-
Notifications
You must be signed in to change notification settings - Fork 23
/
Copy pathiam.yml
179 lines (178 loc) · 6.08 KB
/
iam.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
Actions:
- Name: iam:AddClientIDToOpenIDConnectProvider
- Name: iam:AddRoleToInstanceProfile
- Name: iam:AddUserToGroup
- Name: iam:AttachGroupPolicy
- Name: iam:AttachRolePolicy
- Name: iam:AttachUserPolicy
- Name: iam:ChangePassword
- Name: iam:CreateAccessKey
- Name: iam:CreateAccountAlias
- Name: iam:CreateGroup
- Name: iam:CreateInstanceProfile
- Name: iam:CreateLoginProfile
- Name: iam:CreateOpenIDConnectProvider
- Name: iam:CreatePolicy
- Name: iam:CreatePolicyVersion
- Name: iam:CreateRole
- Name: iam:CreateSAMLProvider
- Name: iam:CreateServiceLinkedRole
- Name: iam:CreateServiceSpecificCredential
- Name: iam:CreateUser
- Name: iam:CreateVirtualMFADevice
- Name: iam:DeactivateMFADevice
- Name: iam:DeleteAccessKey
- Name: iam:DeleteAccountAlias
- Name: iam:DeleteAccountPasswordPolicy
- Name: iam:DeleteGroup
- Name: iam:DeleteGroupPolicy
- Name: iam:DeleteInstanceProfile
- Name: iam:DeleteLoginProfile
- Name: iam:DeleteOpenIDConnectProvider
- Name: iam:DeletePolicy
- Name: iam:DeletePolicyVersion
- Name: iam:DeleteRole
- Name: iam:DeleteRolePermissionsBoundary
- Name: iam:DeleteRolePolicy
- Name: iam:DeleteSAMLProvider
- Name: iam:DeleteSSHPublicKey
- Name: iam:DeleteServerCertificate
- Name: iam:DeleteServiceLinkedRole
- Name: iam:DeleteServiceSpecificCredential
- Name: iam:DeleteSigningCertificate
- Name: iam:DeleteUser
- Name: iam:DeleteUserPermissionsBoundary
- Name: iam:DeleteUserPolicy
- Name: iam:DeleteVirtualMFADevice
- Name: iam:DetachGroupPolicy
- Name: iam:DetachRolePolicy
- Name: iam:DetachUserPolicy
- Name: iam:EnableMFADevice
- Name: iam:GenerateCredentialReport
- Name: iam:GenerateOrganizationsAccessReport
- Name: iam:GenerateServiceLastAccessedDetails
- Name: iam:GetAccessKeyLastUsed
- Name: iam:GetAccountAuthorizationDetails
- Name: iam:GetAccountPasswordPolicy
- Name: iam:GetAccountSummary
- Name: iam:GetContextKeysForCustomPolicy
- Name: iam:GetContextKeysForPrincipalPolicy
- Name: iam:GetCredentialReport
- Name: iam:GetGroup
- Name: iam:GetGroupPolicy
- Name: iam:GetInstanceProfile
- Name: iam:GetLoginProfile
- Name: iam:GetMFADevice
- Name: iam:GetOpenIDConnectProvider
- Name: iam:GetOrganizationsAccessReport
- Name: iam:GetPolicy
- Name: iam:GetPolicyVersion
- Name: iam:GetRole
- Name: iam:GetRolePolicy
- Name: iam:GetSAMLProvider
- Name: iam:GetSSHPublicKey
- Name: iam:GetServerCertificate
- Name: iam:GetServiceLastAccessedDetails
- Name: iam:GetServiceLastAccessedDetailsWithEntities
- Name: iam:GetServiceLinkedRoleDeletionStatus
- Name: iam:GetUser
- Name: iam:GetUserPolicy
- Name: iam:ListAccessKeys
- Name: iam:ListAccountAliases
- Name: iam:ListAttachedGroupPolicies
- Name: iam:ListAttachedRolePolicies
- Name: iam:ListAttachedUserPolicies
- Name: iam:ListEntitiesForPolicy
- Name: iam:ListGroupPolicies
- Name: iam:ListGroups
- Name: iam:ListGroupsForUser
- Name: iam:ListInstanceProfileTags
- Name: iam:ListInstanceProfiles
- Name: iam:ListInstanceProfilesForRole
- Name: iam:ListMFADeviceTags
- Name: iam:ListMFADevices
- Name: iam:ListOpenIDConnectProviderTags
- Name: iam:ListOpenIDConnectProviders
- Name: iam:ListPolicies
- Name: iam:ListPoliciesGrantingServiceAccess
- Name: iam:ListPolicyTags
- Name: iam:ListPolicyVersions
- Name: iam:ListRolePolicies
- Name: iam:ListRoleTags
- Name: iam:ListRoles
- Name: iam:ListSAMLProviderTags
- Name: iam:ListSAMLProviders
- Name: iam:ListSSHPublicKeys
- Name: iam:ListServerCertificateTags
- Name: iam:ListServerCertificates
- Name: iam:ListServiceSpecificCredentials
- Name: iam:ListSigningCertificates
- Name: iam:ListUserPolicies
- Name: iam:ListUserTags
- Name: iam:ListUsers
- Name: iam:ListVirtualMFADevices
- Name: iam:PutGroupPolicy
- Name: iam:PutRolePermissionsBoundary
- Name: iam:PutRolePolicy
- Name: iam:PutUserPermissionsBoundary
- Name: iam:PutUserPolicy
- Name: iam:RemoveClientIDFromOpenIDConnectProvider
- Name: iam:RemoveRoleFromInstanceProfile
- Name: iam:RemoveUserFromGroup
- Name: iam:ResetServiceSpecificCredential
- Name: iam:ResyncMFADevice
- Name: iam:SetDefaultPolicyVersion
- Name: iam:SetSecurityTokenServicePreferences
- Name: iam:SimulateCustomPolicy
- Name: iam:SimulatePrincipalPolicy
- Name: iam:TagInstanceProfile
- Name: iam:TagMFADevice
- Name: iam:TagOpenIDConnectProvider
- Name: iam:TagPolicy
- Name: iam:TagRole
- Name: iam:TagSAMLProvider
- Name: iam:TagServerCertificate
- Name: iam:TagUser
- Name: iam:UntagInstanceProfile
- Name: iam:UntagMFADevice
- Name: iam:UntagOpenIDConnectProvider
- Name: iam:UntagPolicy
- Name: iam:UntagRole
- Name: iam:UntagSAMLProvider
- Name: iam:UntagServerCertificate
- Name: iam:UntagUser
- Name: iam:UpdateAccessKey
- Name: iam:UpdateAccountPasswordPolicy
- Name: iam:UpdateAssumeRolePolicy
- Name: iam:UpdateGroup
- Name: iam:UpdateLoginProfile
- Name: iam:UpdateOpenIDConnectProviderThumbprint
- Name: iam:UpdateRole
- Name: iam:UpdateRoleDescription
- Name: iam:UpdateSAMLProvider
- Name: iam:UpdateSSHPublicKey
- Name: iam:UpdateServerCertificate
- Name: iam:UpdateServiceSpecificCredential
- Name: iam:UpdateSigningCertificate
- Name: iam:UpdateUser
- Name: iam:UploadSSHPublicKey
- Name: iam:UploadServerCertificate
- Name: iam:UploadSigningCertificate
# actions with no corresponding API
- Name: iam:DeleteCloudFrontPublicKey
- Name: iam:DisableOrganizationsRootCredentialsManagement
- Name: iam:DisableOrganizationsRootSessions
- Name: iam:EnableOrganizationsRootCredentialsManagement
- Name: iam:EnableOrganizationsRootSessions
- Name: iam:GetAccountEmailAddress
- Name: iam:GetAccountName
- Name: iam:GetCloudFrontPublicKey
- Name: iam:ListCloudFrontPublicKeys
- Name: iam:ListOrganizationsFeatures
- Name: iam:ListSTSRegionalEndpointsStatus
- Name: iam:PassRole
- Name: iam:SetSTSRegionalEndpointStatus
- Name: iam:UpdateAccountEmailAddress
- Name: iam:UpdateAccountName
- Name: iam:UpdateCloudFrontPublicKey
- Name: iam:UploadCloudFrontPublicKey