-
Notifications
You must be signed in to change notification settings - Fork 23
/
s3.yml
228 lines (226 loc) · 8.17 KB
/
s3.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
Actions:
- Name: s3:AbortMultipartUpload
- Name: s3:AssociateAccessGrantsIdentityCenter
- Name: s3:CreateAccessGrant
- Name: s3:CreateAccessGrantsInstance
- Name: s3:CreateAccessGrantsLocation
- Name: s3:CreateAccessPoint
- Name: s3:CreateAccessPointForObjectLambda
- Name: s3:CreateBucket
- Name: s3:CreateJob
- Name: s3:CreateMultiRegionAccessPoint
- Name: s3:CreateStorageLensGroup
- Name: s3:DeleteAccessGrant
- Name: s3:DeleteAccessGrantsInstance
- Name: s3:DeleteAccessGrantsInstanceResourcePolicy
- Name: s3:DeleteAccessGrantsLocation
- Name: s3:DeleteAccessPoint
- Name: s3:DeleteAccessPointForObjectLambda
- Name: s3:DeleteAccessPointPolicy
- Name: s3:DeleteAccessPointPolicyForObjectLambda
- Name: s3:DeleteBucket
- Name: s3:DeleteBucketPolicy
- Name: s3:DeleteBucketWebsite
- Name: s3:DeleteJobTagging
- Name: s3:DeleteMultiRegionAccessPoint
- Name: s3:DeleteObject
- Name: s3:DeleteObjectTagging
- Name: s3:DeleteStorageLensConfiguration
- Name: s3:DeleteStorageLensConfigurationTagging
- Name: s3:DeleteStorageLensGroup
- Name: s3:DescribeJob
- Name: s3:DescribeMultiRegionAccessPointOperation
- Name: s3:DissociateAccessGrantsIdentityCenter
- Name: s3:GetAccessGrant
- Name: s3:GetAccessGrantsInstance
- Name: s3:GetAccessGrantsInstanceForPrefix
- Name: s3:GetAccessGrantsInstanceResourcePolicy
- Name: s3:GetAccessGrantsLocation
- Name: s3:GetAccessPoint
- Name: s3:GetAccessPointConfigurationForObjectLambda
- Name: s3:GetAccessPointForObjectLambda
- Name: s3:GetAccessPointPolicy
- Name: s3:GetAccessPointPolicyForObjectLambda
- Name: s3:GetAccessPointPolicyStatus
- Name: s3:GetAccessPointPolicyStatusForObjectLambda
- Name: s3:GetBucketAcl
- Name: s3:GetBucketCORS
- Name: s3:GetBucketLocation
- Name: s3:GetBucketLogging
- Name: s3:GetBucketNotification
- Name: s3:GetBucketOwnershipControls
- Name: s3:GetBucketPolicy
- Name: s3:GetBucketPolicyStatus
- Name: s3:GetBucketRequestPayment
- Name: s3:GetBucketTagging
- Name: s3:GetBucketVersioning
- Name: s3:GetBucketWebsite
- Name: s3:GetDataAccess
- Name: s3:GetJobTagging
- Name: s3:GetMultiRegionAccessPoint
- Name: s3:GetMultiRegionAccessPointPolicy
- Name: s3:GetMultiRegionAccessPointPolicyStatus
- Name: s3:GetMultiRegionAccessPointRoutes
- Name: s3:GetObject
- Name: s3:GetObjectAcl
- Name: s3:GetObjectAttributes
- Name: s3:GetObjectLegalHold
- Name: s3:GetObjectRetention
- Name: s3:GetObjectTagging
- Name: s3:GetObjectTorrent
- Name: s3:GetStorageLensConfiguration
- Name: s3:GetStorageLensConfigurationTagging
- Name: s3:GetStorageLensGroup
- Name: s3:ListAccessGrants
- Name: s3:ListAccessGrantsInstances
- Name: s3:ListAccessGrantsLocations
- Name: s3:ListAccessPoints
- Name: s3:ListAccessPointsForObjectLambda
- Name: s3:ListJobs
- Name: s3:ListMultiRegionAccessPoints
- Name: s3:ListStorageLensConfigurations
- Name: s3:ListStorageLensGroups
- Name: s3:ListTagsForResource
- Name: s3:PutAccessGrantsInstanceResourcePolicy
- Name: s3:PutAccessPointConfigurationForObjectLambda
- Name: s3:PutAccessPointPolicy
- Name: s3:PutAccessPointPolicyForObjectLambda
- Name: s3:PutBucketAcl
- Name: s3:PutBucketCORS
- Name: s3:PutBucketLogging
- Name: s3:PutBucketNotification
- Name: s3:PutBucketOwnershipControls
- Name: s3:PutBucketPolicy
- Name: s3:PutBucketRequestPayment
- Name: s3:PutBucketTagging
- Name: s3:PutBucketVersioning
- Name: s3:PutBucketWebsite
- Name: s3:PutJobTagging
- Name: s3:PutMultiRegionAccessPointPolicy
- Name: s3:PutObject
- Name: s3:PutObjectAcl
- Name: s3:PutObjectLegalHold
- Name: s3:PutObjectRetention
- Name: s3:PutObjectTagging
- Name: s3:PutStorageLensConfiguration
- Name: s3:PutStorageLensConfigurationTagging
- Name: s3:RestoreObject
- Name: s3:SubmitMultiRegionAccessPointRoutes
- Name: s3:TagResource
- Name: s3:UntagResource
- Name: s3:UpdateAccessGrantsLocation
- Name: s3:UpdateJobPriority
- Name: s3:UpdateJobStatus
- Name: s3:UpdateStorageLensGroup
# actions with no corresponding API
- Name: s3:BypassGovernanceRetention
- Name: s3:CreateBucketMetadataTableConfiguration
- Name: s3:DeleteBucketMetadataTableConfiguration
- Name: s3:DeleteObjectVersion
- Name: s3:DeleteObjectVersionTagging
- Name: s3:GetAccelerateConfiguration
- Name: s3:GetAccountPublicAccessBlock
- Name: s3:GetAnalyticsConfiguration
- Name: s3:GetBucketMetadataTableConfiguration
- Name: s3:GetBucketObjectLockConfiguration
- Name: s3:GetBucketPublicAccessBlock
- Name: s3:GetEncryptionConfiguration
- Name: s3:GetIntelligentTieringConfiguration
- Name: s3:GetInventoryConfiguration
- Name: s3:GetLifecycleConfiguration
- Name: s3:GetMetricsConfiguration
- Name: s3:GetObjectVersion
- Name: s3:GetObjectVersionAcl
- Name: s3:GetObjectVersionAttributes
- Name: s3:GetObjectVersionForReplication
- Name: s3:GetObjectVersionTagging
- Name: s3:GetObjectVersionTorrent
- Name: s3:GetReplicationConfiguration
- Name: s3:GetStorageLensDashboard
- Name: s3:InitiateReplication
- Name: s3:ListAllMyBuckets
- Name: s3:ListBucket
- Name: s3:ListBucketMultipartUploads
- Name: s3:ListBucketVersions
- Name: s3:ListCallerAccessGrants
- Name: s3:ListMultipartUploadParts
- Name: s3:ObjectOwnerOverrideToBucketOwner
- Name: s3:PauseReplication
- Name: s3:PutAccelerateConfiguration
- Name: s3:PutAccessPointPublicAccessBlock
- Name: s3:PutAccountPublicAccessBlock
- Name: s3:PutAnalyticsConfiguration
- Name: s3:PutBucketObjectLockConfiguration
- Name: s3:PutBucketPublicAccessBlock
- Name: s3:PutEncryptionConfiguration
- Name: s3:PutIntelligentTieringConfiguration
- Name: s3:PutInventoryConfiguration
- Name: s3:PutLifecycleConfiguration
- Name: s3:PutMetricsConfiguration
- Name: s3:PutObjectVersionAcl
- Name: s3:PutObjectVersionTagging
- Name: s3:PutReplicationConfiguration
- Name: s3:ReplicateDelete
- Name: s3:ReplicateObject
- Name: s3:ReplicateTags
# APIs without an IAM action
- Name: s3:CompleteMultipartUpload
- Name: s3:CopyObject
- Name: s3:CreateMultipartUpload
- Name: s3:CreateSession
- Name: s3:DeleteBucketAnalyticsConfiguration
- Name: s3:DeleteBucketCors
- Name: s3:DeleteBucketEncryption
- Name: s3:DeleteBucketIntelligentTieringConfiguration
- Name: s3:DeleteBucketInventoryConfiguration
- Name: s3:DeleteBucketLifecycle
- Name: s3:DeleteBucketLifecycleConfiguration
- Name: s3:DeleteBucketMetricsConfiguration
- Name: s3:DeleteBucketOwnershipControls
- Name: s3:DeleteBucketReplication
- Name: s3:DeleteBucketTagging
- Name: s3:DeleteObjects
- Name: s3:DeletePublicAccessBlock
- Name: s3:GetBucket
- Name: s3:GetBucketAccelerateConfiguration
- Name: s3:GetBucketAnalyticsConfiguration
- Name: s3:GetBucketEncryption
- Name: s3:GetBucketIntelligentTieringConfiguration
- Name: s3:GetBucketInventoryConfiguration
- Name: s3:GetBucketLifecycle
- Name: s3:GetBucketLifecycleConfiguration
- Name: s3:GetBucketMetricsConfiguration
- Name: s3:GetBucketNotificationConfiguration
- Name: s3:GetBucketReplication
- Name: s3:GetObjectLockConfiguration
- Name: s3:GetPublicAccessBlock
- Name: s3:HeadBucket
- Name: s3:HeadObject
- Name: s3:ListBucketAnalyticsConfigurations
- Name: s3:ListBucketIntelligentTieringConfigurations
- Name: s3:ListBucketInventoryConfigurations
- Name: s3:ListBucketMetricsConfigurations
- Name: s3:ListBuckets
- Name: s3:ListDirectoryBuckets
- Name: s3:ListMultipartUploads
- Name: s3:ListObjectVersions
- Name: s3:ListObjects
- Name: s3:ListObjectsV2
- Name: s3:ListParts
- Name: s3:ListRegionalBuckets
- Name: s3:PutBucketAccelerateConfiguration
- Name: s3:PutBucketAnalyticsConfiguration
- Name: s3:PutBucketEncryption
- Name: s3:PutBucketIntelligentTieringConfiguration
- Name: s3:PutBucketInventoryConfiguration
- Name: s3:PutBucketLifecycle
- Name: s3:PutBucketLifecycleConfiguration
- Name: s3:PutBucketMetricsConfiguration
- Name: s3:PutBucketNotificationConfiguration
- Name: s3:PutBucketReplication
- Name: s3:PutObjectLockConfiguration
- Name: s3:PutPublicAccessBlock
- Name: s3:SelectObjectContent
- Name: s3:UploadPart
- Name: s3:UploadPartCopy
- Name: s3:WriteGetObjectResponse