBatchDeleteConfigurationTask", "discovery:StartContinuousExport", "discovery:StartDataCollectionByAgentIds", "discovery:StartExportTask", "discovery:StartImportTask", "discovery:StopContinuousExport", "discovery:StopDataCollectionByAgentIds", "discovery:UpdateApplication", "iam:GetRole", "iam:CreateServiceLinkedRole", "iam:DeleteServiceLinkedRole", "iam:GetServiceLinkedRoleDeletionStatus", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSApplicationDiscoveryServiceFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-19T21:21:26+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSIoT1ClickFullAccess", "createdate": "2018-05-11T22:10:14Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iot1click:AssociateDeviceWithPlacement", "iot1click:ClaimDevicesByClaimCode", "iot1click:CreatePlacement", "iot1click:CreateProject", "iot1click:DeletePlacement", "iot1click:DeleteProject", "iot1click:DescribeDevice", "iot1click:DescribePlacement", "iot1click:DescribeProject", "iot1click:DisassociateDeviceFromPlacement", "iot1click:FinalizeDeviceClaim", "iot1click:GetDeviceMethods", "iot1click:GetDevicesInPlacement", "iot1click:InitiateDeviceClaim", "iot1click:InvokeDeviceMethod", "iot1click:ListDeviceEvents", "iot1click:ListDevices", "iot1click:ListPlacements", "iot1click:ListProjects", "iot1click:ListTagsForResource", "iot1click:TagResource", "iot1click:UnclaimDevice", "iot1click:UntagResource", "iot1click:UpdateDeviceState", "iot1click:UpdatePlacement", "iot1click:UpdateProject" ], "malformed": false, "name": "AWSIoT1ClickFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-05-11T22:10:14+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonTranscribeReadOnlyAccess", "createdate": "2018-04-04T16:05:06Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "transcribe:GetCallAnalyticsCategory", "transcribe:GetCallAnalyticsJob", "transcribe:GetMedicalScribeJob", "transcribe:GetMedicalTranscriptionJob", "transcribe:GetMedicalVocabulary", "transcribe:GetTranscriptionJob", "transcribe:GetVocabulary", "transcribe:GetVocabularyFilter", "transcribe:ListCallAnalyticsCategories", "transcribe:ListCallAnalyticsJobs", "transcribe:ListLanguageModels", "transcribe:ListMedicalScribeJobs", "transcribe:ListMedicalTranscriptionJobs", "transcribe:ListMedicalVocabularies", "transcribe:ListTagsForResource", "transcribe:ListTranscriptionJobs", "transcribe:ListVocabularies", "transcribe:ListVocabularyFilters" ], "malformed": false, "name": "AmazonTranscribeReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-04-04T16:05:06+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryLaunchActionsPolicy", "createdate": "2023-10-16T12:28:44Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ssm:DescribeInstanceInformation", "ssm:SendCommand", "ssm:StartAutomationExecution", "ssm:SendCommand", "ssm:StartAutomationExecution", "ssm:SendCommand", "ssm:SendCommand", "ssm:ListDocuments", "ssm:ListCommandInvocations", "ssm:ListDocumentVersions", "ssm:GetDocument", "ssm:DescribeDocument", "ssm:GetAutomationExecution", "ssm:GetParameters", "ssm:GetParameter", "ssm:PutParameter", "iam:PassRole" ], "malformed": false, "name": "AWSElasticDisasterRecoveryLaunchActionsPolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-10-16T12:28:44+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSCloud9ServiceRolePolicy", "createdate": "2022-01-17T14:06:15Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:RunInstances", "ec2:CreateSecurityGroup", "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "ec2:DescribeInstances", "ec2:DescribeInstanceStatus", "cloudformation:CreateStack", "cloudformation:DescribeStacks", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackResources", "ec2:TerminateInstances", "ec2:DeleteSecurityGroup", "ec2:AuthorizeSecurityGroupIngress", "cloudformation:DeleteStack", "ec2:CreateTags", "ec2:StartInstances", "ec2:StopInstances", "ec2:StartInstances", "ec2:StopInstances", "iam:ListInstanceProfiles", "iam:GetInstanceProfile", "iam:PassRole" ], "malformed": false, "name": "AWSCloud9ServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-01-17T14:06:15+00:00", "version": "v8" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSResourceAccessManagerFullAccess", "createdate": "2019-06-04T17:28:22Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ram:AcceptResourceShareInvitation", "ram:AssociateResourceShare", "ram:AssociateResourceSharePermission", "ram:CreatePermission", "ram:CreatePermissionVersion", "ram:CreateResourceShare", "ram:DeletePermission", "ram:DeletePermissionVersion", "ram:DeleteResourceShare", "ram:DisassociateResourceShare", "ram:DisassociateResourceSharePermission", "ram:EnableSharingWithAwsOrganization", "ram:GetPermission", "ram:GetResourcePolicies", "ram:GetResourceShareAssociations", "ram:GetResourceShareInvitations", "ram:GetResourceShares", "ram:ListPendingInvitationResources", "ram:ListPermissionAssociations", "ram:ListPermissionVersions", "ram:ListPermissions", "ram:ListPrincipals", "ram:ListReplacePermissionAssociationsWork", "ram:ListResourceSharePermissions", "ram:ListResourceTypes", "ram:ListResources", "ram:PromotePermissionCreatedFromPolicy", "ram:PromoteResourceShareCreatedFromPolicy", "ram:RejectResourceShareInvitation", "ram:ReplacePermissionAssociations", "ram:SetDefaultPermissionVersion", "ram:TagResource", "ram:UntagResource", "ram:UpdateResourceShare" ], "malformed": false, "name": "AWSResourceAccessManagerFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-04T17:28:22+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonECSServiceRolePolicy", "createdate": "2023-12-04T19:32:25Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:AttachNetworkInterface", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:DetachNetworkInterface", "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:DeregisterTargets", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:RegisterTargets", "route53:ChangeResourceRecordSets", "route53:CreateHealthCheck", "route53:DeleteHealthCheck", "route53:GetAccountLimit", "route53:GetChange", "route53:GetCheckerIpRanges", "route53:GetDNSSEC", "route53:GetGeoLocation", "route53:GetHealthCheck", "route53:GetHealthCheckCount", "route53:GetHealthCheckLastFailureReason", "route53:GetHealthCheckStatus", "route53:GetHostedZone", "route53:GetHostedZoneCount", "route53:GetHostedZoneLimit", "route53:GetQueryLoggingConfig", "route53:GetReusableDelegationSet", "route53:GetReusableDelegationSetLimit", "route53:GetTrafficPolicy", "route53:GetTrafficPolicyInstance", "route53:GetTrafficPolicyInstanceCount", "route53:ListCidrBlocks", "route53:ListCidrCollections", "route53:ListCidrLocations", "route53:ListGeoLocations", "route53:ListHealthChecks", "route53:ListHostedZones", "route53:ListHostedZonesByName", "route53:ListHostedZonesByVPC", "route53:ListQueryLoggingConfigs", "route53:ListResourceRecordSets", "route53:ListReusableDelegationSets", "route53:ListTagsForResource", "route53:ListTagsForResources", "route53:ListTrafficPolicies", "route53:ListTrafficPolicyInstances", "route53:ListTrafficPolicyInstancesByHostedZone", "route53:ListTrafficPolicyInstancesByPolicy", "route53:ListTrafficPolicyVersions", "route53:ListVPCAssociationAuthorizations", "route53:UpdateHealthCheck", "servicediscovery:DeregisterInstance", "servicediscovery:GetInstance", "servicediscovery:GetInstancesHealthStatus", "servicediscovery:GetNamespace", "servicediscovery:GetOperation", "servicediscovery:GetService", "servicediscovery:ListInstances", "servicediscovery:ListNamespaces", "servicediscovery:ListOperations", "servicediscovery:ListServices", "servicediscovery:ListTagsForResource", "servicediscovery:RegisterInstance", "servicediscovery:UpdateInstanceCustomHealthStatus", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "autoscaling:DeletePolicy", "autoscaling:PutScalingPolicy", "autoscaling:SetInstanceProtection", "autoscaling:UpdateAutoScalingGroup", "autoscaling:PutLifecycleHook", "autoscaling:DeleteLifecycleHook", "autoscaling:CompleteLifecycleAction", "autoscaling:RecordLifecycleActionHeartbeat", "autoscaling-plans:CreateScalingPlan", "autoscaling-plans:DeleteScalingPlan", "autoscaling-plans:DescribeScalingPlans", "autoscaling-plans:DescribeScalingPlanResources", "events:DescribeRule", "events:ListTargetsByRule", "events:PutRule", "events:PutTargets", "cloudwatch:DeleteAlarms", "cloudwatch:DescribeAlarms", "cloudwatch:PutMetricAlarm", "ec2:CreateTags", "logs:CreateLogGroup", "logs:DescribeLogGroups", "logs:PutRetentionPolicy", "logs:CreateLogStream", "logs:DescribeLogStreams", "logs:PutLogEvents", "ssm:DescribeSessions", "ssm:StartSession", "servicediscovery:CreateHttpNamespace", "servicediscovery:CreateService", "servicediscovery:TagResource", "servicediscovery:DeleteService", "servicediscovery:DiscoverInstances", "servicediscovery:DiscoverInstancesRevision" ], "malformed": false, "name": "AmazonECSServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-04T19:32:25+00:00", "version": "v11" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSCloudFormationFullAccess", "createdate": "2019-07-26T21:50:35Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudformation:CancelResourceRequest", "cloudformation:CreateResource", "cloudformation:DeleteResource", "cloudformation:GetResource", "cloudformation:GetResourceRequestStatus", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:UpdateResource", "cloudformation:ActivateOrganizationsAccess", "cloudformation:ActivateType", "cloudformation:BatchDescribeTypeConfigurations", "cloudformation:CancelUpdateStack", "cloudformation:ContinueUpdateRollback", "cloudformation:CreateChangeSet", "cloudformation:CreateGeneratedTemplate", "cloudformation:CreateStack", "cloudformation:CreateStackInstances", "cloudformation:CreateStackSet", "cloudformation:CreateUploadBucket", "cloudformation:DeactivateOrganizationsAccess", "cloudformation:DeactivateType", "cloudformation:DeleteChangeSet", "cloudformation:DeleteGeneratedTemplate", "cloudformation:DeleteStack", "cloudformation:DeleteStackInstances", "cloudformation:DeleteStackSet", "cloudformation:DeregisterType", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeChangeSet", "cloudformation:DescribeChangeSetHooks", "cloudformation:DescribeGeneratedTemplate", "cloudformation:DescribeOrganizationsAccess", "cloudformation:DescribePublisher", "cloudformation:DescribeResourceScan", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:DescribeType", "cloudformation:DescribeTypeRegistration", "cloudformation:DetectStackDrift", "cloudformation:DetectStackResourceDrift", "cloudformation:DetectStackSetDrift", "cloudformation:EstimateTemplateCost", "cloudformation:ExecuteChangeSet", "cloudformation:GetGeneratedTemplate", "cloudformation:GetStackPolicy", "cloudformation:GetTemplate", "cloudformation:GetTemplateSummary", "cloudformation:ImportStacksToStackSet", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "cloudformation:PublishType", "cloudformation:RecordHandlerProgress", "cloudformation:RegisterPublisher", "cloudformation:RegisterType", "cloudformation:RollbackStack", "cloudformation:SetStackPolicy", "cloudformation:SetTypeConfiguration", "cloudformation:SetTypeDefaultVersion", "cloudformation:SignalResource", "cloudformation:StartResourceScan", "cloudformation:StopStackSetOperation", "cloudformation:TagResource", "cloudformation:TestType", "cloudformation:UntagResource", "cloudformation:UpdateGeneratedTemplate", "cloudformation:UpdateStack", "cloudformation:UpdateStackInstances", "cloudformation:UpdateStackSet", "cloudformation:UpdateTerminationProtection", "cloudformation:ValidateTemplate" ], "malformed": false, "name": "AWSCloudFormationFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-07-26T21:50:35+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSMigrationHubOrchestratorPlugin", "createdate": "2022-04-20T02:25:10Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:CreateBucket", "s3:PutObject", "s3:GetObject", "s3:GetBucketAcl", "s3:ListAllMyBuckets", "execute-api:Invoke", "execute-api:ManageConnections", "migrationhub-orchestrator:RegisterPlugin", "migrationhub-orchestrator:GetMessage", "migrationhub-orchestrator:SendMessage", "secretsmanager:GetSecretValue" ], "malformed": false, "name": "AWSMigrationHubOrchestratorPlugin", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-04-20T02:25:10+00:00", "version": "v1" }, { "access_levels": [ "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonSQSFullAccess", "createdate": "2015-02-06T18:41:07Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "sqs:AddPermission", "sqs:CancelMessageMoveTask", "sqs:ChangeMessageVisibility", "sqs:CreateQueue", "sqs:DeleteMessage", "sqs:DeleteQueue", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "sqs:ListDeadLetterSourceQueues", "sqs:ListMessageMoveTasks", "sqs:ListQueueTags", "sqs:ListQueues", "sqs:PurgeQueue", "sqs:ReceiveMessage", "sqs:RemovePermission", "sqs:SendMessage", "sqs:SetQueueAttributes", "sqs:StartMessageMoveTask", "sqs:TagQueue", "sqs:UntagQueue" ], "malformed": false, "name": "AmazonSQSFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:41:07+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonEventBridgeApiDestinationsServiceRolePolicy", "createdate": "2021-02-11T20:52:05Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "secretsmanager:CreateSecret", "secretsmanager:UpdateSecret", "secretsmanager:DescribeSecret", "secretsmanager:DeleteSecret", "secretsmanager:GetSecretValue", "secretsmanager:PutSecretValue" ], "malformed": false, "name": "AmazonEventBridgeApiDestinationsServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-02-11T20:52:05+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSDataExchangeReadOnly", "createdate": "2021-05-10T21:15:26Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "dataexchange:GetAsset", "dataexchange:GetDataSet", "dataexchange:GetEventAction", "dataexchange:GetJob", "dataexchange:GetRevision", "dataexchange:ListDataSetRevisions", "dataexchange:ListDataSets", "dataexchange:ListEventActions", "dataexchange:ListJobs", "dataexchange:ListRevisionAssets", "dataexchange:ListTagsForResource", "aws-marketplace:ViewSubscriptions", "aws-marketplace:GetAgreementRequest", "aws-marketplace:ListAgreementRequests", "aws-marketplace:GetAgreementApprovalRequest", "aws-marketplace:ListAgreementApprovalRequests", "aws-marketplace:DescribeEntity", "aws-marketplace:ListEntities", "aws-marketplace:DescribeChangeSet", "aws-marketplace:ListChangeSets", "aws-marketplace:SearchAgreements", "aws-marketplace:GetAgreementTerms" ], "malformed": false, "name": "AWSDataExchangeReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-05-10T21:15:26+00:00", "version": "v2" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/CloudWatchLambdaInsightsExecutionRolePolicy", "createdate": "2020-10-07T19:27:06Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "malformed": false, "name": "CloudWatchLambdaInsightsExecutionRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-10-07T19:27:06+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSSystemsManagerAccountDiscoveryServicePolicy", "createdate": "2022-10-17T20:25:02Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:DescribeOrganizationalUnit", "organizations:ListRoots", "organizations:ListAccounts", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListChildren", "organizations:ListParents", "organizations:ListDelegatedServicesForAccount", "organizations:ListDelegatedAdministrators" ], "malformed": false, "name": "AWSSystemsManagerAccountDiscoveryServicePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-10-17T20:25:02+00:00", "version": "v3" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/AWSMarketplaceMeteringRegisterUsage", "createdate": "2019-11-21T01:17:54Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "aws-marketplace:RegisterUsage" ], "malformed": false, "name": "AWSMarketplaceMeteringRegisterUsage", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-11-21T01:17:54+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonDataZoneEnvironmentRolePermissionsBoundary", "createdate": "2023-11-17T23:29:08Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "ec2:CreateTags", "ec2:DeleteTags", "glue:CancelDataQualityRuleRecommendationRun", "glue:CancelDataQualityRulesetEvaluationRun", "glue:CreateDataQualityRuleset", "glue:DeleteDataQualityRuleset", "glue:GetDataQualityResult", "glue:GetDataQualityRuleRecommendationRun", "glue:GetDataQualityRuleset", "glue:GetDataQualityRulesetEvaluationRun", "glue:ListDataQualityResults", "glue:ListDataQualityRuleRecommendationRuns", "glue:ListDataQualityRulesetEvaluationRuns", "glue:ListDataQualityRulesets", "glue:PublishDataQuality", "glue:StartDataQualityRuleRecommendationRun", "glue:StartDataQualityRulesetEvaluationRun", "glue:UpdateDataQualityRuleset", "glue:BatchCreatePartition", "glue:BatchDeleteConnection", "glue:BatchDeletePartition", "glue:BatchDeleteTable", "glue:BatchDeleteTableVersion", "glue:BatchGetJobs", "glue:BatchGetWorkflows", "glue:BatchStopJobRun", "glue:BatchUpdatePartition", "glue:CreateBlueprint", "glue:CreateConnection", "glue:CreateCrawler", "glue:CreateDatabase", "glue:CreateJob", "glue:CreatePartition", "glue:CreatePartitionIndex", "glue:CreateTable", "glue:CreateWorkflow", "glue:DeleteBlueprint", "glue:DeleteColumnStatisticsForPartition", "glue:DeleteColumnStatisticsForTable", "glue:DeleteConnection", "glue:DeleteCrawler", "glue:DeleteJob", "glue:DeletePartition", "glue:DeletePartitionIndex", "glue:DeleteTable", "glue:DeleteTableVersion", "glue:DeleteWorkflow", "glue:GetColumnStatisticsForPartition", "glue:GetColumnStatisticsForTable", "glue:GetConnection", "glue:GetDatabase", "glue:GetDatabases", "glue:GetTable", "glue:GetTables", "glue:GetPartition", "glue:GetPartitions", "glue:ListSchemas", "glue:ListJobs", "glue:NotifyEvent", "glue:PutWorkflowRunProperties", "glue:ResetJobBookmark", "glue:ResumeWorkflowRun", "glue:SearchTables", "glue:StartBlueprintRun", "glue:StartCrawler", "glue:StartCrawlerSchedule", "glue:StartJobRun", "glue:StartWorkflowRun", "glue:StopCrawler", "glue:StopCrawlerSchedule", "glue:StopWorkflowRun", "glue:UpdateBlueprint", "glue:UpdateColumnStatisticsForPartition", "glue:UpdateColumnStatisticsForTable", "glue:UpdateConnection", "glue:UpdateCrawler", "glue:UpdateCrawlerSchedule", "glue:UpdateDatabase", "glue:UpdateJob", "glue:UpdatePartition", "glue:UpdateTable", "glue:UpdateWorkflow", "iam:PassRole", "kms:DescribeKey", "kms:Decrypt", "kms:ListKeys", "kms:DescribeKey", "kms:Decrypt", "kms:ListKeys", "kms:Encrypt", "kms:GenerateDataKey", "kms:Verify", "kms:Sign", "datazone:AcceptPredictions", "datazone:AcceptSubscriptionRequest", "datazone:AddPolicyGrant", "datazone:CancelMetadataGenerationRun", "datazone:CancelSubscription", "datazone:CreateAsset", "datazone:CreateAssetRevision", "datazone:CreateAssetType", "datazone:CreateDataSource", "datazone:CreateDomain", "datazone:CreateEnvironment", "datazone:CreateEnvironmentBlueprint", "datazone:CreateEnvironmentProfile", "datazone:CreateFormType", "datazone:CreateGlossary", "datazone:CreateGlossaryTerm", "datazone:CreateGroupProfile", "datazone:CreateListingChangeSet", "datazone:CreateProject", "datazone:CreateProjectMembership", "datazone:CreateSubscriptionGrant", "datazone:CreateSubscriptionRequest", "datazone:CreateSubscriptionTarget", "datazone:CreateUserProfile", "datazone:DeleteAsset", "datazone:DeleteAssetType", "datazone:DeleteDataSource", "datazone:DeleteDomain", "datazone:DeleteDomainSharingPolicy", "datazone:DeleteEnvironment", "datazone:DeleteEnvironmentBlueprint", "datazone:DeleteEnvironmentBlueprintConfiguration", "datazone:DeleteEnvironmentProfile", "datazone:DeleteFormType", "datazone:DeleteGlossary", "datazone:DeleteGlossaryTerm", "datazone:DeleteListing", "datazone:DeleteProject", "datazone:DeleteProjectMembership", "datazone:DeleteSubscriptionGrant", "datazone:DeleteSubscriptionRequest", "datazone:DeleteSubscriptionTarget", "datazone:DeleteTimeSeriesDataPoints", "datazone:GetAsset", "datazone:GetAssetType", "datazone:GetDataSource", "datazone:GetDataSourceRun", "datazone:GetDomain", "datazone:GetDomainSharingPolicy", "datazone:GetEnvironment", "datazone:GetEnvironmentActionLink", "datazone:GetEnvironmentBlueprint", "datazone:GetEnvironmentBlueprintConfiguration", "datazone:GetEnvironmentCredentials", "datazone:GetEnvironmentProfile", "datazone:GetFormType", "datazone:GetGlossary", "datazone:GetGlossaryTerm", "datazone:GetGroupProfile", "datazone:GetIamPortalLoginUrl", "datazone:GetListing", "datazone:GetMetadataGenerationRun", "datazone:GetProject", "datazone:GetSubscription", "datazone:GetSubscriptionEligibility", "datazone:GetSubscriptionGrant", "datazone:GetSubscriptionRequestDetails", "datazone:GetSubscriptionTarget", "datazone:GetTimeSeriesDataPoint", "datazone:GetUserProfile", "datazone:ListAccountEnvironments", "datazone:ListAssetRevisions", "datazone:ListDataSourceRunActivities", "datazone:ListDataSourceRuns", "datazone:ListDataSources", "datazone:ListDomains", "datazone:ListEnvironmentBlueprintConfigurationSummaries", "datazone:ListEnvironmentBlueprintConfigurations", "datazone:ListEnvironmentBlueprints", "datazone:ListEnvironmentProfiles", "datazone:ListEnvironments", "datazone:ListGroupsForUser", "datazone:ListMetadataGenerationRuns", "datazone:ListNotifications", "datazone:ListPolicyGrants", "datazone:ListProjectMemberships", "datazone:ListProjects", "datazone:ListSubscriptionGrants", "datazone:ListSubscriptionRequests", "datazone:ListSubscriptionTargets", "datazone:ListSubscriptions", "datazone:ListTagsForResource", "datazone:ListTimeSeriesDataPoints", "datazone:ListWarehouseMetadata", "datazone:PostTimeSeriesDataPoints", "datazone:ProvisionDomain", "datazone:PutDomainSharingPolicy", "datazone:PutEnvironmentBlueprintConfiguration", "datazone:RefreshToken", "datazone:RejectPredictions", "datazone:RejectSubscriptionRequest", "datazone:RemovePolicyGrant", "datazone:RevokeSubscription", "datazone:Search", "datazone:SearchGroupProfiles", "datazone:SearchListings", "datazone:SearchTypes", "datazone:SearchUserProfiles", "datazone:SsoLogin", "datazone:SsoLogout", "datazone:StartDataSourceRun", "datazone:StartMetadataGenerationRun", "datazone:StopMetadataGenerationRun", "datazone:TagResource", "datazone:UntagResource", "datazone:UpdateDataSource", "datazone:UpdateDataSourceRunActivities", "datazone:UpdateDomain", "datazone:UpdateEnvironment", "datazone:UpdateEnvironmentBlueprint", "datazone:UpdateEnvironmentConfiguration", "datazone:UpdateEnvironmentDeploymentStatus", "datazone:UpdateEnvironmentProfile", "datazone:UpdateGlossary", "datazone:UpdateGlossaryTerm", "datazone:UpdateGroupProfile", "datazone:UpdateProject", "datazone:UpdateSubscriptionGrantStatus", "datazone:UpdateSubscriptionRequest", "datazone:UpdateSubscriptionTarget", "datazone:UpdateUserProfile", "datazone:ValidatePassRole", "sqlworkbench:AssociateConnectionWithChart", "sqlworkbench:AssociateConnectionWithTab", "sqlworkbench:AssociateNotebookWithTab", "sqlworkbench:AssociateQueryWithTab", "sqlworkbench:BatchDeleteFolder", "sqlworkbench:BatchGetNotebookCell", "sqlworkbench:CreateAccount", "sqlworkbench:CreateChart", "sqlworkbench:CreateConnection", "sqlworkbench:CreateFolder", "sqlworkbench:CreateNotebook", "sqlworkbench:CreateNotebookCell", "sqlworkbench:CreateNotebookFromVersion", "sqlworkbench:CreateNotebookVersion", "sqlworkbench:CreateSavedQuery", "sqlworkbench:DeleteChart", "sqlworkbench:DeleteConnection", "sqlworkbench:DeleteNotebook", "sqlworkbench:DeleteNotebookCell", "sqlworkbench:DeleteNotebookVersion", "sqlworkbench:DeleteSavedQuery", "sqlworkbench:DeleteTab", "sqlworkbench:DriverExecute", "sqlworkbench:DuplicateNotebook", "sqlworkbench:ExportNotebook", "sqlworkbench:GenerateSession", "sqlworkbench:GetAccountInfo", "sqlworkbench:GetAccountSettings", "sqlworkbench:GetAutocompletionMetadata", "sqlworkbench:GetAutocompletionResource", "sqlworkbench:GetChart", "sqlworkbench:GetConnection", "sqlworkbench:GetNotebook", "sqlworkbench:GetNotebookVersion", "sqlworkbench:GetQSqlRecommendations", "sqlworkbench:GetQueryExecutionHistory", "sqlworkbench:GetSavedQuery", "sqlworkbench:GetSchemaInference", "sqlworkbench:GetUserInfo", "sqlworkbench:GetUserWorkspaceSettings", "sqlworkbench:ImportNotebook", "sqlworkbench:ListConnections", "sqlworkbench:ListDatabases", "sqlworkbench:ListFiles", "sqlworkbench:ListNotebookVersions", "sqlworkbench:ListNotebooks", "sqlworkbench:ListQueryExecutionHistory", "sqlworkbench:ListRedshiftClusters", "sqlworkbench:ListSampleDatabases", "sqlworkbench:ListSavedQueryVersions", "sqlworkbench:ListTabs", "sqlworkbench:ListTaggedResources", "sqlworkbench:ListTagsForResource", "sqlworkbench:PutTab", "sqlworkbench:PutUserWorkspaceSettings", "sqlworkbench:RestoreNotebookVersion", "sqlworkbench:TagResource", "sqlworkbench:UntagResource", "sqlworkbench:UpdateAccountConnectionSettings", "sqlworkbench:UpdateAccountExportSettings", "sqlworkbench:UpdateAccountGeneralSettings", "sqlworkbench:UpdateAccountQSqlSettings", "sqlworkbench:UpdateChart", "sqlworkbench:UpdateConnection", "sqlworkbench:UpdateFileFolder", "sqlworkbench:UpdateFolder", "sqlworkbench:UpdateNotebook", "sqlworkbench:UpdateNotebookCellContent", "sqlworkbench:UpdateNotebookCellLayout", "sqlworkbench:UpdateSavedQuery", "athena:BatchGetNamedQuery", "athena:BatchGetPreparedStatement", "athena:BatchGetQueryExecution", "athena:CreateNamedQuery", "athena:CreateNotebook", "athena:CreatePreparedStatement", "athena:CreatePresignedNotebookUrl", "athena:DeleteNamedQuery", "athena:DeleteNotebook", "athena:DeletePreparedStatement", "athena:ExportNotebook", "athena:GetDatabase", "athena:GetDataCatalog", "athena:GetNamedQuery", "athena:GetPreparedStatement", "athena:GetQueryExecution", "athena:GetQueryResults", "athena:GetQueryRuntimeStatistics", "athena:GetTableMetadata", "athena:GetWorkGroup", "athena:ImportNotebook", "athena:ListDatabases", "athena:ListDataCatalogs", "athena:ListEngineVersions", "athena:ListNamedQueries", "athena:ListPreparedStatements", "athena:ListQueryExecutions", "athena:ListTableMetadata", "athena:ListTagsForResource", "athena:ListWorkGroups", "athena:StartCalculationExecution", "athena:StartQueryExecution", "athena:StartSession", "athena:StopCalculationExecution", "athena:StopQueryExecution", "athena:TerminateSession", "athena:UpdateNamedQuery", "athena:UpdateNotebook", "athena:UpdateNotebookMetadata", "athena:UpdatePreparedStatement", "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "glue:BatchCreatePartition", "glue:BatchDeletePartition", "glue:BatchDeleteTable", "glue:BatchDeleteTableVersion", "glue:BatchGetJobs", "glue:BatchGetPartition", "glue:BatchGetWorkflows", "glue:BatchUpdatePartition", "glue:CreateBlueprint", "glue:CreateConnection", "glue:CreateCrawler", "glue:CreateDatabase", "glue:CreateJob", "glue:CreatePartition", "glue:CreatePartitionIndex", "glue:CreateTable", "glue:CreateWorkflow", "glue:DeleteColumnStatisticsForPartition", "glue:DeleteColumnStatisticsForTable", "glue:DeletePartition", "glue:DeletePartitionIndex", "glue:DeleteTable", "glue:DeleteTableVersion", "glue:GetColumnStatisticsForPartition", "glue:GetColumnStatisticsForTable", "glue:GetConnection", "glue:GetDatabase", "glue:GetDatabases", "glue:GetTable", "glue:GetTables", "glue:GetPartition", "glue:GetPartitions", "glue:ListSchemas", "glue:ListJobs", "glue:NotifyEvent", "glue:SearchTables", "glue:UpdateColumnStatisticsForPartition", "glue:UpdateColumnStatisticsForTable", "glue:UpdateDatabase", "glue:UpdatePartition", "glue:UpdateTable", "iam:GetRole", "iam:GetRolePolicy", "iam:ListGroups", "iam:ListRolePolicies", "iam:ListRoles", "iam:ListUsers", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeMetricFilters", "logs:StartQuery", "logs:StopQuery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetQueryResults", "logs:GetLogRecord", "logs:PutLogEvents", "logs:CreateLogStream", "logs:FilterLogEvents", "lakeformation:GetDataAccess", "lakeformation:GetDataLakeSettings", "lakeformation:GetResourceLFTags", "lakeformation:ListPermissions", "redshift-data:ListTables", "redshift-data:DescribeTable", "redshift-data:ListSchemas", "redshift-data:ListDatabases", "redshift-data:ExecuteStatement", "redshift-data:GetStatementResult", "redshift-data:DescribeStatement", "redshift:CreateClusterUser", "redshift:DescribeClusters", "redshift:DescribeDataShares", "redshift:GetClusterCredentials", "redshift:GetClusterCredentialsWithIAM", "redshift:JoinGroup", "redshift-serverless:ListNamespaces", "redshift-serverless:ListWorkgroups", "redshift-serverless:GetNamespace", "redshift-serverless:GetWorkgroup", "redshift-serverless:GetCredentials", "secretsmanager:ListSecrets", "tag:GetResources", "athena:GetQueryResultsStream", "secretsmanager:CreateSecret", "secretsmanager:TagResource", "s3:AbortMultipartUpload", "s3:DeleteObject", "s3:DeleteObjectVersion", "s3:GetObject", "s3:PutObject", "s3:PutObjectRetention", "s3:ReplicateObject", "s3:RestoreObject", "s3:GetBucketLocation", "s3:ListBucket" ], "malformed": true, "name": "AmazonDataZoneEnvironmentRolePermissionsBoundary", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-17T23:29:08+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management", "Unknown" ], "arn": null, "createdate": "2023-03-21T02:51:56Z", "credentials_exposure": true, "data_access": true, "deprecated": true, "effective_action_names": [ "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:DeleteObjectVersion", "s3:RestoreObject", "s3:ReplicateObject", "s3:PutObject", "s3:AbortMultipartUpload", "s3:CreateBucket", "s3:PutBucketPublicAccessBlock", "s3:PutObjectRetention", "s3:DeleteObject", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "kms:ListAliases", "kms:ListGrants", "kms:ListKeyPolicies", "kms:ListKeyRotations", "kms:ListKeys", "kms:ListResourceTags", "kms:ListRetirableGrants", "kms:GetKeyPolicy", "kms:GetKeyRotationStatus", "kms:GetParametersForImport", "kms:GetPublicKey", "kms:DescribeCustomKeyStores", "kms:DescribeKey", "kms:Decrypt", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "logs:AssociateKmsKey", "logs:CancelExportTask", "logs:CreateDelivery", "logs:CreateExportTask", "logs:CreateLogAnomalyDetector", "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteAccountPolicy", "logs:DeleteDataProtectionPolicy", "logs:DeleteDelivery", "logs:DeleteDeliveryDestination", "logs:DeleteDeliveryDestinationPolicy", "logs:DeleteDeliverySource", "logs:DeleteDestination", "logs:DeleteLogAnomalyDetector", "logs:DeleteLogDelivery", "logs:DeleteLogGroup", "logs:DeleteLogStream", "logs:DeleteMetricFilter", "logs:DeleteQueryDefinition", "logs:DeleteResourcePolicy", "logs:DeleteRetentionPolicy", "logs:DeleteSubscriptionFilter", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:DisassociateKmsKey", "logs:FilterLogEvents", "logs:GetDataProtectionPolicy", "logs:GetDelivery", "logs:GetDeliveryDestination", "logs:GetDeliveryDestinationPolicy", "logs:GetDeliverySource", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetLogRecord", "logs:GetQueryResults", "logs:Link", "logs:ListAnomalies", "logs:ListLogAnomalyDetectors", "logs:ListLogDeliveries", "logs:ListTagsForResource", "logs:ListTagsLogGroup", "logs:PutAccountPolicy", "logs:PutDataProtectionPolicy", "logs:PutDeliveryDestination", "logs:PutDeliveryDestinationPolicy", "logs:PutDeliverySource", "logs:PutDestination", "logs:PutDestinationPolicy", "logs:PutLogEvents", "logs:PutMetricFilter", "logs:PutQueryDefinition", "logs:PutResourcePolicy", "logs:PutRetentionPolicy", "logs:PutSubscriptionFilter", "logs:StartLiveTail", "logs:StartQuery", "logs:StopLiveTail", "logs:StopQuery", "logs:TagLogGroup", "logs:TagResource", "logs:TestMetricFilter", "logs:Unmask", "logs:UntagLogGroup", "logs:UntagResource", "logs:UpdateAnomaly", "logs:UpdateLogAnomalyDetector", "logs:UpdateLogDelivery", "athena:TerminateSession", "athena:CreatePreparedStatement", "athena:StopCalculationExecution", "athena:StartQueryExecution", "athena:UpdatePreparedStatement", "athena:BatchGetNamedQuery", "athena:BatchGetPreparedStatement", "athena:BatchGetQueryExecution", "athena:ListApplicationDPUSizes", "athena:ListCalculationExecutions", "athena:ListCapacityReservations", "athena:ListDataCatalogs", "athena:ListDatabases", "athena:ListEngineVersions", "athena:ListExecutors", "athena:ListNamedQueries", "athena:ListNotebookMetadata", "athena:ListNotebookSessions", "athena:ListPreparedStatements", "athena:ListQueryExecutions", "athena:ListSessions", "athena:ListTableMetadata", "athena:ListTagsForResource", "athena:ListWorkGroups", "athena:UpdateNotebook", "athena:DeleteNotebook", "athena:DeletePreparedStatement", "athena:UpdateNotebookMetadata", "athena:DeleteNamedQuery", "athena:GetCalculationExecution", "athena:GetCalculationExecutionCode", "athena:GetCalculationExecutionStatus", "athena:GetCapacityAssignmentConfiguration", "athena:GetCapacityReservation", "athena:GetCatalogs", "athena:GetDataCatalog", "athena:GetDatabase", "athena:GetExecutionEngine", "athena:GetExecutionEngines", "athena:GetNamedQuery", "athena:GetNamespace", "athena:GetNamespaces", "athena:GetNotebookMetadata", "athena:GetPreparedStatement", "athena:GetQueryExecution", "athena:GetQueryExecutions", "athena:GetQueryResults", "athena:GetQueryResultsStream", "athena:GetQueryRuntimeStatistics", "athena:GetSession", "athena:GetSessionStatus", "athena:GetTable", "athena:GetTableMetadata", "athena:GetTables", "athena:GetWorkGroup", "athena:UpdateNamedQuery", "athena:CreateNamedQuery", "athena:ExportNotebook", "athena:StopQueryExecution", "athena:StartCalculationExecution", "athena:StartSession", "athena:CreatePresignedNotebookUrl", "athena:CreateNotebook", "athena:ImportNotebook", "organizations:DescribeOrganization", "organizations:DescribeAccount", "lakeformation:GetDataAccess", "lakeformation:BatchGrantPermissions", "lakeformation:GrantPermissions", "lakeformation:GetDataLakeSettings", "lakeformation:PutDataLakeSettings", "lakeformation:BatchRevokePermissions", "lakeformation:GetResourceLFTags", "lakeformation:ListPermissions", "ram:CreateResourceShare", "ram:UpdateResourceShare", "ram:DeleteResourceShare", "ram:AssociateResourceShare", "ram:DisassociateResourceShare", "ram:AcceptResourceShareInvitation", "ram:GetPermission", "ram:GetResourcePolicies", "ram:GetResourceShareAssociations", "ram:GetResourceShareInvitations", "ram:GetResourceShares", "ram:ListPendingInvitationResources", "ram:ListPermissionAssociations", "ram:ListPermissionVersions", "ram:ListPermissions", "ram:ListPrincipals", "ram:ListReplacePermissionAssociationsWork", "ram:ListResourceSharePermissions", "ram:ListResourceTypes", "ram:ListResources", "redshift:DescribeClusters", "redshift:JoinGroup", "redshift:CreateClusterUser", "redshift:GetClusterCredentials", "redshift-data:BatchExecuteStatement", "redshift-data:CancelStatement", "redshift-data:DescribeStatement", "redshift-data:DescribeTable", "redshift-data:ExecuteStatement", "redshift-data:GetStatementResult", "redshift-data:ListDatabases", "redshift-data:ListSchemas", "redshift-data:ListStatements", "redshift-data:ListTables", "redshift:AuthorizeDataShare", "redshift:DescribeDataShares", "redshift:AssociateDataShareConsumer", "tag:GetResources", "iam:ListRoles", "iam:ListUsers", "iam:ListGroups", "iam:ListRolePolicies", "iam:GetRole", "iam:GetRolePolicy", "glue:CreateTable", "glue:BatchCreatePartition", "glue:CreatePartition", "glue:CreatePartitionIndex", "glue:CreateDataQualityRuleset", "glue:CreateBlueprint", "glue:CreateJob", "glue:CreateConnection", "glue:CreateCrawler", "glue:CreateWorkflow", "sqlworkbench:AssociateConnectionWithChart", "sqlworkbench:AssociateConnectionWithTab", "sqlworkbench:AssociateNotebookWithTab", "sqlworkbench:AssociateQueryWithTab", "sqlworkbench:BatchDeleteFolder", "sqlworkbench:BatchGetNotebookCell", "sqlworkbench:CreateAccount", "sqlworkbench:CreateChart", "sqlworkbench:CreateConnection", "sqlworkbench:CreateFolder", "sqlworkbench:CreateNotebook", "sqlworkbench:CreateNotebookCell", "sqlworkbench:CreateNotebookFromVersion", "sqlworkbench:CreateNotebookVersion", "sqlworkbench:CreateSavedQuery", "sqlworkbench:DeleteChart", "sqlworkbench:DeleteConnection", "sqlworkbench:DeleteNotebook", "sqlworkbench:DeleteNotebookCell", "sqlworkbench:DeleteNotebookVersion", "sqlworkbench:DeleteSavedQuery", "sqlworkbench:DeleteTab", "sqlworkbench:DriverExecute", "sqlworkbench:DuplicateNotebook", "sqlworkbench:ExportNotebook", "sqlworkbench:GenerateSession", "sqlworkbench:GetAccountInfo", "sqlworkbench:GetAccountSettings", "sqlworkbench:GetAutocompletionMetadata", "sqlworkbench:GetAutocompletionResource", "sqlworkbench:GetChart", "sqlworkbench:GetConnection", "sqlworkbench:GetNotebook", "sqlworkbench:GetNotebookVersion", "sqlworkbench:GetQSqlRecommendations", "sqlworkbench:GetQueryExecutionHistory", "sqlworkbench:GetSavedQuery", "sqlworkbench:GetSchemaInference", "sqlworkbench:GetUserInfo", "sqlworkbench:GetUserWorkspaceSettings", "sqlworkbench:ImportNotebook", "sqlworkbench:ListConnections", "sqlworkbench:ListDatabases", "sqlworkbench:ListFiles", "sqlworkbench:ListNotebookVersions", "sqlworkbench:ListNotebooks", "sqlworkbench:ListQueryExecutionHistory", "sqlworkbench:ListRedshiftClusters", "sqlworkbench:ListSampleDatabases", "sqlworkbench:ListSavedQueryVersions", "sqlworkbench:ListTabs", "sqlworkbench:ListTaggedResources", "sqlworkbench:ListTagsForResource", "sqlworkbench:PutTab", "sqlworkbench:PutUserWorkspaceSettings", "sqlworkbench:RestoreNotebookVersion", "sqlworkbench:TagResource", "sqlworkbench:UntagResource", "sqlworkbench:UpdateAccountConnectionSettings", "sqlworkbench:UpdateAccountExportSettings", "sqlworkbench:UpdateAccountGeneralSettings", "sqlworkbench:UpdateAccountQSqlSettings", "sqlworkbench:UpdateChart", "sqlworkbench:UpdateConnection", "sqlworkbench:UpdateFileFolder", "sqlworkbench:UpdateFolder", "sqlworkbench:UpdateNotebook", "sqlworkbench:UpdateNotebookCellContent", "sqlworkbench:UpdateNotebookCellLayout", "sqlworkbench:UpdateSavedQuery", "datazone:AcceptPredictions", "datazone:AcceptSubscriptionRequest", "datazone:AddPolicyGrant", "datazone:CancelMetadataGenerationRun", "datazone:CancelSubscription", "datazone:CreateAsset", "datazone:CreateAssetRevision", "datazone:CreateAssetType", "datazone:CreateDataSource", "datazone:CreateDomain", "datazone:CreateEnvironment", "datazone:CreateEnvironmentBlueprint", "datazone:CreateEnvironmentProfile", "datazone:CreateFormType", "datazone:CreateGlossary", "datazone:CreateGlossaryTerm", "datazone:CreateGroupProfile", "datazone:CreateListingChangeSet", "datazone:CreateProject", "datazone:CreateProjectMembership", "datazone:CreateSubscriptionGrant", "datazone:CreateSubscriptionRequest", "datazone:CreateSubscriptionTarget", "datazone:CreateUserProfile", "datazone:DeleteAsset", "datazone:DeleteAssetType", "datazone:DeleteDataSource", "datazone:DeleteDomain", "datazone:DeleteDomainSharingPolicy", "datazone:DeleteEnvironment", "datazone:DeleteEnvironmentBlueprint", "datazone:DeleteEnvironmentBlueprintConfiguration", "datazone:DeleteEnvironmentProfile", "datazone:DeleteFormType", "datazone:DeleteGlossary", "datazone:DeleteGlossaryTerm", "datazone:DeleteListing", "datazone:DeleteProject", "datazone:DeleteProjectMembership", "datazone:DeleteSubscriptionGrant", "datazone:DeleteSubscriptionRequest", "datazone:DeleteSubscriptionTarget", "datazone:DeleteTimeSeriesDataPoints", "datazone:GetAsset", "datazone:GetAssetType", "datazone:GetDataSource", "datazone:GetDataSourceRun", "datazone:GetDomain", "datazone:GetDomainSharingPolicy", "datazone:GetEnvironment", "datazone:GetEnvironmentActionLink", "datazone:GetEnvironmentBlueprint", "datazone:GetEnvironmentBlueprintConfiguration", "datazone:GetEnvironmentCredentials", "datazone:GetEnvironmentProfile", "datazone:GetFormType", "datazone:GetGlossary", "datazone:GetGlossaryTerm", "datazone:GetGroupProfile", "datazone:GetIamPortalLoginUrl", "datazone:GetListing", "datazone:GetMetadataGenerationRun", "datazone:GetProject", "datazone:GetSubscription", "datazone:GetSubscriptionEligibility", "datazone:GetSubscriptionGrant", "datazone:GetSubscriptionRequestDetails", "datazone:GetSubscriptionTarget", "datazone:GetTimeSeriesDataPoint", "datazone:GetUserProfile", "datazone:ListAccountEnvironments", "datazone:ListAssetRevisions", "datazone:ListDataSourceRunActivities", "datazone:ListDataSourceRuns", "datazone:ListDataSources", "datazone:ListDomains", "datazone:ListEnvironmentBlueprintConfigurationSummaries", "datazone:ListEnvironmentBlueprintConfigurations", "datazone:ListEnvironmentBlueprints", "datazone:ListEnvironmentProfiles", "datazone:ListEnvironments", "datazone:ListGroupsForUser", "datazone:ListMetadataGenerationRuns", "datazone:ListNotifications", "datazone:ListPolicyGrants", "datazone:ListProjectMemberships", "datazone:ListProjects", "datazone:ListSubscriptionGrants", "datazone:ListSubscriptionRequests", "datazone:ListSubscriptionTargets", "datazone:ListSubscriptions", "datazone:ListTagsForResource", "datazone:ListTimeSeriesDataPoints", "datazone:ListWarehouseMetadata", "datazone:PostTimeSeriesDataPoints", "datazone:ProvisionDomain", "datazone:PutDomainSharingPolicy", "datazone:PutEnvironmentBlueprintConfiguration", "datazone:RefreshToken", "datazone:RejectPredictions", "datazone:RejectSubscriptionRequest", "datazone:RemovePolicyGrant", "datazone:RevokeSubscription", "datazone:Search", "datazone:SearchGroupProfiles", "datazone:SearchListings", "datazone:SearchTypes", "datazone:SearchUserProfiles", "datazone:SsoLogin", "datazone:SsoLogout", "datazone:StartDataSourceRun", "datazone:StartMetadataGenerationRun", "datazone:StopMetadataGenerationRun", "datazone:TagResource", "datazone:UntagResource", "datazone:UpdateDataSource", "datazone:UpdateDataSourceRunActivities", "datazone:UpdateDomain", "datazone:UpdateEnvironment", "datazone:UpdateEnvironmentBlueprint", "datazone:UpdateEnvironmentConfiguration", "datazone:UpdateEnvironmentDeploymentStatus", "datazone:UpdateEnvironmentProfile", "datazone:UpdateGlossary", "datazone:UpdateGlossaryTerm", "datazone:UpdateGroupProfile", "datazone:UpdateProject", "datazone:UpdateSubscriptionGrantStatus", "datazone:UpdateSubscriptionRequest", "datazone:UpdateSubscriptionTarget", "datazone:UpdateUserProfile", "datazone:ValidatePassRole", "ec2:CreateTags", "ec2:DeleteTags", "kms:ListAliases", "kms:ListGrants", "kms:ListKeyPolicies", "kms:ListKeyRotations", "kms:ListKeys", "kms:ListResourceTags", "kms:ListRetirableGrants", "kms:GetKeyPolicy", "kms:GetKeyRotationStatus", "kms:GetParametersForImport", "kms:GetPublicKey", "kms:DescribeCustomKeyStores", "kms:DescribeKey", "kms:Decrypt", "kms:Encrypt", "kms:ReEncryptFrom", "kms:ReEncryptTo", "kms:Verify", "kms:Sign", "kms:GenerateDataKey", "glue:BatchCreatePartition", "glue:BatchDeleteConnection", "glue:BatchDeletePartition", "glue:BatchDeleteTable", "glue:BatchDeleteTableVersion", "glue:BatchGetBlueprints", "glue:BatchGetCrawlers", "glue:BatchGetCustomEntityTypes", "glue:BatchGetDevEndpoints", "glue:BatchGetJobs", "glue:BatchGetPartition", "glue:BatchGetStageFiles", "glue:BatchGetTableOptimizer", "glue:BatchGetTriggers", "glue:BatchGetWorkflows", "glue:BatchStopJobRun", "glue:BatchUpdatePartition", "glue:CancelDataQualityRuleRecommendationRun", "glue:CancelDataQualityRulesetEvaluationRun", "glue:CancelMLTaskRun", "glue:CancelStatement", "glue:CheckSchemaVersionValidity", "glue:CreateBlueprint", "glue:CreateClassifier", "glue:CreateConnection", "glue:CreateCrawler", "glue:CreateCustomEntityType", "glue:CreateDataQualityRuleset", "glue:CreateDatabase", "glue:CreateDevEndpoint", "glue:CreateJob", "glue:CreateMLTransform", "glue:CreatePartition", "glue:CreatePartitionIndex", "glue:CreateRegistry", "glue:CreateSchema", "glue:CreateScript", "glue:CreateSecurityConfiguration", "glue:CreateSession", "glue:CreateTable", "glue:CreateTableOptimizer", "glue:CreateTrigger", "glue:CreateUserDefinedFunction", "glue:CreateWorkflow", "glue:DeleteBlueprint", "glue:DeleteClassifier", "glue:DeleteColumnStatisticsForPartition", "glue:DeleteColumnStatisticsForTable", "glue:DeleteConnection", "glue:DeleteCrawler", "glue:DeleteCustomEntityType", "glue:DeleteDataQualityRuleset", "glue:DeleteDatabase", "glue:DeleteDevEndpoint", "glue:DeleteJob", "glue:DeleteMLTransform", "glue:DeletePartition", "glue:DeletePartitionIndex", "glue:DeleteRegistry", "glue:DeleteResourcePolicy", "glue:DeleteSchema", "glue:DeleteSchemaVersions", "glue:DeleteSecurityConfiguration", "glue:DeleteSession", "glue:DeleteTable", "glue:DeleteTableOptimizer", "glue:DeleteTableVersion", "glue:DeleteTrigger", "glue:DeleteUserDefinedFunction", "glue:DeleteWorkflow", "glue:DeregisterDataPreview", "glue:GetBlueprint", "glue:GetBlueprintRun", "glue:GetBlueprintRuns", "glue:GetCatalogImportStatus", "glue:GetClassifier", "glue:GetClassifiers", "glue:GetColumnStatisticsForPartition", "glue:GetColumnStatisticsForTable", "glue:GetColumnStatisticsTaskRun", "glue:GetColumnStatisticsTaskRuns", "glue:GetCompletion", "glue:GetConnection", "glue:GetConnections", "glue:GetCrawler", "glue:GetCrawlerMetrics", "glue:GetCrawlers", "glue:GetCustomEntityType", "glue:GetDataCatalogEncryptionSettings", "glue:GetDataPreviewStatement", "glue:GetDataQualityResult", "glue:GetDataQualityRuleRecommendationRun", "glue:GetDataQualityRuleset", "glue:GetDataQualityRulesetEvaluationRun", "glue:GetDatabase", "glue:GetDatabases", "glue:GetDataflowGraph", "glue:GetDevEndpoint", "glue:GetDevEndpoints", "glue:GetEnvironment", "glue:GetExecutors", "glue:GetExecutorsThreads", "glue:GetJob", "glue:GetJobBookmark", "glue:GetJobRun", "glue:GetJobRuns", "glue:GetJobs", "glue:GetLogParsingStatus", "glue:GetMLTaskRun", "glue:GetMLTaskRuns", "glue:GetMLTransform", "glue:GetMLTransforms", "glue:GetMapping", "glue:GetNotebookInstanceStatus", "glue:GetPartition", "glue:GetPartitionIndexes", "glue:GetPartitionMetadata", "glue:GetPartitions", "glue:GetPlan", "glue:GetQueries", "glue:GetQuery", "glue:GetRegistry", "glue:GetResourcePolicies", "glue:GetResourcePolicy", "glue:GetSchema", "glue:GetSchemaByDefinition", "glue:GetSchemaVersion", "glue:GetSchemaVersionsDiff", "glue:GetSecurityConfiguration", "glue:GetSecurityConfigurations", "glue:GetSession", "glue:GetStage", "glue:GetStageAttempt", "glue:GetStageAttemptTaskList", "glue:GetStageAttemptTaskSummary", "glue:GetStageFiles", "glue:GetStages", "glue:GetStatement", "glue:GetStorage", "glue:GetStorageUnit", "glue:GetTable", "glue:GetTableOptimizer", "glue:GetTableVersion", "glue:GetTableVersions", "glue:GetTables", "glue:GetTags", "glue:GetTrigger", "glue:GetTriggers", "glue:GetUserDefinedFunction", "glue:GetUserDefinedFunctions", "glue:GetWorkflow", "glue:GetWorkflowRun", "glue:GetWorkflowRunProperties", "glue:GetWorkflowRuns", "glue:GlueNotebookAuthorize", "glue:GlueNotebookRefreshCredentials", "glue:ImportCatalogToGlue", "glue:ListBlueprints", "glue:ListColumnStatisticsTaskRuns", "glue:ListCrawlers", "glue:ListCrawls", "glue:ListCustomEntityTypes", "glue:ListDataQualityResults", "glue:ListDataQualityRuleRecommendationRuns", "glue:ListDataQualityRulesetEvaluationRuns", "glue:ListDataQualityRulesets", "glue:ListDevEndpoints", "glue:ListJobs", "glue:ListMLTransforms", "glue:ListRegistries", "glue:ListSchemaVersions", "glue:ListSchemas", "glue:ListSessions", "glue:ListStatements", "glue:ListTableOptimizerRuns", "glue:ListTriggers", "glue:ListWorkflows", "glue:NotifyEvent", "glue:PassConnection", "glue:PublishDataQuality", "glue:PutDataCatalogEncryptionSettings", "glue:PutResourcePolicy", "glue:PutSchemaVersionMetadata", "glue:PutWorkflowRunProperties", "glue:QuerySchemaVersionMetadata", "glue:RegisterSchemaVersion", "glue:RemoveSchemaVersionMetadata", "glue:RequestLogParsing", "glue:ResetJobBookmark", "glue:ResumeWorkflowRun", "glue:RunDataPreviewStatement", "glue:RunStatement", "glue:SearchTables", "glue:SendFeedback", "glue:StartBlueprintRun", "glue:StartColumnStatisticsTaskRun", "glue:StartCompletion", "glue:StartCrawler", "glue:StartCrawlerSchedule", "glue:StartDataQualityRuleRecommendationRun", "glue:StartDataQualityRulesetEvaluationRun", "glue:StartExportLabelsTaskRun", "glue:StartImportLabelsTaskRun", "glue:StartJobRun", "glue:StartMLEvaluationTaskRun", "glue:StartMLLabelingSetGenerationTaskRun", "glue:StartNotebook", "glue:StartTrigger", "glue:StartWorkflowRun", "glue:StopColumnStatisticsTaskRun", "glue:StopCrawler", "glue:StopCrawlerSchedule", "glue:StopSession", "glue:StopTrigger", "glue:StopWorkflowRun", "glue:TagResource", "glue:TerminateNotebook", "glue:TestConnection", "glue:UntagResource", "glue:UpdateBlueprint", "glue:UpdateClassifier", "glue:UpdateColumnStatisticsForPartition", "glue:UpdateColumnStatisticsForTable", "glue:UpdateConnection", "glue:UpdateCrawler", "glue:UpdateCrawlerSchedule", "glue:UpdateDataQualityRuleset", "glue:UpdateDatabase", "glue:UpdateDevEndpoint", "glue:UpdateJob", "glue:UpdateJobFromSourceControl", "glue:UpdateMLTransform", "glue:UpdatePartition", "glue:UpdateRegistry", "glue:UpdateSchema", "glue:UpdateSourceControlFromJob", "glue:UpdateTable", "glue:UpdateTableOptimizer", "glue:UpdateTrigger", "glue:UpdateUserDefinedFunction", "glue:UpdateWorkflow", "glue:UseGlueStudio", "glue:UseMLTransforms", "iam:PassRole", "glue:BatchGetBlueprints", "glue:BatchGetCrawlers", "glue:BatchGetCustomEntityTypes", "glue:BatchGetDevEndpoints", "glue:BatchGetJobs", "glue:BatchGetPartition", "glue:BatchGetStageFiles", "glue:BatchGetTableOptimizer", "glue:BatchGetTriggers", "glue:BatchGetWorkflows", "glue:SearchTables", "glue:ListBlueprints", "glue:ListColumnStatisticsTaskRuns", "glue:ListCrawlers", "glue:ListCrawls", "glue:ListCustomEntityTypes", "glue:ListDataQualityResults", "glue:ListDataQualityRuleRecommendationRuns", "glue:ListDataQualityRulesetEvaluationRuns", "glue:ListDataQualityRulesets", "glue:ListDevEndpoints", "glue:ListJobs", "glue:ListMLTransforms", "glue:ListRegistries", "glue:ListSchemaVersions", "glue:ListSchemas", "glue:ListSessions", "glue:ListStatements", "glue:ListTableOptimizerRuns", "glue:ListTriggers", "glue:ListWorkflows", "glue:GetBlueprint", "glue:GetBlueprintRun", "glue:GetBlueprintRuns", "glue:GetCatalogImportStatus", "glue:GetClassifier", "glue:GetClassifiers", "glue:GetColumnStatisticsForPartition", "glue:GetColumnStatisticsForTable", "glue:GetColumnStatisticsTaskRun", "glue:GetColumnStatisticsTaskRuns", "glue:GetCompletion", "glue:GetConnection", "glue:GetConnections", "glue:GetCrawler", "glue:GetCrawlerMetrics", "glue:GetCrawlers", "glue:GetCustomEntityType", "glue:GetDataCatalogEncryptionSettings", "glue:GetDataPreviewStatement", "glue:GetDataQualityResult", "glue:GetDataQualityRuleRecommendationRun", "glue:GetDataQualityRuleset", "glue:GetDataQualityRulesetEvaluationRun", "glue:GetDatabase", "glue:GetDatabases", "glue:GetDataflowGraph", "glue:GetDevEndpoint", "glue:GetDevEndpoints", "glue:GetEnvironment", "glue:GetExecutors", "glue:GetExecutorsThreads", "glue:GetJob", "glue:GetJobBookmark", "glue:GetJobRun", "glue:GetJobRuns", "glue:GetJobs", "glue:GetLogParsingStatus", "glue:GetMLTaskRun", "glue:GetMLTaskRuns", "glue:GetMLTransform", "glue:GetMLTransforms", "glue:GetMapping", "glue:GetNotebookInstanceStatus", "glue:GetPartition", "glue:GetPartitionIndexes", "glue:GetPartitionMetadata", "glue:GetPartitions", "glue:GetPlan", "glue:GetQueries", "glue:GetQuery", "glue:GetRegistry", "glue:GetResourcePolicies", "glue:GetResourcePolicy", "glue:GetSchema", "glue:GetSchemaByDefinition", "glue:GetSchemaVersion", "glue:GetSchemaVersionsDiff", "glue:GetSecurityConfiguration", "glue:GetSecurityConfigurations", "glue:GetSession", "glue:GetStage", "glue:GetStageAttempt", "glue:GetStageAttemptTaskList", "glue:GetStageAttemptTaskSummary", "glue:GetStageFiles", "glue:GetStages", "glue:GetStatement", "glue:GetStorage", "glue:GetStorageUnit", "glue:GetTable", "glue:GetTableOptimizer", "glue:GetTableVersion", "glue:GetTableVersions", "glue:GetTables", "glue:GetTags", "glue:GetTrigger", "glue:GetTriggers", "glue:GetUserDefinedFunction", "glue:GetUserDefinedFunctions", "glue:GetWorkflow", "glue:GetWorkflowRun", "glue:GetWorkflowRunProperties", "glue:GetWorkflowRuns", "glue:CreateDatabase", "glue:UpdateDatabase", "glue:DeleteTable", "glue:BatchDeleteTable", "glue:UpdateTable", "glue:DeletePartition", "glue:BatchDeletePartition", "glue:PutResourcePolicy", "glue:BatchUpdatePartition", "glue:DeleteTableVersion", "glue:DeleteColumnStatisticsForPartition", "glue:DeleteColumnStatisticsForTable", "glue:DeletePartitionIndex", "glue:UpdateColumnStatisticsForPartition", "glue:UpdateColumnStatisticsForTable", "glue:BatchDeleteTableVersion", "glue:UpdatePartition", "glue:NotifyEvent", "glue:DeleteResourcePolicy" ], "malformed": true, "name": "AmazonDataZoneProjectRolePermissionsBoundary", "privesc": true, "resource_exposure": true, "undocumented_actions": true, "unknown_actions": false, "updatedate": null, "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSQuickSightElasticsearchPolicy", "createdate": "2021-09-07T23:25:55Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "es:ESHttpGet", "es:ListDomainNames", "es:DescribeElasticsearchDomain", "es:DescribeDomain", "es:ESHttpPost", "es:ESHttpGet" ], "malformed": false, "name": "AWSQuickSightElasticsearchPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-09-07T23:25:55+00:00", "version": "v3" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/ElementalActivationsReadOnlyAccess", "createdate": "2020-08-28T16:51:01Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elemental-activations:GetActivation" ], "malformed": false, "name": "ElementalActivationsReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-08-28T16:51:01+00:00", "version": "v1" }, { "access_levels": [ "List", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSVPCTransitGatewayServiceRolePolicy", "createdate": "2021-04-15T16:31:44Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateNetworkInterface", "ec2:DescribeNetworkInterfaces", "ec2:ModifyNetworkInterfaceAttribute", "ec2:DeleteNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:AssignIpv6Addresses", "ec2:UnassignIpv6Addresses" ], "malformed": false, "name": "AWSVPCTransitGatewayServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-04-15T16:31:44+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Unknown" ], "arn": "arn:aws:iam::aws:policy/job-function/ViewOnlyAccess", "createdate": "2024-03-28T21:28:38Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "acm:ListCertificates", "athena:ListApplicationDPUSizes", "athena:ListCalculationExecutions", "athena:ListCapacityReservations", "athena:ListDataCatalogs", "athena:ListDatabases", "athena:ListEngineVersions", "athena:ListExecutors", "athena:ListNamedQueries", "athena:ListNotebookMetadata", "athena:ListNotebookSessions", "athena:ListPreparedStatements", "athena:ListQueryExecutions", "athena:ListSessions", "athena:ListTableMetadata", "athena:ListTagsForResource", "athena:ListWorkGroups", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "aws-marketplace:ViewSubscriptions", "backup:DescribeBackupJob", "backup:DescribeBackupVault", "backup:DescribeCopyJob", "backup:DescribeFramework", "backup:DescribeGlobalSettings", "backup:DescribeProtectedResource", "backup:DescribeRecoveryPoint", "backup:DescribeRegionSettings", "backup:DescribeReportJob", "backup:DescribeReportPlan", "backup:DescribeRestoreJob", "backup:GetSupportedResourceTypes", "backup:ListBackupJobs", "backup:ListBackupPlanTemplates", "backup:ListBackupPlanVersions", "backup:ListBackupPlans", "backup:ListBackupSelections", "backup:ListBackupVaults", "backup:ListCopyJobs", "backup:ListFrameworks", "backup:ListLegalHolds", "backup:ListProtectedResources", "backup:ListProtectedResourcesByBackupVault", "backup:ListRecoveryPointsByBackupVault", "backup:ListRecoveryPointsByLegalHold", "backup:ListRecoveryPointsByResource", "backup:ListReportJobs", "backup:ListReportPlans", "backup:ListRestoreJobs", "backup:ListTags", "batch:ListJobs", "bedrock:ListCustomModels", "bedrock:ListTagsForResource", "clouddirectory:ListAppliedSchemaArns", "clouddirectory:ListDevelopmentSchemaArns", "clouddirectory:ListDirectories", "clouddirectory:ListPublishedSchemaArns", "cloudformation:DescribeStacks", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "cloudfront:ListCachePolicies", "cloudfront:ListCloudFrontOriginAccessIdentities", "cloudfront:ListConflictingAliases", "cloudfront:ListContinuousDeploymentPolicies", "cloudfront:ListDistributions", "cloudfront:ListDistributionsByCachePolicyId", "cloudfront:ListDistributionsByKeyGroup", "cloudfront:ListDistributionsByLambdaFunction", "cloudfront:ListDistributionsByOriginRequestPolicyId", "cloudfront:ListDistributionsByRealtimeLogConfig", "cloudfront:ListDistributionsByResponseHeadersPolicyId", "cloudfront:ListDistributionsByWebACLId", "cloudfront:ListFieldLevelEncryptionConfigs", "cloudfront:ListFieldLevelEncryptionProfiles", "cloudfront:ListFunctions", "cloudfront:ListInvalidations", "cloudfront:ListKeyGroups", "cloudfront:ListKeyValueStores", "cloudfront:ListOriginAccessControls", "cloudfront:ListOriginRequestPolicies", "cloudfront:ListPublicKeys", "cloudfront:ListRateCards", "cloudfront:ListRealtimeLogConfigs", "cloudfront:ListResponseHeadersPolicies", "cloudfront:ListSavingsPlans", "cloudfront:ListStreamingDistributions", "cloudfront:ListTagsForResource", "cloudfront:ListUsages", "cloudsearch:DescribeDomains", "cloudsearch:ListDomainNames", "cloudsearch:ListTags", "cloudtrail:DescribeTrails", "cloudtrail:ListTrails", "cloudtrail:LookupEvents", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "codebuild:ListBuilds", "codebuild:ListBuildsForProject", "codebuild:ListProjects", "codecommit:ListApprovalRuleTemplates", "codecommit:ListAssociatedApprovalRuleTemplatesForRepository", "codecommit:ListBranches", "codecommit:ListFileCommitHistory", "codecommit:ListPullRequests", "codecommit:ListRepositories", "codecommit:ListRepositoriesForApprovalRuleTemplate", "codecommit:ListTagsForResource", "codedeploy:GetApplication", "codedeploy:GetApplicationRevision", "codedeploy:GetDeployment", "codedeploy:GetDeploymentConfig", "codedeploy:GetDeploymentGroup", "codedeploy:GetDeploymentInstance", "codedeploy:GetDeploymentTarget", "codedeploy:GetOnPremisesInstance", "codedeploy:ListApplicationRevisions", "codedeploy:ListApplications", "codedeploy:ListDeploymentConfigs", "codedeploy:ListDeploymentGroups", "codedeploy:ListDeploymentInstances", "codedeploy:ListDeploymentTargets", "codedeploy:ListDeployments", "codedeploy:ListGitHubAccountTokenNames", "codedeploy:ListOnPremisesInstances", "codedeploy:ListTagsForResource", "codepipeline:ListPipelines", "codestar:ListProjects", "codestar:ListResources", "codestar:ListTagsForProject", "codestar:ListTeamMembers", "codestar:ListUserProfiles", "cognito-identity:ListIdentities", "cognito-identity:ListIdentityPools", "cognito-idp:ListDevices", "cognito-idp:ListGroups", "cognito-idp:ListIdentityProviders", "cognito-idp:ListResourceServers", "cognito-idp:ListResourcesForWebACL", "cognito-idp:ListTagsForResource", "cognito-idp:ListUserImportJobs", "cognito-idp:ListUserPoolClients", "cognito-idp:ListUserPools", "cognito-idp:ListUsers", "cognito-idp:ListUsersInGroup", "cognito-sync:ListDatasets", "comprehend:DescribeDataset", "comprehend:DescribeDocumentClassificationJob", "comprehend:DescribeDocumentClassifier", "comprehend:DescribeDominantLanguageDetectionJob", "comprehend:DescribeEndpoint", "comprehend:DescribeEntitiesDetectionJob", "comprehend:DescribeEntityRecognizer", "comprehend:DescribeEventsDetectionJob", "comprehend:DescribeFlywheel", "comprehend:DescribeFlywheelIteration", "comprehend:DescribeKeyPhrasesDetectionJob", "comprehend:DescribePiiEntitiesDetectionJob", "comprehend:DescribeResourcePolicy", "comprehend:DescribeSentimentDetectionJob", "comprehend:DescribeTargetedSentimentDetectionJob", "comprehend:DescribeTopicsDetectionJob", "comprehend:ListDatasets", "comprehend:ListDocumentClassificationJobs", "comprehend:ListDocumentClassifierSummaries", "comprehend:ListDocumentClassifiers", "comprehend:ListDominantLanguageDetectionJobs", "comprehend:ListEndpoints", "comprehend:ListEntitiesDetectionJobs", "comprehend:ListEntityRecognizerSummaries", "comprehend:ListEntityRecognizers", "comprehend:ListEventsDetectionJobs", "comprehend:ListFlywheelIterationHistory", "comprehend:ListFlywheels", "comprehend:ListKeyPhrasesDetectionJobs", "comprehend:ListPiiEntitiesDetectionJobs", "comprehend:ListSentimentDetectionJobs", "comprehend:ListTagsForResource", "comprehend:ListTargetedSentimentDetectionJobs", "comprehend:ListTopicsDetectionJobs", "config:DescribeAggregateComplianceByConfigRules", "config:DescribeAggregateComplianceByConformancePacks", "config:DescribeAggregationAuthorizations", "config:DescribeComplianceByConfigRule", "config:DescribeComplianceByResource", "config:DescribeConfigRuleEvaluationStatus", "config:DescribeConfigRules", "config:DescribeConfigurationAggregatorSourcesStatus", "config:DescribeConfigurationAggregators", "config:DescribeConfigurationRecorderStatus", "config:DescribeConfigurationRecorders", "config:DescribeConformancePackCompliance", "config:DescribeConformancePackStatus", "config:DescribeConformancePacks", "config:DescribeDeliveryChannelStatus", "config:DescribeDeliveryChannels", "config:DescribeOrganizationConfigRuleStatuses", "config:DescribeOrganizationConfigRules", "config:DescribeOrganizationConformancePackStatuses", "config:DescribeOrganizationConformancePacks", "config:DescribePendingAggregationRequests", "config:DescribeRemediationConfigurations", "config:DescribeRemediationExceptions", "config:DescribeRemediationExecutionStatus", "config:DescribeRetentionConfigurations", "config:ListAggregateDiscoveredResources", "config:ListConformancePackComplianceScores", "config:ListDiscoveredResources", "config:ListResourceEvaluations", "config:ListStoredQueries", "config:ListTagsForResource", "connect:ListAgentStatuses", "connect:ListAnalyticsDataAssociations", "connect:ListApprovedOrigins", "connect:ListBots", "connect:ListContactEvaluations", "connect:ListContactFlowModules", "connect:ListContactFlows", "connect:ListContactReferences", "connect:ListDefaultVocabularies", "connect:ListEvaluationFormVersions", "connect:ListEvaluationForms", "connect:ListFlowAssociations", "connect:ListHoursOfOperations", "connect:ListInstanceAttributes", "connect:ListInstanceStorageConfigs", "connect:ListInstances", "connect:ListIntegrationAssociations", "connect:ListLambdaFunctions", "connect:ListLexBots", "connect:ListPhoneNumbers", "connect:ListPhoneNumbersV2", "connect:ListPredefinedAttributes", "connect:ListPrompts", "connect:ListQueueQuickConnects", "connect:ListQueues", "connect:ListQuickConnects", "connect:ListRealtimeContactAnalysisSegments", "connect:ListRealtimeContactAnalysisSegmentsV2", "connect:ListRoutingProfileQueues", "connect:ListRoutingProfiles", "connect:ListRules", "connect:ListSecurityKeys", "connect:ListSecurityProfileApplications", "connect:ListSecurityProfilePermissions", "connect:ListSecurityProfiles", "connect:ListTagsForResource", "connect:ListTaskTemplates", "connect:ListTrafficDistributionGroupUsers", "connect:ListTrafficDistributionGroups", "connect:ListUseCases", "connect:ListUserHierarchyGroups", "connect:ListUserProficiencies", "connect:ListUsers", "connect:ListViewVersions", "connect:ListViews", "cost-optimization-hub:GetPreferences", "cost-optimization-hub:GetRecommendation", "cost-optimization-hub:ListEnrollmentStatuses", "cost-optimization-hub:ListRecommendationSummaries", "cost-optimization-hub:ListRecommendations", "databrew:ListJobs", "databrew:ListProjects", "datapipeline:DescribePipelines", "datapipeline:GetAccountLimits", "datapipeline:ListPipelines", "dax:DescribeClusters", "dax:DescribeDefaultParameters", "dax:DescribeEvents", "dax:DescribeParameterGroups", "dax:DescribeParameters", "dax:DescribeSubnetGroups", "dax:ListTags", "devicefarm:ListArtifacts", "devicefarm:ListDeviceInstances", "devicefarm:ListDevicePools", "devicefarm:ListDevices", "devicefarm:ListInstanceProfiles", "devicefarm:ListJobs", "devicefarm:ListNetworkProfiles", "devicefarm:ListOfferingPromotions", "devicefarm:ListOfferingTransactions", "devicefarm:ListOfferings", "devicefarm:ListProjects", "devicefarm:ListRemoteAccessSessions", "devicefarm:ListRuns", "devicefarm:ListSamples", "devicefarm:ListSuites", "devicefarm:ListTagsForResource", "devicefarm:ListTestGridProjects", "devicefarm:ListTestGridSessionActions", "devicefarm:ListTestGridSessionArtifacts", "devicefarm:ListTestGridSessions", "devicefarm:ListTests", "devicefarm:ListUniqueProblems", "devicefarm:ListUploads", "devicefarm:ListVPCEConfigurations", "directconnect:DescribeConnectionLoa", "directconnect:DescribeConnections", "directconnect:DescribeConnectionsOnInterconnect", "directconnect:DescribeCustomerMetadata", "directconnect:DescribeDirectConnectGatewayAssociationProposals", "directconnect:DescribeDirectConnectGatewayAssociations", "directconnect:DescribeDirectConnectGatewayAttachments", "directconnect:DescribeDirectConnectGateways", "directconnect:DescribeHostedConnections", "directconnect:DescribeInterconnectLoa", "directconnect:DescribeInterconnects", "directconnect:DescribeLags", "directconnect:DescribeLoa", "directconnect:DescribeLocations", "directconnect:DescribeRouterConfiguration", "directconnect:DescribeTags", "directconnect:DescribeVirtualGateways", "directconnect:DescribeVirtualInterfaces", "discovery:ListConfigurations", "discovery:ListServerNeighbors", "dms:ListDataProviders", "dms:ListExtensionPacks", "dms:ListInstanceProfiles", "dms:ListMetadataModelAssessmentActionItems", "dms:ListMetadataModelAssessments", "dms:ListMetadataModelConversions", "dms:ListMetadataModelExports", "dms:ListMigrationProjects", "dms:ListTagsForResource", "ds:DescribeDirectories", "dynamodb:DescribeBackup", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeGlobalTable", "dynamodb:DescribeGlobalTableSettings", "dynamodb:DescribeLimits", "dynamodb:DescribeReservedCapacity", "dynamodb:DescribeReservedCapacityOfferings", "dynamodb:DescribeStream", "dynamodb:DescribeTable", "dynamodb:DescribeTimeToLive", "dynamodb:ListBackups", "dynamodb:ListExports", "dynamodb:ListGlobalTables", "dynamodb:ListStreams", "dynamodb:ListTables", "dynamodb:ListTagsOfResource", "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DescribeAvailabilityZones", "ec2:DescribeBundleTasks", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeExportTasks", "ec2:DescribeFlowLogs", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeKeyPairs", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribeRegions", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnGateways", "ec2:SearchLocalGatewayRoutes", "ecr:DescribeRegistry", "ecr:DescribeRepositories", "ecr:ListImages", "ecs:DescribeCapacityProviders", "ecs:DescribeClusters", "ecs:DescribeContainerInstances", "ecs:DescribeServices", "ecs:DescribeTaskDefinition", "ecs:DescribeTaskSets", "ecs:DescribeTasks", "ecs:ListAccountSettings", "ecs:ListAttributes", "ecs:ListClusters", "ecs:ListContainerInstances", "ecs:ListServices", "ecs:ListServicesByNamespace", "ecs:ListTagsForResource", "ecs:ListTaskDefinitionFamilies", "ecs:ListTaskDefinitions", "ecs:ListTasks", "eks:ListTagsForResource", "elastic-inference:DescribeAcceleratorOfferings", "elastic-inference:DescribeAcceleratorTypes", "elastic-inference:DescribeAccelerators", "elastic-inference:ListTagsForResource", "elasticache:DescribeCacheClusters", "elasticache:DescribeCacheEngineVersions", "elasticache:DescribeCacheParameterGroups", "elasticache:DescribeCacheParameters", "elasticache:DescribeCacheSecurityGroups", "elasticache:DescribeCacheSubnetGroups", "elasticache:DescribeEngineDefaultParameters", "elasticache:DescribeEvents", "elasticache:DescribeGlobalReplicationGroups", "elasticache:DescribeReplicationGroups", "elasticache:DescribeReservedCacheNodes", "elasticache:DescribeReservedCacheNodesOfferings", "elasticache:DescribeServerlessCacheSnapshots", "elasticache:DescribeServerlessCaches", "elasticache:DescribeServiceUpdates", "elasticache:DescribeSnapshots", "elasticache:DescribeUpdateActions", "elasticache:DescribeUserGroups", "elasticache:DescribeUsers", "elasticbeanstalk:DescribeApplicationVersions", "elasticbeanstalk:DescribeApplications", "elasticbeanstalk:DescribeEnvironments", "elasticbeanstalk:ListAvailableSolutionStacks", "elasticfilesystem:DescribeFileSystems", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticmapreduce:ListBootstrapActions", "elasticmapreduce:ListClusters", "elasticmapreduce:ListEditors", "elasticmapreduce:ListInstanceFleets", "elasticmapreduce:ListInstanceGroups", "elasticmapreduce:ListInstances", "elasticmapreduce:ListNotebookExecutions", "elasticmapreduce:ListReleaseLabels", "elasticmapreduce:ListRepositories", "elasticmapreduce:ListSecurityConfigurations", "elasticmapreduce:ListSteps", "elasticmapreduce:ListStudioSessionMappings", "elasticmapreduce:ListStudios", "elasticmapreduce:ListSupportedInstanceTypes", "elasticmapreduce:ListWorkspaceAccessIdentities", "elastictranscoder:ListJobsByPipeline", "elastictranscoder:ListJobsByStatus", "elastictranscoder:ListPipelines", "elastictranscoder:ListPresets", "emr-serverless:ListApplications", "es:DescribeElasticsearchDomain", "es:DescribeElasticsearchDomains", "es:ListDomainNames", "events:ListRuleNamesByTarget", "events:ListRules", "events:ListTargetsByRule", "firehose:DescribeDeliveryStream", "firehose:ListDeliveryStreams", "firehose:ListTagsForDeliveryStream", "fsx:DescribeFileSystems", "gamelift:ListAliases", "gamelift:ListBuilds", "gamelift:ListCompute", "gamelift:ListContainerGroupDefinitions", "gamelift:ListFleets", "gamelift:ListGameServerGroups", "gamelift:ListGameServers", "gamelift:ListLocations", "gamelift:ListScripts", "gamelift:ListTagsForResource", "glacier:ListJobs", "glacier:ListMultipartUploads", "glacier:ListParts", "glacier:ListProvisionedCapacity", "glacier:ListTagsForVault", "glacier:ListVaults", "glue:GetTags", "greengrass:ListClientDevicesAssociatedWithCoreDevice", "greengrass:ListComponentVersions", "greengrass:ListComponents", "greengrass:ListCoreDevices", "greengrass:ListDeployments", "greengrass:ListEffectiveDeployments", "greengrass:ListInstalledComponents", "greengrass:ListTagsForResource", "greengrass:ListBulkDeploymentDetailedReports", "greengrass:ListBulkDeployments", "greengrass:ListConnectorDefinitionVersions", "greengrass:ListConnectorDefinitions", "greengrass:ListCoreDefinitionVersions", "greengrass:ListCoreDefinitions", "greengrass:ListDeviceDefinitionVersions", "greengrass:ListDeviceDefinitions", "greengrass:ListFunctionDefinitionVersions", "greengrass:ListFunctionDefinitions", "greengrass:ListGroupCertificateAuthorities", "greengrass:ListGroupVersions", "greengrass:ListGroups", "greengrass:ListLoggerDefinitionVersions", "greengrass:ListLoggerDefinitions", "greengrass:ListResourceDefinitionVersions", "greengrass:ListResourceDefinitions", "greengrass:ListSubscriptionDefinitionVersions", "greengrass:ListSubscriptionDefinitions", "iam:GetAccountSummary", "iam:GetLoginProfile", "iam:ListAccessKeys", "iam:ListAccountAliases", "iam:ListAttachedGroupPolicies", "iam:ListAttachedRolePolicies", "iam:ListAttachedUserPolicies", "iam:ListCloudFrontPublicKeys", "iam:ListEntitiesForPolicy", "iam:ListGroupPolicies", "iam:ListGroups", "iam:ListGroupsForUser", "iam:ListInstanceProfileTags", "iam:ListInstanceProfiles", "iam:ListInstanceProfilesForRole", "iam:ListMFADeviceTags", "iam:ListMFADevices", "iam:ListOpenIDConnectProviderTags", "iam:ListOpenIDConnectProviders", "iam:ListPolicies", "iam:ListPoliciesGrantingServiceAccess", "iam:ListPolicyTags", "iam:ListPolicyVersions", "iam:ListRolePolicies", "iam:ListRoleTags", "iam:ListRoles", "iam:ListSAMLProviderTags", "iam:ListSAMLProviders", "iam:ListSSHPublicKeys", "iam:ListSTSRegionalEndpointsStatus", "iam:ListServerCertificateTags", "iam:ListServerCertificates", "iam:ListServiceSpecificCredentials", "iam:ListSigningCertificates", "iam:ListUserPolicies", "iam:ListUserTags", "iam:ListUsers", "iam:ListVirtualMFADevices", "importexport:ListJobs", "inspector:ListAssessmentRunAgents", "inspector:ListAssessmentRuns", "inspector:ListAssessmentTargets", "inspector:ListAssessmentTemplates", "inspector:ListEventSubscriptions", "inspector:ListExclusions", "inspector:ListFindings", "inspector:ListRulesPackages", "inspector:ListTagsForResource", "iot:ListActiveViolations", "iot:ListAttachedPolicies", "iot:ListAuditFindings", "iot:ListAuditMitigationActionsExecutions", "iot:ListAuditMitigationActionsTasks", "iot:ListAuditSuppressions", "iot:ListAuditTasks", "iot:ListAuthorizers", "iot:ListBillingGroups", "iot:ListCACertificates", "iot:ListCertificateProviders", "iot:ListCertificates", "iot:ListCertificatesByCA", "iot:ListCustomMetrics", "iot:ListDetectMitigationActionsExecutions", "iot:ListDetectMitigationActionsTasks", "iot:ListDimensions", "iot:ListDomainConfigurations", "iot:ListFleetMetrics", "iot:ListIndices", "iot:ListJobExecutionsForJob", "iot:ListJobExecutionsForThing", "iot:ListJobTemplates", "iot:ListJobs", "iot:ListManagedJobTemplates", "iot:ListMetricValues", "iot:ListMitigationActions", "iot:ListNamedShadowsForThing", "iot:ListOTAUpdates", "iot:ListOutgoingCertificates", "iot:ListPackageVersions", "iot:ListPackages", "iot:ListPolicies", "iot:ListPolicyPrincipals", "iot:ListPolicyVersions", "iot:ListPrincipalPolicies", "iot:ListPrincipalThings", "iot:ListProvisioningTemplateVersions", "iot:ListProvisioningTemplates", "iot:ListRelatedResourcesForAuditFinding", "iot:ListRetainedMessages", "iot:ListRoleAliases", "iot:ListScheduledAudits", "iot:ListSecurityProfiles", "iot:ListSecurityProfilesForTarget", "iot:ListStreams", "iot:ListTagsForResource", "iot:ListTargetsForPolicy", "iot:ListTargetsForSecurityProfile", "iot:ListThingGroups", "iot:ListThingGroupsForThing", "iot:ListThingPrincipals", "iot:ListThingRegistrationTaskReports", "iot:ListThingRegistrationTasks", "iot:ListThingTypes", "iot:ListThings", "iot:ListThingsInBillingGroup", "iot:ListThingsInThingGroup", "iot:ListTopicRuleDestinations", "iot:ListTopicRules", "iot:ListTunnels", "iot:ListV2LoggingLevels", "iot:ListViolationEvents", "kafka:ListClusters", "kendra:ListDataSources", "kendra:ListTagsForResource", "kinesis:ListStreams", "kinesisanalytics:ListApplications", "kinesisanalytics:ListTagsForResource", "kms:ListKeys", "kms:ListResourceTags", "lambda:ListAliases", "lambda:ListCodeSigningConfigs", "lambda:ListEventSourceMappings", "lambda:ListFunctionEventInvokeConfigs", "lambda:ListFunctionUrlConfigs", "lambda:ListFunctions", "lambda:ListFunctionsByCodeSigningConfig", "lambda:ListLayerVersions", "lambda:ListLayers", "lambda:ListProvisionedConcurrencyConfigs", "lambda:ListTags", "lambda:ListVersionsByFunction", "lex:GetBotAliases", "lex:GetBotChannelAssociations", "lex:GetBotVersions", "lex:GetBots", "lex:GetIntentVersions", "lex:GetIntents", "lex:GetSlotTypeVersions", "lex:GetSlotTypes", "lex:GetUtterancesView", "lightsail:GetBlueprints", "lightsail:GetBundles", "lightsail:GetInstanceSnapshots", "lightsail:GetInstances", "lightsail:GetKeyPair", "lightsail:GetRegions", "lightsail:GetStaticIps", "lightsail:IsVpcPeered", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:ListTagsForResource", "lookoutvision:ListModelPackagingJobs", "lookoutvision:ListModels", "lookoutvision:ListProjects", "machinelearning:DescribeBatchPredictions", "machinelearning:DescribeDataSources", "machinelearning:DescribeEvaluations", "machinelearning:DescribeMLModels", "machinelearning:DescribeTags", "mediaconnect:ListEntitlements", "mediaconnect:ListFlows", "mediaconnect:ListOfferings", "mediaconnect:ListReservations", "mobiletargeting:GetApplicationSettings", "mobiletargeting:GetCampaigns", "mobiletargeting:GetImportJobs", "mobiletargeting:GetSegments", "oam:ListAttachedLinks", "oam:ListLinks", "oam:ListSinks", "opsworks-cm:DescribeAccountAttributes", "opsworks-cm:DescribeBackups", "opsworks-cm:DescribeEvents", "opsworks-cm:DescribeNodeAssociationStatus", "opsworks-cm:DescribeServers", "opsworks:DescribeAgentVersions", "opsworks:DescribeApps", "opsworks:DescribeCommands", "opsworks:DescribeDeployments", "opsworks:DescribeEcsClusters", "opsworks:DescribeElasticIps", "opsworks:DescribeElasticLoadBalancers", "opsworks:DescribeInstances", "opsworks:DescribeLayers", "opsworks:DescribeLoadBasedAutoScaling", "opsworks:DescribeMyUserProfile", "opsworks:DescribeOperatingSystems", "opsworks:DescribePermissions", "opsworks:DescribeRaidArrays", "opsworks:DescribeRdsDbInstances", "opsworks:DescribeServiceErrors", "opsworks:DescribeStackProvisioningParameters", "opsworks:DescribeStackSummary", "opsworks:DescribeStacks", "opsworks:DescribeTimeBasedAutoScaling", "opsworks:DescribeUserProfiles", "opsworks:DescribeVolumes", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListAccounts", "organizations:ListAccountsForParent", "organizations:ListChildren", "organizations:ListCreateAccountStatus", "organizations:ListDelegatedAdministrators", "organizations:ListDelegatedServicesForAccount", "organizations:ListHandshakesForAccount", "organizations:ListHandshakesForOrganization", "organizations:ListOrganizationalUnitsForParent", "organizations:ListParents", "organizations:ListPolicies", "organizations:ListPoliciesForTarget", "organizations:ListRoots", "organizations:ListTagsForResource", "organizations:ListTargetsForPolicy", "outposts:GetOutpost", "outposts:GetOutpostInstanceTypes", "outposts:ListOutposts", "outposts:ListSites", "outposts:ListTagsForResource", "polly:DescribeVoices", "polly:ListLexicons", "polly:ListSpeechSynthesisTasks", "profile:ListDomains", "profile:ListIntegrations", "rds:DescribeAccountAttributes", "rds:DescribeBlueGreenDeployments", "rds:DescribeCertificates", "rds:DescribeDBClusterAutomatedBackups", "rds:DescribeDBClusterBacktracks", "rds:DescribeDBClusterEndpoints", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBProxies", "rds:DescribeDBProxyEndpoints", "rds:DescribeDBProxyTargetGroups", "rds:DescribeDBProxyTargets", "rds:DescribeDBRecommendations", "rds:DescribeDBSecurityGroups", "rds:DescribeDBShardGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeDbSnapshotTenantDatabases", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeExportTasks", "rds:DescribeGlobalClusters", "rds:DescribeIntegrations", "rds:DescribeOptionGroupOptions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeRecommendationGroups", "rds:DescribeRecommendations", "rds:DescribeReservedDBInstances", "rds:DescribeReservedDBInstancesOfferings", "rds:DescribeSourceRegions", "rds:DescribeTenantDatabases", "rds:DescribeValidDBInstanceModifications", "redshift-serverless:ListTagsForResource", "redshift-serverless:ListWorkgroups", "redshift:DescribeClusters", "redshift:DescribeEvents", "redshift:ViewQueriesInConsole", "resource-explorer-2:GetDefaultView", "resource-explorer-2:GetIndex", "resource-explorer-2:ListIndexes", "resource-explorer-2:ListSupportedResourceTypes", "resource-explorer-2:ListTagsForResource", "resource-explorer-2:ListViews", "route53:GetAccountLimit", "route53:GetChange", "route53:GetCheckerIpRanges", "route53:GetDNSSEC", "route53:GetGeoLocation", "route53:GetHealthCheck", "route53:GetHealthCheckCount", "route53:GetHealthCheckLastFailureReason", "route53:GetHealthCheckStatus", "route53:GetHostedZone", "route53:GetHostedZoneCount", "route53:GetHostedZoneLimit", "route53:GetQueryLoggingConfig", "route53:GetReusableDelegationSet", "route53:GetReusableDelegationSetLimit", "route53:GetTrafficPolicy", "route53:GetTrafficPolicyInstance", "route53:GetTrafficPolicyInstanceCount", "route53:ListCidrBlocks", "route53:ListCidrCollections", "route53:ListCidrLocations", "route53:ListGeoLocations", "route53:ListHealthChecks", "route53:ListHostedZones", "route53:ListHostedZonesByName", "route53:ListHostedZonesByVPC", "route53:ListQueryLoggingConfigs", "route53:ListResourceRecordSets", "route53:ListReusableDelegationSets", "route53:ListTagsForResource", "route53:ListTagsForResources", "route53:ListTrafficPolicies", "route53:ListTrafficPolicyInstances", "route53:ListTrafficPolicyInstancesByHostedZone", "route53:ListTrafficPolicyInstancesByPolicy", "route53:ListTrafficPolicyVersions", "route53:ListVPCAssociationAuthorizations", "route53domains:ListDomains", "route53domains:ListOperations", "route53domains:ListPrices", "route53domains:ListTagsForDomain", "route53resolver:GetFirewallConfig", "route53resolver:GetFirewallDomainList", "route53resolver:GetFirewallRuleGroup", "route53resolver:GetFirewallRuleGroupAssociation", "route53resolver:GetFirewallRuleGroupPolicy", "route53resolver:GetOutpostResolver", "route53resolver:GetResolverConfig", "route53resolver:GetResolverDnssecConfig", "route53resolver:GetResolverEndpoint", "route53resolver:GetResolverQueryLogConfig", "route53resolver:GetResolverQueryLogConfigAssociation", "route53resolver:GetResolverQueryLogConfigPolicy", "route53resolver:GetResolverRule", "route53resolver:GetResolverRuleAssociation", "route53resolver:GetResolverRulePolicy", "route53resolver:ListFirewallConfigs", "route53resolver:ListFirewallDomainLists", "route53resolver:ListFirewallDomains", "route53resolver:ListFirewallRuleGroupAssociations", "route53resolver:ListFirewallRuleGroups", "route53resolver:ListFirewallRules", "route53resolver:ListOutpostResolvers", "route53resolver:ListResolverConfigs", "route53resolver:ListResolverDnssecConfigs", "route53resolver:ListResolverEndpointIpAddresses", "route53resolver:ListResolverEndpoints", "route53resolver:ListResolverQueryLogConfigAssociations", "route53resolver:ListResolverQueryLogConfigs", "route53resolver:ListResolverRuleAssociations", "route53resolver:ListResolverRules", "route53resolver:ListTagsForResource", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListMultiRegionAccessPoints", "sagemaker:DescribeAction", "sagemaker:DescribeAlgorithm", "sagemaker:DescribeApp", "sagemaker:DescribeAppImageConfig", "sagemaker:DescribeArtifact", "sagemaker:DescribeAutoMLJob", "sagemaker:DescribeAutoMLJobV2", "sagemaker:DescribeCluster", "sagemaker:DescribeClusterNode", "sagemaker:DescribeCodeRepository", "sagemaker:DescribeCompilationJob", "sagemaker:DescribeContext", "sagemaker:DescribeDataQualityJobDefinition", "sagemaker:DescribeDevice", "sagemaker:DescribeDeviceFleet", "sagemaker:DescribeDomain", "sagemaker:DescribeEdgeDeploymentPlan", "sagemaker:DescribeEdgePackagingJob", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeExperiment", "sagemaker:DescribeFeatureGroup", "sagemaker:DescribeFeatureMetadata", "sagemaker:DescribeFlowDefinition", "sagemaker:DescribeHub", "sagemaker:DescribeHubContent", "sagemaker:DescribeHumanLoop", "sagemaker:DescribeHumanTaskUi", "sagemaker:DescribeHyperParameterTuningJob", "sagemaker:DescribeImage", "sagemaker:DescribeImageVersion", "sagemaker:DescribeInferenceComponent", "sagemaker:DescribeInferenceExperiment", "sagemaker:DescribeInferenceRecommendationsJob", "sagemaker:DescribeLabelingJob", "sagemaker:DescribeLineageGroup", "sagemaker:DescribeModel", "sagemaker:DescribeModelBiasJobDefinition", "sagemaker:DescribeModelCard", "sagemaker:DescribeModelCardExportJob", "sagemaker:DescribeModelExplainabilityJobDefinition", "sagemaker:DescribeModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:DescribeModelQualityJobDefinition", "sagemaker:DescribeMonitoringSchedule", "sagemaker:DescribeNotebookInstance", "sagemaker:DescribeNotebookInstanceLifecycleConfig", "sagemaker:DescribePipeline", "sagemaker:DescribePipelineDefinitionForExecution", "sagemaker:DescribePipelineExecution", "sagemaker:DescribeProcessingJob", "sagemaker:DescribeProject", "sagemaker:DescribeSharedModel", "sagemaker:DescribeSpace", "sagemaker:DescribeStudioLifecycleConfig", "sagemaker:DescribeSubscribedWorkteam", "sagemaker:DescribeTrainingJob", "sagemaker:DescribeTransformJob", "sagemaker:DescribeTrial", "sagemaker:DescribeTrialComponent", "sagemaker:DescribeUserProfile", "sagemaker:DescribeWorkforce", "sagemaker:DescribeWorkteam", "sagemaker:ListActions", "sagemaker:ListAlgorithms", "sagemaker:ListAliases", "sagemaker:ListAppImageConfigs", "sagemaker:ListApps", "sagemaker:ListArtifacts", "sagemaker:ListAssociations", "sagemaker:ListAutoMLJobs", "sagemaker:ListCandidatesForAutoMLJob", "sagemaker:ListClusterNodes", "sagemaker:ListClusters", "sagemaker:ListCodeRepositories", "sagemaker:ListCompilationJobs", "sagemaker:ListContexts", "sagemaker:ListDataQualityJobDefinitions", "sagemaker:ListDeviceFleets", "sagemaker:ListDevices", "sagemaker:ListDomains", "sagemaker:ListEdgeDeploymentPlans", "sagemaker:ListEdgePackagingJobs", "sagemaker:ListEndpointConfigs", "sagemaker:ListEndpoints", "sagemaker:ListExperiments", "sagemaker:ListFeatureGroups", "sagemaker:ListFlowDefinitions", "sagemaker:ListHubContentVersions", "sagemaker:ListHubContents", "sagemaker:ListHubs", "sagemaker:ListHumanLoops", "sagemaker:ListHumanTaskUis", "sagemaker:ListHyperParameterTuningJobs", "sagemaker:ListImageVersions", "sagemaker:ListImages", "sagemaker:ListInferenceComponents", "sagemaker:ListInferenceExperiments", "sagemaker:ListInferenceRecommendationsJobSteps", "sagemaker:ListInferenceRecommendationsJobs", "sagemaker:ListLabelingJobs", "sagemaker:ListLabelingJobsForWorkteam", "sagemaker:ListLineageGroups", "sagemaker:ListModelBiasJobDefinitions", "sagemaker:ListModelCardExportJobs", "sagemaker:ListModelCardVersions", "sagemaker:ListModelCards", "sagemaker:ListModelExplainabilityJobDefinitions", "sagemaker:ListModelMetadata", "sagemaker:ListModelPackageGroups", "sagemaker:ListModelPackages", "sagemaker:ListModelQualityJobDefinitions", "sagemaker:ListModels", "sagemaker:ListMonitoringAlertHistory", "sagemaker:ListMonitoringAlerts", "sagemaker:ListMonitoringExecutions", "sagemaker:ListMonitoringSchedules", "sagemaker:ListNotebookInstanceLifecycleConfigs", "sagemaker:ListNotebookInstances", "sagemaker:ListPipelineExecutionSteps", "sagemaker:ListPipelineExecutions", "sagemaker:ListPipelineParametersForExecution", "sagemaker:ListPipelines", "sagemaker:ListProcessingJobs", "sagemaker:ListProjects", "sagemaker:ListResourceCatalogs", "sagemaker:ListSharedModelEvents", "sagemaker:ListSharedModelVersions", "sagemaker:ListSharedModels", "sagemaker:ListSpaces", "sagemaker:ListStageDevices", "sagemaker:ListStudioLifecycleConfigs", "sagemaker:ListSubscribedWorkteams", "sagemaker:ListTags", "sagemaker:ListTrainingJobs", "sagemaker:ListTrainingJobsForHyperParameterTuningJob", "sagemaker:ListTransformJobs", "sagemaker:ListTrialComponents", "sagemaker:ListTrials", "sagemaker:ListUserProfiles", "sagemaker:ListWorkforces", "sagemaker:ListWorkteams", "sdb:ListDomains", "servicecatalog:ListAcceptedPortfolioShares", "servicecatalog:ListApplications", "servicecatalog:ListAssociatedAttributeGroups", "servicecatalog:ListAssociatedResources", "servicecatalog:ListAttributeGroups", "servicecatalog:ListAttributeGroupsForApplication", "servicecatalog:ListBudgetsForResource", "servicecatalog:ListConstraintsForPortfolio", "servicecatalog:ListLaunchPaths", "servicecatalog:ListOrganizationPortfolioAccess", "servicecatalog:ListPortfolioAccess", "servicecatalog:ListPortfolios", "servicecatalog:ListPortfoliosForProduct", "servicecatalog:ListPrincipalsForPortfolio", "servicecatalog:ListProvisionedProductPlans", "servicecatalog:ListProvisioningArtifacts", "servicecatalog:ListProvisioningArtifactsForServiceAction", "servicecatalog:ListRecordHistory", "servicecatalog:ListResourcesForTagOption", "servicecatalog:ListServiceActions", "servicecatalog:ListServiceActionsForProvisioningArtifact", "servicecatalog:ListStackInstancesForProvisionedProduct", "servicecatalog:ListTagOptions", "servicecatalog:ListTagsForResource", "ses:DescribeActiveReceiptRuleSet", "ses:ListConfigurationSets", "ses:ListDedicatedIpPools", "ses:ListDeliverabilityTestReports", "ses:ListDomainDeliverabilityCampaigns", "ses:ListEmailIdentities", "ses:ListTagsForResource", "ses:ListCustomVerificationEmailTemplates", "ses:ListIdentities", "ses:ListIdentityPolicies", "ses:ListReceiptFilters", "ses:ListReceiptRuleSets", "ses:ListTemplates", "ses:ListVerifiedEmailAddresses", "ses:ListContactLists", "ses:ListContacts", "ses:ListEmailTemplates", "ses:ListExportJobs", "ses:ListImportJobs", "ses:ListRecommendations", "ses:ListSuppressedDestinations", "ses:ListDedicatedIpPools", "shield:ListAttacks", "shield:ListProtectionGroups", "shield:ListProtections", "shield:ListResourcesInProtectionGroup", "shield:ListTagsForResource", "sns:ListEndpointsByPlatformApplication", "sns:ListOriginationNumbers", "sns:ListPhoneNumbersOptedOut", "sns:ListPlatformApplications", "sns:ListSMSSandboxPhoneNumbers", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTagsForResource", "sns:ListTopics", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "sqs:ListDeadLetterSourceQueues", "sqs:ListMessageMoveTasks", "sqs:ListQueueTags", "sqs:ListQueues", "ssm:ListAssociations", "ssm:ListDocuments", "states:ListActivities", "states:ListStateMachineAliases", "states:ListStateMachineVersions", "states:ListStateMachines", "storagegateway:ListGateways", "storagegateway:ListLocalDisks", "storagegateway:ListVolumeRecoveryPoints", "storagegateway:ListVolumes", "swf:ListActivityTypes", "swf:ListClosedWorkflowExecutions", "swf:ListDomains", "swf:ListOpenWorkflowExecutions", "swf:ListTagsForResource", "swf:ListWorkflowTypes", "trustedadvisor:DescribeAccount", "trustedadvisor:DescribeAccountAccess", "trustedadvisor:DescribeCheckItems", "trustedadvisor:DescribeCheckRefreshStatuses", "trustedadvisor:DescribeCheckStatusHistoryChanges", "trustedadvisor:DescribeCheckSummaries", "trustedadvisor:DescribeChecks", "trustedadvisor:DescribeNotificationConfigurations", "trustedadvisor:DescribeNotificationPreferences", "trustedadvisor:DescribeOrganization", "trustedadvisor:DescribeOrganizationAccounts", "trustedadvisor:DescribeReports", "trustedadvisor:DescribeRisk", "trustedadvisor:DescribeRiskResources", "trustedadvisor:DescribeRisks", "trustedadvisor:DescribeServiceMetadata", "waf-regional:ListActivatedRulesInRuleGroup", "waf-regional:ListByteMatchSets", "waf-regional:ListGeoMatchSets", "waf-regional:ListIPSets", "waf-regional:ListLoggingConfigurations", "waf-regional:ListRateBasedRules", "waf-regional:ListRegexMatchSets", "waf-regional:ListRegexPatternSets", "waf-regional:ListResourcesForWebACL", "waf-regional:ListRuleGroups", "waf-regional:ListRules", "waf-regional:ListSizeConstraintSets", "waf-regional:ListSqlInjectionMatchSets", "waf-regional:ListSubscribedRuleGroups", "waf-regional:ListTagsForResource", "waf-regional:ListWebACLs", "waf-regional:ListXssMatchSets", "waf:ListActivatedRulesInRuleGroup", "waf:ListByteMatchSets", "waf:ListGeoMatchSets", "waf:ListIPSets", "waf:ListLoggingConfigurations", "waf:ListRateBasedRules", "waf:ListRegexMatchSets", "waf:ListRegexPatternSets", "waf:ListRuleGroups", "waf:ListRules", "waf:ListSizeConstraintSets", "waf:ListSqlInjectionMatchSets", "waf:ListSubscribedRuleGroups", "waf:ListTagsForResource", "waf:ListWebACLs", "waf:ListXssMatchSets", "wafv2:ListAPIKeys", "wafv2:ListAvailableManagedRuleGroupVersions", "wafv2:ListAvailableManagedRuleGroups", "wafv2:ListIPSets", "wafv2:ListLoggingConfigurations", "wafv2:ListManagedRuleSets", "wafv2:ListMobileSdkReleases", "wafv2:ListRegexPatternSets", "wafv2:ListResourcesForWebACL", "wafv2:ListRuleGroups", "wafv2:ListTagsForResource", "wafv2:ListWebACLs", "workdocs:DescribeAvailableDirectories", "workdocs:DescribeInstances", "workmail:DescribeDirectories", "workmail:DescribeEmailMonitoringConfiguration", "workmail:DescribeEntity", "workmail:DescribeGroup", "workmail:DescribeInboundDmarcSettings", "workmail:DescribeInboundMailFlowRule", "workmail:DescribeKmsKeys", "workmail:DescribeMailDomains", "workmail:DescribeMailGroups", "workmail:DescribeMailUsers", "workmail:DescribeMailboxExportJob", "workmail:DescribeOrganization", "workmail:DescribeOrganizations", "workmail:DescribeOutboundMailFlowRule", "workmail:DescribeResource", "workmail:DescribeSmtpGateway", "workmail:DescribeUser", "workspaces:DescribeAccount", "workspaces:DescribeAccountModifications", "workspaces:DescribeApplicationAssociations", "workspaces:DescribeApplications", "workspaces:DescribeBundleAssociations", "workspaces:DescribeClientBranding", "workspaces:DescribeClientProperties", "workspaces:DescribeConnectClientAddIns", "workspaces:DescribeConnectionAliasPermissions", "workspaces:DescribeConnectionAliases", "workspaces:DescribeImageAssociations", "workspaces:DescribeIpGroups", "workspaces:DescribeTags", "workspaces:DescribeWorkspaceAssociations", "workspaces:DescribeWorkspaceBundles", "workspaces:DescribeWorkspaceDirectories", "workspaces:DescribeWorkspaceImagePermissions", "workspaces:DescribeWorkspaceImages", "workspaces:DescribeWorkspaceSnapshots", "workspaces:DescribeWorkspaces", "workspaces:DescribeWorkspacesConnectionStatus", "apigateway:GET" ], "malformed": false, "name": "ViewOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": true, "unknown_actions": false, "updatedate": "2024-03-28T21:28:38+00:00", "version": "v18" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonConnectCampaignsServiceLinkedRolePolicy", "createdate": "2023-11-08T16:16:16Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "connect-campaigns:ListCampaigns", "connect:BatchPutContact", "connect:StopContact" ], "malformed": false, "name": "AmazonConnectCampaignsServiceLinkedRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-08T16:16:16+00:00", "version": "v2" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole", "createdate": "2016-05-23T16:29:57Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateNetworkInterface", "ec2:DescribeAvailabilityZones", "ec2:DescribeInternetGateways", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DeleteNetworkInterface", "ec2:ModifyNetworkInterfaceAttribute" ], "malformed": false, "name": "AmazonDMSVPCManagementRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2016-05-23T16:29:57+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonEMRContainersServiceRolePolicy", "createdate": "2023-03-10T22:58:13Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "eks:DescribeCluster", "eks:ListNodegroups", "eks:DescribeNodegroup", "ec2:DescribeRouteTables", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "acm:ImportCertificate", "acm:AddTagsToCertificate", "acm:DeleteCertificate" ], "malformed": false, "name": "AmazonEMRContainersServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-10T22:58:13+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSBackupOrganizationAdminAccess", "createdate": "2022-11-18T18:26:40Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:DisableAWSServiceAccess", "organizations:EnableAWSServiceAccess", "organizations:ListDelegatedAdministrators", "organizations:RegisterDelegatedAdministrator", "organizations:DeregisterDelegatedAdministrator", "organizations:AttachPolicy", "organizations:ListPoliciesForTarget", "organizations:ListTargetsForPolicy", "organizations:DetachPolicy", "organizations:DisablePolicyType", "organizations:DescribePolicy", "organizations:DescribeEffectivePolicy", "organizations:ListPolicies", "organizations:EnablePolicyType", "organizations:CreatePolicy", "organizations:UpdatePolicy", "organizations:DeletePolicy", "organizations:ListRoots", "organizations:ListParents", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListAccountsForParent", "organizations:ListAccounts", "organizations:DescribeOrganization", "organizations:ListOrganizationalUnitsForParent", "organizations:ListChildren", "organizations:DescribeAccount", "organizations:DescribeOrganizationalUnit" ], "malformed": false, "name": "AWSBackupOrganizationAdminAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-18T18:26:40+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSControlTowerAccountServiceRolePolicy", "createdate": "2023-06-05T22:04:50Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "events:PutRule", "events:DeleteRule", "events:EnableRule", "events:DisableRule", "events:PutTargets", "events:RemoveTargets", "events:DescribeRule", "events:ListTargetsByRule", "sns:Publish", "securityhub:DescribeStandardsControls", "securityhub:GetEnabledStandards" ], "malformed": false, "name": "AWSControlTowerAccountServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-06-05T22:04:50+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/MediaPackageServiceRolePolicy", "createdate": "2020-09-18T17:45:47Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:PutLogEvents", "logs:CreateLogStream", "logs:CreateLogGroup", "logs:DescribeLogGroups", "logs:DescribeLogStreams" ], "malformed": false, "name": "MediaPackageServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-09-18T17:45:47+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/ConfigConformsServiceRolePolicy", "createdate": "2023-01-12T04:17:34Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "config:PutConfigRule", "config:DeleteConfigRule", "config:DescribeConfigRules", "config:DescribeRemediationConfigurations", "config:DeleteRemediationConfiguration", "config:PutRemediationConfigurations", "iam:GetRole", "iam:GetRole", "iam:CreateServiceLinkedRole", "iam:PassRole", "ssm:DescribeDocument", "ssm:GetDocument", "s3:PutObject", "s3:PutObjectAcl", "s3:GetObject", "s3:GetBucketAcl", "cloudformation:CreateStack", "cloudformation:DeleteStack", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResources", "cloudformation:DescribeStacks", "cloudformation:GetStackPolicy", "cloudformation:SetStackPolicy", "cloudformation:UpdateStack", "cloudformation:UpdateTerminationProtection", "cloudformation:ValidateTemplate", "cloudformation:ListStackResources", "cloudwatch:PutMetricData" ], "malformed": false, "name": "ConfigConformsServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-01-12T04:17:34+00:00", "version": "v6" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSMarketplaceLicenseManagementServiceRolePolicy", "createdate": "2020-12-03T08:33:40Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:DescribeOrganization", "license-manager:ListReceivedGrants", "license-manager:ListDistributedGrants", "license-manager:GetGrant", "license-manager:CreateGrant", "license-manager:CreateGrantVersion", "license-manager:DeleteGrant", "license-manager:AcceptGrant" ], "malformed": false, "name": "AWSMarketplaceLicenseManagementServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-03T08:33:40+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonManagedBlockchainFullAccess", "createdate": "2019-04-29T21:39:29Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "managedblockchain:CreateAccessor", "managedblockchain:CreateMember", "managedblockchain:CreateNetwork", "managedblockchain:CreateNode", "managedblockchain:CreateProposal", "managedblockchain:DeleteAccessor", "managedblockchain:DeleteMember", "managedblockchain:DeleteNode", "managedblockchain:GET", "managedblockchain:GetAccessor", "managedblockchain:GetMember", "managedblockchain:GetNetwork", "managedblockchain:GetNode", "managedblockchain:GetProposal", "managedblockchain:Invoke", "managedblockchain:InvokeRpcBitcoinMainnet", "managedblockchain:InvokeRpcBitcoinTestnet", "managedblockchain:InvokeRpcPolygonMainnet", "managedblockchain:InvokeRpcPolygonMumbaiTestnet", "managedblockchain:ListAccessors", "managedblockchain:ListInvitations", "managedblockchain:ListMembers", "managedblockchain:ListNetworks", "managedblockchain:ListNodes", "managedblockchain:ListProposalVotes", "managedblockchain:ListProposals", "managedblockchain:ListTagsForResource", "managedblockchain:POST", "managedblockchain:RejectInvitation", "managedblockchain:TagResource", "managedblockchain:UntagResource", "managedblockchain:UpdateMember", "managedblockchain:UpdateNode", "managedblockchain:VoteOnProposal" ], "malformed": false, "name": "AmazonManagedBlockchainFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-04-29T21:39:29+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/CloudWatchEventsBuiltInTargetExecutionAccess", "createdate": "2016-01-14T18:35:49Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:RebootInstances", "ec2:StopInstances", "ec2:TerminateInstances", "ec2:CreateSnapshot" ], "malformed": false, "name": "CloudWatchEventsBuiltInTargetExecutionAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2016-01-14T18:35:49+00:00", "version": "v1" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonMCSFullAccess", "createdate": "2020-04-17T19:19:29Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "application-autoscaling:DeleteScalingPolicy", "application-autoscaling:DeregisterScalableTarget", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingActivities", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:PutScalingPolicy", "application-autoscaling:RegisterScalableTarget", "application-autoscaling:PutScheduledAction", "application-autoscaling:DeleteScheduledAction", "application-autoscaling:DescribeScheduledActions", "cassandra:Alter", "cassandra:AlterMultiRegionResource", "cassandra:Create", "cassandra:CreateMultiRegionResource", "cassandra:Drop", "cassandra:DropMultiRegionResource", "cassandra:Modify", "cassandra:ModifyMultiRegionResource", "cassandra:Restore", "cassandra:RestoreMultiRegionTable", "cassandra:Select", "cassandra:SelectMultiRegionResource", "cassandra:TagMultiRegionResource", "cassandra:TagResource", "cassandra:UnTagMultiRegionResource", "cassandra:UntagResource", "cassandra:UpdatePartitioner", "cloudwatch:DeleteAlarms", "cloudwatch:DescribeAlarms", "cloudwatch:PutMetricAlarm", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonMCSFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-04-17T19:19:29+00:00", "version": "v2" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonS3ObjectLambdaExecutionRolePolicy", "createdate": "2021-08-18T10:07:41Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "s3-object-lambda:WriteGetObjectResponse" ], "malformed": false, "name": "AmazonS3ObjectLambdaExecutionRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-08-18T10:07:41+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonSSMAutomationApproverAccess", "createdate": "2017-08-07T23:07:28Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ssm:DescribeAutomationExecutions", "ssm:GetAutomationExecution", "ssm:SendAutomationSignal" ], "malformed": false, "name": "AmazonSSMAutomationApproverAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-08-07T23:07:28+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonRoute53AutoNamingFullAccess", "createdate": "2018-01-18T18:40:41Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "route53:GetHostedZone", "route53:ListHostedZonesByName", "route53:CreateHostedZone", "route53:DeleteHostedZone", "route53:ChangeResourceRecordSets", "route53:CreateHealthCheck", "route53:GetHealthCheck", "route53:DeleteHealthCheck", "route53:UpdateHealthCheck", "ec2:DescribeVpcs", "ec2:DescribeRegions", "servicediscovery:CreateHttpNamespace", "servicediscovery:CreatePrivateDnsNamespace", "servicediscovery:CreatePublicDnsNamespace", "servicediscovery:CreateService", "servicediscovery:DeleteNamespace", "servicediscovery:DeleteService", "servicediscovery:DeregisterInstance", "servicediscovery:DiscoverInstances", "servicediscovery:DiscoverInstancesRevision", "servicediscovery:GetInstance", "servicediscovery:GetInstancesHealthStatus", "servicediscovery:GetNamespace", "servicediscovery:GetOperation", "servicediscovery:GetService", "servicediscovery:ListInstances", "servicediscovery:ListNamespaces", "servicediscovery:ListOperations", "servicediscovery:ListServices", "servicediscovery:ListTagsForResource", "servicediscovery:RegisterInstance", "servicediscovery:TagResource", "servicediscovery:UntagResource", "servicediscovery:UpdateHttpNamespace", "servicediscovery:UpdateInstanceCustomHealthStatus", "servicediscovery:UpdatePrivateDnsNamespace", "servicediscovery:UpdatePublicDnsNamespace", "servicediscovery:UpdateService" ], "malformed": false, "name": "AmazonRoute53AutoNamingFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-01-18T18:40:41+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonCognitoUnAuthedIdentitiesSessionPolicy", "createdate": "2023-07-19T23:04:05Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "rum:PutRumEvents", "sagemaker:InvokeEndpoint", "polly:DeleteLexicon", "polly:DescribeVoices", "polly:GetLexicon", "polly:GetSpeechSynthesisTask", "polly:ListLexicons", "polly:ListSpeechSynthesisTasks", "polly:PutLexicon", "polly:StartSpeechSynthesisTask", "polly:SynthesizeSpeech", "comprehend:BatchDetectDominantLanguage", "comprehend:BatchDetectEntities", "comprehend:BatchDetectKeyPhrases", "comprehend:BatchDetectSentiment", "comprehend:BatchDetectSyntax", "comprehend:BatchDetectTargetedSentiment", "comprehend:ClassifyDocument", "comprehend:ContainsPiiEntities", "comprehend:CreateDataset", "comprehend:CreateDocumentClassifier", "comprehend:CreateEndpoint", "comprehend:CreateEntityRecognizer", "comprehend:CreateFlywheel", "comprehend:DeleteDocumentClassifier", "comprehend:DeleteEndpoint", "comprehend:DeleteEntityRecognizer", "comprehend:DeleteFlywheel", "comprehend:DeleteResourcePolicy", "comprehend:DescribeDataset", "comprehend:DescribeDocumentClassificationJob", "comprehend:DescribeDocumentClassifier", "comprehend:DescribeDominantLanguageDetectionJob", "comprehend:DescribeEndpoint", "comprehend:DescribeEntitiesDetectionJob", "comprehend:DescribeEntityRecognizer", "comprehend:DescribeEventsDetectionJob", "comprehend:DescribeFlywheel", "comprehend:DescribeFlywheelIteration", "comprehend:DescribeKeyPhrasesDetectionJob", "comprehend:DescribePiiEntitiesDetectionJob", "comprehend:DescribeResourcePolicy", "comprehend:DescribeSentimentDetectionJob", "comprehend:DescribeTargetedSentimentDetectionJob", "comprehend:DescribeTopicsDetectionJob", "comprehend:DetectDominantLanguage", "comprehend:DetectEntities", "comprehend:DetectKeyPhrases", "comprehend:DetectPiiEntities", "comprehend:DetectSentiment", "comprehend:DetectSyntax", "comprehend:DetectTargetedSentiment", "comprehend:DetectToxicContent", "comprehend:ImportModel", "comprehend:ListDatasets", "comprehend:ListDocumentClassificationJobs", "comprehend:ListDocumentClassifierSummaries", "comprehend:ListDocumentClassifiers", "comprehend:ListDominantLanguageDetectionJobs", "comprehend:ListEndpoints", "comprehend:ListEntitiesDetectionJobs", "comprehend:ListEntityRecognizerSummaries", "comprehend:ListEntityRecognizers", "comprehend:ListEventsDetectionJobs", "comprehend:ListFlywheelIterationHistory", "comprehend:ListFlywheels", "comprehend:ListKeyPhrasesDetectionJobs", "comprehend:ListPiiEntitiesDetectionJobs", "comprehend:ListSentimentDetectionJobs", "comprehend:ListTagsForResource", "comprehend:ListTargetedSentimentDetectionJobs", "comprehend:ListTopicsDetectionJobs", "comprehend:PutResourcePolicy", "comprehend:StartDocumentClassificationJob", "comprehend:StartDominantLanguageDetectionJob", "comprehend:StartEntitiesDetectionJob", "comprehend:StartEventsDetectionJob", "comprehend:StartFlywheelIteration", "comprehend:StartKeyPhrasesDetectionJob", "comprehend:StartPiiEntitiesDetectionJob", "comprehend:StartSentimentDetectionJob", "comprehend:StartTargetedSentimentDetectionJob", "comprehend:StartTopicsDetectionJob", "comprehend:StopDominantLanguageDetectionJob", "comprehend:StopEntitiesDetectionJob", "comprehend:StopEventsDetectionJob", "comprehend:StopKeyPhrasesDetectionJob", "comprehend:StopPiiEntitiesDetectionJob", "comprehend:StopSentimentDetectionJob", "comprehend:StopTargetedSentimentDetectionJob", "comprehend:StopTrainingDocumentClassifier", "comprehend:StopTrainingEntityRecognizer", "comprehend:TagResource", "comprehend:UntagResource", "comprehend:UpdateEndpoint", "comprehend:UpdateFlywheel", "translate:CreateParallelData", "translate:DeleteParallelData", "translate:DeleteTerminology", "translate:DescribeTextTranslationJob", "translate:GetParallelData", "translate:GetTerminology", "translate:ImportTerminology", "translate:ListLanguages", "translate:ListParallelData", "translate:ListTagsForResource", "translate:ListTerminologies", "translate:ListTextTranslationJobs", "translate:StartTextTranslationJob", "translate:StopTextTranslationJob", "translate:TagResource", "translate:TranslateDocument", "translate:TranslateText", "translate:UntagResource", "translate:UpdateParallelData", "transcribe:CreateCallAnalyticsCategory", "transcribe:CreateLanguageModel", "transcribe:CreateMedicalVocabulary", "transcribe:CreateVocabulary", "transcribe:CreateVocabularyFilter", "transcribe:DeleteCallAnalyticsCategory", "transcribe:DeleteCallAnalyticsJob", "transcribe:DeleteLanguageModel", "transcribe:DeleteMedicalScribeJob", "transcribe:DeleteMedicalTranscriptionJob", "transcribe:DeleteMedicalVocabulary", "transcribe:DeleteTranscriptionJob", "transcribe:DeleteVocabulary", "transcribe:DeleteVocabularyFilter", "transcribe:DescribeLanguageModel", "transcribe:GetCallAnalyticsCategory", "transcribe:GetCallAnalyticsJob", "transcribe:GetMedicalScribeJob", "transcribe:GetMedicalTranscriptionJob", "transcribe:GetMedicalVocabulary", "transcribe:GetTranscriptionJob", "transcribe:GetVocabulary", "transcribe:GetVocabularyFilter", "transcribe:ListCallAnalyticsCategories", "transcribe:ListCallAnalyticsJobs", "transcribe:ListLanguageModels", "transcribe:ListMedicalScribeJobs", "transcribe:ListMedicalTranscriptionJobs", "transcribe:ListMedicalVocabularies", "transcribe:ListTagsForResource", "transcribe:ListTranscriptionJobs", "transcribe:ListVocabularies", "transcribe:ListVocabularyFilters", "transcribe:StartCallAnalyticsJob", "transcribe:StartCallAnalyticsStreamTranscription", "transcribe:StartCallAnalyticsStreamTranscriptionWebSocket", "transcribe:StartMedicalScribeJob", "transcribe:StartMedicalStreamTranscription", "transcribe:StartMedicalStreamTranscriptionWebSocket", "transcribe:StartMedicalTranscriptionJob", "transcribe:StartStreamTranscription", "transcribe:StartStreamTranscriptionWebSocket", "transcribe:StartTranscriptionJob", "transcribe:TagResource", "transcribe:UntagResource", "transcribe:UpdateCallAnalyticsCategory", "transcribe:UpdateMedicalVocabulary", "transcribe:UpdateVocabulary", "transcribe:UpdateVocabularyFilter", "rekognition:AssociateFaces", "rekognition:CompareFaces", "rekognition:CopyProjectVersion", "rekognition:CreateCollection", "rekognition:CreateDataset", "rekognition:CreateFaceLivenessSession", "rekognition:CreateProject", "rekognition:CreateProjectVersion", "rekognition:CreateStreamProcessor", "rekognition:CreateUser", "rekognition:DeleteCollection", "rekognition:DeleteDataset", "rekognition:DeleteFaces", "rekognition:DeleteProject", "rekognition:DeleteProjectPolicy", "rekognition:DeleteProjectVersion", "rekognition:DeleteStreamProcessor", "rekognition:DeleteUser", "rekognition:DescribeCollection", "rekognition:DescribeDataset", "rekognition:DescribeProjectVersions", "rekognition:DescribeProjects", "rekognition:DescribeStreamProcessor", "rekognition:DetectCustomLabels", "rekognition:DetectFaces", "rekognition:DetectLabels", "rekognition:DetectModerationLabels", "rekognition:DetectProtectiveEquipment", "rekognition:DetectText", "rekognition:DisassociateFaces", "rekognition:DistributeDatasetEntries", "rekognition:GetCelebrityInfo", "rekognition:GetCelebrityRecognition", "rekognition:GetContentModeration", "rekognition:GetFaceDetection", "rekognition:GetFaceLivenessSessionResults", "rekognition:GetFaceSearch", "rekognition:GetLabelDetection", "rekognition:GetMediaAnalysisJob", "rekognition:GetPersonTracking", "rekognition:GetSegmentDetection", "rekognition:GetTextDetection", "rekognition:IndexFaces", "rekognition:ListCollections", "rekognition:ListDatasetEntries", "rekognition:ListDatasetLabels", "rekognition:ListFaces", "rekognition:ListMediaAnalysisJobs", "rekognition:ListProjectPolicies", "rekognition:ListStreamProcessors", "rekognition:ListTagsForResource", "rekognition:ListUsers", "rekognition:PutProjectPolicy", "rekognition:RecognizeCelebrities", "rekognition:SearchFaces", "rekognition:SearchFacesByImage", "rekognition:SearchUsers", "rekognition:SearchUsersByImage", "rekognition:StartCelebrityRecognition", "rekognition:StartContentModeration", "rekognition:StartFaceDetection", "rekognition:StartFaceLivenessSession", "rekognition:StartFaceSearch", "rekognition:StartLabelDetection", "rekognition:StartMediaAnalysisJob", "rekognition:StartPersonTracking", "rekognition:StartProjectVersion", "rekognition:StartSegmentDetection", "rekognition:StartStreamProcessor", "rekognition:StartTextDetection", "rekognition:StopProjectVersion", "rekognition:StopStreamProcessor", "rekognition:TagResource", "rekognition:UntagResource", "rekognition:UpdateDatasetEntries", "rekognition:UpdateStreamProcessor", "mobiletargeting:CreateApp", "mobiletargeting:CreateCampaign", "mobiletargeting:CreateEmailTemplate", "mobiletargeting:CreateExportJob", "mobiletargeting:CreateImportJob", "mobiletargeting:CreateInAppTemplate", "mobiletargeting:CreateJourney", "mobiletargeting:CreatePushTemplate", "mobiletargeting:CreateRecommenderConfiguration", "mobiletargeting:CreateSegment", "mobiletargeting:CreateSmsTemplate", "mobiletargeting:CreateVoiceTemplate", "mobiletargeting:DeleteAdmChannel", "mobiletargeting:DeleteApnsChannel", "mobiletargeting:DeleteApnsSandboxChannel", "mobiletargeting:DeleteApnsVoipChannel", "mobiletargeting:DeleteApnsVoipSandboxChannel", "mobiletargeting:DeleteApp", "mobiletargeting:DeleteBaiduChannel", "mobiletargeting:DeleteCampaign", "mobiletargeting:DeleteEmailChannel", "mobiletargeting:DeleteEmailTemplate", "mobiletargeting:DeleteEndpoint", "mobiletargeting:DeleteEventStream", "mobiletargeting:DeleteGcmChannel", "mobiletargeting:DeleteInAppTemplate", "mobiletargeting:DeleteJourney", "mobiletargeting:DeletePushTemplate", "mobiletargeting:DeleteRecommenderConfiguration", "mobiletargeting:DeleteSegment", "mobiletargeting:DeleteSmsChannel", "mobiletargeting:DeleteSmsTemplate", "mobiletargeting:DeleteUserEndpoints", "mobiletargeting:DeleteVoiceChannel", "mobiletargeting:DeleteVoiceTemplate", "mobiletargeting:GetAdmChannel", "mobiletargeting:GetApnsChannel", "mobiletargeting:GetApnsSandboxChannel", "mobiletargeting:GetApnsVoipChannel", "mobiletargeting:GetApnsVoipSandboxChannel", "mobiletargeting:GetApp", "mobiletargeting:GetApplicationDateRangeKpi", "mobiletargeting:GetApplicationSettings", "mobiletargeting:GetApps", "mobiletargeting:GetBaiduChannel", "mobiletargeting:GetCampaign", "mobiletargeting:GetCampaignActivities", "mobiletargeting:GetCampaignDateRangeKpi", "mobiletargeting:GetCampaignVersion", "mobiletargeting:GetCampaignVersions", "mobiletargeting:GetCampaigns", "mobiletargeting:GetChannels", "mobiletargeting:GetEmailChannel", "mobiletargeting:GetEmailTemplate", "mobiletargeting:GetEndpoint", "mobiletargeting:GetEventStream", "mobiletargeting:GetExportJob", "mobiletargeting:GetExportJobs", "mobiletargeting:GetGcmChannel", "mobiletargeting:GetImportJob", "mobiletargeting:GetImportJobs", "mobiletargeting:GetInAppMessages", "mobiletargeting:GetInAppTemplate", "mobiletargeting:GetJourney", "mobiletargeting:GetJourneyDateRangeKpi", "mobiletargeting:GetJourneyExecutionActivityMetrics", "mobiletargeting:GetJourneyExecutionMetrics", "mobiletargeting:GetJourneyRunExecutionActivityMetrics", "mobiletargeting:GetJourneyRunExecutionMetrics", "mobiletargeting:GetJourneyRuns", "mobiletargeting:GetPushTemplate", "mobiletargeting:GetRecommenderConfiguration", "mobiletargeting:GetRecommenderConfigurations", "mobiletargeting:GetReports", "mobiletargeting:GetSegment", "mobiletargeting:GetSegmentExportJobs", "mobiletargeting:GetSegmentImportJobs", "mobiletargeting:GetSegmentVersion", "mobiletargeting:GetSegmentVersions", "mobiletargeting:GetSegments", "mobiletargeting:GetSmsChannel", "mobiletargeting:GetSmsTemplate", "mobiletargeting:GetUserEndpoints", "mobiletargeting:GetVoiceChannel", "mobiletargeting:GetVoiceTemplate", "mobiletargeting:ListJourneys", "mobiletargeting:ListTagsForResource", "mobiletargeting:ListTemplateVersions", "mobiletargeting:ListTemplates", "mobiletargeting:PhoneNumberValidate", "mobiletargeting:PutEventStream", "mobiletargeting:PutEvents", "mobiletargeting:RemoveAttributes", "mobiletargeting:SendMessages", "mobiletargeting:SendOTPMessage", "mobiletargeting:SendUsersMessages", "mobiletargeting:TagResource", "mobiletargeting:UntagResource", "mobiletargeting:UpdateAdmChannel", "mobiletargeting:UpdateApnsChannel", "mobiletargeting:UpdateApnsSandboxChannel", "mobiletargeting:UpdateApnsVoipChannel", "mobiletargeting:UpdateApnsVoipSandboxChannel", "mobiletargeting:UpdateApplicationSettings", "mobiletargeting:UpdateBaiduChannel", "mobiletargeting:UpdateCampaign", "mobiletargeting:UpdateEmailChannel", "mobiletargeting:UpdateEmailTemplate", "mobiletargeting:UpdateEndpoint", "mobiletargeting:UpdateEndpointsBatch", "mobiletargeting:UpdateGcmChannel", "mobiletargeting:UpdateInAppTemplate", "mobiletargeting:UpdateJourney", "mobiletargeting:UpdateJourneyState", "mobiletargeting:UpdatePushTemplate", "mobiletargeting:UpdateRecommenderConfiguration", "mobiletargeting:UpdateSegment", "mobiletargeting:UpdateSmsChannel", "mobiletargeting:UpdateSmsTemplate", "mobiletargeting:UpdateTemplateActiveVersion", "mobiletargeting:UpdateVoiceChannel", "mobiletargeting:UpdateVoiceTemplate", "mobiletargeting:VerifyOTPMessage", "firehose:CreateDeliveryStream", "firehose:DeleteDeliveryStream", "firehose:DescribeDeliveryStream", "firehose:ListDeliveryStreams", "firehose:ListTagsForDeliveryStream", "firehose:PutRecord", "firehose:PutRecordBatch", "firehose:StartDeliveryStreamEncryption", "firehose:StopDeliveryStreamEncryption", "firehose:TagDeliveryStream", "firehose:UntagDeliveryStream", "firehose:UpdateDestination", "personalize:CreateBatchInferenceJob", "personalize:CreateBatchSegmentJob", "personalize:CreateCampaign", "personalize:CreateDataInsightsJob", "personalize:CreateDataset", "personalize:CreateDatasetExportJob", "personalize:CreateDatasetGroup", "personalize:CreateDatasetImportJob", "personalize:CreateEventTracker", "personalize:CreateFilter", "personalize:CreateMetricAttribution", "personalize:CreateRecommender", "personalize:CreateSchema", "personalize:CreateSolution", "personalize:CreateSolutionVersion", "personalize:DeleteCampaign", "personalize:DeleteDataset", "personalize:DeleteDatasetGroup", "personalize:DeleteEventTracker", "personalize:DeleteFilter", "personalize:DeleteMetricAttribution", "personalize:DeleteRecommender", "personalize:DeleteSchema", "personalize:DeleteSolution", "personalize:DescribeAlgorithm", "personalize:DescribeBatchInferenceJob", "personalize:DescribeBatchSegmentJob", "personalize:DescribeCampaign", "personalize:DescribeDataInsightsJob", "personalize:DescribeDataset", "personalize:DescribeDatasetExportJob", "personalize:DescribeDatasetGroup", "personalize:DescribeDatasetImportJob", "personalize:DescribeEventTracker", "personalize:DescribeFeatureTransformation", "personalize:DescribeFilter", "personalize:DescribeMetricAttribution", "personalize:DescribeRecipe", "personalize:DescribeRecommender", "personalize:DescribeSchema", "personalize:DescribeSolution", "personalize:DescribeSolutionVersion", "personalize:GetActionRecommendations", "personalize:GetDataInsights", "personalize:GetPersonalizedRanking", "personalize:GetRecommendations", "personalize:GetSolutionMetrics", "personalize:ListBatchInferenceJobs", "personalize:ListBatchSegmentJobs", "personalize:ListCampaigns", "personalize:ListDataInsightsJobs", "personalize:ListDatasetExportJobs", "personalize:ListDatasetGroups", "personalize:ListDatasetImportJobs", "personalize:ListDatasets", "personalize:ListEventTrackers", "personalize:ListFilters", "personalize:ListMetricAttributionMetrics", "personalize:ListMetricAttributions", "personalize:ListRecipes", "personalize:ListRecommenders", "personalize:ListSchemas", "personalize:ListSolutionVersions", "personalize:ListSolutions", "personalize:ListTagsForResource", "personalize:PutActionInteractions", "personalize:PutActions", "personalize:PutEvents", "personalize:PutItems", "personalize:PutUsers", "personalize:StartRecommender", "personalize:StopRecommender", "personalize:StopSolutionVersionCreation", "personalize:TagResource", "personalize:UntagResource", "personalize:UpdateCampaign", "personalize:UpdateDataset", "personalize:UpdateMetricAttribution", "personalize:UpdateRecommender" ], "malformed": false, "name": "AmazonCognitoUnAuthedIdentitiesSessionPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-07-19T23:04:05+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonElasticTranscoder_FullAccess", "createdate": "2019-06-10T22:51:51Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elastictranscoder:CancelJob", "elastictranscoder:CreateJob", "elastictranscoder:CreatePipeline", "elastictranscoder:CreatePreset", "elastictranscoder:DeletePipeline", "elastictranscoder:DeletePreset", "elastictranscoder:ListJobsByPipeline", "elastictranscoder:ListJobsByStatus", "elastictranscoder:ListPipelines", "elastictranscoder:ListPresets", "elastictranscoder:ReadJob", "elastictranscoder:ReadPipeline", "elastictranscoder:ReadPreset", "elastictranscoder:TestRole", "elastictranscoder:UpdatePipeline", "elastictranscoder:UpdatePipelineNotifications", "elastictranscoder:UpdatePipelineStatus", "s3:ListAllMyBuckets", "s3:ListBucket", "iam:ListRoles", "sns:ListTopics", "iam:PassRole" ], "malformed": false, "name": "AmazonElasticTranscoder_FullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-10T22:51:51+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSQuickSightSageMakerPolicy", "createdate": "2023-10-30T17:57:43Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "sagemaker:DescribeTransformJob", "sagemaker:StopTransformJob", "sagemaker:CreateTransformJob", "sagemaker:ListModels", "sagemaker:DescribeModel", "s3:GetObject", "s3:PutObject", "s3:ListBucket" ], "malformed": false, "name": "AWSQuickSightSageMakerPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-10-30T17:57:43+00:00", "version": "v3" }, { "access_levels": [ "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/WorkLinkServiceRolePolicy", "createdate": "2019-01-23T19:03:45Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:CreateNetworkInterfacePermission", "ec2:ModifyNetworkInterfaceAttribute", "ec2:DeleteNetworkInterface", "kinesis:PutRecord", "kinesis:PutRecords" ], "malformed": false, "name": "WorkLinkServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-01-23T19:03:45+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerCanvasDirectDeployAccess", "createdate": "2023-10-06T18:11:53Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "sagemaker:CreateEndpoint", "sagemaker:CreateEndpointConfig", "sagemaker:DeleteEndpoint", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:InvokeEndpoint", "sagemaker:UpdateEndpoint", "cloudwatch:GetMetricData" ], "malformed": false, "name": "AmazonSageMakerCanvasDirectDeployAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-10-06T18:11:53+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonMQReadOnlyAccess", "createdate": "2017-11-28T19:02:03Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mq:DescribeBroker", "mq:DescribeBrokerEngineTypes", "mq:DescribeBrokerInstanceOptions", "mq:DescribeConfiguration", "mq:DescribeConfigurationRevision", "mq:DescribeUser", "mq:ListBrokers", "mq:ListConfigurationRevisions", "mq:ListConfigurations", "mq:ListTags", "mq:ListUsers", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs" ], "malformed": false, "name": "AmazonMQReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-11-28T19:02:03+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/IVSFullAccess", "createdate": "2023-12-13T21:20:21Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ivs:BatchGetChannel", "ivs:BatchGetStreamKey", "ivs:BatchStartViewerSessionRevocation", "ivs:CreateChannel", "ivs:CreateEncoderConfiguration", "ivs:CreateParticipantToken", "ivs:CreatePlaybackRestrictionPolicy", "ivs:CreateRecordingConfiguration", "ivs:CreateStage", "ivs:CreateStorageConfiguration", "ivs:CreateStreamKey", "ivs:DeleteChannel", "ivs:DeleteEncoderConfiguration", "ivs:DeletePlaybackKeyPair", "ivs:DeletePlaybackRestrictionPolicy", "ivs:DeleteRecordingConfiguration", "ivs:DeleteStage", "ivs:DeleteStorageConfiguration", "ivs:DeleteStreamKey", "ivs:DisconnectParticipant", "ivs:GetChannel", "ivs:GetComposition", "ivs:GetEncoderConfiguration", "ivs:GetParticipant", "ivs:GetPlaybackKeyPair", "ivs:GetPlaybackRestrictionPolicy", "ivs:GetRecordingConfiguration", "ivs:GetStage", "ivs:GetStageSession", "ivs:GetStorageConfiguration", "ivs:GetStream", "ivs:GetStreamKey", "ivs:GetStreamSession", "ivs:ImportPlaybackKeyPair", "ivs:ListChannels", "ivs:ListCompositions", "ivs:ListEncoderConfigurations", "ivs:ListParticipantEvents", "ivs:ListParticipants", "ivs:ListPlaybackKeyPairs", "ivs:ListPlaybackRestrictionPolicies", "ivs:ListRecordingConfigurations", "ivs:ListStageSessions", "ivs:ListStages", "ivs:ListStorageConfigurations", "ivs:ListStreamKeys", "ivs:ListStreamSessions", "ivs:ListStreams", "ivs:ListTagsForResource", "ivs:PutMetadata", "ivs:StartComposition", "ivs:StartViewerSessionRevocation", "ivs:StopComposition", "ivs:StopStream", "ivs:TagResource", "ivs:UntagResource", "ivs:UpdateChannel", "ivs:UpdatePlaybackRestrictionPolicy", "ivs:UpdateStage", "ivschat:CreateChatToken", "ivschat:CreateLoggingConfiguration", "ivschat:CreateRoom", "ivschat:DeleteLoggingConfiguration", "ivschat:DeleteMessage", "ivschat:DeleteRoom", "ivschat:DisconnectUser", "ivschat:GetLoggingConfiguration", "ivschat:GetRoom", "ivschat:ListLoggingConfigurations", "ivschat:ListRooms", "ivschat:ListTagsForResource", "ivschat:SendEvent", "ivschat:TagResource", "ivschat:UntagResource", "ivschat:UpdateLoggingConfiguration", "ivschat:UpdateRoom" ], "malformed": false, "name": "IVSFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-13T21:20:21+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonLookoutVisionConsoleReadOnlyAccess", "createdate": "2021-12-09T02:46:29Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "lookoutvision:DescribeDataset", "lookoutvision:DescribeModel", "lookoutvision:DescribeProject", "lookoutvision:DescribeTrialDetection", "lookoutvision:DescribeModelPackagingJob", "lookoutvision:ListDatasetEntries", "lookoutvision:ListModels", "lookoutvision:ListProjects", "lookoutvision:ListTagsForResource", "lookoutvision:ListTrialDetections", "lookoutvision:ListModelPackagingJobs", "s3:ListAllMyBuckets", "s3:GetObject", "s3:GetObjectVersion", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics" ], "malformed": false, "name": "AmazonLookoutVisionConsoleReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-12-09T02:46:29+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSDeepRacerServiceRolePolicy", "createdate": "2019-06-12T20:55:34Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "deepracer:AddLeaderboardAccessPermission", "deepracer:AdminGetAccountConfig", "deepracer:AdminListAssociatedResources", "deepracer:AdminListAssociatedUsers", "deepracer:AdminManageUser", "deepracer:AdminSetAccountConfig", "deepracer:CloneReinforcementLearningModel", "deepracer:CreateCar", "deepracer:CreateLeaderboard", "deepracer:CreateLeaderboardAccessToken", "deepracer:CreateLeaderboardSubmission", "deepracer:CreateReinforcementLearningModel", "deepracer:DeleteLeaderboard", "deepracer:DeleteModel", "deepracer:EditLeaderboard", "deepracer:GetAccountConfig", "deepracer:GetAlias", "deepracer:GetAssetUrl", "deepracer:GetCar", "deepracer:GetCars", "deepracer:GetEvaluation", "deepracer:GetLatestUserSubmission", "deepracer:GetLeaderboard", "deepracer:GetModel", "deepracer:GetPrivateLeaderboard", "deepracer:GetRankedUserSubmission", "deepracer:GetTrack", "deepracer:GetTrainingJob", "deepracer:ImportModel", "deepracer:ListEvaluations", "deepracer:ListLeaderboardEvaluations", "deepracer:ListLeaderboardSubmissions", "deepracer:ListLeaderboards", "deepracer:ListModels", "deepracer:ListPrivateLeaderboardParticipants", "deepracer:ListPrivateLeaderboards", "deepracer:ListSubscribedPrivateLeaderboards", "deepracer:ListTagsForResource", "deepracer:ListTracks", "deepracer:ListTrainingJobs", "deepracer:MigrateModels", "deepracer:PerformLeaderboardOperation", "deepracer:RemoveLeaderboardAccessPermission", "deepracer:SetAlias", "deepracer:StartEvaluation", "deepracer:StopEvaluation", "deepracer:StopTrainingReinforcementLearningModel", "deepracer:TagResource", "deepracer:TestRewardFunction", "deepracer:UntagResource", "deepracer:UpdateCar", "robomaker:BatchDeleteWorlds", "robomaker:BatchDescribeSimulationJob", "robomaker:CancelDeploymentJob", "robomaker:CancelSimulationJob", "robomaker:CancelSimulationJobBatch", "robomaker:CancelWorldExportJob", "robomaker:CancelWorldGenerationJob", "robomaker:CreateDeploymentJob", "robomaker:CreateFleet", "robomaker:CreateRobot", "robomaker:CreateRobotApplication", "robomaker:CreateRobotApplicationVersion", "robomaker:CreateSimulationApplication", "robomaker:CreateSimulationApplicationVersion", "robomaker:CreateSimulationJob", "robomaker:CreateWorldExportJob", "robomaker:CreateWorldGenerationJob", "robomaker:CreateWorldTemplate", "robomaker:DeleteFleet", "robomaker:DeleteRobot", "robomaker:DeleteRobotApplication", "robomaker:DeleteSimulationApplication", "robomaker:DeleteWorldTemplate", "robomaker:DeregisterRobot", "robomaker:DescribeDeploymentJob", "robomaker:DescribeFleet", "robomaker:DescribeRobot", "robomaker:DescribeRobotApplication", "robomaker:DescribeSimulationApplication", "robomaker:DescribeSimulationJob", "robomaker:DescribeSimulationJobBatch", "robomaker:DescribeWorld", "robomaker:DescribeWorldExportJob", "robomaker:DescribeWorldGenerationJob", "robomaker:DescribeWorldTemplate", "robomaker:GetWorldTemplateBody", "robomaker:ListDeploymentJobs", "robomaker:ListFleets", "robomaker:ListRobotApplications", "robomaker:ListRobots", "robomaker:ListSimulationApplications", "robomaker:ListSimulationJobBatches", "robomaker:ListSimulationJobs", "robomaker:ListSupportedAvailabilityZones", "robomaker:ListTagsForResource", "robomaker:ListWorldExportJobs", "robomaker:ListWorldGenerationJobs", "robomaker:ListWorldTemplates", "robomaker:ListWorlds", "robomaker:RegisterRobot", "robomaker:RestartSimulationJob", "robomaker:StartSimulationJobBatch", "robomaker:SyncDeploymentJob", "robomaker:TagResource", "robomaker:UntagResource", "robomaker:UpdateRobotApplication", "robomaker:UpdateRobotDeployment", "robomaker:UpdateSimulationApplication", "robomaker:UpdateWorldTemplate", "sagemaker:AddAssociation", "sagemaker:AddTags", "sagemaker:AssociateTrialComponent", "sagemaker:BatchDescribeModelPackage", "sagemaker:BatchGetMetrics", "sagemaker:BatchGetRecord", "sagemaker:BatchPutMetrics", "sagemaker:CreateAction", "sagemaker:CreateAlgorithm", "sagemaker:CreateApp", "sagemaker:CreateAppImageConfig", "sagemaker:CreateArtifact", "sagemaker:CreateAutoMLJob", "sagemaker:CreateAutoMLJobV2", "sagemaker:CreateCluster", "sagemaker:CreateCodeRepository", "sagemaker:CreateCompilationJob", "sagemaker:CreateContext", "sagemaker:CreateDataQualityJobDefinition", "sagemaker:CreateDeviceFleet", "sagemaker:CreateDomain", "sagemaker:CreateEdgeDeploymentPlan", "sagemaker:CreateEdgeDeploymentStage", "sagemaker:CreateEdgePackagingJob", "sagemaker:CreateEndpoint", "sagemaker:CreateEndpointConfig", "sagemaker:CreateExperiment", "sagemaker:CreateFeatureGroup", "sagemaker:CreateFlowDefinition", "sagemaker:CreateHub", "sagemaker:CreateHumanTaskUi", "sagemaker:CreateHyperParameterTuningJob", "sagemaker:CreateImage", "sagemaker:CreateImageVersion", "sagemaker:CreateInferenceComponent", "sagemaker:CreateInferenceExperiment", "sagemaker:CreateInferenceRecommendationsJob", "sagemaker:CreateLabelingJob", "sagemaker:CreateLineageGroupPolicy", "sagemaker:CreateModel", "sagemaker:CreateModelBiasJobDefinition", "sagemaker:CreateModelCard", "sagemaker:CreateModelCardExportJob", "sagemaker:CreateModelExplainabilityJobDefinition", "sagemaker:CreateModelPackage", "sagemaker:CreateModelPackageGroup", "sagemaker:CreateModelQualityJobDefinition", "sagemaker:CreateMonitoringSchedule", "sagemaker:CreateNotebookInstance", "sagemaker:CreateNotebookInstanceLifecycleConfig", "sagemaker:CreatePipeline", "sagemaker:CreatePresignedDomainUrl", "sagemaker:CreatePresignedNotebookInstanceUrl", "sagemaker:CreateProcessingJob", "sagemaker:CreateProject", "sagemaker:CreateSharedModel", "sagemaker:CreateSpace", "sagemaker:CreateStudioLifecycleConfig", "sagemaker:CreateTrainingJob", "sagemaker:CreateTransformJob", "sagemaker:CreateTrial", "sagemaker:CreateTrialComponent", "sagemaker:CreateUserProfile", "sagemaker:CreateWorkforce", "sagemaker:CreateWorkteam", "sagemaker:DeleteAction", "sagemaker:DeleteAlgorithm", "sagemaker:DeleteApp", "sagemaker:DeleteAppImageConfig", "sagemaker:DeleteArtifact", "sagemaker:DeleteAssociation", "sagemaker:DeleteCluster", "sagemaker:DeleteCodeRepository", "sagemaker:DeleteCompilationJob", "sagemaker:DeleteContext", "sagemaker:DeleteDataQualityJobDefinition", "sagemaker:DeleteDeviceFleet", "sagemaker:DeleteDomain", "sagemaker:DeleteEdgeDeploymentPlan", "sagemaker:DeleteEdgeDeploymentStage", "sagemaker:DeleteEndpoint", "sagemaker:DeleteEndpointConfig", "sagemaker:DeleteExperiment", "sagemaker:DeleteFeatureGroup", "sagemaker:DeleteFlowDefinition", "sagemaker:DeleteHub", "sagemaker:DeleteHubContent", "sagemaker:DeleteHumanLoop", "sagemaker:DeleteHumanTaskUi", "sagemaker:DeleteHyperParameterTuningJob", "sagemaker:DeleteImage", "sagemaker:DeleteImageVersion", "sagemaker:DeleteInferenceComponent", "sagemaker:DeleteInferenceExperiment", "sagemaker:DeleteLineageGroupPolicy", "sagemaker:DeleteModel", "sagemaker:DeleteModelBiasJobDefinition", "sagemaker:DeleteModelCard", "sagemaker:DeleteModelExplainabilityJobDefinition", "sagemaker:DeleteModelPackage", "sagemaker:DeleteModelPackageGroup", "sagemaker:DeleteModelPackageGroupPolicy", "sagemaker:DeleteModelQualityJobDefinition", "sagemaker:DeleteMonitoringSchedule", "sagemaker:DeleteNotebookInstance", "sagemaker:DeleteNotebookInstanceLifecycleConfig", "sagemaker:DeletePipeline", "sagemaker:DeleteProject", "sagemaker:DeleteRecord", "sagemaker:DeleteResourcePolicy", "sagemaker:DeleteSpace", "sagemaker:DeleteStudioLifecycleConfig", "sagemaker:DeleteTags", "sagemaker:DeleteTrial", "sagemaker:DeleteTrialComponent", "sagemaker:DeleteUserProfile", "sagemaker:DeleteWorkforce", "sagemaker:DeleteWorkteam", "sagemaker:DeregisterDevices", "sagemaker:DescribeAction", "sagemaker:DescribeAlgorithm", "sagemaker:DescribeApp", "sagemaker:DescribeAppImageConfig", "sagemaker:DescribeArtifact", "sagemaker:DescribeAutoMLJob", "sagemaker:DescribeAutoMLJobV2", "sagemaker:DescribeCluster", "sagemaker:DescribeClusterNode", "sagemaker:DescribeCodeRepository", "sagemaker:DescribeCompilationJob", "sagemaker:DescribeContext", "sagemaker:DescribeDataQualityJobDefinition", "sagemaker:DescribeDevice", "sagemaker:DescribeDeviceFleet", "sagemaker:DescribeDomain", "sagemaker:DescribeEdgeDeploymentPlan", "sagemaker:DescribeEdgePackagingJob", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeExperiment", "sagemaker:DescribeFeatureGroup", "sagemaker:DescribeFeatureMetadata", "sagemaker:DescribeFlowDefinition", "sagemaker:DescribeHub", "sagemaker:DescribeHubContent", "sagemaker:DescribeHumanLoop", "sagemaker:DescribeHumanTaskUi", "sagemaker:DescribeHyperParameterTuningJob", "sagemaker:DescribeImage", "sagemaker:DescribeImageVersion", "sagemaker:DescribeInferenceComponent", "sagemaker:DescribeInferenceExperiment", "sagemaker:DescribeInferenceRecommendationsJob", "sagemaker:DescribeLabelingJob", "sagemaker:DescribeLineageGroup", "sagemaker:DescribeModel", "sagemaker:DescribeModelBiasJobDefinition", "sagemaker:DescribeModelCard", "sagemaker:DescribeModelCardExportJob", "sagemaker:DescribeModelExplainabilityJobDefinition", "sagemaker:DescribeModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:DescribeModelQualityJobDefinition", "sagemaker:DescribeMonitoringSchedule", "sagemaker:DescribeNotebookInstance", "sagemaker:DescribeNotebookInstanceLifecycleConfig", "sagemaker:DescribePipeline", "sagemaker:DescribePipelineDefinitionForExecution", "sagemaker:DescribePipelineExecution", "sagemaker:DescribeProcessingJob", "sagemaker:DescribeProject", "sagemaker:DescribeSharedModel", "sagemaker:DescribeSpace", "sagemaker:DescribeStudioLifecycleConfig", "sagemaker:DescribeSubscribedWorkteam", "sagemaker:DescribeTrainingJob", "sagemaker:DescribeTransformJob", "sagemaker:DescribeTrial", "sagemaker:DescribeTrialComponent", "sagemaker:DescribeUserProfile", "sagemaker:DescribeWorkforce", "sagemaker:DescribeWorkteam", "sagemaker:DisableSagemakerServicecatalogPortfolio", "sagemaker:DisassociateTrialComponent", "sagemaker:EnableSagemakerServicecatalogPortfolio", "sagemaker:GetDeployments", "sagemaker:GetDeviceFleetReport", "sagemaker:GetDeviceRegistration", "sagemaker:GetLineageGroupPolicy", "sagemaker:GetModelPackageGroupPolicy", "sagemaker:GetRecord", "sagemaker:GetResourcePolicy", "sagemaker:GetSagemakerServicecatalogPortfolioStatus", "sagemaker:GetScalingConfigurationRecommendation", "sagemaker:GetSearchSuggestions", "sagemaker:ImportHubContent", "sagemaker:InvokeEndpoint", "sagemaker:InvokeEndpointAsync", "sagemaker:InvokeEndpointWithResponseStream", "sagemaker:ListActions", "sagemaker:ListAlgorithms", "sagemaker:ListAliases", "sagemaker:ListAppImageConfigs", "sagemaker:ListApps", "sagemaker:ListArtifacts", "sagemaker:ListAssociations", "sagemaker:ListAutoMLJobs", "sagemaker:ListCandidatesForAutoMLJob", "sagemaker:ListClusterNodes", "sagemaker:ListClusters", "sagemaker:ListCodeRepositories", "sagemaker:ListCompilationJobs", "sagemaker:ListContexts", "sagemaker:ListDataQualityJobDefinitions", "sagemaker:ListDeviceFleets", "sagemaker:ListDevices", "sagemaker:ListDomains", "sagemaker:ListEdgeDeploymentPlans", "sagemaker:ListEdgePackagingJobs", "sagemaker:ListEndpointConfigs", "sagemaker:ListEndpoints", "sagemaker:ListExperiments", "sagemaker:ListFeatureGroups", "sagemaker:ListFlowDefinitions", "sagemaker:ListHubContentVersions", "sagemaker:ListHubContents", "sagemaker:ListHubs", "sagemaker:ListHumanLoops", "sagemaker:ListHumanTaskUis", "sagemaker:ListHyperParameterTuningJobs", "sagemaker:ListImageVersions", "sagemaker:ListImages", "sagemaker:ListInferenceComponents", "sagemaker:ListInferenceExperiments", "sagemaker:ListInferenceRecommendationsJobSteps", "sagemaker:ListInferenceRecommendationsJobs", "sagemaker:ListLabelingJobs", "sagemaker:ListLabelingJobsForWorkteam", "sagemaker:ListLineageGroups", "sagemaker:ListModelBiasJobDefinitions", "sagemaker:ListModelCardExportJobs", "sagemaker:ListModelCardVersions", "sagemaker:ListModelCards", "sagemaker:ListModelExplainabilityJobDefinitions", "sagemaker:ListModelMetadata", "sagemaker:ListModelPackageGroups", "sagemaker:ListModelPackages", "sagemaker:ListModelQualityJobDefinitions", "sagemaker:ListModels", "sagemaker:ListMonitoringAlertHistory", "sagemaker:ListMonitoringAlerts", "sagemaker:ListMonitoringExecutions", "sagemaker:ListMonitoringSchedules", "sagemaker:ListNotebookInstanceLifecycleConfigs", "sagemaker:ListNotebookInstances", "sagemaker:ListPipelineExecutionSteps", "sagemaker:ListPipelineExecutions", "sagemaker:ListPipelineParametersForExecution", "sagemaker:ListPipelines", "sagemaker:ListProcessingJobs", "sagemaker:ListProjects", "sagemaker:ListResourceCatalogs", "sagemaker:ListSharedModelEvents", "sagemaker:ListSharedModelVersions", "sagemaker:ListSharedModels", "sagemaker:ListSpaces", "sagemaker:ListStageDevices", "sagemaker:ListStudioLifecycleConfigs", "sagemaker:ListSubscribedWorkteams", "sagemaker:ListTags", "sagemaker:ListTrainingJobs", "sagemaker:ListTrainingJobsForHyperParameterTuningJob", "sagemaker:ListTransformJobs", "sagemaker:ListTrialComponents", "sagemaker:ListTrials", "sagemaker:ListUserProfiles", "sagemaker:ListWorkforces", "sagemaker:ListWorkteams", "sagemaker:PutLineageGroupPolicy", "sagemaker:PutModelPackageGroupPolicy", "sagemaker:PutRecord", "sagemaker:PutResourcePolicy", "sagemaker:QueryLineage", "sagemaker:RegisterDevices", "sagemaker:RenderUiTemplate", "sagemaker:RetryPipelineExecution", "sagemaker:Search", "sagemaker:SendHeartbeat", "sagemaker:SendPipelineExecutionStepFailure", "sagemaker:SendPipelineExecutionStepSuccess", "sagemaker:SendSharedModelEvent", "sagemaker:StartEdgeDeploymentStage", "sagemaker:StartHumanLoop", "sagemaker:StartInferenceExperiment", "sagemaker:StartMonitoringSchedule", "sagemaker:StartNotebookInstance", "sagemaker:StartPipelineExecution", "sagemaker:StopAutoMLJob", "sagemaker:StopCompilationJob", "sagemaker:StopEdgeDeploymentStage", "sagemaker:StopEdgePackagingJob", "sagemaker:StopHumanLoop", "sagemaker:StopHyperParameterTuningJob", "sagemaker:StopInferenceExperiment", "sagemaker:StopInferenceRecommendationsJob", "sagemaker:StopLabelingJob", "sagemaker:StopMonitoringSchedule", "sagemaker:StopNotebookInstance", "sagemaker:StopPipelineExecution", "sagemaker:StopProcessingJob", "sagemaker:StopTrainingJob", "sagemaker:StopTransformJob", "sagemaker:UpdateAction", "sagemaker:UpdateAppImageConfig", "sagemaker:UpdateArtifact", "sagemaker:UpdateCluster", "sagemaker:UpdateClusterSoftware", "sagemaker:UpdateCodeRepository", "sagemaker:UpdateContext", "sagemaker:UpdateDeviceFleet", "sagemaker:UpdateDevices", "sagemaker:UpdateDomain", "sagemaker:UpdateEndpoint", "sagemaker:UpdateEndpointWeightsAndCapacities", "sagemaker:UpdateExperiment", "sagemaker:UpdateFeatureGroup", "sagemaker:UpdateFeatureMetadata", "sagemaker:UpdateHub", "sagemaker:UpdateImage", "sagemaker:UpdateImageVersion", "sagemaker:UpdateInferenceComponent", "sagemaker:UpdateInferenceComponentRuntimeConfig", "sagemaker:UpdateInferenceExperiment", "sagemaker:UpdateModelCard", "sagemaker:UpdateModelPackage", "sagemaker:UpdateMonitoringAlert", "sagemaker:UpdateMonitoringSchedule", "sagemaker:UpdateNotebookInstance", "sagemaker:UpdateNotebookInstanceLifecycleConfig", "sagemaker:UpdatePipeline", "sagemaker:UpdatePipelineExecution", "sagemaker:UpdateProject", "sagemaker:UpdateSharedModel", "sagemaker:UpdateSpace", "sagemaker:UpdateTrainingJob", "sagemaker:UpdateTrial", "sagemaker:UpdateTrialComponent", "sagemaker:UpdateUserProfile", "sagemaker:UpdateWorkforce", "sagemaker:UpdateWorkteam", "s3:ListAllMyBuckets", "cloudformation:ListStackResources", "cloudformation:DescribeStacks", "cloudformation:CreateStack", "cloudformation:DeleteStack", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackEvents", "cloudformation:DetectStackDrift", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackResourceDrifts", "iam:CreateServiceLinkedRole", "iam:PassRole", "cloudwatch:GetMetricData", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DescribeLogStreams", "logs:GetLogEvents", "logs:PutLogEvents", "lambda:CreateFunction", "lambda:DeleteFunction", "lambda:GetFunction", "lambda:InvokeFunction", "lambda:UpdateFunctionCode", "s3:GetObject", "s3:GetBucketLocation", "s3:DeleteObject", "s3:ListBucket", "s3:PutObject", "s3:PutBucketPolicy", "s3:GetBucketAcl", "s3:GetObject", "kinesisvideo:CreateStream", "kinesisvideo:DeleteStream", "kinesisvideo:DescribeStream", "kinesisvideo:GetDataEndpoint", "kinesisvideo:GetHLSStreamingSessionURL", "kinesisvideo:GetMedia", "kinesisvideo:PutMedia", "kinesisvideo:TagStream" ], "malformed": false, "name": "AWSDeepRacerServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-12T20:55:34+00:00", "version": "v3" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSOpsWorksRegisterCLI_EC2", "createdate": "2019-06-18T15:56:17Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "opsworks:AssignInstance", "opsworks:CreateLayer", "opsworks:DeregisterInstance", "opsworks:DescribeInstances", "opsworks:DescribeStackProvisioningParameters", "opsworks:DescribeStacks", "opsworks:UnassignInstance", "ec2:DescribeInstances" ], "malformed": false, "name": "AWSOpsWorksRegisterCLI_EC2", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-06-18T15:56:17+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/ROSANodePoolManagementPolicy", "createdate": "2023-06-08T20:48:08Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeImages", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeNetworkInterfaces", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "iam:CreateServiceLinkedRole", "iam:PassRole", "ec2:AuthorizeSecurityGroupIngress", "ec2:ModifyNetworkInterfaceAttribute", "ec2:ModifyNetworkInterfaceAttribute", "ec2:TerminateInstances", "ec2:CreateTags", "ec2:CreateTags", "ec2:CreateTags", "ec2:RunInstances", "ec2:RunInstances", "ec2:RunInstances", "kms:DescribeKey", "kms:GenerateDataKeyWithoutPlaintext", "kms:CreateGrant" ], "malformed": false, "name": "ROSANodePoolManagementPolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-06-08T20:48:08+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSDiscoveryContinuousExportFirehosePolicy", "createdate": "2021-06-08T17:32:46Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "glue:GetTableVersions", "s3:AbortMultipartUpload", "s3:GetBucketLocation", "s3:GetObject", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:PutObject", "logs:PutLogEvents" ], "malformed": false, "name": "AWSDiscoveryContinuousExportFirehosePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-06-08T17:32:46+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonLookoutVisionConsoleFullAccess", "createdate": "2021-05-11T19:37:17Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "lookoutvision:CreateDataset", "lookoutvision:CreateModel", "lookoutvision:CreateProject", "lookoutvision:DeleteDataset", "lookoutvision:DeleteModel", "lookoutvision:DeleteProject", "lookoutvision:DescribeDataset", "lookoutvision:DescribeModel", "lookoutvision:DescribeModelPackagingJob", "lookoutvision:DescribeProject", "lookoutvision:DescribeTrialDetection", "lookoutvision:DetectAnomalies", "lookoutvision:ListDatasetEntries", "lookoutvision:ListModelPackagingJobs", "lookoutvision:ListModels", "lookoutvision:ListProjects", "lookoutvision:ListTagsForResource", "lookoutvision:ListTrialDetections", "lookoutvision:StartModel", "lookoutvision:StartModelPackagingJob", "lookoutvision:StartTrialDetection", "lookoutvision:StopModel", "lookoutvision:TagResource", "lookoutvision:UntagResource", "lookoutvision:UpdateDatasetEntries", "s3:ListAllMyBuckets", "s3:CreateBucket", "s3:PutBucketVersioning", "s3:PutLifecycleConfiguration", "s3:PutEncryptionConfiguration", "s3:PutBucketPublicAccessBlock", "s3:ListBucket", "s3:GetBucketLocation", "s3:GetBucketVersioning", "s3:GetObject", "s3:GetObjectVersion", "s3:PutObject", "s3:AbortMultipartUpload", "s3:ListMultipartUploadParts", "groundtruthlabeling:RunGenerateManifestByCrawlingJob", "groundtruthlabeling:AssociatePatchToManifestJob", "groundtruthlabeling:DescribeConsoleJob", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "tag:GetTagKeys", "tag:GetTagValues", "kms:ListAliases" ], "malformed": false, "name": "AmazonLookoutVisionConsoleFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-05-11T19:37:17+00:00", "version": "v1" }, { "access_levels": [ "List", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonMWAAServiceRolePolicy", "createdate": "2022-11-17T00:56:25Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:CreateLogStream", "logs:CreateLogGroup", "logs:DescribeLogGroups", "ec2:AttachNetworkInterface", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DescribeDhcpOptions", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcs", "ec2:DetachNetworkInterface", "ec2:CreateVpcEndpoint", "ec2:ModifyVpcEndpoint", "ec2:DeleteVpcEndpoints", "ec2:CreateVpcEndpoint", "ec2:ModifyVpcEndpoint", "ec2:CreateTags", "cloudwatch:PutMetricData" ], "malformed": false, "name": "AmazonMWAAServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-17T00:56:25+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonGrafanaRedshiftAccess", "createdate": "2021-11-26T23:15:15Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "redshift:DescribeClusters", "redshift-data:GetStatementResult", "redshift-data:DescribeStatement", "secretsmanager:ListSecrets", "redshift-data:DescribeTable", "redshift-data:ExecuteStatement", "redshift-data:ListTables", "redshift-data:ListSchemas", "redshift:GetClusterCredentials", "secretsmanager:GetSecretValue" ], "malformed": false, "name": "AmazonGrafanaRedshiftAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-11-26T23:15:15+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSElementalMediaStoreFullAccess", "createdate": "2018-03-05T23:15:31Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "mediastore:CreateContainer", "mediastore:DeleteContainer", "mediastore:DeleteContainerPolicy", "mediastore:DeleteCorsPolicy", "mediastore:DeleteLifecyclePolicy", "mediastore:DeleteMetricPolicy", "mediastore:DeleteObject", "mediastore:DescribeContainer", "mediastore:DescribeObject", "mediastore:GetContainerPolicy", "mediastore:GetCorsPolicy", "mediastore:GetLifecyclePolicy", "mediastore:GetMetricPolicy", "mediastore:GetObject", "mediastore:ListContainers", "mediastore:ListItems", "mediastore:ListTagsForResource", "mediastore:PutContainerPolicy", "mediastore:PutCorsPolicy", "mediastore:PutLifecyclePolicy", "mediastore:PutMetricPolicy", "mediastore:PutObject", "mediastore:StartAccessLogging", "mediastore:StopAccessLogging", "mediastore:TagResource", "mediastore:UntagResource" ], "malformed": false, "name": "AWSElementalMediaStoreFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-03-05T23:15:31+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonElasticFileSystemClientReadWriteAccess", "createdate": "2020-01-13T16:21:55Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elasticfilesystem:ClientMount", "elasticfilesystem:ClientWrite", "elasticfilesystem:DescribeMountTargets" ], "malformed": false, "name": "AmazonElasticFileSystemClientReadWriteAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-01-13T16:21:55+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy", "createdate": "2022-02-22T09:53:17Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudformation:CreateChangeSet", "cloudformation:CreateStack", "cloudformation:DescribeChangeSet", "cloudformation:DeleteChangeSet", "cloudformation:DeleteStack", "cloudformation:DescribeStacks", "cloudformation:ExecuteChangeSet", "cloudformation:SetStackPolicy", "cloudformation:UpdateStack", "s3:AbortMultipartUpload", "s3:DeleteObject", "s3:GetObject", "s3:GetObjectVersion", "s3:PutObject", "iam:PassRole", "codebuild:BatchGetBuilds", "codebuild:StartBuild", "codecommit:CancelUploadArchive", "codecommit:GetBranch", "codecommit:GetCommit", "codecommit:GetUploadArchiveStatus", "codecommit:UploadArchive" ], "malformed": false, "name": "AmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-02-22T09:53:17+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSBillingConductorFullAccess", "createdate": "2022-04-13T18:02:29Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "billingconductor:AssociateAccounts", "billingconductor:AssociatePricingRules", "billingconductor:BatchAssociateResourcesToCustomLineItem", "billingconductor:BatchDisassociateResourcesFromCustomLineItem", "billingconductor:CreateBillingGroup", "billingconductor:CreateCustomLineItem", "billingconductor:CreatePricingPlan", "billingconductor:CreatePricingRule", "billingconductor:DeleteBillingGroup", "billingconductor:DeleteCustomLineItem", "billingconductor:DeletePricingPlan", "billingconductor:DeletePricingRule", "billingconductor:DisassociateAccounts", "billingconductor:DisassociatePricingRules", "billingconductor:GetBillingGroupCostReport", "billingconductor:ListAccountAssociations", "billingconductor:ListBillingGroupCostReports", "billingconductor:ListBillingGroups", "billingconductor:ListCustomLineItemVersions", "billingconductor:ListCustomLineItems", "billingconductor:ListPricingPlans", "billingconductor:ListPricingPlansAssociatedWithPricingRule", "billingconductor:ListPricingRules", "billingconductor:ListPricingRulesAssociatedToPricingPlan", "billingconductor:ListResourcesAssociatedToCustomLineItem", "billingconductor:ListTagsForResource", "billingconductor:TagResource", "billingconductor:UntagResource", "billingconductor:UpdateBillingGroup", "billingconductor:UpdateCustomLineItem", "billingconductor:UpdatePricingPlan", "billingconductor:UpdatePricingRule", "organizations:ListAccounts", "pricing:DescribeServices" ], "malformed": false, "name": "AWSBillingConductorFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-04-13T18:02:29+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerGeospatialExecutionRole", "createdate": "2023-05-10T20:28:02Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:AbortMultipartUpload", "s3:PutObject", "s3:GetObject", "s3:ListBucketMultipartUploads", "sagemaker-geospatial:GetEarthObservationJob", "sagemaker-geospatial:GetRasterDataCollection" ], "malformed": false, "name": "AmazonSageMakerGeospatialExecutionRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-05-10T20:28:02+00:00", "version": "v2" }, { "access_levels": [ "Read" ], "arn": null, "createdate": "2022-11-16T20:51:43Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [ "iotroborunner:GetSite", "iotroborunner:GetWorker", "iotroborunner:ListWorkerFleets", "iotroborunner:ListSites", "iotroborunner:ListWorkers", "iotroborunner:GetDestination", "iotroborunner:GetWorkerFleet", "iotroborunner:ListDestinations" ], "malformed": false, "name": "AWSIotRoboRunnerReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonBraketFullAccess", "createdate": "2023-04-19T16:25:29Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:GetObject", "s3:PutObject", "s3:ListBucket", "s3:CreateBucket", "s3:PutBucketPublicAccessBlock", "s3:PutBucketPolicy", "s3:ListAllMyBuckets", "servicequotas:GetServiceQuota", "cloudwatch:GetMetricData", "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", "ecr:BatchCheckLayerAvailability", "ecr:GetAuthorizationToken", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:GetDataProtectionPolicy", "logs:GetDelivery", "logs:GetDeliveryDestination", "logs:GetDeliveryDestinationPolicy", "logs:GetDeliverySource", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetLogRecord", "logs:GetQueryResults", "logs:ListAnomalies", "logs:ListLogAnomalyDetectors", "logs:ListLogDeliveries", "logs:ListTagsForResource", "logs:ListTagsLogGroup", "logs:StartQuery", "logs:StopQuery", "logs:TestMetricFilter", "logs:FilterLogEvents", "iam:ListRoles", "iam:ListRolePolicies", "iam:GetRole", "iam:GetRolePolicy", "iam:ListAttachedRolePolicies", "sagemaker:ListNotebookInstances", "sagemaker:CreatePresignedNotebookInstanceUrl", "sagemaker:CreateNotebookInstance", "sagemaker:DeleteNotebookInstance", "sagemaker:DescribeNotebookInstance", "sagemaker:StartNotebookInstance", "sagemaker:StopNotebookInstance", "sagemaker:UpdateNotebookInstance", "sagemaker:ListTags", "sagemaker:AddTags", "sagemaker:DeleteTags", "sagemaker:DescribeNotebookInstanceLifecycleConfig", "sagemaker:CreateNotebookInstanceLifecycleConfig", "sagemaker:DeleteNotebookInstanceLifecycleConfig", "sagemaker:ListNotebookInstanceLifecycleConfigs", "sagemaker:UpdateNotebookInstanceLifecycleConfig", "braket:AcceptUserAgreement", "braket:AccessBraketFeature", "braket:CancelJob", "braket:CancelQuantumTask", "braket:CreateJob", "braket:CreateQuantumTask", "braket:GetDevice", "braket:GetJob", "braket:GetQuantumTask", "braket:GetServiceLinkedRoleStatus", "braket:GetUserAgreementStatus", "braket:ListTagsForResource", "braket:SearchDevices", "braket:SearchJobs", "braket:SearchQuantumTasks", "braket:TagResource", "braket:UntagResource", "iam:CreateServiceLinkedRole", "iam:PassRole", "iam:PassRole", "logs:GetQueryResults", "logs:PutLogEvents", "logs:CreateLogStream", "logs:CreateLogGroup", "cloudwatch:PutMetricData" ], "malformed": false, "name": "AmazonBraketFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-19T16:25:29+00:00", "version": "v6" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonMacieReadOnlyAccess", "createdate": "2023-06-15T21:50:06Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "macie2:DescribeBuckets", "macie2:DescribeClassificationJob", "macie2:DescribeOrganizationConfiguration", "macie2:GetAdministratorAccount", "macie2:GetAllowList", "macie2:GetAutomatedDiscoveryConfiguration", "macie2:GetBucketStatistics", "macie2:GetClassificationExportConfiguration", "macie2:GetClassificationScope", "macie2:GetCustomDataIdentifier", "macie2:GetFindingStatistics", "macie2:GetFindings", "macie2:GetFindingsFilter", "macie2:GetFindingsPublicationConfiguration", "macie2:GetInvitationsCount", "macie2:GetMacieSession", "macie2:GetMasterAccount", "macie2:GetMember", "macie2:GetResourceProfile", "macie2:GetRevealConfiguration", "macie2:GetSensitiveDataOccurrences", "macie2:GetSensitiveDataOccurrencesAvailability", "macie2:GetSensitivityInspectionTemplate", "macie2:GetUsageStatistics", "macie2:GetUsageTotals", "macie2:ListAllowLists", "macie2:ListClassificationJobs", "macie2:ListClassificationScopes", "macie2:ListCustomDataIdentifiers", "macie2:ListFindings", "macie2:ListFindingsFilters", "macie2:ListInvitations", "macie2:ListManagedDataIdentifiers", "macie2:ListMembers", "macie2:ListOrganizationAdminAccounts", "macie2:ListResourceProfileArtifacts", "macie2:ListResourceProfileDetections", "macie2:ListSensitivityInspectionTemplates", "macie2:ListTagsForResource", "macie2:BatchGetCustomDataIdentifiers", "macie2:SearchResources" ], "malformed": false, "name": "AmazonMacieReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-06-15T21:50:06+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSCodeCommitPowerUser", "createdate": "2023-07-17T21:49:06Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "codecommit:AssociateApprovalRuleTemplateWithRepository", "codecommit:BatchAssociateApprovalRuleTemplateWithRepositories", "codecommit:BatchDisassociateApprovalRuleTemplateFromRepositories", "codecommit:BatchGetCommits", "codecommit:BatchGetPullRequests", "codecommit:BatchGetRepositories", "codecommit:BatchDescribeMergeConflicts", "codecommit:CreateApprovalRuleTemplate", "codecommit:CreateBranch", "codecommit:CreateCommit", "codecommit:CreatePullRequest", "codecommit:CreatePullRequestApprovalRule", "codecommit:CreateRepository", "codecommit:CreateUnreferencedMergeCommit", "codecommit:DeleteBranch", "codecommit:DeleteFile", "codecommit:DescribeMergeConflicts", "codecommit:DescribePullRequestEvents", "codecommit:DisassociateApprovalRuleTemplateFromRepository", "codecommit:EvaluatePullRequestApprovalRules", "codecommit:GetApprovalRuleTemplate", "codecommit:GetBlob", "codecommit:GetBranch", "codecommit:GetComment", "codecommit:GetCommentReactions", "codecommit:GetCommentsForComparedCommit", "codecommit:GetCommentsForPullRequest", "codecommit:GetCommit", "codecommit:GetCommitHistory", "codecommit:GetCommitsFromMergeBase", "codecommit:GetDifferences", "codecommit:GetFile", "codecommit:GetFolder", "codecommit:GetMergeCommit", "codecommit:GetMergeConflicts", "codecommit:GetMergeOptions", "codecommit:GetObjectIdentifier", "codecommit:GetPullRequest", "codecommit:GetPullRequestApprovalStates", "codecommit:GetPullRequestOverrideState", "codecommit:GetReferences", "codecommit:GetRepository", "codecommit:GetRepositoryTriggers", "codecommit:GetTree", "codecommit:GetUploadArchiveStatus", "codecommit:ListApprovalRuleTemplates", "codecommit:ListAssociatedApprovalRuleTemplatesForRepository", "codecommit:ListBranches", "codecommit:ListFileCommitHistory", "codecommit:ListPullRequests", "codecommit:ListRepositories", "codecommit:ListRepositoriesForApprovalRuleTemplate", "codecommit:ListTagsForResource", "codecommit:MergeBranchesByFastForward", "codecommit:MergeBranchesBySquash", "codecommit:MergeBranchesByThreeWay", "codecommit:MergePullRequestByFastForward", "codecommit:MergePullRequestBySquash", "codecommit:MergePullRequestByThreeWay", "codecommit:OverridePullRequestApprovalRules", "codecommit:PutCommentReaction", "codecommit:PutFile", "codecommit:PutRepositoryTriggers", "codecommit:PostCommentForComparedCommit", "codecommit:PostCommentForPullRequest", "codecommit:PostCommentReply", "codecommit:TagResource", "codecommit:TestRepositoryTriggers", "codecommit:UntagResource", "codecommit:UpdateApprovalRuleTemplateContent", "codecommit:UpdateApprovalRuleTemplateDescription", "codecommit:UpdateApprovalRuleTemplateName", "codecommit:UpdateComment", "codecommit:UpdateDefaultBranch", "codecommit:UpdatePullRequestApprovalRuleContent", "codecommit:UpdatePullRequestApprovalState", "codecommit:UpdatePullRequestDescription", "codecommit:UpdatePullRequestStatus", "codecommit:UpdatePullRequestTitle", "codecommit:UpdateRepositoryDescription", "codecommit:UpdateRepositoryEncryptionKey", "codecommit:UpdateRepositoryName", "codecommit:GitPull", "codecommit:GitPush", "events:DeleteRule", "events:DescribeRule", "events:DisableRule", "events:EnableRule", "events:PutRule", "events:PutTargets", "events:RemoveTargets", "events:ListTargetsByRule", "sns:Subscribe", "sns:Unsubscribe", "sns:ListTopics", "sns:ListSubscriptionsByTopic", "sns:GetTopicAttributes", "lambda:ListFunctions", "iam:ListUsers", "iam:ListAccessKeys", "iam:ListSSHPublicKeys", "iam:ListServiceSpecificCredentials", "iam:DeleteSSHPublicKey", "iam:GetSSHPublicKey", "iam:ListSSHPublicKeys", "iam:UpdateSSHPublicKey", "iam:UploadSSHPublicKey", "iam:CreateServiceSpecificCredential", "iam:UpdateServiceSpecificCredential", "iam:DeleteServiceSpecificCredential", "iam:ResetServiceSpecificCredential", "codestar-notifications:CreateNotificationRule", "codestar-notifications:DescribeNotificationRule", "codestar-notifications:UpdateNotificationRule", "codestar-notifications:Subscribe", "codestar-notifications:Unsubscribe", "codestar-notifications:ListNotificationRules", "codestar-notifications:ListTargets", "codestar-notifications:ListTagsForResource", "codestar-notifications:ListEventTypes", "codeguru-reviewer:AssociateRepository", "codeguru-reviewer:DescribeRepositoryAssociation", "codeguru-reviewer:ListRepositoryAssociations", "codeguru-reviewer:DisassociateRepository", "codeguru-reviewer:DescribeCodeReview", "codeguru-reviewer:ListCodeReviews", "iam:CreateServiceLinkedRole", "events:PutRule", "events:PutTargets", "events:DeleteRule", "events:RemoveTargets", "chatbot:DescribeSlackChannelConfigurations", "chatbot:ListMicrosoftTeamsChannelConfigurations", "codestar-connections:ListConnections", "codestar-connections:GetConnection" ], "malformed": false, "name": "AWSCodeCommitPowerUser", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-07-17T21:49:06+00:00", "version": "v15" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSIoTEventsFullAccess", "createdate": "2019-01-10T22:51:57Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iotevents:BatchAcknowledgeAlarm", "iotevents:BatchDeleteDetector", "iotevents:BatchDisableAlarm", "iotevents:BatchEnableAlarm", "iotevents:BatchPutMessage", "iotevents:BatchResetAlarm", "iotevents:BatchSnoozeAlarm", "iotevents:BatchUpdateDetector", "iotevents:CreateAlarmModel", "iotevents:CreateDetectorModel", "iotevents:CreateInput", "iotevents:DeleteAlarmModel", "iotevents:DeleteDetectorModel", "iotevents:DeleteInput", "iotevents:DescribeAlarm", "iotevents:DescribeAlarmModel", "iotevents:DescribeDetector", "iotevents:DescribeDetectorModel", "iotevents:DescribeDetectorModelAnalysis", "iotevents:DescribeInput", "iotevents:DescribeLoggingOptions", "iotevents:GetDetectorModelAnalysisResults", "iotevents:ListAlarmModelVersions", "iotevents:ListAlarmModels", "iotevents:ListAlarms", "iotevents:ListDetectorModelVersions", "iotevents:ListDetectorModels", "iotevents:ListDetectors", "iotevents:ListInputRoutings", "iotevents:ListInputs", "iotevents:ListTagsForResource", "iotevents:PutLoggingOptions", "iotevents:StartDetectorModelAnalysis", "iotevents:TagResource", "iotevents:UntagResource", "iotevents:UpdateAlarmModel", "iotevents:UpdateDetectorModel", "iotevents:UpdateInput", "iotevents:UpdateInputRouting" ], "malformed": false, "name": "AWSIoTEventsFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-01-10T22:51:57+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSAppRunnerServicePolicyForECRAccess", "createdate": "2021-05-14T19:17:21Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", "ecr:DescribeImages", "ecr:GetAuthorizationToken", "ecr:BatchCheckLayerAvailability" ], "malformed": false, "name": "AWSAppRunnerServicePolicyForECRAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-05-14T19:17:21+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorECSAccess", "createdate": "2024-01-25T16:16:02Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ecs:DescribeClusters", "ecs:ListContainerInstances", "ecs:DescribeTasks", "ecs:StopTask", "ecs:UpdateContainerInstancesState", "ecs:ListTasks", "ssm:SendCommand", "ssm:ListCommands", "ssm:CancelCommand", "tag:GetResources" ], "malformed": false, "name": "AWSFaultInjectionSimulatorECSAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-25T16:16:02+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSMarketplaceDeploymentServiceRolePolicy", "createdate": "2023-11-15T23:34:33Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "secretsmanager:CreateSecret", "secretsmanager:PutSecretValue", "secretsmanager:DescribeSecret", "secretsmanager:DeleteSecret", "secretsmanager:RemoveRegionsFromReplication", "secretsmanager:ListSecrets", "secretsmanager:TagResource" ], "malformed": false, "name": "AWSMarketplaceDeploymentServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-15T23:34:33+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSRoboMakerServiceRolePolicy", "createdate": "2018-11-26T05:33:19Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ec2:CreateNetworkInterfacePermission", "ec2:DescribeNetworkInterfaces", "ec2:DeleteNetworkInterface", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeSecurityGroups", "greengrass:CreateDeployment", "greengrass:CreateGroupVersion", "greengrass:CreateFunctionDefinition", "greengrass:CreateFunctionDefinitionVersion", "greengrass:GetDeploymentStatus", "greengrass:GetGroup", "greengrass:GetGroupVersion", "greengrass:GetCoreDefinitionVersion", "greengrass:GetFunctionDefinitionVersion", "greengrass:GetAssociatedRole", "lambda:CreateFunction", "lambda:UpdateFunctionCode", "lambda:GetFunction", "lambda:UpdateFunctionConfiguration", "iam:PassRole" ], "malformed": false, "name": "AWSRoboMakerServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-11-26T05:33:19+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management", "Unknown" ], "arn": "arn:aws:iam::aws:policy/AdministratorAccess-AWSElasticBeanstalk", "createdate": "2023-03-23T23:45:23Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "acm:DescribeCertificate", "acm:ListCertificates", "acm:ListTagsForCertificate", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeChangeSet", "cloudformation:DescribeChangeSetHooks", "cloudformation:DescribeGeneratedTemplate", "cloudformation:DescribeOrganizationsAccess", "cloudformation:DescribePublisher", "cloudformation:DescribeResourceScan", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:DescribeType", "cloudformation:DescribeTypeRegistration", "cloudformation:EstimateTemplateCost", "cloudformation:GetResource", "cloudformation:GetResourceRequestStatus", "cloudformation:GetGeneratedTemplate", "cloudformation:GetStackPolicy", "cloudformation:GetTemplate", "cloudformation:GetTemplateSummary", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "cloudformation:ValidateTemplate", "cloudtrail:LookupEvents", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "codecommit:GetApprovalRuleTemplate", "codecommit:GetBlob", "codecommit:GetBranch", "codecommit:GetComment", "codecommit:GetCommentReactions", "codecommit:GetCommentsForComparedCommit", "codecommit:GetCommentsForPullRequest", "codecommit:GetCommit", "codecommit:GetCommitHistory", "codecommit:GetCommitsFromMergeBase", "codecommit:GetDifferences", "codecommit:GetFile", "codecommit:GetFolder", "codecommit:GetMergeCommit", "codecommit:GetMergeConflicts", "codecommit:GetMergeOptions", "codecommit:GetObjectIdentifier", "codecommit:GetPullRequest", "codecommit:GetPullRequestApprovalStates", "codecommit:GetPullRequestOverrideState", "codecommit:GetReferences", "codecommit:GetRepository", "codecommit:GetRepositoryTriggers", "codecommit:GetTree", "codecommit:GetUploadArchiveStatus", "codecommit:UploadArchive", "ec2:AllocateAddress", "ec2:AssociateAddress", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateLaunchTemplate", "ec2:CreateLaunchTemplateVersion", "ec2:CreateSecurityGroup", "ec2:CreateTags", "ec2:DeleteLaunchTemplate", "ec2:DeleteLaunchTemplateVersions", "ec2:DeleteSecurityGroup", "ec2:DeleteTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:DisassociateAddress", "ec2:ReleaseAddress", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ecs:CreateCluster", "ecs:DeregisterTaskDefinition", "ecs:DescribeCapacityProviders", "ecs:DescribeClusters", "ecs:DescribeContainerInstances", "ecs:DescribeServices", "ecs:DescribeTaskDefinition", "ecs:DescribeTaskSets", "ecs:DescribeTasks", "ecs:ListAccountSettings", "ecs:ListAttributes", "ecs:ListClusters", "ecs:ListContainerInstances", "ecs:ListServices", "ecs:ListServicesByNamespace", "ecs:ListTagsForResource", "ecs:ListTaskDefinitionFamilies", "ecs:ListTaskDefinitions", "ecs:ListTasks", "ecs:RegisterTaskDefinition", "elasticbeanstalk:AbortEnvironmentUpdate", "elasticbeanstalk:AddTags", "elasticbeanstalk:ApplyEnvironmentManagedAction", "elasticbeanstalk:AssociateEnvironmentOperationsRole", "elasticbeanstalk:CheckDNSAvailability", "elasticbeanstalk:ComposeEnvironments", "elasticbeanstalk:CreateApplication", "elasticbeanstalk:CreateApplicationVersion", "elasticbeanstalk:CreateConfigurationTemplate", "elasticbeanstalk:CreateEnvironment", "elasticbeanstalk:CreatePlatformVersion", "elasticbeanstalk:CreateStorageLocation", "elasticbeanstalk:DeleteApplication", "elasticbeanstalk:DeleteApplicationVersion", "elasticbeanstalk:DeleteConfigurationTemplate", "elasticbeanstalk:DeleteEnvironmentConfiguration", "elasticbeanstalk:DeletePlatformVersion", "elasticbeanstalk:DescribeAccountAttributes", "elasticbeanstalk:DescribeApplicationVersions", "elasticbeanstalk:DescribeApplications", "elasticbeanstalk:DescribeConfigurationOptions", "elasticbeanstalk:DescribeConfigurationSettings", "elasticbeanstalk:DescribeEnvironmentHealth", "elasticbeanstalk:DescribeEnvironmentManagedActionHistory", "elasticbeanstalk:DescribeEnvironmentManagedActions", "elasticbeanstalk:DescribeEnvironmentResources", "elasticbeanstalk:DescribeEnvironments", "elasticbeanstalk:DescribeEvents", "elasticbeanstalk:DescribeInstancesHealth", "elasticbeanstalk:DescribePlatformVersion", "elasticbeanstalk:DisassociateEnvironmentOperationsRole", "elasticbeanstalk:ListAvailableSolutionStacks", "elasticbeanstalk:ListPlatformBranches", "elasticbeanstalk:ListPlatformVersions", "elasticbeanstalk:ListTagsForResource", "elasticbeanstalk:PutInstanceStatistics", "elasticbeanstalk:RebuildEnvironment", "elasticbeanstalk:RemoveTags", "elasticbeanstalk:RequestEnvironmentInfo", "elasticbeanstalk:RestartAppServer", "elasticbeanstalk:RetrieveEnvironmentInfo", "elasticbeanstalk:SwapEnvironmentCNAMEs", "elasticbeanstalk:TerminateEnvironment", "elasticbeanstalk:UpdateApplication", "elasticbeanstalk:UpdateApplicationResourceLifecycle", "elasticbeanstalk:UpdateApplicationVersion", "elasticbeanstalk:UpdateConfigurationTemplate", "elasticbeanstalk:UpdateEnvironment", "elasticbeanstalk:UpdateTagsForResource", "elasticbeanstalk:ValidateConfigurationSettings", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "iam:GetRole", "iam:ListAttachedRolePolicies", "iam:ListInstanceProfiles", "iam:ListRolePolicies", "iam:ListRoles", "iam:ListServerCertificates", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "rds:DescribeAccountAttributes", "rds:DescribeBlueGreenDeployments", "rds:DescribeCertificates", "rds:DescribeDBClusterAutomatedBackups", "rds:DescribeDBClusterBacktracks", "rds:DescribeDBClusterEndpoints", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBProxies", "rds:DescribeDBProxyEndpoints", "rds:DescribeDBProxyTargetGroups", "rds:DescribeDBProxyTargets", "rds:DescribeDBRecommendations", "rds:DescribeDBSecurityGroups", "rds:DescribeDBShardGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeDbSnapshotTenantDatabases", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeExportTasks", "rds:DescribeGlobalClusters", "rds:DescribeIntegrations", "rds:DescribeOptionGroupOptions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeRecommendationGroups", "rds:DescribeRecommendations", "rds:DescribeReservedDBInstances", "rds:DescribeReservedDBInstancesOfferings", "rds:DescribeSourceRegions", "rds:DescribeTenantDatabases", "rds:DescribeValidDBInstanceModifications", "s3:ListAllMyBuckets", "sns:ListSubscriptionsByTopic", "sns:ListTopics", "sqs:ListQueues", "autoscaling:AttachInstances", "autoscaling:AttachLoadBalancerTargetGroups", "autoscaling:AttachLoadBalancers", "autoscaling:AttachTrafficSources", "autoscaling:BatchDeleteScheduledAction", "autoscaling:BatchPutScheduledUpdateGroupAction", "autoscaling:CancelInstanceRefresh", "autoscaling:CompleteLifecycleAction", "autoscaling:CreateAutoScalingGroup", "autoscaling:CreateLaunchConfiguration", "autoscaling:CreateOrUpdateTags", "autoscaling:DeleteAutoScalingGroup", "autoscaling:DeleteLaunchConfiguration", "autoscaling:DeleteLifecycleHook", "autoscaling:DeleteNotificationConfiguration", "autoscaling:DeletePolicy", "autoscaling:DeleteScheduledAction", "autoscaling:DeleteTags", "autoscaling:DeleteWarmPool", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "autoscaling:DetachInstances", "autoscaling:DetachLoadBalancerTargetGroups", "autoscaling:DetachLoadBalancers", "autoscaling:DetachTrafficSources", "autoscaling:DisableMetricsCollection", "autoscaling:EnableMetricsCollection", "autoscaling:EnterStandby", "autoscaling:ExecutePolicy", "autoscaling:ExitStandby", "autoscaling:GetPredictiveScalingForecast", "autoscaling:PutLifecycleHook", "autoscaling:PutNotificationConfiguration", "autoscaling:PutScalingPolicy", "autoscaling:PutScheduledUpdateGroupAction", "autoscaling:PutWarmPool", "autoscaling:RecordLifecycleActionHeartbeat", "autoscaling:ResumeProcesses", "autoscaling:RollbackInstanceRefresh", "autoscaling:SetDesiredCapacity", "autoscaling:SetInstanceHealth", "autoscaling:SetInstanceProtection", "autoscaling:StartInstanceRefresh", "autoscaling:SuspendProcesses", "autoscaling:TerminateInstanceInAutoScalingGroup", "autoscaling:UpdateAutoScalingGroup", "cloudformation:CancelUpdateStack", "cloudformation:ContinueUpdateRollback", "cloudformation:CreateStack", "cloudformation:DeleteStack", "cloudformation:GetTemplate", "cloudformation:ListStackResources", "cloudformation:SignalResource", "cloudformation:TagResource", "cloudformation:UntagResource", "cloudformation:UpdateStack", "cloudwatch:DeleteAlarms", "cloudwatch:PutMetricAlarm", "codebuild:BatchGetBuilds", "codebuild:CreateProject", "codebuild:DeleteProject", "codebuild:StartBuild", "dynamodb:CreateTable", "dynamodb:DeleteTable", "dynamodb:DescribeTable", "dynamodb:TagResource", "ec2:RebootInstances", "ec2:TerminateInstances", "ec2:RunInstances", "ecs:DeleteCluster", "elasticloadbalancing:CreateRule", "elasticloadbalancing:DeleteRule", "elasticloadbalancing:ModifyRule", "elasticloadbalancing:AddTags", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:RemoveTags", "elasticloadbalancing:SetRulePriorities", "elasticloadbalancing:SetSecurityGroups", "elasticloadbalancing:AddTags", "elasticloadbalancing:ApplySecurityGroupsToLoadBalancer", "elasticloadbalancing:AttachLoadBalancerToSubnets", "elasticloadbalancing:ConfigureHealthCheck", "elasticloadbalancing:CreateAppCookieStickinessPolicy", "elasticloadbalancing:CreateLBCookieStickinessPolicy", "elasticloadbalancing:CreateLoadBalancer", "elasticloadbalancing:CreateLoadBalancerListeners", "elasticloadbalancing:CreateLoadBalancerPolicy", "elasticloadbalancing:DeleteLoadBalancer", "elasticloadbalancing:DeleteLoadBalancerListeners", "elasticloadbalancing:DeleteLoadBalancerPolicy", "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DetachLoadBalancerFromSubnets", "elasticloadbalancing:DisableAvailabilityZonesForLoadBalancer", "elasticloadbalancing:EnableAvailabilityZonesForLoadBalancer", "elasticloadbalancing:ModifyLoadBalancerAttributes", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:RemoveTags", "elasticloadbalancing:SetLoadBalancerListenerSSLCertificate", "elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer", "elasticloadbalancing:SetLoadBalancerPoliciesOfListener", "elasticloadbalancing:AddListenerCertificates", "elasticloadbalancing:AddTrustStoreRevocations", "elasticloadbalancing:CreateListener", "elasticloadbalancing:CreateRule", "elasticloadbalancing:CreateTargetGroup", "elasticloadbalancing:CreateTrustStore", "elasticloadbalancing:DeleteListener", "elasticloadbalancing:DeleteRule", "elasticloadbalancing:DeleteTargetGroup", "elasticloadbalancing:DeleteTrustStore", "elasticloadbalancing:DeregisterTargets", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "elasticloadbalancing:GetTrustStoreCaCertificatesBundle", "elasticloadbalancing:GetTrustStoreRevocationContent", "elasticloadbalancing:ModifyListener", "elasticloadbalancing:ModifyRule", "elasticloadbalancing:ModifyTargetGroup", "elasticloadbalancing:ModifyTargetGroupAttributes", "elasticloadbalancing:ModifyTrustStore", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:RemoveListenerCertificates", "elasticloadbalancing:RemoveTrustStoreRevocations", "elasticloadbalancing:SetIpAddressType", "elasticloadbalancing:SetRulePriorities", "elasticloadbalancing:SetSecurityGroups", "elasticloadbalancing:SetSubnets", "elasticloadbalancing:SetWebAcl", "iam:AddRoleToInstanceProfile", "iam:CreateInstanceProfile", "iam:CreateRole", "iam:AttachRolePolicy", "iam:PassRole", "iam:CreateServiceLinkedRole", "logs:CreateLogGroup", "logs:DeleteLogGroup", "logs:PutRetentionPolicy", "rds:CreateDBSubnetGroup", "rds:DeleteDBSubnetGroup", "rds:ModifyDBSubnetGroup", "rds:AuthorizeDBSecurityGroupIngress", "rds:CreateDBInstance", "rds:CreateDBSecurityGroup", "rds:DeleteDBInstance", "rds:DeleteDBSecurityGroup", "rds:ModifyDBInstance", "rds:RestoreDBInstanceFromDBSnapshot", "s3:DeleteAccessGrant", "s3:DeleteAccessGrantsInstance", "s3:DeleteAccessGrantsInstanceResourcePolicy", "s3:DeleteAccessGrantsLocation", "s3:DeleteAccessPoint", "s3:DeleteAccessPointForObjectLambda", "s3:DeleteAccessPointPolicy", "s3:DeleteAccessPointPolicyForObjectLambda", "s3:DeleteBucket", "s3:DeleteBucketPolicy", "s3:DeleteBucketWebsite", "s3:DeleteIntelligentTieringConfiguration", "s3:DeleteJobTagging", "s3:DeleteMultiRegionAccessPoint", "s3:DeleteObject", "s3:DeleteObjectTagging", "s3:DeleteObjectVersion", "s3:DeleteObjectVersionTagging", "s3:DeleteStorageLensConfiguration", "s3:DeleteStorageLensConfigurationTagging", "s3:DeleteStorageLensGroup", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:PutAccelerateConfiguration", "s3:PutAccessGrantsInstanceResourcePolicy", "s3:PutAccessPointConfigurationForObjectLambda", "s3:PutAccessPointPolicy", "s3:PutAccessPointPolicyForObjectLambda", "s3:PutAccessPointPublicAccessBlock", "s3:PutAccountPublicAccessBlock", "s3:PutAnalyticsConfiguration", "s3:PutBucketAcl", "s3:PutBucketCORS", "s3:PutBucketLogging", "s3:PutBucketNotification", "s3:PutBucketObjectLockConfiguration", "s3:PutBucketOwnershipControls", "s3:PutBucketPolicy", "s3:PutBucketPublicAccessBlock", "s3:PutBucketRequestPayment", "s3:PutBucketTagging", "s3:PutBucketVersioning", "s3:PutBucketWebsite", "s3:PutEncryptionConfiguration", "s3:PutIntelligentTieringConfiguration", "s3:PutInventoryConfiguration", "s3:PutJobTagging", "s3:PutLifecycleConfiguration", "s3:PutMetricsConfiguration", "s3:PutMultiRegionAccessPointPolicy", "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionAcl", "s3:PutObjectVersionTagging", "s3:PutReplicationConfiguration", "s3:PutStorageLensConfiguration", "s3:PutStorageLensConfigurationTagging", "s3:CreateBucket", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:ListBucket", "s3:PutBucketPolicy", "sns:CreateTopic", "sns:DeleteTopic", "sns:GetTopicAttributes", "sns:Publish", "sns:SetTopicAttributes", "sns:Subscribe", "sns:Unsubscribe", "sqs:GetQueueAttributes", "sqs:SetQueueAttributes", "sqs:CreateQueue", "sqs:DeleteQueue", "sqs:SendMessage", "sqs:TagQueue", "ecs:TagResource" ], "malformed": false, "name": "AdministratorAccess-AWSElasticBeanstalk", "privesc": true, "resource_exposure": true, "undocumented_actions": true, "unknown_actions": false, "updatedate": "2023-03-23T23:45:23+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonOmicsReadOnlyAccess", "createdate": "2022-11-29T04:17:07Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "omics:GetAnnotationImportJob", "omics:GetAnnotationStore", "omics:GetAnnotationStoreVersion", "omics:GetReadSet", "omics:GetReadSetActivationJob", "omics:GetReadSetExportJob", "omics:GetReadSetImportJob", "omics:GetReadSetMetadata", "omics:GetReference", "omics:GetReferenceImportJob", "omics:GetReferenceMetadata", "omics:GetReferenceStore", "omics:GetRun", "omics:GetRunGroup", "omics:GetRunTask", "omics:GetSequenceStore", "omics:GetShare", "omics:GetVariantImportJob", "omics:GetVariantStore", "omics:GetWorkflow", "omics:ListAnnotationImportJobs", "omics:ListAnnotationStoreVersions", "omics:ListAnnotationStores", "omics:ListMultipartReadSetUploads", "omics:ListReadSetActivationJobs", "omics:ListReadSetExportJobs", "omics:ListReadSetImportJobs", "omics:ListReadSetUploadParts", "omics:ListReadSets", "omics:ListReferenceImportJobs", "omics:ListReferenceStores", "omics:ListReferences", "omics:ListRunGroups", "omics:ListRunTasks", "omics:ListRuns", "omics:ListSequenceStores", "omics:ListShares", "omics:ListTagsForResource", "omics:ListVariantImportJobs", "omics:ListVariantStores", "omics:ListWorkflows" ], "malformed": false, "name": "AmazonOmicsReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-29T04:17:07+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSUserNotificationsServiceLinkedRolePolicy", "createdate": "2023-04-19T13:28:34Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "events:DescribeRule", "events:PutRule", "events:PutTargets", "events:DeleteRule", "events:ListTargetsByRule", "events:RemoveTargets", "cloudwatch:PutMetricData" ], "malformed": false, "name": "AWSUserNotificationsServiceLinkedRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-19T13:28:34+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/CloudWatchEventsInvocationAccess", "createdate": "2016-01-14T18:36:33Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "kinesis:PutRecord" ], "malformed": false, "name": "CloudWatchEventsInvocationAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2016-01-14T18:36:33+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSCodeStarNotificationsServiceRolePolicy", "createdate": "2020-03-19T16:01:55Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "events:PutTargets", "events:PutRule", "events:DescribeRule", "sns:CreateTopic", "codecommit:GetCommentsForPullRequest", "codecommit:GetCommentsForComparedCommit", "chatbot:DescribeSlackChannelConfigurations", "chatbot:UpdateSlackChannelConfiguration", "codecommit:GetDifferences", "codepipeline:ListActionExecutions", "codecommit:GetFile" ], "malformed": false, "name": "AWSCodeStarNotificationsServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-03-19T16:01:55+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonElasticContainerRegistryPublicFullAccess", "createdate": "2020-12-01T17:25:52Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "ecr-public:BatchCheckLayerAvailability", "ecr-public:BatchDeleteImage", "ecr-public:CompleteLayerUpload", "ecr-public:CreateRepository", "ecr-public:DeleteRepository", "ecr-public:DeleteRepositoryPolicy", "ecr-public:DescribeImageTags", "ecr-public:DescribeImages", "ecr-public:DescribeRegistries", "ecr-public:DescribeRepositories", "ecr-public:GetAuthorizationToken", "ecr-public:GetRegistryCatalogData", "ecr-public:GetRepositoryCatalogData", "ecr-public:GetRepositoryPolicy", "ecr-public:InitiateLayerUpload", "ecr-public:ListTagsForResource", "ecr-public:PutImage", "ecr-public:PutRegistryCatalogData", "ecr-public:PutRepositoryCatalogData", "ecr-public:SetRepositoryPolicy", "ecr-public:TagResource", "ecr-public:UntagResource", "ecr-public:UploadLayerPart", "sts:GetServiceBearerToken" ], "malformed": false, "name": "AmazonElasticContainerRegistryPublicFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-01T17:25:52+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonRedshiftServiceLinkedRolePolicy", "createdate": "2024-03-15T20:00:47Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeNetworkInterfaces", "ec2:DescribeAddresses", "ec2:AssociateAddress", "ec2:DisassociateAddress", "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:ModifyNetworkInterfaceAttribute", "ec2:CreateVpcEndpoint", "ec2:DeleteVpcEndpoints", "ec2:DescribeVpcEndpoints", "ec2:ModifyVpcEndpoint", "ec2:AllocateAddress", "ec2:ReleaseAddress", "logs:CreateLogGroup", "logs:PutRetentionPolicy", "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogStreams", "logs:GetLogEvents", "ec2:CreateSecurityGroup", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:ModifySecurityGroupRules", "ec2:DeleteSecurityGroup", "ec2:CreateSecurityGroup", "ec2:CreateTags", "ec2:DescribeVpcAttribute", "ec2:DescribeSecurityGroups", "ec2:DescribeInternetGateways", "ec2:DescribeSecurityGroupRules", "ec2:DescribeAvailabilityZones", "ec2:DescribeNetworkAcls", "ec2:DescribeRouteTables", "cloudwatch:PutMetricData", "secretsmanager:DescribeSecret", "secretsmanager:DeleteSecret", "secretsmanager:PutSecretValue", "secretsmanager:UpdateSecret", "secretsmanager:UpdateSecretVersionStage", "secretsmanager:RotateSecret", "secretsmanager:GetRandomPassword", "ec2:AssignIpv6Addresses", "ec2:UnassignIpv6Addresses", "servicequotas:GetServiceQuota" ], "malformed": false, "name": "AmazonRedshiftServiceLinkedRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-15T20:00:47+00:00", "version": "v13" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy", "createdate": "2024-02-06T16:37:37Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudwatch:PutMetricData", "ec2:DescribeVolumes", "ec2:DescribeTags", "logs:PutLogEvents", "logs:PutRetentionPolicy", "logs:DescribeLogStreams", "logs:DescribeLogGroups", "logs:CreateLogStream", "logs:CreateLogGroup", "xray:PutTraceSegments", "xray:PutTelemetryRecords", "xray:GetSamplingRules", "xray:GetSamplingTargets", "xray:GetSamplingStatisticSummaries", "ssm:GetParameter" ], "malformed": false, "name": "CloudWatchAgentServerPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-06T16:37:37+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonTimestreamReadOnlyAccess", "createdate": "2023-02-28T18:22:57Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "timestream:CancelQuery", "timestream:DescribeDatabase", "timestream:DescribeEndpoints", "timestream:DescribeTable", "timestream:ListDatabases", "timestream:ListMeasures", "timestream:ListTables", "timestream:ListTagsForResource", "timestream:Select", "timestream:SelectValues", "timestream:DescribeScheduledQuery", "timestream:ListScheduledQueries", "timestream:DescribeBatchLoadTask", "timestream:ListBatchLoadTasks" ], "malformed": false, "name": "AmazonTimestreamReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-02-28T18:22:57+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonDataZoneRedshiftGlueProvisioningPolicy", "createdate": "2024-03-12T16:44:23Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "iam:CreateRole", "iam:DetachRolePolicy", "iam:DeleteRolePolicy", "iam:AttachRolePolicy", "iam:PutRolePolicy", "iam:PassRole", "iam:DeleteRole", "iam:GetRole", "cloudformation:CreateStack", "cloudformation:TagResource", "cloudformation:DeleteStack", "cloudformation:DescribeStacks", "cloudformation:DescribeStackEvents", "lakeformation:GetDataLakeSettings", "lakeformation:PutDataLakeSettings", "lakeformation:RevokePermissions", "lakeformation:ListPermissions", "glue:CreateDatabase", "glue:GetDatabase", "athena:GetWorkGroup", "logs:DescribeLogGroups", "redshift-serverless:GetNamespace", "redshift-serverless:GetWorkgroup", "redshift:DescribeClusters", "secretsmanager:ListSecrets", "lakeformation:RegisterResource", "lakeformation:DeregisterResource", "lakeformation:GrantPermissions", "lakeformation:ListResources", "glue:DeleteDatabase", "athena:DeleteWorkGroup", "athena:CreateWorkGroup", "athena:TagResource", "iam:TagRole", "iam:TagPolicy", "logs:TagLogGroup", "logs:CreateLogGroup", "logs:DeleteLogGroup", "logs:PutRetentionPolicy", "iam:DeletePolicy", "iam:CreatePolicy", "iam:GetPolicy", "iam:ListPolicyVersions", "s3:ListAllMyBuckets", "s3:ListBucket", "kms:GenerateDataKey", "kms:Decrypt", "glue:TagResource", "s3:GetObject", "redshift-data:ListSchemas", "redshift-data:ExecuteStatement", "redshift-data:DescribeStatement", "secretsmanager:GetSecretValue" ], "malformed": false, "name": "AmazonDataZoneRedshiftGlueProvisioningPolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-03-12T16:44:23+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonSSMMaintenanceWindowRole", "createdate": "2019-07-27T00:16:05Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ssm:GetAutomationExecution", "ssm:GetParameters", "ssm:ListCommands", "ssm:SendCommand", "ssm:StartAutomationExecution", "lambda:InvokeFunction", "states:DescribeExecution", "states:StartExecution", "resource-groups:ListGroups", "resource-groups:ListGroupResources", "tag:GetResources" ], "malformed": false, "name": "AmazonSSMMaintenanceWindowRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-07-27T00:16:05+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonRekognitionCustomLabelsFullAccess", "createdate": "2022-08-16T20:20:43Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:ListBucket", "s3:ListAllMyBuckets", "s3:GetBucketAcl", "s3:GetBucketLocation", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectTagging", "s3:GetObjectVersion", "s3:PutObject", "rekognition:CreateProject", "rekognition:CreateProjectVersion", "rekognition:StartProjectVersion", "rekognition:StopProjectVersion", "rekognition:DescribeProjects", "rekognition:DescribeProjectVersions", "rekognition:DetectCustomLabels", "rekognition:DeleteProject", "rekognition:DeleteProjectVersion", "rekognition:TagResource", "rekognition:UntagResource", "rekognition:ListTagsForResource", "rekognition:CreateDataset", "rekognition:ListDatasetEntries", "rekognition:ListDatasetLabels", "rekognition:DescribeDataset", "rekognition:UpdateDatasetEntries", "rekognition:DistributeDatasetEntries", "rekognition:DeleteDataset", "rekognition:CopyProjectVersion", "rekognition:PutProjectPolicy", "rekognition:ListProjectPolicies", "rekognition:DeleteProjectPolicy" ], "malformed": false, "name": "AmazonRekognitionCustomLabelsFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-08-16T20:20:43+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerMasterAccountRolePolicy", "createdate": "2022-05-31T20:50:26Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:GetBucketLocation", "s3:ListBucket", "s3:GetLifecycleConfiguration", "s3:PutLifecycleConfiguration", "s3:GetBucketPolicy", "s3:PutBucketPolicy", "s3:AbortMultipartUpload", "s3:PutObject", "s3:GetObject", "s3:ListBucketMultipartUploads", "s3:ListMultipartUploadParts", "s3:DeleteObject", "athena:GetQueryExecution", "athena:GetQueryResults", "athena:StartQueryExecution", "glue:GetTable", "glue:GetPartition", "glue:GetPartitions", "organizations:DescribeOrganization", "organizations:ListAccounts", "organizations:DescribeAccount", "organizations:ListChildren", "organizations:ListParents", "organizations:ListAccountsForParent", "organizations:ListRoots", "organizations:ListAWSServiceAccessForOrganization", "ram:GetResourceShares", "ram:GetResourceShareAssociations", "ram:TagResource", "ram:CreateResourceShare", "ram:AssociateResourceShare", "ram:DisassociateResourceShare", "ram:UpdateResourceShare", "ram:DeleteResourceShare", "iam:GetRole", "iam:PassRole", "cloudformation:UpdateStack", "cloudformation:CreateStack", "cloudformation:DeleteStack", "cloudformation:DescribeStacks", "glue:CreateTable", "glue:UpdateTable", "glue:DeleteTable", "glue:UpdateJob", "glue:UpdateCrawler", "resource-groups:PutGroupPolicy" ], "malformed": false, "name": "AWSLicenseManagerMasterAccountRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-05-31T20:50:26+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSAppSyncAdministrator", "createdate": "2019-11-04T19:23:49Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "appsync:AssociateApi", "appsync:AssociateMergedGraphqlApi", "appsync:AssociateSourceGraphqlApi", "appsync:CreateApiCache", "appsync:CreateApiKey", "appsync:CreateDataSource", "appsync:CreateDomainName", "appsync:CreateFunction", "appsync:CreateGraphqlApi", "appsync:CreateResolver", "appsync:CreateType", "appsync:DeleteApiCache", "appsync:DeleteApiKey", "appsync:DeleteDataSource", "appsync:DeleteDomainName", "appsync:DeleteFunction", "appsync:DeleteGraphqlApi", "appsync:DeleteResolver", "appsync:DeleteResourcePolicy", "appsync:DeleteType", "appsync:DisassociateApi", "appsync:DisassociateMergedGraphqlApi", "appsync:DisassociateSourceGraphqlApi", "appsync:EvaluateCode", "appsync:EvaluateMappingTemplate", "appsync:FlushApiCache", "appsync:GetApiAssociation", "appsync:GetApiCache", "appsync:GetDataSource", "appsync:GetDataSourceIntrospection", "appsync:GetDomainName", "appsync:GetFunction", "appsync:GetGraphqlApi", "appsync:GetGraphqlApiEnvironmentVariables", "appsync:GetIntrospectionSchema", "appsync:GetResolver", "appsync:GetResourcePolicy", "appsync:GetSchemaCreationStatus", "appsync:GetSourceApiAssociation", "appsync:GetType", "appsync:GraphQL", "appsync:ListApiKeys", "appsync:ListDataSources", "appsync:ListDomainNames", "appsync:ListFunctions", "appsync:ListGraphqlApis", "appsync:ListResolvers", "appsync:ListResolversByFunction", "appsync:ListSourceApiAssociations", "appsync:ListTagsForResource", "appsync:ListTypes", "appsync:ListTypesByAssociation", "appsync:PutGraphqlApiEnvironmentVariables", "appsync:PutResourcePolicy", "appsync:SetWebACL", "appsync:SourceGraphQL", "appsync:StartDataSourceIntrospection", "appsync:StartSchemaCreation", "appsync:StartSchemaMerge", "appsync:TagResource", "appsync:UntagResource", "appsync:UpdateApiCache", "appsync:UpdateApiKey", "appsync:UpdateDataSource", "appsync:UpdateDomainName", "appsync:UpdateFunction", "appsync:UpdateGraphqlApi", "appsync:UpdateResolver", "appsync:UpdateSourceApiAssociation", "appsync:UpdateType", "iam:PassRole", "iam:CreateServiceLinkedRole", "iam:DeleteServiceLinkedRole", "iam:GetServiceLinkedRoleDeletionStatus" ], "malformed": false, "name": "AWSAppSyncAdministrator", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-11-04T19:23:49+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/WellArchitectedConsoleFullAccess", "createdate": "2018-11-29T18:19:23Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "wellarchitected:AssociateLenses", "wellarchitected:AssociateProfiles", "wellarchitected:ConfigureIntegration", "wellarchitected:CreateLensShare", "wellarchitected:CreateLensVersion", "wellarchitected:CreateMilestone", "wellarchitected:CreateProfile", "wellarchitected:CreateProfileShare", "wellarchitected:CreateReviewTemplate", "wellarchitected:CreateTemplateShare", "wellarchitected:CreateWorkload", "wellarchitected:CreateWorkloadShare", "wellarchitected:DeleteLens", "wellarchitected:DeleteLensShare", "wellarchitected:DeleteProfile", "wellarchitected:DeleteProfileShare", "wellarchitected:DeleteReviewTemplate", "wellarchitected:DeleteTemplateShare", "wellarchitected:DeleteWorkload", "wellarchitected:DeleteWorkloadShare", "wellarchitected:DisassociateLenses", "wellarchitected:DisassociateProfiles", "wellarchitected:ExportLens", "wellarchitected:GetAnswer", "wellarchitected:GetConsolidatedReport", "wellarchitected:GetGlobalSettings", "wellarchitected:GetLens", "wellarchitected:GetLensReview", "wellarchitected:GetLensReviewReport", "wellarchitected:GetLensVersionDifference", "wellarchitected:GetMilestone", "wellarchitected:GetProfile", "wellarchitected:GetProfileTemplate", "wellarchitected:GetReviewTemplate", "wellarchitected:GetReviewTemplateAnswer", "wellarchitected:GetReviewTemplateLensReview", "wellarchitected:GetWorkload", "wellarchitected:ImportLens", "wellarchitected:ListAnswers", "wellarchitected:ListCheckDetails", "wellarchitected:ListCheckSummaries", "wellarchitected:ListLensReviewImprovements", "wellarchitected:ListLensReviews", "wellarchitected:ListLensShares", "wellarchitected:ListLenses", "wellarchitected:ListMilestones", "wellarchitected:ListNotifications", "wellarchitected:ListProfileNotifications", "wellarchitected:ListProfileShares", "wellarchitected:ListProfiles", "wellarchitected:ListReviewTemplateAnswers", "wellarchitected:ListReviewTemplates", "wellarchitected:ListShareInvitations", "wellarchitected:ListTagsForResource", "wellarchitected:ListTemplateShares", "wellarchitected:ListWorkloadShares", "wellarchitected:ListWorkloads", "wellarchitected:TagResource", "wellarchitected:UntagResource", "wellarchitected:UpdateAnswer", "wellarchitected:UpdateGlobalSettings", "wellarchitected:UpdateIntegration", "wellarchitected:UpdateLensReview", "wellarchitected:UpdateProfile", "wellarchitected:UpdateReviewTemplate", "wellarchitected:UpdateReviewTemplateAnswer", "wellarchitected:UpdateReviewTemplateLensReview", "wellarchitected:UpdateShareInvitation", "wellarchitected:UpdateWorkload", "wellarchitected:UpdateWorkloadShare", "wellarchitected:UpgradeLensReview", "wellarchitected:UpgradeProfileVersion", "wellarchitected:UpgradeReviewTemplateLensReview" ], "malformed": false, "name": "WellArchitectedConsoleFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-11-29T18:19:23+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/ServiceQuotasReadOnlyAccess", "createdate": "2020-12-21T18:11:57Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "autoscaling:DescribeAccountLimits", "cloudformation:DescribeAccountLimits", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "dynamodb:DescribeLimits", "elasticloadbalancing:DescribeAccountLimits", "iam:GetAccountSummary", "kinesis:DescribeLimits", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListAWSServiceAccessForOrganization", "rds:DescribeAccountAttributes", "route53:GetAccountLimit", "tag:GetTagKeys", "tag:GetTagValues", "servicequotas:GetAssociationForServiceQuotaTemplate", "servicequotas:GetAWSDefaultServiceQuota", "servicequotas:GetRequestedServiceQuotaChange", "servicequotas:GetServiceQuota", "servicequotas:GetServiceQuotaIncreaseRequestFromTemplate", "servicequotas:ListAWSDefaultServiceQuotas", "servicequotas:ListRequestedServiceQuotaChangeHistory", "servicequotas:ListRequestedServiceQuotaChangeHistoryByQuota", "servicequotas:ListServices", "servicequotas:ListServiceQuotas", "servicequotas:ListServiceQuotaIncreaseRequestsInTemplate", "servicequotas:ListTagsForResource" ], "malformed": false, "name": "ServiceQuotasReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-21T18:11:57+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonWorkSpacesWebServiceRolePolicy", "createdate": "2022-12-15T22:46:33Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeAvailabilityZones", "ec2:DescribeNetworkInterfaces", "ec2:AssociateAddress", "ec2:DisassociateAddress", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeVpcEndpoints", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterface", "ec2:CreateTags", "ec2:DeleteNetworkInterface", "cloudwatch:PutMetricData", "kinesis:PutRecord", "kinesis:PutRecords", "kinesis:DescribeStreamSummary" ], "malformed": false, "name": "AmazonWorkSpacesWebServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-12-15T22:46:33+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonMechanicalTurkFullAccess", "createdate": "2015-12-11T19:08:19Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mechanicalturk:AcceptQualificationRequest", "mechanicalturk:ApproveAssignment", "mechanicalturk:AssociateQualificationWithWorker", "mechanicalturk:CreateAdditionalAssignmentsForHIT", "mechanicalturk:CreateHIT", "mechanicalturk:CreateHITType", "mechanicalturk:CreateHITWithHITType", "mechanicalturk:CreateQualificationType", "mechanicalturk:CreateWorkerBlock", "mechanicalturk:DeleteHIT", "mechanicalturk:DeleteQualificationType", "mechanicalturk:DeleteWorkerBlock", "mechanicalturk:DisassociateQualificationFromWorker", "mechanicalturk:GetAccountBalance", "mechanicalturk:GetAssignment", "mechanicalturk:GetFileUploadURL", "mechanicalturk:GetHIT", "mechanicalturk:GetQualificationScore", "mechanicalturk:GetQualificationType", "mechanicalturk:ListAssignmentsForHIT", "mechanicalturk:ListBonusPayments", "mechanicalturk:ListHITs", "mechanicalturk:ListHITsForQualificationType", "mechanicalturk:ListQualificationRequests", "mechanicalturk:ListQualificationTypes", "mechanicalturk:ListReviewPolicyResultsForHIT", "mechanicalturk:ListReviewableHITs", "mechanicalturk:ListWorkerBlocks", "mechanicalturk:ListWorkersWithQualificationType", "mechanicalturk:NotifyWorkers", "mechanicalturk:RejectAssignment", "mechanicalturk:RejectQualificationRequest", "mechanicalturk:SendBonus", "mechanicalturk:SendTestEventNotification", "mechanicalturk:UpdateExpirationForHIT", "mechanicalturk:UpdateHITReviewStatus", "mechanicalturk:UpdateHITTypeOfHIT", "mechanicalturk:UpdateNotificationSettings", "mechanicalturk:UpdateQualificationType" ], "malformed": false, "name": "AmazonMechanicalTurkFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-12-11T19:08:19+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonCodeGuruSecurityFullAccess", "createdate": "2023-05-09T21:03:38Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "codeguru-security:BatchGetFindings", "codeguru-security:CreateScan", "codeguru-security:CreateUploadUrl", "codeguru-security:DeleteScansByCategory", "codeguru-security:GetAccountConfiguration", "codeguru-security:GetFindings", "codeguru-security:GetMetricsSummary", "codeguru-security:GetScan", "codeguru-security:ListFindings", "codeguru-security:ListFindingsMetrics", "codeguru-security:ListScans", "codeguru-security:ListTagsForResource", "codeguru-security:TagResource", "codeguru-security:UntagResource", "codeguru-security:UpdateAccountConfiguration" ], "malformed": false, "name": "AmazonCodeGuruSecurityFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-05-09T21:03:38+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSSSOMasterAccountAdministrator", "createdate": "2022-10-20T20:34:27Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "iam:CreateServiceLinkedRole", "iam:PassRole", "ds:DescribeTrusts", "ds:UnauthorizeApplication", "ds:DescribeDirectories", "ds:AuthorizeApplication", "iam:ListPolicies", "organizations:EnableAWSServiceAccess", "organizations:ListRoots", "organizations:ListAccounts", "organizations:ListOrganizationalUnitsForParent", "organizations:ListAccountsForParent", "organizations:DescribeOrganization", "organizations:ListChildren", "organizations:DescribeAccount", "organizations:ListParents", "organizations:ListDelegatedAdministrators", "sso:AssociateDirectory", "sso:AssociateProfile", "sso:AttachCustomerManagedPolicyReferenceToPermissionSet", "sso:AttachManagedPolicyToPermissionSet", "sso:CreateAccountAssignment", "sso:CreateApplication", "sso:CreateApplicationAssignment", "sso:CreateApplicationInstance", "sso:CreateApplicationInstanceCertificate", "sso:CreateInstance", "sso:CreateInstanceAccessControlAttributeConfiguration", "sso:CreateManagedApplicationInstance", "sso:CreatePermissionSet", "sso:CreateProfile", "sso:CreateTrust", "sso:CreateTrustedTokenIssuer", "sso:DeleteAccountAssignment", "sso:DeleteApplication", "sso:DeleteApplicationAccessScope", "sso:DeleteApplicationAssignment", "sso:DeleteApplicationAuthenticationMethod", "sso:DeleteApplicationGrant", "sso:DeleteApplicationInstance", "sso:DeleteApplicationInstanceCertificate", "sso:DeleteInlinePolicyFromPermissionSet", "sso:DeleteInstance", "sso:DeleteInstanceAccessControlAttributeConfiguration", "sso:DeleteManagedApplicationInstance", "sso:DeletePermissionSet", "sso:DeletePermissionsBoundaryFromPermissionSet", "sso:DeletePermissionsPolicy", "sso:DeleteProfile", "sso:DeleteTrustedTokenIssuer", "sso:DescribeAccountAssignmentCreationStatus", "sso:DescribeAccountAssignmentDeletionStatus", "sso:DescribeApplication", "sso:DescribeApplicationAssignment", "sso:DescribeApplicationProvider", "sso:DescribeDirectories", "sso:DescribeInstance", "sso:DescribeInstanceAccessControlAttributeConfiguration", "sso:DescribePermissionSet", "sso:DescribePermissionSetProvisioningStatus", "sso:DescribePermissionsPolicies", "sso:DescribeRegisteredRegions", "sso:DescribeTrustedTokenIssuer", "sso:DescribeTrusts", "sso:DetachCustomerManagedPolicyReferenceFromPermissionSet", "sso:DetachManagedPolicyFromPermissionSet", "sso:DisassociateDirectory", "sso:DisassociateProfile", "sso:GetApplicationAccessScope", "sso:GetApplicationAssignmentConfiguration", "sso:GetApplicationAuthenticationMethod", "sso:GetApplicationGrant", "sso:GetApplicationInstance", "sso:GetApplicationTemplate", "sso:GetInlinePolicyForPermissionSet", "sso:GetManagedApplicationInstance", "sso:GetMfaDeviceManagementForDirectory", "sso:GetPermissionSet", "sso:GetPermissionsBoundaryForPermissionSet", "sso:GetPermissionsPolicy", "sso:GetProfile", "sso:GetSSOStatus", "sso:GetSharedSsoConfiguration", "sso:GetSsoConfiguration", "sso:GetTrust", "sso:ImportApplicationInstanceServiceProviderMetadata", "sso:ListAccountAssignmentCreationStatus", "sso:ListAccountAssignmentDeletionStatus", "sso:ListAccountAssignments", "sso:ListAccountAssignmentsForPrincipal", "sso:ListAccountsForProvisionedPermissionSet", "sso:ListApplicationAccessScopes", "sso:ListApplicationAssignments", "sso:ListApplicationAssignmentsForPrincipal", "sso:ListApplicationAuthenticationMethods", "sso:ListApplicationGrants", "sso:ListApplicationInstanceCertificates", "sso:ListApplicationInstances", "sso:ListApplicationProviders", "sso:ListApplicationTemplates", "sso:ListApplications", "sso:ListCustomerManagedPolicyReferencesInPermissionSet", "sso:ListDirectoryAssociations", "sso:ListInstances", "sso:ListManagedPoliciesInPermissionSet", "sso:ListPermissionSetProvisioningStatus", "sso:ListPermissionSets", "sso:ListPermissionSetsProvisionedToAccount", "sso:ListProfileAssociations", "sso:ListProfiles", "sso:ListTagsForResource", "sso:ListTrustedTokenIssuers", "sso:ProvisionPermissionSet", "sso:PutApplicationAccessScope", "sso:PutApplicationAssignmentConfiguration", "sso:PutApplicationAuthenticationMethod", "sso:PutApplicationGrant", "sso:PutInlinePolicyToPermissionSet", "sso:PutMfaDeviceManagementForDirectory", "sso:PutPermissionsBoundaryToPermissionSet", "sso:PutPermissionsPolicy", "sso:SearchGroups", "sso:SearchUsers", "sso:StartSSO", "sso:TagResource", "sso:UntagResource", "sso:UpdateApplication", "sso:UpdateApplicationInstanceActiveCertificate", "sso:UpdateApplicationInstanceDisplayData", "sso:UpdateApplicationInstanceResponseConfiguration", "sso:UpdateApplicationInstanceResponseSchemaConfiguration", "sso:UpdateApplicationInstanceSecurityConfiguration", "sso:UpdateApplicationInstanceServiceProviderConfiguration", "sso:UpdateApplicationInstanceStatus", "sso:UpdateDirectoryAssociation", "sso:UpdateInstance", "sso:UpdateInstanceAccessControlAttributeConfiguration", "sso:UpdateManagedApplicationInstanceStatus", "sso:UpdatePermissionSet", "sso:UpdateProfile", "sso:UpdateSSOConfiguration", "sso:UpdateTrust", "sso:UpdateTrustedTokenIssuer", "sso-directory:AddMemberToGroup", "sso-directory:CompleteVirtualMfaDeviceRegistration", "sso-directory:CompleteWebAuthnDeviceRegistration", "sso-directory:CreateAlias", "sso-directory:CreateBearerToken", "sso-directory:CreateExternalIdPConfigurationForDirectory", "sso-directory:CreateGroup", "sso-directory:CreateProvisioningTenant", "sso-directory:CreateUser", "sso-directory:DeleteBearerToken", "sso-directory:DeleteExternalIdPCertificate", "sso-directory:DeleteExternalIdPConfigurationForDirectory", "sso-directory:DeleteGroup", "sso-directory:DeleteMfaDeviceForUser", "sso-directory:DeleteProvisioningTenant", "sso-directory:DeleteUser", "sso-directory:DescribeDirectory", "sso-directory:DescribeGroup", "sso-directory:DescribeGroups", "sso-directory:DescribeProvisioningTenant", "sso-directory:DescribeUser", "sso-directory:DescribeUserByUniqueAttribute", "sso-directory:DescribeUsers", "sso-directory:DisableExternalIdPConfigurationForDirectory", "sso-directory:DisableUser", "sso-directory:EnableExternalIdPConfigurationForDirectory", "sso-directory:EnableUser", "sso-directory:GetAWSSPConfigurationForDirectory", "sso-directory:GetUserPoolInfo", "sso-directory:ImportExternalIdPCertificate", "sso-directory:IsMemberInGroup", "sso-directory:ListBearerTokens", "sso-directory:ListExternalIdPCertificates", "sso-directory:ListExternalIdPConfigurationsForDirectory", "sso-directory:ListGroupsForMember", "sso-directory:ListGroupsForUser", "sso-directory:ListMembersInGroup", "sso-directory:ListMfaDevicesForUser", "sso-directory:ListProvisioningTenants", "sso-directory:RemoveMemberFromGroup", "sso-directory:SearchGroups", "sso-directory:SearchUsers", "sso-directory:StartVirtualMfaDeviceRegistration", "sso-directory:StartWebAuthnDeviceRegistration", "sso-directory:UpdateExternalIdPConfigurationForDirectory", "sso-directory:UpdateGroup", "sso-directory:UpdateGroupDisplayName", "sso-directory:UpdateMfaDeviceForUser", "sso-directory:UpdatePassword", "sso-directory:UpdateUser", "sso-directory:UpdateUserName", "sso-directory:VerifyEmail", "identitystore:CreateGroup", "identitystore:CreateGroupMembership", "identitystore:CreateUser", "identitystore:DeleteGroup", "identitystore:DeleteGroupMembership", "identitystore:DeleteUser", "identitystore:DescribeGroup", "identitystore:DescribeGroupMembership", "identitystore:DescribeUser", "identitystore:GetGroupId", "identitystore:GetGroupMembershipId", "identitystore:GetUserId", "identitystore:IsMemberInGroups", "identitystore:ListGroupMemberships", "identitystore:ListGroupMembershipsForMember", "identitystore:ListGroups", "identitystore:ListUsers", "identitystore:UpdateGroup", "identitystore:UpdateUser", "identitystore-auth:BatchDeleteSession", "identitystore-auth:BatchGetSession", "identitystore-auth:ListSessions", "ds:CreateAlias", "access-analyzer:ValidatePolicy", "organizations:RegisterDelegatedAdministrator", "organizations:DeregisterDelegatedAdministrator" ], "malformed": false, "name": "AWSSSOMasterAccountAdministrator", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-10-20T20:34:27+00:00", "version": "v8" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonSageMakerReadOnly", "createdate": "2021-12-01T16:29:20Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "sagemaker:DescribeAction", "sagemaker:DescribeAlgorithm", "sagemaker:DescribeApp", "sagemaker:DescribeAppImageConfig", "sagemaker:DescribeArtifact", "sagemaker:DescribeAutoMLJob", "sagemaker:DescribeAutoMLJobV2", "sagemaker:DescribeCluster", "sagemaker:DescribeClusterNode", "sagemaker:DescribeCodeRepository", "sagemaker:DescribeCompilationJob", "sagemaker:DescribeContext", "sagemaker:DescribeDataQualityJobDefinition", "sagemaker:DescribeDevice", "sagemaker:DescribeDeviceFleet", "sagemaker:DescribeDomain", "sagemaker:DescribeEdgeDeploymentPlan", "sagemaker:DescribeEdgePackagingJob", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeExperiment", "sagemaker:DescribeFeatureGroup", "sagemaker:DescribeFeatureMetadata", "sagemaker:DescribeFlowDefinition", "sagemaker:DescribeHub", "sagemaker:DescribeHubContent", "sagemaker:DescribeHumanLoop", "sagemaker:DescribeHumanTaskUi", "sagemaker:DescribeHyperParameterTuningJob", "sagemaker:DescribeImage", "sagemaker:DescribeImageVersion", "sagemaker:DescribeInferenceComponent", "sagemaker:DescribeInferenceExperiment", "sagemaker:DescribeInferenceRecommendationsJob", "sagemaker:DescribeLabelingJob", "sagemaker:DescribeLineageGroup", "sagemaker:DescribeModel", "sagemaker:DescribeModelBiasJobDefinition", "sagemaker:DescribeModelCard", "sagemaker:DescribeModelCardExportJob", "sagemaker:DescribeModelExplainabilityJobDefinition", "sagemaker:DescribeModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:DescribeModelQualityJobDefinition", "sagemaker:DescribeMonitoringSchedule", "sagemaker:DescribeNotebookInstance", "sagemaker:DescribeNotebookInstanceLifecycleConfig", "sagemaker:DescribePipeline", "sagemaker:DescribePipelineDefinitionForExecution", "sagemaker:DescribePipelineExecution", "sagemaker:DescribeProcessingJob", "sagemaker:DescribeProject", "sagemaker:DescribeSharedModel", "sagemaker:DescribeSpace", "sagemaker:DescribeStudioLifecycleConfig", "sagemaker:DescribeSubscribedWorkteam", "sagemaker:DescribeTrainingJob", "sagemaker:DescribeTransformJob", "sagemaker:DescribeTrial", "sagemaker:DescribeTrialComponent", "sagemaker:DescribeUserProfile", "sagemaker:DescribeWorkforce", "sagemaker:DescribeWorkteam", "sagemaker:ListActions", "sagemaker:ListAlgorithms", "sagemaker:ListAliases", "sagemaker:ListAppImageConfigs", "sagemaker:ListApps", "sagemaker:ListArtifacts", "sagemaker:ListAssociations", "sagemaker:ListAutoMLJobs", "sagemaker:ListCandidatesForAutoMLJob", "sagemaker:ListClusterNodes", "sagemaker:ListClusters", "sagemaker:ListCodeRepositories", "sagemaker:ListCompilationJobs", "sagemaker:ListContexts", "sagemaker:ListDataQualityJobDefinitions", "sagemaker:ListDeviceFleets", "sagemaker:ListDevices", "sagemaker:ListDomains", "sagemaker:ListEdgeDeploymentPlans", "sagemaker:ListEdgePackagingJobs", "sagemaker:ListEndpointConfigs", "sagemaker:ListEndpoints", "sagemaker:ListExperiments", "sagemaker:ListFeatureGroups", "sagemaker:ListFlowDefinitions", "sagemaker:ListHubContentVersions", "sagemaker:ListHubContents", "sagemaker:ListHubs", "sagemaker:ListHumanLoops", "sagemaker:ListHumanTaskUis", "sagemaker:ListHyperParameterTuningJobs", "sagemaker:ListImageVersions", "sagemaker:ListImages", "sagemaker:ListInferenceComponents", "sagemaker:ListInferenceExperiments", "sagemaker:ListInferenceRecommendationsJobSteps", "sagemaker:ListInferenceRecommendationsJobs", "sagemaker:ListLabelingJobs", "sagemaker:ListLabelingJobsForWorkteam", "sagemaker:ListLineageGroups", "sagemaker:ListModelBiasJobDefinitions", "sagemaker:ListModelCardExportJobs", "sagemaker:ListModelCardVersions", "sagemaker:ListModelCards", "sagemaker:ListModelExplainabilityJobDefinitions", "sagemaker:ListModelMetadata", "sagemaker:ListModelPackageGroups", "sagemaker:ListModelPackages", "sagemaker:ListModelQualityJobDefinitions", "sagemaker:ListModels", "sagemaker:ListMonitoringAlertHistory", "sagemaker:ListMonitoringAlerts", "sagemaker:ListMonitoringExecutions", "sagemaker:ListMonitoringSchedules", "sagemaker:ListNotebookInstanceLifecycleConfigs", "sagemaker:ListNotebookInstances", "sagemaker:ListPipelineExecutionSteps", "sagemaker:ListPipelineExecutions", "sagemaker:ListPipelineParametersForExecution", "sagemaker:ListPipelines", "sagemaker:ListProcessingJobs", "sagemaker:ListProjects", "sagemaker:ListResourceCatalogs", "sagemaker:ListSharedModelEvents", "sagemaker:ListSharedModelVersions", "sagemaker:ListSharedModels", "sagemaker:ListSpaces", "sagemaker:ListStageDevices", "sagemaker:ListStudioLifecycleConfigs", "sagemaker:ListSubscribedWorkteams", "sagemaker:ListTags", "sagemaker:ListTrainingJobs", "sagemaker:ListTrainingJobsForHyperParameterTuningJob", "sagemaker:ListTransformJobs", "sagemaker:ListTrialComponents", "sagemaker:ListTrials", "sagemaker:ListUserProfiles", "sagemaker:ListWorkforces", "sagemaker:ListWorkteams", "sagemaker:BatchGetMetrics", "sagemaker:GetDeviceRegistration", "sagemaker:GetDeviceFleetReport", "sagemaker:GetSearchSuggestions", "sagemaker:BatchGetRecord", "sagemaker:GetRecord", "sagemaker:Search", "sagemaker:QueryLineage", "sagemaker:GetLineageGroupPolicy", "sagemaker:BatchDescribeModelPackage", "sagemaker:GetModelPackageGroupPolicy", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingActivities", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:DescribeScheduledActions", "aws-marketplace:ViewSubscriptions", "cloudwatch:DescribeAlarms", "cognito-idp:DescribeUserPool", "cognito-idp:DescribeUserPoolClient", "cognito-idp:ListGroups", "cognito-idp:ListIdentityProviders", "cognito-idp:ListUserPoolClients", "cognito-idp:ListUserPools", "cognito-idp:ListUsers", "cognito-idp:ListUsersInGroup", "ecr:DescribeImageReplicationStatus", "ecr:DescribeImageScanFindings", "ecr:DescribeImages", "ecr:DescribePullThroughCacheRules", "ecr:DescribeRegistry", "ecr:DescribeRepositories", "ecr:DescribeRepositoryCreationTemplate" ], "malformed": false, "name": "AmazonSageMakerReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-12-01T16:29:20+00:00", "version": "v11" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonRekognitionFullAccess", "createdate": "2016-11-30T14:40:44Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "rekognition:AssociateFaces", "rekognition:CompareFaces", "rekognition:CopyProjectVersion", "rekognition:CreateCollection", "rekognition:CreateDataset", "rekognition:CreateFaceLivenessSession", "rekognition:CreateProject", "rekognition:CreateProjectVersion", "rekognition:CreateStreamProcessor", "rekognition:CreateUser", "rekognition:DeleteCollection", "rekognition:DeleteDataset", "rekognition:DeleteFaces", "rekognition:DeleteProject", "rekognition:DeleteProjectPolicy", "rekognition:DeleteProjectVersion", "rekognition:DeleteStreamProcessor", "rekognition:DeleteUser", "rekognition:DescribeCollection", "rekognition:DescribeDataset", "rekognition:DescribeProjectVersions", "rekognition:DescribeProjects", "rekognition:DescribeStreamProcessor", "rekognition:DetectCustomLabels", "rekognition:DetectFaces", "rekognition:DetectLabels", "rekognition:DetectModerationLabels", "rekognition:DetectProtectiveEquipment", "rekognition:DetectText", "rekognition:DisassociateFaces", "rekognition:DistributeDatasetEntries", "rekognition:GetCelebrityInfo", "rekognition:GetCelebrityRecognition", "rekognition:GetContentModeration", "rekognition:GetFaceDetection", "rekognition:GetFaceLivenessSessionResults", "rekognition:GetFaceSearch", "rekognition:GetLabelDetection", "rekognition:GetMediaAnalysisJob", "rekognition:GetPersonTracking", "rekognition:GetSegmentDetection", "rekognition:GetTextDetection", "rekognition:IndexFaces", "rekognition:ListCollections", "rekognition:ListDatasetEntries", "rekognition:ListDatasetLabels", "rekognition:ListFaces", "rekognition:ListMediaAnalysisJobs", "rekognition:ListProjectPolicies", "rekognition:ListStreamProcessors", "rekognition:ListTagsForResource", "rekognition:ListUsers", "rekognition:PutProjectPolicy", "rekognition:RecognizeCelebrities", "rekognition:SearchFaces", "rekognition:SearchFacesByImage", "rekognition:SearchUsers", "rekognition:SearchUsersByImage", "rekognition:StartCelebrityRecognition", "rekognition:StartContentModeration", "rekognition:StartFaceDetection", "rekognition:StartFaceLivenessSession", "rekognition:StartFaceSearch", "rekognition:StartLabelDetection", "rekognition:StartMediaAnalysisJob", "rekognition:StartPersonTracking", "rekognition:StartProjectVersion", "rekognition:StartSegmentDetection", "rekognition:StartStreamProcessor", "rekognition:StartTextDetection", "rekognition:StopProjectVersion", "rekognition:StopStreamProcessor", "rekognition:TagResource", "rekognition:UntagResource", "rekognition:UpdateDatasetEntries", "rekognition:UpdateStreamProcessor" ], "malformed": false, "name": "AmazonRekognitionFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2016-11-30T14:40:44+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSOpsWorksInstanceRegistration", "createdate": "2016-06-03T14:23:15Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "opsworks:DescribeStackProvisioningParameters", "opsworks:DescribeStacks", "opsworks:RegisterInstance" ], "malformed": false, "name": "AWSOpsWorksInstanceRegistration", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2016-06-03T14:23:15+00:00", "version": "v1" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonECSInfrastructureRolePolicyForVolumes", "createdate": "2024-01-10T22:56:41Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateVolume", "ec2:CreateTags", "ec2:DescribeVolumes", "ec2:DescribeAvailabilityZones", "ec2:AttachVolume", "ec2:DetachVolume", "ec2:AttachVolume", "ec2:DetachVolume", "ec2:DeleteVolume" ], "malformed": false, "name": "AmazonECSInfrastructureRolePolicyForVolumes", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-10T22:56:41+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonElasticFileSystemsUtils", "createdate": "2020-09-29T15:16:47Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ssm:DescribeAssociation", "ssm:GetDeployablePatchSnapshotForInstance", "ssm:GetDocument", "ssm:DescribeDocument", "ssm:GetManifest", "ssm:GetParameter", "ssm:GetParameters", "ssm:ListAssociations", "ssm:ListInstanceAssociations", "ssm:PutInventory", "ssm:PutComplianceItems", "ssm:PutConfigurePackageResult", "ssm:UpdateAssociationStatus", "ssm:UpdateInstanceAssociationStatus", "ssm:UpdateInstanceInformation", "ssmmessages:CreateControlChannel", "ssmmessages:CreateDataChannel", "ssmmessages:OpenControlChannel", "ssmmessages:OpenDataChannel", "ec2messages:AcknowledgeMessage", "ec2messages:DeleteMessage", "ec2messages:FailMessage", "ec2messages:GetEndpoint", "ec2messages:GetMessages", "ec2messages:SendReply", "elasticfilesystem:DescribeMountTargets", "ec2:DescribeAvailabilityZones", "logs:PutLogEvents", "logs:DescribeLogStreams", "logs:DescribeLogGroups", "logs:CreateLogStream", "logs:CreateLogGroup", "logs:PutRetentionPolicy" ], "malformed": false, "name": "AmazonElasticFileSystemsUtils", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-09-29T15:16:47+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess", "createdate": "2021-01-29T17:38:30Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:ConditionCheckItem", "dynamodb:CreateBackup", "dynamodb:CreateGlobalTable", "dynamodb:CreateTable", "dynamodb:CreateTableReplica", "dynamodb:DeleteBackup", "dynamodb:DeleteItem", "dynamodb:DeleteResourcePolicy", "dynamodb:DeleteTable", "dynamodb:DeleteTableReplica", "dynamodb:DescribeBackup", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeContributorInsights", "dynamodb:DescribeEndpoints", "dynamodb:DescribeExport", "dynamodb:DescribeGlobalTable", "dynamodb:DescribeGlobalTableSettings", "dynamodb:DescribeImport", "dynamodb:DescribeKinesisStreamingDestination", "dynamodb:DescribeLimits", "dynamodb:DescribeReservedCapacity", "dynamodb:DescribeReservedCapacityOfferings", "dynamodb:DescribeStream", "dynamodb:DescribeTable", "dynamodb:DescribeTableReplicaAutoScaling", "dynamodb:DescribeTimeToLive", "dynamodb:DisableKinesisStreamingDestination", "dynamodb:EnableKinesisStreamingDestination", "dynamodb:ExportTableToPointInTime", "dynamodb:GetItem", "dynamodb:GetRecords", "dynamodb:GetResourcePolicy", "dynamodb:GetShardIterator", "dynamodb:ImportTable", "dynamodb:ListBackups", "dynamodb:ListContributorInsights", "dynamodb:ListExports", "dynamodb:ListGlobalTables", "dynamodb:ListImports", "dynamodb:ListStreams", "dynamodb:ListTables", "dynamodb:ListTagsOfResource", "dynamodb:PartiQLDelete", "dynamodb:PartiQLInsert", "dynamodb:PartiQLSelect", "dynamodb:PartiQLUpdate", "dynamodb:PurchaseReservedCapacityOfferings", "dynamodb:PutItem", "dynamodb:PutResourcePolicy", "dynamodb:Query", "dynamodb:RestoreTableFromAwsBackup", "dynamodb:RestoreTableFromBackup", "dynamodb:RestoreTableToPointInTime", "dynamodb:Scan", "dynamodb:StartAwsBackupJob", "dynamodb:TagResource", "dynamodb:UntagResource", "dynamodb:UpdateContinuousBackups", "dynamodb:UpdateContributorInsights", "dynamodb:UpdateGlobalTable", "dynamodb:UpdateGlobalTableSettings", "dynamodb:UpdateGlobalTableVersion", "dynamodb:UpdateItem", "dynamodb:UpdateKinesisStreamingDestination", "dynamodb:UpdateTable", "dynamodb:UpdateTableReplicaAutoScaling", "dynamodb:UpdateTimeToLive", "dax:BatchGetItem", "dax:BatchWriteItem", "dax:ConditionCheckItem", "dax:CreateCluster", "dax:CreateParameterGroup", "dax:CreateSubnetGroup", "dax:DecreaseReplicationFactor", "dax:DeleteCluster", "dax:DeleteItem", "dax:DeleteParameterGroup", "dax:DeleteSubnetGroup", "dax:DescribeClusters", "dax:DescribeDefaultParameters", "dax:DescribeEvents", "dax:DescribeParameterGroups", "dax:DescribeParameters", "dax:DescribeSubnetGroups", "dax:GetItem", "dax:IncreaseReplicationFactor", "dax:ListTags", "dax:PutItem", "dax:Query", "dax:RebootNode", "dax:Scan", "dax:TagResource", "dax:UntagResource", "dax:UpdateCluster", "dax:UpdateItem", "dax:UpdateParameterGroup", "dax:UpdateSubnetGroup", "application-autoscaling:DeleteScalingPolicy", "application-autoscaling:DeregisterScalableTarget", "application-autoscaling:DescribeScalableTargets", "application-autoscaling:DescribeScalingActivities", "application-autoscaling:DescribeScalingPolicies", "application-autoscaling:PutScalingPolicy", "application-autoscaling:RegisterScalableTarget", "cloudwatch:DeleteAlarms", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "cloudwatch:PutMetricAlarm", "cloudwatch:GetMetricData", "datapipeline:ActivatePipeline", "datapipeline:CreatePipeline", "datapipeline:DeletePipeline", "datapipeline:DescribeObjects", "datapipeline:DescribePipelines", "datapipeline:GetPipelineDefinition", "datapipeline:ListPipelines", "datapipeline:PutPipelineDefinition", "datapipeline:QueryObjects", "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "iam:GetRole", "iam:ListRoles", "kms:DescribeKey", "kms:ListAliases", "sns:CreateTopic", "sns:DeleteTopic", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTopics", "sns:Subscribe", "sns:Unsubscribe", "sns:SetTopicAttributes", "lambda:CreateFunction", "lambda:ListFunctions", "lambda:ListEventSourceMappings", "lambda:CreateEventSourceMapping", "lambda:DeleteEventSourceMapping", "lambda:GetFunctionConfiguration", "lambda:DeleteFunction", "resource-groups:ListGroups", "resource-groups:ListGroupResources", "resource-groups:GetGroup", "resource-groups:GetGroupQuery", "resource-groups:DeleteGroup", "resource-groups:CreateGroup", "tag:GetResources", "kinesis:ListStreams", "kinesis:DescribeStream", "kinesis:DescribeStreamSummary", "cloudwatch:GetInsightRuleReport", "iam:PassRole", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonDynamoDBFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-01-29T17:38:30+00:00", "version": "v15" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management", "Unknown" ], "arn": "arn:aws:iam::aws:policy/service-role/AwsGlueSessionUserRestrictedNotebookServiceRole", "createdate": "2022-04-18T15:27:11Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "glue:BatchCreatePartition", "glue:BatchDeleteConnection", "glue:BatchDeletePartition", "glue:BatchDeleteTable", "glue:BatchDeleteTableVersion", "glue:BatchGetBlueprints", "glue:BatchGetCrawlers", "glue:BatchGetCustomEntityTypes", "glue:BatchGetDevEndpoints", "glue:BatchGetJobs", "glue:BatchGetPartition", "glue:BatchGetStageFiles", "glue:BatchGetTableOptimizer", "glue:BatchGetTriggers", "glue:BatchGetWorkflows", "glue:BatchStopJobRun", "glue:BatchUpdatePartition", "glue:CancelDataQualityRuleRecommendationRun", "glue:CancelDataQualityRulesetEvaluationRun", "glue:CancelMLTaskRun", "glue:CancelStatement", "glue:CheckSchemaVersionValidity", "glue:CreateBlueprint", "glue:CreateClassifier", "glue:CreateConnection", "glue:CreateCrawler", "glue:CreateCustomEntityType", "glue:CreateDataQualityRuleset", "glue:CreateDatabase", "glue:CreateDevEndpoint", "glue:CreateJob", "glue:CreateMLTransform", "glue:CreatePartition", "glue:CreatePartitionIndex", "glue:CreateRegistry", "glue:CreateSchema", "glue:CreateScript", "glue:CreateSecurityConfiguration", "glue:CreateSession", "glue:CreateTable", "glue:CreateTableOptimizer", "glue:CreateTrigger", "glue:CreateUserDefinedFunction", "glue:CreateWorkflow", "glue:DeleteBlueprint", "glue:DeleteClassifier", "glue:DeleteColumnStatisticsForPartition", "glue:DeleteColumnStatisticsForTable", "glue:DeleteConnection", "glue:DeleteCrawler", "glue:DeleteCustomEntityType", "glue:DeleteDataQualityRuleset", "glue:DeleteDatabase", "glue:DeleteDevEndpoint", "glue:DeleteJob", "glue:DeleteMLTransform", "glue:DeletePartition", "glue:DeletePartitionIndex", "glue:DeleteRegistry", "glue:DeleteResourcePolicy", "glue:DeleteSchema", "glue:DeleteSchemaVersions", "glue:DeleteSecurityConfiguration", "glue:DeleteSession", "glue:DeleteTable", "glue:DeleteTableOptimizer", "glue:DeleteTableVersion", "glue:DeleteTrigger", "glue:DeleteUserDefinedFunction", "glue:DeleteWorkflow", "glue:DeregisterDataPreview", "glue:GetBlueprint", "glue:GetBlueprintRun", "glue:GetBlueprintRuns", "glue:GetCatalogImportStatus", "glue:GetClassifier", "glue:GetClassifiers", "glue:GetColumnStatisticsForPartition", "glue:GetColumnStatisticsForTable", "glue:GetColumnStatisticsTaskRun", "glue:GetColumnStatisticsTaskRuns", "glue:GetCompletion", "glue:GetConnection", "glue:GetConnections", "glue:GetCrawler", "glue:GetCrawlerMetrics", "glue:GetCrawlers", "glue:GetCustomEntityType", "glue:GetDataCatalogEncryptionSettings", "glue:GetDataPreviewStatement", "glue:GetDataQualityResult", "glue:GetDataQualityRuleRecommendationRun", "glue:GetDataQualityRuleset", "glue:GetDataQualityRulesetEvaluationRun", "glue:GetDatabase", "glue:GetDatabases", "glue:GetDataflowGraph", "glue:GetDevEndpoint", "glue:GetDevEndpoints", "glue:GetEnvironment", "glue:GetExecutors", "glue:GetExecutorsThreads", "glue:GetJob", "glue:GetJobBookmark", "glue:GetJobRun", "glue:GetJobRuns", "glue:GetJobs", "glue:GetLogParsingStatus", "glue:GetMLTaskRun", "glue:GetMLTaskRuns", "glue:GetMLTransform", "glue:GetMLTransforms", "glue:GetMapping", "glue:GetNotebookInstanceStatus", "glue:GetPartition", "glue:GetPartitionIndexes", "glue:GetPartitionMetadata", "glue:GetPartitions", "glue:GetPlan", "glue:GetQueries", "glue:GetQuery", "glue:GetRegistry", "glue:GetResourcePolicies", "glue:GetResourcePolicy", "glue:GetSchema", "glue:GetSchemaByDefinition", "glue:GetSchemaVersion", "glue:GetSchemaVersionsDiff", "glue:GetSecurityConfiguration", "glue:GetSecurityConfigurations", "glue:GetSession", "glue:GetStage", "glue:GetStageAttempt", "glue:GetStageAttemptTaskList", "glue:GetStageAttemptTaskSummary", "glue:GetStageFiles", "glue:GetStages", "glue:GetStatement", "glue:GetStorage", "glue:GetStorageUnit", "glue:GetTable", "glue:GetTableOptimizer", "glue:GetTableVersion", "glue:GetTableVersions", "glue:GetTables", "glue:GetTags", "glue:GetTrigger", "glue:GetTriggers", "glue:GetUserDefinedFunction", "glue:GetUserDefinedFunctions", "glue:GetWorkflow", "glue:GetWorkflowRun", "glue:GetWorkflowRunProperties", "glue:GetWorkflowRuns", "glue:GlueNotebookAuthorize", "glue:GlueNotebookRefreshCredentials", "glue:ImportCatalogToGlue", "glue:ListBlueprints", "glue:ListColumnStatisticsTaskRuns", "glue:ListCrawlers", "glue:ListCrawls", "glue:ListCustomEntityTypes", "glue:ListDataQualityResults", "glue:ListDataQualityRuleRecommendationRuns", "glue:ListDataQualityRulesetEvaluationRuns", "glue:ListDataQualityRulesets", "glue:ListDevEndpoints", "glue:ListJobs", "glue:ListMLTransforms", "glue:ListRegistries", "glue:ListSchemaVersions", "glue:ListSchemas", "glue:ListSessions", "glue:ListStatements", "glue:ListTableOptimizerRuns", "glue:ListTriggers", "glue:ListWorkflows", "glue:NotifyEvent", "glue:PassConnection", "glue:PublishDataQuality", "glue:PutDataCatalogEncryptionSettings", "glue:PutResourcePolicy", "glue:PutSchemaVersionMetadata", "glue:PutWorkflowRunProperties", "glue:QuerySchemaVersionMetadata", "glue:RegisterSchemaVersion", "glue:RemoveSchemaVersionMetadata", "glue:RequestLogParsing", "glue:ResetJobBookmark", "glue:ResumeWorkflowRun", "glue:RunDataPreviewStatement", "glue:RunStatement", "glue:SearchTables", "glue:SendFeedback", "glue:StartBlueprintRun", "glue:StartColumnStatisticsTaskRun", "glue:StartCompletion", "glue:StartCrawler", "glue:StartCrawlerSchedule", "glue:StartDataQualityRuleRecommendationRun", "glue:StartDataQualityRulesetEvaluationRun", "glue:StartExportLabelsTaskRun", "glue:StartImportLabelsTaskRun", "glue:StartJobRun", "glue:StartMLEvaluationTaskRun", "glue:StartMLLabelingSetGenerationTaskRun", "glue:StartNotebook", "glue:StartTrigger", "glue:StartWorkflowRun", "glue:StopColumnStatisticsTaskRun", "glue:StopCrawler", "glue:StopCrawlerSchedule", "glue:StopSession", "glue:StopTrigger", "glue:StopWorkflowRun", "glue:TagResource", "glue:TerminateNotebook", "glue:TestConnection", "glue:UntagResource", "glue:UpdateBlueprint", "glue:UpdateClassifier", "glue:UpdateColumnStatisticsForPartition", "glue:UpdateColumnStatisticsForTable", "glue:UpdateConnection", "glue:UpdateCrawler", "glue:UpdateCrawlerSchedule", "glue:UpdateDataQualityRuleset", "glue:UpdateDatabase", "glue:UpdateDevEndpoint", "glue:UpdateJob", "glue:UpdateJobFromSourceControl", "glue:UpdateMLTransform", "glue:UpdatePartition", "glue:UpdateRegistry", "glue:UpdateSchema", "glue:UpdateSourceControlFromJob", "glue:UpdateTable", "glue:UpdateTableOptimizer", "glue:UpdateTrigger", "glue:UpdateUserDefinedFunction", "glue:UpdateWorkflow", "glue:UseGlueStudio", "glue:UseMLTransforms", "glue:CreateSession", "glue:RunStatement", "glue:GetStatement", "glue:ListStatements", "glue:CancelStatement", "glue:StopSession", "glue:DeleteSession", "glue:GetSession", "glue:ListSessions", "s3:CreateBucket", "s3:GetObject", "s3:PutObject", "s3:DeleteObject", "s3:GetObject", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "ec2:CreateTags", "ec2:DeleteTags" ], "malformed": false, "name": "AwsGlueSessionUserRestrictedNotebookServiceRole", "privesc": true, "resource_exposure": true, "undocumented_actions": true, "unknown_actions": false, "updatedate": "2022-04-18T15:27:11+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonDetectiveServiceLinkedRolePolicy", "createdate": "2021-11-18T19:47:32Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:DescribeAccount", "organizations:ListAccounts" ], "malformed": false, "name": "AmazonDetectiveServiceLinkedRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-11-18T19:47:32+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSServiceCatalogEndUserReadOnlyAccess", "createdate": "2019-10-25T18:49:34Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudformation:DescribeStackEvents", "cloudformation:DescribeStacks", "cloudformation:DescribeChangeSet", "cloudformation:ListChangeSets", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackSetOperation", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSetOperationResults", "cloudformation:GetTemplateSummary", "servicecatalog:DescribeProduct", "servicecatalog:DescribeProductView", "servicecatalog:DescribeProvisioningParameters", "servicecatalog:ListLaunchPaths", "servicecatalog:SearchProducts", "ssm:DescribeDocument", "ssm:GetAutomationExecution", "config:DescribeConfigurationRecorders", "config:DescribeConfigurationRecorderStatus", "servicecatalog:DescribeProvisionedProduct", "servicecatalog:DescribeRecord", "servicecatalog:ListRecordHistory", "servicecatalog:ListStackInstancesForProvisionedProduct", "servicecatalog:ScanProvisionedProducts", "servicecatalog:SearchProvisionedProducts", "servicecatalog:DescribeProvisionedProductPlan", "servicecatalog:ListProvisionedProductPlans", "servicecatalog:ListServiceActionsForProvisioningArtifact", "servicecatalog:DescribeServiceActionExecutionParameters" ], "malformed": false, "name": "AWSServiceCatalogEndUserReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-10-25T18:49:34+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonGuardDutyReadOnlyAccess", "createdate": "2023-11-16T23:07:06Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "guardduty:DescribeMalwareScans", "guardduty:DescribeOrganizationConfiguration", "guardduty:DescribePublishingDestination", "guardduty:GetAdministratorAccount", "guardduty:GetCoverageStatistics", "guardduty:GetDetector", "guardduty:GetFilter", "guardduty:GetFindings", "guardduty:GetFindingsStatistics", "guardduty:GetIPSet", "guardduty:GetInvitationsCount", "guardduty:GetMalwareScanSettings", "guardduty:GetMasterAccount", "guardduty:GetMemberDetectors", "guardduty:GetMembers", "guardduty:GetOrganizationStatistics", "guardduty:GetRemainingFreeTrialDays", "guardduty:GetThreatIntelSet", "guardduty:GetUsageStatistics", "guardduty:ListCoverage", "guardduty:ListDetectors", "guardduty:ListFilters", "guardduty:ListFindings", "guardduty:ListIPSets", "guardduty:ListInvitations", "guardduty:ListMembers", "guardduty:ListOrganizationAdminAccounts", "guardduty:ListPublishingDestinations", "guardduty:ListTagsForResource", "guardduty:ListThreatIntelSets", "organizations:ListDelegatedAdministrators", "organizations:ListAWSServiceAccessForOrganization", "organizations:DescribeOrganizationalUnit", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListAccounts" ], "malformed": false, "name": "AmazonGuardDutyReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-16T23:07:06+00:00", "version": "v4" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforAWSCodeDeploy", "createdate": "2017-03-20T17:14:10Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:GetObject", "s3:GetObjectVersion", "s3:ListBucket" ], "malformed": false, "name": "AmazonEC2RoleforAWSCodeDeploy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-03-20T17:14:10+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonRDSDirectoryServiceAccess", "createdate": "2019-05-15T16:51:50Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ds:DescribeDirectories", "ds:AuthorizeApplication", "ds:UnauthorizeApplication", "ds:GetAuthorizedApplicationDetails" ], "malformed": false, "name": "AmazonRDSDirectoryServiceAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-05-15T16:51:50+00:00", "version": "v2" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSApplicationMigrationAgentInstallationPolicy", "createdate": "2022-09-20T11:21:24Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mgn:GetAgentInstallationAssetsForMgn", "mgn:SendClientMetricsForMgn", "mgn:SendClientLogsForMgn", "mgn:RegisterAgentForMgn", "mgn:VerifyClientRoleForMgn", "mgn:IssueClientCertificateForMgn", "mgn:TagResource" ], "malformed": false, "name": "AWSApplicationMigrationAgentInstallationPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-09-20T11:21:24+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonEC2RolePolicyForLaunchWizard", "createdate": "2022-05-16T21:16:38Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ec2:AttachVolume", "ec2:RebootInstances", "ec2:StartInstances", "ec2:StopInstances", "ec2:ReplaceRoute", "ec2:DescribeAddresses", "ec2:AssociateAddress", "ec2:DescribeInstances", "ec2:DescribeImages", "ec2:DescribeRegions", "ec2:DescribeVolumes", "ec2:DescribeRouteTables", "ec2:ModifyInstanceAttribute", "cloudwatch:GetMetricStatistics", "cloudwatch:PutMetricData", "ssm:GetCommandInvocation", "ec2:CreateTags", "ec2:CreateVolume", "s3:GetObject", "s3:ListBucket", "s3:PutObject", "s3:PutObjectTagging", "s3:GetBucketLocation", "logs:PutLogEvents", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:CreateDelivery", "logs:CreateExportTask", "logs:CreateLogAnomalyDetector", "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "cloudformation:DescribeStackResources", "cloudformation:SignalResource", "cloudformation:DescribeStackResource", "cloudformation:DescribeStacks", "dynamodb:BatchGetItem", "dynamodb:PutItem", "sqs:ReceiveMessage", "sqs:SendMessage", "dynamodb:Scan", "s3:ListBucket", "dynamodb:Query", "dynamodb:UpdateItem", "dynamodb:DeleteTable", "dynamodb:CreateTable", "s3:GetObject", "dynamodb:DescribeTable", "s3:GetBucketLocation", "dynamodb:UpdateTable", "ssm:SendCommand", "ssm:SendCommand", "ssm:GetDocument", "fsx:DescribeFileSystems", "fsx:ListTagsForResource", "fsx:DescribeStorageVirtualMachines" ], "malformed": false, "name": "AmazonEC2RolePolicyForLaunchWizard", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-05-16T21:16:38+00:00", "version": "v10" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSOrganizationsReadOnlyAccess", "createdate": "2024-02-06T17:36:59Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "organizations:DescribeAccount", "organizations:DescribeCreateAccountStatus", "organizations:DescribeEffectivePolicy", "organizations:DescribeHandshake", "organizations:DescribeOrganization", "organizations:DescribeOrganizationalUnit", "organizations:DescribePolicy", "organizations:DescribeResourcePolicy", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListAccounts", "organizations:ListAccountsForParent", "organizations:ListChildren", "organizations:ListCreateAccountStatus", "organizations:ListDelegatedAdministrators", "organizations:ListDelegatedServicesForAccount", "organizations:ListHandshakesForAccount", "organizations:ListHandshakesForOrganization", "organizations:ListOrganizationalUnitsForParent", "organizations:ListParents", "organizations:ListPolicies", "organizations:ListPoliciesForTarget", "organizations:ListRoots", "organizations:ListTagsForResource", "organizations:ListTargetsForPolicy", "account:GetAlternateContact", "account:GetContactInformation", "account:ListRegions" ], "malformed": false, "name": "AWSOrganizationsReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-06T17:36:59+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management", "Unknown" ], "arn": null, "createdate": "2018-10-17T22:28:01Z", "credentials_exposure": true, "data_access": true, "deprecated": true, "effective_action_names": [ "connect:ActivateEvaluationForm", "connect:AssociateAnalyticsDataSet", "connect:AssociateApprovedOrigin", "connect:AssociateBot", "connect:AssociateCustomerProfilesDomain", "connect:AssociateDefaultVocabulary", "connect:AssociateFlow", "connect:AssociateInstanceStorageConfig", "connect:AssociateLambdaFunction", "connect:AssociateLexBot", "connect:AssociatePhoneNumberContactFlow", "connect:AssociateQueueQuickConnects", "connect:AssociateRoutingProfileQueues", "connect:AssociateSecurityKey", "connect:AssociateTrafficDistributionGroupUser", "connect:AssociateUserProficiencies", "connect:BatchAssociateAnalyticsDataSet", "connect:BatchDisassociateAnalyticsDataSet", "connect:BatchGetFlowAssociation", "connect:BatchPutContact", "connect:ClaimPhoneNumber", "connect:CreateAgentStatus", "connect:CreateContactFlow", "connect:CreateContactFlowModule", "connect:CreateEvaluationForm", "connect:CreateHoursOfOperation", "connect:CreateInstance", "connect:CreateIntegrationAssociation", "connect:CreateParticipant", "connect:CreatePersistentContactAssociation", "connect:CreatePredefinedAttribute", "connect:CreatePrompt", "connect:CreateQueue", "connect:CreateQuickConnect", "connect:CreateRoutingProfile", "connect:CreateRule", "connect:CreateSecurityProfile", "connect:CreateTaskTemplate", "connect:CreateTrafficDistributionGroup", "connect:CreateUseCase", "connect:CreateUser", "connect:CreateUserHierarchyGroup", "connect:CreateView", "connect:CreateViewVersion", "connect:CreateVocabulary", "connect:DeactivateEvaluationForm", "connect:DeleteContactEvaluation", "connect:DeleteContactFlow", "connect:DeleteContactFlowModule", "connect:DeleteEvaluationForm", "connect:DeleteHoursOfOperation", "connect:DeleteInstance", "connect:DeleteIntegrationAssociation", "connect:DeletePredefinedAttribute", "connect:DeletePrompt", "connect:DeleteQueue", "connect:DeleteQuickConnect", "connect:DeleteRoutingProfile", "connect:DeleteRule", "connect:DeleteSecurityProfile", "connect:DeleteTaskTemplate", "connect:DeleteTrafficDistributionGroup", "connect:DeleteUseCase", "connect:DeleteUser", "connect:DeleteUserHierarchyGroup", "connect:DeleteView", "connect:DeleteViewVersion", "connect:DeleteVocabulary", "connect:DescribeAgentStatus", "connect:DescribeContact", "connect:DescribeContactEvaluation", "connect:DescribeContactFlow", "connect:DescribeContactFlowModule", "connect:DescribeEvaluationForm", "connect:DescribeForecastingPlanningSchedulingIntegration", "connect:DescribeHoursOfOperation", "connect:DescribeInstance", "connect:DescribeInstanceAttribute", "connect:DescribeInstanceStorageConfig", "connect:DescribePhoneNumber", "connect:DescribePredefinedAttribute", "connect:DescribePrompt", "connect:DescribeQueue", "connect:DescribeQuickConnect", "connect:DescribeRoutingProfile", "connect:DescribeRule", "connect:DescribeSecurityProfile", "connect:DescribeTrafficDistributionGroup", "connect:DescribeUser", "connect:DescribeUserHierarchyGroup", "connect:DescribeUserHierarchyStructure", "connect:DescribeView", "connect:DescribeVocabulary", "connect:DisassociateAnalyticsDataSet", "connect:DisassociateApprovedOrigin", "connect:DisassociateBot", "connect:DisassociateCustomerProfilesDomain", "connect:DisassociateFlow", "connect:DisassociateInstanceStorageConfig", "connect:DisassociateLambdaFunction", "connect:DisassociateLexBot", "connect:DisassociatePhoneNumberContactFlow", "connect:DisassociateQueueQuickConnects", "connect:DisassociateRoutingProfileQueues", "connect:DisassociateSecurityKey", "connect:DisassociateTrafficDistributionGroupUser", "connect:DisassociateUserProficiencies", "connect:DismissUserContact", "connect:GetContactAttributes", "connect:GetCurrentMetricData", "connect:GetCurrentUserData", "connect:GetFederationToken", "connect:GetFederationTokens", "connect:GetFlowAssociation", "connect:GetMetricData", "connect:GetMetricDataV2", "connect:GetPromptFile", "connect:GetTaskTemplate", "connect:GetTrafficDistribution", "connect:ImportPhoneNumber", "connect:ListAgentStatuses", "connect:ListAnalyticsDataAssociations", "connect:ListApprovedOrigins", "connect:ListBots", "connect:ListContactEvaluations", "connect:ListContactFlowModules", "connect:ListContactFlows", "connect:ListContactReferences", "connect:ListDefaultVocabularies", "connect:ListEvaluationFormVersions", "connect:ListEvaluationForms", "connect:ListFlowAssociations", "connect:ListHoursOfOperations", "connect:ListInstanceAttributes", "connect:ListInstanceStorageConfigs", "connect:ListInstances", "connect:ListIntegrationAssociations", "connect:ListLambdaFunctions", "connect:ListLexBots", "connect:ListPhoneNumbers", "connect:ListPhoneNumbersV2", "connect:ListPredefinedAttributes", "connect:ListPrompts", "connect:ListQueueQuickConnects", "connect:ListQueues", "connect:ListQuickConnects", "connect:ListRealtimeContactAnalysisSegments", "connect:ListRealtimeContactAnalysisSegmentsV2", "connect:ListRoutingProfileQueues", "connect:ListRoutingProfiles", "connect:ListRules", "connect:ListSecurityKeys", "connect:ListSecurityProfileApplications", "connect:ListSecurityProfilePermissions", "connect:ListSecurityProfiles", "connect:ListTagsForResource", "connect:ListTaskTemplates", "connect:ListTrafficDistributionGroupUsers", "connect:ListTrafficDistributionGroups", "connect:ListUseCases", "connect:ListUserHierarchyGroups", "connect:ListUserProficiencies", "connect:ListUsers", "connect:ListViewVersions", "connect:ListViews", "connect:MonitorContact", "connect:PauseContact", "connect:PutUserStatus", "connect:ReleasePhoneNumber", "connect:ReplicateInstance", "connect:ResumeContact", "connect:ResumeContactRecording", "connect:SearchAvailablePhoneNumbers", "connect:SearchContacts", "connect:SearchHoursOfOperations", "connect:SearchPredefinedAttributes", "connect:SearchPrompts", "connect:SearchQueues", "connect:SearchQuickConnects", "connect:SearchResourceTags", "connect:SearchRoutingProfiles", "connect:SearchSecurityProfiles", "connect:SearchUsers", "connect:SearchVocabularies", "connect:SendChatIntegrationEvent", "connect:StartChatContact", "connect:StartContactEvaluation", "connect:StartContactRecording", "connect:StartContactStreaming", "connect:StartForecastingPlanningSchedulingIntegration", "connect:StartOutboundVoiceContact", "connect:StartTaskContact", "connect:StartWebRTCContact", "connect:StopContact", "connect:StopContactRecording", "connect:StopContactStreaming", "connect:StopForecastingPlanningSchedulingIntegration", "connect:SubmitContactEvaluation", "connect:SuspendContactRecording", "connect:TagContact", "connect:TagResource", "connect:TransferContact", "connect:UntagContact", "connect:UntagResource", "connect:UpdateAgentStatus", "connect:UpdateContact", "connect:UpdateContactAttributes", "connect:UpdateContactEvaluation", "connect:UpdateContactFlowContent", "connect:UpdateContactFlowMetadata", "connect:UpdateContactFlowModuleContent", "connect:UpdateContactFlowModuleMetadata", "connect:UpdateContactFlowName", "connect:UpdateContactRoutingData", "connect:UpdateContactSchedule", "connect:UpdateEvaluationForm", "connect:UpdateHoursOfOperation", "connect:UpdateInstanceAttribute", "connect:UpdateInstanceStorageConfig", "connect:UpdateParticipantRoleConfig", "connect:UpdatePhoneNumber", "connect:UpdatePhoneNumberMetadata", "connect:UpdatePredefinedAttribute", "connect:UpdatePrompt", "connect:UpdateQueueHoursOfOperation", "connect:UpdateQueueMaxContacts", "connect:UpdateQueueName", "connect:UpdateQueueOutboundCallerConfig", "connect:UpdateQueueStatus", "connect:UpdateQuickConnectConfig", "connect:UpdateQuickConnectName", "connect:UpdateRoutingProfileAgentAvailabilityTimer", "connect:UpdateRoutingProfileConcurrency", "connect:UpdateRoutingProfileDefaultOutboundQueue", "connect:UpdateRoutingProfileName", "connect:UpdateRoutingProfileQueues", "connect:UpdateRule", "connect:UpdateSecurityProfile", "connect:UpdateTaskTemplate", "connect:UpdateTrafficDistribution", "connect:UpdateUserHierarchy", "connect:UpdateUserHierarchyGroupName", "connect:UpdateUserHierarchyStructure", "connect:UpdateUserIdentityInfo", "connect:UpdateUserPhoneConfig", "connect:UpdateUserProficiencies", "connect:UpdateUserRoutingProfile", "connect:UpdateUserSecurityProfiles", "connect:UpdateViewContent", "connect:UpdateViewMetadata", "ds:CreateAlias", "ds:AuthorizeApplication", "ds:CreateIdentityPoolDirectory", "ds:DeleteDirectory", "ds:DescribeDirectories", "ds:UnauthorizeApplication", "firehose:DescribeDeliveryStream", "firehose:ListDeliveryStreams", "kinesis:DescribeStream", "kinesis:ListStreams", "kms:DescribeKey", "kms:CreateGrant", "kms:ListAliases", "lex:GetBots", "logs:CreateLogGroup", "s3:CreateBucket", "s3:GetBucketLocation", "s3:ListAllMyBuckets", "iam:CreateServiceLinkedRole", "iam:DeleteServiceLinkedRole", "iam:PutRolePolicy" ], "malformed": false, "name": "AmazonConnectFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": true, "unknown_actions": false, "updatedate": null, "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly", "createdate": "2019-12-10T20:56:32Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "ecr:GetAuthorizationToken", "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:GetRepositoryPolicy", "ecr:DescribeRepositories", "ecr:ListImages", "ecr:DescribeImages", "ecr:BatchGetImage", "ecr:GetLifecyclePolicy", "ecr:GetLifecyclePolicyPreview", "ecr:ListTagsForResource", "ecr:DescribeImageScanFindings" ], "malformed": false, "name": "AmazonEC2ContainerRegistryReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-12-10T20:56:32+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonCodeGuruProfilerFullAccess", "createdate": "2020-07-15T03:23:08Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "codeguru-profiler:AddNotificationChannels", "codeguru-profiler:BatchGetFrameMetricData", "codeguru-profiler:ConfigureAgent", "codeguru-profiler:CreateProfilingGroup", "codeguru-profiler:DeleteProfilingGroup", "codeguru-profiler:DescribeProfilingGroup", "codeguru-profiler:GetFindingsReportAccountSummary", "codeguru-profiler:GetNotificationConfiguration", "codeguru-profiler:GetPolicy", "codeguru-profiler:GetProfile", "codeguru-profiler:GetRecommendations", "codeguru-profiler:ListFindingsReports", "codeguru-profiler:ListProfileTimes", "codeguru-profiler:ListProfilingGroups", "codeguru-profiler:ListTagsForResource", "codeguru-profiler:PostAgentProfile", "codeguru-profiler:PutPermission", "codeguru-profiler:RemoveNotificationChannel", "codeguru-profiler:RemovePermission", "codeguru-profiler:SubmitFeedback", "codeguru-profiler:TagResource", "codeguru-profiler:UntagResource", "codeguru-profiler:UpdateProfilingGroup", "iam:ListRoles", "iam:ListUsers", "sns:ListTopics", "codeguru:GetCodeGuruFreeTrialSummary", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonCodeGuruProfilerFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-07-15T03:23:08+00:00", "version": "v4" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonWorkMailEventsServiceRolePolicy", "createdate": "2019-04-16T16:52:43Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "malformed": false, "name": "AmazonWorkMailEventsServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-04-16T16:52:43+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingComprehendEndpointPolicy", "createdate": "2019-11-14T18:39:07Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "comprehend:UpdateEndpoint", "comprehend:DescribeEndpoint", "cloudwatch:PutMetricAlarm", "cloudwatch:DescribeAlarms", "cloudwatch:DeleteAlarms" ], "malformed": false, "name": "AWSApplicationAutoscalingComprehendEndpointPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-11-14T18:39:07+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy", "createdate": "2022-03-25T04:27:46Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "codecommit:CancelUploadArchive", "codecommit:GetBranch", "codecommit:GetCommit", "codecommit:GetUploadArchiveStatus", "codecommit:UploadArchive", "ecr:BatchCheckLayerAvailability", "ecr:BatchGetImage", "ecr:DescribeImageScanFindings", "ecr:DescribeRegistry", "ecr:DescribeImageReplicationStatus", "ecr:DescribeRepositories", "ecr:DescribeImageReplicationStatus", "ecr:GetAuthorizationToken", "ecr:GetDownloadUrlForLayer", "ecr:CompleteLayerUpload", "ecr:CreateRepository", "ecr:InitiateLayerUpload", "ecr:PutImage", "ecr:UploadLayerPart", "iam:PassRole", "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteLogDelivery", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeResourcePolicies", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeSubscriptionFilters", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:ListLogDeliveries", "logs:PutLogEvents", "logs:PutResourcePolicy", "logs:UpdateLogDelivery", "s3:CreateBucket", "s3:DeleteBucket", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:PutBucketCORS", "s3:AbortMultipartUpload", "s3:DeleteObject", "s3:GetObject", "s3:GetObjectVersion", "s3:PutObject", "sagemaker:AddAssociation", "sagemaker:AddTags", "sagemaker:AssociateTrialComponent", "sagemaker:BatchDescribeModelPackage", "sagemaker:BatchGetMetrics", "sagemaker:BatchGetRecord", "sagemaker:BatchPutMetrics", "sagemaker:CreateAction", "sagemaker:CreateAlgorithm", "sagemaker:CreateApp", "sagemaker:CreateAppImageConfig", "sagemaker:CreateArtifact", "sagemaker:CreateAutoMLJob", "sagemaker:CreateCodeRepository", "sagemaker:CreateCompilationJob", "sagemaker:CreateContext", "sagemaker:CreateDataQualityJobDefinition", "sagemaker:CreateDeviceFleet", "sagemaker:CreateDomain", "sagemaker:CreateEdgePackagingJob", "sagemaker:CreateEndpoint", "sagemaker:CreateEndpointConfig", "sagemaker:CreateExperiment", "sagemaker:CreateFeatureGroup", "sagemaker:CreateFlowDefinition", "sagemaker:CreateHumanTaskUi", "sagemaker:CreateHyperParameterTuningJob", "sagemaker:CreateImage", "sagemaker:CreateImageVersion", "sagemaker:CreateInferenceRecommendationsJob", "sagemaker:CreateLabelingJob", "sagemaker:CreateLineageGroupPolicy", "sagemaker:CreateModel", "sagemaker:CreateModelBiasJobDefinition", "sagemaker:CreateModelExplainabilityJobDefinition", "sagemaker:CreateModelPackage", "sagemaker:CreateModelPackageGroup", "sagemaker:CreateModelQualityJobDefinition", "sagemaker:CreateMonitoringSchedule", "sagemaker:CreateNotebookInstance", "sagemaker:CreateNotebookInstanceLifecycleConfig", "sagemaker:CreatePipeline", "sagemaker:CreatePresignedDomainUrl", "sagemaker:CreatePresignedNotebookInstanceUrl", "sagemaker:CreateProcessingJob", "sagemaker:CreateProject", "sagemaker:CreateTrainingJob", "sagemaker:CreateTransformJob", "sagemaker:CreateTrial", "sagemaker:CreateTrialComponent", "sagemaker:CreateUserProfile", "sagemaker:CreateWorkforce", "sagemaker:CreateWorkteam", "sagemaker:DeleteAction", "sagemaker:DeleteAlgorithm", "sagemaker:DeleteApp", "sagemaker:DeleteAppImageConfig", "sagemaker:DeleteArtifact", "sagemaker:DeleteAssociation", "sagemaker:DeleteCodeRepository", "sagemaker:DeleteContext", "sagemaker:DeleteDataQualityJobDefinition", "sagemaker:DeleteDeviceFleet", "sagemaker:DeleteDomain", "sagemaker:DeleteEndpoint", "sagemaker:DeleteEndpointConfig", "sagemaker:DeleteExperiment", "sagemaker:DeleteFeatureGroup", "sagemaker:DeleteFlowDefinition", "sagemaker:DeleteHumanLoop", "sagemaker:DeleteHumanTaskUi", "sagemaker:DeleteImage", "sagemaker:DeleteImageVersion", "sagemaker:DeleteLineageGroupPolicy", "sagemaker:DeleteModel", "sagemaker:DeleteModelBiasJobDefinition", "sagemaker:DeleteModelExplainabilityJobDefinition", "sagemaker:DeleteModelPackage", "sagemaker:DeleteModelPackageGroup", "sagemaker:DeleteModelPackageGroupPolicy", "sagemaker:DeleteModelQualityJobDefinition", "sagemaker:DeleteMonitoringSchedule", "sagemaker:DeleteNotebookInstance", "sagemaker:DeleteNotebookInstanceLifecycleConfig", "sagemaker:DeletePipeline", "sagemaker:DeleteProject", "sagemaker:DeleteRecord", "sagemaker:DeleteTags", "sagemaker:DeleteTrial", "sagemaker:DeleteTrialComponent", "sagemaker:DeleteUserProfile", "sagemaker:DeleteWorkforce", "sagemaker:DeleteWorkteam", "sagemaker:DeregisterDevices", "sagemaker:DescribeAction", "sagemaker:DescribeAlgorithm", "sagemaker:DescribeApp", "sagemaker:DescribeAppImageConfig", "sagemaker:DescribeArtifact", "sagemaker:DescribeAutoMLJob", "sagemaker:DescribeCodeRepository", "sagemaker:DescribeCompilationJob", "sagemaker:DescribeContext", "sagemaker:DescribeDataQualityJobDefinition", "sagemaker:DescribeDevice", "sagemaker:DescribeDeviceFleet", "sagemaker:DescribeDomain", "sagemaker:DescribeEdgePackagingJob", "sagemaker:DescribeEndpoint", "sagemaker:DescribeEndpointConfig", "sagemaker:DescribeExperiment", "sagemaker:DescribeFeatureGroup", "sagemaker:DescribeFlowDefinition", "sagemaker:DescribeHumanLoop", "sagemaker:DescribeHumanTaskUi", "sagemaker:DescribeHyperParameterTuningJob", "sagemaker:DescribeImage", "sagemaker:DescribeImageVersion", "sagemaker:DescribeInferenceRecommendationsJob", "sagemaker:DescribeLabelingJob", "sagemaker:DescribeLineageGroup", "sagemaker:DescribeModel", "sagemaker:DescribeModelBiasJobDefinition", "sagemaker:DescribeModelExplainabilityJobDefinition", "sagemaker:DescribeModelPackage", "sagemaker:DescribeModelPackageGroup", "sagemaker:DescribeModelQualityJobDefinition", "sagemaker:DescribeMonitoringSchedule", "sagemaker:DescribeNotebookInstance", "sagemaker:DescribeNotebookInstanceLifecycleConfig", "sagemaker:DescribePipeline", "sagemaker:DescribePipelineDefinitionForExecution", "sagemaker:DescribePipelineExecution", "sagemaker:DescribeProcessingJob", "sagemaker:DescribeProject", "sagemaker:DescribeSubscribedWorkteam", "sagemaker:DescribeTrainingJob", "sagemaker:DescribeTransformJob", "sagemaker:DescribeTrial", "sagemaker:DescribeTrialComponent", "sagemaker:DescribeUserProfile", "sagemaker:DescribeWorkforce", "sagemaker:DescribeWorkteam", "sagemaker:DisableSagemakerServicecatalogPortfolio", "sagemaker:DisassociateTrialComponent", "sagemaker:EnableSagemakerServicecatalogPortfolio", "sagemaker:GetDeviceFleetReport", "sagemaker:GetDeviceRegistration", "sagemaker:GetLineageGroupPolicy", "sagemaker:GetModelPackageGroupPolicy", "sagemaker:GetRecord", "sagemaker:GetSagemakerServicecatalogPortfolioStatus", "sagemaker:GetSearchSuggestions", "sagemaker:InvokeEndpoint", "sagemaker:InvokeEndpointAsync", "sagemaker:ListActions", "sagemaker:ListAlgorithms", "sagemaker:ListAppImageConfigs", "sagemaker:ListApps", "sagemaker:ListArtifacts", "sagemaker:ListAssociations", "sagemaker:ListAutoMLJobs", "sagemaker:ListCandidatesForAutoMLJob", "sagemaker:ListCodeRepositories", "sagemaker:ListCompilationJobs", "sagemaker:ListContexts", "sagemaker:ListDataQualityJobDefinitions", "sagemaker:ListDeviceFleets", "sagemaker:ListDevices", "sagemaker:ListDomains", "sagemaker:ListEdgePackagingJobs", "sagemaker:ListEndpointConfigs", "sagemaker:ListEndpoints", "sagemaker:ListExperiments", "sagemaker:ListFeatureGroups", "sagemaker:ListFlowDefinitions", "sagemaker:ListHumanLoops", "sagemaker:ListHumanTaskUis", "sagemaker:ListHyperParameterTuningJobs", "sagemaker:ListImageVersions", "sagemaker:ListImages", "sagemaker:ListInferenceRecommendationsJobs", "sagemaker:ListLabelingJobs", "sagemaker:ListLabelingJobsForWorkteam", "sagemaker:ListLineageGroups", "sagemaker:ListModelBiasJobDefinitions", "sagemaker:ListModelExplainabilityJobDefinitions", "sagemaker:ListModelMetadata", "sagemaker:ListModelPackageGroups", "sagemaker:ListModelPackages", "sagemaker:ListModelQualityJobDefinitions", "sagemaker:ListModels", "sagemaker:ListMonitoringExecutions", "sagemaker:ListMonitoringSchedules", "sagemaker:ListNotebookInstanceLifecycleConfigs", "sagemaker:ListNotebookInstances", "sagemaker:ListPipelineExecutionSteps", "sagemaker:ListPipelineExecutions", "sagemaker:ListPipelineParametersForExecution", "sagemaker:ListPipelines", "sagemaker:ListProcessingJobs", "sagemaker:ListProjects", "sagemaker:ListSubscribedWorkteams", "sagemaker:ListTags", "sagemaker:ListTrainingJobs", "sagemaker:ListTrainingJobsForHyperParameterTuningJob", "sagemaker:ListTransformJobs", "sagemaker:ListTrialComponents", "sagemaker:ListTrials", "sagemaker:ListUserProfiles", "sagemaker:ListWorkforces", "sagemaker:ListWorkteams", "sagemaker:PutLineageGroupPolicy", "sagemaker:PutModelPackageGroupPolicy", "sagemaker:PutRecord", "sagemaker:QueryLineage", "sagemaker:RegisterDevices", "sagemaker:RenderUiTemplate", "sagemaker:Search", "sagemaker:SendHeartbeat", "sagemaker:SendPipelineExecutionStepFailure", "sagemaker:SendPipelineExecutionStepSuccess", "sagemaker:StartHumanLoop", "sagemaker:StartMonitoringSchedule", "sagemaker:StartNotebookInstance", "sagemaker:StartPipelineExecution", "sagemaker:StopAutoMLJob", "sagemaker:StopCompilationJob", "sagemaker:StopEdgePackagingJob", "sagemaker:StopHumanLoop", "sagemaker:StopHyperParameterTuningJob", "sagemaker:StopInferenceRecommendationsJob", "sagemaker:StopLabelingJob", "sagemaker:StopMonitoringSchedule", "sagemaker:StopNotebookInstance", "sagemaker:StopPipelineExecution", "sagemaker:StopProcessingJob", "sagemaker:StopTrainingJob", "sagemaker:StopTransformJob", "sagemaker:UpdateAction", "sagemaker:UpdateAppImageConfig", "sagemaker:UpdateArtifact", "sagemaker:UpdateCodeRepository", "sagemaker:UpdateContext", "sagemaker:UpdateDeviceFleet", "sagemaker:UpdateDevices", "sagemaker:UpdateDomain", "sagemaker:UpdateEndpoint", "sagemaker:UpdateEndpointWeightsAndCapacities", "sagemaker:UpdateExperiment", "sagemaker:UpdateImage", "sagemaker:UpdateModelPackage", "sagemaker:UpdateMonitoringSchedule", "sagemaker:UpdateNotebookInstance", "sagemaker:UpdateNotebookInstanceLifecycleConfig", "sagemaker:UpdatePipeline", "sagemaker:UpdatePipelineExecution", "sagemaker:UpdateProject", "sagemaker:UpdateTrainingJob", "sagemaker:UpdateTrial", "sagemaker:UpdateTrialComponent", "sagemaker:UpdateUserProfile", "sagemaker:UpdateWorkforce", "sagemaker:UpdateWorkteam" ], "malformed": false, "name": "AmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-03-25T04:27:46+00:00", "version": "v1" }, { "access_levels": [ "List", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonEKSServicePolicy", "createdate": "2020-05-27T19:27:03Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:DeleteNetworkInterface", "ec2:DescribeInstances", "ec2:DescribeNetworkInterfaces", "ec2:DetachNetworkInterface", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:ModifyNetworkInterfaceAttribute", "iam:ListAttachedRolePolicies", "eks:UpdateClusterVersion", "ec2:CreateTags", "ec2:DeleteTags", "route53:AssociateVPCWithHostedZone", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DescribeLogStreams", "logs:PutLogEvents", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonEKSServicePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-05-27T19:27:03+00:00", "version": "v6" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonChimeServiceRolePolicy", "createdate": "2019-09-30T22:25:06Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonChimeServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-09-30T22:25:06+00:00", "version": "v1" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/CloudWatchCrossAccountSharingConfiguration", "createdate": "2022-11-27T14:01:10Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:Link", "oam:ListLinks", "oam:DeleteLink", "oam:GetLink", "oam:TagResource", "oam:CreateLink", "oam:UpdateLink" ], "malformed": false, "name": "CloudWatchCrossAccountSharingConfiguration", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-27T14:01:10+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSResourceAccessManagerReadOnlyAccess", "createdate": "2019-12-09T20:58:37Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ram:GetPermission", "ram:GetResourcePolicies", "ram:GetResourceShareAssociations", "ram:GetResourceShareInvitations", "ram:GetResourceShares", "ram:ListPendingInvitationResources", "ram:ListPermissionAssociations", "ram:ListPermissionVersions", "ram:ListPermissions", "ram:ListPrincipals", "ram:ListReplacePermissionAssociationsWork", "ram:ListResourceSharePermissions", "ram:ListResourceTypes", "ram:ListResources" ], "malformed": false, "name": "AWSResourceAccessManagerReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-12-09T20:58:37+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonAugmentedAIIntegratedAPIAccess", "createdate": "2020-04-22T20:47:32Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "sagemaker:DeleteHumanLoop", "sagemaker:DescribeHumanLoop", "sagemaker:StartHumanLoop", "sagemaker:StopHumanLoop", "sagemaker:ListHumanLoops", "sagemaker:CreateFlowDefinition", "sagemaker:DeleteFlowDefinition", "sagemaker:DescribeFlowDefinition", "sagemaker:ListFlowDefinitions", "sagemaker:CreateHumanTaskUi", "sagemaker:DeleteHumanTaskUi", "sagemaker:DescribeHumanTaskUi", "sagemaker:ListHumanTaskUis", "textract:AnalyzeDocument", "rekognition:DetectModerationLabels", "iam:PassRole" ], "malformed": false, "name": "AmazonAugmentedAIIntegratedAPIAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-04-22T20:47:32+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/MediaConnectGatewayInstanceRolePolicy", "createdate": "2023-03-22T20:43:25Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mediaconnect:DiscoverGatewayPollEndpoint", "mediaconnect:PollGateway", "mediaconnect:SubmitGatewayStateChange" ], "malformed": false, "name": "MediaConnectGatewayInstanceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-22T20:43:25+00:00", "version": "v1" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonCloudWatchEvidentlyReadOnlyAccess", "createdate": "2021-11-29T15:08:38Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "evidently:GetExperiment", "evidently:GetFeature", "evidently:GetLaunch", "evidently:GetProject", "evidently:ListExperiments", "evidently:ListFeatures", "evidently:ListLaunches", "evidently:ListProjects" ], "malformed": false, "name": "AmazonCloudWatchEvidentlyReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-11-29T15:08:38+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSIoTConfigReadOnlyAccess", "createdate": "2019-09-27T20:52:40Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iot:DescribeAuthorizer", "iot:DescribeCACertificate", "iot:DescribeCertificate", "iot:DescribeDefaultAuthorizer", "iot:DescribeEndpoint", "iot:DescribeEventConfigurations", "iot:DescribeIndex", "iot:DescribeJob", "iot:DescribeJobExecution", "iot:DescribeRoleAlias", "iot:DescribeStream", "iot:DescribeThing", "iot:DescribeThingGroup", "iot:DescribeThingRegistrationTask", "iot:DescribeThingType", "iot:GetEffectivePolicies", "iot:GetIndexingConfiguration", "iot:GetJobDocument", "iot:GetLoggingOptions", "iot:GetOTAUpdate", "iot:GetPolicy", "iot:GetPolicyVersion", "iot:GetRegistrationCode", "iot:GetTopicRule", "iot:GetV2LoggingOptions", "iot:ListAttachedPolicies", "iot:ListAuthorizers", "iot:ListCACertificates", "iot:ListCertificates", "iot:ListCertificatesByCA", "iot:ListIndices", "iot:ListJobExecutionsForJob", "iot:ListJobExecutionsForThing", "iot:ListJobs", "iot:ListOTAUpdates", "iot:ListOutgoingCertificates", "iot:ListPolicies", "iot:ListPolicyPrincipals", "iot:ListPolicyVersions", "iot:ListPrincipalPolicies", "iot:ListPrincipalThings", "iot:ListRoleAliases", "iot:ListStreams", "iot:ListTargetsForPolicy", "iot:ListThingGroups", "iot:ListThingGroupsForThing", "iot:ListThingPrincipals", "iot:ListThingRegistrationTaskReports", "iot:ListThingRegistrationTasks", "iot:ListThings", "iot:ListThingsInThingGroup", "iot:ListThingTypes", "iot:ListTopicRules", "iot:ListV2LoggingLevels", "iot:SearchIndex", "iot:TestAuthorization", "iot:TestInvokeAuthorizer", "iot:DescribeAccountAuditConfiguration", "iot:DescribeAuditTask", "iot:ListAuditTasks", "iot:DescribeScheduledAudit", "iot:ListScheduledAudits", "iot:ListAuditFindings", "iot:DescribeSecurityProfile", "iot:ListSecurityProfiles", "iot:ListSecurityProfilesForTarget", "iot:ListTargetsForSecurityProfile", "iot:ListActiveViolations", "iot:ListViolationEvents", "iot:ValidateSecurityProfileBehaviors" ], "malformed": false, "name": "AWSIoTConfigReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-09-27T20:52:40+00:00", "version": "v8" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/ServerMigrationConnector", "createdate": "2016-10-24T21:45:56Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "iam:GetUser", "sms:SendMessage", "sms:GetMessages", "s3:CreateBucket", "s3:DeleteBucket", "s3:DeleteObject", "s3:GetBucketLocation", "s3:GetObject", "s3:ListBucket", "s3:PutObject", "s3:PutObjectAcl", "s3:PutLifecycleConfiguration", "s3:AbortMultipartUpload", "s3:ListBucketMultipartUploads", "s3:ListMultipartUploadParts", "awsconnector:GetConnectorHealth", "awsconnector:RegisterConnector", "awsconnector:ValidateConnectorId", "sns:Publish" ], "malformed": false, "name": "ServerMigrationConnector", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2016-10-24T21:45:56+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonAthenaFullAccess", "createdate": "2024-01-03T19:05:55Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "athena:BatchGetNamedQuery", "athena:BatchGetPreparedStatement", "athena:BatchGetQueryExecution", "athena:CancelCapacityReservation", "athena:CancelQueryExecution", "athena:CreateCapacityReservation", "athena:CreateDataCatalog", "athena:CreateNamedQuery", "athena:CreateNotebook", "athena:CreatePreparedStatement", "athena:CreatePresignedNotebookUrl", "athena:CreateWorkGroup", "athena:DeleteCapacityReservation", "athena:DeleteDataCatalog", "athena:DeleteNamedQuery", "athena:DeleteNotebook", "athena:DeletePreparedStatement", "athena:DeleteWorkGroup", "athena:ExportNotebook", "athena:GetCalculationExecution", "athena:GetCalculationExecutionCode", "athena:GetCalculationExecutionStatus", "athena:GetCapacityAssignmentConfiguration", "athena:GetCapacityReservation", "athena:GetCatalogs", "athena:GetDataCatalog", "athena:GetDatabase", "athena:GetExecutionEngine", "athena:GetExecutionEngines", "athena:GetNamedQuery", "athena:GetNamespace", "athena:GetNamespaces", "athena:GetNotebookMetadata", "athena:GetPreparedStatement", "athena:GetQueryExecution", "athena:GetQueryExecutions", "athena:GetQueryResults", "athena:GetQueryResultsStream", "athena:GetQueryRuntimeStatistics", "athena:GetSession", "athena:GetSessionStatus", "athena:GetTable", "athena:GetTableMetadata", "athena:GetTables", "athena:GetWorkGroup", "athena:ImportNotebook", "athena:ListApplicationDPUSizes", "athena:ListCalculationExecutions", "athena:ListCapacityReservations", "athena:ListDataCatalogs", "athena:ListDatabases", "athena:ListEngineVersions", "athena:ListExecutors", "athena:ListNamedQueries", "athena:ListNotebookMetadata", "athena:ListNotebookSessions", "athena:ListPreparedStatements", "athena:ListQueryExecutions", "athena:ListSessions", "athena:ListTableMetadata", "athena:ListTagsForResource", "athena:ListWorkGroups", "athena:PutCapacityAssignmentConfiguration", "athena:RunQuery", "athena:StartCalculationExecution", "athena:StartQueryExecution", "athena:StartSession", "athena:StopCalculationExecution", "athena:StopQueryExecution", "athena:TagResource", "athena:TerminateSession", "athena:UntagResource", "athena:UpdateCapacityReservation", "athena:UpdateDataCatalog", "athena:UpdateNamedQuery", "athena:UpdateNotebook", "athena:UpdateNotebookMetadata", "athena:UpdatePreparedStatement", "athena:UpdateWorkGroup", "glue:CreateDatabase", "glue:DeleteDatabase", "glue:GetDatabase", "glue:GetDatabases", "glue:UpdateDatabase", "glue:CreateTable", "glue:DeleteTable", "glue:BatchDeleteTable", "glue:UpdateTable", "glue:GetTable", "glue:GetTables", "glue:BatchCreatePartition", "glue:CreatePartition", "glue:DeletePartition", "glue:BatchDeletePartition", "glue:UpdatePartition", "glue:GetPartition", "glue:GetPartitions", "glue:BatchGetPartition", "glue:StartColumnStatisticsTaskRun", "glue:GetColumnStatisticsTaskRun", "glue:GetColumnStatisticsTaskRuns", "s3:GetBucketLocation", "s3:GetObject", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListMultipartUploadParts", "s3:AbortMultipartUpload", "s3:CreateBucket", "s3:PutObject", "s3:PutBucketPublicAccessBlock", "s3:GetObject", "s3:ListBucket", "s3:ListBucket", "s3:GetBucketLocation", "s3:ListAllMyBuckets", "sns:ListTopics", "sns:GetTopicAttributes", "cloudwatch:PutMetricAlarm", "cloudwatch:DescribeAlarms", "cloudwatch:DeleteAlarms", "cloudwatch:GetMetricData", "lakeformation:GetDataAccess", "datazone:ListDomains", "datazone:ListProjects", "datazone:ListAccountEnvironments", "pricing:GetProducts" ], "malformed": false, "name": "AmazonAthenaFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-03T19:05:55+00:00", "version": "v11" }, { "access_levels": [ "List", "Write", "Permissions management" ], "arn": null, "createdate": "2015-02-06T18:40:49Z", "credentials_exposure": true, "data_access": false, "deprecated": true, "effective_action_names": [ "opsworks:AssignInstance", "opsworks:CreateStack", "opsworks:CreateLayer", "opsworks:DeregisterInstance", "opsworks:DescribeInstances", "opsworks:DescribeStackProvisioningParameters", "opsworks:DescribeStacks", "opsworks:UnassignInstance", "ec2:DescribeInstances", "iam:AddUserToGroup", "iam:CreateAccessKey", "iam:CreateGroup", "iam:CreateUser", "iam:ListInstanceProfiles", "iam:PassRole", "iam:PutUserPolicy" ], "malformed": false, "name": "AWSOpsWorksRegisterCLI", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSCodeBuildDeveloperAccess", "createdate": "2023-07-31T23:06:10Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "codebuild:StartBuild", "codebuild:StopBuild", "codebuild:StartBuildBatch", "codebuild:StopBuildBatch", "codebuild:RetryBuild", "codebuild:RetryBuildBatch", "codebuild:BatchGetBuildBatches", "codebuild:BatchGetBuilds", "codebuild:BatchGetFleets", "codebuild:BatchGetProjects", "codebuild:BatchGetReportGroups", "codebuild:BatchGetReports", "codebuild:GetResourcePolicy", "codebuild:DescribeTestCases", "codebuild:DescribeCodeCoverages", "codebuild:ListBuildBatches", "codebuild:ListBuildBatchesForProject", "codebuild:ListBuilds", "codebuild:ListBuildsForProject", "codebuild:ListConnectedOAuthAccounts", "codebuild:ListCuratedEnvironmentImages", "codebuild:ListFleets", "codebuild:ListProjects", "codebuild:ListReportGroups", "codebuild:ListReports", "codebuild:ListReportsForReportGroup", "codebuild:ListRepositories", "codebuild:ListSharedProjects", "codebuild:ListSharedReportGroups", "codebuild:ListSourceCredentials", "codecommit:GetBranch", "codecommit:GetCommit", "codecommit:GetRepository", "codecommit:ListBranches", "cloudwatch:GetMetricStatistics", "events:DescribeRule", "events:ListTargetsByRule", "events:ListRuleNamesByTarget", "logs:GetLogEvents", "s3:GetBucketLocation", "s3:ListAllMyBuckets", "ssm:PutParameter", "ssm:StartSession", "codestar-connections:ListConnections", "codestar-connections:GetConnection", "codestar-notifications:CreateNotificationRule", "codestar-notifications:DescribeNotificationRule", "codestar-notifications:UpdateNotificationRule", "codestar-notifications:Subscribe", "codestar-notifications:Unsubscribe", "codestar-notifications:ListNotificationRules", "codestar-notifications:ListEventTypes", "codestar-notifications:ListTargets", "codestar-notifications:ListTagsForResource", "sns:ListTopics", "sns:GetTopicAttributes", "chatbot:DescribeSlackChannelConfigurations", "chatbot:ListMicrosoftTeamsChannelConfigurations" ], "malformed": false, "name": "AWSCodeBuildDeveloperAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-07-31T23:06:10+00:00", "version": "v14" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSXrayReadOnlyAccess", "createdate": "2024-02-14T00:35:02Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "xray:GetSamplingRules", "xray:GetSamplingTargets", "xray:GetSamplingStatisticSummaries", "xray:BatchGetTraces", "xray:BatchGetTraceSummaryById", "xray:GetDistinctTraceGraphs", "xray:GetServiceGraph", "xray:GetTraceGraph", "xray:GetTraceSummaries", "xray:GetGroups", "xray:GetGroup", "xray:ListTagsForResource", "xray:ListResourcePolicies", "xray:GetTimeSeriesServiceStatistics", "xray:GetInsightSummaries", "xray:GetInsight", "xray:GetInsightEvents", "xray:GetInsightImpactGraph" ], "malformed": false, "name": "AWSXrayReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-14T00:35:02+00:00", "version": "v8" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonGuardDutyMalwareProtectionServiceRolePolicy", "createdate": "2024-01-25T22:24:00Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeInstances", "ec2:DescribeVolumes", "ec2:DescribeSnapshots", "ecs:ListClusters", "ecs:ListContainerInstances", "ecs:ListTasks", "ecs:DescribeTasks", "eks:DescribeCluster", "ec2:CreateSnapshot", "ec2:CreateSnapshot", "ec2:CreateTags", "ec2:CreateTags", "ec2:DeleteSnapshot", "ec2:ModifySnapshotAttribute", "kms:CreateGrant", "kms:ReEncryptTo", "kms:ReEncryptFrom", "kms:DescribeKey", "logs:DescribeLogGroups", "logs:CreateLogGroup", "logs:PutRetentionPolicy", "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogStreams", "ebs:GetSnapshotBlock", "ebs:ListSnapshotBlocks" ], "malformed": false, "name": "AmazonGuardDutyMalwareProtectionServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-25T22:24:00+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSIPAMServiceRolePolicy", "createdate": "2023-11-08T19:05:45Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DescribeByoipCidrs", "ec2:DescribeIpv6Pools", "ec2:DescribeNetworkInterfaces", "ec2:DescribePublicIpv4Pools", "ec2:DescribeSecurityGroups", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:GetIpamDiscoveredAccounts", "ec2:GetIpamDiscoveredPublicAddresses", "ec2:GetIpamDiscoveredResourceCidrs", "globalaccelerator:ListAccelerators", "globalaccelerator:ListByoipCidrs", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListAccounts", "organizations:ListDelegatedAdministrators", "cloudwatch:PutMetricData" ], "malformed": false, "name": "AWSIPAMServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-08T19:05:45+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonRDSCustomInstanceProfileRolePolicy", "createdate": "2024-02-27T17:42:02Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "ssm:UpdateInstanceInformation", "ssm:GetManifest", "ssm:PutConfigurePackageResult", "ssm:GetDocument", "ssm:DescribeDocument", "ssmmessages:CreateControlChannel", "ssmmessages:OpenControlChannel", "ec2messages:AcknowledgeMessage", "ec2messages:DeleteMessage", "ec2messages:FailMessage", "ec2messages:GetEndpoint", "ec2messages:GetMessages", "ec2messages:SendReply", "ec2:CreateSnapshot", "ec2:CreateSnapshots", "ec2:CreateSnapshot", "ec2:CreateSnapshots", "ec2:CreateSnapshots", "ec2:CreateTags", "s3:PutObject", "s3:GetObject", "s3:GetObjectVersion", "s3:AbortMultipartUpload", "s3:ListMultipartUploadParts", "s3:ListBucketVersions", "s3:ListBucketMultipartUploads", "secretsmanager:GetSecretValue", "secretsmanager:DescribeSecret", "secretsmanager:CreateSecret", "secretsmanager:TagResource", "cloudwatch:PutMetricData", "events:PutEvents", "logs:PutRetentionPolicy", "logs:PutLogEvents", "logs:DescribeLogStreams", "logs:CreateLogStream", "logs:CreateLogGroup", "sqs:SendMessage", "sqs:ReceiveMessage", "sqs:DeleteMessage", "sqs:GetQueueUrl", "ec2:AssignPrivateIpAddresses", "ec2:UnassignPrivateIpAddresses", "kms:Decrypt", "kms:GenerateDataKey", "kms:Decrypt", "kms:GenerateDataKey" ], "malformed": false, "name": "AmazonRDSCustomInstanceProfileRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-27T17:42:02+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonEMRReadOnlyAccessPolicy_v2", "createdate": "2023-08-02T19:15:33Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elasticmapreduce:DescribeCluster", "elasticmapreduce:DescribeEditor", "elasticmapreduce:DescribeJobFlows", "elasticmapreduce:DescribeSecurityConfiguration", "elasticmapreduce:DescribeStep", "elasticmapreduce:DescribeReleaseLabel", "elasticmapreduce:GetBlockPublicAccessConfiguration", "elasticmapreduce:GetManagedScalingPolicy", "elasticmapreduce:GetAutoTerminationPolicy", "elasticmapreduce:ListBootstrapActions", "elasticmapreduce:ListClusters", "elasticmapreduce:ListEditors", "elasticmapreduce:ListInstanceFleets", "elasticmapreduce:ListInstanceGroups", "elasticmapreduce:ListInstances", "elasticmapreduce:ListSecurityConfigurations", "elasticmapreduce:ListSteps", "elasticmapreduce:ListSupportedInstanceTypes", "elasticmapreduce:ViewEventsFromAllClustersInConsole", "cloudwatch:GetMetricStatistics" ], "malformed": false, "name": "AmazonEMRReadOnlyAccessPolicy_v2", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-08-02T19:15:33+00:00", "version": "v3" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/AWSBackupDataTransferAccess", "createdate": "2022-11-10T22:48:05Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "backup-storage:StartObject", "backup-storage:PutChunk", "backup-storage:GetChunk", "backup-storage:ListChunks", "backup-storage:ListObjects", "backup-storage:GetObjectMetadata", "backup-storage:NotifyObjectComplete" ], "malformed": false, "name": "AWSBackupDataTransferAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-10T22:48:05+00:00", "version": "v1" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/ClientVPNServiceConnectionsRolePolicy", "createdate": "2020-08-12T19:48:06Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "lambda:InvokeFunction" ], "malformed": false, "name": "ClientVPNServiceConnectionsRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-08-12T19:48:06+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSMigrationHubOrchestratorConsoleFullAccess", "createdate": "2023-12-05T17:34:16Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "migrationhub-orchestrator:CreateTemplate", "migrationhub-orchestrator:CreateWorkflow", "migrationhub-orchestrator:CreateWorkflowStep", "migrationhub-orchestrator:CreateWorkflowStepGroup", "migrationhub-orchestrator:DeleteTemplate", "migrationhub-orchestrator:DeleteWorkflow", "migrationhub-orchestrator:DeleteWorkflowStep", "migrationhub-orchestrator:DeleteWorkflowStepGroup", "migrationhub-orchestrator:GetMessage", "migrationhub-orchestrator:GetTemplate", "migrationhub-orchestrator:GetTemplateStep", "migrationhub-orchestrator:GetTemplateStepGroup", "migrationhub-orchestrator:GetWorkflow", "migrationhub-orchestrator:GetWorkflowStep", "migrationhub-orchestrator:GetWorkflowStepGroup", "migrationhub-orchestrator:ListPlugins", "migrationhub-orchestrator:ListTagsForResource", "migrationhub-orchestrator:ListTemplateStepGroups", "migrationhub-orchestrator:ListTemplateSteps", "migrationhub-orchestrator:ListTemplates", "migrationhub-orchestrator:ListWorkflowStepGroups", "migrationhub-orchestrator:ListWorkflowSteps", "migrationhub-orchestrator:ListWorkflows", "migrationhub-orchestrator:RegisterPlugin", "migrationhub-orchestrator:RetryWorkflowStep", "migrationhub-orchestrator:SendMessage", "migrationhub-orchestrator:StartWorkflow", "migrationhub-orchestrator:StopWorkflow", "migrationhub-orchestrator:TagResource", "migrationhub-orchestrator:UntagResource", "migrationhub-orchestrator:UpdateTemplate", "migrationhub-orchestrator:UpdateWorkflow", "migrationhub-orchestrator:UpdateWorkflowStep", "migrationhub-orchestrator:UpdateWorkflowStepGroup", "s3:ListAllMyBuckets", "s3:GetObject", "s3:GetBucketAcl", "s3:GetBucketLocation", "s3:ListBucket", "s3:ListBucketVersions", "s3:PutObject", "secretsmanager:ListSecrets", "discovery:DescribeConfigurations", "discovery:ListConfigurations", "discovery:GetDiscoverySummary", "mgh:GetHomeRegion", "ec2:DescribeInstances", "ec2:DescribeVpcs", "kms:ListKeys", "kms:ListAliases", "iam:ListInstanceProfiles", "iam:ListRoles", "ecs:ListClusters", "account:ListRegions", "iam:CreateServiceLinkedRole", "iam:GetRole" ], "malformed": false, "name": "AWSMigrationHubOrchestratorConsoleFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-12-05T17:34:16+00:00", "version": "v2" }, { "access_levels": [ "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleRDS", "createdate": "2020-06-05T21:46:55Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "rds:CreateDBSecurityGroup", "rds:DeleteDBSecurityGroup", "rds:AuthorizeDBSecurityGroupIngress", "rds:CreateDBInstance", "rds:ModifyDBInstance", "rds:DeleteDBInstance" ], "malformed": false, "name": "AWSElasticBeanstalkRoleRDS", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-06-05T21:46:55+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess", "createdate": "2024-02-13T21:58:30Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "xray:PutTraceSegments", "xray:PutTelemetryRecords", "xray:GetSamplingRules", "xray:GetSamplingTargets", "xray:GetSamplingStatisticSummaries" ], "malformed": false, "name": "AWSXRayDaemonWriteAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-13T21:58:30+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonAppFlowFullAccess", "createdate": "2022-02-28T23:11:23Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "appflow:CancelFlowExecutions", "appflow:CreateConnectorProfile", "appflow:CreateFlow", "appflow:DeleteConnectorProfile", "appflow:DeleteFlow", "appflow:DescribeConnector", "appflow:DescribeConnectorEntity", "appflow:DescribeConnectorFields", "appflow:DescribeConnectorProfiles", "appflow:DescribeConnectors", "appflow:DescribeFlow", "appflow:DescribeFlowExecution", "appflow:DescribeFlowExecutionRecords", "appflow:DescribeFlows", "appflow:ListConnectorEntities", "appflow:ListConnectorFields", "appflow:ListConnectors", "appflow:ListFlows", "appflow:ListTagsForResource", "appflow:RegisterConnector", "appflow:ResetConnectorMetadataCache", "appflow:RunFlow", "appflow:StartFlow", "appflow:StopFlow", "appflow:TagResource", "appflow:UnRegisterConnector", "appflow:UntagResource", "appflow:UpdateConnectorProfile", "appflow:UpdateConnectorRegistration", "appflow:UpdateFlow", "appflow:UseConnectorProfile", "iam:ListRoles", "kms:ListKeys", "kms:DescribeKey", "kms:ListAliases", "kms:CreateGrant", "kms:ListGrants", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:GetBucketLocation", "s3:GetBucketPolicy", "s3:PutBucketPolicy", "secretsmanager:CreateSecret", "secretsmanager:PutResourcePolicy", "lambda:ListFunctions" ], "malformed": false, "name": "AmazonAppFlowFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-02-28T23:11:23+00:00", "version": "v3" }, { "access_levels": [ "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForEC2ScheduledInstances", "createdate": "2017-10-12T18:31:55Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateTags", "ec2:TerminateInstances" ], "malformed": false, "name": "AWSServiceRoleForEC2ScheduledInstances", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2017-10-12T18:31:55+00:00", "version": "v1" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSDirectConnectServiceRolePolicy", "createdate": "2021-01-14T18:35:27Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "secretsmanager:DescribeSecret", "secretsmanager:ListSecretVersionIds", "secretsmanager:GetSecretValue" ], "malformed": false, "name": "AWSDirectConnectServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-01-14T18:35:27+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonRDSPerformanceInsightsReadOnly", "createdate": "2023-10-23T21:17:06Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "rds:DescribeDBInstances", "rds:DescribeDBClusters", "pi:DescribeDimensionKeys", "pi:GetDimensionKeyDetails", "pi:GetResourceMetadata", "pi:GetResourceMetrics", "pi:ListAvailableResourceDimensions", "pi:ListAvailableResourceMetrics", "pi:GetPerformanceAnalysisReport", "pi:ListPerformanceAnalysisReports", "pi:ListTagsForResource" ], "malformed": false, "name": "AmazonRDSPerformanceInsightsReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-10-23T21:17:06+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSServiceCatalogAppRegistryReadOnlyAccess", "createdate": "2022-11-17T18:16:39Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "servicecatalog:GetApplication", "servicecatalog:ListApplications", "servicecatalog:GetAssociatedResource", "servicecatalog:ListAssociatedResources", "servicecatalog:ListAssociatedAttributeGroups", "servicecatalog:GetAttributeGroup", "servicecatalog:ListAttributeGroups", "servicecatalog:ListTagsForResource", "servicecatalog:ListAttributeGroupsForApplication", "servicecatalog:GetConfiguration" ], "malformed": false, "name": "AWSServiceCatalogAppRegistryReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-11-17T18:16:39+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonDetectiveOrganizationsAccess", "createdate": "2023-03-02T15:20:50Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "detective:DisableOrganizationAdminAccount", "detective:EnableOrganizationAdminAccount", "detective:ListOrganizationAdminAccount", "iam:CreateServiceLinkedRole", "organizations:EnableAWSServiceAccess", "organizations:RegisterDelegatedAdministrator", "organizations:DeregisterDelegatedAdministrator", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:ListAccounts", "organizations:ListDelegatedAdministrators" ], "malformed": false, "name": "AmazonDetectiveOrganizationsAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-02T15:20:50+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSStorageGatewayFullAccess", "createdate": "2022-09-06T20:26:09Z", "credentials_exposure": true, "data_access": true, "deprecated": false, "effective_action_names": [ "storagegateway:ActivateGateway", "storagegateway:AddCache", "storagegateway:AddTagsToResource", "storagegateway:AddUploadBuffer", "storagegateway:AddWorkingStorage", "storagegateway:AssignTapePool", "storagegateway:AssociateFileSystem", "storagegateway:AttachVolume", "storagegateway:BypassGovernanceRetention", "storagegateway:CancelArchival", "storagegateway:CancelRetrieval", "storagegateway:CreateCachediSCSIVolume", "storagegateway:CreateNFSFileShare", "storagegateway:CreateSMBFileShare", "storagegateway:CreateSnapshot", "storagegateway:CreateSnapshotFromVolumeRecoveryPoint", "storagegateway:CreateStorediSCSIVolume", "storagegateway:CreateTapePool", "storagegateway:CreateTapeWithBarcode", "storagegateway:CreateTapes", "storagegateway:DeleteAutomaticTapeCreationPolicy", "storagegateway:DeleteBandwidthRateLimit", "storagegateway:DeleteChapCredentials", "storagegateway:DeleteFileShare", "storagegateway:DeleteGateway", "storagegateway:DeleteSnapshotSchedule", "storagegateway:DeleteTape", "storagegateway:DeleteTapeArchive", "storagegateway:DeleteTapePool", "storagegateway:DeleteVolume", "storagegateway:DescribeAvailabilityMonitorTest", "storagegateway:DescribeBandwidthRateLimit", "storagegateway:DescribeBandwidthRateLimitSchedule", "storagegateway:DescribeCache", "storagegateway:DescribeCachediSCSIVolumes", "storagegateway:DescribeChapCredentials", "storagegateway:DescribeFileSystemAssociations", "storagegateway:DescribeGatewayInformation", "storagegateway:DescribeMaintenanceStartTime", "storagegateway:DescribeNFSFileShares", "storagegateway:DescribeSMBFileShares", "storagegateway:DescribeSMBSettings", "storagegateway:DescribeSnapshotSchedule", "storagegateway:DescribeStorediSCSIVolumes", "storagegateway:DescribeTapeArchives", "storagegateway:DescribeTapeRecoveryPoints", "storagegateway:DescribeTapes", "storagegateway:DescribeUploadBuffer", "storagegateway:DescribeVTLDevices", "storagegateway:DescribeWorkingStorage", "storagegateway:DetachVolume", "storagegateway:DisableGateway", "storagegateway:DisassociateFileSystem", "storagegateway:JoinDomain", "storagegateway:ListAutomaticTapeCreationPolicies", "storagegateway:ListFileShares", "storagegateway:ListFileSystemAssociations", "storagegateway:ListGateways", "storagegateway:ListLocalDisks", "storagegateway:ListTagsForResource", "storagegateway:ListTapePools", "storagegateway:ListTapes", "storagegateway:ListVolumeInitiators", "storagegateway:ListVolumeRecoveryPoints", "storagegateway:ListVolumes", "storagegateway:NotifyWhenUploaded", "storagegateway:RefreshCache", "storagegateway:RemoveTagsFromResource", "storagegateway:ResetCache", "storagegateway:RetrieveTapeArchive", "storagegateway:RetrieveTapeRecoveryPoint", "storagegateway:SetLocalConsolePassword", "storagegateway:SetSMBGuestPassword", "storagegateway:ShutdownGateway", "storagegateway:StartAvailabilityMonitorTest", "storagegateway:StartGateway", "storagegateway:UpdateAutomaticTapeCreationPolicy", "storagegateway:UpdateBandwidthRateLimit", "storagegateway:UpdateBandwidthRateLimitSchedule", "storagegateway:UpdateChapCredentials", "storagegateway:UpdateFileSystemAssociation", "storagegateway:UpdateGatewayInformation", "storagegateway:UpdateGatewaySoftwareNow", "storagegateway:UpdateMaintenanceStartTime", "storagegateway:UpdateNFSFileShare", "storagegateway:UpdateSMBFileShare", "storagegateway:UpdateSMBFileShareVisibility", "storagegateway:UpdateSMBLocalGroups", "storagegateway:UpdateSMBSecurityStrategy", "storagegateway:UpdateSnapshotSchedule", "storagegateway:UpdateVTLDeviceType", "ec2:DescribeSnapshots", "ec2:DeleteSnapshot", "ssm:GetParameters" ], "malformed": false, "name": "AWSStorageGatewayFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-09-06T20:26:09+00:00", "version": "v2" }, { "access_levels": [ "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSPrivateNetworksServiceRolePolicy", "createdate": "2021-12-16T23:17:46Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:PutMetricData" ], "malformed": false, "name": "AWSPrivateNetworksServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-12-16T23:17:46+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonChimeSDKMessagingServiceRolePolicy", "createdate": "2023-03-03T01:43:49Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "kms:GenerateDataKey", "kinesis:PutRecord", "kinesis:PutRecords", "kinesis:DescribeStream" ], "malformed": false, "name": "AmazonChimeSDKMessagingServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-03T01:43:49+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryAgentPolicy", "createdate": "2023-11-27T13:44:15Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "drs:SendAgentMetricsForDrs", "drs:SendAgentLogsForDrs", "drs:UpdateAgentSourcePropertiesForDrs", "drs:UpdateAgentReplicationInfoForDrs", "drs:UpdateAgentConversionInfoForDrs", "drs:GetAgentCommandForDrs", "drs:GetAgentConfirmedResumeInfoForDrs", "drs:GetAgentRuntimeConfigurationForDrs", "drs:UpdateAgentBacklogForDrs", "drs:GetAgentReplicationInfoForDrs", "drs:IssueAgentCertificateForDrs", "drs:GetAgentInstallationAssetsForDrs" ], "malformed": false, "name": "AWSElasticDisasterRecoveryAgentPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-27T13:44:15+00:00", "version": "v3" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonMobileAnalyticsFullAccess", "createdate": "2015-02-06T18:40:34Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mobileanalytics:GetFinancialReports", "mobileanalytics:GetReports", "mobileanalytics:PutEvents" ], "malformed": false, "name": "AmazonMobileAnalyticsFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:40:34+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/job-function/Billing", "createdate": "2024-01-17T18:03:48Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "account:GetAccountInformation", "aws-portal:ModifyBilling", "aws-portal:ViewBilling", "aws-portal:ModifyPaymentMethods", "aws-portal:ViewPaymentMethods", "aws-portal:ViewUsage", "billing:GetBillingData", "billing:GetBillingDetails", "billing:GetBillingNotifications", "billing:GetBillingPreferences", "billing:GetContractInformation", "billing:GetCredits", "billing:GetIAMAccessPreference", "billing:GetSellerOfRecord", "billing:ListBillingViews", "billing:PutContractInformation", "billing:RedeemCredits", "billing:UpdateBillingPreferences", "billing:UpdateIAMAccessPreference", "budgets:CreateBudgetAction", "budgets:DeleteBudgetAction", "budgets:DescribeBudgetActionsForBudget", "budgets:DescribeBudgetAction", "budgets:DescribeBudgetActionsForAccount", "budgets:DescribeBudgetActionHistories", "budgets:ExecuteBudgetAction", "budgets:ModifyBudget", "budgets:UpdateBudgetAction", "budgets:ViewBudget", "ce:CreateCostCategoryDefinition", "ce:CreateNotificationSubscription", "ce:CreateReport", "ce:DeleteCostCategoryDefinition", "ce:DeleteNotificationSubscription", "ce:DeleteReport", "ce:DescribeCostCategoryDefinition", "ce:GetCostAndUsage", "ce:ListCostAllocationTags", "ce:ListCostCategoryDefinitions", "ce:ListTagsForResource", "ce:TagResource", "ce:UpdateCostAllocationTagsStatus", "ce:UpdateNotificationSubscription", "ce:UpdatePreferences", "ce:UpdateReport", "ce:UpdateCostCategoryDefinition", "ce:UntagResource", "consolidatedbilling:GetAccountBillingRole", "consolidatedbilling:ListLinkedAccounts", "cur:DeleteReportDefinition", "cur:DescribeReportDefinitions", "cur:GetClassicReport", "cur:GetClassicReportPreferences", "cur:GetUsageReport", "cur:ModifyReportDefinition", "cur:PutClassicReportPreferences", "cur:PutReportDefinition", "cur:ValidateReportDestination", "freetier:GetFreeTierAlertPreference", "freetier:GetFreeTierUsage", "freetier:PutFreeTierAlertPreference", "invoicing:GetInvoiceEmailDeliveryPreferences", "invoicing:GetInvoicePDF", "invoicing:ListInvoiceSummaries", "invoicing:PutInvoiceEmailDeliveryPreferences", "payments:CreatePaymentInstrument", "payments:DeletePaymentInstrument", "payments:GetPaymentInstrument", "payments:GetPaymentStatus", "payments:ListPaymentPreferences", "payments:MakePayment", "payments:UpdatePaymentPreferences", "pricing:DescribeServices", "purchase-orders:AddPurchaseOrder", "purchase-orders:DeletePurchaseOrder", "purchase-orders:GetPurchaseOrder", "purchase-orders:ListPurchaseOrderInvoices", "purchase-orders:ListPurchaseOrders", "purchase-orders:ListTagsForResource", "purchase-orders:ModifyPurchaseOrders", "purchase-orders:TagResource", "purchase-orders:UntagResource", "purchase-orders:UpdatePurchaseOrder", "purchase-orders:UpdatePurchaseOrderStatus", "purchase-orders:ViewPurchaseOrders", "support:CreateCase", "support:AddAttachmentsToSet", "sustainability:GetCarbonFootprintSummary", "tax:BatchPutTaxRegistration", "tax:DeleteTaxRegistration", "tax:GetExemptions", "tax:GetTaxInheritance", "tax:GetTaxInterview", "tax:GetTaxRegistration", "tax:GetTaxRegistrationDocument", "tax:ListTaxRegistrations", "tax:PutTaxInheritance", "tax:PutTaxInterview", "tax:PutTaxRegistration", "tax:UpdateExemptions" ], "malformed": false, "name": "Billing", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-17T18:03:48+00:00", "version": "v9" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonVPCNetworkAccessAnalyzerFullAccessPolicy", "createdate": "2023-11-03T19:31:09Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "directconnect:DescribeConnections", "directconnect:DescribeDirectConnectGatewayAssociations", "directconnect:DescribeDirectConnectGatewayAttachments", "directconnect:DescribeDirectConnectGateways", "directconnect:DescribeVirtualGateways", "directconnect:DescribeVirtualInterfaces", "ec2:CreateNetworkInsightsAccessScope", "ec2:DeleteNetworkInsightsAccessScope", "ec2:DeleteNetworkInsightsAccessScopeAnalysis", "ec2:DescribeAvailabilityZones", "ec2:DescribeCustomerGateways", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeManagedPrefixLists", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInterfaces", "ec2:DescribePrefixLists", "ec2:DescribeRegions", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGateways", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:GetManagedPrefixListEntries", "ec2:GetNetworkInsightsAccessScopeAnalysisFindings", "ec2:GetNetworkInsightsAccessScopeContent", "ec2:GetTransitGatewayRouteTablePropagations", "ec2:SearchTransitGatewayRoutes", "ec2:StartNetworkInsightsAccessScopeAnalysis", "ec2:CreateTags", "ec2:DeleteTags", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "globalaccelerator:ListAccelerators", "globalaccelerator:ListCustomRoutingAccelerators", "globalaccelerator:ListCustomRoutingEndpointGroups", "globalaccelerator:ListCustomRoutingListeners", "globalaccelerator:ListCustomRoutingPortMappings", "globalaccelerator:ListEndpointGroups", "globalaccelerator:ListListeners", "network-firewall:DescribeFirewall", "network-firewall:DescribeFirewallPolicy", "network-firewall:DescribeResourcePolicy", "network-firewall:DescribeRuleGroup", "network-firewall:ListFirewallPolicies", "network-firewall:ListFirewalls", "network-firewall:ListRuleGroups", "resource-groups:ListGroupResources", "tag:GetResources", "tiros:CreateQuery", "tiros:GetQueryAnswer" ], "malformed": false, "name": "AmazonVPCNetworkAccessAnalyzerFullAccessPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-03T19:31:09+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/GlobalAcceleratorReadOnlyAccess", "createdate": "2018-11-27T02:41:00Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "globalaccelerator:DescribeAccelerator", "globalaccelerator:DescribeAcceleratorAttributes", "globalaccelerator:DescribeCrossAccountAttachment", "globalaccelerator:DescribeCustomRoutingAccelerator", "globalaccelerator:DescribeCustomRoutingAcceleratorAttributes", "globalaccelerator:DescribeCustomRoutingEndpointGroup", "globalaccelerator:DescribeCustomRoutingListener", "globalaccelerator:DescribeEndpointGroup", "globalaccelerator:DescribeListener", "globalaccelerator:ListAccelerators", "globalaccelerator:ListByoipCidrs", "globalaccelerator:ListCrossAccountAttachments", "globalaccelerator:ListCrossAccountResourceAccounts", "globalaccelerator:ListCrossAccountResources", "globalaccelerator:ListCustomRoutingAccelerators", "globalaccelerator:ListCustomRoutingEndpointGroups", "globalaccelerator:ListCustomRoutingListeners", "globalaccelerator:ListCustomRoutingPortMappings", "globalaccelerator:ListCustomRoutingPortMappingsByDestination", "globalaccelerator:ListEndpointGroups", "globalaccelerator:ListListeners", "globalaccelerator:ListTagsForResource" ], "malformed": false, "name": "GlobalAcceleratorReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-11-27T02:41:00+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/CloudFrontFullAccess", "createdate": "2024-01-04T16:56:08Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:ListAllMyBuckets", "acm:ListCertificates", "cloudfront:AssociateAlias", "cloudfront:CopyDistribution", "cloudfront:CreateCachePolicy", "cloudfront:CreateCloudFrontOriginAccessIdentity", "cloudfront:CreateContinuousDeploymentPolicy", "cloudfront:CreateDistribution", "cloudfront:CreateFieldLevelEncryptionConfig", "cloudfront:CreateFieldLevelEncryptionProfile", "cloudfront:CreateFunction", "cloudfront:CreateInvalidation", "cloudfront:CreateKeyGroup", "cloudfront:CreateKeyValueStore", "cloudfront:CreateMonitoringSubscription", "cloudfront:CreateOriginAccessControl", "cloudfront:CreateOriginRequestPolicy", "cloudfront:CreatePublicKey", "cloudfront:CreateRealtimeLogConfig", "cloudfront:CreateResponseHeadersPolicy", "cloudfront:CreateSavingsPlan", "cloudfront:CreateStreamingDistribution", "cloudfront:CreateStreamingDistributionWithTags", "cloudfront:DeleteCachePolicy", "cloudfront:DeleteCloudFrontOriginAccessIdentity", "cloudfront:DeleteContinuousDeploymentPolicy", "cloudfront:DeleteDistribution", "cloudfront:DeleteFieldLevelEncryptionConfig", "cloudfront:DeleteFieldLevelEncryptionProfile", "cloudfront:DeleteFunction", "cloudfront:DeleteKeyGroup", "cloudfront:DeleteKeyValueStore", "cloudfront:DeleteMonitoringSubscription", "cloudfront:DeleteOriginAccessControl", "cloudfront:DeleteOriginRequestPolicy", "cloudfront:DeletePublicKey", "cloudfront:DeleteRealtimeLogConfig", "cloudfront:DeleteResponseHeadersPolicy", "cloudfront:DeleteStreamingDistribution", "cloudfront:DescribeFunction", "cloudfront:DescribeKeyValueStore", "cloudfront:GetCachePolicy", "cloudfront:GetCachePolicyConfig", "cloudfront:GetCloudFrontOriginAccessIdentity", "cloudfront:GetCloudFrontOriginAccessIdentityConfig", "cloudfront:GetContinuousDeploymentPolicy", "cloudfront:GetContinuousDeploymentPolicyConfig", "cloudfront:GetDistribution", "cloudfront:GetDistributionConfig", "cloudfront:GetFieldLevelEncryption", "cloudfront:GetFieldLevelEncryptionConfig", "cloudfront:GetFieldLevelEncryptionProfile", "cloudfront:GetFieldLevelEncryptionProfileConfig", "cloudfront:GetFunction", "cloudfront:GetInvalidation", "cloudfront:GetKeyGroup", "cloudfront:GetKeyGroupConfig", "cloudfront:GetMonitoringSubscription", "cloudfront:GetOriginAccessControl", "cloudfront:GetOriginAccessControlConfig", "cloudfront:GetOriginRequestPolicy", "cloudfront:GetOriginRequestPolicyConfig", "cloudfront:GetPublicKey", "cloudfront:GetPublicKeyConfig", "cloudfront:GetRealtimeLogConfig", "cloudfront:GetResponseHeadersPolicy", "cloudfront:GetResponseHeadersPolicyConfig", "cloudfront:GetSavingsPlan", "cloudfront:GetStreamingDistribution", "cloudfront:GetStreamingDistributionConfig", "cloudfront:ListCachePolicies", "cloudfront:ListCloudFrontOriginAccessIdentities", "cloudfront:ListConflictingAliases", "cloudfront:ListContinuousDeploymentPolicies", "cloudfront:ListDistributions", "cloudfront:ListDistributionsByCachePolicyId", "cloudfront:ListDistributionsByKeyGroup", "cloudfront:ListDistributionsByLambdaFunction", "cloudfront:ListDistributionsByOriginRequestPolicyId", "cloudfront:ListDistributionsByRealtimeLogConfig", "cloudfront:ListDistributionsByResponseHeadersPolicyId", "cloudfront:ListDistributionsByWebACLId", "cloudfront:ListFieldLevelEncryptionConfigs", "cloudfront:ListFieldLevelEncryptionProfiles", "cloudfront:ListFunctions", "cloudfront:ListInvalidations", "cloudfront:ListKeyGroups", "cloudfront:ListKeyValueStores", "cloudfront:ListOriginAccessControls", "cloudfront:ListOriginRequestPolicies", "cloudfront:ListPublicKeys", "cloudfront:ListRateCards", "cloudfront:ListRealtimeLogConfigs", "cloudfront:ListResponseHeadersPolicies", "cloudfront:ListSavingsPlans", "cloudfront:ListStreamingDistributions", "cloudfront:ListTagsForResource", "cloudfront:ListUsages", "cloudfront:PublishFunction", "cloudfront:TagResource", "cloudfront:TestFunction", "cloudfront:UntagResource", "cloudfront:UpdateCachePolicy", "cloudfront:UpdateCloudFrontOriginAccessIdentity", "cloudfront:UpdateContinuousDeploymentPolicy", "cloudfront:UpdateDistribution", "cloudfront:UpdateFieldLevelEncryptionConfig", "cloudfront:UpdateFieldLevelEncryptionProfile", "cloudfront:UpdateFunction", "cloudfront:UpdateKeyGroup", "cloudfront:UpdateKeyValueStore", "cloudfront:UpdateOriginAccessControl", "cloudfront:UpdateOriginRequestPolicy", "cloudfront:UpdatePublicKey", "cloudfront:UpdateRealtimeLogConfig", "cloudfront:UpdateResponseHeadersPolicy", "cloudfront:UpdateSavingsPlan", "cloudfront:UpdateStreamingDistribution", "cloudfront-keyvaluestore:DeleteKey", "cloudfront-keyvaluestore:DescribeKeyValueStore", "cloudfront-keyvaluestore:GetKey", "cloudfront-keyvaluestore:ListKeys", "cloudfront-keyvaluestore:PutKey", "cloudfront-keyvaluestore:UpdateKeys", "iam:ListServerCertificates", "waf:ListWebACLs", "waf:GetWebACL", "wafv2:ListWebACLs", "wafv2:GetWebACL", "kinesis:ListStreams", "kinesis:DescribeStream", "iam:ListRoles" ], "malformed": false, "name": "CloudFrontFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-04T16:56:08+00:00", "version": "v7" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForPrivateMarketplaceAdminPolicy", "createdate": "2024-02-14T22:28:01Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "aws-marketplace:DescribeEntity", "aws-marketplace:DescribeChangeSet", "aws-marketplace:ListEntities", "aws-marketplace:ListChangeSets", "aws-marketplace:StartChangeSet", "organizations:DescribeAccount", "organizations:DescribeOrganizationalUnit", "organizations:ListDelegatedAdministrators", "organizations:ListChildren" ], "malformed": false, "name": "AWSServiceRoleForPrivateMarketplaceAdminPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-14T22:28:01+00:00", "version": "v1" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSAppMeshPreviewServiceRolePolicy", "createdate": "2019-08-21T21:06:29Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "servicediscovery:DiscoverInstances", "acm:DescribeCertificate" ], "malformed": false, "name": "AWSAppMeshPreviewServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-08-21T21:06:29+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/ResourceGroupsandTagEditorFullAccess", "createdate": "2023-08-10T13:29:19Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "tag:GetResources", "tag:GetTagKeys", "tag:GetTagValues", "tag:TagResources", "tag:UntagResources", "resource-groups:AssociateResource", "resource-groups:CreateGroup", "resource-groups:DeleteGroup", "resource-groups:DeleteGroupPolicy", "resource-groups:DisassociateResource", "resource-groups:GetAccountSettings", "resource-groups:GetGroup", "resource-groups:GetGroupConfiguration", "resource-groups:GetGroupPolicy", "resource-groups:GetGroupQuery", "resource-groups:GetTags", "resource-groups:GroupResources", "resource-groups:ListGroupResources", "resource-groups:ListGroups", "resource-groups:ListResourceTypes", "resource-groups:PutGroupConfiguration", "resource-groups:PutGroupPolicy", "resource-groups:SearchResources", "resource-groups:Tag", "resource-groups:UngroupResources", "resource-groups:Untag", "resource-groups:UpdateAccountSettings", "resource-groups:UpdateGroup", "resource-groups:UpdateGroupQuery", "cloudformation:DescribeStacks", "cloudformation:ListStackResources", "cloudformation:ListStacks" ], "malformed": false, "name": "ResourceGroupsandTagEditorFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-08-10T13:29:19+00:00", "version": "v6" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/AWSCloudMapDiscoverInstanceAccess", "createdate": "2023-09-20T21:48:09Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "servicediscovery:DiscoverInstances", "servicediscovery:DiscoverInstancesRevision" ], "malformed": false, "name": "AWSCloudMapDiscoverInstanceAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-09-20T21:48:09+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonDocDBElasticReadOnlyAccess", "createdate": "2023-06-21T16:57:09Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "docdb-elastic:ListClusters", "docdb-elastic:GetCluster", "docdb-elastic:ListClusterSnapshots", "docdb-elastic:GetClusterSnapshot", "docdb-elastic:ListTagsForResource", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics" ], "malformed": false, "name": "AmazonDocDBElasticReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-06-21T16:57:09+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonTimestreamConsoleFullAccess", "createdate": "2022-02-01T21:37:31Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "timestream:CancelQuery", "timestream:CreateBatchLoadTask", "timestream:CreateDatabase", "timestream:CreateScheduledQuery", "timestream:CreateTable", "timestream:DeleteDatabase", "timestream:DeleteScheduledQuery", "timestream:DeleteTable", "timestream:DescribeBatchLoadTask", "timestream:DescribeDatabase", "timestream:DescribeEndpoints", "timestream:DescribeScheduledQuery", "timestream:DescribeTable", "timestream:ExecuteScheduledQuery", "timestream:GetAwsBackupStatus", "timestream:GetAwsRestoreStatus", "timestream:ListBatchLoadTasks", "timestream:ListDatabases", "timestream:ListMeasures", "timestream:ListScheduledQueries", "timestream:ListTables", "timestream:ListTagsForResource", "timestream:PrepareQuery", "timestream:ResumeBatchLoadTask", "timestream:Select", "timestream:SelectValues", "timestream:StartAwsBackupJob", "timestream:StartAwsRestoreJob", "timestream:TagResource", "timestream:Unload", "timestream:UntagResource", "timestream:UpdateDatabase", "timestream:UpdateScheduledQuery", "timestream:UpdateTable", "timestream:WriteRecords", "kms:DescribeKey", "kms:ListKeys", "kms:ListAliases", "kms:CreateGrant", "dbqms:CreateFavoriteQuery", "dbqms:DescribeFavoriteQueries", "dbqms:UpdateFavoriteQuery", "dbqms:DeleteFavoriteQueries", "dbqms:GetQueryString", "dbqms:CreateQueryHistory", "dbqms:DescribeQueryHistory", "dbqms:UpdateQueryHistory", "dbqms:DeleteQueryHistory", "s3:ListAllMyBuckets", "sns:ListTopics", "iam:ListRoles" ], "malformed": false, "name": "AmazonTimestreamConsoleFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-02-01T21:37:31+00:00", "version": "v4" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSApplicationDiscoveryAgentlessCollectorAccess", "createdate": "2022-08-16T21:00:59Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "arsenal:RegisterOnPremisesAgent", "ecr-public:DescribeImages", "ecr-public:GetAuthorizationToken", "mgh:GetHomeRegion", "sts:GetServiceBearerToken" ], "malformed": false, "name": "AWSApplicationDiscoveryAgentlessCollectorAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-08-16T21:00:59+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonWorkSpacesAdmin", "createdate": "2023-08-03T23:57:36Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "kms:DescribeKey", "kms:ListAliases", "kms:ListKeys", "workspaces:CreateTags", "workspaces:CreateWorkspaceImage", "workspaces:CreateWorkspaces", "workspaces:CreateStandbyWorkspaces", "workspaces:DeleteTags", "workspaces:DescribeTags", "workspaces:DescribeWorkspaceBundles", "workspaces:DescribeWorkspaceDirectories", "workspaces:DescribeWorkspaces", "workspaces:DescribeWorkspacesConnectionStatus", "workspaces:ModifyCertificateBasedAuthProperties", "workspaces:ModifySamlProperties", "workspaces:ModifyWorkspaceProperties", "workspaces:RebootWorkspaces", "workspaces:RebuildWorkspaces", "workspaces:RestoreWorkspace", "workspaces:StartWorkspaces", "workspaces:StopWorkspaces", "workspaces:TerminateWorkspaces" ], "malformed": false, "name": "AmazonWorkSpacesAdmin", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-08-03T23:57:36+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForSMS", "createdate": "2020-10-15T17:28:13Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudformation:CreateChangeSet", "cloudformation:CreateStack", "cloudformation:DeleteStack", "cloudformation:ExecuteChangeSet", "cloudformation:DeleteChangeSet", "cloudformation:DescribeChangeSet", "cloudformation:DescribeStacks", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResources", "cloudformation:GetTemplate", "cloudformation:ValidateTemplate", "s3:ListAllMyBuckets", "s3:CreateBucket", "s3:DeleteBucket", "s3:DeleteObject", "s3:GetBucketAcl", "s3:GetBucketLocation", "s3:GetObject", "s3:ListBucket", "s3:PutObject", "s3:PutObjectAcl", "s3:PutLifecycleConfiguration", "sms:CreateReplicationJob", "sms:DeleteReplicationJob", "sms:GetReplicationJobs", "sms:GetReplicationRuns", "sms:GetServers", "sms:ImportServerCatalog", "sms:StartOnDemandReplicationRun", "sms:UpdateReplicationJob", "ssm:SendCommand", "ssm:SendCommand", "ssm:CancelCommand", "ssm:GetCommandInvocation", "ec2:CreateTags", "ec2:CopySnapshot", "ec2:ModifySnapshotAttribute", "ec2:DeleteSnapshot", "ec2:CopyImage", "ec2:DescribeImages", "ec2:DescribeInstances", "ec2:DescribeSnapshots", "ec2:DescribeSnapshotAttribute", "ec2:DeregisterImage", "ec2:ImportImage", "ec2:DescribeImportImageTasks", "ec2:GetEbsEncryptionByDefault", "iam:GetRole", "iam:GetInstanceProfile", "ec2:DisassociateIamInstanceProfile", "ec2:AssociateIamInstanceProfile", "ec2:ReplaceIamInstanceProfileAssociation", "iam:PassRole", "iam:PassRole", "ec2:RunInstances", "ec2:CreateTags", "ec2:DeleteTags", "ec2:ModifyInstanceAttribute", "ec2:StopInstances", "ec2:StartInstances", "ec2:TerminateInstances", "applicationinsights:DescribeApplication", "applicationinsights:DescribeComponent", "applicationinsights:DescribeComponentConfiguration", "applicationinsights:DescribeComponentConfigurationRecommendation", "applicationinsights:DescribeLogPattern", "applicationinsights:DescribeObservation", "applicationinsights:DescribeProblem", "applicationinsights:DescribeProblemObservations", "applicationinsights:DescribeWorkload", "applicationinsights:ListApplications", "applicationinsights:ListComponents", "applicationinsights:ListConfigurationHistory", "applicationinsights:ListLogPatternSets", "applicationinsights:ListLogPatterns", "applicationinsights:ListProblems", "applicationinsights:ListTagsForResource", "applicationinsights:ListWorkloads", "cloudformation:ListStackResources", "applicationinsights:CreateApplication", "applicationinsights:CreateComponent", "applicationinsights:UpdateApplication", "applicationinsights:DeleteApplication", "applicationinsights:UpdateComponentConfiguration", "applicationinsights:DeleteComponent", "resource-groups:CreateGroup", "resource-groups:GetGroup", "resource-groups:UpdateGroup", "resource-groups:DeleteGroup", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSServiceRoleForSMS", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-10-15T17:28:13+00:00", "version": "v10" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonDataZoneGlueManageAccessRolePolicy", "createdate": "2024-04-01T19:05:41Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "glue:ListDataQualityResults", "glue:GetDataQualityResult", "glue:CreateTable", "glue:DeleteTable", "glue:GetDatabases", "glue:GetTables", "lakeformation:BatchGrantPermissions", "lakeformation:BatchRevokePermissions", "lakeformation:CreateLakeFormationOptIn", "lakeformation:DeleteLakeFormationOptIn", "lakeformation:GrantPermissions", "lakeformation:GetResourceLFTags", "lakeformation:ListLakeFormationOptIns", "lakeformation:ListPermissions", "lakeformation:RegisterResource", "lakeformation:RevokePermissions", "glue:GetDatabase", "glue:GetTable", "organizations:DescribeOrganization", "ram:GetResourceShareInvitations", "ram:ListResources", "glue:DeleteResourcePolicy", "glue:PutResourcePolicy", "ram:CreateResourceShare", "ram:AcceptResourceShareInvitation", "ram:AssociateResourceShare", "ram:DeleteResourceShare", "ram:DisassociateResourceShare", "ram:GetResourceShares", "ram:ListResourceSharePermissions", "ram:UpdateResourceShare", "ram:AssociateResourceSharePermission", "kms:Decrypt", "iam:GetRole", "iam:PassRole" ], "malformed": false, "name": "AmazonDataZoneGlueManageAccessRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-04-01T19:05:41+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": null, "createdate": "2023-04-04T02:48:38Z", "credentials_exposure": true, "data_access": true, "deprecated": true, "effective_action_names": [ "iam:CreateRole", "iam:DetachRolePolicy", "iam:DeleteRolePolicy", "iam:AttachRolePolicy", "iam:PutRolePolicy", "iam:DeleteRole", "kms:CreateKey", "kms:TagResource", "athena:CreateWorkGroup", "athena:TagResource", "iam:TagRole", "iam:TagPolicy", "logs:CreateLogGroup", "logs:TagLogGroup", "ssm:AddTagsToResource", "athena:DeleteWorkGroup", "kms:ScheduleKeyDeletion", "kms:DescribeKey", "kms:EnableKeyRotation", "kms:DisableKeyRotation", "kms:GenerateDataKey", "kms:Encrypt", "kms:Decrypt", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateTags", "iam:DeletePolicy", "s3:DeleteBucket", "ssm:GetParameter", "ssm:GetParameterHistory", "ssm:GetParameters", "ssm:GetParametersByPath", "ssm:PutParameter", "ssm:DeleteParameter", "iam:GetRole", "iam:GetPolicy", "iam:GetRolePolicy", "iam:CreatePolicy", "iam:ListPolicyVersions", "lakeformation:RegisterResource", "lakeformation:DeregisterResource", "lakeformation:GrantPermissions", "lakeformation:PutDataLakeSettings", "lakeformation:GetDataLakeSettings", "lakeformation:RevokePermissions", "lakeformation:ListPermissions", "glue:CreateDatabase", "glue:DeleteDatabase", "glue:GetDatabases", "glue:GetDatabase", "sts:GetCallerIdentity", "iam:PassRole", "s3:PutEncryptionConfiguration", "s3:PutBucketPublicAccessBlock", "s3:DeleteBucketPolicy", "s3:CreateBucket", "s3:PutBucketPolicy", "s3:PutBucketAcl", "s3:PutBucketVersioning", "s3:PutBucketTagging", "s3:PutBucketLogging", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:GetEncryptionConfiguration", "s3:DeleteObject", "s3:DeleteObjectTagging", "s3:DeleteObjectVersion", "s3:DeleteObjectVersionTagging", "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionAcl", "s3:PutObjectVersionTagging", "s3:AbortMultipartUpload", "athena:GetCalculationExecution", "athena:GetCalculationExecutionCode", "athena:GetCalculationExecutionStatus", "athena:GetCapacityAssignmentConfiguration", "athena:GetCapacityReservation", "athena:GetCatalogs", "athena:GetDataCatalog", "athena:GetDatabase", "athena:GetExecutionEngine", "athena:GetExecutionEngines", "athena:GetNamedQuery", "athena:GetNamespace", "athena:GetNamespaces", "athena:GetNotebookMetadata", "athena:GetPreparedStatement", "athena:GetQueryExecution", "athena:GetQueryExecutions", "athena:GetQueryResults", "athena:GetQueryResultsStream", "athena:GetQueryRuntimeStatistics", "athena:GetSession", "athena:GetSessionStatus", "athena:GetTable", "athena:GetTableMetadata", "athena:GetTables", "athena:GetWorkGroup", "athena:ListApplicationDPUSizes", "athena:ListCalculationExecutions", "athena:ListCapacityReservations", "athena:ListDataCatalogs", "athena:ListDatabases", "athena:ListEngineVersions", "athena:ListExecutors", "athena:ListNamedQueries", "athena:ListNotebookMetadata", "athena:ListNotebookSessions", "athena:ListPreparedStatements", "athena:ListQueryExecutions", "athena:ListSessions", "athena:ListTableMetadata", "athena:ListTagsForResource", "athena:ListWorkGroups", "ec2:CreateSecurityGroup", "ec2:RevokeSecurityGroupEgress", "ec2:DeleteSecurityGroup", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:GetAssociatedEnclaveCertificateIamRoles", "ec2:GetAssociatedIpv6PoolCidrs", "ec2:GetAwsNetworkPerformanceData", "ec2:GetCapacityReservationUsage", "ec2:GetCoipPoolUsage", "ec2:GetConsoleOutput", "ec2:GetConsoleScreenshot", "ec2:GetDefaultCreditSpecification", "ec2:GetEbsDefaultKmsKeyId", "ec2:GetEbsEncryptionByDefault", "ec2:GetFlowLogsIntegrationTemplate", "ec2:GetGroupsForCapacityReservation", "ec2:GetHostReservationPurchasePreview", "ec2:GetImageBlockPublicAccessState", "ec2:GetInstanceMetadataDefaults", "ec2:GetInstanceTypesFromInstanceRequirements", "ec2:GetInstanceUefiData", "ec2:GetIpamAddressHistory", "ec2:GetIpamDiscoveredAccounts", "ec2:GetIpamDiscoveredPublicAddresses", "ec2:GetIpamDiscoveredResourceCidrs", "ec2:GetIpamPoolAllocations", "ec2:GetIpamPoolCidrs", "ec2:GetIpamResourceCidrs", "ec2:GetLaunchTemplateData", "ec2:GetManagedPrefixListAssociations", "ec2:GetManagedPrefixListEntries", "ec2:GetNetworkInsightsAccessScopeAnalysisFindings", "ec2:GetNetworkInsightsAccessScopeContent", "ec2:GetPasswordData", "ec2:GetReservedInstancesExchangeQuote", "ec2:GetResourcePolicy", "ec2:GetSecurityGroupsForVpc", "ec2:GetSerialConsoleAccessStatus", "ec2:GetSnapshotBlockPublicAccessState", "ec2:GetSpotPlacementScores", "ec2:GetSubnetCidrReservations", "ec2:GetTransitGatewayAttachmentPropagations", "ec2:GetTransitGatewayMulticastDomainAssociations", "ec2:GetTransitGatewayPolicyTableAssociations", "ec2:GetTransitGatewayPolicyTableEntries", "ec2:GetTransitGatewayPrefixListReferences", "ec2:GetTransitGatewayRouteTableAssociations", "ec2:GetTransitGatewayRouteTablePropagations", "ec2:GetVerifiedAccessEndpointPolicy", "ec2:GetVerifiedAccessGroupPolicy", "ec2:GetVerifiedAccessInstanceWebAcl", "ec2:GetVpnConnectionDeviceSampleConfiguration", "ec2:GetVpnConnectionDeviceTypes", "ec2:GetVpnTunnelReplacementStatus", "ec2:ListImagesInRecycleBin", "ec2:ListSnapshotsInRecycleBin", "logs:PutRetentionPolicy", "logs:DescribeLogGroups", "logs:DeleteLogGroup", "logs:DeleteRetentionPolicy", "kms:PutKeyPolicy", "ec2:CreateVpcEndpoint", "ec2:CreateVpcEndpoint", "cloudformation:DescribeStacks", "cloudformation:DescribeStackEvents", "cloudformation:GetTemplate", "cloudformation:DescribeChangeSet", "cloudformation:CreateChangeSet", "cloudformation:ExecuteChangeSet", "cloudformation:DeleteChangeSet", "cloudformation:CreateStack", "cloudformation:UpdateStack", "cloudformation:DeleteStack", "cloudformation:TagResource", "cloudformation:GetTemplateSummary" ], "malformed": true, "name": "AmazonDataZoneProjectDeploymentPermissionsBoundary", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v2" }, { "access_levels": [], "arn": "arn:aws:iam::aws:policy/AWSCompromisedKeyQuarantineV2", "createdate": "2023-03-16T00:20:25Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [], "malformed": false, "name": "AWSCompromisedKeyQuarantineV2", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-16T00:20:25+00:00", "version": "v4" }, { "access_levels": [], "arn": null, "createdate": "2018-04-24T20:14:16Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [], "malformed": false, "name": "AmazonSumerianFullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": true, "updatedate": null, "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSPanoramaSageMakerRolePolicy", "createdate": "2020-12-01T13:13:54Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:GetObject", "s3:PutObject", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite" ], "malformed": false, "name": "AWSPanoramaSageMakerRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-01T13:13:54+00:00", "version": "v1" }, { "access_levels": [ "Read" ], "arn": "arn:aws:iam::aws:policy/ElementalActivationsGenerateLicenses", "createdate": "2020-08-28T18:28:58Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elemental-activations:GetActivation", "elemental-activations:GenerateLicenses", "elemental-activations:StartFileUpload", "elemental-activations:CompleteFileUpload" ], "malformed": false, "name": "ElementalActivationsGenerateLicenses", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-08-28T18:28:58+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management", "Unknown" ], "arn": null, "createdate": "2017-11-27T23:22:38Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "cloudformation:DescribeChangeSet", "cloudformation:DescribeStackResources", "cloudformation:DescribeStacks", "cloudformation:GetTemplate", "cloudformation:ListStackResources", "cloudwatch:BatchGetServiceLevelIndicatorReport", "cloudwatch:BatchGetServiceLevelObjectiveBudgetReport", "cloudwatch:CreateServiceLevelObjective", "cloudwatch:DeleteAlarms", "cloudwatch:DeleteAnomalyDetector", "cloudwatch:DeleteDashboards", "cloudwatch:DeleteInsightRules", "cloudwatch:DeleteMetricStream", "cloudwatch:DeleteServiceLevelObjective", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "cloudwatch:DisableAlarmActions", "cloudwatch:DisableInsightRules", "cloudwatch:EnableAlarmActions", "cloudwatch:EnableInsightRules", "cloudwatch:EnableTopologyDiscovery", "cloudwatch:GenerateQuery", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:Link", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "cloudwatch:PutAnomalyDetector", "cloudwatch:PutCompositeAlarm", "cloudwatch:PutDashboard", "cloudwatch:PutInsightRule", "cloudwatch:PutManagedInsightRules", "cloudwatch:PutMetricAlarm", "cloudwatch:PutMetricData", "cloudwatch:PutMetricStream", "cloudwatch:SetAlarmState", "cloudwatch:StartMetricStreams", "cloudwatch:StopMetricStreams", "cloudwatch:TagResource", "cloudwatch:UntagResource", "cloudwatch:UpdateServiceLevelObjective", "cognito-identity:ListIdentityPools", "cognito-sync:GetCognitoEvents", "cognito-sync:SetCognitoEvents", "dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:ConditionCheckItem", "dynamodb:CreateBackup", "dynamodb:CreateGlobalTable", "dynamodb:CreateTable", "dynamodb:CreateTableReplica", "dynamodb:DeleteBackup", "dynamodb:DeleteItem", "dynamodb:DeleteResourcePolicy", "dynamodb:DeleteTable", "dynamodb:DeleteTableReplica", "dynamodb:DescribeBackup", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeContributorInsights", "dynamodb:DescribeEndpoints", "dynamodb:DescribeExport", "dynamodb:DescribeGlobalTable", "dynamodb:DescribeGlobalTableSettings", "dynamodb:DescribeImport", "dynamodb:DescribeKinesisStreamingDestination", "dynamodb:DescribeLimits", "dynamodb:DescribeReservedCapacity", "dynamodb:DescribeReservedCapacityOfferings", "dynamodb:DescribeStream", "dynamodb:DescribeTable", "dynamodb:DescribeTableReplicaAutoScaling", "dynamodb:DescribeTimeToLive", "dynamodb:DisableKinesisStreamingDestination", "dynamodb:EnableKinesisStreamingDestination", "dynamodb:ExportTableToPointInTime", "dynamodb:GetItem", "dynamodb:GetRecords", "dynamodb:GetResourcePolicy", "dynamodb:GetShardIterator", "dynamodb:ImportTable", "dynamodb:ListBackups", "dynamodb:ListContributorInsights", "dynamodb:ListExports", "dynamodb:ListGlobalTables", "dynamodb:ListImports", "dynamodb:ListStreams", "dynamodb:ListTables", "dynamodb:ListTagsOfResource", "dynamodb:PartiQLDelete", "dynamodb:PartiQLInsert", "dynamodb:PartiQLSelect", "dynamodb:PartiQLUpdate", "dynamodb:PurchaseReservedCapacityOfferings", "dynamodb:PutItem", "dynamodb:PutResourcePolicy", "dynamodb:Query", "dynamodb:RestoreTableFromAwsBackup", "dynamodb:RestoreTableFromBackup", "dynamodb:RestoreTableToPointInTime", "dynamodb:Scan", "dynamodb:StartAwsBackupJob", "dynamodb:TagResource", "dynamodb:UntagResource", "dynamodb:UpdateContinuousBackups", "dynamodb:UpdateContributorInsights", "dynamodb:UpdateGlobalTable", "dynamodb:UpdateGlobalTableSettings", "dynamodb:UpdateGlobalTableVersion", "dynamodb:UpdateItem", "dynamodb:UpdateKinesisStreamingDestination", "dynamodb:UpdateTable", "dynamodb:UpdateTableReplicaAutoScaling", "dynamodb:UpdateTimeToLive", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "events:ActivateEventSource", "events:CancelReplay", "events:CreateApiDestination", "events:CreateArchive", "events:CreateConnection", "events:CreateEndpoint", "events:CreateEventBus", "events:CreatePartnerEventSource", "events:DeactivateEventSource", "events:DeauthorizeConnection", "events:DeleteApiDestination", "events:DeleteArchive", "events:DeleteConnection", "events:DeleteEndpoint", "events:DeleteEventBus", "events:DeletePartnerEventSource", "events:DeleteRule", "events:DescribeApiDestination", "events:DescribeArchive", "events:DescribeConnection", "events:DescribeEndpoint", "events:DescribeEventBus", "events:DescribeEventSource", "events:DescribePartnerEventSource", "events:DescribeReplay", "events:DescribeRule", "events:DisableRule", "events:EnableRule", "events:InvokeApiDestination", "events:ListApiDestinations", "events:ListArchives", "events:ListConnections", "events:ListEndpoints", "events:ListEventBuses", "events:ListEventSources", "events:ListPartnerEventSourceAccounts", "events:ListPartnerEventSources", "events:ListReplays", "events:ListRuleNamesByTarget", "events:ListRules", "events:ListTagsForResource", "events:ListTargetsByRule", "events:PutEvents", "events:PutPartnerEvents", "events:PutPermission", "events:PutRule", "events:PutTargets", "events:RemovePermission", "events:RemoveTargets", "events:RetrieveConnectionCredentials", "events:StartReplay", "events:TagResource", "events:TestEventPattern", "events:UntagResource", "events:UpdateApiDestination", "events:UpdateArchive", "events:UpdateConnection", "events:UpdateEndpoint", "iam:GetPolicy", "iam:GetPolicyVersion", "iam:GetRole", "iam:GetRolePolicy", "iam:ListAttachedRolePolicies", "iam:ListRolePolicies", "iam:ListRoles", "iam:PassRole", "iot:AttachPrincipalPolicy", "iot:AttachThingPrincipal", "iot:CreateKeysAndCertificate", "iot:CreatePolicy", "iot:CreateThing", "iot:CreateTopicRule", "iot:DescribeEndpoint", "iot:GetTopicRule", "iot:ListPolicies", "iot:ListThings", "iot:ListTopicRules", "iot:ReplaceTopicRule", "kinesis:DescribeStream", "kinesis:ListStreams", "kinesis:PutRecord", "kms:ListAliases", "lambda:AddLayerVersionPermission", "lambda:AddPermission", "lambda:CreateAlias", "lambda:CreateCodeSigningConfig", "lambda:CreateEventSourceMapping", "lambda:CreateFunction", "lambda:CreateFunctionUrlConfig", "lambda:DeleteAlias", "lambda:DeleteCodeSigningConfig", "lambda:DeleteEventSourceMapping", "lambda:DeleteFunction", "lambda:DeleteFunctionCodeSigningConfig", "lambda:DeleteFunctionConcurrency", "lambda:DeleteFunctionEventInvokeConfig", "lambda:DeleteFunctionUrlConfig", "lambda:DeleteLayerVersion", "lambda:DeleteProvisionedConcurrencyConfig", "lambda:DisableReplication", "lambda:EnableReplication", "lambda:GetAccountSettings", "lambda:GetAlias", "lambda:GetCodeSigningConfig", "lambda:GetEventSourceMapping", "lambda:GetFunction", "lambda:GetFunctionCodeSigningConfig", "lambda:GetFunctionConcurrency", "lambda:GetFunctionConfiguration", "lambda:GetFunctionEventInvokeConfig", "lambda:GetFunctionUrlConfig", "lambda:GetLayerVersion", "lambda:GetLayerVersionPolicy", "lambda:GetPolicy", "lambda:GetProvisionedConcurrencyConfig", "lambda:GetRuntimeManagementConfig", "lambda:InvokeAsync", "lambda:InvokeFunction", "lambda:InvokeFunctionUrl", "lambda:ListAliases", "lambda:ListCodeSigningConfigs", "lambda:ListEventSourceMappings", "lambda:ListFunctionEventInvokeConfigs", "lambda:ListFunctionUrlConfigs", "lambda:ListFunctions", "lambda:ListFunctionsByCodeSigningConfig", "lambda:ListLayerVersions", "lambda:ListLayers", "lambda:ListProvisionedConcurrencyConfigs", "lambda:ListTags", "lambda:ListVersionsByFunction", "lambda:PublishLayerVersion", "lambda:PublishVersion", "lambda:PutFunctionCodeSigningConfig", "lambda:PutFunctionConcurrency", "lambda:PutFunctionEventInvokeConfig", "lambda:PutProvisionedConcurrencyConfig", "lambda:PutRuntimeManagementConfig", "lambda:RemoveLayerVersionPermission", "lambda:RemovePermission", "lambda:TagResource", "lambda:UntagResource", "lambda:UpdateAlias", "lambda:UpdateCodeSigningConfig", "lambda:UpdateEventSourceMapping", "lambda:UpdateFunctionCode", "lambda:UpdateFunctionCodeSigningConfig", "lambda:UpdateFunctionConfiguration", "lambda:UpdateFunctionEventInvokeConfig", "lambda:UpdateFunctionUrlConfig", "logs:AssociateKmsKey", "logs:CancelExportTask", "logs:CreateDelivery", "logs:CreateExportTask", "logs:CreateLogAnomalyDetector", "logs:CreateLogDelivery", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DeleteAccountPolicy", "logs:DeleteDataProtectionPolicy", "logs:DeleteDelivery", "logs:DeleteDeliveryDestination", "logs:DeleteDeliveryDestinationPolicy", "logs:DeleteDeliverySource", "logs:DeleteDestination", "logs:DeleteLogAnomalyDetector", "logs:DeleteLogDelivery", "logs:DeleteLogGroup", "logs:DeleteLogStream", "logs:DeleteMetricFilter", "logs:DeleteQueryDefinition", "logs:DeleteResourcePolicy", "logs:DeleteRetentionPolicy", "logs:DeleteSubscriptionFilter", "logs:DescribeAccountPolicies", "logs:DescribeDeliveries", "logs:DescribeDeliveryDestinations", "logs:DescribeDeliverySources", "logs:DescribeDestinations", "logs:DescribeExportTasks", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:DescribeMetricFilters", "logs:DescribeQueries", "logs:DescribeQueryDefinitions", "logs:DescribeResourcePolicies", "logs:DescribeSubscriptionFilters", "logs:DisassociateKmsKey", "logs:FilterLogEvents", "logs:GetDataProtectionPolicy", "logs:GetDelivery", "logs:GetDeliveryDestination", "logs:GetDeliveryDestinationPolicy", "logs:GetDeliverySource", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetLogRecord", "logs:GetQueryResults", "logs:Link", "logs:ListAnomalies", "logs:ListLogAnomalyDetectors", "logs:ListLogDeliveries", "logs:ListTagsForResource", "logs:ListTagsLogGroup", "logs:PutAccountPolicy", "logs:PutDataProtectionPolicy", "logs:PutDeliveryDestination", "logs:PutDeliveryDestinationPolicy", "logs:PutDeliverySource", "logs:PutDestination", "logs:PutDestinationPolicy", "logs:PutLogEvents", "logs:PutMetricFilter", "logs:PutQueryDefinition", "logs:PutResourcePolicy", "logs:PutRetentionPolicy", "logs:PutSubscriptionFilter", "logs:StartLiveTail", "logs:StartQuery", "logs:StopLiveTail", "logs:StopQuery", "logs:TagLogGroup", "logs:TagResource", "logs:TestMetricFilter", "logs:Unmask", "logs:UntagLogGroup", "logs:UntagResource", "logs:UpdateAnomaly", "logs:UpdateLogAnomalyDetector", "logs:UpdateLogDelivery", "s3:AbortMultipartUpload", "s3:AssociateAccessGrantsIdentityCenter", "s3:BypassGovernanceRetention", "s3:CreateAccessGrant", "s3:CreateAccessGrantsInstance", "s3:CreateAccessGrantsLocation", "s3:CreateAccessPoint", "s3:CreateAccessPointForObjectLambda", "s3:CreateBucket", "s3:CreateJob", "s3:CreateMultiRegionAccessPoint", "s3:CreateStorageLensGroup", "s3:DeleteAccessGrant", "s3:DeleteAccessGrantsInstance", "s3:DeleteAccessGrantsInstanceResourcePolicy", "s3:DeleteAccessGrantsLocation", "s3:DeleteAccessPoint", "s3:DeleteAccessPointForObjectLambda", "s3:DeleteAccessPointPolicy", "s3:DeleteAccessPointPolicyForObjectLambda", "s3:DeleteBucket", "s3:DeleteBucketPolicy", "s3:DeleteBucketWebsite", "s3:DeleteIntelligentTieringConfiguration", "s3:DeleteJobTagging", "s3:DeleteMultiRegionAccessPoint", "s3:DeleteObject", "s3:DeleteObjectTagging", "s3:DeleteObjectVersion", "s3:DeleteObjectVersionTagging", "s3:DeleteStorageLensConfiguration", "s3:DeleteStorageLensConfigurationTagging", "s3:DeleteStorageLensGroup", "s3:DescribeJob", "s3:DescribeMultiRegionAccessPointOperation", "s3:DissociateAccessGrantsIdentityCenter", "s3:GetAccelerateConfiguration", "s3:GetAccessGrant", "s3:GetAccessGrantsInstance", "s3:GetAccessGrantsInstanceForPrefix", "s3:GetAccessGrantsInstanceResourcePolicy", "s3:GetAccessGrantsLocation", "s3:GetAccessPoint", "s3:GetAccessPointConfigurationForObjectLambda", "s3:GetAccessPointForObjectLambda", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyForObjectLambda", "s3:GetAccessPointPolicyStatus", "s3:GetAccessPointPolicyStatusForObjectLambda", "s3:GetAccountPublicAccessBlock", "s3:GetAnalyticsConfiguration", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketObjectLockConfiguration", "s3:GetBucketOwnershipControls", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:GetBucketPublicAccessBlock", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetDataAccess", "s3:GetEncryptionConfiguration", "s3:GetIntelligentTieringConfiguration", "s3:GetInventoryConfiguration", "s3:GetJobTagging", "s3:GetLifecycleConfiguration", "s3:GetMetricsConfiguration", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:GetMultiRegionAccessPointRoutes", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectAttributes", "s3:GetObjectLegalHold", "s3:GetObjectRetention", "s3:GetObjectTagging", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionAttributes", "s3:GetObjectVersionForReplication", "s3:GetObjectVersionTagging", "s3:GetObjectVersionTorrent", "s3:GetReplicationConfiguration", "s3:GetStorageLensConfiguration", "s3:GetStorageLensConfigurationTagging", "s3:GetStorageLensDashboard", "s3:GetStorageLensGroup", "s3:InitiateReplication", "s3:ListAccessGrants", "s3:ListAccessGrantsInstances", "s3:ListAccessGrantsLocations", "s3:ListAccessPoints", "s3:ListAccessPointsForObjectLambda", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListJobs", "s3:ListMultiRegionAccessPoints", "s3:ListMultipartUploadParts", "s3:ListStorageLensConfigurations", "s3:ListStorageLensGroups", "s3:ListTagsForResource", "s3:ObjectOwnerOverrideToBucketOwner", "s3:PutAccelerateConfiguration", "s3:PutAccessGrantsInstanceResourcePolicy", "s3:PutAccessPointConfigurationForObjectLambda", "s3:PutAccessPointPolicy", "s3:PutAccessPointPolicyForObjectLambda", "s3:PutAccessPointPublicAccessBlock", "s3:PutAccountPublicAccessBlock", "s3:PutAnalyticsConfiguration", "s3:PutBucketAcl", "s3:PutBucketCORS", "s3:PutBucketLogging", "s3:PutBucketNotification", "s3:PutBucketObjectLockConfiguration", "s3:PutBucketOwnershipControls", "s3:PutBucketPolicy", "s3:PutBucketPublicAccessBlock", "s3:PutBucketRequestPayment", "s3:PutBucketTagging", "s3:PutBucketVersioning", "s3:PutBucketWebsite", "s3:PutEncryptionConfiguration", "s3:PutIntelligentTieringConfiguration", "s3:PutInventoryConfiguration", "s3:PutJobTagging", "s3:PutLifecycleConfiguration", "s3:PutMetricsConfiguration", "s3:PutMultiRegionAccessPointPolicy", "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectLegalHold", "s3:PutObjectRetention", "s3:PutObjectTagging", "s3:PutObjectVersionAcl", "s3:PutObjectVersionTagging", "s3:PutReplicationConfiguration", "s3:PutStorageLensConfiguration", "s3:PutStorageLensConfigurationTagging", "s3:ReplicateDelete", "s3:ReplicateObject", "s3:ReplicateTags", "s3:RestoreObject", "s3:SubmitMultiRegionAccessPointRoutes", "s3:TagResource", "s3:UntagResource", "s3:UpdateAccessGrantsLocation", "s3:UpdateJobPriority", "s3:UpdateJobStatus", "s3:UpdateStorageLensGroup", "sns:ListSubscriptions", "sns:ListSubscriptionsByTopic", "sns:ListTopics", "sns:Publish", "sns:Subscribe", "sns:Unsubscribe", "sqs:ListQueues", "sqs:SendMessage", "tag:GetResources", "xray:PutTelemetryRecords", "xray:PutTraceSegments" ], "malformed": false, "name": "AWSLambdaFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": true, "unknown_actions": false, "updatedate": null, "version": "v8" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSPanoramaServiceLinkedRolePolicy", "createdate": "2021-10-20T12:12:50Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iot:CreateThing", "iot:DeleteThing", "iot:DeleteThingShadow", "iot:DescribeThing", "iot:GetThingShadow", "iot:UpdateThing", "iot:UpdateThingShadow", "iot:AttachThingPrincipal", "iot:DetachThingPrincipal", "iot:UpdateCertificate", "iot:DeleteCertificate", "iot:AttachPrincipalPolicy", "iot:DetachPrincipalPolicy", "iot:CreateKeysAndCertificate", "iot:CreatePolicy", "iot:CreatePolicyVersion", "iot:AttachPolicy", "iot:DescribeJobExecution", "iot:CreateJob", "iot:DeleteJob", "iot:DescribeEndpoint", "panorama:DescribeApplicationInstance", "panorama:DescribeApplicationInstanceDetails", "panorama:DescribeDevice", "panorama:DescribeDeviceJob", "panorama:DescribeNode", "panorama:DescribeNodeFromTemplateJob", "panorama:DescribePackage", "panorama:DescribePackageImportJob", "panorama:DescribePackageVersion", "panorama:DescribeSoftware", "panorama:ListApplicationInstanceDependencies", "panorama:ListApplicationInstanceNodeInstances", "panorama:ListApplicationInstances", "panorama:ListDevices", "panorama:ListDevicesJobs", "panorama:ListNodeFromTemplateJobs", "panorama:ListNodes", "panorama:ListPackageImportJobs", "panorama:ListPackages", "panorama:ListTagsForResource", "secretsmanager:GetSecretValue", "secretsmanager:DescribeSecret", "secretsmanager:CreateSecret", "secretsmanager:ListSecretVersionIds", "secretsmanager:DeleteSecret" ], "malformed": false, "name": "AWSPanoramaServiceLinkedRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-10-20T12:12:50+00:00", "version": "v1" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSElasticBeanstalkMulticontainerDocker", "createdate": "2023-03-23T22:04:20Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ecs:Poll", "ecs:StartTask", "ecs:StopTask", "ecs:DiscoverPollEndpoint", "ecs:StartTelemetrySession", "ecs:RegisterContainerInstance", "ecs:DeregisterContainerInstance", "ecs:DescribeContainerInstances", "ecs:SubmitAttachmentStateChanges", "ecs:SubmitContainerStateChange", "ecs:SubmitTaskStateChange", "ecs:DescribeTasks", "ecs:TagResource" ], "malformed": false, "name": "AWSElasticBeanstalkMulticontainerDocker", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-23T22:04:20+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/ComputeOptimizerReadOnlyAccess", "createdate": "2023-08-28T19:22:58Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "compute-optimizer:DescribeRecommendationExportJobs", "compute-optimizer:GetEnrollmentStatus", "compute-optimizer:GetEnrollmentStatusesForOrganization", "compute-optimizer:GetRecommendationSummaries", "compute-optimizer:GetEC2InstanceRecommendations", "compute-optimizer:GetEC2RecommendationProjectedMetrics", "compute-optimizer:GetAutoScalingGroupRecommendations", "compute-optimizer:GetEBSVolumeRecommendations", "compute-optimizer:GetLambdaFunctionRecommendations", "compute-optimizer:GetRecommendationPreferences", "compute-optimizer:GetEffectiveRecommendationPreferences", "compute-optimizer:GetECSServiceRecommendations", "compute-optimizer:GetECSServiceRecommendationProjectedMetrics", "compute-optimizer:GetLicenseRecommendations", "ec2:DescribeInstances", "ec2:DescribeVolumes", "ecs:ListServices", "ecs:ListClusters", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "lambda:ListFunctions", "lambda:ListProvisionedConcurrencyConfigs", "cloudwatch:GetMetricData", "organizations:ListAccounts", "organizations:DescribeOrganization", "organizations:DescribeAccount" ], "malformed": false, "name": "ComputeOptimizerReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-08-28T19:22:58+00:00", "version": "v7" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/CloudSearchFullAccess", "createdate": "2015-02-06T18:39:56Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudsearch:AddTags", "cloudsearch:BuildSuggesters", "cloudsearch:CreateDomain", "cloudsearch:DefineAnalysisScheme", "cloudsearch:DefineExpression", "cloudsearch:DefineIndexField", "cloudsearch:DefineSuggester", "cloudsearch:DeleteAnalysisScheme", "cloudsearch:DeleteDomain", "cloudsearch:DeleteExpression", "cloudsearch:DeleteIndexField", "cloudsearch:DeleteSuggester", "cloudsearch:DescribeAnalysisSchemes", "cloudsearch:DescribeAvailabilityOptions", "cloudsearch:DescribeDomainEndpointOptions", "cloudsearch:DescribeDomains", "cloudsearch:DescribeExpressions", "cloudsearch:DescribeIndexFields", "cloudsearch:DescribeScalingParameters", "cloudsearch:DescribeServiceAccessPolicies", "cloudsearch:DescribeSuggesters", "cloudsearch:IndexDocuments", "cloudsearch:ListDomainNames", "cloudsearch:ListTags", "cloudsearch:RemoveTags", "cloudsearch:UpdateAvailabilityOptions", "cloudsearch:UpdateDomainEndpointOptions", "cloudsearch:UpdateScalingParameters", "cloudsearch:UpdateServiceAccessPolicies", "cloudsearch:document", "cloudsearch:search", "cloudsearch:suggest" ], "malformed": false, "name": "CloudSearchFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:39:56+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/job-function/NetworkAdministrator", "createdate": "2021-09-16T20:22:54Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "cloudfront:ListDistributions", "cloudwatch:DeleteAlarms", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricStatistics", "cloudwatch:PutMetricAlarm", "directconnect:AcceptDirectConnectGatewayAssociationProposal", "directconnect:AllocateConnectionOnInterconnect", "directconnect:AllocateHostedConnection", "directconnect:AllocatePrivateVirtualInterface", "directconnect:AllocatePublicVirtualInterface", "directconnect:AllocateTransitVirtualInterface", "directconnect:AssociateConnectionWithLag", "directconnect:AssociateHostedConnection", "directconnect:AssociateMacSecKey", "directconnect:AssociateVirtualInterface", "directconnect:ConfirmConnection", "directconnect:ConfirmCustomerAgreement", "directconnect:ConfirmPrivateVirtualInterface", "directconnect:ConfirmPublicVirtualInterface", "directconnect:ConfirmTransitVirtualInterface", "directconnect:CreateBGPPeer", "directconnect:CreateConnection", "directconnect:CreateDirectConnectGateway", "directconnect:CreateDirectConnectGatewayAssociation", "directconnect:CreateDirectConnectGatewayAssociationProposal", "directconnect:CreateInterconnect", "directconnect:CreateLag", "directconnect:CreatePrivateVirtualInterface", "directconnect:CreatePublicVirtualInterface", "directconnect:CreateTransitVirtualInterface", "directconnect:DeleteBGPPeer", "directconnect:DeleteConnection", "directconnect:DeleteDirectConnectGateway", "directconnect:DeleteDirectConnectGatewayAssociation", "directconnect:DeleteDirectConnectGatewayAssociationProposal", "directconnect:DeleteInterconnect", "directconnect:DeleteLag", "directconnect:DeleteVirtualInterface", "directconnect:DescribeConnectionLoa", "directconnect:DescribeConnections", "directconnect:DescribeConnectionsOnInterconnect", "directconnect:DescribeCustomerMetadata", "directconnect:DescribeDirectConnectGatewayAssociationProposals", "directconnect:DescribeDirectConnectGatewayAssociations", "directconnect:DescribeDirectConnectGatewayAttachments", "directconnect:DescribeDirectConnectGateways", "directconnect:DescribeHostedConnections", "directconnect:DescribeInterconnectLoa", "directconnect:DescribeInterconnects", "directconnect:DescribeLags", "directconnect:DescribeLoa", "directconnect:DescribeLocations", "directconnect:DescribeRouterConfiguration", "directconnect:DescribeTags", "directconnect:DescribeVirtualGateways", "directconnect:DescribeVirtualInterfaces", "directconnect:DisassociateConnectionFromLag", "directconnect:DisassociateMacSecKey", "directconnect:ListVirtualInterfaceTestHistory", "directconnect:StartBgpFailoverTest", "directconnect:StopBgpFailoverTest", "directconnect:TagResource", "directconnect:UntagResource", "directconnect:UpdateConnection", "directconnect:UpdateDirectConnectGateway", "directconnect:UpdateDirectConnectGatewayAssociation", "directconnect:UpdateLag", "directconnect:UpdateVirtualInterfaceAttributes", "ec2:AcceptVpcEndpointConnections", "ec2:AllocateAddress", "ec2:AssignIpv6Addresses", "ec2:AssignPrivateIpAddresses", "ec2:AssociateAddress", "ec2:AssociateDhcpOptions", "ec2:AssociateRouteTable", "ec2:AssociateSubnetCidrBlock", "ec2:AssociateVpcCidrBlock", "ec2:AttachInternetGateway", "ec2:AttachNetworkInterface", "ec2:AttachVpnGateway", "ec2:CreateCarrierGateway", "ec2:CreateCustomerGateway", "ec2:CreateDefaultSubnet", "ec2:CreateDefaultVpc", "ec2:CreateDhcpOptions", "ec2:CreateEgressOnlyInternetGateway", "ec2:CreateFlowLogs", "ec2:CreateInternetGateway", "ec2:CreateNatGateway", "ec2:CreateNetworkAcl", "ec2:CreateNetworkAclEntry", "ec2:CreateNetworkInterface", "ec2:CreateNetworkInterfacePermission", "ec2:CreatePlacementGroup", "ec2:CreateRoute", "ec2:CreateRouteTable", "ec2:CreateSecurityGroup", "ec2:CreateSubnet", "ec2:CreateTags", "ec2:CreateVpc", "ec2:CreateVpcEndpoint", "ec2:CreateVpcEndpointConnectionNotification", "ec2:CreateVpcEndpointServiceConfiguration", "ec2:CreateVpnConnection", "ec2:CreateVpnConnectionRoute", "ec2:CreateVpnGateway", "ec2:DeleteCarrierGateway", "ec2:DeleteEgressOnlyInternetGateway", "ec2:DeleteFlowLogs", "ec2:DeleteNatGateway", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DeletePlacementGroup", "ec2:DeleteSubnet", "ec2:DeleteTags", "ec2:DeleteVpc", "ec2:DeleteVpcEndpointConnectionNotifications", "ec2:DeleteVpcEndpointServiceConfigurations", "ec2:DeleteVpcEndpoints", "ec2:DeleteVpnConnection", "ec2:DeleteVpnConnectionRoute", "ec2:DeleteVpnGateway", "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DescribeAvailabilityZones", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeFlowLogs", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeKeyPairs", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:DescribePublicIpv4Pools", "ec2:DescribeIpv6Pools", "ec2:DetachInternetGateway", "ec2:DetachNetworkInterface", "ec2:DetachVpnGateway", "ec2:DisableVgwRoutePropagation", "ec2:DisableVpcClassicLinkDnsSupport", "ec2:DisassociateAddress", "ec2:DisassociateRouteTable", "ec2:DisassociateSubnetCidrBlock", "ec2:DisassociateVpcCidrBlock", "ec2:EnableVgwRoutePropagation", "ec2:EnableVpcClassicLinkDnsSupport", "ec2:ModifyNetworkInterfaceAttribute", "ec2:ModifySecurityGroupRules", "ec2:ModifySubnetAttribute", "ec2:ModifyVpcAttribute", "ec2:ModifyVpcEndpoint", "ec2:ModifyVpcEndpointConnectionNotification", "ec2:ModifyVpcEndpointServiceConfiguration", "ec2:ModifyVpcEndpointServicePermissions", "ec2:ModifyVpcPeeringConnectionOptions", "ec2:ModifyVpcTenancy", "ec2:MoveAddressToVpc", "ec2:RejectVpcEndpointConnections", "ec2:ReleaseAddress", "ec2:ReplaceNetworkAclAssociation", "ec2:ReplaceNetworkAclEntry", "ec2:ReplaceRoute", "ec2:ReplaceRouteTableAssociation", "ec2:ResetNetworkInterfaceAttribute", "ec2:RestoreAddressToClassic", "ec2:UnassignIpv6Addresses", "ec2:UnassignPrivateIpAddresses", "ec2:UpdateSecurityGroupRuleDescriptionsEgress", "ec2:UpdateSecurityGroupRuleDescriptionsIngress", "elasticbeanstalk:DescribeAccountAttributes", "elasticbeanstalk:DescribeApplicationVersions", "elasticbeanstalk:DescribeApplications", "elasticbeanstalk:DescribeConfigurationOptions", "elasticbeanstalk:DescribeConfigurationSettings", "elasticbeanstalk:DescribeEnvironmentHealth", "elasticbeanstalk:DescribeEnvironmentManagedActionHistory", "elasticbeanstalk:DescribeEnvironmentManagedActions", "elasticbeanstalk:DescribeEnvironmentResources", "elasticbeanstalk:DescribeEnvironments", "elasticbeanstalk:DescribeEvents", "elasticbeanstalk:DescribeInstancesHealth", "elasticbeanstalk:DescribePlatformVersion", "elasticbeanstalk:ListAvailableSolutionStacks", "elasticbeanstalk:ListPlatformBranches", "elasticbeanstalk:ListPlatformVersions", "elasticbeanstalk:ListTagsForResource", "elasticbeanstalk:RequestEnvironmentInfo", "elasticbeanstalk:RetrieveEnvironmentInfo", "elasticloadbalancing:AddTags", "elasticloadbalancing:ApplySecurityGroupsToLoadBalancer", "elasticloadbalancing:AttachLoadBalancerToSubnets", "elasticloadbalancing:ConfigureHealthCheck", "elasticloadbalancing:CreateAppCookieStickinessPolicy", "elasticloadbalancing:CreateLBCookieStickinessPolicy", "elasticloadbalancing:CreateLoadBalancer", "elasticloadbalancing:CreateLoadBalancerListeners", "elasticloadbalancing:CreateLoadBalancerPolicy", "elasticloadbalancing:DeleteLoadBalancer", "elasticloadbalancing:DeleteLoadBalancerListeners", "elasticloadbalancing:DeleteLoadBalancerPolicy", "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DetachLoadBalancerFromSubnets", "elasticloadbalancing:DisableAvailabilityZonesForLoadBalancer", "elasticloadbalancing:EnableAvailabilityZonesForLoadBalancer", "elasticloadbalancing:ModifyLoadBalancerAttributes", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:RemoveTags", "elasticloadbalancing:SetLoadBalancerListenerSSLCertificate", "elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer", "elasticloadbalancing:SetLoadBalancerPoliciesOfListener", "elasticloadbalancing:AddListenerCertificates", "elasticloadbalancing:AddTrustStoreRevocations", "elasticloadbalancing:CreateListener", "elasticloadbalancing:CreateRule", "elasticloadbalancing:CreateTargetGroup", "elasticloadbalancing:CreateTrustStore", "elasticloadbalancing:DeleteListener", "elasticloadbalancing:DeleteRule", "elasticloadbalancing:DeleteTargetGroup", "elasticloadbalancing:DeleteTrustStore", "elasticloadbalancing:DeregisterTargets", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "elasticloadbalancing:GetTrustStoreCaCertificatesBundle", "elasticloadbalancing:GetTrustStoreRevocationContent", "elasticloadbalancing:ModifyListener", "elasticloadbalancing:ModifyRule", "elasticloadbalancing:ModifyTargetGroup", "elasticloadbalancing:ModifyTargetGroupAttributes", "elasticloadbalancing:ModifyTrustStore", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:RemoveListenerCertificates", "elasticloadbalancing:RemoveTrustStoreRevocations", "elasticloadbalancing:SetIpAddressType", "elasticloadbalancing:SetRulePriorities", "elasticloadbalancing:SetSecurityGroups", "elasticloadbalancing:SetSubnets", "elasticloadbalancing:SetWebAcl", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:GetLogEvents", "route53:ActivateKeySigningKey", "route53:AssociateVPCWithHostedZone", "route53:ChangeCidrCollection", "route53:ChangeResourceRecordSets", "route53:ChangeTagsForResource", "route53:CreateCidrCollection", "route53:CreateHealthCheck", "route53:CreateHostedZone", "route53:CreateKeySigningKey", "route53:CreateQueryLoggingConfig", "route53:CreateReusableDelegationSet", "route53:CreateTrafficPolicy", "route53:CreateTrafficPolicyInstance", "route53:CreateTrafficPolicyVersion", "route53:CreateVPCAssociationAuthorization", "route53:DeactivateKeySigningKey", "route53:DeleteCidrCollection", "route53:DeleteHealthCheck", "route53:DeleteHostedZone", "route53:DeleteKeySigningKey", "route53:DeleteQueryLoggingConfig", "route53:DeleteReusableDelegationSet", "route53:DeleteTrafficPolicy", "route53:DeleteTrafficPolicyInstance", "route53:DeleteVPCAssociationAuthorization", "route53:DisableHostedZoneDNSSEC", "route53:DisassociateVPCFromHostedZone", "route53:EnableHostedZoneDNSSEC", "route53:GetAccountLimit", "route53:GetChange", "route53:GetCheckerIpRanges", "route53:GetDNSSEC", "route53:GetGeoLocation", "route53:GetHealthCheck", "route53:GetHealthCheckCount", "route53:GetHealthCheckLastFailureReason", "route53:GetHealthCheckStatus", "route53:GetHostedZone", "route53:GetHostedZoneCount", "route53:GetHostedZoneLimit", "route53:GetQueryLoggingConfig", "route53:GetReusableDelegationSet", "route53:GetReusableDelegationSetLimit", "route53:GetTrafficPolicy", "route53:GetTrafficPolicyInstance", "route53:GetTrafficPolicyInstanceCount", "route53:ListCidrBlocks", "route53:ListCidrCollections", "route53:ListCidrLocations", "route53:ListGeoLocations", "route53:ListHealthChecks", "route53:ListHostedZones", "route53:ListHostedZonesByName", "route53:ListHostedZonesByVPC", "route53:ListQueryLoggingConfigs", "route53:ListResourceRecordSets", "route53:ListReusableDelegationSets", "route53:ListTagsForResource", "route53:ListTagsForResources", "route53:ListTrafficPolicies", "route53:ListTrafficPolicyInstances", "route53:ListTrafficPolicyInstancesByHostedZone", "route53:ListTrafficPolicyInstancesByPolicy", "route53:ListTrafficPolicyVersions", "route53:ListVPCAssociationAuthorizations", "route53:TestDNSAnswer", "route53:UpdateHealthCheck", "route53:UpdateHostedZoneComment", "route53:UpdateTrafficPolicyComment", "route53:UpdateTrafficPolicyInstance", "route53domains:AcceptDomainTransferFromAnotherAwsAccount", "route53domains:AssociateDelegationSignerToDomain", "route53domains:CancelDomainTransferToAnotherAwsAccount", "route53domains:CheckDomainAvailability", "route53domains:CheckDomainTransferability", "route53domains:DeleteDomain", "route53domains:DeleteTagsForDomain", "route53domains:DisableDomainAutoRenew", "route53domains:DisableDomainTransferLock", "route53domains:DisassociateDelegationSignerFromDomain", "route53domains:EnableDomainAutoRenew", "route53domains:EnableDomainTransferLock", "route53domains:GetContactReachabilityStatus", "route53domains:GetDomainDetail", "route53domains:GetDomainSuggestions", "route53domains:GetOperationDetail", "route53domains:ListDomains", "route53domains:ListOperations", "route53domains:ListPrices", "route53domains:ListTagsForDomain", "route53domains:PushDomain", "route53domains:RegisterDomain", "route53domains:RejectDomainTransferFromAnotherAwsAccount", "route53domains:RenewDomain", "route53domains:ResendContactReachabilityEmail", "route53domains:ResendOperationAuthorization", "route53domains:RetrieveDomainAuthCode", "route53domains:TransferDomain", "route53domains:TransferDomainToAnotherAwsAccount", "route53domains:UpdateDomainContact", "route53domains:UpdateDomainContactPrivacy", "route53domains:UpdateDomainNameservers", "route53domains:UpdateTagsForDomain", "route53domains:ViewBilling", "sns:CreateTopic", "sns:ListSubscriptionsByTopic", "sns:ListTopics", "ec2:AcceptVpcPeeringConnection", "ec2:AttachClassicLinkVpc", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateVpcPeeringConnection", "ec2:DeleteCustomerGateway", "ec2:DeleteDhcpOptions", "ec2:DeleteInternetGateway", "ec2:DeleteNetworkAcl", "ec2:DeleteNetworkAclEntry", "ec2:DeleteRoute", "ec2:DeleteRouteTable", "ec2:DeleteSecurityGroup", "ec2:DeleteVolume", "ec2:DeleteVpcPeeringConnection", "ec2:DetachClassicLinkVpc", "ec2:DisableVpcClassicLink", "ec2:EnableVpcClassicLink", "ec2:GetConsoleScreenshot", "ec2:RejectVpcPeeringConnection", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:CreateLocalGatewayRoute", "ec2:CreateLocalGatewayRouteTableVpcAssociation", "ec2:DeleteLocalGatewayRoute", "ec2:DeleteLocalGatewayRouteTableVpcAssociation", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:SearchLocalGatewayRoutes", "s3:GetBucketLocation", "s3:GetBucketWebsite", "s3:ListBucket", "iam:GetRole", "iam:ListRoles", "iam:PassRole", "networkmanager:AcceptAttachment", "networkmanager:AssociateConnectPeer", "networkmanager:AssociateCustomerGateway", "networkmanager:AssociateLink", "networkmanager:AssociateTransitGatewayConnectPeer", "networkmanager:CreateConnectAttachment", "networkmanager:CreateConnectPeer", "networkmanager:CreateConnection", "networkmanager:CreateCoreNetwork", "networkmanager:CreateDevice", "networkmanager:CreateGlobalNetwork", "networkmanager:CreateLink", "networkmanager:CreateSite", "networkmanager:CreateSiteToSiteVpnAttachment", "networkmanager:CreateTransitGatewayPeering", "networkmanager:CreateTransitGatewayRouteTableAttachment", "networkmanager:CreateVpcAttachment", "networkmanager:DeleteAttachment", "networkmanager:DeleteConnectPeer", "networkmanager:DeleteConnection", "networkmanager:DeleteCoreNetwork", "networkmanager:DeleteCoreNetworkPolicyVersion", "networkmanager:DeleteDevice", "networkmanager:DeleteGlobalNetwork", "networkmanager:DeleteLink", "networkmanager:DeletePeering", "networkmanager:DeleteResourcePolicy", "networkmanager:DeleteSite", "networkmanager:DeregisterTransitGateway", "networkmanager:DescribeGlobalNetworks", "networkmanager:DisassociateConnectPeer", "networkmanager:DisassociateCustomerGateway", "networkmanager:DisassociateLink", "networkmanager:DisassociateTransitGatewayConnectPeer", "networkmanager:ExecuteCoreNetworkChangeSet", "networkmanager:GetConnectAttachment", "networkmanager:GetConnectPeer", "networkmanager:GetConnectPeerAssociations", "networkmanager:GetConnections", "networkmanager:GetCoreNetwork", "networkmanager:GetCoreNetworkChangeEvents", "networkmanager:GetCoreNetworkChangeSet", "networkmanager:GetCoreNetworkPolicy", "networkmanager:GetCustomerGatewayAssociations", "networkmanager:GetDevices", "networkmanager:GetLinkAssociations", "networkmanager:GetLinks", "networkmanager:GetNetworkResourceCounts", "networkmanager:GetNetworkResourceRelationships", "networkmanager:GetNetworkResources", "networkmanager:GetNetworkRoutes", "networkmanager:GetNetworkTelemetry", "networkmanager:GetResourcePolicy", "networkmanager:GetRouteAnalysis", "networkmanager:GetSiteToSiteVpnAttachment", "networkmanager:GetSites", "networkmanager:GetTransitGatewayConnectPeerAssociations", "networkmanager:GetTransitGatewayPeering", "networkmanager:GetTransitGatewayRegistrations", "networkmanager:GetTransitGatewayRouteTableAttachment", "networkmanager:GetVpcAttachment", "networkmanager:ListAttachments", "networkmanager:ListConnectPeers", "networkmanager:ListCoreNetworkPolicyVersions", "networkmanager:ListCoreNetworks", "networkmanager:ListOrganizationServiceAccessStatus", "networkmanager:ListPeerings", "networkmanager:ListTagsForResource", "networkmanager:PutCoreNetworkPolicy", "networkmanager:PutResourcePolicy", "networkmanager:RegisterTransitGateway", "networkmanager:RejectAttachment", "networkmanager:RestoreCoreNetworkPolicyVersion", "networkmanager:StartOrganizationServiceAccessUpdate", "networkmanager:StartRouteAnalysis", "networkmanager:TagResource", "networkmanager:UntagResource", "networkmanager:UpdateConnection", "networkmanager:UpdateCoreNetwork", "networkmanager:UpdateDevice", "networkmanager:UpdateGlobalNetwork", "networkmanager:UpdateLink", "networkmanager:UpdateNetworkResourceMetadata", "networkmanager:UpdateSite", "networkmanager:UpdateVpcAttachment", "ec2:AcceptTransitGatewayVpcAttachment", "ec2:AssociateTransitGatewayRouteTable", "ec2:CreateTransitGateway", "ec2:CreateTransitGatewayRoute", "ec2:CreateTransitGatewayRouteTable", "ec2:CreateTransitGatewayVpcAttachment", "ec2:DeleteTransitGateway", "ec2:DeleteTransitGatewayRoute", "ec2:DeleteTransitGatewayRouteTable", "ec2:DeleteTransitGatewayVpcAttachment", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DisableTransitGatewayRouteTablePropagation", "ec2:DisassociateTransitGatewayRouteTable", "ec2:EnableTransitGatewayRouteTablePropagation", "ec2:ExportTransitGatewayRoutes", "ec2:GetTransitGatewayAttachmentPropagations", "ec2:GetTransitGatewayRouteTableAssociations", "ec2:GetTransitGatewayRouteTablePropagations", "ec2:ModifyTransitGateway", "ec2:ModifyTransitGatewayVpcAttachment", "ec2:RejectTransitGatewayVpcAttachment", "ec2:ReplaceTransitGatewayRoute", "ec2:SearchTransitGatewayRoutes", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "NetworkAdministrator", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-09-16T20:22:54+00:00", "version": "v11" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingNeptuneClusterPolicy", "createdate": "2021-09-02T21:14:55Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "rds:ListTagsForResource", "rds:DescribeDBInstances", "rds:DescribeDBClusters", "rds:DescribeDBClusterParameters", "cloudwatch:DescribeAlarms", "rds:AddTagsToResource", "rds:CreateDBInstance", "rds:DeleteDBInstance", "cloudwatch:PutMetricAlarm", "cloudwatch:DeleteAlarms" ], "malformed": false, "name": "AWSApplicationAutoscalingNeptuneClusterPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-09-02T21:14:55+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": null, "createdate": "2017-06-08T00:18:56Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [ "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "autoscaling:UpdateAutoScalingGroup", "cloudformation:CreateStack", "cloudformation:DeleteStack", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:UpdateStack", "cloudwatch:GetMetricStatistics", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "elasticloadbalancing:AddTags", "elasticloadbalancing:ApplySecurityGroupsToLoadBalancer", "elasticloadbalancing:AttachLoadBalancerToSubnets", "elasticloadbalancing:ConfigureHealthCheck", "elasticloadbalancing:CreateAppCookieStickinessPolicy", "elasticloadbalancing:CreateLBCookieStickinessPolicy", "elasticloadbalancing:CreateLoadBalancer", "elasticloadbalancing:CreateLoadBalancerListeners", "elasticloadbalancing:CreateLoadBalancerPolicy", "elasticloadbalancing:DeleteLoadBalancer", "elasticloadbalancing:DeleteLoadBalancerListeners", "elasticloadbalancing:DeleteLoadBalancerPolicy", "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancerPolicies", "elasticloadbalancing:DescribeLoadBalancerPolicyTypes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DetachLoadBalancerFromSubnets", "elasticloadbalancing:DisableAvailabilityZonesForLoadBalancer", "elasticloadbalancing:EnableAvailabilityZonesForLoadBalancer", "elasticloadbalancing:ModifyLoadBalancerAttributes", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:RemoveTags", "elasticloadbalancing:SetLoadBalancerListenerSSLCertificate", "elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer", "elasticloadbalancing:SetLoadBalancerPoliciesOfListener", "elasticloadbalancing:AddListenerCertificates", "elasticloadbalancing:AddTrustStoreRevocations", "elasticloadbalancing:CreateListener", "elasticloadbalancing:CreateRule", "elasticloadbalancing:CreateTargetGroup", "elasticloadbalancing:CreateTrustStore", "elasticloadbalancing:DeleteListener", "elasticloadbalancing:DeleteRule", "elasticloadbalancing:DeleteTargetGroup", "elasticloadbalancing:DeleteTrustStore", "elasticloadbalancing:DeregisterTargets", "elasticloadbalancing:DescribeAccountLimits", "elasticloadbalancing:DescribeListenerCertificates", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeSSLPolicies", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:DescribeTrustStoreAssociations", "elasticloadbalancing:DescribeTrustStoreRevocations", "elasticloadbalancing:DescribeTrustStores", "elasticloadbalancing:GetTrustStoreCaCertificatesBundle", "elasticloadbalancing:GetTrustStoreRevocationContent", "elasticloadbalancing:ModifyListener", "elasticloadbalancing:ModifyRule", "elasticloadbalancing:ModifyTargetGroup", "elasticloadbalancing:ModifyTargetGroupAttributes", "elasticloadbalancing:ModifyTrustStore", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:RemoveListenerCertificates", "elasticloadbalancing:RemoveTrustStoreRevocations", "elasticloadbalancing:SetIpAddressType", "elasticloadbalancing:SetRulePriorities", "elasticloadbalancing:SetSecurityGroups", "elasticloadbalancing:SetSubnets", "elasticloadbalancing:SetWebAcl", "ecs:CreateCapacityProvider", "ecs:CreateCluster", "ecs:CreateService", "ecs:CreateTaskSet", "ecs:DeleteAccountSetting", "ecs:DeleteAttributes", "ecs:DeleteCapacityProvider", "ecs:DeleteCluster", "ecs:DeleteService", "ecs:DeleteTaskDefinitions", "ecs:DeleteTaskSet", "ecs:DeregisterContainerInstance", "ecs:DeregisterTaskDefinition", "ecs:DescribeCapacityProviders", "ecs:DescribeClusters", "ecs:DescribeContainerInstances", "ecs:DescribeServices", "ecs:DescribeTaskDefinition", "ecs:DescribeTaskSets", "ecs:DescribeTasks", "ecs:DiscoverPollEndpoint", "ecs:ExecuteCommand", "ecs:GetTaskProtection", "ecs:ListAccountSettings", "ecs:ListAttributes", "ecs:ListClusters", "ecs:ListContainerInstances", "ecs:ListServices", "ecs:ListServicesByNamespace", "ecs:ListTagsForResource", "ecs:ListTaskDefinitionFamilies", "ecs:ListTaskDefinitions", "ecs:ListTasks", "ecs:Poll", "ecs:PutAccountSetting", "ecs:PutAccountSettingDefault", "ecs:PutAttributes", "ecs:PutClusterCapacityProviders", "ecs:RegisterContainerInstance", "ecs:RegisterTaskDefinition", "ecs:RunTask", "ecs:StartTask", "ecs:StartTelemetrySession", "ecs:StopTask", "ecs:SubmitAttachmentStateChanges", "ecs:SubmitContainerStateChange", "ecs:SubmitTaskStateChange", "ecs:TagResource", "ecs:UntagResource", "ecs:UpdateCapacityProvider", "ecs:UpdateCluster", "ecs:UpdateClusterSettings", "ecs:UpdateContainerAgent", "ecs:UpdateContainerInstancesState", "ecs:UpdateService", "ecs:UpdateServicePrimaryTaskSet", "ecs:UpdateTaskProtection", "ecs:UpdateTaskSet", "events:DescribeRule", "events:DeleteRule", "events:ListRuleNamesByTarget", "events:ListTargetsByRule", "events:PutRule", "events:PutTargets", "events:RemoveTargets", "iam:ListInstanceProfiles", "iam:ListRoles", "iam:PassRole" ], "malformed": false, "name": "AmazonEC2ContainerServiceFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v4" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonFSxConsoleReadOnlyAccess", "createdate": "2024-01-10T20:19:18Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricData", "ds:DescribeDirectories", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeSecurityGroups", "ec2:GetSecurityGroupsForVpc", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "firehose:ListDeliveryStreams", "fsx:DescribeAssociatedFileGateways", "fsx:DescribeBackups", "fsx:DescribeDataRepositoryAssociations", "fsx:DescribeDataRepositoryTasks", "fsx:DescribeFileCaches", "fsx:DescribeFileSystemAliases", "fsx:DescribeFileSystems", "fsx:DescribeSharedVpcConfiguration", "fsx:DescribeSnapshots", "fsx:DescribeStorageVirtualMachines", "fsx:DescribeVolumes", "fsx:ListTagsForResource", "kms:DescribeKey", "logs:DescribeLogGroups" ], "malformed": false, "name": "AmazonFSxConsoleReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-10T20:19:18+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/VMImportExportRoleForAWSConnector", "createdate": "2015-09-03T20:48:59Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:ListBucket", "s3:GetBucketLocation", "s3:GetObject", "ec2:ModifySnapshotAttribute", "ec2:CopySnapshot", "ec2:RegisterImage", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways" ], "malformed": false, "name": "VMImportExportRoleForAWSConnector", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-09-03T20:48:59+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSAccountManagementReadOnlyAccess", "createdate": "2021-09-30T23:29:53Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "account:GetAccountInformation", "account:GetAlternateContact", "account:GetChallengeQuestions", "account:GetContactInformation", "account:GetRegionOptStatus", "account:ListRegions" ], "malformed": false, "name": "AWSAccountManagementReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-09-30T23:29:53+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Unknown" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonConnectSynchronizationServiceRolePolicy", "createdate": "2023-10-27T22:38:25Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "connect:CreateUser", "connect:CreateUserHierarchyGroup", "connect:UpdateUserHierarchy", "connect:UpdateUserHierarchyGroupName", "connect:UpdateUserHierarchyStructure", "connect:UpdateUserIdentityInfo", "connect:UpdateUserPhoneConfig", "connect:UpdateUserProficiencies", "connect:UpdateUserRoutingProfile", "connect:UpdateUserSecurityProfiles", "connect:DeleteUser", "connect:DeleteUserHierarchyGroup", "connect:DescribeUser", "connect:DescribeUserHierarchyGroup", "connect:DescribeUserHierarchyStructure", "connect:ListUserHierarchyGroups", "connect:ListUserProficiencies", "connect:ListUsers", "connect:CreateRoutingProfile", "connect:UpdateRoutingProfileAgentAvailabilityTimer", "connect:UpdateRoutingProfileConcurrency", "connect:UpdateRoutingProfileDefaultOutboundQueue", "connect:UpdateRoutingProfileName", "connect:UpdateRoutingProfileQueues", "connect:DeleteRoutingProfile", "connect:DescribeRoutingProfile", "connect:ListRoutingProfileQueues", "connect:ListRoutingProfiles", "connect:CreateAgentStatus", "connect:UpdateAgentStatus", "connect:DescribeAgentStatus", "connect:ListAgentStatuses", "connect:CreateQuickConnect", "connect:UpdateQuickConnectConfig", "connect:UpdateQuickConnectName", "connect:DeleteQuickConnect", "connect:DescribeQuickConnect", "connect:ListQuickConnects", "connect:CreateHoursOfOperation", "connect:UpdateHoursOfOperation", "connect:DeleteHoursOfOperation", "connect:DescribeHoursOfOperation", "connect:ListHoursOfOperations", "connect:CreateQueue", "connect:UpdateQueueHoursOfOperation", "connect:UpdateQueueMaxContacts", "connect:UpdateQueueName", "connect:UpdateQueueOutboundCallerConfig", "connect:UpdateQueueStatus", "connect:DeleteQueue", "connect:DescribeQueue", "connect:ListQueueQuickConnects", "connect:ListQueues", "connect:CreatePrompt", "connect:UpdatePrompt", "connect:DeletePrompt", "connect:DescribePrompt", "connect:ListPrompts", "connect:GetPromptFile", "connect:CreateSecurityProfile", "connect:UpdateSecurityProfile", "connect:DeleteSecurityProfile", "connect:DescribeSecurityProfile", "connect:ListSecurityProfileApplications", "connect:ListSecurityProfilePermissions", "connect:ListSecurityProfiles", "connect:CreateContactFlow", "connect:CreateContactFlowModule", "connect:UpdateContactFlowContent", "connect:UpdateContactFlowMetadata", "connect:UpdateContactFlowModuleContent", "connect:UpdateContactFlowModuleMetadata", "connect:UpdateContactFlowName", "connect:DeleteContactFlow", "connect:DeleteContactFlowModule", "connect:DescribeContactFlow", "connect:DescribeContactFlowModule", "connect:ListContactFlowModules", "connect:ListContactFlows", "connect:BatchGetFlowAssociation", "connect:CreatePredefinedAttribute", "connect:UpdatePredefinedAttribute", "connect:DeletePredefinedAttribute", "connect:DescribePredefinedAttribute", "connect:ListPredefinedAttributes", "connect:ListTagsForResource", "connect:TagResource", "connect:UntagResource", "connect:ListTrafficDistributionGroups", "connect:ListPhoneNumbersV2", "connect:UpdatePhoneNumber", "connect:DescribePhoneNumber", "connect:AssociateAnalyticsDataSet", "connect:AssociateApprovedOrigin", "connect:AssociateBot", "connect:AssociateCustomerProfilesDomain", "connect:AssociateDefaultVocabulary", "connect:AssociateFlow", "connect:AssociateInstanceStorageConfig", "connect:AssociateLambdaFunction", "connect:AssociateLexBot", "connect:AssociatePhoneNumberContactFlow", "connect:AssociateQueueQuickConnects", "connect:AssociateRoutingProfileQueues", "connect:AssociateSecurityKey", "connect:AssociateTrafficDistributionGroupUser", "connect:AssociateUserProficiencies", "connect:DisassociateAnalyticsDataSet", "connect:DisassociateApprovedOrigin", "connect:DisassociateBot", "connect:DisassociateCustomerProfilesDomain", "connect:DisassociateFlow", "connect:DisassociateInstanceStorageConfig", "connect:DisassociateLambdaFunction", "connect:DisassociateLexBot", "connect:DisassociatePhoneNumberContactFlow", "connect:DisassociateQueueQuickConnects", "connect:DisassociateRoutingProfileQueues", "connect:DisassociateSecurityKey", "connect:DisassociateTrafficDistributionGroupUser", "connect:DisassociateUserProficiencies", "cloudwatch:PutMetricData" ], "malformed": false, "name": "AmazonConnectSynchronizationServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": true, "unknown_actions": false, "updatedate": "2023-10-27T22:38:25+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonRoute53ReadOnlyAccess", "createdate": "2016-11-15T21:15:16Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "route53:GetAccountLimit", "route53:GetChange", "route53:GetCheckerIpRanges", "route53:GetDNSSEC", "route53:GetGeoLocation", "route53:GetHealthCheck", "route53:GetHealthCheckCount", "route53:GetHealthCheckLastFailureReason", "route53:GetHealthCheckStatus", "route53:GetHostedZone", "route53:GetHostedZoneCount", "route53:GetHostedZoneLimit", "route53:GetQueryLoggingConfig", "route53:GetReusableDelegationSet", "route53:GetReusableDelegationSetLimit", "route53:GetTrafficPolicy", "route53:GetTrafficPolicyInstance", "route53:GetTrafficPolicyInstanceCount", "route53:ListCidrBlocks", "route53:ListCidrCollections", "route53:ListCidrLocations", "route53:ListGeoLocations", "route53:ListHealthChecks", "route53:ListHostedZones", "route53:ListHostedZonesByName", "route53:ListHostedZonesByVPC", "route53:ListQueryLoggingConfigs", "route53:ListResourceRecordSets", "route53:ListReusableDelegationSets", "route53:ListTagsForResource", "route53:ListTagsForResources", "route53:ListTrafficPolicies", "route53:ListTrafficPolicyInstances", "route53:ListTrafficPolicyInstancesByHostedZone", "route53:ListTrafficPolicyInstancesByPolicy", "route53:ListTrafficPolicyVersions", "route53:ListVPCAssociationAuthorizations", "route53:TestDNSAnswer" ], "malformed": false, "name": "AmazonRoute53ReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2016-11-15T21:15:16+00:00", "version": "v2" }, { "access_levels": [ "List", "Read" ], "arn": null, "createdate": "2018-07-23T21:59:05Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "dynamodb:DescribeTable", "iam:ListSAMLProviders", "lambda:ListFunctions", "sns:ListTopics", "lex:GetIntent", "lex:GetIntents", "lex:GetSlotType", "lex:GetSlotTypes", "lex:GetBot", "lex:GetBots", "lex:GetBotAlias", "lex:GetBotAliases", "s3:GetObject" ], "malformed": false, "name": "AWSMobileHub_ReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": true, "updatedate": null, "version": "v10" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSQuicksightOpenSearchPolicy", "createdate": "2021-09-07T23:26:19Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "es:ESHttpGet", "es:ListDomainNames", "es:DescribeDomain", "es:ESHttpPost", "es:ESHttpGet" ], "malformed": false, "name": "AWSQuicksightOpenSearchPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-09-07T23:26:19+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSApplicationMigrationFullAccess", "createdate": "2023-04-20T17:28:13Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "mgn:ArchiveApplication", "mgn:ArchiveWave", "mgn:AssociateApplications", "mgn:AssociateSourceServers", "mgn:BatchCreateVolumeSnapshotGroupForMgn", "mgn:BatchDeleteSnapshotRequestForMgn", "mgn:ChangeServerLifeCycleState", "mgn:CreateApplication", "mgn:CreateConnector", "mgn:CreateLaunchConfigurationTemplate", "mgn:CreateReplicationConfigurationTemplate", "mgn:CreateVcenterClientForMgn", "mgn:CreateWave", "mgn:DeleteApplication", "mgn:DeleteConnector", "mgn:DeleteJob", "mgn:DeleteLaunchConfigurationTemplate", "mgn:DeleteReplicationConfigurationTemplate", "mgn:DeleteSourceServer", "mgn:DeleteVcenterClient", "mgn:DeleteWave", "mgn:DescribeJobLogItems", "mgn:DescribeJobs", "mgn:DescribeLaunchConfigurationTemplates", "mgn:DescribeReplicationConfigurationTemplates", "mgn:DescribeReplicationServerAssociationsForMgn", "mgn:DescribeSnapshotRequestsForMgn", "mgn:DescribeSourceServers", "mgn:DescribeVcenterClients", "mgn:DisassociateApplications", "mgn:DisassociateSourceServers", "mgn:DisconnectFromService", "mgn:FinalizeCutover", "mgn:GetAgentCommandForMgn", "mgn:GetAgentConfirmedResumeInfoForMgn", "mgn:GetAgentInstallationAssetsForMgn", "mgn:GetAgentReplicationInfoForMgn", "mgn:GetAgentRuntimeConfigurationForMgn", "mgn:GetAgentSnapshotCreditsForMgn", "mgn:GetChannelCommandsForMgn", "mgn:GetLaunchConfiguration", "mgn:GetReplicationConfiguration", "mgn:GetVcenterClientCommandsForMgn", "mgn:InitializeService", "mgn:IssueClientCertificateForMgn", "mgn:ListApplications", "mgn:ListConnectors", "mgn:ListExportErrors", "mgn:ListExports", "mgn:ListImportErrors", "mgn:ListImports", "mgn:ListManagedAccounts", "mgn:ListSourceServerActions", "mgn:ListTagsForResource", "mgn:ListTemplateActions", "mgn:ListWaves", "mgn:MarkAsArchived", "mgn:NotifyAgentAuthenticationForMgn", "mgn:NotifyAgentConnectedForMgn", "mgn:NotifyAgentDisconnectedForMgn", "mgn:NotifyAgentReplicationProgressForMgn", "mgn:NotifyVcenterClientStartedForMgn", "mgn:PauseReplication", "mgn:PutSourceServerAction", "mgn:PutTemplateAction", "mgn:RegisterAgentForMgn", "mgn:RemoveSourceServerAction", "mgn:RemoveTemplateAction", "mgn:ResumeReplication", "mgn:RetryDataReplication", "mgn:SendAgentLogsForMgn", "mgn:SendAgentMetricsForMgn", "mgn:SendChannelCommandResultForMgn", "mgn:SendClientLogsForMgn", "mgn:SendClientMetricsForMgn", "mgn:SendVcenterClientCommandResultForMgn", "mgn:SendVcenterClientLogsForMgn", "mgn:SendVcenterClientMetricsForMgn", "mgn:StartCutover", "mgn:StartExport", "mgn:StartImport", "mgn:StartReplication", "mgn:StartTest", "mgn:StopReplication", "mgn:TagResource", "mgn:TerminateTargetInstances", "mgn:UnarchiveApplication", "mgn:UnarchiveWave", "mgn:UntagResource", "mgn:UpdateAgentBacklogForMgn", "mgn:UpdateAgentConversionInfoForMgn", "mgn:UpdateAgentReplicationInfoForMgn", "mgn:UpdateAgentReplicationProcessStateForMgn", "mgn:UpdateAgentSourcePropertiesForMgn", "mgn:UpdateApplication", "mgn:UpdateConnector", "mgn:UpdateLaunchConfiguration", "mgn:UpdateLaunchConfigurationTemplate", "mgn:UpdateReplicationConfiguration", "mgn:UpdateReplicationConfigurationTemplate", "mgn:UpdateSourceServer", "mgn:UpdateSourceServerReplicationType", "mgn:UpdateWave", "mgn:VerifyClientRoleForMgn", "kms:ListAliases", "kms:DescribeKey", "ec2:DescribeKeyPairs", "ec2:DescribeTags", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", "ec2:DescribeImages", "ec2:DescribeInstances", "ec2:DescribeInstanceTypes", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshots", "ec2:DescribeSubnets", "ec2:DescribeVolumes", "ec2:GetEbsEncryptionByDefault", "ec2:GetEbsDefaultKmsKeyId", "license-manager:ListLicenseConfigurations", "elasticloadbalancing:DescribeLoadBalancers", "iam:ListInstanceProfiles", "iam:PassRole", "drs:DescribeSourceServers", "ssm:SendCommand", "ssm:ListCommandInvocations", "ssm:DescribeInstanceInformation", "ssm:GetCommandInvocation", "ssm:DescribeDocument", "ssm:SendCommand", "drs:DisconnectSourceServer", "ssm:GetParameter", "ssm:PutParameter", "servicequotas:GetServiceQuota", "ssm:GetAutomationExecution", "ssm:GetDocument", "ssm:GetParameters", "ssm:StartAutomationExecution", "ssm:ListCommands" ], "malformed": false, "name": "AWSApplicationMigrationFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-20T17:28:13+00:00", "version": "v7" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSIQFullAccess", "createdate": "2019-09-25T20:22:34Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iq:AcceptCall", "iq:ApprovePaymentRequest", "iq:ApproveProposal", "iq:ArchiveConversation", "iq:CompleteProposal", "iq:CreateConversation", "iq:CreateExpert", "iq:CreateListing", "iq:CreateMilestoneProposal", "iq:CreatePaymentRequest", "iq:CreateProject", "iq:CreateRequest", "iq:CreateScheduledProposal", "iq:CreateSeller", "iq:CreateUpfrontProposal", "iq:DeclineCall", "iq:DeleteAttachment", "iq:DisableIndividualPublicProfile", "iq:DownloadAttachment", "iq:EnableIndividualPublicProfile", "iq:EndCall", "iq:GetBuyer", "iq:GetCall", "iq:GetChatInfo", "iq:GetChatMessages", "iq:GetChatToken", "iq:GetCompanyChatMessages", "iq:GetCompanyProfile", "iq:GetConversation", "iq:GetExpert", "iq:GetListing", "iq:GetMarketplaceSeller", "iq:GetPaymentRequest", "iq:GetProposal", "iq:GetRequest", "iq:GetReview", "iq:HideRequest", "iq:InitiateCall", "iq:LinkAwsCertification", "iq:ListAttachments", "iq:ListConversations", "iq:ListExpertAccessLogs", "iq:ListListings", "iq:ListPaymentRequests", "iq:ListProposals", "iq:ListRequests", "iq:ListReviews", "iq:MarkChatMessageRead", "iq:RejectPaymentRequest", "iq:RejectProposal", "iq:SendCompanyChatMessage", "iq:SendIndividualChatMessage", "iq:UnarchiveConversation", "iq:UnlinkAwsCertification", "iq:UpdateCompanyProfile", "iq:UpdateConversationMembers", "iq:UpdateExpert", "iq:UpdateListing", "iq:UpdateRequest", "iq:UploadAttachment", "iq:WithdrawPaymentRequest", "iq:WithdrawProposal", "iq:WriteReview", "iq-permission:ApproveAccessGrant", "iq-permission:ApprovePermissionRequest", "iq-permission:AssumePermissionRole", "iq-permission:CreatePermissionRequest", "iq-permission:GetPermissionRequest", "iq-permission:ListPermissionRequests", "iq-permission:RejectPermissionRequest", "iq-permission:RevokePermissionRequest", "iq-permission:WithdrawPermissionRequest", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AWSIQFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-09-25T20:22:34+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonMacieFullAccess", "createdate": "2022-07-01T00:41:53Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "macie2:AcceptInvitation", "macie2:BatchGetCustomDataIdentifiers", "macie2:CreateAllowList", "macie2:CreateClassificationJob", "macie2:CreateCustomDataIdentifier", "macie2:CreateFindingsFilter", "macie2:CreateInvitations", "macie2:CreateMember", "macie2:CreateSampleFindings", "macie2:DeclineInvitations", "macie2:DeleteAllowList", "macie2:DeleteCustomDataIdentifier", "macie2:DeleteFindingsFilter", "macie2:DeleteInvitations", "macie2:DeleteMember", "macie2:DescribeBuckets", "macie2:DescribeClassificationJob", "macie2:DescribeOrganizationConfiguration", "macie2:DisableMacie", "macie2:DisableOrganizationAdminAccount", "macie2:DisassociateFromAdministratorAccount", "macie2:DisassociateFromMasterAccount", "macie2:DisassociateMember", "macie2:EnableMacie", "macie2:EnableOrganizationAdminAccount", "macie2:GetAdministratorAccount", "macie2:GetAllowList", "macie2:GetAutomatedDiscoveryConfiguration", "macie2:GetBucketStatistics", "macie2:GetClassificationExportConfiguration", "macie2:GetClassificationScope", "macie2:GetCustomDataIdentifier", "macie2:GetFindingStatistics", "macie2:GetFindings", "macie2:GetFindingsFilter", "macie2:GetFindingsPublicationConfiguration", "macie2:GetInvitationsCount", "macie2:GetMacieSession", "macie2:GetMasterAccount", "macie2:GetMember", "macie2:GetResourceProfile", "macie2:GetRevealConfiguration", "macie2:GetSensitiveDataOccurrences", "macie2:GetSensitiveDataOccurrencesAvailability", "macie2:GetSensitivityInspectionTemplate", "macie2:GetUsageStatistics", "macie2:GetUsageTotals", "macie2:ListAllowLists", "macie2:ListClassificationJobs", "macie2:ListClassificationScopes", "macie2:ListCustomDataIdentifiers", "macie2:ListFindings", "macie2:ListFindingsFilters", "macie2:ListInvitations", "macie2:ListManagedDataIdentifiers", "macie2:ListMembers", "macie2:ListOrganizationAdminAccounts", "macie2:ListResourceProfileArtifacts", "macie2:ListResourceProfileDetections", "macie2:ListSensitivityInspectionTemplates", "macie2:ListTagsForResource", "macie2:PutClassificationExportConfiguration", "macie2:PutFindingsPublicationConfiguration", "macie2:SearchResources", "macie2:TagResource", "macie2:TestCustomDataIdentifier", "macie2:UntagResource", "macie2:UpdateAllowList", "macie2:UpdateAutomatedDiscoveryConfiguration", "macie2:UpdateClassificationJob", "macie2:UpdateClassificationScope", "macie2:UpdateFindingsFilter", "macie2:UpdateMacieSession", "macie2:UpdateMemberSession", "macie2:UpdateOrganizationConfiguration", "macie2:UpdateResourceProfile", "macie2:UpdateResourceProfileDetections", "macie2:UpdateRevealConfiguration", "macie2:UpdateSensitivityInspectionTemplate", "iam:CreateServiceLinkedRole", "pricing:GetProducts" ], "malformed": false, "name": "AmazonMacieFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-07-01T00:41:53+00:00", "version": "v5" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": null, "createdate": "2015-02-06T18:41:27Z", "credentials_exposure": false, "data_access": true, "deprecated": true, "effective_action_names": [ "cloudwatch:GetMetricStatistics", "ec2:DescribeAccountAttributes", "ec2:DescribeAvailabilityZones", "ec2:DescribeInstances", "ec2:DescribeKeyPairs", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancers", "iam:GetRolePolicy", "iam:ListInstanceProfiles", "iam:ListRoles", "iam:ListUsers", "iam:PassRole", "opsworks:AssignInstance", "opsworks:AssignVolume", "opsworks:AssociateElasticIp", "opsworks:AttachElasticLoadBalancer", "opsworks:CloneStack", "opsworks:CreateApp", "opsworks:CreateDeployment", "opsworks:CreateInstance", "opsworks:CreateLayer", "opsworks:CreateStack", "opsworks:CreateUserProfile", "opsworks:DeleteApp", "opsworks:DeleteInstance", "opsworks:DeleteLayer", "opsworks:DeleteStack", "opsworks:DeleteUserProfile", "opsworks:DeregisterEcsCluster", "opsworks:DeregisterElasticIp", "opsworks:DeregisterInstance", "opsworks:DeregisterRdsDbInstance", "opsworks:DeregisterVolume", "opsworks:DescribeAgentVersions", "opsworks:DescribeApps", "opsworks:DescribeCommands", "opsworks:DescribeDeployments", "opsworks:DescribeEcsClusters", "opsworks:DescribeElasticIps", "opsworks:DescribeElasticLoadBalancers", "opsworks:DescribeInstances", "opsworks:DescribeLayers", "opsworks:DescribeLoadBasedAutoScaling", "opsworks:DescribeMyUserProfile", "opsworks:DescribeOperatingSystems", "opsworks:DescribePermissions", "opsworks:DescribeRaidArrays", "opsworks:DescribeRdsDbInstances", "opsworks:DescribeServiceErrors", "opsworks:DescribeStackProvisioningParameters", "opsworks:DescribeStackSummary", "opsworks:DescribeStacks", "opsworks:DescribeTimeBasedAutoScaling", "opsworks:DescribeUserProfiles", "opsworks:DescribeVolumes", "opsworks:DetachElasticLoadBalancer", "opsworks:DisassociateElasticIp", "opsworks:GetHostnameSuggestion", "opsworks:GrantAccess", "opsworks:ListTags", "opsworks:RebootInstance", "opsworks:RegisterEcsCluster", "opsworks:RegisterElasticIp", "opsworks:RegisterInstance", "opsworks:RegisterRdsDbInstance", "opsworks:RegisterVolume", "opsworks:SetLoadBasedAutoScaling", "opsworks:SetPermission", "opsworks:SetTimeBasedAutoScaling", "opsworks:StartInstance", "opsworks:StartStack", "opsworks:StopInstance", "opsworks:StopStack", "opsworks:TagResource", "opsworks:UnassignInstance", "opsworks:UnassignVolume", "opsworks:UntagResource", "opsworks:UpdateApp", "opsworks:UpdateElasticIp", "opsworks:UpdateInstance", "opsworks:UpdateLayer", "opsworks:UpdateMyUserProfile", "opsworks:UpdateRdsDbInstance", "opsworks:UpdateStack", "opsworks:UpdateUserProfile", "opsworks:UpdateVolume", "rds:AddRoleToDBCluster", "rds:AddRoleToDBInstance", "rds:AddSourceIdentifierToSubscription", "rds:AddTagsToResource", "rds:ApplyPendingMaintenanceAction", "rds:AuthorizeDBSecurityGroupIngress", "rds:BacktrackDBCluster", "rds:CancelExportTask", "rds:CopyDBClusterParameterGroup", "rds:CopyDBClusterSnapshot", "rds:CopyDBParameterGroup", "rds:CopyDBSnapshot", "rds:CopyOptionGroup", "rds:CreateBlueGreenDeployment", "rds:CreateCustomDBEngineVersion", "rds:CreateDBCluster", "rds:CreateDBClusterEndpoint", "rds:CreateDBClusterParameterGroup", "rds:CreateDBClusterSnapshot", "rds:CreateDBInstance", "rds:CreateDBInstanceReadReplica", "rds:CreateDBParameterGroup", "rds:CreateDBProxy", "rds:CreateDBProxyEndpoint", "rds:CreateDBSecurityGroup", "rds:CreateDBShardGroup", "rds:CreateDBSnapshot", "rds:CreateDBSubnetGroup", "rds:CreateEventSubscription", "rds:CreateGlobalCluster", "rds:CreateIntegration", "rds:CreateOptionGroup", "rds:CreateTenantDatabase", "rds:CrossRegionCommunication", "rds:DeleteBlueGreenDeployment", "rds:DeleteCustomDBEngineVersion", "rds:DeleteDBCluster", "rds:DeleteDBClusterAutomatedBackup", "rds:DeleteDBClusterEndpoint", "rds:DeleteDBClusterParameterGroup", "rds:DeleteDBClusterSnapshot", "rds:DeleteDBInstance", "rds:DeleteDBInstanceAutomatedBackup", "rds:DeleteDBParameterGroup", "rds:DeleteDBProxy", "rds:DeleteDBProxyEndpoint", "rds:DeleteDBSecurityGroup", "rds:DeleteDBShardGroup", "rds:DeleteDBSnapshot", "rds:DeleteDBSubnetGroup", "rds:DeleteEventSubscription", "rds:DeleteGlobalCluster", "rds:DeleteIntegration", "rds:DeleteOptionGroup", "rds:DeleteTenantDatabase", "rds:DeregisterDBProxyTargets", "rds:DescribeAccountAttributes", "rds:DescribeBlueGreenDeployments", "rds:DescribeCertificates", "rds:DescribeDBClusterAutomatedBackups", "rds:DescribeDBClusterBacktracks", "rds:DescribeDBClusterEndpoints", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBClusterParameters", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBInstances", "rds:DescribeDBLogFiles", "rds:DescribeDBParameterGroups", "rds:DescribeDBParameters", "rds:DescribeDBProxies", "rds:DescribeDBProxyEndpoints", "rds:DescribeDBProxyTargetGroups", "rds:DescribeDBProxyTargets", "rds:DescribeDBRecommendations", "rds:DescribeDBSecurityGroups", "rds:DescribeDBShardGroups", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "rds:DescribeDBSubnetGroups", "rds:DescribeDbSnapshotTenantDatabases", "rds:DescribeEngineDefaultClusterParameters", "rds:DescribeEngineDefaultParameters", "rds:DescribeEventCategories", "rds:DescribeEventSubscriptions", "rds:DescribeEvents", "rds:DescribeExportTasks", "rds:DescribeGlobalClusters", "rds:DescribeIntegrations", "rds:DescribeOptionGroupOptions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribePendingMaintenanceActions", "rds:DescribeRecommendationGroups", "rds:DescribeRecommendations", "rds:DescribeReservedDBInstances", "rds:DescribeReservedDBInstancesOfferings", "rds:DescribeSourceRegions", "rds:DescribeTenantDatabases", "rds:DescribeValidDBInstanceModifications", "rds:DisableHttpEndpoint", "rds:DownloadCompleteDBLogFile", "rds:DownloadDBLogFilePortion", "rds:EnableHttpEndpoint", "rds:FailoverDBCluster", "rds:FailoverGlobalCluster", "rds:ListTagsForResource", "rds:ModifyActivityStream", "rds:ModifyCertificates", "rds:ModifyCurrentDBClusterCapacity", "rds:ModifyCustomDBEngineVersion", "rds:ModifyDBCluster", "rds:ModifyDBClusterEndpoint", "rds:ModifyDBClusterParameterGroup", "rds:ModifyDBClusterSnapshotAttribute", "rds:ModifyDBInstance", "rds:ModifyDBParameterGroup", "rds:ModifyDBProxy", "rds:ModifyDBProxyEndpoint", "rds:ModifyDBProxyTargetGroup", "rds:ModifyDBRecommendation", "rds:ModifyDBShardGroup", "rds:ModifyDBSnapshot", "rds:ModifyDBSnapshotAttribute", "rds:ModifyDBSubnetGroup", "rds:ModifyEventSubscription", "rds:ModifyGlobalCluster", "rds:ModifyIntegration", "rds:ModifyOptionGroup", "rds:ModifyRecommendation", "rds:ModifyTenantDatabase", "rds:PromoteReadReplica", "rds:PromoteReadReplicaDBCluster", "rds:PurchaseReservedDBInstancesOffering", "rds:RebootDBCluster", "rds:RebootDBInstance", "rds:RebootDBShardGroup", "rds:RegisterDBProxyTargets", "rds:RemoveFromGlobalCluster", "rds:RemoveRoleFromDBCluster", "rds:RemoveRoleFromDBInstance", "rds:RemoveSourceIdentifierFromSubscription", "rds:RemoveTagsFromResource", "rds:ResetDBClusterParameterGroup", "rds:ResetDBParameterGroup", "rds:RestoreDBClusterFromS3", "rds:RestoreDBClusterFromSnapshot", "rds:RestoreDBClusterToPointInTime", "rds:RestoreDBInstanceFromDBSnapshot", "rds:RestoreDBInstanceFromS3", "rds:RestoreDBInstanceToPointInTime", "rds:RevokeDBSecurityGroupIngress", "rds:StartActivityStream", "rds:StartDBCluster", "rds:StartDBInstance", "rds:StartDBInstanceAutomatedBackupsReplication", "rds:StartExportTask", "rds:StopActivityStream", "rds:StopDBCluster", "rds:StopDBInstance", "rds:StopDBInstanceAutomatedBackupsReplication", "rds:SwitchoverBlueGreenDeployment", "rds:SwitchoverGlobalCluster", "rds:SwitchoverReadReplica" ], "malformed": false, "name": "AWSOpsWorksRole", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v1" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSDeepLensServiceRolePolicy", "createdate": "2019-09-25T19:25:06Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "iot:CreateThing", "iot:DeleteThing", "iot:DeleteThingShadow", "iot:DescribeThing", "iot:GetThingShadow", "iot:UpdateThing", "iot:UpdateThingShadow", "iot:AttachThingPrincipal", "iot:DetachThingPrincipal", "iot:UpdateCertificate", "iot:DeleteCertificate", "iot:DetachPrincipalPolicy", "iot:CreateKeysAndCertificate", "iot:CreatePolicy", "iot:CreatePolicyVersion", "iot:AttachPrincipalPolicy", "iot:GetThingShadow", "iot:UpdateThingShadow", "iot:DescribeEndpoint", "deeplens:AssociateServiceRoleToAccount", "deeplens:BatchGetDevice", "deeplens:BatchGetModel", "deeplens:BatchGetProject", "deeplens:CreateDeviceCertificates", "deeplens:CreateModel", "deeplens:CreateProject", "deeplens:DeleteModel", "deeplens:DeleteProject", "deeplens:DeployProject", "deeplens:DeregisterDevice", "deeplens:GetAssociatedResources", "deeplens:GetDeploymentStatus", "deeplens:GetDevice", "deeplens:GetModel", "deeplens:GetProject", "deeplens:ImportProjectFromTemplate", "deeplens:ListDeployments", "deeplens:ListDevices", "deeplens:ListModels", "deeplens:ListProjects", "deeplens:RegisterDevice", "deeplens:RemoveProject", "deeplens:UpdateProject", "s3:GetObject", "s3:DeleteBucket", "s3:ListBucket", "s3:CreateBucket", "iam:PassRole", "iam:PassRole", "greengrass:AssociateRoleToGroup", "greengrass:AssociateServiceRoleToAccount", "greengrass:CreateResourceDefinition", "greengrass:CreateResourceDefinitionVersion", "greengrass:CreateCoreDefinition", "greengrass:CreateCoreDefinitionVersion", "greengrass:CreateDeployment", "greengrass:CreateFunctionDefinition", "greengrass:CreateFunctionDefinitionVersion", "greengrass:CreateGroup", "greengrass:CreateGroupCertificateAuthority", "greengrass:CreateGroupVersion", "greengrass:CreateLoggerDefinition", "greengrass:CreateLoggerDefinitionVersion", "greengrass:CreateSubscriptionDefinition", "greengrass:CreateSubscriptionDefinitionVersion", "greengrass:DeleteCoreDefinition", "greengrass:DeleteFunctionDefinition", "greengrass:DeleteGroup", "greengrass:DeleteLoggerDefinition", "greengrass:DeleteSubscriptionDefinition", "greengrass:DisassociateRoleFromGroup", "greengrass:DisassociateServiceRoleFromAccount", "greengrass:GetAssociatedRole", "greengrass:GetConnectivityInfo", "greengrass:GetCoreDefinition", "greengrass:GetCoreDefinitionVersion", "greengrass:GetDeploymentStatus", "greengrass:GetDeviceDefinition", "greengrass:GetDeviceDefinitionVersion", "greengrass:GetFunctionDefinition", "greengrass:GetFunctionDefinitionVersion", "greengrass:GetGroup", "greengrass:GetGroupCertificateAuthority", "greengrass:GetGroupCertificateConfiguration", "greengrass:GetGroupVersion", "greengrass:GetLoggerDefinition", "greengrass:GetLoggerDefinitionVersion", "greengrass:GetResourceDefinition", "greengrass:GetServiceRoleForAccount", "greengrass:GetSubscriptionDefinition", "greengrass:GetSubscriptionDefinitionVersion", "greengrass:ListCoreDefinitionVersions", "greengrass:ListCoreDefinitions", "greengrass:ListDeployments", "greengrass:ListDeviceDefinitionVersions", "greengrass:ListDeviceDefinitions", "greengrass:ListFunctionDefinitionVersions", "greengrass:ListFunctionDefinitions", "greengrass:ListGroupCertificateAuthorities", "greengrass:ListGroupVersions", "greengrass:ListGroups", "greengrass:ListLoggerDefinitionVersions", "greengrass:ListLoggerDefinitions", "greengrass:ListSubscriptionDefinitionVersions", "greengrass:ListSubscriptionDefinitions", "greengrass:ResetDeployments", "greengrass:UpdateConnectivityInfo", "greengrass:UpdateCoreDefinition", "greengrass:UpdateDeviceDefinition", "greengrass:UpdateFunctionDefinition", "greengrass:UpdateGroup", "greengrass:UpdateGroupCertificateConfiguration", "greengrass:UpdateLoggerDefinition", "greengrass:UpdateSubscriptionDefinition", "greengrass:UpdateResourceDefinition", "lambda:CreateFunction", "lambda:DeleteFunction", "lambda:GetFunction", "lambda:GetFunctionConfiguration", "lambda:ListFunctions", "lambda:ListVersionsByFunction", "lambda:PublishVersion", "lambda:UpdateFunctionCode", "lambda:UpdateFunctionConfiguration", "lambda:GetFunction", "lambda:GetFunctionConfiguration", "lambda:ListFunctions", "lambda:ListVersionsByFunction", "sagemaker:CreateTrainingJob", "sagemaker:DescribeTrainingJob", "sagemaker:StopTrainingJob", "sagemaker:DescribeTrainingJob", "kinesisvideo:CreateStream", "kinesisvideo:DescribeStream", "kinesisvideo:DeleteStream", "kinesisvideo:GetDataEndpoint" ], "malformed": false, "name": "AWSDeepLensServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-09-25T19:25:06+00:00", "version": "v6" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSLambdaInvocation-DynamoDB", "createdate": "2015-02-06T18:40:47Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "lambda:InvokeFunction", "dynamodb:DescribeStream", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:ListStreams" ], "malformed": false, "name": "AWSLambdaInvocation-DynamoDB", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2015-02-06T18:40:47+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AccessAnalyzerServiceRolePolicy", "createdate": "2024-01-22T22:34:53Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "dynamodb:GetResourcePolicy", "dynamodb:ListStreams", "dynamodb:ListTables", "ec2:DescribeAddresses", "ec2:DescribeByoipCidrs", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshots", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcs", "ec2:GetSnapshotBlockPublicAccessState", "ecr:DescribeRepositories", "ecr:GetRepositoryPolicy", "elasticfilesystem:DescribeFileSystemPolicy", "elasticfilesystem:DescribeFileSystems", "iam:GetRole", "iam:ListEntitiesForPolicy", "iam:ListRoles", "iam:ListUsers", "iam:GetUser", "iam:GetGroup", "iam:GenerateServiceLastAccessedDetails", "iam:GetServiceLastAccessedDetails", "iam:ListAccessKeys", "iam:GetLoginProfile", "iam:GetAccessKeyLastUsed", "kms:DescribeKey", "kms:GetKeyPolicy", "kms:ListGrants", "kms:ListKeyPolicies", "kms:ListKeys", "lambda:GetFunctionUrlConfig", "lambda:GetLayerVersionPolicy", "lambda:GetPolicy", "lambda:ListAliases", "lambda:ListFunctions", "lambda:ListLayers", "lambda:ListLayerVersions", "lambda:ListVersionsByFunction", "organizations:DescribeAccount", "organizations:DescribeOrganization", "organizations:DescribeOrganizationalUnit", "organizations:ListAccounts", "organizations:ListAccountsForParent", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListChildren", "organizations:ListDelegatedAdministrators", "organizations:ListOrganizationalUnitsForParent", "organizations:ListParents", "organizations:ListRoots", "rds:DescribeDBClusterSnapshotAttributes", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBSnapshotAttributes", "rds:DescribeDBSnapshots", "s3:DescribeMultiRegionAccessPointOperation", "s3:GetAccessPoint", "s3:GetAccessPointPolicy", "s3:GetAccessPointPolicyStatus", "s3:GetAccountPublicAccessBlock", "s3:GetBucketAcl", "s3:GetBucketLocation", "s3:GetBucketPolicyStatus", "s3:GetBucketPolicy", "s3:GetBucketPublicAccessBlock", "s3:GetMultiRegionAccessPoint", "s3:GetMultiRegionAccessPointPolicy", "s3:GetMultiRegionAccessPointPolicyStatus", "s3:ListAccessPoints", "s3:ListAllMyBuckets", "s3:ListMultiRegionAccessPoints", "s3express:GetBucketPolicy", "s3express:ListAllMyDirectoryBuckets", "sns:GetTopicAttributes", "sns:ListTopics", "secretsmanager:DescribeSecret", "secretsmanager:GetResourcePolicy", "secretsmanager:ListSecrets", "sqs:GetQueueAttributes", "sqs:ListQueues" ], "malformed": false, "name": "AccessAnalyzerServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-01-22T22:34:53+00:00", "version": "v12" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AWSCodeDeployFullAccess", "createdate": "2020-04-02T16:14:47Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "codedeploy:AddTagsToOnPremisesInstances", "codedeploy:BatchGetApplicationRevisions", "codedeploy:BatchGetApplications", "codedeploy:BatchGetDeploymentGroups", "codedeploy:BatchGetDeploymentInstances", "codedeploy:BatchGetDeploymentTargets", "codedeploy:BatchGetDeployments", "codedeploy:BatchGetOnPremisesInstances", "codedeploy:ContinueDeployment", "codedeploy:CreateApplication", "codedeploy:CreateCloudFormationDeployment", "codedeploy:CreateDeployment", "codedeploy:CreateDeploymentConfig", "codedeploy:CreateDeploymentGroup", "codedeploy:DeleteApplication", "codedeploy:DeleteDeploymentConfig", "codedeploy:DeleteDeploymentGroup", "codedeploy:DeleteGitHubAccountToken", "codedeploy:DeleteResourcesByExternalId", "codedeploy:DeregisterOnPremisesInstance", "codedeploy:GetApplication", "codedeploy:GetApplicationRevision", "codedeploy:GetDeployment", "codedeploy:GetDeploymentConfig", "codedeploy:GetDeploymentGroup", "codedeploy:GetDeploymentInstance", "codedeploy:GetDeploymentTarget", "codedeploy:GetOnPremisesInstance", "codedeploy:ListApplicationRevisions", "codedeploy:ListApplications", "codedeploy:ListDeploymentConfigs", "codedeploy:ListDeploymentGroups", "codedeploy:ListDeploymentInstances", "codedeploy:ListDeploymentTargets", "codedeploy:ListDeployments", "codedeploy:ListGitHubAccountTokenNames", "codedeploy:ListOnPremisesInstances", "codedeploy:ListTagsForResource", "codedeploy:PutLifecycleEventHookExecutionStatus", "codedeploy:RegisterApplicationRevision", "codedeploy:RegisterOnPremisesInstance", "codedeploy:RemoveTagsFromOnPremisesInstances", "codedeploy:SkipWaitTimeForInstanceTermination", "codedeploy:StopDeployment", "codedeploy:TagResource", "codedeploy:UntagResource", "codedeploy:UpdateApplication", "codedeploy:UpdateDeploymentGroup", "codestar-notifications:CreateNotificationRule", "codestar-notifications:DescribeNotificationRule", "codestar-notifications:UpdateNotificationRule", "codestar-notifications:DeleteNotificationRule", "codestar-notifications:Subscribe", "codestar-notifications:Unsubscribe", "codestar-notifications:ListNotificationRules", "codestar-notifications:ListTargets", "codestar-notifications:ListTagsForResource", "codestar-notifications:ListEventTypes", "sns:CreateTopic", "sns:SetTopicAttributes", "chatbot:DescribeSlackChannelConfigurations", "sns:ListTopics" ], "malformed": false, "name": "AWSCodeDeployFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-04-02T16:14:47+00:00", "version": "v3" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetAutoscaleRole", "createdate": "2019-02-18T19:17:03Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeSpotFleetRequests", "ec2:ModifySpotFleetRequest", "cloudwatch:DescribeAlarms", "cloudwatch:PutMetricAlarm", "cloudwatch:DeleteAlarms", "iam:CreateServiceLinkedRole" ], "malformed": false, "name": "AmazonEC2SpotFleetAutoscaleRole", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-02-18T19:17:03+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSManagedServices_ContactsServiceRolePolicy", "createdate": "2023-03-23T17:07:46Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:ListRoleTags", "iam:ListUserTags", "tag:GetResources", "ec2:DescribeTags", "s3:GetBucketTagging" ], "malformed": false, "name": "AWSManagedServices_ContactsServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-23T17:07:46+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSConfigRulesExecutionRole", "createdate": "2019-05-13T21:33:30Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:GetObject", "config:PutAggregationAuthorization", "config:PutConfigRule", "config:PutConfigurationAggregator", "config:PutConfigurationRecorder", "config:PutConformancePack", "config:PutDeliveryChannel", "config:PutEvaluations", "config:PutExternalEvaluation", "config:PutOrganizationConfigRule", "config:PutOrganizationConformancePack", "config:PutRemediationConfigurations", "config:PutRemediationExceptions", "config:PutResourceConfig", "config:PutRetentionConfiguration", "config:PutStoredQuery", "config:GetAggregateComplianceDetailsByConfigRule", "config:GetAggregateConfigRuleComplianceSummary", "config:GetAggregateConformancePackComplianceSummary", "config:GetAggregateDiscoveredResourceCounts", "config:GetAggregateResourceConfig", "config:GetComplianceDetailsByConfigRule", "config:GetComplianceDetailsByResource", "config:GetComplianceSummaryByConfigRule", "config:GetComplianceSummaryByResourceType", "config:GetConformancePackComplianceDetails", "config:GetConformancePackComplianceSummary", "config:GetCustomRulePolicy", "config:GetDiscoveredResourceCounts", "config:GetOrganizationConfigRuleDetailedStatus", "config:GetOrganizationConformancePackDetailedStatus", "config:GetOrganizationCustomRulePolicy", "config:GetResourceConfigHistory", "config:GetResourceEvaluationSummary", "config:GetStoredQuery", "config:ListAggregateDiscoveredResources", "config:ListConformancePackComplianceScores", "config:ListDiscoveredResources", "config:ListResourceEvaluations", "config:ListStoredQueries", "config:ListTagsForResource", "config:DescribeAggregateComplianceByConfigRules", "config:DescribeAggregateComplianceByConformancePacks", "config:DescribeAggregationAuthorizations", "config:DescribeComplianceByConfigRule", "config:DescribeComplianceByResource", "config:DescribeConfigRuleEvaluationStatus", "config:DescribeConfigRules", "config:DescribeConfigurationAggregatorSourcesStatus", "config:DescribeConfigurationAggregators", "config:DescribeConfigurationRecorderStatus", "config:DescribeConfigurationRecorders", "config:DescribeConformancePackCompliance", "config:DescribeConformancePackStatus", "config:DescribeConformancePacks", "config:DescribeDeliveryChannelStatus", "config:DescribeDeliveryChannels", "config:DescribeOrganizationConfigRuleStatuses", "config:DescribeOrganizationConfigRules", "config:DescribeOrganizationConformancePackStatuses", "config:DescribeOrganizationConformancePacks", "config:DescribePendingAggregationRequests", "config:DescribeRemediationConfigurations", "config:DescribeRemediationExceptions", "config:DescribeRemediationExecutionStatus", "config:DescribeRetentionConfigurations", "config:BatchGetAggregateResourceConfig", "config:BatchGetResourceConfig", "config:SelectAggregateResourceConfig", "config:SelectResourceConfig" ], "malformed": false, "name": "AWSConfigRulesExecutionRole", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-05-13T21:33:30+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSFMAdminReadOnlyAccess", "createdate": "2022-10-31T22:42:13Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "fms:GetAdminAccount", "fms:GetAdminScope", "fms:GetAppsList", "fms:GetComplianceDetail", "fms:GetNotificationChannel", "fms:GetPolicy", "fms:GetProtectionStatus", "fms:GetProtocolsList", "fms:GetResourceSet", "fms:GetThirdPartyFirewallAssociationStatus", "fms:GetViolationDetails", "fms:ListAdminAccountsForOrganization", "fms:ListAdminsManagingAccount", "fms:ListAppsLists", "fms:ListComplianceStatus", "fms:ListDiscoveredResources", "fms:ListMemberAccounts", "fms:ListPolicies", "fms:ListProtocolsLists", "fms:ListResourceSetResources", "fms:ListResourceSets", "fms:ListTagsForResource", "fms:ListThirdPartyFirewallFirewallPolicies", "waf:GetByteMatchSet", "waf:GetChangeToken", "waf:GetChangeTokenStatus", "waf:GetGeoMatchSet", "waf:GetIPSet", "waf:GetLoggingConfiguration", "waf:GetPermissionPolicy", "waf:GetRateBasedRule", "waf:GetRateBasedRuleManagedKeys", "waf:GetRegexMatchSet", "waf:GetRegexPatternSet", "waf:GetRule", "waf:GetRuleGroup", "waf:GetSampledRequests", "waf:GetSizeConstraintSet", "waf:GetSqlInjectionMatchSet", "waf:GetWebACL", "waf:GetXssMatchSet", "waf:ListActivatedRulesInRuleGroup", "waf:ListByteMatchSets", "waf:ListGeoMatchSets", "waf:ListIPSets", "waf:ListLoggingConfigurations", "waf:ListRateBasedRules", "waf:ListRegexMatchSets", "waf:ListRegexPatternSets", "waf:ListRuleGroups", "waf:ListRules", "waf:ListSizeConstraintSets", "waf:ListSqlInjectionMatchSets", "waf:ListSubscribedRuleGroups", "waf:ListTagsForResource", "waf:ListWebACLs", "waf:ListXssMatchSets", "waf-regional:GetByteMatchSet", "waf-regional:GetChangeToken", "waf-regional:GetChangeTokenStatus", "waf-regional:GetGeoMatchSet", "waf-regional:GetIPSet", "waf-regional:GetLoggingConfiguration", "waf-regional:GetPermissionPolicy", "waf-regional:GetRateBasedRule", "waf-regional:GetRateBasedRuleManagedKeys", "waf-regional:GetRegexMatchSet", "waf-regional:GetRegexPatternSet", "waf-regional:GetRule", "waf-regional:GetRuleGroup", "waf-regional:GetSampledRequests", "waf-regional:GetSizeConstraintSet", "waf-regional:GetSqlInjectionMatchSet", "waf-regional:GetWebACL", "waf-regional:GetWebACLForResource", "waf-regional:GetXssMatchSet", "waf-regional:ListActivatedRulesInRuleGroup", "waf-regional:ListByteMatchSets", "waf-regional:ListGeoMatchSets", "waf-regional:ListIPSets", "waf-regional:ListLoggingConfigurations", "waf-regional:ListRateBasedRules", "waf-regional:ListRegexMatchSets", "waf-regional:ListRegexPatternSets", "waf-regional:ListResourcesForWebACL", "waf-regional:ListRuleGroups", "waf-regional:ListRules", "waf-regional:ListSizeConstraintSets", "waf-regional:ListSqlInjectionMatchSets", "waf-regional:ListSubscribedRuleGroups", "waf-regional:ListTagsForResource", "waf-regional:ListWebACLs", "waf-regional:ListXssMatchSets", "firehose:ListDeliveryStreams", "organizations:DescribeOrganization", "organizations:DescribeAccount", "organizations:ListRoots", "organizations:ListChildren", "organizations:ListAccounts", "organizations:ListAccountsForParent", "organizations:ListOrganizationalUnitsForParent", "shield:GetSubscriptionState", "route53resolver:ListFirewallRuleGroups", "route53resolver:GetFirewallRuleGroup", "wafv2:ListRuleGroups", "wafv2:ListAvailableManagedRuleGroups", "wafv2:CheckCapacity", "wafv2:ListAvailableManagedRuleGroupVersions", "network-firewall:DescribeRuleGroup", "network-firewall:DescribeRuleGroupMetadata", "network-firewall:ListRuleGroups", "ec2:DescribeAvailabilityZones", "ec2:DescribeRegions", "s3:GetBucketPolicy", "organizations:ListDelegatedAdministrators" ], "malformed": false, "name": "AWSFMAdminReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-10-31T22:42:13+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": null, "createdate": "2019-03-11T22:14:30Z", "credentials_exposure": false, "data_access": false, "deprecated": true, "effective_action_names": [ "backup:CancelLegalHold", "backup:CopyFromBackupVault", "backup:CopyIntoBackupVault", "backup:CreateBackupPlan", "backup:CreateBackupSelection", "backup:CreateBackupVault", "backup:CreateFramework", "backup:CreateLegalHold", "backup:CreateLogicallyAirGappedBackupVault", "backup:CreateReportPlan", "backup:CreateRestoreTestingPlan", "backup:CreateRestoreTestingSelection", "backup:DeleteBackupPlan", "backup:DeleteBackupSelection", "backup:DeleteBackupVault", "backup:DeleteBackupVaultAccessPolicy", "backup:DeleteBackupVaultLockConfiguration", "backup:DeleteBackupVaultNotifications", "backup:DeleteBackupVaultSharingPolicy", "backup:DeleteFramework", "backup:DeleteRecoveryPoint", "backup:DeleteReportPlan", "backup:DeleteRestoreTestingPlan", "backup:DeleteRestoreTestingSelection", "backup:DescribeBackupJob", "backup:DescribeBackupVault", "backup:DescribeCopyJob", "backup:DescribeFramework", "backup:DescribeGlobalSettings", "backup:DescribeProtectedResource", "backup:DescribeRecoveryPoint", "backup:DescribeRegionSettings", "backup:DescribeReportJob", "backup:DescribeReportPlan", "backup:DescribeRestoreJob", "backup:DisassociateRecoveryPoint", "backup:DisassociateRecoveryPointFromParent", "backup:ExportBackupPlanTemplate", "backup:GetBackupPlan", "backup:GetBackupPlanFromJSON", "backup:GetBackupPlanFromTemplate", "backup:GetBackupSelection", "backup:GetBackupVaultAccessPolicy", "backup:GetBackupVaultNotifications", "backup:GetBackupVaultSharingPolicy", "backup:GetLegalHold", "backup:GetRecoveryPointRestoreMetadata", "backup:GetRestoreJobMetadata", "backup:GetRestoreTestingInferredMetadata", "backup:GetRestoreTestingPlan", "backup:GetRestoreTestingSelection", "backup:GetSupportedResourceTypes", "backup:ListBackupJobSummaries", "backup:ListBackupJobs", "backup:ListBackupPlanTemplates", "backup:ListBackupPlanVersions", "backup:ListBackupPlans", "backup:ListBackupSelections", "backup:ListBackupVaults", "backup:ListCopyJobSummaries", "backup:ListCopyJobs", "backup:ListFrameworks", "backup:ListLegalHolds", "backup:ListProtectedResources", "backup:ListProtectedResourcesByBackupVault", "backup:ListRecoveryPointsByBackupVault", "backup:ListRecoveryPointsByLegalHold", "backup:ListRecoveryPointsByResource", "backup:ListReportJobs", "backup:ListReportPlans", "backup:ListRestoreJobSummaries", "backup:ListRestoreJobs", "backup:ListRestoreJobsByProtectedResource", "backup:ListRestoreTestingPlans", "backup:ListRestoreTestingSelections", "backup:ListTags", "backup:PutBackupVaultAccessPolicy", "backup:PutBackupVaultLockConfiguration", "backup:PutBackupVaultNotifications", "backup:PutBackupVaultSharingPolicy", "backup:PutRestoreValidationResult", "backup:StartBackupJob", "backup:StartCopyJob", "backup:StartReportJob", "backup:StartRestoreJob", "backup:StopBackupJob", "backup:TagResource", "backup:UntagResource", "backup:UpdateBackupPlan", "backup:UpdateFramework", "backup:UpdateGlobalSettings", "backup:UpdateRecoveryPointLifecycle", "backup:UpdateRegionSettings", "backup:UpdateReportPlan", "backup:UpdateRestoreTestingPlan", "backup:UpdateRestoreTestingSelection", "backup-storage:CommitBackupJob", "backup-storage:DeleteObjects", "backup-storage:DescribeBackupJob", "backup-storage:GetBaseBackup", "backup-storage:GetChunk", "backup-storage:GetIncrementalBaseBackup", "backup-storage:GetObjectMetadata", "backup-storage:ListChunks", "backup-storage:ListObjects", "backup-storage:MountCapsule", "backup-storage:NotifyObjectComplete", "backup-storage:PutChunk", "backup-storage:PutObject", "backup-storage:StartObject", "backup-storage:UpdateObjectComplete", "rds:DescribeDBSnapshots", "rds:ListTagsForResource", "rds:DescribeDBInstances", "rds:DescribeDBSnapshots", "rds:DescribeDBEngineVersions", "rds:DescribeOptionGroups", "rds:DescribeOrderableDBInstanceOptions", "rds:DescribeDBSubnetGroups", "dynamodb:ListBackups", "dynamodb:ListTables", "elasticfilesystem:DescribeFileSystems", "ec2:DescribeSnapshots", "ec2:DescribeVolumes", "ec2:DescribeAvailabilityZones", "tag:GetTagKeys", "tag:GetTagValues", "tag:GetResources", "storagegateway:DescribeCachediSCSIVolumes", "storagegateway:DescribeStorediSCSIVolumes", "storagegateway:ListGateways", "storagegateway:DescribeGatewayInformation", "storagegateway:ListVolumes", "storagegateway:ListLocalDisks", "iam:ListRoles", "iam:GetRole", "iam:GetUser", "iam:PassRole", "kms:ListKeys", "kms:DescribeKey", "kms:GenerateDataKey", "kms:RetireGrant", "kms:CreateGrant", "kms:ListAliases", "kms:Decrypt" ], "malformed": false, "name": "AWSBackupAdminPolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": null, "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryRecoveryInstancePolicy", "createdate": "2023-11-27T13:11:08Z", "credentials_exposure": true, "data_access": false, "deprecated": false, "effective_action_names": [ "drs:SendAgentMetricsForDrs", "drs:SendAgentLogsForDrs", "drs:UpdateAgentSourcePropertiesForDrs", "drs:UpdateAgentReplicationInfoForDrs", "drs:UpdateAgentConversionInfoForDrs", "drs:GetAgentCommandForDrs", "drs:GetAgentConfirmedResumeInfoForDrs", "drs:GetAgentRuntimeConfigurationForDrs", "drs:UpdateAgentBacklogForDrs", "drs:GetAgentReplicationInfoForDrs", "drs:UpdateReplicationCertificateForDrs", "drs:NotifyReplicationServerAuthenticationForDrs", "drs:DescribeRecoveryInstances", "ec2:DescribeInstanceTypes", "drs:GetAgentInstallationAssetsForDrs", "drs:SendClientLogsForDrs", "drs:CreateSourceServerForDrs", "drs:TagResource", "drs:SendAgentMetricsForDrs", "drs:SendAgentLogsForDrs", "drs:UpdateAgentSourcePropertiesForDrs", "drs:UpdateAgentReplicationInfoForDrs", "drs:UpdateAgentConversionInfoForDrs", "drs:GetAgentCommandForDrs", "drs:GetAgentConfirmedResumeInfoForDrs", "drs:GetAgentRuntimeConfigurationForDrs", "drs:UpdateAgentBacklogForDrs", "drs:GetAgentReplicationInfoForDrs", "sts:AssumeRole", "sts:TagSession" ], "malformed": false, "name": "AWSElasticDisasterRecoveryRecoveryInstancePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-27T13:11:08+00:00", "version": "v4" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AmazonSageMakerCanvasForecastAccess", "createdate": "2022-08-24T20:04:20Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "s3:GetObject", "s3:PutObject", "s3:ListBucket" ], "malformed": false, "name": "AmazonSageMakerCanvasForecastAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-08-24T20:04:20+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSZonalAutoshiftPracticeRunSLRPolicy", "createdate": "2023-11-29T17:34:54Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudwatch:DescribeAlarms", "health:DescribeEvents", "arc-zonal-shift:CancelZonalShift", "arc-zonal-shift:GetManagedResource", "arc-zonal-shift:StartZonalShift", "arc-zonal-shift:UpdateZonalShift" ], "malformed": false, "name": "AWSZonalAutoshiftPracticeRunSLRPolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-11-29T17:34:54+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSAccountActivityAccess", "createdate": "2023-03-07T17:02:30Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "account:GetAccountInformation", "account:GetAlternateContact", "account:GetChallengeQuestions", "account:GetContactInformation", "account:GetRegionOptStatus", "account:ListRegions", "billing:GetIAMAccessPreference", "billing:GetSellerOfRecord", "payments:ListPaymentPreferences", "aws-portal:ViewBilling" ], "malformed": false, "name": "AWSAccountActivityAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-03-07T17:02:30+00:00", "version": "v2" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSEC2FleetServiceRolePolicy", "createdate": "2020-05-04T20:10:31Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:DescribeImages", "ec2:DescribeSubnets", "ec2:RequestSpotInstances", "ec2:DescribeInstanceStatus", "ec2:RunInstances", "iam:CreateServiceLinkedRole", "iam:PassRole", "ec2:CreateTags", "ec2:CreateTags", "ec2:TerminateInstances" ], "malformed": false, "name": "AWSEC2FleetServiceRolePolicy", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-05-04T20:10:31+00:00", "version": "v3" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/CertificateManagerServiceRolePolicy", "createdate": "2020-06-25T17:56:49Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "acm-pca:IssueCertificate", "acm-pca:GetCertificate" ], "malformed": false, "name": "CertificateManagerServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-06-25T17:56:49+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoScalingCustomResourcePolicy", "createdate": "2018-06-04T23:22:44Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "execute-api:Invoke", "cloudwatch:PutMetricAlarm", "cloudwatch:DescribeAlarms", "cloudwatch:DeleteAlarms" ], "malformed": false, "name": "AWSApplicationAutoScalingCustomResourcePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2018-06-04T23:22:44+00:00", "version": "v1" }, { "access_levels": [ "List", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSDataLifecycleManagerServiceRoleForAMIManagement", "createdate": "2021-08-19T17:03:44Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "ec2:CreateTags", "ec2:DescribeImages", "ec2:DescribeInstances", "ec2:DescribeImageAttribute", "ec2:DescribeVolumes", "ec2:DescribeSnapshots", "ec2:DeleteSnapshot", "ec2:ResetImageAttribute", "ec2:DeregisterImage", "ec2:CreateImage", "ec2:CopyImage", "ec2:ModifyImageAttribute", "ec2:EnableImageDeprecation", "ec2:DisableImageDeprecation" ], "malformed": false, "name": "AWSDataLifecycleManagerServiceRoleForAMIManagement", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-08-19T17:03:44+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AmazonCodeCatalystFullAccess", "createdate": "2023-04-20T16:50:16Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "codecatalyst:AcceptConnection", "codecatalyst:AssociateIamRoleToConnection", "codecatalyst:AssociateIdentityCenterApplicationToSpace", "codecatalyst:AssociateIdentityToIdentityCenterApplication", "codecatalyst:BatchAssociateIdentitiesToIdentityCenterApplication", "codecatalyst:BatchDisassociateIdentitiesFromIdentityCenterApplication", "codecatalyst:CreateIdentityCenterApplication", "codecatalyst:CreateSpace", "codecatalyst:CreateSpaceAdminRoleAssignment", "codecatalyst:DeleteConnection", "codecatalyst:DeleteIdentityCenterApplication", "codecatalyst:DisassociateIamRoleFromConnection", "codecatalyst:DisassociateIdentityCenterApplicationFromSpace", "codecatalyst:DisassociateIdentityFromIdentityCenterApplication", "codecatalyst:GetBillingAuthorization", "codecatalyst:GetConnection", "codecatalyst:GetIdentityCenterApplication", "codecatalyst:GetPendingConnection", "codecatalyst:ListConnections", "codecatalyst:ListIamRolesForConnection", "codecatalyst:ListIdentityCenterApplications", "codecatalyst:ListIdentityCenterApplicationsForSpace", "codecatalyst:ListSpacesForIdentityCenterApplication", "codecatalyst:ListTagsForResource", "codecatalyst:PutBillingAuthorization", "codecatalyst:RejectConnection", "codecatalyst:SynchronizeIdentityCenterApplication", "codecatalyst:TagResource", "codecatalyst:UntagResource", "codecatalyst:UpdateIdentityCenterApplication", "iam:ListRoles", "iam:PassRole" ], "malformed": false, "name": "AmazonCodeCatalystFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-04-20T16:50:16+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": null, "createdate": "2020-06-03T16:57:16Z", "credentials_exposure": true, "data_access": true, "deprecated": true, "effective_action_names": [ "applicationinsights:AddWorkload", "applicationinsights:CreateApplication", "applicationinsights:CreateComponent", "applicationinsights:CreateLogPattern", "applicationinsights:DeleteApplication", "applicationinsights:DeleteComponent", "applicationinsights:DeleteLogPattern", "applicationinsights:DescribeApplication", "applicationinsights:DescribeComponent", "applicationinsights:DescribeComponentConfiguration", "applicationinsights:DescribeComponentConfigurationRecommendation", "applicationinsights:DescribeLogPattern", "applicationinsights:DescribeObservation", "applicationinsights:DescribeProblem", "applicationinsights:DescribeProblemObservations", "applicationinsights:DescribeWorkload", "applicationinsights:Link", "applicationinsights:ListApplications", "applicationinsights:ListComponents", "applicationinsights:ListConfigurationHistory", "applicationinsights:ListLogPatternSets", "applicationinsights:ListLogPatterns", "applicationinsights:ListProblems", "applicationinsights:ListTagsForResource", "applicationinsights:ListWorkloads", "applicationinsights:RemoveWorkload", "applicationinsights:TagResource", "applicationinsights:UntagResource", "applicationinsights:UpdateApplication", "applicationinsights:UpdateComponent", "applicationinsights:UpdateComponentConfiguration", "applicationinsights:UpdateLogPattern", "applicationinsights:UpdateProblem", "applicationinsights:UpdateWorkload", "resource-groups:ListGroupResources", "resource-groups:ListGroups", "resource-groups:ListResourceTypes", "route53:ChangeResourceRecordSets", "route53:GetChange", "route53:ListResourceRecordSets", "route53:ListHostedZones", "route53:ListHostedZonesByName", "cloudwatch:ListDashboards", "cloudwatch:ListManagedInsightRules", "cloudwatch:ListMetricStreams", "cloudwatch:ListMetrics", "cloudwatch:ListServiceLevelObjectives", "cloudwatch:ListServices", "cloudwatch:ListTagsForResource", "cloudwatch:GetDashboard", "cloudwatch:GetInsightRuleReport", "cloudwatch:GetMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:GetMetricStream", "cloudwatch:GetMetricWidgetImage", "cloudwatch:GetService", "cloudwatch:GetServiceData", "cloudwatch:GetServiceLevelObjective", "cloudwatch:GetTopologyDiscoveryStatus", "cloudwatch:GetTopologyMap", "cloudwatch:DescribeAlarmHistory", "cloudwatch:DescribeAlarms", "cloudwatch:DescribeAlarmsForMetric", "cloudwatch:DescribeAnomalyDetectors", "cloudwatch:DescribeInsightRules", "ec2:AllocateAddress", "ec2:AllocateHosts", "ec2:AssignPrivateIpAddresses", "ec2:AssociateAddress", "ec2:CreateDhcpOptions", "ec2:CreateEgressOnlyInternetGateway", "ec2:CreateInternetGateway", "ec2:CreateNatGateway", "ec2:CreateNetworkInterface", "ec2:CreateVolume", "ec2:CreateVpc", "ec2:CreateVpcEndpoint", "ec2:CreateInternetGateway", "ec2:CreateKeyPair", "ec2:CreateNatGateway", "ec2:CreateRoute", "ec2:CreateRouteTable", "ec2:CreateSubnet", "ec2:RunInstances", "ec2:StartInstances", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:GetResource", "cloudformation:GetResourceRequestStatus", "cloudformation:GetGeneratedTemplate", "cloudformation:GetStackPolicy", "cloudformation:GetTemplate", "cloudformation:GetTemplateSummary", "cloudformation:ListStacks", "cloudformation:SignalResource", "ec2:ModifyInstanceAttribute", "ec2:ModifySubnetAttribute", "ec2:ModifyVolumeAttribute", "ec2:ModifyVpcAttribute", "ec2:AssociateDhcpOptions", "ec2:AssociateSubnetCidrBlock", "ec2:AttachInternetGateway", "ec2:AttachNetworkInterface", "ec2:AttachVolume", "ec2:StopInstances", "ec2:TerminateInstances", "ec2:DeleteSnapshot", "ec2:AuthorizeSecurityGroupEgress", "ec2:DeleteDhcpOptions", "ec2:DeleteInternetGateway", "ec2:DeleteKeyPair", "ec2:DeleteNatGateway", "ec2:DeleteSecurityGroup", "ec2:DeleteVolume", "ec2:DeleteVpc", "ec2:DetachInternetGateway", "ec2:DetachVolume", "ec2:GetConsoleOutput", "ec2:GetPasswordData", "ec2:ReleaseAddress", "ec2:ReplaceRoute", "ec2:ReplaceRouteTableAssociation", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "elasticfilesystem:DeleteFileSystem", "elasticfilesystem:DeleteMountTarget", "ec2:DisassociateIamInstanceProfile", "ec2:DisassociateRouteTable", "ec2:DisassociateSubnetCidrBlock", "cloudformation:DeleteStack", "iam:CreateInstanceProfile", "iam:DeleteInstanceProfile", "iam:PassRole", "iam:RemoveRoleFromInstanceProfile", "iam:AddRoleToInstanceProfile", "iam:PassRole", "autoscaling:AttachInstances", "autoscaling:CreateAutoScalingGroup", "autoscaling:CreateLaunchConfiguration", "autoscaling:DeleteAutoScalingGroup", "autoscaling:DeleteLaunchConfiguration", "autoscaling:UpdateAutoScalingGroup", "logs:CreateLogStream", "logs:DeleteLogGroup", "logs:DeleteLogStream", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:PutLogEvents", "resource-groups:CreateGroup", "resource-groups:DeleteGroup", "sns:ListSubscriptionsByTopic", "sns:Publish", "ssm:DeleteDocument", "ssm:DeleteParameter", "ssm:DeleteParameters", "ssm:DescribeDocument", "ssm:DescribeDocumentParameters", "ssm:DescribeDocumentPermission", "ssm:GetDocument", "ssm:PutParameter", "ssm:SendCommand", "logs:DeleteLogStream", "logs:GetLogEvents", "logs:PutLogEvents", "ssm:AddTagsToResource", "ssm:DescribeDocument", "ssm:GetDocument", "ssm:ListTagsForResource", "ssm:RemoveTagsFromResource", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAdjustmentTypes", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeAutoScalingNotificationTypes", "autoscaling:DescribeInstanceRefreshes", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLifecycleHookTypes", "autoscaling:DescribeLifecycleHooks", "autoscaling:DescribeLoadBalancerTargetGroups", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeMetricCollectionTypes", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribePolicies", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScalingProcessTypes", "autoscaling:DescribeScheduledActions", "autoscaling:DescribeTags", "autoscaling:DescribeTerminationPolicyTypes", "autoscaling:DescribeTrafficSources", "autoscaling:DescribeWarmPool", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "ds:AddIpRoutes", "ds:CreateComputer", "ds:CreateMicrosoftAD", "ds:DeleteDirectory", "ds:DescribeCertificate", "ds:DescribeClientAuthenticationSettings", "ds:DescribeConditionalForwarders", "ds:DescribeDirectories", "ds:DescribeDomainControllers", "ds:DescribeEventTopics", "ds:DescribeLDAPSSettings", "ds:DescribeRegions", "ds:DescribeSettings", "ds:DescribeSharedDirectories", "ds:DescribeSnapshots", "ds:DescribeTrusts", "ds:DescribeUpdateDirectory", "ds:ListAuthorizedApplications", "ec2:AssociateRouteTable", "ec2:AssociateVpcCidrBlock", "ec2:DeleteNetworkAcl", "ec2:DeleteNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DeleteRoute", "ec2:DeleteRouteTable", "ec2:DeleteSubnet", "ec2:DescribeAccountAttributes", "ec2:DescribeAddressTransfers", "ec2:DescribeAddresses", "ec2:DescribeAddressesAttribute", "ec2:DescribeAggregateIdFormat", "ec2:DescribeAvailabilityZones", "ec2:DescribeAwsNetworkPerformanceMetricSubscriptions", "ec2:DescribeBundleTasks", "ec2:DescribeByoipCidrs", "ec2:DescribeCapacityBlockOfferings", "ec2:DescribeCapacityReservationFleets", "ec2:DescribeCapacityReservations", "ec2:DescribeCarrierGateways", "ec2:DescribeClassicLinkInstances", "ec2:DescribeClientVpnAuthorizationRules", "ec2:DescribeClientVpnConnections", "ec2:DescribeClientVpnEndpoints", "ec2:DescribeClientVpnRoutes", "ec2:DescribeClientVpnTargetNetworks", "ec2:DescribeCoipPools", "ec2:DescribeConversionTasks", "ec2:DescribeCustomerGateways", "ec2:DescribeDhcpOptions", "ec2:DescribeEgressOnlyInternetGateways", "ec2:DescribeElasticGpus", "ec2:DescribeExportImageTasks", "ec2:DescribeExportTasks", "ec2:DescribeFastLaunchImages", "ec2:DescribeFastSnapshotRestores", "ec2:DescribeFleetHistory", "ec2:DescribeFleetInstances", "ec2:DescribeFleets", "ec2:DescribeFlowLogs", "ec2:DescribeFpgaImageAttribute", "ec2:DescribeFpgaImages", "ec2:DescribeHostReservationOfferings", "ec2:DescribeHostReservations", "ec2:DescribeHosts", "ec2:DescribeIamInstanceProfileAssociations", "ec2:DescribeIdFormat", "ec2:DescribeIdentityIdFormat", "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeImportImageTasks", "ec2:DescribeImportSnapshotTasks", "ec2:DescribeInstanceAttribute", "ec2:DescribeInstanceConnectEndpoints", "ec2:DescribeInstanceCreditSpecifications", "ec2:DescribeInstanceEventNotificationAttributes", "ec2:DescribeInstanceEventWindows", "ec2:DescribeInstanceStatus", "ec2:DescribeInstanceTopology", "ec2:DescribeInstanceTypeOfferings", "ec2:DescribeInstanceTypes", "ec2:DescribeInstances", "ec2:DescribeInternetGateways", "ec2:DescribeIpamByoasn", "ec2:DescribeIpamPools", "ec2:DescribeIpamResourceDiscoveries", "ec2:DescribeIpamResourceDiscoveryAssociations", "ec2:DescribeIpamScopes", "ec2:DescribeIpams", "ec2:DescribeIpv6Pools", "ec2:DescribeKeyPairs", "ec2:DescribeLaunchTemplateVersions", "ec2:DescribeLaunchTemplates", "ec2:DescribeLocalGatewayRouteTablePermissions", "ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations", "ec2:DescribeLocalGatewayRouteTableVpcAssociations", "ec2:DescribeLocalGatewayRouteTables", "ec2:DescribeLocalGatewayVirtualInterfaceGroups", "ec2:DescribeLocalGatewayVirtualInterfaces", "ec2:DescribeLocalGateways", "ec2:DescribeLockedSnapshots", "ec2:DescribeMacHosts", "ec2:DescribeManagedPrefixLists", "ec2:DescribeMovingAddresses", "ec2:DescribeNatGateways", "ec2:DescribeNetworkAcls", "ec2:DescribeNetworkInsightsAccessScopeAnalyses", "ec2:DescribeNetworkInsightsAccessScopes", "ec2:DescribeNetworkInsightsAnalyses", "ec2:DescribeNetworkInsightsPaths", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfacePermissions", "ec2:DescribeNetworkInterfaces", "ec2:DescribePlacementGroups", "ec2:DescribePrefixLists", "ec2:DescribePrincipalIdFormat", "ec2:DescribePublicIpv4Pools", "ec2:DescribeRegions", "ec2:DescribeReplaceRootVolumeTasks", "ec2:DescribeReservedInstances", "ec2:DescribeReservedInstancesListings", "ec2:DescribeReservedInstancesModifications", "ec2:DescribeReservedInstancesOfferings", "ec2:DescribeRouteTables", "ec2:DescribeScheduledInstanceAvailability", "ec2:DescribeScheduledInstances", "ec2:DescribeSecurityGroupReferences", "ec2:DescribeSecurityGroupRules", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshotAttribute", "ec2:DescribeSnapshotTierStatus", "ec2:DescribeSnapshots", "ec2:DescribeSpotDatafeedSubscription", "ec2:DescribeSpotFleetInstances", "ec2:DescribeSpotFleetRequestHistory", "ec2:DescribeSpotFleetRequests", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeSpotPriceHistory", "ec2:DescribeStaleSecurityGroups", "ec2:DescribeStoreImageTasks", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeTrafficMirrorFilters", "ec2:DescribeTrafficMirrorSessions", "ec2:DescribeTrafficMirrorTargets", "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayConnectPeers", "ec2:DescribeTransitGatewayConnects", "ec2:DescribeTransitGatewayMulticastDomains", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTransitGatewayPolicyTables", "ec2:DescribeTransitGatewayRouteTableAnnouncements", "ec2:DescribeTransitGatewayRouteTables", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTransitGateways", "ec2:DescribeTrunkInterfaceAssociations", "ec2:DescribeVerifiedAccessEndpoints", "ec2:DescribeVerifiedAccessGroups", "ec2:DescribeVerifiedAccessInstanceLoggingConfigurations", "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", "ec2:DescribeVerifiedAccessInstances", "ec2:DescribeVerifiedAccessTrustProviders", "ec2:DescribeVolumeAttribute", "ec2:DescribeVolumeStatus", "ec2:DescribeVolumes", "ec2:DescribeVolumesModifications", "ec2:DescribeVpcAttribute", "ec2:DescribeVpcClassicLink", "ec2:DescribeVpcClassicLinkDnsSupport", "ec2:DescribeVpcEndpointConnectionNotifications", "ec2:DescribeVpcEndpointConnections", "ec2:DescribeVpcEndpointServiceConfigurations", "ec2:DescribeVpcEndpointServicePermissions", "ec2:DescribeVpcEndpointServices", "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcPeeringConnections", "ec2:DescribeVpcs", "ec2:DescribeVpnConnections", "ec2:DescribeVpnGateways", "ec2:DetachNetworkInterface", "ec2:DisassociateAddress", "ec2:DisassociateVpcCidrBlock", "ec2:GetLaunchTemplateData", "ec2:ModifyNetworkInterfaceAttribute", "ec2:ModifyVolume", "iam:GetRole", "iam:GetRolePolicy", "iam:ListAccessKeys", "iam:ListAccountAliases", "iam:ListAttachedGroupPolicies", "iam:ListAttachedRolePolicies", "iam:ListAttachedUserPolicies", "iam:ListCloudFrontPublicKeys", "iam:ListEntitiesForPolicy", "iam:ListGroupPolicies", "iam:ListGroups", "iam:ListGroupsForUser", "iam:ListInstanceProfileTags", "iam:ListInstanceProfiles", "iam:ListInstanceProfilesForRole", "iam:ListMFADeviceTags", "iam:ListMFADevices", "iam:ListOpenIDConnectProviderTags", "iam:ListOpenIDConnectProviders", "iam:ListPolicies", "iam:ListPoliciesGrantingServiceAccess", "iam:ListPolicyTags", "iam:ListPolicyVersions", "iam:ListRolePolicies", "iam:ListRoleTags", "iam:ListRoles", "iam:ListSAMLProviderTags", "iam:ListSAMLProviders", "iam:ListSSHPublicKeys", "iam:ListSTSRegionalEndpointsStatus", "iam:ListServerCertificateTags", "iam:ListServerCertificates", "iam:ListServiceSpecificCredentials", "iam:ListSigningCertificates", "iam:ListUserPolicies", "iam:ListUserTags", "iam:ListUsers", "iam:ListVirtualMFADevices", "logs:CreateLogGroup", "logs:GetLogDelivery", "logs:GetLogRecord", "logs:ListLogDeliveries", "resource-groups:GetAccountSettings", "resource-groups:GetGroup", "resource-groups:GetGroupConfiguration", "resource-groups:GetGroupPolicy", "resource-groups:GetGroupQuery", "resource-groups:GetTags", "resource-groups:ListGroupResources", "resource-groups:ListGroups", "resource-groups:ListResourceTypes", "servicequotas:GetServiceQuota", "servicequotas:ListServiceQuotas", "sns:ListSubscriptions", "sns:ListTopics", "ssm:CreateDocument", "ssm:DescribeAutomationExecutions", "ssm:DescribeAutomationStepExecutions", "ssm:DescribeInstanceInformation", "ssm:DescribeParameters", "ssm:GetAutomationExecution", "ssm:GetCommandInvocation", "ssm:GetParameter", "ssm:GetParameterHistory", "ssm:GetParameters", "ssm:GetParametersByPath", "ssm:ListCommandInvocations", "ssm:ListCommands", "ssm:ListDocumentMetadataHistory", "ssm:ListDocumentVersions", "ssm:ListDocuments", "ssm:ListInstanceAssociations", "ssm:SendAutomationSignal", "ssm:StartAutomationExecution", "ssm:StopAutomationExecution", "tag:GetComplianceSummary", "tag:GetResources", "tag:GetTagKeys", "tag:GetTagValues", "ec2:CreateTags", "ec2:DeleteTags", "logs:GetLogAnomalyDetector", "logs:GetLogDelivery", "logs:GetLogEvents", "logs:GetLogGroupFields", "logs:GetLogRecord", "cloudformation:ListResourceRequests", "cloudformation:ListResources", "cloudformation:ListChangeSets", "cloudformation:ListExports", "cloudformation:ListGeneratedTemplates", "cloudformation:ListImports", "cloudformation:ListResourceScanRelatedResources", "cloudformation:ListResourceScanResources", "cloudformation:ListResourceScans", "cloudformation:ListStackInstanceResourceDrifts", "cloudformation:ListStackInstances", "cloudformation:ListStackResources", "cloudformation:ListStackSetAutoDeploymentTargets", "cloudformation:ListStackSetOperationResults", "cloudformation:ListStackSetOperations", "cloudformation:ListStackSets", "cloudformation:ListStacks", "cloudformation:ListTypeRegistrations", "cloudformation:ListTypeVersions", "cloudformation:ListTypes", "cloudformation:DescribeAccountLimits", "cloudformation:DescribeChangeSet", "cloudformation:DescribeChangeSetHooks", "cloudformation:DescribeGeneratedTemplate", "cloudformation:DescribeOrganizationsAccess", "cloudformation:DescribePublisher", "cloudformation:DescribeResourceScan", "cloudformation:DescribeStackDriftDetectionStatus", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackInstance", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResourceDrifts", "cloudformation:DescribeStackResources", "cloudformation:DescribeStackSet", "cloudformation:DescribeStackSetOperation", "cloudformation:DescribeStacks", "cloudformation:DescribeType", "cloudformation:DescribeTypeRegistration", "iam:CreateServiceLinkedRole", "launchwizard:CreateAdditionalNode", "launchwizard:CreateDeployment", "launchwizard:CreateSettingsSet", "launchwizard:DeleteAdditionalNode", "launchwizard:DeleteApp", "launchwizard:DeleteDeployment", "launchwizard:DeleteSettingsSet", "launchwizard:DescribeAdditionalNode", "launchwizard:DescribeProvisionedApp", "launchwizard:DescribeProvisioningEvents", "launchwizard:DescribeSettingsSet", "launchwizard:GetDeployment", "launchwizard:GetInfrastructureSuggestion", "launchwizard:GetIpAddress", "launchwizard:GetResourceCostEstimate", "launchwizard:GetResourceRecommendation", "launchwizard:GetSettingsSet", "launchwizard:GetWorkload", "launchwizard:GetWorkloadAsset", "launchwizard:GetWorkloadAssets", "launchwizard:ListAdditionalNodes", "launchwizard:ListAllowedResources", "launchwizard:ListDeploymentEvents", "launchwizard:ListDeployments", "launchwizard:ListProvisionedApps", "launchwizard:ListResourceCostEstimates", "launchwizard:ListSettingsSets", "launchwizard:ListWorkloadDeploymentOptions", "launchwizard:ListWorkloadDeploymentPatterns", "launchwizard:ListWorkloads", "launchwizard:PutSettingsSet", "launchwizard:StartProvisioning", "launchwizard:UpdateSettingsSet", "sqs:TagQueue", "sqs:GetQueueUrl", "sqs:AddPermission", "sqs:ListQueues", "sqs:DeleteQueue", "sqs:GetQueueAttributes", "sqs:ListQueueTags", "sqs:CreateQueue", "sqs:SetQueueAttributes", "cloudwatch:PutMetricAlarm", "iam:GetInstanceProfile", "cloudwatch:DeleteAlarms", "cloudwatch:DescribeAlarms", "s3:GetObject", "cloudformation:CreateStack", "route53:ListHostedZones", "ec2:CreateSecurityGroup", "ec2:AuthorizeSecurityGroupIngress", "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:CreateFileSystem", "elasticfilesystem:CreateMountTarget", "elasticfilesystem:DescribeMountTargets", "elasticfilesystem:DescribeMountTargetSecurityGroups", "cloudformation:TagResource", "s3:CreateBucket", "s3:PutBucketVersioning", "s3:DeleteBucket", "lambda:CreateFunction", "lambda:DeleteFunction", "lambda:GetFunction", "lambda:GetFunctionConfiguration", "lambda:InvokeFunction" ], "malformed": false, "name": "AmazonLaunchWizardFullaccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": true, "updatedate": null, "version": "v5" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonRoute53ResolverFullAccess", "createdate": "2020-07-17T19:03:27Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "route53resolver:AssociateFirewallRuleGroup", "route53resolver:AssociateResolverEndpointIpAddress", "route53resolver:AssociateResolverQueryLogConfig", "route53resolver:AssociateResolverRule", "route53resolver:CreateFirewallDomainList", "route53resolver:CreateFirewallRule", "route53resolver:CreateFirewallRuleGroup", "route53resolver:CreateOutpostResolver", "route53resolver:CreateResolverEndpoint", "route53resolver:CreateResolverQueryLogConfig", "route53resolver:CreateResolverRule", "route53resolver:DeleteFirewallDomainList", "route53resolver:DeleteFirewallRule", "route53resolver:DeleteFirewallRuleGroup", "route53resolver:DeleteOutpostResolver", "route53resolver:DeleteResolverEndpoint", "route53resolver:DeleteResolverQueryLogConfig", "route53resolver:DeleteResolverRule", "route53resolver:DisassociateFirewallRuleGroup", "route53resolver:DisassociateResolverEndpointIpAddress", "route53resolver:DisassociateResolverQueryLogConfig", "route53resolver:DisassociateResolverRule", "route53resolver:GetFirewallConfig", "route53resolver:GetFirewallDomainList", "route53resolver:GetFirewallRuleGroup", "route53resolver:GetFirewallRuleGroupAssociation", "route53resolver:GetFirewallRuleGroupPolicy", "route53resolver:GetOutpostResolver", "route53resolver:GetResolverConfig", "route53resolver:GetResolverDnssecConfig", "route53resolver:GetResolverEndpoint", "route53resolver:GetResolverQueryLogConfig", "route53resolver:GetResolverQueryLogConfigAssociation", "route53resolver:GetResolverQueryLogConfigPolicy", "route53resolver:GetResolverRule", "route53resolver:GetResolverRuleAssociation", "route53resolver:GetResolverRulePolicy", "route53resolver:ImportFirewallDomains", "route53resolver:ListFirewallConfigs", "route53resolver:ListFirewallDomainLists", "route53resolver:ListFirewallDomains", "route53resolver:ListFirewallRuleGroupAssociations", "route53resolver:ListFirewallRuleGroups", "route53resolver:ListFirewallRules", "route53resolver:ListOutpostResolvers", "route53resolver:ListResolverConfigs", "route53resolver:ListResolverDnssecConfigs", "route53resolver:ListResolverEndpointIpAddresses", "route53resolver:ListResolverEndpoints", "route53resolver:ListResolverQueryLogConfigAssociations", "route53resolver:ListResolverQueryLogConfigs", "route53resolver:ListResolverRuleAssociations", "route53resolver:ListResolverRules", "route53resolver:ListTagsForResource", "route53resolver:PutFirewallRuleGroupPolicy", "route53resolver:PutResolverQueryLogConfigPolicy", "route53resolver:PutResolverRulePolicy", "route53resolver:TagResource", "route53resolver:UntagResource", "route53resolver:UpdateFirewallConfig", "route53resolver:UpdateFirewallDomains", "route53resolver:UpdateFirewallRule", "route53resolver:UpdateFirewallRuleGroupAssociation", "route53resolver:UpdateOutpostResolver", "route53resolver:UpdateResolverConfig", "route53resolver:UpdateResolverDnssecConfig", "route53resolver:UpdateResolverEndpoint", "route53resolver:UpdateResolverRule", "ec2:DescribeSubnets", "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:ModifyNetworkInterfaceAttribute", "ec2:DescribeNetworkInterfaces", "ec2:CreateNetworkInterfacePermission", "ec2:DescribeSecurityGroups", "ec2:DescribeVpcs", "ec2:DescribeAvailabilityZones" ], "malformed": false, "name": "AmazonRoute53ResolverFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-07-17T19:03:27+00:00", "version": "v2" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleWorkerTier", "createdate": "2020-06-05T21:43:37Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "sqs:TagQueue", "sqs:DeleteQueue", "sqs:GetQueueAttributes", "sqs:CreateQueue", "dynamodb:CreateTable", "dynamodb:TagResource", "dynamodb:DescribeTable", "dynamodb:DeleteTable" ], "malformed": false, "name": "AWSElasticBeanstalkRoleWorkerTier", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-06-05T21:43:37+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSMarketplacePurchaseOrdersServiceRolePolicy", "createdate": "2021-10-27T15:12:37Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "purchase-orders:ViewPurchaseOrders", "purchase-orders:ModifyPurchaseOrders" ], "malformed": false, "name": "AWSMarketplacePurchaseOrdersServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-10-27T15:12:37+00:00", "version": "v1" }, { "access_levels": [ "List", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSPanoramaApplianceRolePolicy", "createdate": "2020-12-01T13:13:18Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "logs:CreateLogStream", "logs:DescribeLogStreams", "logs:PutLogEvents", "logs:CreateLogGroup" ], "malformed": false, "name": "AWSPanoramaApplianceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-01T13:13:18+00:00", "version": "v1" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AlexaForBusinessNetworkProfileServicePolicy", "createdate": "2019-04-05T21:57:56Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "acm-pca:GetCertificate", "acm-pca:IssueCertificate", "acm-pca:RevokeCertificate", "secretsmanager:GetSecretValue" ], "malformed": false, "name": "AlexaForBusinessNetworkProfileServicePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-04-05T21:57:56+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/APIGatewayServiceRolePolicy", "createdate": "2021-07-12T22:24:40Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "elasticloadbalancing:AddListenerCertificates", "elasticloadbalancing:RemoveListenerCertificates", "elasticloadbalancing:ModifyListener", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancers", "xray:PutTraceSegments", "xray:PutTelemetryRecords", "xray:GetSamplingTargets", "xray:GetSamplingRules", "logs:CreateLogDelivery", "logs:GetLogDelivery", "logs:UpdateLogDelivery", "logs:DeleteLogDelivery", "logs:ListLogDeliveries", "servicediscovery:DiscoverInstances", "firehose:DescribeDeliveryStream", "firehose:PutRecord", "firehose:PutRecordBatch", "acm:DescribeCertificate", "acm:GetCertificate", "ec2:CreateNetworkInterfacePermission", "ec2:CreateTags", "ec2:ModifyNetworkInterfaceAttribute", "ec2:DeleteNetworkInterface", "ec2:AssignPrivateIpAddresses", "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterfacePermission", "ec2:DescribeNetworkInterfaces", "ec2:DescribeAvailabilityZones", "ec2:DescribeNetworkInterfaceAttribute", "ec2:DescribeVpcs", "ec2:DescribeNetworkInterfacePermissions", "ec2:UnassignPrivateIpAddresses", "ec2:DescribeSubnets", "ec2:DescribeRouteTables", "ec2:DescribeSecurityGroups", "servicediscovery:GetNamespace", "servicediscovery:GetService" ], "malformed": false, "name": "APIGatewayServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-07-12T22:24:40+00:00", "version": "v9" }, { "access_levels": [ "List", "Read", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonDevOpsGuruFullAccess", "createdate": "2022-08-25T18:23:41Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "devops-guru:AddNotificationChannel", "devops-guru:DeleteInsight", "devops-guru:DescribeAccountHealth", "devops-guru:DescribeAccountOverview", "devops-guru:DescribeAnomaly", "devops-guru:DescribeEventSourcesConfig", "devops-guru:DescribeFeedback", "devops-guru:DescribeInsight", "devops-guru:DescribeOrganizationHealth", "devops-guru:DescribeOrganizationOverview", "devops-guru:DescribeOrganizationResourceCollectionHealth", "devops-guru:DescribeResourceCollectionHealth", "devops-guru:DescribeServiceIntegration", "devops-guru:GetCostEstimation", "devops-guru:GetResourceCollection", "devops-guru:ListAnomaliesForInsight", "devops-guru:ListAnomalousLogGroups", "devops-guru:ListEvents", "devops-guru:ListInsights", "devops-guru:ListMonitoredResources", "devops-guru:ListNotificationChannels", "devops-guru:ListOrganizationInsights", "devops-guru:ListRecommendations", "devops-guru:PutFeedback", "devops-guru:RemoveNotificationChannel", "devops-guru:SearchInsights", "devops-guru:SearchOrganizationInsights", "devops-guru:StartCostEstimation", "devops-guru:UpdateEventSourcesConfig", "devops-guru:UpdateResourceCollection", "devops-guru:UpdateServiceIntegration", "cloudformation:DescribeStacks", "cloudformation:ListStacks", "cloudwatch:GetMetricData", "sns:ListTopics", "sns:CreateTopic", "sns:GetTopicAttributes", "sns:SetTopicAttributes", "sns:Publish", "iam:CreateServiceLinkedRole", "iam:DeleteServiceLinkedRole", "iam:GetServiceLinkedRoleDeletionStatus", "rds:DescribeDBInstances", "logs:FilterLogEvents" ], "malformed": false, "name": "AmazonDevOpsGuruFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-08-25T18:23:41+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSRoboMakerReadOnlyAccess", "createdate": "2020-08-28T23:10:18Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "robomaker:ListDeploymentJobs", "robomaker:ListFleets", "robomaker:ListRobotApplications", "robomaker:ListRobots", "robomaker:ListSimulationApplications", "robomaker:ListSimulationJobBatches", "robomaker:ListSimulationJobs", "robomaker:ListSupportedAvailabilityZones", "robomaker:ListTagsForResource", "robomaker:ListWorldExportJobs", "robomaker:ListWorldGenerationJobs", "robomaker:ListWorldTemplates", "robomaker:ListWorlds", "robomaker:BatchDescribeSimulationJob", "robomaker:DescribeDeploymentJob", "robomaker:DescribeFleet", "robomaker:DescribeRobot", "robomaker:DescribeRobotApplication", "robomaker:DescribeSimulationApplication", "robomaker:DescribeSimulationJob", "robomaker:DescribeSimulationJobBatch", "robomaker:DescribeWorld", "robomaker:DescribeWorldExportJob", "robomaker:DescribeWorldGenerationJob", "robomaker:DescribeWorldTemplate", "robomaker:GetWorldTemplateBody" ], "malformed": false, "name": "AWSRoboMakerReadOnlyAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-08-28T23:10:18+00:00", "version": "v2" }, { "access_levels": [ "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/service-role/AWSCodeDeployRoleForLambdaLimited", "createdate": "2020-08-17T17:14:14Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudwatch:DescribeAlarms", "lambda:UpdateAlias", "lambda:GetAlias", "lambda:GetProvisionedConcurrencyConfig", "s3:GetObject", "s3:GetObjectVersion", "s3:GetObject", "s3:GetObjectVersion", "lambda:InvokeFunction" ], "malformed": false, "name": "AWSCodeDeployRoleForLambdaLimited", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-08-17T17:14:14+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSTransferConsoleFullAccess", "createdate": "2020-12-14T19:33:25Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "iam:PassRole", "acm:ListCertificates", "ec2:DescribeAddresses", "ec2:DescribeAvailabilityZones", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeVpcEndpoints", "health:DescribeEventAggregates", "iam:GetPolicyVersion", "iam:ListPolicies", "iam:ListRoles", "route53:ListHostedZones", "s3:ListAllMyBuckets", "transfer:CreateAccess", "transfer:CreateAgreement", "transfer:CreateConnector", "transfer:CreateProfile", "transfer:CreateServer", "transfer:CreateUser", "transfer:CreateWorkflow", "transfer:DeleteAccess", "transfer:DeleteAgreement", "transfer:DeleteCertificate", "transfer:DeleteConnector", "transfer:DeleteHostKey", "transfer:DeleteProfile", "transfer:DeleteServer", "transfer:DeleteSshPublicKey", "transfer:DeleteUser", "transfer:DeleteWorkflow", "transfer:DescribeAccess", "transfer:DescribeAgreement", "transfer:DescribeCertificate", "transfer:DescribeConnector", "transfer:DescribeExecution", "transfer:DescribeHostKey", "transfer:DescribeProfile", "transfer:DescribeSecurityPolicy", "transfer:DescribeServer", "transfer:DescribeUser", "transfer:DescribeWorkflow", "transfer:ImportCertificate", "transfer:ImportHostKey", "transfer:ImportSshPublicKey", "transfer:ListAccesses", "transfer:ListAgreements", "transfer:ListCertificates", "transfer:ListConnectors", "transfer:ListExecutions", "transfer:ListHostKeys", "transfer:ListProfiles", "transfer:ListSecurityPolicies", "transfer:ListServers", "transfer:ListTagsForResource", "transfer:ListUsers", "transfer:ListWorkflows", "transfer:SendWorkflowStepState", "transfer:StartFileTransfer", "transfer:StartServer", "transfer:StopServer", "transfer:TagResource", "transfer:TestConnection", "transfer:TestIdentityProvider", "transfer:UntagResource", "transfer:UpdateAccess", "transfer:UpdateAgreement", "transfer:UpdateCertificate", "transfer:UpdateConnector", "transfer:UpdateHostKey", "transfer:UpdateProfile", "transfer:UpdateServer", "transfer:UpdateUser" ], "malformed": false, "name": "AWSTransferConsoleFullAccess", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-14T19:33:25+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AWSManagedServices_DetectiveControlsConfig_ServiceRolePolicy", "createdate": "2022-12-19T23:11:17Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudformation:UpdateTerminationProtection", "cloudformation:CreateStack", "cloudformation:DeleteStack", "cloudformation:DescribeStackResources", "cloudformation:CreateChangeSet", "cloudformation:DescribeChangeSet", "cloudformation:ExecuteChangeSet", "cloudformation:GetTemplateSummary", "cloudformation:DescribeStacks", "config:DescribeAggregationAuthorizations", "config:PutAggregationAuthorization", "config:TagResource", "config:PutConfigRule", "s3:GetBucketPolicy", "s3:CreateBucket", "s3:DeleteBucket", "s3:DeleteBucketPolicy", "s3:DeleteObject", "s3:ListBucket", "s3:ListBucketVersions", "s3:GetBucketAcl", "s3:PutObject", "s3:PutBucketAcl", "s3:PutBucketLogging", "s3:PutBucketObjectLockConfiguration", "s3:PutBucketPolicy", "s3:PutBucketPublicAccessBlock", "s3:PutBucketTagging", "s3:PutBucketVersioning", "s3:PutEncryptionConfiguration" ], "malformed": false, "name": "AWSManagedServices_DetectiveControlsConfig_ServiceRolePolicy", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2022-12-19T23:11:17+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSElementalMediaPackageV2FullAccess", "createdate": "2023-07-25T20:29:37Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "mediapackagev2:CreateChannel", "mediapackagev2:CreateChannelGroup", "mediapackagev2:CreateOriginEndpoint", "mediapackagev2:DeleteChannel", "mediapackagev2:DeleteChannelGroup", "mediapackagev2:DeleteChannelPolicy", "mediapackagev2:DeleteOriginEndpoint", "mediapackagev2:DeleteOriginEndpointPolicy", "mediapackagev2:GetChannel", "mediapackagev2:GetChannelGroup", "mediapackagev2:GetChannelPolicy", "mediapackagev2:GetHeadObject", "mediapackagev2:GetObject", "mediapackagev2:GetOriginEndpoint", "mediapackagev2:GetOriginEndpointPolicy", "mediapackagev2:ListChannelGroups", "mediapackagev2:ListChannels", "mediapackagev2:ListOriginEndpoints", "mediapackagev2:ListTagsForResource", "mediapackagev2:PutChannelPolicy", "mediapackagev2:PutObject", "mediapackagev2:PutOriginEndpointPolicy", "mediapackagev2:TagResource", "mediapackagev2:UntagResource", "mediapackagev2:UpdateChannel", "mediapackagev2:UpdateChannelGroup", "mediapackagev2:UpdateOriginEndpoint" ], "malformed": false, "name": "AWSElementalMediaPackageV2FullAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2023-07-25T20:29:37+00:00", "version": "v1" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AmazonChimeReadOnly", "createdate": "2020-12-14T20:53:57Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "chime:ListAccountUsageReportData", "chime:ListAccounts", "chime:ListApiKeys", "chime:ListAppInstanceAdmins", "chime:ListAppInstanceBots", "chime:ListAppInstanceUserEndpoints", "chime:ListAppInstanceUsers", "chime:ListAppInstances", "chime:ListAttendeeTags", "chime:ListAttendees", "chime:ListAvailableVoiceConnectorRegions", "chime:ListBots", "chime:ListCDRBucket", "chime:ListCallingRegions", "chime:ListChannelBans", "chime:ListChannelFlows", "chime:ListChannelMemberships", "chime:ListChannelMembershipsForAppInstanceUser", "chime:ListChannelMessages", "chime:ListChannelModerators", "chime:ListChannels", "chime:ListChannelsAssociatedWithChannelFlow", "chime:ListChannelsModeratedByAppInstanceUser", "chime:ListDelegates", "chime:ListDirectories", "chime:ListDomains", "chime:ListGroups", "chime:ListMediaCapturePipelines", "chime:ListMediaInsightsPipelineConfigurations", "chime:ListMediaPipelineKinesisVideoStreamPools", "chime:ListMediaPipelines", "chime:ListMeetingEvents", "chime:ListMeetingTags", "chime:ListMeetings", "chime:ListMeetingsReportData", "chime:ListPhoneNumberOrders", "chime:ListPhoneNumbers", "chime:ListProxySessions", "chime:ListRoomMemberships", "chime:ListRooms", "chime:ListSipMediaApplications", "chime:ListSipRules", "chime:ListSubChannels", "chime:ListSupportedPhoneNumberCountries", "chime:ListTagsForResource", "chime:ListUsers", "chime:ListVoiceConnectorGroups", "chime:ListVoiceConnectorTerminationCredentials", "chime:ListVoiceConnectors", "chime:ListVoiceProfileDomains", "chime:ListVoiceProfiles", "chime:GetAccount", "chime:GetAccountResource", "chime:GetAccountSettings", "chime:GetAccountWithOpenIdConfig", "chime:GetAppInstanceRetentionSettings", "chime:GetAppInstanceStreamingConfigurations", "chime:GetAttendee", "chime:GetBot", "chime:GetCDRBucket", "chime:GetChannelMembershipPreferences", "chime:GetChannelMessage", "chime:GetChannelMessageStatus", "chime:GetDomain", "chime:GetEventsConfiguration", "chime:GetGlobalSettings", "chime:GetMediaCapturePipeline", "chime:GetMediaInsightsPipelineConfiguration", "chime:GetMediaPipeline", "chime:GetMediaPipelineKinesisVideoStreamPool", "chime:GetMeeting", "chime:GetMeetingDetail", "chime:GetMessagingSessionEndpoint", "chime:GetMessagingStreamingConfigurations", "chime:GetPhoneNumber", "chime:GetPhoneNumberOrder", "chime:GetPhoneNumberSettings", "chime:GetProxySession", "chime:GetRetentionSettings", "chime:GetRoom", "chime:GetSipMediaApplication", "chime:GetSipMediaApplicationAlexaSkillConfiguration", "chime:GetSipMediaApplicationLoggingConfiguration", "chime:GetSipRule", "chime:GetSpeakerSearchTask", "chime:GetTelephonyLimits", "chime:GetUser", "chime:GetUserActivityReportData", "chime:GetUserByEmail", "chime:GetUserSettings", "chime:GetVoiceConnector", "chime:GetVoiceConnectorEmergencyCallingConfiguration", "chime:GetVoiceConnectorGroup", "chime:GetVoiceConnectorLoggingConfiguration", "chime:GetVoiceConnectorOrigination", "chime:GetVoiceConnectorProxy", "chime:GetVoiceConnectorStreamingConfiguration", "chime:GetVoiceConnectorTermination", "chime:GetVoiceConnectorTerminationHealth", "chime:GetVoiceProfile", "chime:GetVoiceProfileDomain", "chime:GetVoiceToneAnalysisTask", "chime:DescribeAppInstance", "chime:DescribeAppInstanceAdmin", "chime:DescribeAppInstanceBot", "chime:DescribeAppInstanceUser", "chime:DescribeAppInstanceUserEndpoint", "chime:DescribeChannel", "chime:DescribeChannelBan", "chime:DescribeChannelFlow", "chime:DescribeChannelMembership", "chime:DescribeChannelMembershipForAppInstanceUser", "chime:DescribeChannelModeratedByAppInstanceUser", "chime:DescribeChannelModerator", "chime:SearchAvailablePhoneNumbers" ], "malformed": false, "name": "AmazonChimeReadOnly", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-12-14T20:53:57+00:00", "version": "v10" }, { "access_levels": [ "List" ], "arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonLexChannelsAccess", "createdate": "2021-01-13T20:12:46Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "lex:ListBots" ], "malformed": false, "name": "AmazonLexChannelsAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-01-13T20:12:46+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAAuditor", "createdate": "2020-08-17T22:54:12Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "acm-pca:CreateCertificateAuthorityAuditReport", "acm-pca:DescribeCertificateAuthority", "acm-pca:DescribeCertificateAuthorityAuditReport", "acm-pca:GetCertificateAuthorityCsr", "acm-pca:GetCertificateAuthorityCertificate", "acm-pca:GetCertificate", "acm-pca:GetPolicy", "acm-pca:ListPermissions", "acm-pca:ListTags", "acm-pca:ListCertificateAuthorities" ], "malformed": false, "name": "AWSCertificateManagerPrivateCAAuditor", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-08-17T22:54:12+00:00", "version": "v4" }, { "access_levels": [ "Read", "Tagging", "Write" ], "arn": "arn:aws:iam::aws:policy/AWSDeepRacerAccountAdminAccess", "createdate": "2021-10-28T01:27:13Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "deepracer:AddLeaderboardAccessPermission", "deepracer:AdminGetAccountConfig", "deepracer:AdminListAssociatedResources", "deepracer:AdminListAssociatedUsers", "deepracer:AdminManageUser", "deepracer:AdminSetAccountConfig", "deepracer:CloneReinforcementLearningModel", "deepracer:CreateCar", "deepracer:CreateLeaderboard", "deepracer:CreateLeaderboardAccessToken", "deepracer:CreateLeaderboardSubmission", "deepracer:CreateReinforcementLearningModel", "deepracer:DeleteLeaderboard", "deepracer:DeleteModel", "deepracer:EditLeaderboard", "deepracer:GetAccountConfig", "deepracer:GetAlias", "deepracer:GetAssetUrl", "deepracer:GetCar", "deepracer:GetCars", "deepracer:GetEvaluation", "deepracer:GetLatestUserSubmission", "deepracer:GetLeaderboard", "deepracer:GetModel", "deepracer:GetPrivateLeaderboard", "deepracer:GetRankedUserSubmission", "deepracer:GetTrack", "deepracer:GetTrainingJob", "deepracer:ImportModel", "deepracer:ListEvaluations", "deepracer:ListLeaderboardEvaluations", "deepracer:ListLeaderboardSubmissions", "deepracer:ListLeaderboards", "deepracer:ListModels", "deepracer:ListPrivateLeaderboardParticipants", "deepracer:ListPrivateLeaderboards", "deepracer:ListSubscribedPrivateLeaderboards", "deepracer:ListTagsForResource", "deepracer:ListTracks", "deepracer:ListTrainingJobs", "deepracer:MigrateModels", "deepracer:PerformLeaderboardOperation", "deepracer:RemoveLeaderboardAccessPermission", "deepracer:SetAlias", "deepracer:StartEvaluation", "deepracer:StopEvaluation", "deepracer:StopTrainingReinforcementLearningModel", "deepracer:TagResource", "deepracer:TestRewardFunction", "deepracer:UntagResource", "deepracer:UpdateCar" ], "malformed": false, "name": "AWSDeepRacerAccountAdminAccess", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2021-10-28T01:27:13+00:00", "version": "v1" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/AmazonRDSDataFullAccess", "createdate": "2019-11-20T21:58:46Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "secretsmanager:GetSecretValue", "secretsmanager:PutResourcePolicy", "secretsmanager:PutSecretValue", "secretsmanager:DeleteSecret", "secretsmanager:DescribeSecret", "secretsmanager:TagResource", "dbqms:CreateFavoriteQuery", "dbqms:DescribeFavoriteQueries", "dbqms:UpdateFavoriteQuery", "dbqms:DeleteFavoriteQueries", "dbqms:GetQueryString", "dbqms:CreateQueryHistory", "dbqms:DescribeQueryHistory", "dbqms:UpdateQueryHistory", "dbqms:DeleteQueryHistory", "rds-data:ExecuteSql", "rds-data:ExecuteStatement", "rds-data:BatchExecuteStatement", "rds-data:BeginTransaction", "rds-data:CommitTransaction", "rds-data:RollbackTransaction", "secretsmanager:CreateSecret", "secretsmanager:ListSecrets", "secretsmanager:GetRandomPassword", "tag:GetResources" ], "malformed": false, "name": "AmazonRDSDataFullAccess", "privesc": false, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2019-11-20T21:58:46+00:00", "version": "v3" }, { "access_levels": [ "List", "Read" ], "arn": "arn:aws:iam::aws:policy/AWSIncidentManagerIncidentAccessServiceRolePolicy", "createdate": "2024-02-20T23:02:11Z", "credentials_exposure": false, "data_access": false, "deprecated": false, "effective_action_names": [ "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackResources", "codedeploy:BatchGetDeployments", "codedeploy:ListDeployments", "codedeploy:ListDeploymentTargets", "autoscaling:DescribeAutoScalingInstances" ], "malformed": false, "name": "AWSIncidentManagerIncidentAccessServiceRolePolicy", "privesc": false, "resource_exposure": false, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2024-02-20T23:02:11+00:00", "version": "v2" }, { "access_levels": [ "List", "Read", "Tagging", "Write", "Permissions management" ], "arn": "arn:aws:iam::aws:policy/service-role/ServerMigration_ServiceRole", "createdate": "2020-10-15T17:26:32Z", "credentials_exposure": false, "data_access": true, "deprecated": false, "effective_action_names": [ "cloudformation:CreateChangeSet", "cloudformation:CreateStack", "cloudformation:DeleteStack", "cloudformation:ExecuteChangeSet", "cloudformation:DeleteChangeSet", "cloudformation:DescribeChangeSet", "cloudformation:DescribeStacks", "cloudformation:DescribeStackEvents", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResources", "cloudformation:GetTemplate", "cloudformation:ValidateTemplate", "s3:ListAllMyBuckets", "s3:CreateBucket", "s3:DeleteBucket", "s3:DeleteObject", "s3:GetBucketAcl", "s3:GetBucketLocation", "s3:GetObject", "s3:ListBucket", "s3:PutObject", "s3:PutObjectAcl", "s3:PutLifecycleConfiguration", "sms:CreateReplicationJob", "sms:DeleteReplicationJob", "sms:GetReplicationJobs", "sms:GetReplicationRuns", "sms:GetServers", "sms:ImportServerCatalog", "sms:StartOnDemandReplicationRun", "sms:UpdateReplicationJob", "ssm:SendCommand", "ssm:SendCommand", "ssm:CancelCommand", "ssm:GetCommandInvocation", "ec2:CreateTags", "ec2:CopySnapshot", "ec2:ModifySnapshotAttribute", "ec2:DeleteSnapshot", "ec2:CopyImage", "ec2:DescribeImages", "ec2:DescribeInstances", "ec2:DescribeSnapshots", "ec2:DescribeSnapshotAttribute", "ec2:DeregisterImage", "ec2:ImportImage", "ec2:DescribeImportImageTasks", "ec2:GetEbsEncryptionByDefault", "iam:GetRole", "iam:GetInstanceProfile", "ec2:DisassociateIamInstanceProfile", "ec2:AssociateIamInstanceProfile", "ec2:ReplaceIamInstanceProfileAssociation", "iam:PassRole", "iam:PassRole" ], "malformed": false, "name": "ServerMigration_ServiceRole", "privesc": true, "resource_exposure": true, "undocumented_actions": false, "unknown_actions": false, "updatedate": "2020-10-15T17:26:32+00:00", "version": "v2" } ] }