Yasuke/moto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
d596560971
moto/moto/iam/aws_managed_policies.py
Bendegúz Ács 97ab7fd307 Fixes for get_policy and get_policy_version with AWS managed policies (#2231) 
* Created test for get_policy with AWS managed policy.

* Created failing test for get_policy_version with AWS managed policy.

* Updated AWS managed policies.

* Fixed failing tests.

* Fixed trying to compare datetime with string in test case.

* Fixed CreateDate of AWS managed policies overwritten by their version's CreateDate.

* Fixed and improved tests for managed AWS policies.

* Added test for AWS managed policy with v4 default version.

* Fixed not correctly returning dates for AWS managed policies.
2019-06-06 13:36:39 +01:00

28476 lines
1.1 MiB
Raw Blame History

# Imported via `make aws_managed_policies`
aws_managed_policies_data = """
{
"APIGatewayServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/APIGatewayServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-10-20T17:23:10+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"elasticloadbalancing:AddListenerCertificates",
"elasticloadbalancing:RemoveListenerCertificates",
"elasticloadbalancing:ModifyListener",
"xray:PutTraceSegments",
"xray:PutTelemetryRecords",
"xray:GetSamplingTargets",
"xray:GetSamplingRules"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"firehose:DescribeDeliveryStream",
"firehose:PutRecord",
"firehose:PutRecordBatch"
],
"Effect": "Allow",
"Resource": "arn:aws:firehose:*:*:deliverystream/amazon-apigateway-*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJQQDZNLDBF2ULTWK6",
"PolicyName": "APIGatewayServiceRolePolicy",
"UpdateDate": "2019-05-20T18:22:18+00:00",
"VersionId": "v4"
},
"AWSAccountActivityAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSAccountActivityAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:18+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"aws-portal:ViewBilling"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJQRYCWMFX5J3E333K",
"PolicyName": "AWSAccountActivityAccess",
"UpdateDate": "2015-02-06T18:41:18+00:00",
"VersionId": "v1"
},
"AWSAccountUsageReportAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSAccountUsageReportAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:19+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"aws-portal:ViewUsage"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJLIB4VSBVO47ZSBB6",
"PolicyName": "AWSAccountUsageReportAccess",
"UpdateDate": "2015-02-06T18:41:19+00:00",
"VersionId": "v1"
},
"AWSAgentlessDiscoveryService": {
"Arn": "arn:aws:iam::aws:policy/AWSAgentlessDiscoveryService",
"AttachmentCount": 0,
"CreateDate": "2016-08-02T01:35:11+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"awsconnector:RegisterConnector",
"awsconnector:GetConnectorHealth"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:GetUser",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:GetObject",
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::connector-platform-upgrade-info/*",
"arn:aws:s3:::connector-platform-upgrade-info",
"arn:aws:s3:::connector-platform-upgrade-bundles/*",
"arn:aws:s3:::connector-platform-upgrade-bundles",
"arn:aws:s3:::connector-platform-release-notes/*",
"arn:aws:s3:::connector-platform-release-notes",
"arn:aws:s3:::prod.agentless.discovery.connector.upgrade/*",
"arn:aws:s3:::prod.agentless.discovery.connector.upgrade"
]
},
{
"Action": [
"s3:PutObject",
"s3:PutObjectAcl"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::import-to-ec2-connector-debug-logs/*"
]
},
{
"Action": [
"SNS:Publish"
],
"Effect": "Allow",
"Resource": "arn:aws:sns:*:*:metrics-sns-topic-for-*"
},
{
"Action": [
"Discovery:*"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "Discovery"
},
{
"Action": [
"arsenal:RegisterOnPremisesAgent"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "arsenal"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIA3DIL7BYQ35ISM4K",
"PolicyName": "AWSAgentlessDiscoveryService",
"UpdateDate": "2016-08-02T01:35:11+00:00",
"VersionId": "v1"
},
"AWSAppMeshFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSAppMeshFullAccess",
"AttachmentCount": 0,
"CreateDate": "2019-04-16T17:50:40+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"appmesh:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAZKAPJZG4ILVZ5BWFU",
"PolicyName": "AWSAppMeshFullAccess",
"UpdateDate": "2019-04-16T17:50:40+00:00",
"VersionId": "v1"
},
"AWSAppMeshReadOnly": {
"Arn": "arn:aws:iam::aws:policy/AWSAppMeshReadOnly",
"AttachmentCount": 0,
"CreateDate": "2019-04-16T17:51:11+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"appmesh:Describe*",
"appmesh:List*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAZKAPJZG4HOPFCIWXP",
"PolicyName": "AWSAppMeshReadOnly",
"UpdateDate": "2019-04-16T17:51:11+00:00",
"VersionId": "v1"
},
"AWSAppMeshServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSAppMeshServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2019-06-03T18:30:51+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"servicediscovery:DiscoverInstances"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "CloudMapServiceDiscovery"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAZKAPJZG4B5IHMMEND",
"PolicyName": "AWSAppMeshServiceRolePolicy",
"UpdateDate": "2019-06-03T18:30:51+00:00",
"VersionId": "v1"
},
"AWSAppSyncAdministrator": {
"Arn": "arn:aws:iam::aws:policy/AWSAppSyncAdministrator",
"AttachmentCount": 0,
"CreateDate": "2018-03-20T21:20:28+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"appsync:*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringEquals": {
"iam:PassedToService": [
"appsync.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJBYY36AJPXTTWIXCY",
"PolicyName": "AWSAppSyncAdministrator",
"UpdateDate": "2018-03-20T21:20:28+00:00",
"VersionId": "v1"
},
"AWSAppSyncInvokeFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSAppSyncInvokeFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-03-20T21:21:20+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"appsync:GraphQL",
"appsync:GetGraphqlApi",
"appsync:ListGraphqlApis",
"appsync:ListApiKeys"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAILMPWRRZN27MPE3VM",
"PolicyName": "AWSAppSyncInvokeFullAccess",
"UpdateDate": "2018-03-20T21:21:20+00:00",
"VersionId": "v1"
},
"AWSAppSyncPushToCloudWatchLogs": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSAppSyncPushToCloudWatchLogs",
"AttachmentCount": 0,
"CreateDate": "2018-04-09T19:38:55+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIWN7WNO34HLMJPUQS",
"PolicyName": "AWSAppSyncPushToCloudWatchLogs",
"UpdateDate": "2018-04-09T19:38:55+00:00",
"VersionId": "v1"
},
"AWSAppSyncSchemaAuthor": {
"Arn": "arn:aws:iam::aws:policy/AWSAppSyncSchemaAuthor",
"AttachmentCount": 0,
"CreateDate": "2018-03-20T21:21:06+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"appsync:GraphQL",
"appsync:CreateResolver",
"appsync:CreateType",
"appsync:DeleteResolver",
"appsync:DeleteType",
"appsync:GetResolver",
"appsync:GetType",
"appsync:GetDataSource",
"appsync:GetSchemaCreationStatus",
"appsync:GetIntrospectionSchema",
"appsync:GetGraphqlApi",
"appsync:ListTypes",
"appsync:ListApiKeys",
"appsync:ListResolvers",
"appsync:ListDataSources",
"appsync:ListGraphqlApis",
"appsync:StartSchemaCreation",
"appsync:UpdateResolver",
"appsync:UpdateType"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIUCF5WVTOFQXFKY5E",
"PolicyName": "AWSAppSyncSchemaAuthor",
"UpdateDate": "2018-03-20T21:21:06+00:00",
"VersionId": "v1"
},
"AWSApplicationAutoScalingCustomResourcePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoScalingCustomResourcePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-06-04T23:22:44+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"execute-api:Invoke",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms",
"cloudwatch:DeleteAlarms"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJYTKXPX6DO32Z4XXA",
"PolicyName": "AWSApplicationAutoScalingCustomResourcePolicy",
"UpdateDate": "2018-06-04T23:22:44+00:00",
"VersionId": "v1"
},
"AWSApplicationAutoscalingAppStreamFleetPolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingAppStreamFleetPolicy",
"AttachmentCount": 0,
"CreateDate": "2017-10-20T19:04:06+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"appstream:UpdateFleet",
"appstream:DescribeFleets",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms",
"cloudwatch:DeleteAlarms"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIRI724OWKP56ZG62M",
"PolicyName": "AWSApplicationAutoscalingAppStreamFleetPolicy",
"UpdateDate": "2017-10-20T19:04:06+00:00",
"VersionId": "v1"
},
"AWSApplicationAutoscalingDynamoDBTablePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingDynamoDBTablePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-10-20T21:34:57+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"dynamodb:DescribeTable",
"dynamodb:UpdateTable",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms",
"cloudwatch:DeleteAlarms"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJOVQMDI3JFCBW4LFO",
"PolicyName": "AWSApplicationAutoscalingDynamoDBTablePolicy",
"UpdateDate": "2017-10-20T21:34:57+00:00",
"VersionId": "v1"
},
"AWSApplicationAutoscalingEC2SpotFleetRequestPolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingEC2SpotFleetRequestPolicy",
"AttachmentCount": 0,
"CreateDate": "2017-10-25T18:23:27+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:DescribeSpotFleetRequests",
"ec2:ModifySpotFleetRequest",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms",
"cloudwatch:DeleteAlarms"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJNRH3VE3WW4Q4RDTU",
"PolicyName": "AWSApplicationAutoscalingEC2SpotFleetRequestPolicy",
"UpdateDate": "2017-10-25T18:23:27+00:00",
"VersionId": "v1"
},
"AWSApplicationAutoscalingECSServicePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingECSServicePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-10-25T23:53:08+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ecs:DescribeServices",
"ecs:UpdateService",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms",
"cloudwatch:DeleteAlarms"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJFXLLV7AKH5PSFOYG",
"PolicyName": "AWSApplicationAutoscalingECSServicePolicy",
"UpdateDate": "2017-10-25T23:53:08+00:00",
"VersionId": "v1"
},
"AWSApplicationAutoscalingEMRInstanceGroupPolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingEMRInstanceGroupPolicy",
"AttachmentCount": 0,
"CreateDate": "2017-10-26T00:57:39+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"elasticmapreduce:ListInstanceGroups",
"elasticmapreduce:ModifyInstanceGroups",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms",
"cloudwatch:DeleteAlarms"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIQ6M5Z7LQY2YSG2JS",
"PolicyName": "AWSApplicationAutoscalingEMRInstanceGroupPolicy",
"UpdateDate": "2017-10-26T00:57:39+00:00",
"VersionId": "v1"
},
"AWSApplicationAutoscalingRDSClusterPolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingRDSClusterPolicy",
"AttachmentCount": 0,
"CreateDate": "2017-10-17T17:46:56+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"rds:AddTagsToResource",
"rds:CreateDBInstance",
"rds:DeleteDBInstance",
"rds:DescribeDBClusters",
"rds:DescribeDBInstances",
"rds:ModifyDBCluster",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms",
"cloudwatch:DeleteAlarms"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringLike": {
"iam:PassedToService": "rds.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ7XS52I27Q2JVKALU",
"PolicyName": "AWSApplicationAutoscalingRDSClusterPolicy",
"UpdateDate": "2018-08-07T19:14:24+00:00",
"VersionId": "v3"
},
"AWSApplicationAutoscalingSageMakerEndpointPolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingSageMakerEndpointPolicy",
"AttachmentCount": 0,
"CreateDate": "2018-02-06T19:58:21+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"sagemaker:DescribeEndpoint",
"sagemaker:DescribeEndpointConfig",
"sagemaker:UpdateEndpointWeightsAndCapacities",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms",
"cloudwatch:DeleteAlarms"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI5DBEBNRZQ4SXYTAW",
"PolicyName": "AWSApplicationAutoscalingSageMakerEndpointPolicy",
"UpdateDate": "2018-02-06T19:58:21+00:00",
"VersionId": "v1"
},
"AWSApplicationDiscoveryAgentAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSApplicationDiscoveryAgentAccess",
"AttachmentCount": 0,
"CreateDate": "2016-05-11T21:38:47+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"arsenal:RegisterOnPremisesAgent"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAICZIOVAGC6JPF3WHC",
"PolicyName": "AWSApplicationDiscoveryAgentAccess",
"UpdateDate": "2016-05-11T21:38:47+00:00",
"VersionId": "v1"
},
"AWSApplicationDiscoveryServiceFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSApplicationDiscoveryServiceFullAccess",
"AttachmentCount": 0,
"CreateDate": "2016-05-11T21:30:50+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"mgh:*",
"discovery:*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:GetRole"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringEquals": {
"iam:AWSServiceName": "continuousexport.discovery.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/continuousexport.discovery.amazonaws.com/AWSServiceRoleForApplicationDiscoveryServiceContinuousExport*"
},
{
"Action": [
"iam:DeleteServiceLinkedRole",
"iam:GetServiceLinkedRoleDeletionStatus"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/continuousexport.discovery.amazonaws.com/AWSServiceRoleForApplicationDiscoveryServiceContinuousExport*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJBNJEA6ZXM2SBOPDU",
"PolicyName": "AWSApplicationDiscoveryServiceFullAccess",
"UpdateDate": "2018-08-16T16:02:27+00:00",
"VersionId": "v3"
},
"AWSArtifactAccountSync": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSArtifactAccountSync",
"AttachmentCount": 0,
"CreateDate": "2018-04-10T23:04:33+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"organizations:ListAccounts",
"organizations:DescribeOrganization"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJMVPXRWZJZWDTYDNC",
"PolicyName": "AWSArtifactAccountSync",
"UpdateDate": "2018-04-10T23:04:33+00:00",
"VersionId": "v1"
},
"AWSAutoScalingPlansEC2AutoScalingPolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSAutoScalingPlansEC2AutoScalingPolicy",
"AttachmentCount": 0,
"CreateDate": "2018-08-23T22:46:59+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloudwatch:GetMetricData",
"autoscaling:DescribeAutoScalingGroups",
"autoscaling:DescribeScheduledActions",
"autoscaling:BatchPutScheduledUpdateGroupAction",
"autoscaling:BatchDeleteScheduledAction"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIXWLPZPD4RYBM3JSU",
"PolicyName": "AWSAutoScalingPlansEC2AutoScalingPolicy",
"UpdateDate": "2018-08-23T22:46:59+00:00",
"VersionId": "v1"
},
"AWSB9InternalServicePolicy": {
"Arn": "arn:aws:iam::aws:policy/AWSB9InternalServicePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-12-13T18:48:22+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:CreateNetworkInterfacePermission",
"ec2:DescribeNetworkInterfaces",
"ec2:DeleteNetworkInterface",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:DescribeSecurityGroups",
"greengrass:CreateDeployment",
"greengrass:CreateGroupVersion",
"greengrass:CreateFunctionDefinition",
"greengrass:CreateFunctionDefinitionVersion",
"greengrass:GetDeploymentStatus",
"greengrass:GetGroup",
"greengrass:GetGroupVersion",
"greengrass:GetCoreDefinitionVersion",
"greengrass:GetFunctionDefinitionVersion",
"greengrass:GetAssociatedRole",
"lambda:CreateFunction"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"lambda:UpdateFunctionCode",
"lambda:GetFunction",
"lambda:UpdateFunctionConfiguration"
],
"Effect": "Allow",
"Resource": "arn:aws:lambda:*:*:function:aws-robomaker-*"
},
{
"Action": "iam:PassRole",
"Condition": {
"StringEqualsIfExists": {
"iam:PassedToService": "lambda.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIWR2IIOQ7JJGVQOPW",
"PolicyName": "AWSB9InternalServicePolicy",
"UpdateDate": "2018-12-13T18:48:22+00:00",
"VersionId": "v1"
},
"AWSBackupAdminPolicy": {
"Arn": "arn:aws:iam::aws:policy/AWSBackupAdminPolicy",
"AttachmentCount": 0,
"CreateDate": "2019-01-19T02:34:31+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": "backup:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "backup-storage:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"rds:DescribeDBSnapshots",
"rds:ListTagsForResource",
"rds:DescribeDBInstances",
"rds:describeDBSnapshots",
"rds:describeDBEngineVersions",
"rds:describeOptionGroups",
"rds:describeOrderableDBInstanceOptions",
"rds:describeDBSubnetGroups"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"dynamodb:ListBackups",
"dynamodb:ListTables"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"elasticfilesystem:DescribeFilesystems"
],
"Effect": "Allow",
"Resource": "arn:aws:elasticfilesystem:*:*:file-system/*"
},
{
"Action": [
"ec2:DescribeSnapshots",
"ec2:DescribeVolumes",
"ec2:describeAvailabilityZones"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"tag:GetTagKeys",
"tag:GetTagValues",
"tag:GetResources"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"storagegateway:DescribeCachediSCSIVolumes",
"storagegateway:DescribeStorediSCSIVolumes"
],
"Effect": "Allow",
"Resource": "arn:aws:storagegateway:*:*:gateway/*/volume/*"
},
{
"Action": [
"storagegateway:ListGateways"
],
"Effect": "Allow",
"Resource": "arn:aws:storagegateway:*:*:*"
},
{
"Action": [
"storagegateway:DescribeGatewayInformation",
"storagegateway:ListVolumes",
"storagegateway:ListLocalDisks"
],
"Effect": "Allow",
"Resource": "arn:aws:storagegateway:*:*:gateway/*"
},
{
"Action": [
"iam:ListRoles",
"iam:GetRole",
"iam:GetUser"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:PassRole",
"Condition": {
"StringLike": {
"iam:PassedToService": "backup.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/*AwsBackup*",
"arn:aws:iam::*:role/*AWSBackup*"
]
},
{
"Action": [
"kms:ListKeys",
"kms:DescribeKey",
"kms:GenerateDataKey",
"kms:RetireGrant",
"kms:CreateGrant",
"kms:ListAliases",
"kms:Decrypt"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJWFPFHACTI7XN6M2C",
"PolicyName": "AWSBackupAdminPolicy",
"UpdateDate": "2019-03-11T22:14:30+00:00",
"VersionId": "v2"
},
"AWSBackupOperatorPolicy": {
"Arn": "arn:aws:iam::aws:policy/AWSBackupOperatorPolicy",
"AttachmentCount": 0,
"CreateDate": "2019-01-19T02:31:55+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"backup:Get*",
"backup:List*",
"backup:Describe*",
"backup:CreateBackupSelection",
"backup:DeleteBackupSelection",
"backup:GetRecoveryPointRestoreMetadata",
"backup:StartBackupJob",
"backup:StartRestoreJob"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"rds:DescribeDBSnapshots",
"rds:ListTagsForResource",
"rds:DescribeDBInstances",
"rds:describeDBSnapshots",
"rds:describeDBEngineVersions",
"rds:describeOptionGroups",
"rds:describeOrderableDBInstanceOptions",
"rds:describeDBSubnetGroups"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"dynamodb:ListBackups",
"dynamodb:ListTables"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"elasticfilesystem:DescribeFilesystems"
],
"Effect": "Allow",
"Resource": "arn:aws:elasticfilesystem:*:*:file-system/*"
},
{
"Action": [
"ec2:DescribeSnapshots",
"ec2:DescribeVolumes",
"ec2:describeAvailabilityZones"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"tag:GetTagKeys",
"tag:GetTagValues",
"tag:GetResources"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"storagegateway:DescribeCachediSCSIVolumes",
"storagegateway:DescribeStorediSCSIVolumes"
],
"Effect": "Allow",
"Resource": "arn:aws:storagegateway:*:*:gateway/*/volume/*"
},
{
"Action": [
"storagegateway:ListGateways"
],
"Effect": "Allow",
"Resource": "arn:aws:storagegateway:*:*:*"
},
{
"Action": [
"storagegateway:DescribeGatewayInformation",
"storagegateway:ListVolumes",
"storagegateway:ListLocalDisks"
],
"Effect": "Allow",
"Resource": "arn:aws:storagegateway:*:*:gateway/*"
},
{
"Action": [
"iam:ListRoles",
"iam:GetRole",
"iam:GetUser"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:PassRole",
"Condition": {
"StringLike": {
"iam:PassedToService": "backup.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/*AwsBackup*",
"arn:aws:iam::*:role/*AWSBackup*"
]
},
{
"Action": [
"kms:ListKeys",
"kms:DescribeKey",
"kms:GenerateDataKey",
"kms:RetireGrant",
"kms:CreateGrant",
"kms:ListAliases",
"kms:Decrypt"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ7BHZKKS47SGORCJE",
"PolicyName": "AWSBackupOperatorPolicy",
"UpdateDate": "2019-03-11T22:18:12+00:00",
"VersionId": "v2"
},
"AWSBackupServiceRolePolicyForBackup": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup",
"AttachmentCount": 0,
"CreateDate": "2019-01-10T21:01:28+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"dynamodb:DescribeTable",
"dynamodb:CreateBackup"
],
"Effect": "Allow",
"Resource": "arn:aws:dynamodb:*:*:table/*"
},
{
"Action": [
"dynamodb:DescribeBackup",
"dynamodb:DeleteBackup"
],
"Effect": "Allow",
"Resource": "arn:aws:dynamodb:*:*:table/*/backup/*"
},
{
"Action": [
"rds:AddTagsToResource",
"rds:ListTagsForResource",
"rds:DescribeDBSnapshots",
"rds:CreateDBSnapshot",
"rds:CopyDBSnapshot",
"rds:DescribeDBInstances"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"rds:DeleteDBSnapshot"
],
"Effect": "Allow",
"Resource": [
"arn:aws:rds:*:*:snapshot:awsbackup:*"
]
},
{
"Action": [
"storagegateway:CreateSnapshot"
],
"Effect": "Allow",
"Resource": "arn:aws:storagegateway:*:*:gateway/*/volume/*"
},
{
"Action": [
"ec2:CreateTags",
"ec2:DeleteSnapshot"
],
"Effect": "Allow",
"Resource": "arn:aws:ec2:*::snapshot/*"
},
{
"Action": [
"ec2:DescribeSnapshots"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"elasticfilesystem:Backup"
],
"Effect": "Allow",
"Resource": "arn:aws:elasticfilesystem:*:*:file-system/*"
},
{
"Action": [
"ec2:CreateSnapshot",
"ec2:DeleteSnapshot",
"ec2:DescribeVolumes",
"ec2:DescribeSnapshots"
],
"Effect": "Allow",
"Resource": [
"arn:aws:ec2:*::snapshot/*",
"arn:aws:ec2:*:*:volume/*"
]
},
{
"Action": "kms:DescribeKey",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "kms:CreateGrant",
"Condition": {
"Bool": {
"kms:GrantIsForAWSResource": "true"
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"tag:GetResources"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIOOYZSLZZXWFJJ5N2",
"PolicyName": "AWSBackupServiceRolePolicyForBackup",
"UpdateDate": "2019-04-25T19:15:48+00:00",
"VersionId": "v2"
},
"AWSBackupServiceRolePolicyForRestores": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForRestores",
"AttachmentCount": 0,
"CreateDate": "2019-01-12T00:23:54+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"dynamodb:Scan",
"dynamodb:Query",
"dynamodb:UpdateItem",
"dynamodb:PutItem",
"dynamodb:GetItem",
"dynamodb:DeleteItem",
"dynamodb:BatchWriteItem",
"dynamodb:DescribeTable"
],
"Effect": "Allow",
"Resource": "arn:aws:dynamodb:*:*:table/*"
},
{
"Action": [
"dynamodb:RestoreTableFromBackup"
],
"Effect": "Allow",
"Resource": "arn:aws:dynamodb:*:*:table/*/backup/*"
},
{
"Action": [
"ec2:CreateVolume",
"ec2:DeleteVolume"
],
"Effect": "Allow",
"Resource": [
"arn:aws:ec2:*::snapshot/*",
"arn:aws:ec2:*:*:volume/*"
]
},
{
"Action": [
"ec2:DescribeSnapshots",
"ec2:DescribeVolumes"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"storagegateway:DeleteVolume",
"storagegateway:DescribeCachediSCSIVolumes",
"storagegateway:DescribeStorediSCSIVolumes"
],
"Effect": "Allow",
"Resource": "arn:aws:storagegateway:*:*:gateway/*/volume/*"
},
{
"Action": [
"storagegateway:DescribeGatewayInformation",
"storagegateway:CreateStorediSCSIVolume",
"storagegateway:CreateCachediSCSIVolume"
],
"Effect": "Allow",
"Resource": "arn:aws:storagegateway:*:*:gateway/*"
},
{
"Action": [
"storagegateway:ListVolumes"
],
"Effect": "Allow",
"Resource": "arn:aws:storagegateway:*:*:*"
},
{
"Action": [
"rds:DescribeDBInstances",
"rds:DescribeDBSnapshots",
"rds:ListTagsForResource",
"rds:RestoreDBInstanceFromDBSnapshot",
"rds:DeleteDBInstance",
"rds:AddTagsToResource"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"elasticfilesystem:Restore",
"elasticfilesystem:CreateFilesystem",
"elasticfilesystem:DescribeFilesystems",
"elasticfilesystem:DeleteFilesystem"
],
"Effect": "Allow",
"Resource": "arn:aws:elasticfilesystem:*:*:file-system/*"
},
{
"Action": "kms:DescribeKey",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "kms:CreateGrant",
"Condition": {
"Bool": {
"kms:GrantIsForAWSResource": "true"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJZCCL6F2WPVOUXZKI",
"PolicyName": "AWSBackupServiceRolePolicyForRestores",
"UpdateDate": "2019-04-25T19:17:26+00:00",
"VersionId": "v3"
},
"AWSBatchFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSBatchFullAccess",
"AttachmentCount": 0,
"CreateDate": "2016-12-06T19:35:42+00:00",
"DefaultVersionId": "v5",
"Document": {
"Statement": [
{
"Action": [
"batch:*",
"cloudwatch:GetMetricStatistics",
"ec2:DescribeSubnets",
"ec2:DescribeSecurityGroups",
"ec2:DescribeKeyPairs",
"ec2:DescribeVpcs",
"ec2:DescribeImages",
"ec2:DescribeLaunchTemplates",
"ec2:DescribeLaunchTemplateVersions",
"ecs:DescribeClusters",
"ecs:Describe*",
"ecs:List*",
"logs:Describe*",
"logs:Get*",
"logs:TestMetricFilter",
"logs:FilterLogEvents",
"iam:ListInstanceProfiles",
"iam:ListRoles"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:PassRole"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/AWSBatchServiceRole",
"arn:aws:iam::*:role/service-role/AWSBatchServiceRole",
"arn:aws:iam::*:role/ecsInstanceRole",
"arn:aws:iam::*:instance-profile/ecsInstanceRole",
"arn:aws:iam::*:role/iaws-ec2-spot-fleet-role",
"arn:aws:iam::*:role/aws-ec2-spot-fleet-role",
"arn:aws:iam::*:role/AWSBatchJobRole*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ7K2KIWB3HZVK3CUO",
"PolicyName": "AWSBatchFullAccess",
"UpdateDate": "2018-11-05T21:09:23+00:00",
"VersionId": "v5"
},
"AWSBatchServiceEventTargetRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSBatchServiceEventTargetRole",
"AttachmentCount": 0,
"CreateDate": "2018-02-28T22:31:13+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"batch:SubmitJob"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAICVHHZ6XHNMA6VE3Q",
"PolicyName": "AWSBatchServiceEventTargetRole",
"UpdateDate": "2018-02-28T22:31:13+00:00",
"VersionId": "v1"
},
"AWSBatchServiceRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole",
"AttachmentCount": 0,
"CreateDate": "2016-12-06T19:36:24+00:00",
"DefaultVersionId": "v9",
"Document": {
"Statement": [
{
"Action": [
"ec2:DescribeAccountAttributes",
"ec2:DescribeInstances",
"ec2:DescribeInstanceAttribute",
"ec2:DescribeSubnets",
"ec2:DescribeSecurityGroups",
"ec2:DescribeKeyPairs",
"ec2:DescribeImages",
"ec2:DescribeImageAttribute",
"ec2:DescribeSpotInstanceRequests",
"ec2:DescribeSpotFleetInstances",
"ec2:DescribeSpotFleetRequests",
"ec2:DescribeSpotPriceHistory",
"ec2:DescribeVpcClassicLink",
"ec2:DescribeLaunchTemplateVersions",
"ec2:CreateLaunchTemplate",
"ec2:DeleteLaunchTemplate",
"ec2:RequestSpotFleet",
"ec2:CancelSpotFleetRequests",
"ec2:ModifySpotFleetRequest",
"ec2:TerminateInstances",
"ec2:RunInstances",
"autoscaling:DescribeAccountLimits",
"autoscaling:DescribeAutoScalingGroups",
"autoscaling:DescribeLaunchConfigurations",
"autoscaling:DescribeAutoScalingInstances",
"autoscaling:CreateLaunchConfiguration",
"autoscaling:CreateAutoScalingGroup",
"autoscaling:UpdateAutoScalingGroup",
"autoscaling:SetDesiredCapacity",
"autoscaling:DeleteLaunchConfiguration",
"autoscaling:DeleteAutoScalingGroup",
"autoscaling:CreateOrUpdateTags",
"autoscaling:SuspendProcesses",
"autoscaling:PutNotificationConfiguration",
"autoscaling:TerminateInstanceInAutoScalingGroup",
"ecs:DescribeClusters",
"ecs:DescribeContainerInstances",
"ecs:DescribeTaskDefinition",
"ecs:DescribeTasks",
"ecs:ListClusters",
"ecs:ListContainerInstances",
"ecs:ListTaskDefinitionFamilies",
"ecs:ListTaskDefinitions",
"ecs:ListTasks",
"ecs:CreateCluster",
"ecs:DeleteCluster",
"ecs:RegisterTaskDefinition",
"ecs:DeregisterTaskDefinition",
"ecs:RunTask",
"ecs:StartTask",
"ecs:StopTask",
"ecs:UpdateContainerAgent",
"ecs:DeregisterContainerInstance",
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogGroups",
"iam:GetInstanceProfile",
"iam:GetRole"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:PassRole",
"Condition": {
"StringEquals": {
"iam:PassedToService": [
"ec2.amazonaws.com",
"ecs-tasks.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringEquals": {
"iam:AWSServiceName": [
"spot.amazonaws.com",
"spotfleet.amazonaws.com",
"autoscaling.amazonaws.com",
"ecs.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:CreateTags"
],
"Condition": {
"StringEquals": {
"ec2:CreateAction": "RunInstances"
}
},
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIUETIXPCKASQJURFE",
"PolicyName": "AWSBatchServiceRole",
"UpdateDate": "2018-10-30T19:00:56+00:00",
"VersionId": "v9"
},
"AWSCertificateManagerFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCertificateManagerFullAccess",
"AttachmentCount": 0,
"CreateDate": "2016-01-21T17:02:36+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"acm:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJYCHABBP6VQIVBCBQ",
"PolicyName": "AWSCertificateManagerFullAccess",
"UpdateDate": "2016-01-21T17:02:36+00:00",
"VersionId": "v1"
},
"AWSCertificateManagerPrivateCAAuditor": {
"Arn": "arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAAuditor",
"AttachmentCount": 0,
"CreateDate": "2018-10-23T16:51:08+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"acm-pca:CreateCertificateAuthorityAuditReport",
"acm-pca:DescribeCertificateAuthority",
"acm-pca:DescribeCertificateAuthorityAuditReport",
"acm-pca:GetCertificateAuthorityCsr",
"acm-pca:GetCertificateAuthorityCertificate",
"acm-pca:GetCertificate",
"acm-pca:ListPermissions",
"acm-pca:ListTags"
],
"Effect": "Allow",
"Resource": "arn:aws:acm-pca:*:*:certificate-authority/*"
},
{
"Action": [
"acm-pca:ListCertificateAuthorities"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJW77VE4UEBJ4PEXEY",
"PolicyName": "AWSCertificateManagerPrivateCAAuditor",
"UpdateDate": "2019-03-14T17:17:38+00:00",
"VersionId": "v3"
},
"AWSCertificateManagerPrivateCAFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-10-23T16:54:50+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"acm-pca:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIRTQUC55CREAWFLBG",
"PolicyName": "AWSCertificateManagerPrivateCAFullAccess",
"UpdateDate": "2018-10-23T16:54:50+00:00",
"VersionId": "v1"
},
"AWSCertificateManagerPrivateCAReadOnly": {
"Arn": "arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAReadOnly",
"AttachmentCount": 0,
"CreateDate": "2018-10-23T16:57:04+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": {
"Action": [
"acm-pca:DescribeCertificateAuthority",
"acm-pca:DescribeCertificateAuthorityAuditReport",
"acm-pca:ListCertificateAuthorities",
"acm-pca:GetCertificateAuthorityCsr",
"acm-pca:GetCertificateAuthorityCertificate",
"acm-pca:GetCertificate",
"acm-pca:ListPermissions",
"acm-pca:ListTags"
],
"Effect": "Allow",
"Resource": "*"
},
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJQAQT3WIXOXY7TD4A",
"PolicyName": "AWSCertificateManagerPrivateCAReadOnly",
"UpdateDate": "2019-03-14T17:17:21+00:00",
"VersionId": "v2"
},
"AWSCertificateManagerPrivateCAUser": {
"Arn": "arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAUser",
"AttachmentCount": 0,
"CreateDate": "2018-10-23T16:53:33+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"acm-pca:IssueCertificate",
"acm-pca:RevokeCertificate",
"acm-pca:GetCertificate",
"acm-pca:ListPermissions"
],
"Effect": "Allow",
"Resource": "arn:aws:acm-pca:*:*:certificate-authority/*"
},
{
"Action": [
"acm-pca:ListCertificateAuthorities"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJBXCSJJULLMRWSNII",
"PolicyName": "AWSCertificateManagerPrivateCAUser",
"UpdateDate": "2019-03-14T17:17:02+00:00",
"VersionId": "v3"
},
"AWSCertificateManagerReadOnly": {
"Arn": "arn:aws:iam::aws:policy/AWSCertificateManagerReadOnly",
"AttachmentCount": 0,
"CreateDate": "2016-01-21T17:07:33+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": {
"Action": [
"acm:DescribeCertificate",
"acm:ListCertificates",
"acm:GetCertificate",
"acm:ListTagsForCertificate"
],
"Effect": "Allow",
"Resource": "*"
},
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI4GSWX6S4MESJ3EWC",
"PolicyName": "AWSCertificateManagerReadOnly",
"UpdateDate": "2016-04-21T15:08:16+00:00",
"VersionId": "v2"
},
"AWSCloud9Administrator": {
"Arn": "arn:aws:iam::aws:policy/AWSCloud9Administrator",
"AttachmentCount": 0,
"CreateDate": "2017-11-30T16:17:28+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloud9:*",
"iam:GetUser",
"iam:ListUsers",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:CreateServiceLinkedRole"
],
"Condition": {
"StringLike": {
"iam:AWSServiceName": "cloud9.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIQ4KWP455WDTCBGWK",
"PolicyName": "AWSCloud9Administrator",
"UpdateDate": "2017-11-30T16:17:28+00:00",
"VersionId": "v1"
},
"AWSCloud9EnvironmentMember": {
"Arn": "arn:aws:iam::aws:policy/AWSCloud9EnvironmentMember",
"AttachmentCount": 0,
"CreateDate": "2017-11-30T16:18:28+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloud9:GetUserSettings",
"cloud9:UpdateUserSettings",
"iam:GetUser",
"iam:ListUsers"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloud9:DescribeEnvironmentMemberships"
],
"Condition": {
"Null": {
"cloud9:EnvironmentId": "true",
"cloud9:UserArn": "true"
}
},
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI54ULAIPVT5HFTYGK",
"PolicyName": "AWSCloud9EnvironmentMember",
"UpdateDate": "2017-11-30T16:18:28+00:00",
"VersionId": "v1"
},
"AWSCloud9ServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSCloud9ServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-11-30T13:44:08+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ec2:RunInstances",
"ec2:CreateSecurityGroup",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets",
"ec2:DescribeSecurityGroups",
"ec2:DescribeInstances",
"cloudformation:CreateStack",
"cloudformation:DescribeStacks",
"cloudformation:DescribeStackEvents",
"cloudformation:DescribeStackResources"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:TerminateInstances",
"ec2:DeleteSecurityGroup",
"ec2:AuthorizeSecurityGroupIngress"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloudformation:DeleteStack"
],
"Effect": "Allow",
"Resource": "arn:aws:cloudformation:*:*:stack/aws-cloud9-*"
},
{
"Action": [
"ec2:CreateTags"
],
"Condition": {
"StringLike": {
"aws:RequestTag/Name": "aws-cloud9-*"
}
},
"Effect": "Allow",
"Resource": "arn:aws:ec2:*:*:instance/*"
},
{
"Action": [
"ec2:StartInstances",
"ec2:StopInstances"
],
"Condition": {
"StringLike": {
"ec2:ResourceTag/aws:cloudformation:stack-name": "aws-cloud9-*"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJFXGCBXQIZATFZ4YG",
"PolicyName": "AWSCloud9ServiceRolePolicy",
"UpdateDate": "2018-02-27T10:20:24+00:00",
"VersionId": "v2"
},
"AWSCloud9User": {
"Arn": "arn:aws:iam::aws:policy/AWSCloud9User",
"AttachmentCount": 0,
"CreateDate": "2017-11-30T16:16:17+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"cloud9:ValidateEnvironmentName",
"cloud9:UpdateUserSettings",
"cloud9:GetUserSettings",
"iam:GetUser",
"iam:ListUsers",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloud9:CreateEnvironmentEC2",
"cloud9:CreateEnvironmentSSH"
],
"Condition": {
"Null": {
"cloud9:OwnerArn": "true"
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloud9:GetUserPublicKey"
],
"Condition": {
"Null": {
"cloud9:UserArn": "true"
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloud9:DescribeEnvironmentMemberships"
],
"Condition": {
"Null": {
"cloud9:EnvironmentId": "true",
"cloud9:UserArn": "true"
}
},
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"iam:CreateServiceLinkedRole"
],
"Condition": {
"StringLike": {
"iam:AWSServiceName": "cloud9.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJPFGFWQF67QVARP6U",
"PolicyName": "AWSCloud9User",
"UpdateDate": "2018-07-02T08:46:37+00:00",
"VersionId": "v3"
},
"AWSCloudFormationReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCloudFormationReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:39:49+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"cloudformation:Describe*",
"cloudformation:EstimateTemplateCost",
"cloudformation:Get*",
"cloudformation:List*",
"cloudformation:ValidateTemplate",
"cloudformation:DetectStackDrift",
"cloudformation:DetectStackResourceDrift"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJWVBEE4I2POWLODLW",
"PolicyName": "AWSCloudFormationReadOnlyAccess",
"UpdateDate": "2019-02-06T22:16:02+00:00",
"VersionId": "v3"
},
"AWSCloudFrontLogger": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSCloudFrontLogger",
"AttachmentCount": 0,
"CreateDate": "2018-06-12T20:15:23+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": "arn:aws:logs:*:*:/aws/cloudfront/*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIOI7RPKLCNINBTRP4",
"PolicyName": "AWSCloudFrontLogger",
"UpdateDate": "2018-06-12T20:15:23+00:00",
"VersionId": "v1"
},
"AWSCloudHSMFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCloudHSMFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:39:51+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "cloudhsm:*",
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIMBQYQZM7F63DA2UU",
"PolicyName": "AWSCloudHSMFullAccess",
"UpdateDate": "2015-02-06T18:39:51+00:00",
"VersionId": "v1"
},
"AWSCloudHSMReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCloudHSMReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:39:52+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloudhsm:Get*",
"cloudhsm:List*",
"cloudhsm:Describe*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAISVCBSY7YDBOT67KE",
"PolicyName": "AWSCloudHSMReadOnlyAccess",
"UpdateDate": "2015-02-06T18:39:52+00:00",
"VersionId": "v1"
},
"AWSCloudHSMRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSCloudHSMRole",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:23+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:CreateNetworkInterface",
"ec2:CreateTags",
"ec2:DeleteNetworkInterface",
"ec2:DescribeNetworkInterfaceAttribute",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:DetachNetworkInterface"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI7QIUU4GC66SF26WE",
"PolicyName": "AWSCloudHSMRole",
"UpdateDate": "2015-02-06T18:41:23+00:00",
"VersionId": "v1"
},
"AWSCloudMapDiscoverInstanceAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCloudMapDiscoverInstanceAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-29T00:02:42+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"servicediscovery:DiscoverInstances"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIPRD7PYYQVYPDME4K",
"PolicyName": "AWSCloudMapDiscoverInstanceAccess",
"UpdateDate": "2018-11-29T00:02:42+00:00",
"VersionId": "v1"
},
"AWSCloudMapFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCloudMapFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-28T23:57:31+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"route53:GetHostedZone",
"route53:ListHostedZonesByName",
"route53:CreateHostedZone",
"route53:DeleteHostedZone",
"route53:ChangeResourceRecordSets",
"route53:CreateHealthCheck",
"route53:GetHealthCheck",
"route53:DeleteHealthCheck",
"route53:UpdateHealthCheck",
"ec2:DescribeVpcs",
"ec2:DescribeRegions",
"servicediscovery:*"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIZPIMAQZJS3WUXUJM",
"PolicyName": "AWSCloudMapFullAccess",
"UpdateDate": "2018-11-28T23:57:31+00:00",
"VersionId": "v1"
},
"AWSCloudMapReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCloudMapReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-28T23:45:26+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"servicediscovery:Get*",
"servicediscovery:List*",
"servicediscovery:DiscoverInstances"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIOHISHKLCJTVQQL5E",
"PolicyName": "AWSCloudMapReadOnlyAccess",
"UpdateDate": "2018-11-28T23:45:26+00:00",
"VersionId": "v1"
},
"AWSCloudMapRegisterInstanceAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCloudMapRegisterInstanceAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-29T00:04:57+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"route53:GetHostedZone",
"route53:ListHostedZonesByName",
"route53:ChangeResourceRecordSets",
"route53:CreateHealthCheck",
"route53:GetHealthCheck",
"route53:DeleteHealthCheck",
"route53:UpdateHealthCheck",
"servicediscovery:Get*",
"servicediscovery:List*",
"servicediscovery:RegisterInstance",
"servicediscovery:DeregisterInstance",
"servicediscovery:DiscoverInstances"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI4P5Z5HXVWJ75WQBC",
"PolicyName": "AWSCloudMapRegisterInstanceAccess",
"UpdateDate": "2018-11-29T00:04:57+00:00",
"VersionId": "v1"
},
"AWSCloudTrailFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCloudTrailFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:39:58+00:00",
"DefaultVersionId": "v7",
"Document": {
"Statement": [
{
"Action": [
"sns:AddPermission",
"sns:CreateTopic",
"sns:DeleteTopic",
"sns:ListTopics",
"sns:SetTopicAttributes",
"sns:GetTopicAttributes"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:CreateBucket",
"s3:DeleteBucket",
"s3:ListAllMyBuckets",
"s3:PutBucketPolicy",
"s3:ListBucket",
"s3:GetObject",
"s3:GetBucketLocation",
"s3:GetBucketPolicy"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "cloudtrail:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"logs:CreateLogGroup"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:PassRole",
"iam:ListRoles",
"iam:GetRolePolicy",
"iam:GetUser"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"kms:ListKeys",
"kms:ListAliases"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"lambda:ListFunctions"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIQNUJTQYDRJPC3BNK",
"PolicyName": "AWSCloudTrailFullAccess",
"UpdateDate": "2019-05-21T23:39:06+00:00",
"VersionId": "v7"
},
"AWSCloudTrailReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCloudTrailReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:39:59+00:00",
"DefaultVersionId": "v7",
"Document": {
"Statement": [
{
"Action": [
"s3:GetObject",
"s3:GetBucketLocation"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloudtrail:GetTrailStatus",
"cloudtrail:DescribeTrails",
"cloudtrail:LookupEvents",
"cloudtrail:ListTags",
"cloudtrail:ListPublicKeys",
"cloudtrail:GetEventSelectors",
"s3:ListAllMyBuckets",
"kms:ListAliases",
"lambda:ListFunctions"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJDU7KJADWBSEQ3E7S",
"PolicyName": "AWSCloudTrailReadOnlyAccess",
"UpdateDate": "2017-12-11T19:51:37+00:00",
"VersionId": "v7"
},
"AWSCodeBuildAdminAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodeBuildAdminAccess",
"AttachmentCount": 0,
"CreateDate": "2016-12-01T19:04:44+00:00",
"DefaultVersionId": "v6",
"Document": {
"Statement": [
{
"Action": [
"codebuild:*",
"codecommit:GetBranch",
"codecommit:GetCommit",
"codecommit:GetRepository",
"codecommit:ListBranches",
"codecommit:ListRepositories",
"cloudwatch:GetMetricStatistics",
"ec2:DescribeVpcs",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ecr:DescribeRepositories",
"ecr:ListImages",
"events:DeleteRule",
"events:DescribeRule",
"events:DisableRule",
"events:EnableRule",
"events:ListTargetsByRule",
"events:ListRuleNamesByTarget",
"events:PutRule",
"events:PutTargets",
"events:RemoveTargets",
"logs:GetLogEvents",
"s3:GetBucketLocation",
"s3:ListAllMyBuckets"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"logs:DeleteLogGroup"
],
"Effect": "Allow",
"Resource": "arn:aws:logs:*:*:log-group:/aws/codebuild/*:log-stream:*"
},
{
"Action": [
"ssm:PutParameter"
],
"Effect": "Allow",
"Resource": "arn:aws:ssm:*:*:parameter/CodeBuild/*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJQJGIOIE3CD2TQXDS",
"PolicyName": "AWSCodeBuildAdminAccess",
"UpdateDate": "2018-11-15T21:21:56+00:00",
"VersionId": "v6"
},
"AWSCodeBuildDeveloperAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodeBuildDeveloperAccess",
"AttachmentCount": 0,
"CreateDate": "2016-12-01T19:02:32+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"codebuild:StartBuild",
"codebuild:StopBuild",
"codebuild:BatchGet*",
"codebuild:Get*",
"codebuild:List*",
"codecommit:GetBranch",
"codecommit:GetCommit",
"codecommit:GetRepository",
"codecommit:ListBranches",
"cloudwatch:GetMetricStatistics",
"events:DescribeRule",
"events:ListTargetsByRule",
"events:ListRuleNamesByTarget",
"logs:GetLogEvents",
"s3:GetBucketLocation",
"s3:ListAllMyBuckets"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ssm:PutParameter"
],
"Effect": "Allow",
"Resource": "arn:aws:ssm:*:*:parameter/CodeBuild/*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIMKTMR34XSBQW45HS",
"PolicyName": "AWSCodeBuildDeveloperAccess",
"UpdateDate": "2018-11-15T21:32:53+00:00",
"VersionId": "v4"
},
"AWSCodeBuildReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodeBuildReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2016-12-01T19:03:41+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"codebuild:BatchGet*",
"codebuild:Get*",
"codebuild:List*",
"codecommit:GetBranch",
"codecommit:GetCommit",
"codecommit:GetRepository",
"cloudwatch:GetMetricStatistics",
"events:DescribeRule",
"events:ListTargetsByRule",
"events:ListRuleNamesByTarget",
"logs:GetLogEvents"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJIZZWN6557F5HVP2K",
"PolicyName": "AWSCodeBuildReadOnlyAccess",
"UpdateDate": "2018-11-15T21:38:34+00:00",
"VersionId": "v3"
},
"AWSCodeCommitFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodeCommitFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-07-09T17:02:19+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"codecommit:*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"events:DeleteRule",
"events:DescribeRule",
"events:DisableRule",
"events:EnableRule",
"events:PutRule",
"events:PutTargets",
"events:RemoveTargets",
"events:ListTargetsByRule"
],
"Effect": "Allow",
"Resource": "arn:aws:events:*:*:rule/codecommit*",
"Sid": "CloudWatchEventsCodeCommitRulesAccess"
},
{
"Action": [
"sns:CreateTopic",
"sns:DeleteTopic",
"sns:Subscribe",
"sns:Unsubscribe",
"sns:SetTopicAttributes"
],
"Effect": "Allow",
"Resource": "arn:aws:sns:*:*:codecommit*",
"Sid": "SNSTopicAndSubscriptionAccess"
},
{
"Action": [
"sns:ListTopics",
"sns:ListSubscriptionsByTopic",
"sns:GetTopicAttributes"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "SNSTopicAndSubscriptionReadAccess"
},
{
"Action": [
"lambda:ListFunctions"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "LambdaReadOnlyListAccess"
},
{
"Action": [
"iam:ListUsers"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "IAMReadOnlyListAccess"
},
{
"Action": [
"iam:ListAccessKeys",
"iam:ListSSHPublicKeys",
"iam:ListServiceSpecificCredentials",
"iam:ListAccessKeys",
"iam:GetSSHPublicKey"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:user/${aws:username}",
"Sid": "IAMReadOnlyConsoleAccess"
},
{
"Action": [
"iam:DeleteSSHPublicKey",
"iam:GetSSHPublicKey",
"iam:ListSSHPublicKeys",
"iam:UpdateSSHPublicKey",
"iam:UploadSSHPublicKey"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:user/${aws:username}",
"Sid": "IAMUserSSHKeys"
},
{
"Action": [
"iam:CreateServiceSpecificCredential",
"iam:UpdateServiceSpecificCredential",
"iam:DeleteServiceSpecificCredential",
"iam:ResetServiceSpecificCredential"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:user/${aws:username}",
"Sid": "IAMSelfManageServiceSpecificCredentials"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI4VCZ3XPIZLQ5NZV2",
"PolicyName": "AWSCodeCommitFullAccess",
"UpdateDate": "2017-11-20T20:04:31+00:00",
"VersionId": "v2"
},
"AWSCodeCommitPowerUser": {
"Arn": "arn:aws:iam::aws:policy/AWSCodeCommitPowerUser",
"AttachmentCount": 0,
"CreateDate": "2015-07-09T17:06:49+00:00",
"DefaultVersionId": "v6",
"Document": {
"Statement": [
{
"Action": [
"codecommit:BatchGet*",
"codecommit:BatchDescribe*",
"codecommit:Get*",
"codecommit:List*",
"codecommit:Create*",
"codecommit:DeleteBranch",
"codecommit:DeleteFile",
"codecommit:Describe*",
"codecommit:Put*",
"codecommit:Post*",
"codecommit:Merge*",
"codecommit:TagResource",
"codecommit:Test*",
"codecommit:UntagResource",
"codecommit:Update*",
"codecommit:GitPull",
"codecommit:GitPush"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"events:DeleteRule",
"events:DescribeRule",
"events:DisableRule",
"events:EnableRule",
"events:PutRule",
"events:PutTargets",
"events:RemoveTargets",
"events:ListTargetsByRule"
],
"Effect": "Allow",
"Resource": "arn:aws:events:*:*:rule/codecommit*",
"Sid": "CloudWatchEventsCodeCommitRulesAccess"
},
{
"Action": [
"sns:Subscribe",
"sns:Unsubscribe"
],
"Effect": "Allow",
"Resource": "arn:aws:sns:*:*:codecommit*",
"Sid": "SNSTopicAndSubscriptionAccess"
},
{
"Action": [
"sns:ListTopics",
"sns:ListSubscriptionsByTopic",
"sns:GetTopicAttributes"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "SNSTopicAndSubscriptionReadAccess"
},
{
"Action": [
"lambda:ListFunctions"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "LambdaReadOnlyListAccess"
},
{
"Action": [
"iam:ListUsers"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "IAMReadOnlyListAccess"
},
{
"Action": [
"iam:ListAccessKeys",
"iam:ListSSHPublicKeys",
"iam:ListServiceSpecificCredentials",
"iam:ListAccessKeys",
"iam:GetSSHPublicKey"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:user/${aws:username}",
"Sid": "IAMReadOnlyConsoleAccess"
},
{
"Action": [
"iam:DeleteSSHPublicKey",
"iam:GetSSHPublicKey",
"iam:ListSSHPublicKeys",
"iam:UpdateSSHPublicKey",
"iam:UploadSSHPublicKey"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:user/${aws:username}",
"Sid": "IAMUserSSHKeys"
},
{
"Action": [
"iam:CreateServiceSpecificCredential",
"iam:UpdateServiceSpecificCredential",
"iam:DeleteServiceSpecificCredential",
"iam:ResetServiceSpecificCredential"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:user/${aws:username}",
"Sid": "IAMSelfManageServiceSpecificCredentials"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI4UIINUVGB5SEC57G",
"PolicyName": "AWSCodeCommitPowerUser",
"UpdateDate": "2019-05-30T19:37:08+00:00",
"VersionId": "v6"
},
"AWSCodeCommitReadOnly": {
"Arn": "arn:aws:iam::aws:policy/AWSCodeCommitReadOnly",
"AttachmentCount": 0,
"CreateDate": "2015-07-09T17:05:06+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"codecommit:BatchGet*",
"codecommit:BatchDescribe*",
"codecommit:Get*",
"codecommit:Describe*",
"codecommit:List*",
"codecommit:GitPull"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"events:DescribeRule",
"events:ListTargetsByRule"
],
"Effect": "Allow",
"Resource": "arn:aws:events:*:*:rule/codecommit*",
"Sid": "CloudWatchEventsCodeCommitRulesReadOnlyAccess"
},
{
"Action": [
"sns:ListTopics",
"sns:ListSubscriptionsByTopic",
"sns:GetTopicAttributes"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "SNSSubscriptionAccess"
},
{
"Action": [
"lambda:ListFunctions"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "LambdaReadOnlyListAccess"
},
{
"Action": [
"iam:ListUsers"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "IAMReadOnlyListAccess"
},
{
"Action": [
"iam:ListAccessKeys",
"iam:ListSSHPublicKeys",
"iam:ListServiceSpecificCredentials",
"iam:ListAccessKeys",
"iam:GetSSHPublicKey"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:user/${aws:username}",
"Sid": "IAMReadOnlyConsoleAccess"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJACNSXR7Z2VLJW3D6",
"PolicyName": "AWSCodeCommitReadOnly",
"UpdateDate": "2019-05-15T17:26:42+00:00",
"VersionId": "v3"
},
"AWSCodeDeployDeployerAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodeDeployDeployerAccess",
"AttachmentCount": 0,
"CreateDate": "2015-05-19T18:18:43+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"codedeploy:Batch*",
"codedeploy:CreateDeployment",
"codedeploy:Get*",
"codedeploy:List*",
"codedeploy:RegisterApplicationRevision"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJUWEPOMGLMVXJAPUI",
"PolicyName": "AWSCodeDeployDeployerAccess",
"UpdateDate": "2015-05-19T18:18:43+00:00",
"VersionId": "v1"
},
"AWSCodeDeployFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodeDeployFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-05-19T18:13:23+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "codedeploy:*",
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIONKN3TJZUKXCHXWC",
"PolicyName": "AWSCodeDeployFullAccess",
"UpdateDate": "2015-05-19T18:13:23+00:00",
"VersionId": "v1"
},
"AWSCodeDeployReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodeDeployReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-05-19T18:21:32+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"codedeploy:Batch*",
"codedeploy:Get*",
"codedeploy:List*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAILZHHKCKB4NE7XOIQ",
"PolicyName": "AWSCodeDeployReadOnlyAccess",
"UpdateDate": "2015-05-19T18:21:32+00:00",
"VersionId": "v1"
},
"AWSCodeDeployRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole",
"AttachmentCount": 0,
"CreateDate": "2015-05-04T18:05:37+00:00",
"DefaultVersionId": "v6",
"Document": {
"Statement": [
{
"Action": [
"autoscaling:CompleteLifecycleAction",
"autoscaling:DeleteLifecycleHook",
"autoscaling:DescribeAutoScalingGroups",
"autoscaling:DescribeLifecycleHooks",
"autoscaling:PutLifecycleHook",
"autoscaling:RecordLifecycleActionHeartbeat",
"autoscaling:CreateAutoScalingGroup",
"autoscaling:UpdateAutoScalingGroup",
"autoscaling:EnableMetricsCollection",
"autoscaling:DescribeAutoScalingGroups",
"autoscaling:DescribePolicies",
"autoscaling:DescribeScheduledActions",
"autoscaling:DescribeNotificationConfigurations",
"autoscaling:DescribeLifecycleHooks",
"autoscaling:SuspendProcesses",
"autoscaling:ResumeProcesses",
"autoscaling:AttachLoadBalancers",
"autoscaling:PutScalingPolicy",
"autoscaling:PutScheduledUpdateGroupAction",
"autoscaling:PutNotificationConfiguration",
"autoscaling:PutLifecycleHook",
"autoscaling:DescribeScalingActivities",
"autoscaling:DeleteAutoScalingGroup",
"ec2:DescribeInstances",
"ec2:DescribeInstanceStatus",
"ec2:TerminateInstances",
"tag:GetTags",
"tag:GetResources",
"sns:Publish",
"cloudwatch:DescribeAlarms",
"cloudwatch:PutMetricAlarm",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeInstanceHealth",
"elasticloadbalancing:RegisterInstancesWithLoadBalancer",
"elasticloadbalancing:DeregisterInstancesFromLoadBalancer",
"elasticloadbalancing:DescribeTargetGroups",
"elasticloadbalancing:DescribeTargetHealth",
"elasticloadbalancing:RegisterTargets",
"elasticloadbalancing:DeregisterTargets"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ2NKMKD73QS5NBFLA",
"PolicyName": "AWSCodeDeployRole",
"UpdateDate": "2017-09-11T19:09:51+00:00",
"VersionId": "v6"
},
"AWSCodeDeployRoleForECS": {
"Arn": "arn:aws:iam::aws:policy/AWSCodeDeployRoleForECS",
"AttachmentCount": 0,
"CreateDate": "2018-11-27T20:40:57+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ecs:DescribeServices",
"ecs:CreateTaskSet",
"ecs:UpdateServicePrimaryTaskSet",
"ecs:DeleteTaskSet",
"elasticloadbalancing:DescribeTargetGroups",
"elasticloadbalancing:DescribeListeners",
"elasticloadbalancing:ModifyListener",
"elasticloadbalancing:DescribeRules",
"elasticloadbalancing:ModifyRule",
"lambda:InvokeFunction",
"cloudwatch:DescribeAlarms",
"sns:Publish",
"s3:GetObject",
"s3:GetObjectMetadata",
"s3:GetObjectVersion"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringLike": {
"iam:PassedToService": [
"ecs-tasks.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIIL3KXEKRGEN2HFIO",
"PolicyName": "AWSCodeDeployRoleForECS",
"UpdateDate": "2018-12-19T17:57:04+00:00",
"VersionId": "v2"
},
"AWSCodeDeployRoleForECSLimited": {
"Arn": "arn:aws:iam::aws:policy/AWSCodeDeployRoleForECSLimited",
"AttachmentCount": 0,
"CreateDate": "2018-11-27T20:42:42+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ecs:DescribeServices",
"ecs:CreateTaskSet",
"ecs:UpdateServicePrimaryTaskSet",
"ecs:DeleteTaskSet",
"cloudwatch:DescribeAlarms"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"sns:Publish"
],
"Effect": "Allow",
"Resource": "arn:aws:sns:*:*:CodeDeployTopic_*"
},
{
"Action": [
"elasticloadbalancing:DescribeTargetGroups",
"elasticloadbalancing:DescribeListeners",
"elasticloadbalancing:ModifyListener",
"elasticloadbalancing:DescribeRules",
"elasticloadbalancing:ModifyRule"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"lambda:InvokeFunction"
],
"Effect": "Allow",
"Resource": "arn:aws:lambda:*:*:function:CodeDeployHook_*"
},
{
"Action": [
"s3:GetObject",
"s3:GetObjectMetadata",
"s3:GetObjectVersion"
],
"Condition": {
"StringEquals": {
"s3:ExistingObjectTag/UseWithCodeDeploy": "true"
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringLike": {
"iam:PassedToService": [
"ecs-tasks.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/ecsTaskExecutionRole",
"arn:aws:iam::*:role/ECSTaskExecution*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ6Z7L2IOXEFFOGD2M",
"PolicyName": "AWSCodeDeployRoleForECSLimited",
"UpdateDate": "2018-12-19T18:06:16+00:00",
"VersionId": "v2"
},
"AWSCodeDeployRoleForLambda": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSCodeDeployRoleForLambda",
"AttachmentCount": 0,
"CreateDate": "2017-11-28T14:05:44+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"cloudwatch:DescribeAlarms",
"lambda:UpdateAlias",
"lambda:GetAlias",
"sns:Publish"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:GetObject",
"s3:GetObjectVersion"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::*/CodeDeploy/*"
},
{
"Action": [
"s3:GetObject",
"s3:GetObjectVersion"
],
"Condition": {
"StringEquals": {
"s3:ExistingObjectTag/UseWithCodeDeploy": "true"
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"lambda:InvokeFunction"
],
"Effect": "Allow",
"Resource": "arn:aws:lambda:*:*:function:CodeDeployHook_*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJA3RQZIKNOSJ4ZQSA",
"PolicyName": "AWSCodeDeployRoleForLambda",
"UpdateDate": "2017-12-01T22:32:58+00:00",
"VersionId": "v2"
},
"AWSCodePipelineApproverAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodePipelineApproverAccess",
"AttachmentCount": 0,
"CreateDate": "2016-07-28T18:59:17+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"codepipeline:GetPipeline",
"codepipeline:GetPipelineState",
"codepipeline:GetPipelineExecution",
"codepipeline:ListPipelineExecutions",
"codepipeline:ListPipelines",
"codepipeline:PutApprovalResult"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAICXNWK42SQ6LMDXM2",
"PolicyName": "AWSCodePipelineApproverAccess",
"UpdateDate": "2017-08-02T17:24:58+00:00",
"VersionId": "v3"
},
"AWSCodePipelineCustomActionAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodePipelineCustomActionAccess",
"AttachmentCount": 0,
"CreateDate": "2015-07-09T17:02:54+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"codepipeline:AcknowledgeJob",
"codepipeline:GetJobDetails",
"codepipeline:PollForJobs",
"codepipeline:PutJobFailureResult",
"codepipeline:PutJobSuccessResult"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJFW5Z32BTVF76VCYC",
"PolicyName": "AWSCodePipelineCustomActionAccess",
"UpdateDate": "2015-07-09T17:02:54+00:00",
"VersionId": "v1"
},
"AWSCodePipelineFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodePipelineFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-07-09T16:58:07+00:00",
"DefaultVersionId": "v5",
"Document": {
"Statement": [
{
"Action": [
"codepipeline:*",
"iam:ListRoles",
"iam:PassRole",
"s3:CreateBucket",
"s3:GetBucketPolicy",
"s3:GetObject",
"s3:ListAllMyBuckets",
"s3:ListBucket",
"s3:PutBucketPolicy",
"codecommit:ListBranches",
"codecommit:ListRepositories",
"codedeploy:GetApplication",
"codedeploy:GetDeploymentGroup",
"codedeploy:ListApplications",
"codedeploy:ListDeploymentGroups",
"elasticbeanstalk:DescribeApplications",
"elasticbeanstalk:DescribeEnvironments",
"lambda:GetFunctionConfiguration",
"lambda:ListFunctions",
"opsworks:DescribeApps",
"opsworks:DescribeLayers",
"opsworks:DescribeStacks",
"cloudformation:DescribeStacks",
"cloudformation:ListChangeSets"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJP5LH77KSAT2KHQGG",
"PolicyName": "AWSCodePipelineFullAccess",
"UpdateDate": "2016-11-01T19:59:46+00:00",
"VersionId": "v5"
},
"AWSCodePipelineReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodePipelineReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-07-09T16:43:57+00:00",
"DefaultVersionId": "v6",
"Document": {
"Statement": [
{
"Action": [
"codepipeline:GetPipeline",
"codepipeline:GetPipelineState",
"codepipeline:GetPipelineExecution",
"codepipeline:ListPipelineExecutions",
"codepipeline:ListActionTypes",
"codepipeline:ListPipelines",
"iam:ListRoles",
"s3:GetBucketPolicy",
"s3:GetObject",
"s3:ListAllMyBuckets",
"s3:ListBucket",
"codecommit:ListBranches",
"codecommit:ListRepositories",
"codedeploy:GetApplication",
"codedeploy:GetDeploymentGroup",
"codedeploy:ListApplications",
"codedeploy:ListDeploymentGroups",
"elasticbeanstalk:DescribeApplications",
"elasticbeanstalk:DescribeEnvironments",
"lambda:GetFunctionConfiguration",
"lambda:ListFunctions",
"opsworks:DescribeApps",
"opsworks:DescribeLayers",
"opsworks:DescribeStacks"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAILFKZXIBOTNC5TO2Q",
"PolicyName": "AWSCodePipelineReadOnlyAccess",
"UpdateDate": "2017-08-02T17:25:18+00:00",
"VersionId": "v6"
},
"AWSCodeStarFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSCodeStarFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-04-19T16:23:19+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"codestar:*",
"ec2:DescribeKeyPairs",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets",
"cloud9:DescribeEnvironment*",
"cloud9:ValidateEnvironmentName"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "CodeStarEC2"
},
{
"Action": [
"cloudformation:DescribeStack*",
"cloudformation:GetTemplateSummary"
],
"Effect": "Allow",
"Resource": [
"arn:aws:cloudformation:*:*:stack/awscodestar-*"
],
"Sid": "CodeStarCF"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIXI233TFUGLZOJBEC",
"PolicyName": "AWSCodeStarFullAccess",
"UpdateDate": "2018-01-10T21:54:06+00:00",
"VersionId": "v2"
},
"AWSCodeStarServiceRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSCodeStarServiceRole",
"AttachmentCount": 0,
"CreateDate": "2017-04-19T15:20:50+00:00",
"DefaultVersionId": "v9",
"Document": {
"Statement": [
{
"Action": [
"events:PutTargets",
"events:RemoveTargets",
"events:PutRule",
"events:DeleteRule",
"events:DescribeRule"
],
"Effect": "Allow",
"Resource": [
"arn:aws:events:*:*:rule/awscodestar-*"
],
"Sid": "ProjectEventRules"
},
{
"Action": [
"cloudformation:*Stack*",
"cloudformation:CreateChangeSet",
"cloudformation:ExecuteChangeSet",
"cloudformation:DeleteChangeSet",
"cloudformation:GetTemplate"
],
"Effect": "Allow",
"Resource": [
"arn:aws:cloudformation:*:*:stack/awscodestar-*",
"arn:aws:cloudformation:*:*:stack/awseb-*",
"arn:aws:cloudformation:*:*:stack/aws-cloud9-*",
"arn:aws:cloudformation:*:aws:transform/CodeStar*"
],
"Sid": "ProjectStack"
},
{
"Action": [
"cloudformation:GetTemplateSummary",
"cloudformation:DescribeChangeSet"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "ProjectStackTemplate"
},
{
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::awscodestar-*/*"
],
"Sid": "ProjectQuickstarts"
},
{
"Action": [
"s3:*"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::aws-codestar-*",
"arn:aws:s3:::aws-codestar-*/*",
"arn:aws:s3:::elasticbeanstalk-*",
"arn:aws:s3:::elasticbeanstalk-*/*"
],
"Sid": "ProjectS3Buckets"
},
{
"Action": [
"codestar:*",
"codecommit:*",
"codepipeline:*",
"codedeploy:*",
"codebuild:*",
"ec2:RunInstances",
"autoscaling:*",
"cloudwatch:Put*",
"ec2:*",
"elasticbeanstalk:*",
"elasticloadbalancing:*",
"iam:ListRoles",
"logs:*",
"sns:*",
"cloud9:CreateEnvironmentEC2",
"cloud9:DeleteEnvironment",
"cloud9:DescribeEnvironment*",
"cloud9:ListEnvironments"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "ProjectServices"
},
{
"Action": [
"iam:AttachRolePolicy",
"iam:CreateRole",
"iam:DeleteRole",
"iam:DeleteRolePolicy",
"iam:DetachRolePolicy",
"iam:GetRole",
"iam:PassRole",
"iam:GetRolePolicy",
"iam:PutRolePolicy",
"iam:SetDefaultPolicyVersion",
"iam:CreatePolicy",
"iam:DeletePolicy",
"iam:AddRoleToInstanceProfile",
"iam:CreateInstanceProfile",
"iam:DeleteInstanceProfile",
"iam:RemoveRoleFromInstanceProfile"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/CodeStarWorker*",
"arn:aws:iam::*:policy/CodeStarWorker*",
"arn:aws:iam::*:instance-profile/awscodestar-*"
],
"Sid": "ProjectWorkerRoles"
},
{
"Action": [
"iam:AttachUserPolicy",
"iam:DetachUserPolicy"
],
"Condition": {
"ArnEquals": {
"iam:PolicyArn": [
"arn:aws:iam::*:policy/CodeStar_*"
]
}
},
"Effect": "Allow",
"Resource": "*",
"Sid": "ProjectTeamMembers"
},
{
"Action": [
"iam:CreatePolicy",
"iam:DeletePolicy",
"iam:CreatePolicyVersion",
"iam:DeletePolicyVersion",
"iam:ListEntitiesForPolicy",
"iam:ListPolicyVersions",
"iam:GetPolicy",
"iam:GetPolicyVersion"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:policy/CodeStar_*"
],
"Sid": "ProjectRoles"
},
{
"Action": [
"iam:ListAttachedRolePolicies"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/aws-codestar-service-role",
"arn:aws:iam::*:role/service-role/aws-codestar-service-role"
],
"Sid": "InspectServiceRole"
},
{
"Action": [
"iam:CreateServiceLinkedRole"
],
"Condition": {
"StringEquals": {
"iam:AWSServiceName": "cloud9.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*",
"Sid": "IAMLinkRole"
},
{
"Action": [
"config:DescribeConfigRules"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "DescribeConfigRuleForARN"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIN6D4M2KD3NBOC4M4",
"PolicyName": "AWSCodeStarServiceRole",
"UpdateDate": "2019-04-24T19:25:28+00:00",
"VersionId": "v9"
},
"AWSConfigRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSConfigRole",
"AttachmentCount": 0,
"CreateDate": "2015-04-02T17:36:23+00:00",
"DefaultVersionId": "v25",
"Document": {
"Statement": [
{
"Action": [
"cloudtrail:DescribeTrails",
"ec2:Describe*",
"config:Put*",
"config:Get*",
"config:List*",
"config:Describe*",
"config:BatchGet*",
"config:Select*",
"cloudtrail:GetEventSelectors",
"cloudtrail:GetTrailStatus",
"cloudtrail:ListTags",
"s3:GetObject",
"iam:GetAccountAuthorizationDetails",
"iam:GetAccountPasswordPolicy",
"iam:GetAccountSummary",
"iam:GetGroup",
"iam:GetGroupPolicy",
"iam:GetPolicy",
"iam:GetPolicyVersion",
"iam:GetRole",
"iam:GetRolePolicy",
"iam:GetUser",
"iam:GetUserPolicy",
"iam:GenerateCredentialReport",
"iam:GetCredentialReport",
"iam:ListAttachedGroupPolicies",
"iam:ListAttachedRolePolicies",
"iam:ListAttachedUserPolicies",
"iam:ListEntitiesForPolicy",
"iam:ListGroupPolicies",
"iam:ListGroupsForUser",
"iam:ListInstanceProfilesForRole",
"iam:ListPolicyVersions",
"iam:ListRolePolicies",
"iam:ListUserPolicies",
"iam:ListVirtualMFADevices",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeLoadBalancerAttributes",
"elasticloadbalancing:DescribeLoadBalancerPolicies",
"elasticloadbalancing:DescribeTags",
"acm:DescribeCertificate",
"acm:ListCertificates",
"acm:ListTagsForCertificate",
"rds:DescribeDBInstances",
"rds:DescribeDBSecurityGroups",
"rds:DescribeDBSnapshotAttributes",
"rds:DescribeDBSnapshots",
"rds:DescribeDBSubnetGroups",
"rds:DescribeEventSubscriptions",
"rds:ListTagsForResource",
"rds:DescribeDBClusters",
"s3:GetAccelerateConfiguration",
"s3:GetBucketAcl",
"s3:GetBucketCORS",
"s3:GetBucketLocation",
"s3:GetBucketLogging",
"s3:GetBucketNotification",
"s3:GetBucketPolicy",
"s3:GetBucketRequestPayment",
"s3:GetBucketTagging",
"s3:GetBucketVersioning",
"s3:GetBucketWebsite",
"s3:GetLifecycleConfiguration",
"s3:GetReplicationConfiguration",
"s3:ListAllMyBuckets",
"s3:ListBucket",
"s3:GetEncryptionConfiguration",
"s3:GetBucketPublicAccessBlock",
"s3:GetAccountPublicAccessBlock",
"redshift:DescribeClusterParameterGroups",
"redshift:DescribeClusterParameters",
"redshift:DescribeClusterSecurityGroups",
"redshift:DescribeClusterSnapshots",
"redshift:DescribeClusterSubnetGroups",
"redshift:DescribeClusters",
"redshift:DescribeEventSubscriptions",
"redshift:DescribeLoggingStatus",
"dynamodb:DescribeLimits",
"dynamodb:DescribeTable",
"dynamodb:ListTables",
"dynamodb:ListTagsOfResource",
"cloudwatch:DescribeAlarms",
"application-autoscaling:DescribeScalableTargets",
"application-autoscaling:DescribeScalingPolicies",
"autoscaling:DescribeAutoScalingGroups",
"autoscaling:DescribeLaunchConfigurations",
"autoscaling:DescribeLifecycleHooks",
"autoscaling:DescribePolicies",
"autoscaling:DescribeScheduledActions",
"autoscaling:DescribeTags",
"lambda:GetFunction",
"lambda:GetPolicy",
"lambda:ListFunctions",
"lambda:GetAlias",
"lambda:ListAliases",
"waf-regional:GetWebACLForResource",
"waf-regional:GetWebACL",
"cloudfront:ListTagsForResource",
"guardduty:ListDetectors",
"guardduty:GetMasterAccount",
"guardduty:GetDetector",
"codepipeline:ListPipelines",
"codepipeline:GetPipeline",
"codepipeline:GetPipelineState",
"kms:ListKeys",
"kms:GetKeyRotationStatus",
"kms:DescribeKey",
"ssm:DescribeDocument",
"ssm:GetDocument",
"ssm:DescribeAutomationExecutions",
"ssm:GetAutomationExecution",
"shield:DescribeProtection"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIQRXRDRGJUA33ELIO",
"PolicyName": "AWSConfigRole",
"UpdateDate": "2019-05-13T21:29:39+00:00",
"VersionId": "v25"
},
"AWSConfigRoleForOrganizations": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations",
"AttachmentCount": 0,
"CreateDate": "2018-03-19T22:53:01+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"organizations:ListAccounts",
"organizations:DescribeOrganization",
"organizations:ListAWSServiceAccessForOrganization"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIEHGYAUTHXSXZAW2E",
"PolicyName": "AWSConfigRoleForOrganizations",
"UpdateDate": "2018-03-19T22:53:01+00:00",
"VersionId": "v1"
},
"AWSConfigRulesExecutionRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSConfigRulesExecutionRole",
"AttachmentCount": 0,
"CreateDate": "2016-03-25T17:59:36+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::*/AWSLogs/*/Config/*"
},
{
"Action": [
"config:Put*",
"config:Get*",
"config:List*",
"config:Describe*",
"config:BatchGet*",
"config:Select*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJUB3KIKTA4PU4OYAA",
"PolicyName": "AWSConfigRulesExecutionRole",
"UpdateDate": "2019-05-13T21:33:30+00:00",
"VersionId": "v3"
},
"AWSConfigServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSConfigServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-05-30T23:31:46+00:00",
"DefaultVersionId": "v11",
"Document": {
"Statement": [
{
"Action": [
"cloudtrail:DescribeTrails",
"cloudtrail:GetEventSelectors",
"ec2:Describe*",
"config:Put*",
"config:Get*",
"config:List*",
"config:Describe*",
"config:BatchGet*",
"config:Select*",
"cloudtrail:GetTrailStatus",
"cloudtrail:ListTags",
"iam:GenerateCredentialReport",
"iam:GetCredentialReport",
"iam:GetAccountAuthorizationDetails",
"iam:GetAccountPasswordPolicy",
"iam:GetAccountSummary",
"iam:GetGroup",
"iam:GetGroupPolicy",
"iam:GetPolicy",
"iam:GetPolicyVersion",
"iam:GetRole",
"iam:GetRolePolicy",
"iam:GetUser",
"iam:GetUserPolicy",
"iam:ListAttachedGroupPolicies",
"iam:ListAttachedRolePolicies",
"iam:ListAttachedUserPolicies",
"iam:ListEntitiesForPolicy",
"iam:ListGroupPolicies",
"iam:ListGroupsForUser",
"iam:ListInstanceProfilesForRole",
"iam:ListPolicyVersions",
"iam:ListRolePolicies",
"iam:ListUserPolicies",
"iam:ListVirtualMFADevices",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeLoadBalancerAttributes",
"elasticloadbalancing:DescribeLoadBalancerPolicies",
"elasticloadbalancing:DescribeTags",
"acm:DescribeCertificate",
"acm:ListCertificates",
"acm:ListTagsForCertificate",
"rds:DescribeDBInstances",
"rds:DescribeDBSecurityGroups",
"rds:DescribeDBSnapshotAttributes",
"rds:DescribeDBSnapshots",
"rds:DescribeDBSubnetGroups",
"rds:DescribeEventSubscriptions",
"rds:ListTagsForResource",
"rds:DescribeDBClusters",
"s3:GetAccelerateConfiguration",
"s3:GetBucketAcl",
"s3:GetBucketCORS",
"s3:GetBucketLocation",
"s3:GetBucketLogging",
"s3:GetBucketNotification",
"s3:GetBucketPolicy",
"s3:GetBucketRequestPayment",
"s3:GetBucketTagging",
"s3:GetBucketVersioning",
"s3:GetBucketWebsite",
"s3:GetLifecycleConfiguration",
"s3:GetReplicationConfiguration",
"s3:ListAllMyBuckets",
"s3:ListBucket",
"s3:GetEncryptionConfiguration",
"s3:GetBucketPublicAccessBlock",
"s3:GetAccountPublicAccessBlock",
"redshift:DescribeClusterParameterGroups",
"redshift:DescribeClusterParameters",
"redshift:DescribeClusterSecurityGroups",
"redshift:DescribeClusterSnapshots",
"redshift:DescribeClusterSubnetGroups",
"redshift:DescribeClusters",
"redshift:DescribeEventSubscriptions",
"redshift:DescribeLoggingStatus",
"dynamodb:DescribeLimits",
"dynamodb:DescribeTable",
"dynamodb:ListTables",
"dynamodb:ListTagsOfResource",
"cloudwatch:DescribeAlarms",
"application-autoscaling:DescribeScalableTargets",
"application-autoscaling:DescribeScalingPolicies",
"autoscaling:DescribeAutoScalingGroups",
"autoscaling:DescribeLaunchConfigurations",
"autoscaling:DescribeLifecycleHooks",
"autoscaling:DescribePolicies",
"autoscaling:DescribeScheduledActions",
"autoscaling:DescribeTags",
"lambda:GetFunction",
"lambda:GetPolicy",
"lambda:ListFunctions",
"lambda:GetAlias",
"lambda:ListAliases",
"waf-regional:GetWebACLForResource",
"waf-regional:GetWebACL",
"cloudfront:ListTagsForResource",
"guardduty:ListDetectors",
"guardduty:GetMasterAccount",
"guardduty:GetDetector",
"codepipeline:ListPipelines",
"codepipeline:GetPipeline",
"codepipeline:GetPipelineState",
"kms:ListKeys",
"kms:GetKeyRotationStatus",
"kms:DescribeKey",
"ssm:DescribeDocument",
"ssm:GetDocument",
"ssm:DescribeAutomationExecutions",
"ssm:GetAutomationExecution",
"shield:DescribeProtection"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJUCWFHNZER665LLQQ",
"PolicyName": "AWSConfigServiceRolePolicy",
"UpdateDate": "2019-05-13T21:18:44+00:00",
"VersionId": "v11"
},
"AWSConfigUserAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSConfigUserAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-18T19:38:41+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"config:Get*",
"config:Describe*",
"config:Deliver*",
"config:List*",
"config:Select*",
"tag:GetResources",
"tag:GetTagKeys",
"cloudtrail:DescribeTrails",
"cloudtrail:GetTrailStatus",
"cloudtrail:LookupEvents"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIWTTSFJ7KKJE3MWGA",
"PolicyName": "AWSConfigUserAccess",
"UpdateDate": "2019-03-18T20:27:47+00:00",
"VersionId": "v4"
},
"AWSConnector": {
"Arn": "arn:aws:iam::aws:policy/AWSConnector",
"AttachmentCount": 0,
"CreateDate": "2015-02-11T17:14:31+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": "iam:GetUser",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:ListAllMyBuckets"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:CreateBucket",
"s3:DeleteBucket",
"s3:DeleteObject",
"s3:GetBucketLocation",
"s3:GetObject",
"s3:ListBucket",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:AbortMultipartUpload",
"s3:ListBucketMultipartUploads",
"s3:ListMultipartUploadParts"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::import-to-ec2-*"
},
{
"Action": [
"ec2:CancelConversionTask",
"ec2:CancelExportTask",
"ec2:CreateImage",
"ec2:CreateInstanceExportTask",
"ec2:CreateTags",
"ec2:CreateVolume",
"ec2:DeleteTags",
"ec2:DeleteVolume",
"ec2:DescribeConversionTasks",
"ec2:DescribeExportTasks",
"ec2:DescribeImages",
"ec2:DescribeInstanceAttribute",
"ec2:DescribeInstanceStatus",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"ec2:DescribeTags",
"ec2:DetachVolume",
"ec2:ImportInstance",
"ec2:ImportVolume",
"ec2:ModifyInstanceAttribute",
"ec2:RunInstances",
"ec2:StartInstances",
"ec2:StopInstances",
"ec2:TerminateInstances",
"ec2:ImportImage",
"ec2:DescribeImportImageTasks",
"ec2:DeregisterImage",
"ec2:DescribeSnapshots",
"ec2:DeleteSnapshot",
"ec2:CancelImportTask",
"ec2:ImportSnapshot",
"ec2:DescribeImportSnapshotTasks"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"SNS:Publish"
],
"Effect": "Allow",
"Resource": "arn:aws:sns:*:*:metrics-sns-topic-for-*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ6YATONJHICG3DJ3U",
"PolicyName": "AWSConnector",
"UpdateDate": "2015-09-28T19:50:38+00:00",
"VersionId": "v3"
},
"AWSControlTowerServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSControlTowerServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2019-05-03T18:19:11+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"cloudformation:CreateStack",
"cloudformation:CreateStackInstances",
"cloudformation:CreateStackSet",
"cloudformation:DeleteStack",
"cloudformation:DeleteStackInstances",
"cloudformation:DeleteStackSet",
"cloudformation:DescribeStackInstance",
"cloudformation:DescribeStacks",
"cloudformation:DescribeStackSet",
"cloudformation:DescribeStackSetOperation",
"cloudformation:GetTemplate",
"cloudformation:ListStackInstances",
"cloudformation:UpdateStack",
"cloudformation:UpdateStackInstances",
"cloudformation:UpdateStackSet"
],
"Effect": "Allow",
"Resource": [
"arn:aws:cloudformation:*:*:stack/AWSControlTower*/*",
"arn:aws:cloudformation:*:*:stack/StackSet-AWSControlTower*/*",
"arn:aws:cloudformation:*:*:stackset/AWSControlTower*:*"
]
},
{
"Action": [
"cloudtrail:CreateTrail",
"cloudtrail:DeleteTrail",
"cloudtrail:GetTrailStatus",
"cloudtrail:StartLogging",
"cloudtrail:StopLogging",
"cloudtrail:UpdateTrail",
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:PutRetentionPolicy"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:log-group:aws-controltower/CloudTrailLogs:*",
"arn:aws:cloudtrail:*:*:trail/aws-controltower*"
]
},
{
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::aws-controltower*/*"
]
},
{
"Action": [
"sts:AssumeRole"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/AWSControlTowerExecution"
]
},
{
"Action": [
"cloudtrail:DescribeTrails",
"ec2:DescribeAvailabilityZones",
"iam:ListRoles",
"logs:CreateLogGroup",
"logs:DescribeLogGroups",
"organizations:CreateAccount",
"organizations:DescribeAccount",
"organizations:DescribeCreateAccountStatus",
"organizations:DescribeOrganization",
"organizations:DescribeOrganizationalUnit",
"organizations:DescribePolicy",
"organizations:ListAccounts",
"organizations:ListAccountsForParent",
"organizations:ListAWSServiceAccessForOrganization",
"organizations:ListChildren",
"organizations:ListOrganizationalUnitsForParent",
"organizations:ListParents",
"organizations:ListPoliciesForTarget",
"organizations:ListRoots",
"organizations:MoveAccount",
"servicecatalog:AssociatePrincipalWithPortfolio"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:GetRole",
"iam:GetUser",
"iam:ListAttachedRolePolicies",
"iam:GetRolePolicy"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:PassRole"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/service-role/AWSControlTowerStackSetRole",
"arn:aws:iam::*:role/service-role/AWSControlTowerCloudTrailRole"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAZKAPJZG4MW35THVLF",
"PolicyName": "AWSControlTowerServiceRolePolicy",
"UpdateDate": "2019-05-23T19:14:24+00:00",
"VersionId": "v2"
},
"AWSDataLifecycleManagerServiceRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSDataLifecycleManagerServiceRole",
"AttachmentCount": 0,
"CreateDate": "2018-07-06T19:34:16+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ec2:CreateSnapshot",
"ec2:CreateSnapshots",
"ec2:DeleteSnapshot",
"ec2:DescribeInstances",
"ec2:DescribeVolumes",
"ec2:DescribeSnapshots"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:CreateTags"
],
"Effect": "Allow",
"Resource": "arn:aws:ec2:*::snapshot/*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIZRLOKFUFE7YXQOJS",
"PolicyName": "AWSDataLifecycleManagerServiceRole",
"UpdateDate": "2019-05-29T16:44:12+00:00",
"VersionId": "v2"
},
"AWSDataPipelineRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSDataPipelineRole",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:24+00:00",
"DefaultVersionId": "v6",
"Document": {
"Statement": [
{
"Action": [
"cloudwatch:*",
"datapipeline:DescribeObjects",
"datapipeline:EvaluateExpression",
"dynamodb:BatchGetItem",
"dynamodb:DescribeTable",
"dynamodb:GetItem",
"dynamodb:Query",
"dynamodb:Scan",
"dynamodb:UpdateTable",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CancelSpotInstanceRequests",
"ec2:CreateSecurityGroup",
"ec2:CreateTags",
"ec2:DeleteTags",
"ec2:Describe*",
"ec2:ModifyImageAttribute",
"ec2:ModifyInstanceAttribute",
"ec2:RequestSpotInstances",
"ec2:RunInstances",
"ec2:StartInstances",
"ec2:StopInstances",
"ec2:TerminateInstances",
"ec2:AuthorizeSecurityGroupEgress",
"ec2:DeleteSecurityGroup",
"ec2:RevokeSecurityGroupEgress",
"ec2:DescribeNetworkInterfaces",
"ec2:CreateNetworkInterface",
"ec2:DeleteNetworkInterface",
"ec2:DetachNetworkInterface",
"elasticmapreduce:*",
"iam:GetInstanceProfile",
"iam:GetRole",
"iam:GetRolePolicy",
"iam:ListAttachedRolePolicies",
"iam:ListRolePolicies",
"iam:ListInstanceProfiles",
"iam:PassRole",
"rds:DescribeDBInstances",
"rds:DescribeDBSecurityGroups",
"redshift:DescribeClusters",
"redshift:DescribeClusterSecurityGroups",
"s3:CreateBucket",
"s3:DeleteObject",
"s3:Get*",
"s3:List*",
"s3:Put*",
"sdb:BatchPutAttributes",
"sdb:Select*",
"sns:GetTopicAttributes",
"sns:ListTopics",
"sns:Publish",
"sns:Subscribe",
"sns:Unsubscribe",
"sqs:CreateQueue",
"sqs:Delete*",
"sqs:GetQueue*",
"sqs:PurgeQueue",
"sqs:ReceiveMessage"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": [
"elasticmapreduce.amazonaws.com",
"spot.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIKCP6XS3ESGF4GLO2",
"PolicyName": "AWSDataPipelineRole",
"UpdateDate": "2017-12-22T23:43:28+00:00",
"VersionId": "v6"
},
"AWSDataPipeline_FullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSDataPipeline_FullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-01-19T23:14:54+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"s3:List*",
"dynamodb:DescribeTable",
"rds:DescribeDBInstances",
"rds:DescribeDBSecurityGroups",
"redshift:DescribeClusters",
"redshift:DescribeClusterSecurityGroups",
"sns:ListTopics",
"sns:Subscribe",
"iam:ListRoles",
"iam:GetRolePolicy",
"iam:GetInstanceProfile",
"iam:ListInstanceProfiles",
"datapipeline:*"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": "iam:PassRole",
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/DataPipelineDefaultResourceRole",
"arn:aws:iam::*:role/DataPipelineDefaultRole"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIXOFIG7RSBMRPHXJ4",
"PolicyName": "AWSDataPipeline_FullAccess",
"UpdateDate": "2017-08-17T18:48:39+00:00",
"VersionId": "v2"
},
"AWSDataPipeline_PowerUser": {
"Arn": "arn:aws:iam::aws:policy/AWSDataPipeline_PowerUser",
"AttachmentCount": 0,
"CreateDate": "2017-01-19T23:16:46+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"s3:List*",
"dynamodb:DescribeTable",
"rds:DescribeDBInstances",
"rds:DescribeDBSecurityGroups",
"redshift:DescribeClusters",
"redshift:DescribeClusterSecurityGroups",
"sns:ListTopics",
"iam:ListRoles",
"iam:GetRolePolicy",
"iam:GetInstanceProfile",
"iam:ListInstanceProfiles",
"datapipeline:*"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": "iam:PassRole",
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/DataPipelineDefaultResourceRole",
"arn:aws:iam::*:role/DataPipelineDefaultRole"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIMXGLVY6DVR24VTYS",
"PolicyName": "AWSDataPipeline_PowerUser",
"UpdateDate": "2017-08-17T18:49:42+00:00",
"VersionId": "v2"
},
"AWSDataSyncFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSDataSyncFullAccess",
"AttachmentCount": 0,
"CreateDate": "2019-01-18T19:40:36+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"datasync:*",
"ec2:CreateNetworkInterface",
"ec2:CreateNetworkInterfacePermission",
"ec2:DeleteNetworkInterface",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:ModifyNetworkInterfaceAttribute",
"elasticfilesystem:DescribeFileSystems",
"elasticfilesystem:DescribeMountTargets",
"iam:GetRole",
"iam:ListRoles",
"logs:CreateLogGroup",
"logs:DescribeLogGroups",
"s3:ListAllMyBuckets",
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringEquals": {
"iam:PassedToService": [
"datasync.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJGOHCDUQULZJKDGT4",
"PolicyName": "AWSDataSyncFullAccess",
"UpdateDate": "2019-01-18T19:40:36+00:00",
"VersionId": "v1"
},
"AWSDataSyncReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSDataSyncReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2019-01-18T19:18:44+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"datasync:Describe*",
"datasync:List*",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"elasticfilesystem:DescribeFileSystems",
"elasticfilesystem:DescribeMountTargets",
"iam:GetRole",
"iam:ListRoles",
"logs:DescribeLogGroups",
"s3:ListAllMyBuckets",
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJRYVEZEDR7ZEAGYLY",
"PolicyName": "AWSDataSyncReadOnlyAccess",
"UpdateDate": "2019-01-18T19:18:44+00:00",
"VersionId": "v1"
},
"AWSDeepLensLambdaFunctionAccessPolicy": {
"Arn": "arn:aws:iam::aws:policy/AWSDeepLensLambdaFunctionAccessPolicy",
"AttachmentCount": 0,
"CreateDate": "2017-11-29T15:47:18+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"s3:ListBucket",
"s3:GetObject",
"s3:ListObjects"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::deeplens*/*",
"arn:aws:s3:::deeplens*"
],
"Sid": "DeepLensS3ObjectAccess"
},
{
"Action": [
"logs:CreateLogStream",
"logs:DescribeLogStreams",
"logs:PutLogEvents",
"logs:CreateLogGroup"
],
"Effect": "Allow",
"Resource": "arn:aws:logs:*:*:log-group:/aws/greengrass/*",
"Sid": "DeepLensGreenGrassCloudWatchAccess"
},
{
"Action": [
"deeplens:*"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "DeepLensAccess"
},
{
"Action": [
"kinesisvideo:DescribeStream",
"kinesisvideo:CreateStream",
"kinesisvideo:GetDataEndpoint",
"kinesisvideo:PutMedia"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "DeepLensKinesisVideoAccess"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIKIEE4PRM54V4G3ZG",
"PolicyName": "AWSDeepLensLambdaFunctionAccessPolicy",
"UpdateDate": "2018-05-29T22:08:02+00:00",
"VersionId": "v3"
},
"AWSDeepLensServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSDeepLensServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-11-29T15:46:36+00:00",
"DefaultVersionId": "v5",
"Document": {
"Statement": [
{
"Action": [
"iot:CreateThing",
"iot:DeleteThing",
"iot:DeleteThingShadow",
"iot:DescribeThing",
"iot:GetThingShadow",
"iot:UpdateThing",
"iot:UpdateThingShadow"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iot:*:*:thing/deeplens*"
],
"Sid": "DeepLensIoTThingAccess"
},
{
"Action": [
"iot:AttachThingPrincipal",
"iot:DetachThingPrincipal",
"iot:UpdateCertificate",
"iot:DeleteCertificate",
"iot:DetachPrincipalPolicy"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iot:*:*:thing/deeplens*",
"arn:aws:iot:*:*:cert/*"
],
"Sid": "DeepLensIoTCertificateAccess"
},
{
"Action": [
"iot:CreateKeysAndCertificate",
"iot:CreatePolicy",
"iot:CreatePolicyVersion"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "DeepLensIoTCreateCertificateAndPolicyAccess"
},
{
"Action": [
"iot:AttachPrincipalPolicy"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iot:*:*:policy/deeplens*",
"arn:aws:iot:*:*:cert/*"
],
"Sid": "DeepLensIoTAttachCertificatePolicyAccess"
},
{
"Action": [
"iot:GetThingShadow",
"iot:UpdateThingShadow"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iot:*:*:thing/deeplens*"
],
"Sid": "DeepLensIoTDataAccess"
},
{
"Action": [
"iot:DescribeEndpoint"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "DeepLensIoTEndpointAccess"
},
{
"Action": [
"deeplens:*"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "DeepLensAccess"
},
{
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::deeplens*"
],
"Sid": "DeepLensS3ObjectAccess"
},
{
"Action": [
"s3:DeleteBucket",
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::deeplens*"
],
"Sid": "DeepLensS3Buckets"
},
{
"Action": [
"s3:CreateBucket"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "DeepLensCreateS3Buckets"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringEquals": {
"iam:PassedToService": [
"greengrass.amazonaws.com",
"sagemaker.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "DeepLensIAMPassRoleAccess"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringEqualsIfExists": {
"iam:PassedToService": "lambda.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/AWSDeepLens*",
"arn:aws:iam::*:role/service-role/AWSDeepLens*"
],
"Sid": "DeepLensIAMLambdaPassRoleAccess"
},
{
"Action": [
"greengrass:AssociateRoleToGroup",
"greengrass:AssociateServiceRoleToAccount",
"greengrass:CreateResourceDefinition",
"greengrass:CreateResourceDefinitionVersion",
"greengrass:CreateCoreDefinition",
"greengrass:CreateCoreDefinitionVersion",
"greengrass:CreateDeployment",
"greengrass:CreateFunctionDefinition",
"greengrass:CreateFunctionDefinitionVersion",
"greengrass:CreateGroup",
"greengrass:CreateGroupCertificateAuthority",
"greengrass:CreateGroupVersion",
"greengrass:CreateLoggerDefinition",
"greengrass:CreateLoggerDefinitionVersion",
"greengrass:CreateSubscriptionDefinition",
"greengrass:CreateSubscriptionDefinitionVersion",
"greengrass:DeleteCoreDefinition",
"greengrass:DeleteFunctionDefinition",
"greengrass:DeleteGroup",
"greengrass:DeleteLoggerDefinition",
"greengrass:DeleteSubscriptionDefinition",
"greengrass:DisassociateRoleFromGroup",
"greengrass:DisassociateServiceRoleFromAccount",
"greengrass:GetAssociatedRole",
"greengrass:GetConnectivityInfo",
"greengrass:GetCoreDefinition",
"greengrass:GetCoreDefinitionVersion",
"greengrass:GetDeploymentStatus",
"greengrass:GetDeviceDefinition",
"greengrass:GetDeviceDefinitionVersion",
"greengrass:GetFunctionDefinition",
"greengrass:GetFunctionDefinitionVersion",
"greengrass:GetGroup",
"greengrass:GetGroupCertificateAuthority",
"greengrass:GetGroupCertificateConfiguration",
"greengrass:GetGroupVersion",
"greengrass:GetLoggerDefinition",
"greengrass:GetLoggerDefinitionVersion",
"greengrass:GetResourceDefinition",
"greengrass:GetServiceRoleForAccount",
"greengrass:GetSubscriptionDefinition",
"greengrass:GetSubscriptionDefinitionVersion",
"greengrass:ListCoreDefinitionVersions",
"greengrass:ListCoreDefinitions",
"greengrass:ListDeployments",
"greengrass:ListDeviceDefinitionVersions",
"greengrass:ListDeviceDefinitions",
"greengrass:ListFunctionDefinitionVersions",
"greengrass:ListFunctionDefinitions",
"greengrass:ListGroupCertificateAuthorities",
"greengrass:ListGroupVersions",
"greengrass:ListGroups",
"greengrass:ListLoggerDefinitionVersions",
"greengrass:ListLoggerDefinitions",
"greengrass:ListSubscriptionDefinitionVersions",
"greengrass:ListSubscriptionDefinitions",
"greengrass:ResetDeployments",
"greengrass:UpdateConnectivityInfo",
"greengrass:UpdateCoreDefinition",
"greengrass:UpdateDeviceDefinition",
"greengrass:UpdateFunctionDefinition",
"greengrass:UpdateGroup",
"greengrass:UpdateGroupCertificateConfiguration",
"greengrass:UpdateLoggerDefinition",
"greengrass:UpdateSubscriptionDefinition",
"greengrass:UpdateResourceDefinition"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "DeepLensGreenGrassAccess"
},
{
"Action": [
"lambda:CreateFunction",
"lambda:DeleteFunction",
"lambda:GetFunction",
"lambda:GetFunctionConfiguration",
"lambda:ListFunctions",
"lambda:ListVersionsByFunction",
"lambda:PublishVersion",
"lambda:UpdateFunctionCode",
"lambda:UpdateFunctionConfiguration"
],
"Effect": "Allow",
"Resource": [
"arn:aws:lambda:*:*:function:deeplens*"
],
"Sid": "DeepLensLambdaAdminFunctionAccess"
},
{
"Action": [
"lambda:GetFunction",
"lambda:GetFunctionConfiguration",
"lambda:ListFunctions",
"lambda:ListVersionsByFunction"
],
"Effect": "Allow",
"Resource": [
"arn:aws:lambda:*:*:function:*"
],
"Sid": "DeepLensLambdaUsersFunctionAccess"
},
{
"Action": [
"sagemaker:CreateTrainingJob",
"sagemaker:DescribeTrainingJob",
"sagemaker:StopTrainingJob"
],
"Effect": "Allow",
"Resource": [
"arn:aws:sagemaker:*:*:training-job/deeplens*"
],
"Sid": "DeepLensSageMakerWriteAccess"
},
{
"Action": [
"sagemaker:DescribeTrainingJob"
],
"Effect": "Allow",
"Resource": [
"arn:aws:sagemaker:*:*:training-job/*"
],
"Sid": "DeepLensSageMakerReadAccess"
},
{
"Action": [
"acuity:CreateStream",
"acuity:DescribeStream",
"acuity:DeleteStream"
],
"Effect": "Allow",
"Resource": [
"arn:aws:acuity:*:*:stream/deeplens*/*"
],
"Sid": "DeepLensAcuityStreamAccess"
},
{
"Action": [
"acuity:GetDataEndpoint"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "DeepLensAcuityEndpointAccess"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJK2Z2S7FPJFCYGR72",
"PolicyName": "AWSDeepLensServiceRolePolicy",
"UpdateDate": "2018-06-07T21:25:01+00:00",
"VersionId": "v5"
},
"AWSDeepRacerCloudFormationAccessPolicy": {
"Arn": "arn:aws:iam::aws:policy/AWSDeepRacerCloudFormationAccessPolicy",
"AttachmentCount": 0,
"CreateDate": "2019-02-28T21:59:49+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloudformation:*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:AllocateAddress",
"ec2:AttachInternetGateway",
"ec2:AssociateRouteTable",
"ec2:AuthorizeSecurityGroupEgress",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateInternetGateway",
"ec2:CreateNatGateway",
"ec2:CreateNetworkAcl",
"ec2:CreateNetworkAclEntry",
"ec2:CreateRoute",
"ec2:CreateRouteTable",
"ec2:CreateSecurityGroup",
"ec2:CreateSubnet",
"ec2:CreateTags",
"ec2:CreateVpc",
"ec2:DeleteInternetGateway",
"ec2:DeleteNatGateway",
"ec2:DeleteNetworkAcl",
"ec2:DeleteNetworkAclEntry",
"ec2:DeleteRoute",
"ec2:DeleteRouteTable",
"ec2:DeleteSecurityGroup",
"ec2:DeleteSubnet",
"ec2:DeleteTags",
"ec2:DeleteVpc",
"ec2:DescribeAddresses",
"ec2:DescribeInternetGateways",
"ec2:DescribeNatGateways",
"ec2:DescribeNetworkAcls",
"ec2:DescribeRouteTables",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeTags",
"ec2:DescribeVpcs",
"ec2:DetachInternetGateway",
"ec2:DisassociateRouteTable",
"ec2:ModifyVpcAttribute",
"ec2:ReleaseAddress",
"ec2:ReplaceNetworkAclAssociation",
"ec2:RevokeSecurityGroupEgress",
"ec2:RevokeSecurityGroupIngress"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJYG7FM75UF5CW5ICS",
"PolicyName": "AWSDeepRacerCloudFormationAccessPolicy",
"UpdateDate": "2019-02-28T21:59:49+00:00",
"VersionId": "v1"
},
"AWSDeepRacerRoboMakerAccessPolicy": {
"Arn": "arn:aws:iam::aws:policy/AWSDeepRacerRoboMakerAccessPolicy",
"AttachmentCount": 0,
"CreateDate": "2019-02-28T21:59:58+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"robomaker:*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloudwatch:PutMetricData",
"ec2:CreateNetworkInterfacePermission",
"ec2:DeleteNetworkInterface",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeSubnets",
"ec2:DescribeSecurityGroups",
"ec2:DescribeVpcs"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:DescribeLogStreams",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:log-group:/aws/robomaker/SimulationJobs",
"arn:aws:logs:*:*:log-group:/aws/robomaker/SimulationJobs:log-stream:*"
]
},
{
"Action": [
"s3:GetObject",
"s3:GetBucketLocation",
"s3:ListBucket",
"s3:ListAllMyBuckets",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::*DeepRacer*",
"arn:aws:s3:::*Deepracer*",
"arn:aws:s3:::*deepracer*",
"arn:aws:s3:::dr-*"
]
},
{
"Action": [
"s3:GetObject"
],
"Condition": {
"StringEqualsIgnoreCase": {
"s3:ExistingObjectTag/DeepRacer": "true"
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"kinesisvideo:CreateStream",
"kinesisvideo:DescribeStream",
"kinesisvideo:GetDataEndpoint",
"kinesisvideo:PutMedia",
"kinesisvideo:TagStream"
],
"Effect": "Allow",
"Resource": [
"arn:aws:kinesisvideo:*:*:stream/dr-*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIUKGYRTDCUFOMRGAM",
"PolicyName": "AWSDeepRacerRoboMakerAccessPolicy",
"UpdateDate": "2019-02-28T21:59:58+00:00",
"VersionId": "v1"
},
"AWSDeepRacerServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSDeepRacerServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2019-02-28T21:58:09+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"deepracer:*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"robomaker:*",
"sagemaker:*",
"sts:*",
"s3:ListAllMyBuckets"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloudformation:ListStackResources",
"cloudformation:DescribeStacks",
"cloudformation:CreateStack",
"cloudformation:DeleteStack",
"cloudformation:DescribeStackResource",
"cloudformation:DescribeStackResources",
"cloudformation:DescribeStackEvents",
"cloudformation:DetectStackDrift",
"cloudformation:DescribeStackDriftDetectionStatus",
"cloudformation:DescribeStackResourceDrifts"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringEquals": {
"iam:AWSServiceName": "robomaker.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:PassRole"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/AWSDeepRacer*",
"arn:aws:iam::*:role/service-role/AWSDeepRacer*"
]
},
{
"Action": [
"cloudwatch:GetMetricData",
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:DescribeLogStreams",
"logs:GetLogEvents",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"lambda:CreateFunction",
"lambda:DeleteFunction",
"lambda:GetFunction",
"lambda:InvokeFunction",
"lambda:UpdateFunctionCode"
],
"Effect": "Allow",
"Resource": [
"arn:aws:lambda:*:*:function:*DeepRacer*",
"arn:aws:lambda:*:*:function:*Deepracer*",
"arn:aws:lambda:*:*:function:*deepracer*",
"arn:aws:lambda:*:*:function:*dr-*"
]
},
{
"Action": [
"s3:GetObject",
"s3:GetBucketLocation",
"s3:DeleteObject",
"s3:ListBucket",
"s3:PutObject",
"s3:PutBucketPolicy",
"s3:GetBucketAcl"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::*DeepRacer*",
"arn:aws:s3:::*Deepracer*",
"arn:aws:s3:::*deepracer*",
"arn:aws:s3:::dr-*"
]
},
{
"Action": [
"s3:GetObject"
],
"Condition": {
"StringEqualsIgnoreCase": {
"s3:ExistingObjectTag/DeepRacer": "true"
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"kinesisvideo:CreateStream",
"kinesisvideo:DeleteStream",
"kinesisvideo:DescribeStream",
"kinesisvideo:GetDataEndpoint",
"kinesisvideo:GetHLSStreamingSessionURL",
"kinesisvideo:GetMedia",
"kinesisvideo:PutMedia",
"kinesisvideo:TagStream"
],
"Effect": "Allow",
"Resource": [
"arn:aws:kinesisvideo:*:*:stream/dr-*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJTUAQLIAVBJ7LZ32S",
"PolicyName": "AWSDeepRacerServiceRolePolicy",
"UpdateDate": "2019-04-06T04:08:05+00:00",
"VersionId": "v2"
},
"AWSDenyAll": {
"Arn": "arn:aws:iam::aws:policy/AWSDenyAll",
"AttachmentCount": 0,
"CreateDate": "2019-05-01T22:36:14+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"*"
],
"Effect": "Deny",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAZKAPJZG4P43IUQ5E5",
"PolicyName": "AWSDenyAll",
"UpdateDate": "2019-05-01T22:36:14+00:00",
"VersionId": "v1"
},
"AWSDeviceFarmFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSDeviceFarmFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-07-13T16:37:38+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"devicefarm:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJO7KEDP4VYJPNT5UW",
"PolicyName": "AWSDeviceFarmFullAccess",
"UpdateDate": "2015-07-13T16:37:38+00:00",
"VersionId": "v1"
},
"AWSDirectConnectFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSDirectConnectFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:07+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"directconnect:*",
"ec2:DescribeVpnGateways",
"ec2:DescribeTransitGateways"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJQF2QKZSK74KTIHOW",
"PolicyName": "AWSDirectConnectFullAccess",
"UpdateDate": "2019-04-30T15:29:29+00:00",
"VersionId": "v3"
},
"AWSDirectConnectReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSDirectConnectReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:08+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"directconnect:Describe*",
"ec2:DescribeVpnGateways",
"ec2:DescribeTransitGateways"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI23HZ27SI6FQMGNQ2",
"PolicyName": "AWSDirectConnectReadOnlyAccess",
"UpdateDate": "2019-04-30T15:23:18+00:00",
"VersionId": "v3"
},
"AWSDirectoryServiceFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSDirectoryServiceFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:11+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"ds:*",
"ec2:AuthorizeSecurityGroupEgress",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateNetworkInterface",
"ec2:CreateSecurityGroup",
"ec2:DeleteNetworkInterface",
"ec2:DeleteSecurityGroup",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:RevokeSecurityGroupEgress",
"ec2:RevokeSecurityGroupIngress",
"ec2:DescribeSecurityGroups",
"sns:GetTopicAttributes",
"sns:ListSubscriptions",
"sns:ListSubscriptionsByTopic",
"sns:ListTopics",
"iam:ListRoles",
"organizations:ListAccountsForParent",
"organizations:ListRoots",
"organizations:ListAccounts",
"organizations:DescribeOrganization",
"organizations:DescribeAccount",
"organizations:ListOrganizationalUnitsForParent",
"organizations:ListAWSServiceAccessForOrganization"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"sns:CreateTopic",
"sns:DeleteTopic",
"sns:SetTopicAttributes",
"sns:Subscribe",
"sns:Unsubscribe"
],
"Effect": "Allow",
"Resource": "arn:aws:sns:*:*:DirectoryMonitoring*"
},
{
"Action": [
"organizations:EnableAWSServiceAccess",
"organizations:DisableAWSServiceAccess"
],
"Condition": {
"ForAllValues:StringLike": {
"organizations:ServicePrincipal": [
"ds.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:CreateTags",
"ec2:DeleteTags"
],
"Effect": "Allow",
"Resource": [
"arn:aws:ec2:*:*:network-interface/*",
"arn:aws:ec2:*:*:security-group/*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAINAW5ANUWTH3R4ANI",
"PolicyName": "AWSDirectoryServiceFullAccess",
"UpdateDate": "2019-02-05T20:29:43+00:00",
"VersionId": "v4"
},
"AWSDirectoryServiceReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSDirectoryServiceReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:12+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"ds:Check*",
"ds:Describe*",
"ds:Get*",
"ds:List*",
"ds:Verify*",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"sns:ListTopics",
"sns:GetTopicAttributes",
"sns:ListSubscriptions",
"sns:ListSubscriptionsByTopic",
"organizations:DescribeAccount",
"organizations:DescribeOrganization",
"organizations:ListAWSServiceAccessForOrganization"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIHWYO6WSDNCG64M2W",
"PolicyName": "AWSDirectoryServiceReadOnlyAccess",
"UpdateDate": "2018-09-25T21:54:01+00:00",
"VersionId": "v4"
},
"AWSDiscoveryContinuousExportFirehosePolicy": {
"Arn": "arn:aws:iam::aws:policy/AWSDiscoveryContinuousExportFirehosePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-08-09T18:29:39+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"glue:GetTableVersions"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:AbortMultipartUpload",
"s3:GetBucketLocation",
"s3:GetObject",
"s3:ListBucket",
"s3:ListBucketMultipartUploads",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::aws-application-discovery-service-*",
"arn:aws:s3:::aws-application-discovery-service-*/*"
]
},
{
"Action": [
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:log-group:/aws/application-discovery-service/firehose:log-stream:*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIX6FHUTEUNXYDFZ7C",
"PolicyName": "AWSDiscoveryContinuousExportFirehosePolicy",
"UpdateDate": "2018-08-09T18:29:39+00:00",
"VersionId": "v1"
},
"AWSEC2FleetServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSEC2FleetServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-03-21T00:08:55+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ec2:DescribeImages",
"ec2:DescribeSubnets",
"ec2:RequestSpotInstances",
"ec2:DescribeInstanceStatus",
"ec2:RunInstances"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"iam:CreateServiceLinkedRole"
],
"Condition": {
"StringEquals": {
"iam:AWSServiceName": "spot.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*",
"Sid": "EC2SpotManagement"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringEquals": {
"iam:PassedToService": [
"ec2.amazonaws.com",
"ec2.amazonaws.com.cn"
]
}
},
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"ec2:CreateTags"
],
"Effect": "Allow",
"Resource": [
"arn:aws:ec2:*:*:instance/*",
"arn:aws:ec2:*:*:spot-instances-request/*"
]
},
{
"Action": [
"ec2:TerminateInstances"
],
"Condition": {
"StringLike": {
"ec2:ResourceTag/aws:ec2:fleet-id": "*"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJCL355O4TC27CPKVC",
"PolicyName": "AWSEC2FleetServiceRolePolicy",
"UpdateDate": "2018-04-19T21:37:07+00:00",
"VersionId": "v2"
},
"AWSEC2SpotFleetServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSEC2SpotFleetServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-10-23T19:13:06+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"ec2:DescribeImages",
"ec2:DescribeSubnets",
"ec2:RequestSpotInstances",
"ec2:DescribeInstanceStatus",
"ec2:RunInstances"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringEquals": {
"iam:PassedToService": [
"ec2.amazonaws.com",
"ec2.amazonaws.com.cn"
]
}
},
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"ec2:CreateTags"
],
"Effect": "Allow",
"Resource": [
"arn:aws:ec2:*:*:instance/*",
"arn:aws:ec2:*:*:spot-instances-request/*"
]
},
{
"Action": [
"ec2:TerminateInstances"
],
"Condition": {
"StringLike": {
"ec2:ResourceTag/aws:ec2spot:fleet-request-id": "*"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAILWCVTZD57EMYWMBO",
"PolicyName": "AWSEC2SpotFleetServiceRolePolicy",
"UpdateDate": "2018-03-28T19:04:33+00:00",
"VersionId": "v3"
},
"AWSEC2SpotServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSEC2SpotServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-09-18T18:51:54+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"ec2:DescribeInstances",
"ec2:StartInstances",
"ec2:StopInstances",
"ec2:RunInstances"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"ec2:RunInstances"
],
"Condition": {
"StringNotEquals": {
"ec2:InstanceMarketType": "spot"
}
},
"Effect": "Deny",
"Resource": [
"arn:aws:ec2:*:*:instance/*"
]
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringEquals": {
"iam:PassedToService": [
"ec2.amazonaws.com",
"ec2.amazonaws.com.cn"
]
}
},
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"ec2:CreateTags"
],
"Condition": {
"StringEquals": {
"ec2:CreateAction": "RunInstances"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIZJJBQNXQYVKTEXGM",
"PolicyName": "AWSEC2SpotServiceRolePolicy",
"UpdateDate": "2018-12-12T00:13:51+00:00",
"VersionId": "v4"
},
"AWSElasticBeanstalkCustomPlatformforEC2Role": {
"Arn": "arn:aws:iam::aws:policy/AWSElasticBeanstalkCustomPlatformforEC2Role",
"AttachmentCount": 0,
"CreateDate": "2017-02-21T22:50:30+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:AttachVolume",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CopyImage",
"ec2:CreateImage",
"ec2:CreateKeypair",
"ec2:CreateSecurityGroup",
"ec2:CreateSnapshot",
"ec2:CreateTags",
"ec2:CreateVolume",
"ec2:DeleteKeypair",
"ec2:DeleteSecurityGroup",
"ec2:DeleteSnapshot",
"ec2:DeleteVolume",
"ec2:DeregisterImage",
"ec2:DescribeImageAttribute",
"ec2:DescribeImages",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSnapshots",
"ec2:DescribeSubnets",
"ec2:DescribeTags",
"ec2:DescribeVolumes",
"ec2:DetachVolume",
"ec2:GetPasswordData",
"ec2:ModifyImageAttribute",
"ec2:ModifyInstanceAttribute",
"ec2:ModifySnapshotAttribute",
"ec2:RegisterImage",
"ec2:RunInstances",
"ec2:StopInstances",
"ec2:TerminateInstances"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "EC2Access"
},
{
"Action": [
"s3:Get*",
"s3:List*",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::elasticbeanstalk-*",
"arn:aws:s3:::elasticbeanstalk-*/*"
],
"Sid": "BucketAccess"
},
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogStreams"
],
"Effect": "Allow",
"Resource": "arn:aws:logs:*:*:log-group:/aws/elasticbeanstalk/platform/*",
"Sid": "CloudWatchLogsAccess"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJRVFXSS6LEIQGBKDY",
"PolicyName": "AWSElasticBeanstalkCustomPlatformforEC2Role",
"UpdateDate": "2017-02-21T22:50:30+00:00",
"VersionId": "v1"
},
"AWSElasticBeanstalkEnhancedHealth": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkEnhancedHealth",
"AttachmentCount": 0,
"CreateDate": "2016-02-08T23:17:27+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"elasticloadbalancing:DescribeInstanceHealth",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeTargetHealth",
"ec2:DescribeInstances",
"ec2:DescribeInstanceStatus",
"ec2:GetConsoleOutput",
"ec2:AssociateAddress",
"ec2:DescribeAddresses",
"ec2:DescribeSecurityGroups",
"sqs:GetQueueAttributes",
"sqs:GetQueueUrl",
"autoscaling:DescribeAutoScalingGroups",
"autoscaling:DescribeAutoScalingInstances",
"autoscaling:DescribeScalingActivities",
"autoscaling:DescribeNotificationConfigurations",
"sns:Publish"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"logs:DescribeLogStreams",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": "arn:aws:logs:*:*:log-group:/aws/elasticbeanstalk/*:log-stream:*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIH5EFJNMOGUUTKLFE",
"PolicyName": "AWSElasticBeanstalkEnhancedHealth",
"UpdateDate": "2018-04-09T22:12:53+00:00",
"VersionId": "v4"
},
"AWSElasticBeanstalkFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSElasticBeanstalkFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:18+00:00",
"DefaultVersionId": "v7",
"Document": {
"Statement": [
{
"Action": [
"elasticbeanstalk:*",
"ec2:*",
"ecs:*",
"ecr:*",
"elasticloadbalancing:*",
"autoscaling:*",
"cloudwatch:*",
"s3:*",
"sns:*",
"cloudformation:*",
"dynamodb:*",
"rds:*",
"sqs:*",
"logs:*",
"iam:GetPolicyVersion",
"iam:GetRole",
"iam:PassRole",
"iam:ListRolePolicies",
"iam:ListAttachedRolePolicies",
"iam:ListInstanceProfiles",
"iam:ListRoles",
"iam:ListServerCertificates",
"acm:DescribeCertificate",
"acm:ListCertificates",
"codebuild:CreateProject",
"codebuild:DeleteProject",
"codebuild:BatchGetBuilds",
"codebuild:StartBuild"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:AddRoleToInstanceProfile",
"iam:CreateInstanceProfile",
"iam:CreateRole"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/aws-elasticbeanstalk*",
"arn:aws:iam::*:instance-profile/aws-elasticbeanstalk*"
]
},
{
"Action": [
"iam:CreateServiceLinkedRole"
],
"Condition": {
"StringLike": {
"iam:AWSServiceName": "autoscaling.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/aws-service-role/autoscaling.amazonaws.com/AWSServiceRoleForAutoScaling*"
]
},
{
"Action": [
"iam:CreateServiceLinkedRole"
],
"Condition": {
"StringLike": {
"iam:AWSServiceName": "elasticbeanstalk.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/aws-service-role/elasticbeanstalk.amazonaws.com/AWSServiceRoleForElasticBeanstalk*"
]
},
{
"Action": [
"iam:AttachRolePolicy"
],
"Condition": {
"StringLike": {
"iam:PolicyArn": [
"arn:aws:iam::aws:policy/AWSElasticBeanstalk*",
"arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalk*"
]
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIZYX2YLLBW2LJVUFW",
"PolicyName": "AWSElasticBeanstalkFullAccess",
"UpdateDate": "2018-02-23T19:36:01+00:00",
"VersionId": "v7"
},
"AWSElasticBeanstalkMaintenance": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSElasticBeanstalkMaintenance",
"AttachmentCount": 0,
"CreateDate": "2019-01-11T23:22:52+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": {
"Action": [
"cloudformation:CreateChangeSet",
"cloudformation:DescribeChangeSet",
"cloudformation:ExecuteChangeSet",
"cloudformation:DeleteChangeSet",
"cloudformation:ListChangeSets",
"cloudformation:DescribeStacks"
],
"Effect": "Allow",
"Resource": [
"arn:aws:cloudformation:*:*:stack/awseb-*",
"arn:aws:cloudformation:*:*:stack/eb-*"
],
"Sid": "AllowCloudformationChangeSetOperationsOnElasticBeanstalkStacks"
},
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJQPH22XGBH2VV2LSW",
"PolicyName": "AWSElasticBeanstalkMaintenance",
"UpdateDate": "2019-01-11T23:22:52+00:00",
"VersionId": "v1"
},
"AWSElasticBeanstalkMulticontainerDocker": {
"Arn": "arn:aws:iam::aws:policy/AWSElasticBeanstalkMulticontainerDocker",
"AttachmentCount": 0,
"CreateDate": "2016-02-08T23:15:29+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ecs:Poll",
"ecs:StartTask",
"ecs:StopTask",
"ecs:DiscoverPollEndpoint",
"ecs:StartTelemetrySession",
"ecs:RegisterContainerInstance",
"ecs:DeregisterContainerInstance",
"ecs:DescribeContainerInstances",
"ecs:Submit*",
"ecs:DescribeTasks"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "ECSAccess"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ45SBYG72SD6SHJEY",
"PolicyName": "AWSElasticBeanstalkMulticontainerDocker",
"UpdateDate": "2016-06-06T23:45:37+00:00",
"VersionId": "v2"
},
"AWSElasticBeanstalkReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSElasticBeanstalkReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:19+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"elasticbeanstalk:Check*",
"elasticbeanstalk:Describe*",
"elasticbeanstalk:List*",
"elasticbeanstalk:RequestEnvironmentInfo",
"elasticbeanstalk:RetrieveEnvironmentInfo",
"ec2:Describe*",
"elasticloadbalancing:Describe*",
"autoscaling:Describe*",
"cloudwatch:Describe*",
"cloudwatch:List*",
"cloudwatch:Get*",
"s3:Get*",
"s3:List*",
"sns:Get*",
"sns:List*",
"cloudformation:Describe*",
"cloudformation:Get*",
"cloudformation:List*",
"cloudformation:Validate*",
"cloudformation:Estimate*",
"rds:Describe*",
"sqs:Get*",
"sqs:List*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI47KNGXDAXFD4SDHG",
"PolicyName": "AWSElasticBeanstalkReadOnlyAccess",
"UpdateDate": "2015-02-06T18:40:19+00:00",
"VersionId": "v1"
},
"AWSElasticBeanstalkService": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkService",
"AttachmentCount": 0,
"CreateDate": "2016-04-11T20:27:23+00:00",
"DefaultVersionId": "v15",
"Document": {
"Statement": [
{
"Action": [
"cloudformation:*"
],
"Effect": "Allow",
"Resource": [
"arn:aws:cloudformation:*:*:stack/awseb-*",
"arn:aws:cloudformation:*:*:stack/eb-*"
],
"Sid": "AllowCloudformationOperationsOnElasticBeanstalkStacks"
},
{
"Action": [
"logs:DeleteLogGroup"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:log-group:/aws/elasticbeanstalk*"
],
"Sid": "AllowDeleteCloudwatchLogGroups"
},
{
"Action": [
"s3:*"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::elasticbeanstalk-*",
"arn:aws:s3:::elasticbeanstalk-*/*"
],
"Sid": "AllowS3OperationsOnElasticBeanstalkBuckets"
},
{
"Action": "ec2:RunInstances",
"Condition": {
"ArnLike": {
"ec2:LaunchTemplate": "arn:aws:ec2:*:*:launch-template/*"
}
},
"Effect": "Allow",
"Resource": "*",
"Sid": "AllowLaunchTemplateRunInstances"
},
{
"Action": [
"autoscaling:AttachInstances",
"autoscaling:CreateAutoScalingGroup",
"autoscaling:CreateLaunchConfiguration",
"autoscaling:DeleteLaunchConfiguration",
"autoscaling:DeleteAutoScalingGroup",
"autoscaling:DeleteScheduledAction",
"autoscaling:DescribeAccountLimits",
"autoscaling:DescribeAutoScalingGroups",
"autoscaling:DescribeAutoScalingInstances",
"autoscaling:DescribeLaunchConfigurations",
"autoscaling:DescribeLoadBalancers",
"autoscaling:DescribeNotificationConfigurations",
"autoscaling:DescribeScalingActivities",
"autoscaling:DescribeScheduledActions",
"autoscaling:DetachInstances",
"autoscaling:DeletePolicy",
"autoscaling:PutScalingPolicy",
"autoscaling:PutScheduledUpdateGroupAction",
"autoscaling:PutNotificationConfiguration",
"autoscaling:ResumeProcesses",
"autoscaling:SetDesiredCapacity",
"autoscaling:SuspendProcesses",
"autoscaling:TerminateInstanceInAutoScalingGroup",
"autoscaling:UpdateAutoScalingGroup",
"cloudwatch:PutMetricAlarm",
"ec2:AssociateAddress",
"ec2:AllocateAddress",
"ec2:AuthorizeSecurityGroupEgress",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateLaunchTemplate",
"ec2:CreateLaunchTemplateVersion",
"ec2:DescribeLaunchTemplates",
"ec2:DescribeLaunchTemplateVersions",
"ec2:DeleteLaunchTemplate",
"ec2:DeleteLaunchTemplateVersions",
"ec2:CreateSecurityGroup",
"ec2:DeleteSecurityGroup",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAddresses",
"ec2:DescribeImages",
"ec2:DescribeInstances",
"ec2:DescribeKeyPairs",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSnapshots",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:DescribeInstanceAttribute",
"ec2:DescribeSpotInstanceRequests",
"ec2:DescribeVpcClassicLink",
"ec2:DisassociateAddress",
"ec2:ReleaseAddress",
"ec2:RevokeSecurityGroupEgress",
"ec2:RevokeSecurityGroupIngress",
"ec2:TerminateInstances",
"ecs:CreateCluster",
"ecs:DeleteCluster",
"ecs:DescribeClusters",
"ecs:RegisterTaskDefinition",
"elasticbeanstalk:*",
"elasticloadbalancing:ApplySecurityGroupsToLoadBalancer",
"elasticloadbalancing:ConfigureHealthCheck",
"elasticloadbalancing:CreateLoadBalancer",
"elasticloadbalancing:DeleteLoadBalancer",
"elasticloadbalancing:DeregisterInstancesFromLoadBalancer",
"elasticloadbalancing:DescribeInstanceHealth",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeTargetHealth",
"elasticloadbalancing:RegisterInstancesWithLoadBalancer",
"elasticloadbalancing:DescribeTargetGroups",
"elasticloadbalancing:RegisterTargets",
"elasticloadbalancing:DeregisterTargets",
"iam:ListRoles",
"iam:PassRole",
"logs:CreateLogGroup",
"logs:PutRetentionPolicy",
"logs:DescribeLogGroups",
"rds:DescribeDBEngineVersions",
"rds:DescribeDBInstances",
"rds:DescribeOrderableDBInstanceOptions",
"s3:CopyObject",
"s3:GetObject",
"s3:GetObjectAcl",
"s3:GetObjectMetadata",
"s3:ListBucket",
"s3:listBuckets",
"s3:ListObjects",
"sns:CreateTopic",
"sns:GetTopicAttributes",
"sns:ListSubscriptionsByTopic",
"sns:Subscribe",
"sns:SetTopicAttributes",
"sqs:GetQueueAttributes",
"sqs:GetQueueUrl",
"codebuild:CreateProject",
"codebuild:DeleteProject",
"codebuild:BatchGetBuilds",
"codebuild:StartBuild"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "AllowOperations"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJKQ5SN74ZQ4WASXBM",
"PolicyName": "AWSElasticBeanstalkService",
"UpdateDate": "2019-02-05T17:46:21+00:00",
"VersionId": "v15"
},
"AWSElasticBeanstalkServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSElasticBeanstalkServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-09-13T23:46:37+00:00",
"DefaultVersionId": "v5",
"Document": {
"Statement": [
{
"Action": [
"cloudformation:DescribeStackResource",
"cloudformation:DescribeStackResources",
"cloudformation:DescribeStacks"
],
"Effect": "Allow",
"Resource": [
"arn:aws:cloudformation:*:*:stack/awseb-*",
"arn:aws:cloudformation:*:*:stack/eb-*"
],
"Sid": "AllowCloudformationReadOperationsOnElasticBeanstalkStacks"
},
{
"Action": [
"autoscaling:DescribeAutoScalingGroups",
"autoscaling:DescribeAutoScalingInstances",
"autoscaling:DescribeNotificationConfigurations",
"autoscaling:DescribeScalingActivities",
"autoscaling:PutNotificationConfiguration",
"ec2:DescribeInstanceStatus",
"ec2:AssociateAddress",
"ec2:DescribeAddresses",
"ec2:DescribeInstances",
"ec2:DescribeSecurityGroups",
"elasticloadbalancing:DescribeInstanceHealth",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeTargetHealth",
"elasticloadbalancing:DescribeTargetGroups",
"sqs:GetQueueAttributes",
"sqs:GetQueueUrl",
"sns:Publish"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "AllowOperations"
},
{
"Action": [
"logs:DescribeLogStreams",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": "arn:aws:logs:*:*:log-group:/aws/elasticbeanstalk/*:log-stream:*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIID62QSI3OSIPQXTM",
"PolicyName": "AWSElasticBeanstalkServiceRolePolicy",
"UpdateDate": "2018-04-09T22:06:23+00:00",
"VersionId": "v5"
},
"AWSElasticBeanstalkWebTier": {
"Arn": "arn:aws:iam::aws:policy/AWSElasticBeanstalkWebTier",
"AttachmentCount": 0,
"CreateDate": "2016-02-08T23:08:54+00:00",
"DefaultVersionId": "v6",
"Document": {
"Statement": [
{
"Action": [
"s3:Get*",
"s3:List*",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::elasticbeanstalk-*",
"arn:aws:s3:::elasticbeanstalk-*/*"
],
"Sid": "BucketAccess"
},
{
"Action": [
"xray:PutTraceSegments",
"xray:PutTelemetryRecords",
"xray:GetSamplingRules",
"xray:GetSamplingTargets",
"xray:GetSamplingStatisticSummaries"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "XRayAccess"
},
{
"Action": [
"logs:PutLogEvents",
"logs:CreateLogStream",
"logs:DescribeLogStreams",
"logs:DescribeLogGroups"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:log-group:/aws/elasticbeanstalk*"
],
"Sid": "CloudWatchLogsAccess"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIUF4325SJYOREKW3A",
"PolicyName": "AWSElasticBeanstalkWebTier",
"UpdateDate": "2019-03-01T00:04:49+00:00",
"VersionId": "v6"
},
"AWSElasticBeanstalkWorkerTier": {
"Arn": "arn:aws:iam::aws:policy/AWSElasticBeanstalkWorkerTier",
"AttachmentCount": 0,
"CreateDate": "2016-02-08T23:12:02+00:00",
"DefaultVersionId": "v5",
"Document": {
"Statement": [
{
"Action": [
"cloudwatch:PutMetricData"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "MetricsAccess"
},
{
"Action": [
"xray:PutTraceSegments",
"xray:PutTelemetryRecords",
"xray:GetSamplingRules",
"xray:GetSamplingTargets",
"xray:GetSamplingStatisticSummaries"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "XRayAccess"
},
{
"Action": [
"sqs:ChangeMessageVisibility",
"sqs:DeleteMessage",
"sqs:ReceiveMessage",
"sqs:SendMessage"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "QueueAccess"
},
{
"Action": [
"s3:Get*",
"s3:List*",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::elasticbeanstalk-*",
"arn:aws:s3:::elasticbeanstalk-*/*"
],
"Sid": "BucketAccess"
},
{
"Action": [
"dynamodb:BatchGetItem",
"dynamodb:BatchWriteItem",
"dynamodb:DeleteItem",
"dynamodb:GetItem",
"dynamodb:PutItem",
"dynamodb:Query",
"dynamodb:Scan",
"dynamodb:UpdateItem"
],
"Effect": "Allow",
"Resource": [
"arn:aws:dynamodb:*:*:table/*-stack-AWSEBWorkerCronLeaderRegistry*"
],
"Sid": "DynamoPeriodicTasks"
},
{
"Action": [
"logs:PutLogEvents",
"logs:CreateLogStream"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:log-group:/aws/elasticbeanstalk*"
],
"Sid": "CloudWatchLogsAccess"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJQDLBRSJVKVF4JMSK",
"PolicyName": "AWSElasticBeanstalkWorkerTier",
"UpdateDate": "2019-03-01T00:07:00+00:00",
"VersionId": "v5"
},
"AWSElasticLoadBalancingClassicServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSElasticLoadBalancingClassicServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-09-19T22:36:18+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:DescribeAddresses",
"ec2:DescribeInstances",
"ec2:DescribeSubnets",
"ec2:DescribeSecurityGroups",
"ec2:DescribeVpcs",
"ec2:DescribeInternetGateways",
"ec2:DescribeAccountAttributes",
"ec2:DescribeClassicLinkInstances",
"ec2:DescribeVpcClassicLink",
"ec2:CreateSecurityGroup",
"ec2:CreateNetworkInterface",
"ec2:DeleteNetworkInterface",
"ec2:ModifyNetworkInterface",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:AssociateAddress",
"ec2:DisassociateAddress",
"ec2:AttachNetworkInterface",
"ec2:DetachNetworkInterface",
"ec2:AssignPrivateIpAddresses",
"ec2:AssignIpv6Addresses",
"ec2:UnassignIpv6Addresses"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIUMWW3QP7DPZPNVU4",
"PolicyName": "AWSElasticLoadBalancingClassicServiceRolePolicy",
"UpdateDate": "2017-09-19T22:36:18+00:00",
"VersionId": "v1"
},
"AWSElasticLoadBalancingServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSElasticLoadBalancingServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-09-19T22:19:04+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"ec2:DescribeAddresses",
"ec2:DescribeInstances",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeSubnets",
"ec2:DescribeSecurityGroups",
"ec2:DescribeVpcs",
"ec2:DescribeInternetGateways",
"ec2:DescribeAccountAttributes",
"ec2:DescribeClassicLinkInstances",
"ec2:DescribeVpcClassicLink",
"ec2:CreateSecurityGroup",
"ec2:CreateNetworkInterface",
"ec2:DeleteNetworkInterface",
"ec2:ModifyNetworkInterface",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:AssociateAddress",
"ec2:DisassociateAddress",
"ec2:AttachNetworkInterface",
"ec2:DetachNetworkInterface",
"ec2:AssignPrivateIpAddresses",
"ec2:AssignIpv6Addresses",
"ec2:UnassignIpv6Addresses",
"logs:CreateLogDelivery",
"logs:GetLogDelivery",
"logs:UpdateLogDelivery",
"logs:DeleteLogDelivery",
"logs:ListLogDeliveries"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIMHWGGSRHLOQUICJQ",
"PolicyName": "AWSElasticLoadBalancingServiceRolePolicy",
"UpdateDate": "2019-03-18T21:51:14+00:00",
"VersionId": "v3"
},
"AWSElementalMediaConvertFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSElementalMediaConvertFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-06-25T19:25:35+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"mediaconvert:*",
"s3:ListAllMyBuckets",
"s3:ListBucket",
"s3:ListObjects"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringLike": {
"iam:PassedToService": [
"mediaconvert.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIXDREOCL6LV7RBJWC",
"PolicyName": "AWSElementalMediaConvertFullAccess",
"UpdateDate": "2018-06-25T19:25:35+00:00",
"VersionId": "v1"
},
"AWSElementalMediaConvertReadOnly": {
"Arn": "arn:aws:iam::aws:policy/AWSElementalMediaConvertReadOnly",
"AttachmentCount": 0,
"CreateDate": "2018-06-25T19:25:14+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"mediaconvert:Get*",
"mediaconvert:List*",
"mediaconvert:DescribeEndpoints",
"s3:ListAllMyBuckets",
"s3:ListBucket",
"s3:ListObjects"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJSXYOBSLJN3JEDO42",
"PolicyName": "AWSElementalMediaConvertReadOnly",
"UpdateDate": "2018-06-25T19:25:14+00:00",
"VersionId": "v1"
},
"AWSElementalMediaPackageFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSElementalMediaPackageFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-12-29T23:39:52+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": {
"Action": "mediapackage:*",
"Effect": "Allow",
"Resource": "*"
},
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIYI6IYR3JRFAVNQHC",
"PolicyName": "AWSElementalMediaPackageFullAccess",
"UpdateDate": "2017-12-29T23:39:52+00:00",
"VersionId": "v1"
},
"AWSElementalMediaPackageReadOnly": {
"Arn": "arn:aws:iam::aws:policy/AWSElementalMediaPackageReadOnly",
"AttachmentCount": 0,
"CreateDate": "2017-12-30T00:04:29+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": {
"Action": [
"mediapackage:List*",
"mediapackage:Describe*"
],
"Effect": "Allow",
"Resource": "*"
},
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ42DVTPUHKXNYZQCO",
"PolicyName": "AWSElementalMediaPackageReadOnly",
"UpdateDate": "2017-12-30T00:04:29+00:00",
"VersionId": "v1"
},
"AWSElementalMediaStoreFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSElementalMediaStoreFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-03-05T23:15:31+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"mediastore:*"
],
"Condition": {
"Bool": {
"aws:SecureTransport": "true"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJZFYFW2QXSNK7OH6Y",
"PolicyName": "AWSElementalMediaStoreFullAccess",
"UpdateDate": "2018-03-05T23:15:31+00:00",
"VersionId": "v1"
},
"AWSElementalMediaStoreReadOnly": {
"Arn": "arn:aws:iam::aws:policy/AWSElementalMediaStoreReadOnly",
"AttachmentCount": 0,
"CreateDate": "2018-03-08T19:48:22+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"mediastore:Get*",
"mediastore:List*",
"mediastore:Describe*"
],
"Condition": {
"Bool": {
"aws:SecureTransport": "true"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI4EFXRATQYOFTAEFM",
"PolicyName": "AWSElementalMediaStoreReadOnly",
"UpdateDate": "2018-03-08T19:48:22+00:00",
"VersionId": "v1"
},
"AWSEnhancedClassicNetworkingMangementPolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSEnhancedClassicNetworkingMangementPolicy",
"AttachmentCount": 0,
"CreateDate": "2017-09-20T17:29:09+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:DescribeInstances",
"ec2:DescribeSecurityGroups"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI7T4V2HZTS72QVO52",
"PolicyName": "AWSEnhancedClassicNetworkingMangementPolicy",
"UpdateDate": "2017-09-20T17:29:09+00:00",
"VersionId": "v1"
},
"AWSFMAdminFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSFMAdminFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-05-09T18:06:18+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"fms:*",
"waf:*",
"waf-regional:*",
"elasticloadbalancing:SetWebACL",
"organizations:DescribeOrganization"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJLAGM5X6WSNPF4EAQ",
"PolicyName": "AWSFMAdminFullAccess",
"UpdateDate": "2018-05-09T18:06:18+00:00",
"VersionId": "v1"
},
"AWSFMAdminReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSFMAdminReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2018-05-09T20:07:39+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"fms:Get*",
"fms:List*",
"waf:Get*",
"waf:List*",
"waf-regional:Get*",
"waf-regional:List*",
"organizations:DescribeOrganization"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJA3UKVVBN62QFIKLW",
"PolicyName": "AWSFMAdminReadOnlyAccess",
"UpdateDate": "2018-05-09T20:07:39+00:00",
"VersionId": "v1"
},
"AWSFMMemberReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSFMMemberReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2018-05-09T21:05:29+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"fms:GetAdminAccount",
"waf:Get*",
"waf:List*",
"waf-regional:Get*",
"waf-regional:List*",
"organizations:DescribeOrganization"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIB2IVAQ4XXNHHA3DW",
"PolicyName": "AWSFMMemberReadOnlyAccess",
"UpdateDate": "2018-05-09T21:05:29+00:00",
"VersionId": "v1"
},
"AWSGlobalAcceleratorSLRPolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSGlobalAcceleratorSLRPolicy",
"AttachmentCount": 0,
"CreateDate": "2019-04-05T19:39:13+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:CreateNetworkInterface",
"ec2:DescribeNetworkInterfaces",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:DeleteNetworkInterface"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "ec2:DeleteSecurityGroup",
"Condition": {
"StringEquals": {
"ec2:ResourceTag/AWSServiceName": "GlobalAccelerator"
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:CreateSecurityGroup",
"ec2:DescribeSecurityGroups"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "elasticloadbalancing:DescribeLoadBalancers",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "ec2:CreateTags",
"Effect": "Allow",
"Resource": [
"arn:aws:ec2:*:*:security-group/*",
"arn:aws:ec2:*:*:network-interface/*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAZKAPJZG4EJ5ZEQR2C",
"PolicyName": "AWSGlobalAcceleratorSLRPolicy",
"UpdateDate": "2019-04-05T19:39:13+00:00",
"VersionId": "v1"
},
"AWSGlueConsoleFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSGlueConsoleFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-08-14T13:37:39+00:00",
"DefaultVersionId": "v12",
"Document": {
"Statement": [
{
"Action": [
"glue:*",
"redshift:DescribeClusters",
"redshift:DescribeClusterSubnetGroups",
"iam:ListRoles",
"iam:ListUsers",
"iam:ListGroups",
"iam:ListRolePolicies",
"iam:GetRole",
"iam:GetRolePolicy",
"iam:ListAttachedRolePolicies",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:DescribeVpcEndpoints",
"ec2:DescribeRouteTables",
"ec2:DescribeVpcAttribute",
"ec2:DescribeKeyPairs",
"ec2:DescribeInstances",
"ec2:DescribeImages",
"rds:DescribeDBInstances",
"rds:DescribeDBClusters",
"rds:DescribeDBSubnetGroups",
"s3:ListAllMyBuckets",
"s3:ListBucket",
"s3:GetBucketAcl",
"s3:GetBucketLocation",
"cloudformation:DescribeStacks",
"cloudformation:GetTemplateSummary",
"dynamodb:ListTables",
"kms:ListAliases",
"kms:DescribeKey",
"cloudwatch:GetMetricData",
"cloudwatch:ListDashboards"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"s3:GetObject",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::aws-glue-*/*",
"arn:aws:s3:::*/*aws-glue-*/*",
"arn:aws:s3:::aws-glue-*"
]
},
{
"Action": [
"tag:GetResources"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"s3:CreateBucket"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::aws-glue-*"
]
},
{
"Action": [
"logs:GetLogEvents"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:/aws-glue/*"
]
},
{
"Action": [
"cloudformation:CreateStack",
"cloudformation:DeleteStack"
],
"Effect": "Allow",
"Resource": "arn:aws:cloudformation:*:*:stack/aws-glue*/*"
},
{
"Action": [
"ec2:RunInstances"
],
"Effect": "Allow",
"Resource": [
"arn:aws:ec2:*:*:instance/*",
"arn:aws:ec2:*:*:key-pair/*",
"arn:aws:ec2:*:*:image/*",
"arn:aws:ec2:*:*:security-group/*",
"arn:aws:ec2:*:*:network-interface/*",
"arn:aws:ec2:*:*:subnet/*",
"arn:aws:ec2:*:*:volume/*"
]
},
{
"Action": [
"ec2:TerminateInstances",
"ec2:CreateTags",
"ec2:DeleteTags"
],
"Condition": {
"StringEquals": {
"ec2:ResourceTag/aws:cloudformation:logical-id": "ZeppelinInstance"
},
"StringLike": {
"ec2:ResourceTag/aws:cloudformation:stack-id": "arn:aws:cloudformation:*:*:stack/aws-glue-*/*"
}
},
"Effect": "Allow",
"Resource": [
"arn:aws:ec2:*:*:instance/*"
]
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringLike": {
"iam:PassedToService": [
"glue.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/AWSGlueServiceRole*"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringLike": {
"iam:PassedToService": [
"ec2.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/AWSGlueServiceNotebookRole*"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringLike": {
"iam:PassedToService": [
"glue.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/service-role/AWSGlueServiceRole*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJNZGDEOD7MISOVSVI",
"PolicyName": "AWSGlueConsoleFullAccess",
"UpdateDate": "2019-02-11T19:49:01+00:00",
"VersionId": "v12"
},
"AWSGlueConsoleSageMakerNotebookFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSGlueConsoleSageMakerNotebookFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-10-05T17:52:35+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"glue:*",
"redshift:DescribeClusters",
"redshift:DescribeClusterSubnetGroups",
"iam:ListRoles",
"iam:ListRolePolicies",
"iam:GetRole",
"iam:GetRolePolicy",
"iam:ListAttachedRolePolicies",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:DescribeVpcEndpoints",
"ec2:DescribeRouteTables",
"ec2:DescribeVpcAttribute",
"ec2:DescribeKeyPairs",
"ec2:DescribeInstances",
"ec2:DescribeImages",
"ec2:CreateNetworkInterface",
"ec2:AttachNetworkInterface",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:DeleteNetworkInterface",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeInternetGateways",
"ec2:DescribeNetworkInterfaces",
"rds:DescribeDBInstances",
"s3:ListAllMyBuckets",
"s3:ListBucket",
"s3:GetBucketAcl",
"s3:GetBucketLocation",
"cloudformation:DescribeStacks",
"cloudformation:GetTemplateSummary",
"dynamodb:ListTables",
"kms:ListAliases",
"kms:DescribeKey",
"sagemaker:ListNotebookInstances",
"sagemaker:ListNotebookInstanceLifecycleConfigs",
"cloudformation:ListStacks",
"cloudwatch:GetMetricData",
"cloudwatch:ListDashboards"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"s3:GetObject",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::aws-glue-*/*",
"arn:aws:s3:::*/*aws-glue-*/*",
"arn:aws:s3:::aws-glue-*"
]
},
{
"Action": [
"s3:CreateBucket"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::aws-glue-*"
]
},
{
"Action": [
"logs:GetLogEvents"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:/aws-glue/*"
]
},
{
"Action": [
"cloudformation:CreateStack",
"cloudformation:DeleteStack"
],
"Effect": "Allow",
"Resource": "arn:aws:cloudformation:*:*:stack/aws-glue*/*"
},
{
"Action": [
"sagemaker:CreatePresignedNotebookInstanceUrl",
"sagemaker:CreateNotebookInstance",
"sagemaker:DeleteNotebookInstance",
"sagemaker:DescribeNotebookInstance",
"sagemaker:DescribeNotebookInstanceLifecycleConfig",
"sagemaker:DeleteNotebookInstanceLifecycleConfig",
"sagemaker:StartNotebookInstance",
"sagemaker:CreateNotebookInstanceLifecycleConfig",
"sagemaker:StopNotebookInstance",
"sagemaker:UpdateNotebookInstance",
"sagemaker:ListTags"
],
"Effect": "Allow",
"Resource": "arn:aws:sagemaker:*:*:notebook-instance/aws-glue-*"
},
{
"Action": [
"ec2:RunInstances"
],
"Effect": "Allow",
"Resource": [
"arn:aws:ec2:*:*:instance/*",
"arn:aws:ec2:*:*:key-pair/*",
"arn:aws:ec2:*:*:image/*",
"arn:aws:ec2:*:*:security-group/*",
"arn:aws:ec2:*:*:network-interface/*",
"arn:aws:ec2:*:*:subnet/*",
"arn:aws:ec2:*:*:volume/*"
]
},
{
"Action": [
"ec2:TerminateInstances",
"ec2:CreateTags",
"ec2:DeleteTags"
],
"Condition": {
"StringEquals": {
"ec2:ResourceTag/aws:cloudformation:logical-id": "ZeppelinInstance"
},
"StringLike": {
"ec2:ResourceTag/aws:cloudformation:stack-id": "arn:aws:cloudformation:*:*:stack/aws-glue-*/*"
}
},
"Effect": "Allow",
"Resource": [
"arn:aws:ec2:*:*:instance/*"
]
},
{
"Action": [
"tag:GetResources"
],
"Condition": {
"StringEquals": {
"aws:TagKeys": "aws-glue-*"
}
},
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringLike": {
"iam:PassedToService": [
"glue.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/AWSGlueServiceRole*"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringLike": {
"iam:PassedToService": [
"ec2.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/AWSGlueServiceNotebookRole*"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringLike": {
"iam:PassedToService": [
"sagemaker.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/AWSGlueServiceSageMakerNotebookRole*"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringLike": {
"iam:PassedToService": [
"glue.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/service-role/AWSGlueServiceRole*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJELFOHJC42QS3ZSYY",
"PolicyName": "AWSGlueConsoleSageMakerNotebookFullAccess",
"UpdateDate": "2018-10-05T17:52:35+00:00",
"VersionId": "v1"
},
"AWSGlueServiceNotebookRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSGlueServiceNotebookRole",
"AttachmentCount": 0,
"CreateDate": "2017-08-14T13:37:42+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"glue:CreateDatabase",
"glue:CreatePartition",
"glue:CreateTable",
"glue:DeleteDatabase",
"glue:DeletePartition",
"glue:DeleteTable",
"glue:GetDatabase",
"glue:GetDatabases",
"glue:GetPartition",
"glue:GetPartitions",
"glue:GetTable",
"glue:GetTableVersions",
"glue:GetTables",
"glue:UpdateDatabase",
"glue:UpdatePartition",
"glue:UpdateTable",
"glue:CreateBookmark",
"glue:GetBookmark",
"glue:UpdateBookmark",
"glue:GetMetric",
"glue:PutMetric",
"glue:CreateConnection",
"glue:CreateJob",
"glue:DeleteConnection",
"glue:DeleteJob",
"glue:GetConnection",
"glue:GetConnections",
"glue:GetDevEndpoint",
"glue:GetDevEndpoints",
"glue:GetJob",
"glue:GetJobs",
"glue:UpdateJob",
"glue:BatchDeleteConnection",
"glue:UpdateConnection",
"glue:GetUserDefinedFunction",
"glue:UpdateUserDefinedFunction",
"glue:GetUserDefinedFunctions",
"glue:DeleteUserDefinedFunction",
"glue:CreateUserDefinedFunction",
"glue:BatchGetPartition",
"glue:BatchDeletePartition",
"glue:BatchCreatePartition",
"glue:BatchDeleteTable",
"glue:UpdateDevEndpoint",
"s3:GetBucketLocation",
"s3:ListBucket",
"s3:ListAllMyBuckets",
"s3:GetBucketAcl"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::crawler-public*",
"arn:aws:s3:::aws-glue*"
]
},
{
"Action": [
"s3:PutObject",
"s3:DeleteObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::aws-glue*"
]
},
{
"Action": [
"ec2:CreateTags",
"ec2:DeleteTags"
],
"Condition": {
"ForAllValues:StringEquals": {
"aws:TagKeys": [
"aws-glue-service-resource"
]
}
},
"Effect": "Allow",
"Resource": [
"arn:aws:ec2:*:*:network-interface/*",
"arn:aws:ec2:*:*:security-group/*",
"arn:aws:ec2:*:*:instance/*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIMRC6VZUHJYCTKWFI",
"PolicyName": "AWSGlueServiceNotebookRole",
"UpdateDate": "2017-08-17T18:08:29+00:00",
"VersionId": "v2"
},
"AWSGlueServiceRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSGlueServiceRole",
"AttachmentCount": 0,
"CreateDate": "2017-08-14T13:37:21+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"glue:*",
"s3:GetBucketLocation",
"s3:ListBucket",
"s3:ListAllMyBuckets",
"s3:GetBucketAcl",
"ec2:DescribeVpcEndpoints",
"ec2:DescribeRouteTables",
"ec2:CreateNetworkInterface",
"ec2:DeleteNetworkInterface",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcAttribute",
"iam:ListRolePolicies",
"iam:GetRole",
"iam:GetRolePolicy",
"cloudwatch:PutMetricData"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"s3:CreateBucket"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::aws-glue-*"
]
},
{
"Action": [
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::aws-glue-*/*",
"arn:aws:s3:::*/*aws-glue-*/*"
]
},
{
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::crawler-public*",
"arn:aws:s3:::aws-glue-*"
]
},
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:/aws-glue/*"
]
},
{
"Action": [
"ec2:CreateTags",
"ec2:DeleteTags"
],
"Condition": {
"ForAllValues:StringEquals": {
"aws:TagKeys": [
"aws-glue-service-resource"
]
}
},
"Effect": "Allow",
"Resource": [
"arn:aws:ec2:*:*:network-interface/*",
"arn:aws:ec2:*:*:security-group/*",
"arn:aws:ec2:*:*:instance/*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIRUJCPEBPMEZFAS32",
"PolicyName": "AWSGlueServiceRole",
"UpdateDate": "2018-06-25T18:23:09+00:00",
"VersionId": "v4"
},
"AWSGreengrassFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSGreengrassFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-05-03T00:47:37+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"greengrass:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJWPV6OBK4QONH4J3O",
"PolicyName": "AWSGreengrassFullAccess",
"UpdateDate": "2017-05-03T00:47:37+00:00",
"VersionId": "v1"
},
"AWSGreengrassReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSGreengrassReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2018-10-30T16:01:43+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"greengrass:List*",
"greengrass:Get*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJLSKLXFVTQTZ5GY3I",
"PolicyName": "AWSGreengrassReadOnlyAccess",
"UpdateDate": "2018-10-30T16:01:43+00:00",
"VersionId": "v1"
},
"AWSGreengrassResourceAccessRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSGreengrassResourceAccessRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-02-14T21:17:24+00:00",
"DefaultVersionId": "v5",
"Document": {
"Statement": [
{
"Action": [
"iot:DeleteThingShadow",
"iot:GetThingShadow",
"iot:UpdateThingShadow"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iot:*:*:thing/GG_*",
"arn:aws:iot:*:*:thing/*-gcm",
"arn:aws:iot:*:*:thing/*-gda",
"arn:aws:iot:*:*:thing/*-gci"
],
"Sid": "AllowGreengrassAccessToShadows"
},
{
"Action": [
"iot:DescribeThing"
],
"Effect": "Allow",
"Resource": "arn:aws:iot:*:*:thing/*",
"Sid": "AllowGreengrassToDescribeThings"
},
{
"Action": [
"iot:DescribeCertificate"
],
"Effect": "Allow",
"Resource": "arn:aws:iot:*:*:cert/*",
"Sid": "AllowGreengrassToDescribeCertificates"
},
{
"Action": [
"greengrass:*"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "AllowGreengrassToCallGreengrassServices"
},
{
"Action": [
"lambda:GetFunction",
"lambda:GetFunctionConfiguration"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "AllowGreengrassToGetLambdaFunctions"
},
{
"Action": [
"secretsmanager:GetSecretValue"
],
"Effect": "Allow",
"Resource": "arn:aws:secretsmanager:*:*:secret:greengrass-*",
"Sid": "AllowGreengrassToGetGreengrassSecrets"
},
{
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::*Greengrass*",
"arn:aws:s3:::*GreenGrass*",
"arn:aws:s3:::*greengrass*",
"arn:aws:s3:::*Sagemaker*",
"arn:aws:s3:::*SageMaker*",
"arn:aws:s3:::*sagemaker*"
],
"Sid": "AllowGreengrassAccessToS3Objects"
},
{
"Action": [
"s3:GetBucketLocation"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "AllowGreengrassAccessToS3BucketLocation"
},
{
"Action": [
"sagemaker:DescribeTrainingJob"
],
"Effect": "Allow",
"Resource": [
"arn:aws:sagemaker:*:*:training-job/*"
],
"Sid": "AllowGreengrassAccessToSageMakerTrainingJobs"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJPKEIMB6YMXDEVRTM",
"PolicyName": "AWSGreengrassResourceAccessRolePolicy",
"UpdateDate": "2018-11-14T00:35:02+00:00",
"VersionId": "v5"
},
"AWSHealthFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSHealthFullAccess",
"AttachmentCount": 0,
"CreateDate": "2016-12-06T12:30:31+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"health:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI3CUMPCPEUPCSXC4Y",
"PolicyName": "AWSHealthFullAccess",
"UpdateDate": "2016-12-06T12:30:31+00:00",
"VersionId": "v1"
},
"AWSIQFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSIQFullAccess",
"AttachmentCount": 0,
"CreateDate": "2019-04-04T23:13:42+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"iq:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAZKAPJZG4P4TAHETXT",
"PolicyName": "AWSIQFullAccess",
"UpdateDate": "2019-04-04T23:13:42+00:00",
"VersionId": "v1"
},
"AWSImportExportFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSImportExportFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:43+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"importexport:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJCQCT4JGTLC6722MQ",
"PolicyName": "AWSImportExportFullAccess",
"UpdateDate": "2015-02-06T18:40:43+00:00",
"VersionId": "v1"
},
"AWSImportExportReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSImportExportReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:42+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"importexport:ListJobs",
"importexport:GetStatus"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJNTV4OG52ESYZHCNK",
"PolicyName": "AWSImportExportReadOnlyAccess",
"UpdateDate": "2015-02-06T18:40:42+00:00",
"VersionId": "v1"
},
"AWSIoT1ClickFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSIoT1ClickFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-05-11T22:10:14+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"iot1click:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJPQNJPDUDESCCAMIA",
"PolicyName": "AWSIoT1ClickFullAccess",
"UpdateDate": "2018-05-11T22:10:14+00:00",
"VersionId": "v1"
},
"AWSIoT1ClickReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSIoT1ClickReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2018-05-11T21:49:24+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"iot1click:Describe*",
"iot1click:Get*",
"iot1click:List*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI35VTLD3EBNY2JGXS",
"PolicyName": "AWSIoT1ClickReadOnlyAccess",
"UpdateDate": "2018-05-11T21:49:24+00:00",
"VersionId": "v1"
},
"AWSIoTAnalyticsFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSIoTAnalyticsFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-06-18T23:02:45+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"iotanalytics:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ7FB5ZEKQN445QGKY",
"PolicyName": "AWSIoTAnalyticsFullAccess",
"UpdateDate": "2018-06-18T23:02:45+00:00",
"VersionId": "v1"
},
"AWSIoTAnalyticsReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSIoTAnalyticsReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2018-06-18T21:37:49+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"iotanalytics:Describe*",
"iotanalytics:List*",
"iotanalytics:Get*",
"iotanalytics:SampleChannelData"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ3Z4LYBELMXGFLGMI",
"PolicyName": "AWSIoTAnalyticsReadOnlyAccess",
"UpdateDate": "2018-06-18T21:37:49+00:00",
"VersionId": "v1"
},
"AWSIoTConfigAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSIoTConfigAccess",
"AttachmentCount": 0,
"CreateDate": "2015-10-27T21:52:07+00:00",
"DefaultVersionId": "v8",
"Document": {
"Statement": [
{
"Action": [
"iot:AcceptCertificateTransfer",
"iot:AddThingToThingGroup",
"iot:AssociateTargetsWithJob",
"iot:AttachPolicy",
"iot:AttachPrincipalPolicy",
"iot:AttachThingPrincipal",
"iot:CancelCertificateTransfer",
"iot:CancelJob",
"iot:CancelJobExecution",
"iot:ClearDefaultAuthorizer",
"iot:CreateAuthorizer",
"iot:CreateCertificateFromCsr",
"iot:CreateJob",
"iot:CreateKeysAndCertificate",
"iot:CreateOTAUpdate",
"iot:CreatePolicy",
"iot:CreatePolicyVersion",
"iot:CreateRoleAlias",
"iot:CreateStream",
"iot:CreateThing",
"iot:CreateThingGroup",
"iot:CreateThingType",
"iot:CreateTopicRule",
"iot:DeleteAuthorizer",
"iot:DeleteCACertificate",
"iot:DeleteCertificate",
"iot:DeleteJob",
"iot:DeleteJobExecution",
"iot:DeleteOTAUpdate",
"iot:DeletePolicy",
"iot:DeletePolicyVersion",
"iot:DeleteRegistrationCode",
"iot:DeleteRoleAlias",
"iot:DeleteStream",
"iot:DeleteThing",
"iot:DeleteThingGroup",
"iot:DeleteThingType",
"iot:DeleteTopicRule",
"iot:DeleteV2LoggingLevel",
"iot:DeprecateThingType",
"iot:DescribeAuthorizer",
"iot:DescribeCACertificate",
"iot:DescribeCertificate",
"iot:DescribeCertificateTag",
"iot:DescribeDefaultAuthorizer",
"iot:DescribeEndpoint",
"iot:DescribeEventConfigurations",
"iot:DescribeIndex",
"iot:DescribeJob",
"iot:DescribeJobExecution",
"iot:DescribeRoleAlias",
"iot:DescribeStream",
"iot:DescribeThing",
"iot:DescribeThingGroup",
"iot:DescribeThingRegistrationTask",
"iot:DescribeThingType",
"iot:DetachPolicy",
"iot:DetachPrincipalPolicy",
"iot:DetachThingPrincipal",
"iot:DisableTopicRule",
"iot:EnableTopicRule",
"iot:GetEffectivePolicies",
"iot:GetIndexingConfiguration",
"iot:GetJobDocument",
"iot:GetLoggingOptions",
"iot:GetOTAUpdate",
"iot:GetPolicy",
"iot:GetPolicyVersion",
"iot:GetRegistrationCode",
"iot:GetTopicRule",
"iot:GetV2LoggingOptions",
"iot:ListAttachedPolicies",
"iot:ListAuthorizers",
"iot:ListCACertificates",
"iot:ListCertificates",
"iot:ListCertificatesByCA",
"iot:ListIndices",
"iot:ListJobExecutionsForJob",
"iot:ListJobExecutionsForThing",
"iot:ListJobs",
"iot:ListOTAUpdates",
"iot:ListOutgoingCertificates",
"iot:ListPolicies",
"iot:ListPolicyPrincipals",
"iot:ListPolicyVersions",
"iot:ListPrincipalPolicies",
"iot:ListPrincipalThings",
"iot:ListRoleAliases",
"iot:ListStreams",
"iot:ListTargetsForPolicy",
"iot:ListThingGroups",
"iot:ListThingGroupsForThing",
"iot:ListThingPrincipals",
"iot:ListThingRegistrationTaskReports",
"iot:ListThingRegistrationTasks",
"iot:ListThings",
"iot:ListThingsInThingGroup",
"iot:ListThingTypes",
"iot:ListTopicRules",
"iot:ListV2LoggingLevels",
"iot:RegisterCACertificate",
"iot:RegisterCertificate",
"iot:RegisterThing",
"iot:RejectCertificateTransfer",
"iot:RemoveThingFromThingGroup",
"iot:ReplaceTopicRule",
"iot:SearchIndex",
"iot:SetDefaultAuthorizer",
"iot:SetDefaultPolicyVersion",
"iot:SetLoggingOptions",
"iot:SetV2LoggingLevel",
"iot:SetV2LoggingOptions",
"iot:StartThingRegistrationTask",
"iot:StopThingRegistrationTask",
"iot:TestAuthorization",
"iot:TestInvokeAuthorizer",
"iot:TransferCertificate",
"iot:UpdateAuthorizer",
"iot:UpdateCACertificate",
"iot:UpdateCertificate",
"iot:UpdateCertificateTag",
"iot:UpdateEventConfigurations",
"iot:UpdateIndexingConfiguration",
"iot:UpdateRoleAlias",
"iot:UpdateStream",
"iot:UpdateThing",
"iot:UpdateThingGroup",
"iot:UpdateThingGroupsForThing",
"iot:UpdateAccountAuditConfiguration",
"iot:DescribeAccountAuditConfiguration",
"iot:DeleteAccountAuditConfiguration",
"iot:StartOnDemandAuditTask",
"iot:CancelAuditTask",
"iot:DescribeAuditTask",
"iot:ListAuditTasks",
"iot:CreateScheduledAudit",
"iot:UpdateScheduledAudit",
"iot:DeleteScheduledAudit",
"iot:DescribeScheduledAudit",
"iot:ListScheduledAudits",
"iot:ListAuditFindings",
"iot:CreateSecurityProfile",
"iot:DescribeSecurityProfile",
"iot:UpdateSecurityProfile",
"iot:DeleteSecurityProfile",
"iot:AttachSecurityProfile",
"iot:DetachSecurityProfile",
"iot:ListSecurityProfiles",
"iot:ListSecurityProfilesForTarget",
"iot:ListTargetsForSecurityProfile",
"iot:ListActiveViolations",
"iot:ListViolationEvents",
"iot:ValidateSecurityProfileBehaviors"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIWWGD4LM4EMXNRL7I",
"PolicyName": "AWSIoTConfigAccess",
"UpdateDate": "2018-10-01T17:22:32+00:00",
"VersionId": "v8"
},
"AWSIoTConfigReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSIoTConfigReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-10-27T21:52:31+00:00",
"DefaultVersionId": "v7",
"Document": {
"Statement": [
{
"Action": [
"iot:DescribeAuthorizer",
"iot:DescribeCACertificate",
"iot:DescribeCertificate",
"iot:DescribeCertificateTag",
"iot:DescribeDefaultAuthorizer",
"iot:DescribeEndpoint",
"iot:DescribeEventConfigurations",
"iot:DescribeIndex",
"iot:DescribeJob",
"iot:DescribeJobExecution",
"iot:DescribeRoleAlias",
"iot:DescribeStream",
"iot:DescribeThing",
"iot:DescribeThingGroup",
"iot:DescribeThingRegistrationTask",
"iot:DescribeThingType",
"iot:GetEffectivePolicies",
"iot:GetIndexingConfiguration",
"iot:GetJobDocument",
"iot:GetLoggingOptions",
"iot:GetOTAUpdate",
"iot:GetPolicy",
"iot:GetPolicyVersion",
"iot:GetRegistrationCode",
"iot:GetTopicRule",
"iot:GetV2LoggingOptions",
"iot:ListAttachedPolicies",
"iot:ListAuthorizers",
"iot:ListCACertificates",
"iot:ListCertificates",
"iot:ListCertificatesByCA",
"iot:ListIndices",
"iot:ListJobExecutionsForJob",
"iot:ListJobExecutionsForThing",
"iot:ListJobs",
"iot:ListOTAUpdates",
"iot:ListOutgoingCertificates",
"iot:ListPolicies",
"iot:ListPolicyPrincipals",
"iot:ListPolicyVersions",
"iot:ListPrincipalPolicies",
"iot:ListPrincipalThings",
"iot:ListRoleAliases",
"iot:ListStreams",
"iot:ListTargetsForPolicy",
"iot:ListThingGroups",
"iot:ListThingGroupsForThing",
"iot:ListThingPrincipals",
"iot:ListThingRegistrationTaskReports",
"iot:ListThingRegistrationTasks",
"iot:ListThings",
"iot:ListThingsInThingGroup",
"iot:ListThingTypes",
"iot:ListTopicRules",
"iot:ListV2LoggingLevels",
"iot:SearchIndex",
"iot:TestAuthorization",
"iot:TestInvokeAuthorizer",
"iot:DescribeAccountAuditConfiguration",
"iot:DescribeAuditTask",
"iot:ListAuditTasks",
"iot:DescribeScheduledAudit",
"iot:ListScheduledAudits",
"iot:ListAuditFindings",
"iot:DescribeSecurityProfile",
"iot:ListSecurityProfiles",
"iot:ListSecurityProfilesForTarget",
"iot:ListTargetsForSecurityProfile",
"iot:ListActiveViolations",
"iot:ListViolationEvents",
"iot:ValidateSecurityProfileBehaviors"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJHENEMXGX4XMFOIOI",
"PolicyName": "AWSIoTConfigReadOnlyAccess",
"UpdateDate": "2018-07-18T21:22:11+00:00",
"VersionId": "v7"
},
"AWSIoTDataAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSIoTDataAccess",
"AttachmentCount": 0,
"CreateDate": "2015-10-27T21:51:18+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"iot:Connect",
"iot:Publish",
"iot:Subscribe",
"iot:Receive",
"iot:GetThingShadow",
"iot:UpdateThingShadow",
"iot:DeleteThingShadow"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJM2KI2UJDR24XPS2K",
"PolicyName": "AWSIoTDataAccess",
"UpdateDate": "2017-11-16T18:24:11+00:00",
"VersionId": "v2"
},
"AWSIoTDeviceDefenderAudit": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderAudit",
"AttachmentCount": 0,
"CreateDate": "2018-07-18T21:17:40+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"iot:GetLoggingOptions",
"iot:GetV2LoggingOptions",
"iot:ListCACertificates",
"iot:ListCertificates",
"iot:DescribeCACertificate",
"iot:DescribeCertificate",
"iot:ListPolicies",
"iot:GetPolicy",
"iot:GetEffectivePolicies",
"cognito-identity:GetIdentityPoolRoles",
"iam:ListRolePolicies",
"iam:ListAttachedRolePolicies",
"iam:GetPolicy",
"iam:GetPolicyVersion",
"iam:GetRolePolicy"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJKUN6OAGIHZ66TRKO",
"PolicyName": "AWSIoTDeviceDefenderAudit",
"UpdateDate": "2018-07-18T21:17:40+00:00",
"VersionId": "v1"
},
"AWSIoTEventsFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSIoTEventsFullAccess",
"AttachmentCount": 0,
"CreateDate": "2019-01-10T22:51:57+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"iotevents:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJGA726P7LVUWJZ2LM",
"PolicyName": "AWSIoTEventsFullAccess",
"UpdateDate": "2019-01-10T22:51:57+00:00",
"VersionId": "v1"
},
"AWSIoTEventsReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSIoTEventsReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2019-01-10T22:50:08+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"iotevents:Describe*",
"iotevents:List*",
"iotevents:Get*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJYJFNAR7CN5JW52PG",
"PolicyName": "AWSIoTEventsReadOnlyAccess",
"UpdateDate": "2019-01-10T22:50:08+00:00",
"VersionId": "v1"
},
"AWSIoTFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSIoTFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-10-08T15:19:49+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"iot:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJU2FPGG6PQWN72V2G",
"PolicyName": "AWSIoTFullAccess",
"UpdateDate": "2015-10-08T15:19:49+00:00",
"VersionId": "v1"
},
"AWSIoTLogging": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSIoTLogging",
"AttachmentCount": 0,
"CreateDate": "2015-10-08T15:17:25+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:PutMetricFilter",
"logs:PutRetentionPolicy",
"logs:GetLogEvents",
"logs:DeleteLogStream"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI6R6Z2FHHGS454W7W",
"PolicyName": "AWSIoTLogging",
"UpdateDate": "2015-10-08T15:17:25+00:00",
"VersionId": "v1"
},
"AWSIoTOTAUpdate": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSIoTOTAUpdate",
"AttachmentCount": 0,
"CreateDate": "2017-12-20T20:36:53+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": {
"Action": [
"iot:CreateJob",
"signer:DescribeSigningJob"
],
"Effect": "Allow",
"Resource": "*"
},
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJLJYWX53STBZFPUEY",
"PolicyName": "AWSIoTOTAUpdate",
"UpdateDate": "2017-12-20T20:36:53+00:00",
"VersionId": "v1"
},
"AWSIoTRuleActions": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSIoTRuleActions",
"AttachmentCount": 0,
"CreateDate": "2015-10-08T15:14:51+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": {
"Action": [
"dynamodb:PutItem",
"kinesis:PutRecord",
"iot:Publish",
"s3:PutObject",
"sns:Publish",
"sqs:SendMessage*",
"cloudwatch:SetAlarmState",
"cloudwatch:PutMetricData",
"es:ESHttpPut",
"firehose:PutRecord"
],
"Effect": "Allow",
"Resource": "*"
},
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJEZ6FS7BUZVUHMOKY",
"PolicyName": "AWSIoTRuleActions",
"UpdateDate": "2018-01-16T19:28:19+00:00",
"VersionId": "v2"
},
"AWSIoTSiteWiseConsoleFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSIoTSiteWiseConsoleFullAccess",
"AttachmentCount": 0,
"CreateDate": "2019-05-31T21:37:49+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "iotsitewise:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iotanalytics:List*",
"iotanalytics:Describe*",
"iotanalytics:Create*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iot:DescribeEndpoint",
"iot:GetThingShadow"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"greengrass:GetGroup",
"greengrass:GetGroupVersion",
"greengrass:GetCoreDefinitionVersion",
"greengrass:ListGroups"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"secretsmanager:ListSecrets",
"secretsmanager:CreateSecret"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"secretsmanager:UpdateSecret"
],
"Effect": "Allow",
"Resource": "arn:aws:secretsmanager:*:*:secret:greengrass-*"
},
{
"Action": [
"tag:GetResources"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:CreateServiceLinkedRole"
],
"Condition": {
"StringEquals": {
"iam:AWSServiceName": "iotsitewise.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/iotsitewise.amazonaws.com/AWSServiceRoleForIoTSiteWise*"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringEquals": {
"iam:PassedToService": "iotsitewise.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/iotsitewise.amazonaws.com/AWSServiceRoleForIoTSiteWise*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAZKAPJZG4K7KP5VA7F",
"PolicyName": "AWSIoTSiteWiseConsoleFullAccess",
"UpdateDate": "2019-05-31T21:37:49+00:00",
"VersionId": "v1"
},
"AWSIoTSiteWiseFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSIoTSiteWiseFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-12-04T20:53:39+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"iotsitewise:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAILUK3XBM6TZ5Q3PX2",
"PolicyName": "AWSIoTSiteWiseFullAccess",
"UpdateDate": "2018-12-04T20:53:39+00:00",
"VersionId": "v1"
},
"AWSIoTSiteWiseReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSIoTSiteWiseReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2018-12-04T20:55:11+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"iotsitewise:Describe*",
"iotsitewise:List*",
"iotsitewise:Get*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJLHEAFKME2QL64WKK",
"PolicyName": "AWSIoTSiteWiseReadOnlyAccess",
"UpdateDate": "2018-12-04T20:55:11+00:00",
"VersionId": "v1"
},
"AWSIoTThingsRegistration": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration",
"AttachmentCount": 0,
"CreateDate": "2017-12-01T20:21:52+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"iot:AddThingToThingGroup",
"iot:AttachPrincipalPolicy",
"iot:AttachThingPrincipal",
"iot:CreateCertificateFromCsr",
"iot:CreatePolicy",
"iot:CreateThing",
"iot:DescribeCertificate",
"iot:DescribeThing",
"iot:DescribeThingGroup",
"iot:DescribeThingType",
"iot:DetachThingPrincipal",
"iot:GetPolicy",
"iot:ListPolicyPrincipals",
"iot:ListPrincipalPolicies",
"iot:ListPrincipalThings",
"iot:ListThingGroupsForThing",
"iot:ListThingPrincipals",
"iot:RegisterCertificate",
"iot:RegisterThing",
"iot:RemoveThingFromThingGroup",
"iot:UpdateCertificate",
"iot:UpdateThing",
"iot:UpdateThingGroupsForThing"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI3YQXTC5XAEVTJNEU",
"PolicyName": "AWSIoTThingsRegistration",
"UpdateDate": "2017-12-01T20:21:52+00:00",
"VersionId": "v1"
},
"AWSKeyManagementServiceCustomKeyStoresServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSKeyManagementServiceCustomKeyStoresServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-11-14T20:10:53+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloudhsm:Describe*",
"ec2:CreateNetworkInterface",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateSecurityGroup",
"ec2:DescribeSecurityGroups",
"ec2:RevokeSecurityGroupEgress",
"ec2:DeleteSecurityGroup"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIADMJEHVVYK5AUQOO",
"PolicyName": "AWSKeyManagementServiceCustomKeyStoresServiceRolePolicy",
"UpdateDate": "2018-11-14T20:10:53+00:00",
"VersionId": "v1"
},
"AWSKeyManagementServicePowerUser": {
"Arn": "arn:aws:iam::aws:policy/AWSKeyManagementServicePowerUser",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:40+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"kms:CreateAlias",
"kms:CreateKey",
"kms:DeleteAlias",
"kms:Describe*",
"kms:GenerateRandom",
"kms:Get*",
"kms:List*",
"kms:TagResource",
"kms:UntagResource",
"iam:ListGroups",
"iam:ListRoles",
"iam:ListUsers"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJNPP7PPPPMJRV2SA4",
"PolicyName": "AWSKeyManagementServicePowerUser",
"UpdateDate": "2017-03-07T00:55:11+00:00",
"VersionId": "v2"
},
"AWSLambdaBasicExecutionRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole",
"AttachmentCount": 2,
"CreateDate": "2015-04-09T15:03:43+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJNCQGXC42545SKXIK",
"PolicyName": "AWSLambdaBasicExecutionRole",
"UpdateDate": "2015-04-09T15:03:43+00:00",
"VersionId": "v1"
},
"AWSLambdaDynamoDBExecutionRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSLambdaDynamoDBExecutionRole",
"AttachmentCount": 0,
"CreateDate": "2015-04-09T15:09:29+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"dynamodb:DescribeStream",
"dynamodb:GetRecords",
"dynamodb:GetShardIterator",
"dynamodb:ListStreams",
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIP7WNAGMIPYNW4WQG",
"PolicyName": "AWSLambdaDynamoDBExecutionRole",
"UpdateDate": "2015-04-09T15:09:29+00:00",
"VersionId": "v1"
},
"AWSLambdaENIManagementAccess": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSLambdaENIManagementAccess",
"AttachmentCount": 0,
"CreateDate": "2016-12-06T00:37:27+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:CreateNetworkInterface",
"ec2:DescribeNetworkInterfaces",
"ec2:DeleteNetworkInterface"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJXAW2Q3KPTURUT2QC",
"PolicyName": "AWSLambdaENIManagementAccess",
"UpdateDate": "2016-12-06T00:37:27+00:00",
"VersionId": "v1"
},
"AWSLambdaExecute": {
"Arn": "arn:aws:iam::aws:policy/AWSLambdaExecute",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:46+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"logs:*"
],
"Effect": "Allow",
"Resource": "arn:aws:logs:*:*:*"
},
{
"Action": [
"s3:GetObject",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJE5FX7FQZSU5XAKGO",
"PolicyName": "AWSLambdaExecute",
"UpdateDate": "2015-02-06T18:40:46+00:00",
"VersionId": "v1"
},
"AWSLambdaFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSLambdaFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:45+00:00",
"DefaultVersionId": "v8",
"Document": {
"Statement": [
{
"Action": [
"cloudformation:DescribeChangeSet",
"cloudformation:DescribeStackResources",
"cloudformation:DescribeStacks",
"cloudformation:GetTemplate",
"cloudformation:ListStackResources",
"cloudwatch:*",
"cognito-identity:ListIdentityPools",
"cognito-sync:GetCognitoEvents",
"cognito-sync:SetCognitoEvents",
"dynamodb:*",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"events:*",
"iam:GetPolicy",
"iam:GetPolicyVersion",
"iam:GetRole",
"iam:GetRolePolicy",
"iam:ListAttachedRolePolicies",
"iam:ListRolePolicies",
"iam:ListRoles",
"iam:PassRole",
"iot:AttachPrincipalPolicy",
"iot:AttachThingPrincipal",
"iot:CreateKeysAndCertificate",
"iot:CreatePolicy",
"iot:CreateThing",
"iot:CreateTopicRule",
"iot:DescribeEndpoint",
"iot:GetTopicRule",
"iot:ListPolicies",
"iot:ListThings",
"iot:ListTopicRules",
"iot:ReplaceTopicRule",
"kinesis:DescribeStream",
"kinesis:ListStreams",
"kinesis:PutRecord",
"kms:ListAliases",
"lambda:*",
"logs:*",
"s3:*",
"sns:ListSubscriptions",
"sns:ListSubscriptionsByTopic",
"sns:ListTopics",
"sns:Publish",
"sns:Subscribe",
"sns:Unsubscribe",
"sqs:ListQueues",
"sqs:SendMessage",
"tag:GetResources",
"xray:PutTelemetryRecords",
"xray:PutTraceSegments"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI6E2CYYMI4XI7AA5K",
"PolicyName": "AWSLambdaFullAccess",
"UpdateDate": "2017-11-27T23:22:38+00:00",
"VersionId": "v8"
},
"AWSLambdaInvocation-DynamoDB": {
"Arn": "arn:aws:iam::aws:policy/AWSLambdaInvocation-DynamoDB",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:47+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"lambda:InvokeFunction"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"dynamodb:DescribeStream",
"dynamodb:GetRecords",
"dynamodb:GetShardIterator",
"dynamodb:ListStreams"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJTHQ3EKCQALQDYG5G",
"PolicyName": "AWSLambdaInvocation-DynamoDB",
"UpdateDate": "2015-02-06T18:40:47+00:00",
"VersionId": "v1"
},
"AWSLambdaKinesisExecutionRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSLambdaKinesisExecutionRole",
"AttachmentCount": 0,
"CreateDate": "2015-04-09T15:14:16+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"kinesis:DescribeStream",
"kinesis:DescribeStreamSummary",
"kinesis:GetRecords",
"kinesis:GetShardIterator",
"kinesis:ListShards",
"kinesis:ListStreams",
"kinesis:SubscribeToShard",
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJHOLKJPXV4GBRMJUQ",
"PolicyName": "AWSLambdaKinesisExecutionRole",
"UpdateDate": "2018-11-19T20:09:24+00:00",
"VersionId": "v2"
},
"AWSLambdaReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSLambdaReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:44+00:00",
"DefaultVersionId": "v8",
"Document": {
"Statement": [
{
"Action": [
"cloudformation:DescribeChangeSet",
"cloudformation:DescribeStackResources",
"cloudformation:DescribeStacks",
"cloudformation:GetTemplate",
"cloudformation:ListStackResources",
"cloudwatch:Describe*",
"cloudwatch:Get*",
"cloudwatch:List*",
"cognito-identity:ListIdentityPools",
"cognito-sync:GetCognitoEvents",
"dynamodb:BatchGetItem",
"dynamodb:DescribeStream",
"dynamodb:DescribeTable",
"dynamodb:GetItem",
"dynamodb:ListStreams",
"dynamodb:ListTables",
"dynamodb:Query",
"dynamodb:Scan",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"events:Describe*",
"events:List*",
"iam:GetPolicy",
"iam:GetPolicyVersion",
"iam:GetRole",
"iam:GetRolePolicy",
"iam:ListAttachedRolePolicies",
"iam:ListRolePolicies",
"iam:ListRoles",
"iot:DescribeEndpoint",
"iot:GetTopicRule",
"iot:ListPolicies",
"iot:ListThings",
"iot:ListTopicRules",
"kinesis:DescribeStream",
"kinesis:ListStreams",
"kms:ListAliases",
"lambda:Get*",
"lambda:List*",
"logs:DescribeLogGroups",
"logs:DescribeLogStreams",
"logs:DescribeMetricFilters",
"logs:GetLogEvents",
"s3:Get*",
"s3:List*",
"sns:ListSubscriptions",
"sns:ListSubscriptionsByTopic",
"sns:ListTopics",
"sqs:ListQueues",
"tag:GetResources"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJLDG7J3CGUHFN4YN6",
"PolicyName": "AWSLambdaReadOnlyAccess",
"UpdateDate": "2018-09-06T18:04:54+00:00",
"VersionId": "v8"
},
"AWSLambdaReplicator": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSLambdaReplicator",
"AttachmentCount": 0,
"CreateDate": "2017-05-23T17:53:03+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"lambda:CreateFunction",
"lambda:DeleteFunction",
"lambda:DisableReplication"
],
"Effect": "Allow",
"Resource": [
"arn:aws:lambda:*:*:function:*"
],
"Sid": "LambdaCreateDeletePermission"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringLikeIfExists": {
"iam:PassedToService": "lambda.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "IamPassRolePermission"
},
{
"Action": [
"cloudfront:ListDistributionsByLambdaFunction"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "CloudFrontListDistributions"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIIQFXZNNLL3E2HKTG",
"PolicyName": "AWSLambdaReplicator",
"UpdateDate": "2017-12-08T00:17:54+00:00",
"VersionId": "v3"
},
"AWSLambdaRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSLambdaRole",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:28+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"lambda:InvokeFunction"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJX4DPCRGTC4NFDUXI",
"PolicyName": "AWSLambdaRole",
"UpdateDate": "2015-02-06T18:41:28+00:00",
"VersionId": "v1"
},
"AWSLambdaSQSQueueExecutionRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSLambdaSQSQueueExecutionRole",
"AttachmentCount": 0,
"CreateDate": "2018-06-14T21:50:45+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"sqs:ReceiveMessage",
"sqs:DeleteMessage",
"sqs:GetQueueAttributes",
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJFWJZI6JNND4TSELK",
"PolicyName": "AWSLambdaSQSQueueExecutionRole",
"UpdateDate": "2018-06-14T21:50:45+00:00",
"VersionId": "v1"
},
"AWSLambdaVPCAccessExecutionRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole",
"AttachmentCount": 0,
"CreateDate": "2016-02-11T23:15:26+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents",
"ec2:CreateNetworkInterface",
"ec2:DescribeNetworkInterfaces",
"ec2:DeleteNetworkInterface"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJVTME3YLVNL72YR2K",
"PolicyName": "AWSLambdaVPCAccessExecutionRole",
"UpdateDate": "2016-02-11T23:15:26+00:00",
"VersionId": "v1"
},
"AWSLicenseManagerMasterAccountRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerMasterAccountRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-11-26T19:03:51+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"s3:GetBucketLocation",
"s3:ListBucket",
"s3:GetLifecycleConfiguration",
"s3:PutLifecycleConfiguration",
"s3:GetBucketPolicy",
"s3:PutBucketPolicy"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::aws-license-manager-service-*"
],
"Sid": "S3BucketPermissions"
},
{
"Action": [
"s3:AbortMultipartUpload",
"s3:PutObject",
"s3:GetObject",
"s3:ListBucketMultipartUploads",
"s3:ListMultipartUploadParts"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::aws-license-manager-service-*"
],
"Sid": "S3ObjectPermissions1"
},
{
"Action": [
"s3:DeleteObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::aws-license-manager-service-*/resource_sync/*"
],
"Sid": "S3ObjectPermissions2"
},
{
"Action": [
"athena:GetQueryExecution",
"athena:GetQueryResults",
"athena:StartQueryExecution"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "AthenaPermissions"
},
{
"Action": [
"glue:GetTable",
"glue:GetPartition",
"glue:GetPartitions"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "GluePermissions"
},
{
"Action": [
"organizations:DescribeOrganization",
"organizations:ListAccounts",
"organizations:DescribeAccount",
"organizations:ListChildren",
"organizations:ListParents",
"organizations:ListAccountsForParent",
"organizations:ListRoots",
"organizations:ListAWSServiceAccessForOrganization"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "OrganizationPermissions"
},
{
"Action": [
"ram:GetResourceShares",
"ram:GetResourceShareAssociations",
"ram:TagResource"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "RAMPermissions1"
},
{
"Action": [
"ram:CreateResourceShare"
],
"Condition": {
"StringEquals": {
"aws:RequestTag/Service": "LicenseManager"
}
},
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "RAMPermissions2"
},
{
"Action": [
"ram:AssociateResourceShare",
"ram:DisassociateResourceShare",
"ram:UpdateResourceShare",
"ram:DeleteResourceShare"
],
"Condition": {
"StringEquals": {
"ram:ResourceTag/Service": "LicenseManager"
}
},
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "RAMPermissions3"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIJE2NOZW2BDEHYUH2",
"PolicyName": "AWSLicenseManagerMasterAccountRolePolicy",
"UpdateDate": "2018-11-26T19:03:51+00:00",
"VersionId": "v1"
},
"AWSLicenseManagerMemberAccountRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerMemberAccountRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-11-26T19:04:32+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"license-manager:UpdateLicenseSpecificationsForResource"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "LicenseManagerPermissions"
},
{
"Action": [
"ssm:ListInventoryEntries",
"ssm:GetInventory",
"ssm:CreateAssociation",
"ssm:CreateResourceDataSync",
"ssm:DeleteResourceDataSync",
"ssm:ListResourceDataSync",
"ssm:ListAssociations"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "SSMPermissions"
},
{
"Action": [
"ram:AcceptResourceShareInvitation",
"ram:GetResourceShareInvitations"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "RAMPermissions"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJZTYEY2LEGBYAVUY4",
"PolicyName": "AWSLicenseManagerMemberAccountRolePolicy",
"UpdateDate": "2018-11-26T19:04:32+00:00",
"VersionId": "v1"
},
"AWSLicenseManagerServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-11-26T19:02:53+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"s3:GetBucketLocation",
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::aws-license-manager-service-*"
],
"Sid": "S3BucketPermissions1"
},
{
"Action": [
"s3:ListAllMyBuckets"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "S3BucketPermissions2"
},
{
"Action": [
"s3:PutObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::aws-license-manager-service-*"
],
"Sid": "S3ObjectPermissions"
},
{
"Action": [
"sns:Publish"
],
"Effect": "Allow",
"Resource": [
"arn:aws:sns:*:*:aws-license-manager-service-*"
],
"Sid": "SNSAccountPermissions"
},
{
"Action": [
"sns:ListTopics"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "SNSTopicPermissions"
},
{
"Action": [
"ec2:DescribeInstances",
"ec2:DescribeImages",
"ec2:DescribeHosts"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "EC2Permissions"
},
{
"Action": [
"ssm:ListInventoryEntries",
"ssm:GetInventory",
"ssm:CreateAssociation"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "SSMPermissions"
},
{
"Action": [
"organizations:ListAWSServiceAccessForOrganization",
"organizations:DescribeOrganization"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "OrganizationPermissions"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIM7JPETWHTYNBQSZE",
"PolicyName": "AWSLicenseManagerServiceRolePolicy",
"UpdateDate": "2018-11-26T19:02:53+00:00",
"VersionId": "v1"
},
"AWSMarketplaceFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSMarketplaceFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-11T17:21:45+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"aws-marketplace:*",
"cloudformation:CreateStack",
"cloudformation:DescribeStackResource",
"cloudformation:DescribeStackResources",
"cloudformation:DescribeStacks",
"cloudformation:List*",
"ec2:AuthorizeSecurityGroupEgress",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateSecurityGroup",
"ec2:CreateTags",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAddresses",
"ec2:DeleteSecurityGroup",
"ec2:DescribeAccountAttributes",
"ec2:DescribeImages",
"ec2:DescribeInstances",
"ec2:DescribeKeyPairs",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeTags",
"ec2:DescribeVpcs",
"ec2:RunInstances",
"ec2:StartInstances",
"ec2:StopInstances",
"ec2:TerminateInstances"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:CopyImage",
"ec2:DeregisterImage",
"ec2:DescribeSnapshots",
"ec2:DeleteSnapshot",
"ec2:CreateImage",
"ec2:DescribeInstanceStatus",
"ssm:GetAutomationExecution",
"ssm:UpdateDocumentDefaultVersion",
"ssm:CreateDocument",
"ssm:StartAutomationExecution",
"ssm:ListDocuments",
"ssm:UpdateDocument",
"ssm:DescribeDocument",
"sns:ListTopics",
"sns:GetTopicAttributes",
"sns:CreateTopic",
"iam:GetRole",
"iam:GetInstanceProfile",
"iam:ListRoles",
"iam:ListInstanceProfiles"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:ListBucket",
"s3:GetObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::*image-build*"
]
},
{
"Action": [
"sns:Publish",
"sns:setTopicAttributes"
],
"Effect": "Allow",
"Resource": "arn:aws:sns:*:*:*image-build*"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringLike": {
"iam:PassedToService": [
"ec2.amazonaws.com",
"ssm.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI2DV5ULJSO2FYVPYG",
"PolicyName": "AWSMarketplaceFullAccess",
"UpdateDate": "2018-08-08T21:13:02+00:00",
"VersionId": "v3"
},
"AWSMarketplaceGetEntitlements": {
"Arn": "arn:aws:iam::aws:policy/AWSMarketplaceGetEntitlements",
"AttachmentCount": 0,
"CreateDate": "2017-03-27T19:37:24+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"aws-marketplace:GetEntitlements"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJLPIMQE4WMHDC2K7C",
"PolicyName": "AWSMarketplaceGetEntitlements",
"UpdateDate": "2017-03-27T19:37:24+00:00",
"VersionId": "v1"
},
"AWSMarketplaceImageBuildFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSMarketplaceImageBuildFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-07-31T23:29:49+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"aws-marketplace:ListBuilds",
"aws-marketplace:StartBuild",
"aws-marketplace:DescribeBuilds"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "ec2:TerminateInstances",
"Condition": {
"StringLike": {
"ec2:ResourceTag/marketplace-image-build:build-id": "*"
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:PassRole",
"Condition": {
"StringEquals": {
"iam:PassedToService": [
"ec2.amazonaws.com",
"ssm.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/*Automation*",
"arn:aws:iam::*:role/*Instance*"
]
},
{
"Action": [
"ssm:GetAutomationExecution",
"ssm:CreateDocument",
"ssm:StartAutomationExecution",
"ssm:ListDocuments",
"ssm:UpdateDocument",
"ssm:UpdateDocumentDefaultVersion",
"ssm:DescribeDocument",
"ec2:DeregisterImage",
"ec2:CopyImage",
"ec2:DescribeSnapshots",
"ec2:DescribeSecurityGroups",
"ec2:DescribeImages",
"ec2:DescribeSubnets",
"ec2:DeleteSnapshot",
"ec2:CreateImage",
"ec2:RunInstances",
"ec2:DescribeInstanceStatus",
"sns:GetTopicAttributes",
"iam:GetRole",
"iam:GetInstanceProfile"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:GetObject",
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::*image-build*"
]
},
{
"Action": [
"ec2:CreateTags"
],
"Effect": "Allow",
"Resource": [
"arn:aws:ec2:*::image/*",
"arn:aws:ec2:*:*:instance/*"
]
},
{
"Action": [
"sns:Publish"
],
"Effect": "Allow",
"Resource": [
"arn:aws:sns:*:*:*image-build*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI4QBMJWC3BNHBHN6I",
"PolicyName": "AWSMarketplaceImageBuildFullAccess",
"UpdateDate": "2018-08-08T21:11:59+00:00",
"VersionId": "v2"
},
"AWSMarketplaceManageSubscriptions": {
"Arn": "arn:aws:iam::aws:policy/AWSMarketplaceManageSubscriptions",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:32+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"aws-marketplace:ViewSubscriptions",
"aws-marketplace:Subscribe",
"aws-marketplace:Unsubscribe"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJRDW2WIFN7QLUAKBQ",
"PolicyName": "AWSMarketplaceManageSubscriptions",
"UpdateDate": "2015-02-06T18:40:32+00:00",
"VersionId": "v1"
},
"AWSMarketplaceMeteringFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSMarketplaceMeteringFullAccess",
"AttachmentCount": 0,
"CreateDate": "2016-03-17T22:39:22+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"aws-marketplace:MeterUsage"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ65YJPG7CC7LDXNA6",
"PolicyName": "AWSMarketplaceMeteringFullAccess",
"UpdateDate": "2016-03-17T22:39:22+00:00",
"VersionId": "v1"
},
"AWSMarketplaceRead-only": {
"Arn": "arn:aws:iam::aws:policy/AWSMarketplaceRead-only",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:31+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"aws-marketplace:ViewSubscriptions",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAddresses",
"ec2:DescribeImages",
"ec2:DescribeInstances",
"ec2:DescribeKeyPairs",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"aws-marketplace:ListBuilds",
"aws-marketplace:DescribeBuilds",
"iam:ListRoles",
"iam:ListInstanceProfiles",
"sns:GetTopicAttributes",
"sns:ListTopics"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJOOM6LETKURTJ3XZ2",
"PolicyName": "AWSMarketplaceRead-only",
"UpdateDate": "2018-07-31T23:24:24+00:00",
"VersionId": "v2"
},
"AWSMigrationHubDMSAccess": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSMigrationHubDMSAccess",
"AttachmentCount": 0,
"CreateDate": "2017-08-14T14:00:06+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"mgh:CreateProgressUpdateStream"
],
"Effect": "Allow",
"Resource": "arn:aws:mgh:*:*:progressUpdateStream/DMS"
},
{
"Action": [
"mgh:AssociateCreatedArtifact",
"mgh:DescribeMigrationTask",
"mgh:DisassociateCreatedArtifact",
"mgh:ImportMigrationTask",
"mgh:ListCreatedArtifacts",
"mgh:NotifyMigrationTaskState",
"mgh:PutResourceAttributes",
"mgh:NotifyApplicationState",
"mgh:DescribeApplicationState",
"mgh:AssociateDiscoveredResource",
"mgh:DisassociateDiscoveredResource",
"mgh:ListDiscoveredResources"
],
"Effect": "Allow",
"Resource": "arn:aws:mgh:*:*:progressUpdateStream/DMS/*"
},
{
"Action": [
"mgh:ListMigrationTasks"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIUQB56VA4JHLN7G2W",
"PolicyName": "AWSMigrationHubDMSAccess",
"UpdateDate": "2017-08-14T14:00:06+00:00",
"VersionId": "v1"
},
"AWSMigrationHubDiscoveryAccess": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSMigrationHubDiscoveryAccess",
"AttachmentCount": 0,
"CreateDate": "2017-08-14T13:30:51+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"discovery:ListConfigurations",
"discovery:DescribeConfigurations"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAITRMRLSV7JAL6YIGG",
"PolicyName": "AWSMigrationHubDiscoveryAccess",
"UpdateDate": "2017-08-14T13:30:51+00:00",
"VersionId": "v1"
},
"AWSMigrationHubFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSMigrationHubFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-08-14T14:02:54+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"mgh:*",
"discovery:*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:GetRole"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringEquals": {
"iam:AWSServiceName": "continuousexport.discovery.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/continuousexport.discovery.amazonaws.com/AWSServiceRoleForApplicationDiscoveryServiceContinuousExport*"
},
{
"Action": [
"iam:DeleteServiceLinkedRole",
"iam:GetServiceLinkedRoleDeletionStatus"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/continuousexport.discovery.amazonaws.com/AWSServiceRoleForApplicationDiscoveryServiceContinuousExport*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ4A2SZKHUYHDYIGOK",
"PolicyName": "AWSMigrationHubFullAccess",
"UpdateDate": "2018-08-16T20:29:37+00:00",
"VersionId": "v3"
},
"AWSMigrationHubSMSAccess": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSMigrationHubSMSAccess",
"AttachmentCount": 0,
"CreateDate": "2017-08-14T13:57:54+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"mgh:CreateProgressUpdateStream"
],
"Effect": "Allow",
"Resource": "arn:aws:mgh:*:*:progressUpdateStream/SMS"
},
{
"Action": [
"mgh:AssociateCreatedArtifact",
"mgh:DescribeMigrationTask",
"mgh:DisassociateCreatedArtifact",
"mgh:ImportMigrationTask",
"mgh:ListCreatedArtifacts",
"mgh:NotifyMigrationTaskState",
"mgh:PutResourceAttributes",
"mgh:NotifyApplicationState",
"mgh:DescribeApplicationState",
"mgh:AssociateDiscoveredResource",
"mgh:DisassociateDiscoveredResource",
"mgh:ListDiscoveredResources"
],
"Effect": "Allow",
"Resource": "arn:aws:mgh:*:*:progressUpdateStream/SMS/*"
},
{
"Action": [
"mgh:ListMigrationTasks"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIWQYYT6TSVIRJO4TY",
"PolicyName": "AWSMigrationHubSMSAccess",
"UpdateDate": "2017-08-14T13:57:54+00:00",
"VersionId": "v1"
},
"AWSMobileHub_FullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSMobileHub_FullAccess",
"AttachmentCount": 0,
"CreateDate": "2016-01-05T19:56:01+00:00",
"DefaultVersionId": "v13",
"Document": {
"Statement": [
{
"Action": [
"apigateway:GET",
"apigateway:GetRestApis",
"apigateway:GetResources",
"apigateway:POST",
"apigateway:TestInvokeMethod",
"cloudfront:GetDistribution",
"devicefarm:CreateProject",
"devicefarm:ListJobs",
"devicefarm:ListRuns",
"devicefarm:GetProject",
"devicefarm:GetRun",
"devicefarm:ListArtifacts",
"devicefarm:ListProjects",
"devicefarm:ScheduleRun",
"dynamodb:DescribeTable",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"iam:ListSAMLProviders",
"lambda:ListFunctions",
"sns:ListTopics",
"lex:GetIntent",
"lex:GetIntents",
"lex:GetSlotType",
"lex:GetSlotTypes",
"lex:GetBot",
"lex:GetBots",
"lex:GetBotAlias",
"lex:GetBotAliases",
"mobilehub:CreateProject",
"mobilehub:DeleteProject",
"mobilehub:UpdateProject",
"mobilehub:ExportProject",
"mobilehub:ImportProject",
"mobilehub:SynchronizeProject",
"mobilehub:GenerateProjectParameters",
"mobilehub:GetProject",
"mobilehub:GetProjectSnapshot",
"mobilehub:ListProjectSnapshots",
"mobilehub:DeleteProjectSnapshot",
"mobilehub:ListAvailableConnectors",
"mobilehub:ListAvailableFeatures",
"mobilehub:ListAvailableRegions",
"mobilehub:ListProjects",
"mobilehub:ValidateProject",
"mobilehub:VerifyServiceRole",
"mobilehub:DescribeBundle",
"mobilehub:ExportBundle",
"mobilehub:ListBundles"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::*/aws-my-sample-app*.zip"
},
{
"Action": [
"s3:PutObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::*-mobilehub-*/*"
},
{
"Action": [
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::*-mobilehub-*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIJLU43R6AGRBK76DM",
"PolicyName": "AWSMobileHub_FullAccess",
"UpdateDate": "2018-02-05T23:44:29+00:00",
"VersionId": "v13"
},
"AWSMobileHub_ReadOnly": {
"Arn": "arn:aws:iam::aws:policy/AWSMobileHub_ReadOnly",
"AttachmentCount": 0,
"CreateDate": "2016-01-05T19:55:48+00:00",
"DefaultVersionId": "v10",
"Document": {
"Statement": [
{
"Action": [
"dynamodb:DescribeTable",
"iam:ListSAMLProviders",
"lambda:ListFunctions",
"sns:ListTopics",
"lex:GetIntent",
"lex:GetIntents",
"lex:GetSlotType",
"lex:GetSlotTypes",
"lex:GetBot",
"lex:GetBots",
"lex:GetBotAlias",
"lex:GetBotAliases",
"mobilehub:ExportProject",
"mobilehub:GenerateProjectParameters",
"mobilehub:GetProject",
"mobilehub:SynchronizeProject",
"mobilehub:GetProjectSnapshot",
"mobilehub:ListProjectSnapshots",
"mobilehub:ListAvailableConnectors",
"mobilehub:ListAvailableFeatures",
"mobilehub:ListAvailableRegions",
"mobilehub:ListProjects",
"mobilehub:ValidateProject",
"mobilehub:VerifyServiceRole",
"mobilehub:DescribeBundle",
"mobilehub:ExportBundle",
"mobilehub:ListBundles"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::*/aws-my-sample-app*.zip"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIBXVYVL3PWQFBZFGW",
"PolicyName": "AWSMobileHub_ReadOnly",
"UpdateDate": "2018-07-23T21:59:05+00:00",
"VersionId": "v10"
},
"AWSOpsWorksCMInstanceProfileRole": {
"Arn": "arn:aws:iam::aws:policy/AWSOpsWorksCMInstanceProfileRole",
"AttachmentCount": 0,
"CreateDate": "2016-11-24T09:48:22+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"cloudformation:DescribeStackResource",
"cloudformation:SignalResource"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"s3:AbortMultipartUpload",
"s3:DeleteObject",
"s3:GetObject",
"s3:ListAllMyBuckets",
"s3:ListBucket",
"s3:ListMultipartUploadParts",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::aws-opsworks-cm-*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAICSU3OSHCURP2WIZW",
"PolicyName": "AWSOpsWorksCMInstanceProfileRole",
"UpdateDate": "2017-11-03T12:01:32+00:00",
"VersionId": "v2"
},
"AWSOpsWorksCMServiceRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSOpsWorksCMServiceRole",
"AttachmentCount": 0,
"CreateDate": "2016-11-24T09:49:46+00:00",
"DefaultVersionId": "v8",
"Document": {
"Statement": [
{
"Action": [
"s3:CreateBucket",
"s3:DeleteObject",
"s3:DeleteBucket",
"s3:GetObject",
"s3:HeadBucket",
"s3:ListBucket",
"s3:ListObjects",
"s3:PutBucketPolicy",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::aws-opsworks-cm-*"
]
},
{
"Action": [
"ssm:DescribeInstanceInformation",
"ssm:GetCommandInvocation",
"ssm:ListCommandInvocations",
"ssm:ListCommands"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"ssm:SendCommand"
],
"Condition": {
"StringLike": {
"ssm:resourceTag/aws:cloudformation:stack-name": "aws-opsworks-cm-*"
}
},
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"ssm:SendCommand"
],
"Effect": "Allow",
"Resource": [
"arn:aws:ssm:*::document/*",
"arn:aws:s3:::aws-opsworks-cm-*"
]
},
{
"Action": [
"ec2:AllocateAddress",
"ec2:AssociateAddress",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateImage",
"ec2:CreateSecurityGroup",
"ec2:CreateSnapshot",
"ec2:CreateTags",
"ec2:DeleteSecurityGroup",
"ec2:DeleteSnapshot",
"ec2:DeregisterImage",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAddresses",
"ec2:DescribeImages",
"ec2:DescribeInstanceStatus",
"ec2:DescribeInstances",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSnapshots",
"ec2:DescribeSubnets",
"ec2:DisassociateAddress",
"ec2:ReleaseAddress",
"ec2:RunInstances",
"ec2:StopInstances"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"ec2:TerminateInstances",
"ec2:RebootInstances"
],
"Condition": {
"StringLike": {
"ec2:ResourceTag/aws:cloudformation:stack-name": "aws-opsworks-cm-*"
}
},
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"opsworks-cm:DeleteServer",
"opsworks-cm:StartMaintenance"
],
"Effect": "Allow",
"Resource": [
"arn:aws:opsworks-cm:*:*:server/*"
]
},
{
"Action": [
"cloudformation:CreateStack",
"cloudformation:DeleteStack",
"cloudformation:DescribeStackEvents",
"cloudformation:DescribeStackResources",
"cloudformation:DescribeStacks",
"cloudformation:UpdateStack"
],
"Effect": "Allow",
"Resource": [
"arn:aws:cloudformation:*:*:stack/aws-opsworks-cm-*"
]
},
{
"Action": [
"iam:PassRole"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/aws-opsworks-cm-*",
"arn:aws:iam::*:role/service-role/aws-opsworks-cm-*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ6I6MPGJE62URSHCO",
"PolicyName": "AWSOpsWorksCMServiceRole",
"UpdateDate": "2019-02-21T15:15:07+00:00",
"VersionId": "v8"
},
"AWSOpsWorksCloudWatchLogs": {
"Arn": "arn:aws:iam::aws:policy/AWSOpsWorksCloudWatchLogs",
"AttachmentCount": 0,
"CreateDate": "2017-03-30T17:47:19+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogStreams"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJXFIK7WABAY5CPXM4",
"PolicyName": "AWSOpsWorksCloudWatchLogs",
"UpdateDate": "2017-03-30T17:47:19+00:00",
"VersionId": "v1"
},
"AWSOpsWorksFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSOpsWorksFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:48+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"opsworks:*",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeKeyPairs",
"ec2:DescribeSecurityGroups",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"elasticloadbalancing:DescribeInstanceHealth",
"elasticloadbalancing:DescribeLoadBalancers",
"iam:GetRolePolicy",
"iam:ListInstanceProfiles",
"iam:ListRoles",
"iam:ListUsers",
"iam:PassRole"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAICN26VXMXASXKOQCG",
"PolicyName": "AWSOpsWorksFullAccess",
"UpdateDate": "2015-02-06T18:40:48+00:00",
"VersionId": "v1"
},
"AWSOpsWorksInstanceRegistration": {
"Arn": "arn:aws:iam::aws:policy/AWSOpsWorksInstanceRegistration",
"AttachmentCount": 0,
"CreateDate": "2016-06-03T14:23:15+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"opsworks:DescribeStackProvisioningParameters",
"opsworks:DescribeStacks",
"opsworks:RegisterInstance"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJG3LCPVNI4WDZCIMU",
"PolicyName": "AWSOpsWorksInstanceRegistration",
"UpdateDate": "2016-06-03T14:23:15+00:00",
"VersionId": "v1"
},
"AWSOpsWorksRegisterCLI": {
"Arn": "arn:aws:iam::aws:policy/AWSOpsWorksRegisterCLI",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:49+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"opsworks:AssignInstance",
"opsworks:CreateStack",
"opsworks:CreateLayer",
"opsworks:DeregisterInstance",
"opsworks:DescribeInstances",
"opsworks:DescribeStackProvisioningParameters",
"opsworks:DescribeStacks",
"opsworks:UnassignInstance"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"ec2:DescribeInstances"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"iam:AddUserToGroup",
"iam:CreateAccessKey",
"iam:CreateGroup",
"iam:CreateUser",
"iam:ListInstanceProfiles",
"iam:PassRole",
"iam:PutUserPolicy"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ3AB5ZBFPCQGTVDU4",
"PolicyName": "AWSOpsWorksRegisterCLI",
"UpdateDate": "2015-02-06T18:40:49+00:00",
"VersionId": "v1"
},
"AWSOpsWorksRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSOpsWorksRole",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:27+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloudwatch:GetMetricStatistics",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeInstances",
"ec2:DescribeKeyPairs",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"elasticloadbalancing:DescribeInstanceHealth",
"elasticloadbalancing:DescribeLoadBalancers",
"iam:GetRolePolicy",
"iam:ListInstanceProfiles",
"iam:ListRoles",
"iam:ListUsers",
"iam:PassRole",
"opsworks:*",
"rds:*"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIDUTMOKHJFAPJV45W",
"PolicyName": "AWSOpsWorksRole",
"UpdateDate": "2015-02-06T18:41:27+00:00",
"VersionId": "v1"
},
"AWSOrganizationsFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSOrganizationsFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-06T20:31:57+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "organizations:*",
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJZXBNRCJKNLQHSB5M",
"PolicyName": "AWSOrganizationsFullAccess",
"UpdateDate": "2018-11-06T20:31:57+00:00",
"VersionId": "v1"
},
"AWSOrganizationsReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSOrganizationsReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-06T20:32:38+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"organizations:Describe*",
"organizations:List*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJY5RQATUV77PEPVOM",
"PolicyName": "AWSOrganizationsReadOnlyAccess",
"UpdateDate": "2018-11-06T20:32:38+00:00",
"VersionId": "v1"
},
"AWSOrganizationsServiceTrustPolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSOrganizationsServiceTrustPolicy",
"AttachmentCount": 0,
"CreateDate": "2017-10-10T23:04:07+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"iam:DeleteRole"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/aws-service-role/organizations.amazonaws.com/*"
],
"Sid": "AllowDeletionOfServiceLinkedRoleForOrganizations"
},
{
"Action": [
"iam:CreateServiceLinkedRole"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "AllowCreationOfServiceLinkedRoles"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIQH6ROMVVECFVRJPK",
"PolicyName": "AWSOrganizationsServiceTrustPolicy",
"UpdateDate": "2017-11-01T06:01:18+00:00",
"VersionId": "v2"
},
"AWSPriceListServiceFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSPriceListServiceFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-11-22T00:36:27+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"pricing:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIADJ4GBYNHKABML3Q",
"PolicyName": "AWSPriceListServiceFullAccess",
"UpdateDate": "2017-11-22T00:36:27+00:00",
"VersionId": "v1"
},
"AWSPrivateMarketplaceAdminFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSPrivateMarketplaceAdminFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-27T16:32:32+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"aws-marketplace:CreatePrivateMarketplace",
"aws-marketplace:CreatePrivateMarketplaceProfile",
"aws-marketplace:UpdatePrivateMarketplaceProfile",
"aws-marketplace:StartPrivateMarketplace",
"aws-marketplace:StopPrivateMarketplace",
"aws-marketplace:AssociateProductsWithPrivateMarketplace",
"aws-marketplace:DisassociateProductsFromPrivateMarketplace",
"aws-marketplace:DescribePrivateMarketplaceProfile",
"aws-marketplace:DescribePrivateMarketplaceStatus",
"aws-marketplace:ListPrivateMarketplaceProducts",
"aws-marketplace:DescribePrivateMarketplaceProducts"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ6VRZDDCYDOVCOCEI",
"PolicyName": "AWSPrivateMarketplaceAdminFullAccess",
"UpdateDate": "2018-11-27T16:32:32+00:00",
"VersionId": "v1"
},
"AWSQuickSightDescribeRDS": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSQuickSightDescribeRDS",
"AttachmentCount": 0,
"CreateDate": "2015-11-10T23:24:50+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"rds:Describe*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJU5J6OAMCJD3OO76O",
"PolicyName": "AWSQuickSightDescribeRDS",
"UpdateDate": "2015-11-10T23:24:50+00:00",
"VersionId": "v1"
},
"AWSQuickSightDescribeRedshift": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSQuickSightDescribeRedshift",
"AttachmentCount": 0,
"CreateDate": "2015-11-10T23:25:01+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"redshift:Describe*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJFEM6MLSLTW4ZNBW2",
"PolicyName": "AWSQuickSightDescribeRedshift",
"UpdateDate": "2015-11-10T23:25:01+00:00",
"VersionId": "v1"
},
"AWSQuickSightIoTAnalyticsAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSQuickSightIoTAnalyticsAccess",
"AttachmentCount": 0,
"CreateDate": "2017-11-29T17:00:54+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"iotanalytics:ListDatasets",
"iotanalytics:DescribeDataset",
"iotanalytics:GetDatasetContent"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJIZNDRUTKCN5HLZOE",
"PolicyName": "AWSQuickSightIoTAnalyticsAccess",
"UpdateDate": "2017-11-29T17:00:54+00:00",
"VersionId": "v1"
},
"AWSQuickSightListIAM": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSQuickSightListIAM",
"AttachmentCount": 0,
"CreateDate": "2015-11-10T23:25:07+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"iam:List*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI3CH5UUWZN4EKGILO",
"PolicyName": "AWSQuickSightListIAM",
"UpdateDate": "2015-11-10T23:25:07+00:00",
"VersionId": "v1"
},
"AWSQuicksightAthenaAccess": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSQuicksightAthenaAccess",
"AttachmentCount": 0,
"CreateDate": "2016-12-09T02:31:03+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"athena:BatchGetQueryExecution",
"athena:CancelQueryExecution",
"athena:GetCatalogs",
"athena:GetExecutionEngine",
"athena:GetExecutionEngines",
"athena:GetNamespace",
"athena:GetNamespaces",
"athena:GetQueryExecution",
"athena:GetQueryExecutions",
"athena:GetQueryResults",
"athena:GetQueryResultsStream",
"athena:GetTable",
"athena:GetTables",
"athena:ListQueryExecutions",
"athena:RunQuery",
"athena:StartQueryExecution",
"athena:StopQueryExecution"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"glue:CreateDatabase",
"glue:DeleteDatabase",
"glue:GetDatabase",
"glue:GetDatabases",
"glue:UpdateDatabase",
"glue:CreateTable",
"glue:DeleteTable",
"glue:BatchDeleteTable",
"glue:UpdateTable",
"glue:GetTable",
"glue:GetTables",
"glue:BatchCreatePartition",
"glue:CreatePartition",
"glue:DeletePartition",
"glue:BatchDeletePartition",
"glue:UpdatePartition",
"glue:GetPartition",
"glue:GetPartitions",
"glue:BatchGetPartition"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"s3:GetBucketLocation",
"s3:GetObject",
"s3:ListBucket",
"s3:ListBucketMultipartUploads",
"s3:ListMultipartUploadParts",
"s3:AbortMultipartUpload",
"s3:CreateBucket",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::aws-athena-query-results-*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI4JB77JXFQXDWNRPM",
"PolicyName": "AWSQuicksightAthenaAccess",
"UpdateDate": "2018-08-07T20:24:55+00:00",
"VersionId": "v4"
},
"AWSResourceAccessManagerServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSResourceAccessManagerServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-11-14T19:28:28+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"organizations:DescribeAccount",
"organizations:DescribeOrganization",
"organizations:DescribeOrganizationalUnit",
"organizations:ListAccounts",
"organizations:ListAccountsForParent",
"organizations:ListChildren",
"organizations:ListOrganizationalUnitsForParent",
"organizations:ListParents",
"organizations:ListRoots"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:DeleteRole"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/aws-service-role/ram.amazonaws.com/*"
],
"Sid": "AllowDeletionOfServiceLinkedRoleForResourceAccessManager"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJU667A3V5UAXC4YNE",
"PolicyName": "AWSResourceAccessManagerServiceRolePolicy",
"UpdateDate": "2018-11-14T19:28:28+00:00",
"VersionId": "v1"
},
"AWSResourceGroupsReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSResourceGroupsReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2018-03-07T10:27:04+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"resource-groups:Get*",
"resource-groups:List*",
"resource-groups:Search*",
"tag:Get*",
"cloudformation:DescribeStacks",
"cloudformation:ListStackResources",
"ec2:DescribeInstances",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSnapshots",
"ec2:DescribeVolumes",
"ec2:DescribeVpcs",
"elasticache:DescribeCacheClusters",
"elasticache:DescribeSnapshots",
"elasticache:ListTagsForResource",
"elasticbeanstalk:DescribeEnvironments",
"elasticmapreduce:DescribeCluster",
"elasticmapreduce:ListClusters",
"glacier:ListVaults",
"glacier:DescribeVault",
"glacier:ListTagsForVault",
"kinesis:ListStreams",
"kinesis:DescribeStream",
"kinesis:ListTagsForStream",
"opsworks:DescribeStacks",
"opsworks:ListTags",
"rds:DescribeDBInstances",
"rds:DescribeDBSnapshots",
"rds:ListTagsForResource",
"redshift:DescribeClusters",
"redshift:DescribeTags",
"route53domains:ListDomains",
"route53:ListHealthChecks",
"route53:GetHealthCheck",
"route53:ListHostedZones",
"route53:GetHostedZone",
"route53:ListTagsForResource",
"storagegateway:ListGateways",
"storagegateway:DescribeGatewayInformation",
"storagegateway:ListTagsForResource",
"s3:ListAllMyBuckets",
"s3:GetBucketTagging",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeTags",
"ssm:ListDocuments"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIXFKM2WGBJAEWMFEG",
"PolicyName": "AWSResourceGroupsReadOnlyAccess",
"UpdateDate": "2019-02-05T17:56:25+00:00",
"VersionId": "v2"
},
"AWSRoboMakerFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSRoboMakerFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-26T05:28:10+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"s3:GetObject",
"robomaker:*"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "VisualEditor0"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringEquals": {
"iam:AWSServiceName": "robomaker.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIG7WQVUX3AGSKGBAO",
"PolicyName": "AWSRoboMakerFullAccess",
"UpdateDate": "2018-11-26T05:28:10+00:00",
"VersionId": "v1"
},
"AWSRoboMakerReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSRoboMakerReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-26T05:30:50+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"robomaker:ListDeploymentJobs",
"robomaker:BatchDescribeSimulationJob",
"robomaker:DescribeFleet",
"robomaker:DescribeSimulationApplication",
"robomaker:DescribeRobotApplication",
"robomaker:ListFleets",
"robomaker:ListSimulationJobs",
"robomaker:DescribeDeploymentJob",
"robomaker:DescribeSimulationJob",
"robomaker:DescribeRobot",
"robomaker:ListRobots",
"robomaker:ListRobotApplications",
"robomaker:ListSimulationApplications"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "VisualEditor0"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIXFHP2ALXXGGECYJI",
"PolicyName": "AWSRoboMakerReadOnlyAccess",
"UpdateDate": "2018-11-26T05:30:50+00:00",
"VersionId": "v1"
},
"AWSRoboMakerServicePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSRoboMakerServicePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-11-26T06:30:08+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ec2:CreateNetworkInterfacePermission",
"ec2:DescribeNetworkInterfaces",
"ec2:DeleteNetworkInterface",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:DescribeSecurityGroups",
"greengrass:CreateDeployment",
"greengrass:CreateGroupVersion",
"greengrass:CreateFunctionDefinition",
"greengrass:CreateFunctionDefinitionVersion",
"greengrass:GetDeploymentStatus",
"greengrass:GetGroup",
"greengrass:GetGroupVersion",
"greengrass:GetCoreDefinitionVersion",
"greengrass:GetFunctionDefinitionVersion",
"greengrass:GetAssociatedRole",
"lambda:CreateFunction"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"lambda:UpdateFunctionCode",
"lambda:GetFunction",
"lambda:UpdateFunctionConfiguration",
"lambda:DeleteFunction",
"lambda:ListVersionsByFunction",
"lambda:GetAlias",
"lambda:UpdateAlias",
"lambda:CreateAlias",
"lambda:DeleteAlias"
],
"Effect": "Allow",
"Resource": "arn:aws:lambda:*:*:function:aws-robomaker-*"
},
{
"Action": "iam:PassRole",
"Condition": {
"StringEqualsIfExists": {
"iam:PassedToService": "lambda.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJYLVVUUQMAEEZ3ZNY",
"PolicyName": "AWSRoboMakerServicePolicy",
"UpdateDate": "2019-04-04T22:15:35+00:00",
"VersionId": "v2"
},
"AWSRoboMakerServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/AWSRoboMakerServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-11-26T05:33:19+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:CreateNetworkInterfacePermission",
"ec2:DescribeNetworkInterfaces",
"ec2:DeleteNetworkInterface",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:DescribeSecurityGroups",
"greengrass:CreateDeployment",
"greengrass:CreateGroupVersion",
"greengrass:CreateFunctionDefinition",
"greengrass:CreateFunctionDefinitionVersion",
"greengrass:GetDeploymentStatus",
"greengrass:GetGroup",
"greengrass:GetGroupVersion",
"greengrass:GetCoreDefinitionVersion",
"greengrass:GetFunctionDefinitionVersion",
"greengrass:GetAssociatedRole",
"lambda:CreateFunction"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"lambda:UpdateFunctionCode",
"lambda:GetFunction",
"lambda:UpdateFunctionConfiguration"
],
"Effect": "Allow",
"Resource": "arn:aws:lambda:*:*:function:aws-robomaker-*"
},
{
"Action": "iam:PassRole",
"Condition": {
"StringEqualsIfExists": {
"iam:PassedToService": "lambda.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIOSFFLBBLCTKS3ATC",
"PolicyName": "AWSRoboMakerServiceRolePolicy",
"UpdateDate": "2018-11-26T05:33:19+00:00",
"VersionId": "v1"
},
"AWSSSODirectoryAdministrator": {
"Arn": "arn:aws:iam::aws:policy/AWSSSODirectoryAdministrator",
"AttachmentCount": 0,
"CreateDate": "2018-10-31T23:54:00+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"sso-directory:*"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "AWSSSODirectoryAdministrator"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI2TCZRD7WRD5D2E2Q",
"PolicyName": "AWSSSODirectoryAdministrator",
"UpdateDate": "2018-10-31T23:54:00+00:00",
"VersionId": "v1"
},
"AWSSSODirectoryReadOnly": {
"Arn": "arn:aws:iam::aws:policy/AWSSSODirectoryReadOnly",
"AttachmentCount": 0,
"CreateDate": "2018-10-31T23:49:32+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"sso-directory:Search*",
"sso-directory:Describe*",
"sso-directory:List*"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "AWSSSODirectoryReadOnly"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJDPMQELJXZD2NC6JG",
"PolicyName": "AWSSSODirectoryReadOnly",
"UpdateDate": "2018-10-31T23:49:32+00:00",
"VersionId": "v1"
},
"AWSSSOMasterAccountAdministrator": {
"Arn": "arn:aws:iam::aws:policy/AWSSSOMasterAccountAdministrator",
"AttachmentCount": 0,
"CreateDate": "2018-06-27T20:36:51+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": "iam:PassRole",
"Condition": {
"StringLike": {
"iam:PassedToService": "sso.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/sso.amazonaws.com/AWSServiceRoleForSSO",
"Sid": "AWSSSOMasterAccountAdministrator"
},
{
"Action": [
"ds:DescribeTrusts",
"ds:UnauthorizeApplication",
"ds:DescribeDirectories",
"ds:AuthorizeApplication",
"iam:ListPolicies",
"organizations:EnableAWSServiceAccess",
"organizations:ListRoots",
"organizations:ListAccounts",
"organizations:ListOrganizationalUnitsForParent",
"organizations:ListAccountsForParent",
"organizations:DescribeOrganization",
"organizations:ListChildren",
"organizations:DescribeAccount",
"organizations:ListParents",
"sso:*",
"sso-directory:DescribeDirectory",
"ds:CreateAlias"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "AWSSSOMemberAccountAdministrator"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIHXAQZIS3GOYIETUC",
"PolicyName": "AWSSSOMasterAccountAdministrator",
"UpdateDate": "2018-10-17T20:41:20+00:00",
"VersionId": "v3"
},
"AWSSSOMemberAccountAdministrator": {
"Arn": "arn:aws:iam::aws:policy/AWSSSOMemberAccountAdministrator",
"AttachmentCount": 0,
"CreateDate": "2018-06-27T20:45:42+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ds:DescribeDirectories",
"ds:AuthorizeApplication",
"ds:UnauthorizeApplication",
"ds:DescribeTrusts",
"iam:ListPolicies",
"organizations:EnableAWSServiceAccess",
"organizations:DescribeOrganization",
"organizations:DescribeAccount",
"organizations:ListRoots",
"organizations:ListAccounts",
"organizations:ListAccountsForParent",
"organizations:ListParents",
"organizations:ListChildren",
"organizations:ListOrganizationalUnitsForParent",
"sso:*",
"sso-directory:DescribeDirectory",
"ds:CreateAlias"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "AWSSSOMemberAccountAdministrator"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIQYHEY7KJWXZFNDPY",
"PolicyName": "AWSSSOMemberAccountAdministrator",
"UpdateDate": "2018-10-17T20:35:52+00:00",
"VersionId": "v2"
},
"AWSSSOReadOnly": {
"Arn": "arn:aws:iam::aws:policy/AWSSSOReadOnly",
"AttachmentCount": 0,
"CreateDate": "2018-06-27T20:24:34+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"ds:DescribeDirectories",
"ds:DescribeTrusts",
"iam:ListPolicies",
"organizations:DescribeOrganization",
"organizations:DescribeAccount",
"organizations:ListParents",
"organizations:ListChildren",
"organizations:ListAccounts",
"organizations:ListRoots",
"organizations:ListAccountsForParent",
"organizations:ListOrganizationalUnitsForParent",
"sso:DescribePermissionsPolicies",
"sso:GetApplicationTemplate",
"sso:GetApplicationInstance",
"sso:GetPermissionSet",
"sso:GetProfile",
"sso:GetPermissionsPolicy",
"sso:GetSSOStatus",
"sso:GetSSOConfiguration",
"sso:GetTrust",
"sso:ListPermissionSets",
"sso:ListDirectoryAssociations",
"sso:ListProfiles",
"sso:ListApplicationInstances",
"sso:ListApplicationInstanceCertificates",
"sso:ListApplicationTemplates",
"sso:ListApplications",
"sso:ListProfileAssociations",
"sso:Search*",
"sso-directory:DescribeDirectory"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "AWSSSOReadOnly"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJBSMEEZXFDMKMY43I",
"PolicyName": "AWSSSOReadOnly",
"UpdateDate": "2018-12-19T20:17:58+00:00",
"VersionId": "v3"
},
"AWSSSOServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSSSOServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-12-05T18:36:15+00:00",
"DefaultVersionId": "v6",
"Document": {
"Statement": [
{
"Action": [
"iam:AttachRolePolicy",
"iam:CreateRole",
"iam:DeleteRole",
"iam:DeleteRolePolicy",
"iam:DetachRolePolicy",
"iam:GetRole",
"iam:ListRolePolicies",
"iam:PutRolePolicy",
"iam:ListAttachedRolePolicies",
"iam:UpdateRole"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/aws-reserved/sso.amazonaws.com/*"
]
},
{
"Action": [
"iam:ListRoles"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "ListRolesInTheAccount"
},
{
"Action": [
"iam:DeleteServiceLinkedRole",
"iam:GetServiceLinkedRoleDeletionStatus",
"iam:DeleteRole",
"iam:GetRole"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/aws-service-role/sso.amazonaws.com/AWSServiceRoleForSSO"
],
"Sid": "AllowDeletionOfServiceLinkedRoleForSSO"
},
{
"Action": [
"iam:CreateSAMLProvider",
"iam:GetSAMLProvider",
"iam:UpdateSAMLProvider",
"iam:DeleteSAMLProvider"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:saml-provider/AWSSSO_*"
]
},
{
"Action": [
"organizations:DescribeAccount",
"organizations:DescribeOrganization",
"organizations:ListAccounts"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"ds:UnauthorizeApplication"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "AllowUnauthAppForDirectory"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIJ52KSWOD4GI54XP2",
"PolicyName": "AWSSSOServiceRolePolicy",
"UpdateDate": "2019-05-15T20:45:42+00:00",
"VersionId": "v6"
},
"AWSSecurityHubFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSSecurityHubFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-27T23:54:34+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "securityhub:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": "securityhub.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ4262VZCA4HPBZSO6",
"PolicyName": "AWSSecurityHubFullAccess",
"UpdateDate": "2018-11-27T23:54:34+00:00",
"VersionId": "v1"
},
"AWSSecurityHubReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSSecurityHubReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-28T01:34:29+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"securityhub:Get*",
"securityhub:List*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIEBAQNOFUCLFJ3UHG",
"PolicyName": "AWSSecurityHubReadOnlyAccess",
"UpdateDate": "2018-11-28T01:34:29+00:00",
"VersionId": "v1"
},
"AWSSecurityHubServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSSecurityHubServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-11-27T23:47:51+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloudtrail:DescribeTrails",
"cloudtrail:GetTrailStatus",
"cloudtrail:GetEventSelectors",
"cloudwatch:DescribeAlarms",
"logs:DescribeMetricFilters",
"sns:ListSubscriptionsByTopic",
"config:DescribeConfigurationRecorders",
"config:DescribeConfigurationRecorderStatus",
"config:DescribeConfigRules",
"config:BatchGetResourceConfig"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"config:PutConfigRule",
"config:DeleteConfigRule",
"config:GetComplianceDetailsByConfigRule"
],
"Effect": "Allow",
"Resource": "arn:aws:config:*:*:config-rule/aws-service-rule/*securityhub*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJQPCESDDYDLLSOGYO",
"PolicyName": "AWSSecurityHubServiceRolePolicy",
"UpdateDate": "2018-11-27T23:47:51+00:00",
"VersionId": "v1"
},
"AWSServiceCatalogAdminFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSServiceCatalogAdminFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-02-15T17:19:40+00:00",
"DefaultVersionId": "v5",
"Document": {
"Statement": [
{
"Action": [
"cloudformation:CreateStack",
"cloudformation:DeleteStack",
"cloudformation:DescribeStackEvents",
"cloudformation:DescribeStacks",
"cloudformation:SetStackPolicy",
"cloudformation:UpdateStack",
"cloudformation:CreateChangeSet",
"cloudformation:DescribeChangeSet",
"cloudformation:ExecuteChangeSet",
"cloudformation:ListChangeSets",
"cloudformation:DeleteChangeSet",
"cloudformation:ListStackResources",
"cloudformation:TagResource",
"cloudformation:CreateStackSet",
"cloudformation:CreateStackInstances",
"cloudformation:UpdateStackSet",
"cloudformation:UpdateStackInstances",
"cloudformation:DeleteStackSet",
"cloudformation:DeleteStackInstances",
"cloudformation:DescribeStackSet",
"cloudformation:DescribeStackInstance",
"cloudformation:DescribeStackSetOperation",
"cloudformation:ListStackInstances",
"cloudformation:ListStackSetOperations",
"cloudformation:ListStackSetOperationResults"
],
"Effect": "Allow",
"Resource": [
"arn:aws:cloudformation:*:*:stack/SC-*",
"arn:aws:cloudformation:*:*:stack/StackSet-SC-*",
"arn:aws:cloudformation:*:*:changeSet/SC-*",
"arn:aws:cloudformation:*:*:stackset/SC-*"
]
},
{
"Action": [
"cloudformation:CreateUploadBucket",
"cloudformation:GetTemplateSummary",
"cloudformation:ValidateTemplate",
"iam:GetGroup",
"iam:GetRole",
"iam:GetUser",
"iam:ListGroups",
"iam:ListRoles",
"iam:ListUsers",
"servicecatalog:*",
"ssm:DescribeDocument",
"ssm:GetAutomationExecution",
"ssm:ListDocuments",
"ssm:ListDocumentVersions",
"config:DescribeConfigurationRecorders",
"config:DescribeConfigurationRecorderStatus"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:PassRole",
"Condition": {
"StringEquals": {
"iam:PassedToService": "servicecatalog.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJWLJU4BZ7AQUJSBVM",
"PolicyName": "AWSServiceCatalogAdminFullAccess",
"UpdateDate": "2019-02-06T01:57:54+00:00",
"VersionId": "v5"
},
"AWSServiceCatalogEndUserFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSServiceCatalogEndUserFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-02-15T17:22:32+00:00",
"DefaultVersionId": "v5",
"Document": {
"Statement": [
{
"Action": [
"cloudformation:CreateStack",
"cloudformation:DeleteStack",
"cloudformation:DescribeStackEvents",
"cloudformation:DescribeStacks",
"cloudformation:SetStackPolicy",
"cloudformation:ValidateTemplate",
"cloudformation:UpdateStack",
"cloudformation:CreateChangeSet",
"cloudformation:DescribeChangeSet",
"cloudformation:ExecuteChangeSet",
"cloudformation:ListChangeSets",
"cloudformation:DeleteChangeSet",
"cloudformation:TagResource",
"cloudformation:CreateStackSet",
"cloudformation:CreateStackInstances",
"cloudformation:UpdateStackSet",
"cloudformation:UpdateStackInstances",
"cloudformation:DeleteStackSet",
"cloudformation:DeleteStackInstances",
"cloudformation:DescribeStackSet",
"cloudformation:DescribeStackInstance",
"cloudformation:DescribeStackSetOperation",
"cloudformation:ListStackInstances",
"cloudformation:ListStackResources",
"cloudformation:ListStackSetOperations",
"cloudformation:ListStackSetOperationResults"
],
"Effect": "Allow",
"Resource": [
"arn:aws:cloudformation:*:*:stack/SC-*",
"arn:aws:cloudformation:*:*:stack/StackSet-SC-*",
"arn:aws:cloudformation:*:*:changeSet/SC-*",
"arn:aws:cloudformation:*:*:stackset/SC-*"
]
},
{
"Action": [
"cloudformation:GetTemplateSummary",
"servicecatalog:DescribeProduct",
"servicecatalog:DescribeProductView",
"servicecatalog:DescribeProvisioningParameters",
"servicecatalog:ListLaunchPaths",
"servicecatalog:ProvisionProduct",
"servicecatalog:SearchProducts",
"ssm:DescribeDocument",
"ssm:GetAutomationExecution",
"config:DescribeConfigurationRecorders",
"config:DescribeConfigurationRecorderStatus"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"servicecatalog:DescribeProvisionedProduct",
"servicecatalog:DescribeRecord",
"servicecatalog:ListRecordHistory",
"servicecatalog:ScanProvisionedProducts",
"servicecatalog:TerminateProvisionedProduct",
"servicecatalog:UpdateProvisionedProduct",
"servicecatalog:SearchProvisionedProducts",
"servicecatalog:CreateProvisionedProductPlan",
"servicecatalog:DescribeProvisionedProductPlan",
"servicecatalog:ExecuteProvisionedProductPlan",
"servicecatalog:DeleteProvisionedProductPlan",
"servicecatalog:ListProvisionedProductPlans",
"servicecatalog:ListServiceActionsForProvisioningArtifact",
"servicecatalog:ExecuteProvisionedProductServiceAction"
],
"Condition": {
"StringEquals": {
"servicecatalog:userLevel": "self"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJTLLC4DGDMTZB54M4",
"PolicyName": "AWSServiceCatalogEndUserFullAccess",
"UpdateDate": "2019-02-06T02:00:22+00:00",
"VersionId": "v5"
},
"AWSServiceRoleForEC2ScheduledInstances": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForEC2ScheduledInstances",
"AttachmentCount": 0,
"CreateDate": "2017-10-12T18:31:55+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:CreateTags"
],
"Condition": {
"ForAllValues:StringEquals": {
"aws:TagKeys": [
"aws:ec2sri:scheduledInstanceId"
]
}
},
"Effect": "Allow",
"Resource": [
"arn:aws:ec2:*:*:instance/*"
]
},
{
"Action": [
"ec2:TerminateInstances"
],
"Condition": {
"StringLike": {
"ec2:ResourceTag/aws:ec2sri:scheduledInstanceId": "*"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ7Y4TT63D6QBKCY4O",
"PolicyName": "AWSServiceRoleForEC2ScheduledInstances",
"UpdateDate": "2017-10-12T18:31:55+00:00",
"VersionId": "v1"
},
"AWSServiceRoleForIoTSiteWise": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForIoTSiteWise",
"AttachmentCount": 0,
"CreateDate": "2018-11-14T19:19:17+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": "iotanalytics:ExecuteQuery",
"Effect": "Allow",
"Resource": "arn:aws:iotanalytics:*:*:datastore-index/*"
},
{
"Action": [
"greengrass:CreateCoreDefinitionVersion",
"greengrass:CreateDeployment",
"greengrass:CreateFunctionDefinition",
"greengrass:CreateFunctionDefinitionVersion",
"greengrass:CreateGroupVersion",
"greengrass:CreateLoggerDefinition",
"greengrass:CreateLoggerDefinitionVersion",
"greengrass:CreateResourceDefinition",
"greengrass:CreateResourceDefinitionVersion",
"greengrass:GetAssociatedRole",
"greengrass:GetCoreDefinition",
"greengrass:GetCoreDefinitionVersion",
"greengrass:GetDeploymentStatus",
"greengrass:GetFunctionDefinition",
"greengrass:GetFunctionDefinitionVersion",
"greengrass:GetGroup",
"greengrass:GetGroupVersion",
"greengrass:GetLoggerDefinition",
"greengrass:GetLoggerDefinitionVersion",
"greengrass:GetResourceDefinition",
"greengrass:GetResourceDefinitionVersion",
"greengrass:ListCoreDefinitions",
"greengrass:UpdateCoreDefinition",
"greengrass:UpdateFunctionDefinition",
"greengrass:UpdateLoggerDefinition",
"greengrass:UpdateResourceDefinition"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"lambda:CreateAlias",
"lambda:CreateFunction",
"lambda:GetFunction",
"lambda:ListVersionsByFunction",
"lambda:UpdateFunctionCode",
"lambda:PublishVersion",
"lambda:UpdateAlias"
],
"Effect": "Allow",
"Resource": "arn:aws:lambda:*:*:function:AWSIoTSiteWise*"
},
{
"Action": [
"iot:GetThingShadow",
"iot:UpdateThingShadow"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:PassRole",
"Condition": {
"StringLikeIfExists": {
"iam:PassedToService": "lambda.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJGQU4DZIQP6HLYQPE",
"PolicyName": "AWSServiceRoleForIoTSiteWise",
"UpdateDate": "2019-02-11T20:49:09+00:00",
"VersionId": "v3"
},
"AWSShieldDRTAccessPolicy": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy",
"AttachmentCount": 0,
"CreateDate": "2018-06-05T22:29:39+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"cloudfront:List*",
"elasticloadbalancing:List*",
"route53:List*",
"cloudfront:Describe*",
"elasticloadbalancing:Describe*",
"route53:Describe*",
"cloudwatch:Describe*",
"cloudwatch:Get*",
"cloudwatch:List*",
"cloudfront:GetDistribution*",
"globalaccelerator:ListAccelerators",
"globalaccelerator:DescribeAccelerator"
],
"Effect": "Allow",
"Resource": [
"arn:aws:elasticloadbalancing:*:*:*",
"arn:aws:cloudfront::*:*",
"arn:aws:route53:::hostedzone/*",
"arn:aws:cloudwatch:*:*:*:*",
"arn:aws:globalaccelerator::*:*"
],
"Sid": "DRTAccessProtectedResources"
},
{
"Action": [
"waf:*",
"waf-regional:*"
],
"Effect": "Allow",
"Resource": [
"arn:aws:waf:*",
"arn:aws:waf-regional:*"
],
"Sid": "DRTManageMitigations"
},
{
"Action": [
"shield:*"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "DRTManageProtections"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJWNCSZ4PARLO37VVY",
"PolicyName": "AWSShieldDRTAccessPolicy",
"UpdateDate": "2019-02-11T17:08:57+00:00",
"VersionId": "v3"
},
"AWSStepFunctionsConsoleFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSStepFunctionsConsoleFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-01-11T21:54:31+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": "states:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:ListRoles",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:PassRole",
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/service-role/StatesExecutionRole*"
},
{
"Action": "lambda:ListFunctions",
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJIYC52YWRX6OSMJWK",
"PolicyName": "AWSStepFunctionsConsoleFullAccess",
"UpdateDate": "2017-01-12T00:19:34+00:00",
"VersionId": "v2"
},
"AWSStepFunctionsFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSStepFunctionsFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-01-11T21:51:32+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "states:*",
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJXKA6VP3UFBVHDPPA",
"PolicyName": "AWSStepFunctionsFullAccess",
"UpdateDate": "2017-01-11T21:51:32+00:00",
"VersionId": "v1"
},
"AWSStepFunctionsReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSStepFunctionsReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2017-01-11T21:46:19+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"states:ListStateMachines",
"states:ListActivities",
"states:DescribeStateMachine",
"states:DescribeStateMachineForExecution",
"states:ListExecutions",
"states:DescribeExecution",
"states:GetExecutionHistory",
"states:DescribeActivity"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJONHB2TJQDJPFW5TM",
"PolicyName": "AWSStepFunctionsReadOnlyAccess",
"UpdateDate": "2017-11-10T22:03:49+00:00",
"VersionId": "v2"
},
"AWSStorageGatewayFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSStorageGatewayFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:09+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"storagegateway:*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:DescribeSnapshots",
"ec2:DeleteSnapshot"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJG5SSPAVOGK3SIDGU",
"PolicyName": "AWSStorageGatewayFullAccess",
"UpdateDate": "2015-02-06T18:41:09+00:00",
"VersionId": "v1"
},
"AWSStorageGatewayReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSStorageGatewayReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:10+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"storagegateway:List*",
"storagegateway:Describe*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:DescribeSnapshots"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIFKCTUVOPD5NICXJK",
"PolicyName": "AWSStorageGatewayReadOnlyAccess",
"UpdateDate": "2015-02-06T18:41:10+00:00",
"VersionId": "v1"
},
"AWSSupportAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSSupportAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:11+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"support:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJSNKQX2OW67GF4S7E",
"PolicyName": "AWSSupportAccess",
"UpdateDate": "2015-02-06T18:41:11+00:00",
"VersionId": "v1"
},
"AWSSupportServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSSupportServiceRolePolicy",
"AttachmentCount": 1,
"CreateDate": "2018-04-19T18:04:44+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"apigateway:GET"
],
"Effect": "Allow",
"Resource": [
"arn:aws:apigateway:*::/account",
"arn:aws:apigateway:*::/clientcertificates",
"arn:aws:apigateway:*::/clientcertificates/*",
"arn:aws:apigateway:*::/domainnames",
"arn:aws:apigateway:*::/domainnames/*",
"arn:aws:apigateway:*::/domainnames/*/basepathmappings",
"arn:aws:apigateway:*::/domainnames/*/basepathmappings/*",
"arn:aws:apigateway:*::/restapis",
"arn:aws:apigateway:*::/restapis/*",
"arn:aws:apigateway:*::/restapis/*/authorizers",
"arn:aws:apigateway:*::/restapis/*/authorizers/*",
"arn:aws:apigateway:*::/restapis/*/deployments",
"arn:aws:apigateway:*::/restapis/*/deployments/*",
"arn:aws:apigateway:*::/restapis/*/models",
"arn:aws:apigateway:*::/restapis/*/models/*",
"arn:aws:apigateway:*::/restapis/*/models/*/default_template",
"arn:aws:apigateway:*::/restapis/*/resources",
"arn:aws:apigateway:*::/restapis/*/resources/*",
"arn:aws:apigateway:*::/restapis/*/resources/*/methods/*/integration/responses/*",
"arn:aws:apigateway:*::/restapis/*/resources/*/methods/*/responses/*",
"arn:aws:apigateway:*::/restapis/*/stages/*/sdks/*",
"arn:aws:apigateway:*::/restapis/*/resources/*/methods/*",
"arn:aws:apigateway:*::/restapis/*/resources/*/methods/*/integration",
"arn:aws:apigateway:*::/restapis/*/stages",
"arn:aws:apigateway:*::/restapis/*/stages/*"
]
},
{
"Action": [
"iam:DeleteRole"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/aws-service-role/support.amazonaws.com/AWSServiceRoleForSupport"
]
},
{
"Action": [
"a4b:getDevice",
"a4b:getProfile",
"a4b:getRoom",
"a4b:getRoomSkillParameter",
"a4b:getSkillGroup",
"a4b:searchDevices",
"a4b:searchProfiles",
"a4b:searchRooms",
"a4b:searchSkillGroups",
"acm-pca:describeCertificateAuthority",
"acm-pca:describeCertificateAuthorityAuditReport",
"acm-pca:getCertificate",
"acm-pca:getCertificateAuthorityCertificate",
"acm-pca:getCertificateAuthorityCsr",
"acm-pca:listCertificateAuthorities",
"acm-pca:listTags",
"acm:describeCertificate",
"acm:getCertificate",
"acm:listCertificates",
"acm:listTagsForCertificate",
"application-autoscaling:describeScalableTargets",
"application-autoscaling:describeScalingActivities",
"application-autoscaling:describeScalingPolicies",
"appstream:describeDirectoryConfigs",
"appstream:describeFleets",
"appstream:describeImageBuilders",
"appstream:describeImages",
"appstream:describeSessions",
"appstream:describeStacks",
"appstream:listAssociatedFleets",
"appstream:listAssociatedStacks",
"appstream:listTagsForResource",
"appsync:getFunction",
"appsync:getGraphqlApi",
"appsync:getIntrospectionSchema",
"appsync:getResolver",
"appsync:getSchemaCreationStatus",
"appsync:getType",
"appsync:listDataSources",
"appsync:listFunctions",
"appsync:listGraphqlApis",
"appsync:listResolvers",
"appsync:listTypes",
"athena:batchGetNamedQuery",
"athena:batchGetQueryExecution",
"athena:getNamedQuery",
"athena:getQueryExecution",
"athena:listNamedQueries",
"athena:listQueryExecutions",
"autoscaling-plans:describeScalingPlanResources",
"autoscaling-plans:describeScalingPlans",
"autoscaling-plans:getScalingPlanResourceForecastData",
"autoscaling:describeAccountLimits",
"autoscaling:describeAdjustmentTypes",
"autoscaling:describeAutoScalingGroups",
"autoscaling:describeAutoScalingInstances",
"autoscaling:describeAutoScalingNotificationTypes",
"autoscaling:describeLaunchConfigurations",
"autoscaling:describeLifecycleHooks",
"autoscaling:describeLifecycleHookTypes",
"autoscaling:describeLoadBalancers",
"autoscaling:describeLoadBalancerTargetGroups",
"autoscaling:describeMetricCollectionTypes",
"autoscaling:describeNotificationConfigurations",
"autoscaling:describePolicies",
"autoscaling:describeScalingActivities",
"autoscaling:describeScalingProcessTypes",
"autoscaling:describeScheduledActions",
"autoscaling:describeTags",
"autoscaling:describeTerminationPolicyTypes",
"batch:describeComputeEnvironments",
"batch:describeJobDefinitions",
"batch:describeJobQueues",
"batch:describeJobs",
"batch:listJobs",
"cloud9:describeEnvironmentMemberships",
"cloud9:describeEnvironments",
"cloud9:listEnvironments",
"clouddirectory:getDirectory",
"clouddirectory:listDirectories",
"cloudformation:describeAccountLimits",
"cloudformation:describeChangeSet",
"cloudformation:describeStackEvents",
"cloudformation:describeStackInstance",
"cloudformation:describeStackResource",
"cloudformation:describeStackResources",
"cloudformation:describeStacks",
"cloudformation:describeStackSet",
"cloudformation:describeStackSetOperation",
"cloudformation:estimateTemplateCost",
"cloudformation:getStackPolicy",
"cloudformation:getTemplate",
"cloudformation:getTemplateSummary",
"cloudformation:listChangeSets",
"cloudformation:listExports",
"cloudformation:listImports",
"cloudformation:listStackInstances",
"cloudformation:listStackResources",
"cloudformation:listStacks",
"cloudformation:listStackSetOperationResults",
"cloudformation:listStackSetOperations",
"cloudformation:listStackSets",
"cloudfront:getCloudFrontOriginAccessIdentity",
"cloudfront:getCloudFrontOriginAccessIdentityConfig",
"cloudfront:getDistribution",
"cloudfront:getDistributionConfig",
"cloudfront:getInvalidation",
"cloudfront:getStreamingDistribution",
"cloudfront:getStreamingDistributionConfig",
"cloudfront:listCloudFrontOriginAccessIdentities",
"cloudfront:listDistributions",
"cloudfront:listDistributionsByWebACLId",
"cloudfront:listInvalidations",
"cloudfront:listStreamingDistributions",
"cloudhsm:describeBackups",
"cloudhsm:describeClusters",
"cloudsearch:describeAnalysisSchemes",
"cloudsearch:describeAvailabilityOptions",
"cloudsearch:describeDomains",
"cloudsearch:describeExpressions",
"cloudsearch:describeIndexFields",
"cloudsearch:describeScalingParameters",
"cloudsearch:describeServiceAccessPolicies",
"cloudsearch:describeSuggesters",
"cloudsearch:listDomainNames",
"cloudtrail:describeTrails",
"cloudtrail:getEventSelectors",
"cloudtrail:getTrailStatus",
"cloudtrail:listPublicKeys",
"cloudtrail:listTags",
"cloudtrail:lookupEvents",
"cloudwatch:describeAlarmHistory",
"cloudwatch:describeAlarms",
"cloudwatch:describeAlarmsForMetric",
"cloudwatch:getDashboard",
"cloudwatch:getMetricData",
"cloudwatch:getMetricStatistics",
"cloudwatch:listDashboards",
"cloudwatch:listMetrics",
"codebuild:batchGetBuilds",
"codebuild:batchGetProjects",
"codebuild:listBuilds",
"codebuild:listBuildsForProject",
"codebuild:listCuratedEnvironmentImages",
"codebuild:listProjects",
"codecommit:batchGetRepositories",
"codecommit:getBranch",
"codecommit:getRepository",
"codecommit:getRepositoryTriggers",
"codecommit:listBranches",
"codecommit:listRepositories",
"codedeploy:batchGetApplications",
"codedeploy:batchGetDeployments",
"codedeploy:batchGetOnPremisesInstances",
"codedeploy:getApplication",
"codedeploy:getApplicationRevision",
"codedeploy:getDeployment",
"codedeploy:getDeploymentConfig",
"codedeploy:getDeploymentGroup",
"codedeploy:getDeploymentInstance",
"codedeploy:getOnPremisesInstance",
"codedeploy:listApplicationRevisions",
"codedeploy:listApplications",
"codedeploy:listDeploymentConfigs",
"codedeploy:listDeploymentGroups",
"codedeploy:listDeploymentInstances",
"codedeploy:listDeployments",
"codedeploy:listOnPremisesInstances",
"codepipeline:getJobDetails",
"codepipeline:getPipeline",
"codepipeline:getPipelineExecution",
"codepipeline:getPipelineState",
"codepipeline:listActionTypes",
"codepipeline:listPipelines",
"codestar:describeProject",
"codestar:listProjects",
"codestar:listResources",
"codestar:listTeamMembers",
"codestar:listUserProfiles",
"cognito-identity:describeIdentityPool",
"cognito-identity:getIdentityPoolRoles",
"cognito-identity:listIdentities",
"cognito-identity:listIdentityPools",
"cognito-idp:adminGetUser",
"cognito-idp:describeIdentityProvider",
"cognito-idp:describeResourceServer",
"cognito-idp:describeRiskConfiguration",
"cognito-idp:describeUserImportJob",
"cognito-idp:describeUserPool",
"cognito-idp:describeUserPoolClient",
"cognito-idp:describeUserPoolDomain",
"cognito-idp:getGroup",
"cognito-idp:getUICustomization",
"cognito-idp:getUser",
"cognito-idp:getUserPoolMfaConfig",
"cognito-idp:listGroups",
"cognito-idp:listIdentityProviders",
"cognito-idp:listResourceServers",
"cognito-idp:listUserImportJobs",
"cognito-idp:listUserPoolClients",
"cognito-idp:listUserPools",
"cognito-sync:describeDataset",
"cognito-sync:describeIdentityPoolUsage",
"cognito-sync:describeIdentityUsage",
"cognito-sync:getCognitoEvents",
"cognito-sync:getIdentityPoolConfiguration",
"cognito-sync:listDatasets",
"cognito-sync:listIdentityPoolUsage",
"config:describeConfigRuleEvaluationStatus",
"config:describeConfigRules",
"config:describeConfigurationRecorders",
"config:describeConfigurationRecorderStatus",
"config:describeDeliveryChannels",
"config:describeDeliveryChannelStatus",
"config:getResourceConfigHistory",
"config:listDiscoveredResources",
"datapipeline:describeObjects",
"datapipeline:describePipelines",
"datapipeline:getPipelineDefinition",
"datapipeline:listPipelines",
"datapipeline:queryObjects",
"dax:describeClusters",
"dax:describeDefaultParameters",
"dax:describeEvents",
"dax:describeParameterGroups",
"dax:describeParameters",
"dax:describeSubnetGroups",
"devicefarm:getAccountSettings",
"devicefarm:getDevice",
"devicefarm:getDevicePool",
"devicefarm:getDevicePoolCompatibility",
"devicefarm:getJob",
"devicefarm:getProject",
"devicefarm:getRemoteAccessSession",
"devicefarm:getRun",
"devicefarm:getSuite",
"devicefarm:getTest",
"devicefarm:getUpload",
"devicefarm:listArtifacts",
"devicefarm:listDevicePools",
"devicefarm:listDevices",
"devicefarm:listJobs",
"devicefarm:listProjects",
"devicefarm:listRemoteAccessSessions",
"devicefarm:listRuns",
"devicefarm:listSamples",
"devicefarm:listSuites",
"devicefarm:listTests",
"devicefarm:listUniqueProblems",
"devicefarm:listUploads",
"directconnect:describeConnections",
"directconnect:describeConnectionsOnInterconnect",
"directconnect:describeInterconnects",
"directconnect:describeLocations",
"directconnect:describeVirtualGateways",
"directconnect:describeVirtualInterfaces",
"dlm:getLifecyclePolicies",
"dlm:getLifecyclePolicy",
"dms:describeAccountAttributes",
"dms:describeConnections",
"dms:describeEndpoints",
"dms:describeEndpointTypes",
"dms:describeOrderableReplicationInstances",
"dms:describeRefreshSchemasStatus",
"dms:describeReplicationInstances",
"dms:describeReplicationSubnetGroups",
"ds:describeConditionalForwarders",
"ds:describeDirectories",
"ds:describeEventTopics",
"ds:describeSnapshots",
"ds:describeTrusts",
"ds:getDirectoryLimits",
"ds:getSnapshotLimits",
"ds:listIpRoutes",
"ds:listSchemaExtensions",
"ds:listTagsForResource",
"dynamodb:describeBackup",
"dynamodb:describeContinuousBackups",
"dynamodb:describeGlobalTable",
"dynamodb:describeLimits",
"dynamodb:describeStream",
"dynamodb:describeTable",
"dynamodb:describeTimeToLive",
"dynamodb:listBackups",
"dynamodb:listGlobalTables",
"dynamodb:listStreams",
"dynamodb:listTables",
"dynamodb:listTagsOfResource",
"ec2:acceptReservedInstancesExchangeQuote",
"ec2:cancelReservedInstancesListing",
"ec2:createReservedInstancesListing",
"ec2:describeAccountAttributes",
"ec2:describeAddresses",
"ec2:describeAvailabilityZones",
"ec2:describeBundleTasks",
"ec2:describeByoipCidrs",
"ec2:describeClassicLinkInstances",
"ec2:describeConversionTasks",
"ec2:describeCustomerGateways",
"ec2:describeDhcpOptions",
"ec2:describeElasticGpus",
"ec2:describeExportTasks",
"ec2:describeFlowLogs",
"ec2:describeHostReservationOfferings",
"ec2:describeHostReservations",
"ec2:describeHosts",
"ec2:describeIdentityIdFormat",
"ec2:describeIdFormat",
"ec2:describeImageAttribute",
"ec2:describeImages",
"ec2:describeImportImageTasks",
"ec2:describeImportSnapshotTasks",
"ec2:describeInstanceAttribute",
"ec2:describeInstances",
"ec2:describeInstanceStatus",
"ec2:describeInternetGateways",
"ec2:describeKeyPairs",
"ec2:describeLaunchTemplates",
"ec2:describeLaunchTemplateVersions",
"ec2:describeMovingAddresses",
"ec2:describeNatGateways",
"ec2:describeNetworkAcls",
"ec2:describeNetworkInterfaceAttribute",
"ec2:describeNetworkInterfaces",
"ec2:describePlacementGroups",
"ec2:describePrefixLists",
"ec2:describePublicIpv4Pools",
"ec2:describeRegions",
"ec2:describeReservedInstances",
"ec2:describeReservedInstancesListings",
"ec2:describeReservedInstancesModifications",
"ec2:describeReservedInstancesOfferings",
"ec2:describeRouteTables",
"ec2:describeScheduledInstances",
"ec2:describeSecurityGroups",
"ec2:describeSnapshotAttribute",
"ec2:describeSnapshots",
"ec2:describeSpotDatafeedSubscription",
"ec2:describeSpotFleetInstances",
"ec2:describeSpotFleetRequestHistory",
"ec2:describeSpotFleetRequests",
"ec2:describeSpotInstanceRequests",
"ec2:describeSpotPriceHistory",
"ec2:describeSubnets",
"ec2:describeTags",
"ec2:describeVolumeAttribute",
"ec2:describeVolumes",
"ec2:describeVolumesModifications",
"ec2:describeVolumeStatus",
"ec2:describeVpcAttribute",
"ec2:describeVpcClassicLink",
"ec2:describeVpcClassicLinkDnsSupport",
"ec2:describeVpcEndpointConnectionNotifications",
"ec2:describeVpcEndpointConnections",
"ec2:describeVpcEndpoints",
"ec2:describeVpcEndpointServiceConfigurations",
"ec2:describeVpcEndpointServicePermissions",
"ec2:describeVpcEndpointServices",
"ec2:describeVpcPeeringConnections",
"ec2:describeVpcs",
"ec2:describeVpnConnections",
"ec2:describeVpnGateways",
"ec2:getConsoleScreenshot",
"ec2:getReservedInstancesExchangeQuote",
"ec2:modifyReservedInstances",
"ec2:purchaseReservedInstancesOffering",
"ecr:batchCheckLayerAvailability",
"ecr:describeImages",
"ecr:describeRepositories",
"ecr:getRepositoryPolicy",
"ecr:listImages",
"ecs:describeClusters",
"ecs:describeContainerInstances",
"ecs:describeServices",
"ecs:describeTaskDefinition",
"ecs:describeTasks",
"ecs:listClusters",
"ecs:listContainerInstances",
"ecs:listServices",
"ecs:listTaskDefinitions",
"ecs:listTasks",
"eks:describeCluster",
"eks:listClusters",
"elasticache:describeCacheClusters",
"elasticache:describeCacheEngineVersions",
"elasticache:describeCacheParameterGroups",
"elasticache:describeCacheParameters",
"elasticache:describeCacheSecurityGroups",
"elasticache:describeCacheSubnetGroups",
"elasticache:describeEngineDefaultParameters",
"elasticache:describeEvents",
"elasticache:describeReplicationGroups",
"elasticache:describeReservedCacheNodes",
"elasticache:describeReservedCacheNodesOfferings",
"elasticache:describeSnapshots",
"elasticache:listAllowedNodeTypeModifications",
"elasticache:listTagsForResource",
"elasticbeanstalk:checkDNSAvailability",
"elasticbeanstalk:describeApplications",
"elasticbeanstalk:describeApplicationVersions",
"elasticbeanstalk:describeConfigurationOptions",
"elasticbeanstalk:describeConfigurationSettings",
"elasticbeanstalk:describeEnvironmentHealth",
"elasticbeanstalk:describeEnvironmentManagedActionHistory",
"elasticbeanstalk:describeEnvironmentManagedActions",
"elasticbeanstalk:describeEnvironmentResources",
"elasticbeanstalk:describeEnvironments",
"elasticbeanstalk:describeEvents",
"elasticbeanstalk:describeInstancesHealth",
"elasticbeanstalk:describePlatformVersion",
"elasticbeanstalk:listAvailableSolutionStacks",
"elasticbeanstalk:listPlatformVersions",
"elasticbeanstalk:validateConfigurationSettings",
"elasticfilesystem:describeFileSystems",
"elasticfilesystem:describeMountTargets",
"elasticfilesystem:describeMountTargetSecurityGroups",
"elasticfilesystem:describeTags",
"elasticloadbalancing:describeInstanceHealth",
"elasticloadbalancing:describeListenerCertificates",
"elasticloadbalancing:describeListeners",
"elasticloadbalancing:describeLoadBalancerAttributes",
"elasticloadbalancing:describeLoadBalancerPolicies",
"elasticloadbalancing:describeLoadBalancerPolicyTypes",
"elasticloadbalancing:describeLoadBalancers",
"elasticloadbalancing:describeRules",
"elasticloadbalancing:describeSSLPolicies",
"elasticloadbalancing:describeTags",
"elasticloadbalancing:describeTargetGroupAttributes",
"elasticloadbalancing:describeTargetGroups",
"elasticloadbalancing:describeTargetHealth",
"elasticmapreduce:describeCluster",
"elasticmapreduce:describeSecurityConfiguration",
"elasticmapreduce:describeStep",
"elasticmapreduce:listBootstrapActions",
"elasticmapreduce:listClusters",
"elasticmapreduce:listInstanceGroups",
"elasticmapreduce:listInstances",
"elasticmapreduce:listSecurityConfigurations",
"elasticmapreduce:listSteps",
"elastictranscoder:listJobsByPipeline",
"elastictranscoder:listJobsByStatus",
"elastictranscoder:listPipelines",
"elastictranscoder:listPresets",
"elastictranscoder:readPipeline",
"elastictranscoder:readPreset",
"es:describeElasticsearchDomain",
"es:describeElasticsearchDomainConfig",
"es:describeElasticsearchDomains",
"es:listDomainNames",
"es:listTags",
"events:describeEventBus",
"events:describeRule",
"events:listRuleNamesByTarget",
"events:listRules",
"events:listTargetsByRule",
"events:testEventPattern",
"firehose:describeDeliveryStream",
"firehose:listDeliveryStreams",
"glacier:describeJob",
"glacier:describeVault",
"glacier:getDataRetrievalPolicy",
"glacier:getVaultAccessPolicy",
"glacier:getVaultLock",
"glacier:getVaultNotifications",
"glacier:listJobs",
"glacier:listTagsForVault",
"glacier:listVaults",
"glue:batchGetPartition",
"glue:getCatalogImportStatus",
"glue:getClassifier",
"glue:getClassifiers",
"glue:getCrawler",
"glue:getCrawlerMetrics",
"glue:getCrawlers",
"glue:getDatabase",
"glue:getDatabases",
"glue:getDataflowGraph",
"glue:getDevEndpoint",
"glue:getDevEndpoints",
"glue:getJob",
"glue:getJobRun",
"glue:getJobRuns",
"glue:getJobs",
"glue:getMapping",
"glue:getPartition",
"glue:getPartitions",
"glue:getTable",
"glue:getTables",
"glue:getTableVersions",
"glue:getTrigger",
"glue:getTriggers",
"glue:getUserDefinedFunction",
"glue:getUserDefinedFunctions",
"greengrass:getConnectivityInfo",
"greengrass:getCoreDefinition",
"greengrass:getCoreDefinitionVersion",
"greengrass:getDeploymentStatus",
"greengrass:getDeviceDefinition",
"greengrass:getDeviceDefinitionVersion",
"greengrass:getFunctionDefinition",
"greengrass:getFunctionDefinitionVersion",
"greengrass:getGroup",
"greengrass:getGroupCertificateAuthority",
"greengrass:getGroupVersion",
"greengrass:getLoggerDefinition",
"greengrass:getLoggerDefinitionVersion",
"greengrass:getResourceDefinitionVersion",
"greengrass:getServiceRoleForAccount",
"greengrass:getSubscriptionDefinition",
"greengrass:getSubscriptionDefinitionVersion",
"greengrass:listCoreDefinitions",
"greengrass:listCoreDefinitionVersions",
"greengrass:listDeployments",
"greengrass:listDeviceDefinitions",
"greengrass:listDeviceDefinitionVersions",
"greengrass:listFunctionDefinitions",
"greengrass:listFunctionDefinitionVersions",
"greengrass:listGroups",
"greengrass:listGroupVersions",
"greengrass:listLoggerDefinitions",
"greengrass:listLoggerDefinitionVersions",
"greengrass:listResourceDefinitions",
"greengrass:listResourceDefinitionVersions",
"greengrass:listSubscriptionDefinitions",
"greengrass:listSubscriptionDefinitionVersions",
"guardduty:getDetector",
"guardduty:getFindings",
"guardduty:getFindingsStatistics",
"guardduty:getInvitationsCount",
"guardduty:getIPSet",
"guardduty:getMasterAccount",
"guardduty:getMembers",
"guardduty:getThreatIntelSet",
"guardduty:listDetectors",
"guardduty:listFindings",
"guardduty:listInvitations",
"guardduty:listIPSets",
"guardduty:listMembers",
"guardduty:listThreatIntelSets",
"health:describeAffectedEntities",
"health:describeEntityAggregates",
"health:describeEventAggregates",
"health:describeEventDetails",
"health:describeEvents",
"health:describeEventTypes",
"iam:getAccessKeyLastUsed",
"iam:getAccountAuthorizationDetails",
"iam:getAccountPasswordPolicy",
"iam:getAccountSummary",
"iam:getContextKeysForCustomPolicy",
"iam:getContextKeysForPrincipalPolicy",
"iam:getCredentialReport",
"iam:getGroup",
"iam:getGroupPolicy",
"iam:getInstanceProfile",
"iam:getLoginProfile",
"iam:getOpenIDConnectProvider",
"iam:getPolicy",
"iam:getPolicyVersion",
"iam:getRole",
"iam:getRolePolicy",
"iam:getSAMLProvider",
"iam:getServerCertificate",
"iam:getSSHPublicKey",
"iam:getUser",
"iam:getUserPolicy",
"iam:listAccessKeys",
"iam:listAccountAliases",
"iam:listAttachedGroupPolicies",
"iam:listAttachedRolePolicies",
"iam:listAttachedUserPolicies",
"iam:listEntitiesForPolicy",
"iam:listGroupPolicies",
"iam:listGroups",
"iam:listGroupsForUser",
"iam:listInstanceProfiles",
"iam:listInstanceProfilesForRole",
"iam:listMFADevices",
"iam:listOpenIDConnectProviders",
"iam:listPolicies",
"iam:listPolicyVersions",
"iam:listRolePolicies",
"iam:listRoles",
"iam:listSAMLProviders",
"iam:listServerCertificates",
"iam:listSigningCertificates",
"iam:listSSHPublicKeys",
"iam:listUserPolicies",
"iam:listUsers",
"iam:listVirtualMFADevices",
"iam:simulateCustomPolicy",
"iam:simulatePrincipalPolicy",
"importexport:getStatus",
"importexport:listJobs",
"inspector:describeAssessmentRuns",
"inspector:describeAssessmentTargets",
"inspector:describeAssessmentTemplates",
"inspector:describeCrossAccountAccessRole",
"inspector:describeResourceGroups",
"inspector:describeRulesPackages",
"inspector:getTelemetryMetadata",
"inspector:listAssessmentRunAgents",
"inspector:listAssessmentRuns",
"inspector:listAssessmentTargets",
"inspector:listAssessmentTemplates",
"inspector:listEventSubscriptions",
"inspector:listRulesPackages",
"inspector:listTagsForResource",
"iot:describeAuthorizer",
"iot:describeCACertificate",
"iot:describeCertificate",
"iot:describeDefaultAuthorizer",
"iot:describeEndpoint",
"iot:describeIndex",
"iot:describeJobExecution",
"iot:describeThing",
"iot:describeThingGroup",
"iot:getEffectivePolicies",
"iot:getIndexingConfiguration",
"iot:getLoggingOptions",
"iot:getPolicy",
"iot:getPolicyVersion",
"iot:getTopicRule",
"iot:getV2LoggingOptions",
"iot:listAttachedPolicies",
"iot:listAuthorizers",
"iot:listCACertificates",
"iot:listCertificates",
"iot:listCertificatesByCA",
"iot:listJobExecutionsForJob",
"iot:listJobExecutionsForThing",
"iot:listJobs",
"iot:listOutgoingCertificates",
"iot:listPolicies",
"iot:listPolicyPrincipals",
"iot:listPolicyVersions",
"iot:listPrincipalPolicies",
"iot:listPrincipalThings",
"iot:listRoleAliases",
"iot:listTargetsForPolicy",
"iot:listThingGroups",
"iot:listThingGroupsForThing",
"iot:listThingPrincipals",
"iot:listThingRegistrationTasks",
"iot:listThings",
"iot:listThingTypes",
"iot:listTopicRules",
"iot:listV2LoggingLevels",
"kafka:describeCluster",
"kafka:getBootstrapBrokers",
"kafka:listClusters",
"kafka:listNodes",
"kinesis:describeStream",
"kinesis:listStreams",
"kinesis:listTagsForStream",
"kinesisanalytics:describeApplication",
"kinesisanalytics:listApplications",
"kms:describeKey",
"kms:getKeyPolicy",
"kms:getKeyRotationStatus",
"kms:listAliases",
"kms:listGrants",
"kms:listKeyPolicies",
"kms:listKeys",
"kms:listResourceTags",
"kms:listRetirableGrants",
"lambda:getAccountSettings",
"lambda:getAlias",
"lambda:getEventSourceMapping",
"lambda:getFunction",
"lambda:getFunctionConfiguration",
"lambda:getPolicy",
"lambda:listAliases",
"lambda:listEventSourceMappings",
"lambda:listFunctions",
"lambda:listVersionsByFunction",
"lex:getBot",
"lex:getBotAlias",
"lex:getBotAliases",
"lex:getBotChannelAssociation",
"lex:getBotChannelAssociations",
"lex:getBots",
"lex:getBotVersions",
"lex:getBuiltinIntent",
"lex:getBuiltinIntents",
"lex:getBuiltinSlotTypes",
"lex:getIntent",
"lex:getIntents",
"lex:getIntentVersions",
"lex:getSlotType",
"lex:getSlotTypes",
"lex:getSlotTypeVersions",
"lightsail:getActiveNames",
"lightsail:getBlueprints",
"lightsail:getBundles",
"lightsail:getDomain",
"lightsail:getDomains",
"lightsail:getInstance",
"lightsail:getInstanceAccessDetails",
"lightsail:getInstanceMetricData",
"lightsail:getInstancePortStates",
"lightsail:getInstances",
"lightsail:getInstanceSnapshot",
"lightsail:getInstanceSnapshots",
"lightsail:getInstanceState",
"lightsail:getKeyPair",
"lightsail:getKeyPairs",
"lightsail:getOperation",
"lightsail:getOperations",
"lightsail:getOperationsForResource",
"lightsail:getRegions",
"lightsail:getStaticIp",
"lightsail:getStaticIps",
"logs:describeDestinations",
"logs:describeExportTasks",
"logs:describeLogGroups",
"logs:describeLogStreams",
"logs:describeMetricFilters",
"logs:describeSubscriptionFilters",
"logs:testMetricFilter",
"machinelearning:describeBatchPredictions",
"machinelearning:describeDataSources",
"machinelearning:describeEvaluations",
"machinelearning:describeMLModels",
"machinelearning:getBatchPrediction",
"machinelearning:getDataSource",
"machinelearning:getEvaluation",
"machinelearning:getMLModel",
"mediaconvert:describeEndpoints",
"mediaconvert:getJob",
"mediaconvert:getJobTemplate",
"mediaconvert:getPreset",
"mediaconvert:getQueue",
"mediaconvert:listJobs",
"mediaconvert:listJobTemplates",
"medialive:describeChannel",
"medialive:describeInput",
"medialive:describeInputSecurityGroup",
"medialive:describeOffering",
"medialive:describeReservation",
"medialive:describeSchedule",
"medialive:listChannels",
"medialive:listInputs",
"medialive:listInputSecurityGroups",
"medialive:listOfferings",
"mediapackage:describeChannel",
"mediapackage:describeOriginEndpoint",
"mediapackage:listChannels",
"mediapackage:listOriginEndpoints",
"mediastore:describeContainer",
"mediastore:getContainerPolicy",
"mediastore:listContainers",
"mobiletargeting:getApnsChannel",
"mobiletargeting:getApplicationSettings",
"mobiletargeting:getCampaign",
"mobiletargeting:getCampaignActivities",
"mobiletargeting:getCampaigns",
"mobiletargeting:getCampaignVersion",
"mobiletargeting:getCampaignVersions",
"mobiletargeting:getEndpoint",
"mobiletargeting:getGcmChannel",
"mobiletargeting:getImportJob",
"mobiletargeting:getImportJobs",
"mobiletargeting:getSegment",
"mobiletargeting:getSegmentImportJobs",
"mobiletargeting:getSegments",
"mobiletargeting:getSegmentVersion",
"mobiletargeting:getSegmentVersions",
"mq:describeBroker",
"mq:describeConfiguration",
"mq:describeConfigurationRevision",
"mq:describeUser",
"mq:listBrokers",
"mq:listConfigurationRevisions",
"mq:listConfigurations",
"mq:listUsers",
"opsworks-cm:describeAccountAttributes",
"opsworks-cm:describeBackups",
"opsworks-cm:describeEvents",
"opsworks-cm:describeNodeAssociationStatus",
"opsworks-cm:describeServers",
"opsworks:describeAgentVersions",
"opsworks:describeApps",
"opsworks:describeCommands",
"opsworks:describeDeployments",
"opsworks:describeEcsClusters",
"opsworks:describeElasticIps",
"opsworks:describeElasticLoadBalancers",
"opsworks:describeInstances",
"opsworks:describeLayers",
"opsworks:describeLoadBasedAutoScaling",
"opsworks:describeMyUserProfile",
"opsworks:describePermissions",
"opsworks:describeRaidArrays",
"opsworks:describeRdsDbInstances",
"opsworks:describeServiceErrors",
"opsworks:describeStackProvisioningParameters",
"opsworks:describeStacks",
"opsworks:describeStackSummary",
"opsworks:describeTimeBasedAutoScaling",
"opsworks:describeUserProfiles",
"opsworks:describeVolumes",
"opsworks:getHostnameSuggestion",
"polly:describeVoices",
"polly:getLexicon",
"polly:listLexicons",
"rds:describeAccountAttributes",
"rds:describeCertificates",
"rds:describeDBClusterParameterGroups",
"rds:describeDBClusterParameters",
"rds:describeDBClusters",
"rds:describeDBClusterSnapshots",
"rds:describeDBEngineVersions",
"rds:describeDBInstances",
"rds:describeDBParameterGroups",
"rds:describeDBParameters",
"rds:describeDBSecurityGroups",
"rds:describeDBSnapshotAttributes",
"rds:describeDBSnapshots",
"rds:describeDBSubnetGroups",
"rds:describeEngineDefaultClusterParameters",
"rds:describeEngineDefaultParameters",
"rds:describeEventCategories",
"rds:describeEvents",
"rds:describeEventSubscriptions",
"rds:describeOptionGroupOptions",
"rds:describeOptionGroups",
"rds:describeOrderableDBInstanceOptions",
"rds:describePendingMaintenanceActions",
"rds:describeReservedDBInstances",
"rds:describeReservedDBInstancesOfferings",
"rds:listTagsForResource",
"redshift:describeClusterParameterGroups",
"redshift:describeClusterParameters",
"redshift:describeClusters",
"redshift:describeClusterSecurityGroups",
"redshift:describeClusterSnapshots",
"redshift:describeClusterSubnetGroups",
"redshift:describeClusterVersions",
"redshift:describeDefaultClusterParameters",
"redshift:describeEventCategories",
"redshift:describeEvents",
"redshift:describeEventSubscriptions",
"redshift:describeHsmClientCertificates",
"redshift:describeHsmConfigurations",
"redshift:describeLoggingStatus",
"redshift:describeOrderableClusterOptions",
"redshift:describeReservedNodeOfferings",
"redshift:describeReservedNodes",
"redshift:describeResize",
"redshift:describeSnapshotCopyGrants",
"redshift:describeTableRestoreStatus",
"redshift:describeTags",
"rekognition:listCollections",
"rekognition:listFaces",
"robomaker:describeDeploymentJob",
"robomaker:describeFleet",
"robomaker:describeRobotApplication",
"robomaker:describeSimulationApplication",
"robomaker:describeSimulationJob",
"robomaker:listDeploymentJobs",
"robomaker:listFleets",
"robomaker:listRobotApplications",
"robomaker:listRobots",
"robomaker:listSimulationApplications",
"robomaker:listSimulationJobs",
"route53:getChange",
"route53:getCheckerIpRanges",
"route53:getGeoLocation",
"route53:getHealthCheck",
"route53:getHealthCheckCount",
"route53:getHealthCheckLastFailureReason",
"route53:getHealthCheckStatus",
"route53:getHostedZone",
"route53:getHostedZoneCount",
"route53:getReusableDelegationSet",
"route53:getTrafficPolicy",
"route53:getTrafficPolicyInstance",
"route53:getTrafficPolicyInstanceCount",
"route53:listGeoLocations",
"route53:listHealthChecks",
"route53:listHostedZones",
"route53:listHostedZonesByName",
"route53:listResourceRecordSets",
"route53:listReusableDelegationSets",
"route53:listTagsForResource",
"route53:listTagsForResources",
"route53:listTrafficPolicies",
"route53:listTrafficPolicyInstances",
"route53:listTrafficPolicyInstancesByHostedZone",
"route53:listTrafficPolicyInstancesByPolicy",
"route53:listTrafficPolicyVersions",
"route53domains:checkDomainAvailability",
"route53domains:getContactReachabilityStatus",
"route53domains:getDomainDetail",
"route53domains:getOperationDetail",
"route53domains:listDomains",
"route53domains:listOperations",
"route53domains:listTagsForDomain",
"route53domains:viewBilling",
"route53resolver:getResolverRulePolicy",
"route53resolver:listResolverEndpointIpAddresses",
"route53resolver:listResolverEndpoints",
"route53resolver:listResolverRuleAssociations",
"route53resolver:listResolverRules",
"route53resolver:listTagsForResource",
"s3:getAccelerateConfiguration",
"s3:getAnalyticsConfiguration",
"s3:getBucketAcl",
"s3:getBucketCORS",
"s3:getBucketLocation",
"s3:getBucketLogging",
"s3:getBucketNotification",
"s3:getBucketPolicy",
"s3:getBucketRequestPayment",
"s3:getBucketTagging",
"s3:getBucketVersioning",
"s3:getBucketWebsite",
"s3:getEncryptionConfiguration",
"s3:getInventoryConfiguration",
"s3:getLifecycleConfiguration",
"s3:getMetricsConfiguration",
"s3:getReplicationConfiguration",
"s3:headBucket",
"s3:listAllMyBuckets",
"s3:listBucketMultipartUploads",
"sagemaker:describeEndpoint",
"sagemaker:describeEndpointConfig",
"sagemaker:describeHyperParameterTuningJob",
"sagemaker:describeModel",
"sagemaker:describeNotebookInstance",
"sagemaker:describeNotebookInstanceLifecycleConfig",
"sagemaker:describeTrainingJob",
"sagemaker:describeTransformJob",
"sagemaker:listEndpointConfigs",
"sagemaker:listEndpoints",
"sagemaker:listHyperParameterTuningJobs",
"sagemaker:listModels",
"sagemaker:listNotebookInstanceLifecycleConfigs",
"sagemaker:listNotebookInstances",
"sagemaker:listTags",
"sagemaker:listTrainingJobs",
"sagemaker:listTrainingJobsForHyperParameterTuningJob",
"sagemaker:listTransformJobs",
"sdb:domainMetadata",
"sdb:listDomains",
"secretsmanager:describeSecret",
"secretsmanager:getResourcePolicy",
"secretsmanager:listSecrets",
"secretsmanager:listSecretVersionIds",
"servicecatalog:describeConstraint",
"servicecatalog:describePortfolio",
"servicecatalog:describeProduct",
"servicecatalog:describeProductAsAdmin",
"servicecatalog:describeProductView",
"servicecatalog:describeProvisioningArtifact",
"servicecatalog:describeProvisioningParameters",
"servicecatalog:describeRecord",
"servicecatalog:listAcceptedPortfolioShares",
"servicecatalog:listConstraintsForPortfolio",
"servicecatalog:listLaunchPaths",
"servicecatalog:listPortfolioAccess",
"servicecatalog:listPortfolios",
"servicecatalog:listPortfoliosForProduct",
"servicecatalog:listPrincipalsForPortfolio",
"servicecatalog:listProvisioningArtifacts",
"servicecatalog:listRecordHistory",
"servicecatalog:scanProvisionedProducts",
"servicecatalog:searchProducts",
"ses:describeActiveReceiptRuleSet",
"ses:describeReceiptRule",
"ses:describeReceiptRuleSet",
"ses:getIdentityDkimAttributes",
"ses:getIdentityMailFromDomainAttributes",
"ses:getIdentityNotificationAttributes",
"ses:getIdentityPolicies",
"ses:getIdentityVerificationAttributes",
"ses:getSendQuota",
"ses:getSendStatistics",
"ses:listIdentities",
"ses:listIdentityPolicies",
"ses:listReceiptFilters",
"ses:listReceiptRuleSets",
"ses:listVerifiedEmailAddresses",
"shield:describeAttack",
"shield:describeProtection",
"shield:describeSubscription",
"shield:listAttacks",
"shield:listProtections",
"sms:getConnectors",
"sms:getReplicationJobs",
"sms:getReplicationRuns",
"sms:getServers",
"snowball:describeAddress",
"snowball:describeAddresses",
"snowball:describeJob",
"snowball:getSnowballUsage",
"snowball:listJobs",
"sns:checkIfPhoneNumberIsOptedOut",
"sns:getEndpointAttributes",
"sns:getPlatformApplicationAttributes",
"sns:getSMSAttributes",
"sns:getSubscriptionAttributes",
"sns:getTopicAttributes",
"sns:listEndpointsByPlatformApplication",
"sns:listPhoneNumbersOptedOut",
"sns:listPlatformApplications",
"sns:listSubscriptions",
"sns:listSubscriptionsByTopic",
"sns:listTopics",
"sqs:getQueueAttributes",
"sqs:getQueueUrl",
"sqs:listDeadLetterSourceQueues",
"sqs:listQueues",
"ssm:describeActivations",
"ssm:describeAssociation",
"ssm:describeAutomationExecutions",
"ssm:describeAvailablePatches",
"ssm:describeDocument",
"ssm:describeDocumentPermission",
"ssm:describeEffectiveInstanceAssociations",
"ssm:describeEffectivePatchesForPatchBaseline",
"ssm:describeInstanceAssociationsStatus",
"ssm:describeInstanceInformation",
"ssm:describeInstancePatches",
"ssm:describeInstancePatchStates",
"ssm:describeInstancePatchStatesForPatchGroup",
"ssm:describeMaintenanceWindowExecutions",
"ssm:describeMaintenanceWindowExecutionTaskInvocations",
"ssm:describeMaintenanceWindowExecutionTasks",
"ssm:describeMaintenanceWindows",
"ssm:describeMaintenanceWindowTargets",
"ssm:describeMaintenanceWindowTasks",
"ssm:describeParameters",
"ssm:describePatchBaselines",
"ssm:describePatchGroups",
"ssm:describePatchGroupState",
"ssm:getAutomationExecution",
"ssm:getCommandInvocation",
"ssm:getDefaultPatchBaseline",
"ssm:getDeployablePatchSnapshotForInstance",
"ssm:getDocument",
"ssm:getInventory",
"ssm:getInventorySchema",
"ssm:getMaintenanceWindow",
"ssm:getMaintenanceWindowExecution",
"ssm:getMaintenanceWindowExecutionTask",
"ssm:getParameterHistory",
"ssm:getParameters",
"ssm:getPatchBaseline",
"ssm:getPatchBaselineForPatchGroup",
"ssm:listAssociations",
"ssm:listCommandInvocations",
"ssm:listCommands",
"ssm:listDocuments",
"ssm:listDocumentVersions",
"ssm:listInventoryEntries",
"ssm:listTagsForResource",
"states:describeActivity",
"states:describeExecution",
"states:describeStateMachine",
"states:getExecutionHistory",
"states:listActivities",
"states:listExecutions",
"states:listStateMachines",
"storagegateway:describeBandwidthRateLimit",
"storagegateway:describeCache",
"storagegateway:describeCachediSCSIVolumes",
"storagegateway:describeGatewayInformation",
"storagegateway:describeMaintenanceStartTime",
"storagegateway:describeNFSFileShares",
"storagegateway:describeSMBFileShares",
"storagegateway:describeSMBSettings",
"storagegateway:describeSnapshotSchedule",
"storagegateway:describeStorediSCSIVolumes",
"storagegateway:describeTapeArchives",
"storagegateway:describeTapeRecoveryPoints",
"storagegateway:describeTapes",
"storagegateway:describeUploadBuffer",
"storagegateway:describeVTLDevices",
"storagegateway:describeWorkingStorage",
"storagegateway:listFileShares",
"storagegateway:listGateways",
"storagegateway:listLocalDisks",
"storagegateway:listTagsForResource",
"storagegateway:listTapes",
"storagegateway:listVolumeInitiators",
"storagegateway:listVolumeRecoveryPoints",
"storagegateway:listVolumes",
"swf:describeActivityType",
"swf:describeDomain",
"swf:describeWorkflowExecution",
"swf:describeWorkflowType",
"swf:getWorkflowExecutionHistory",
"swf:listActivityTypes",
"swf:listClosedWorkflowExecutions",
"swf:listDomains",
"swf:listOpenWorkflowExecutions",
"swf:listWorkflowTypes",
"transfer:describeServer",
"transfer:describeUser",
"transfer:listServers",
"transfer:listTagsForResource",
"transfer:listUsers",
"waf-regional:getByteMatchSet",
"waf-regional:getChangeTokenStatus",
"waf-regional:getIPSet",
"waf-regional:getRule",
"waf-regional:getSqlInjectionMatchSet",
"waf-regional:getWebACL",
"waf-regional:getWebACLForResource",
"waf-regional:listByteMatchSets",
"waf-regional:listIPSets",
"waf-regional:listResourcesForWebACL",
"waf-regional:listRules",
"waf-regional:listSqlInjectionMatchSets",
"waf-regional:listWebACLs",
"waf:getByteMatchSet",
"waf:getChangeTokenStatus",
"waf:getIPSet",
"waf:getRule",
"waf:getSampledRequests",
"waf:getSizeConstraintSet",
"waf:getSqlInjectionMatchSet",
"waf:getWebACL",
"waf:getXssMatchSet",
"waf:listByteMatchSets",
"waf:listIPSets",
"waf:listRules",
"waf:listSizeConstraintSets",
"waf:listSqlInjectionMatchSets",
"waf:listWebACLs",
"waf:listXssMatchSets",
"workdocs:checkAlias",
"workdocs:describeAvailableDirectories",
"workdocs:describeInstances",
"workspaces:describeTags",
"workspaces:describeWorkspaceBundles",
"workspaces:describeWorkspaceDirectories",
"workspaces:describeWorkspaces",
"workspaces:describeWorkspacesConnectionStatus"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": false,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ7W6266ELXF5MISDS",
"PolicyName": "AWSSupportServiceRolePolicy",
"UpdateDate": "2019-02-06T18:06:11+00:00",
"VersionId": "v4"
},
"AWSTransferLoggingAccess": {
"Arn": "arn:aws:iam::aws:policy/service-role/AWSTransferLoggingAccess",
"AttachmentCount": 0,
"CreateDate": "2019-01-14T15:32:50+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"logs:CreateLogStream",
"logs:DescribeLogStreams",
"logs:CreateLogGroup",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAISIP5WGJX7VKXRQZO",
"PolicyName": "AWSTransferLoggingAccess",
"UpdateDate": "2019-01-14T15:32:50+00:00",
"VersionId": "v1"
},
"AWSTrustedAdvisorServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSTrustedAdvisorServiceRolePolicy",
"AttachmentCount": 1,
"CreateDate": "2018-02-22T21:24:25+00:00",
"DefaultVersionId": "v5",
"Document": {
"Statement": [
{
"Action": [
"autoscaling:DescribeAccountLimits",
"autoscaling:DescribeAutoScalingGroups",
"autoscaling:DescribeLaunchConfigurations",
"cloudformation:DescribeAccountLimits",
"cloudformation:DescribeStacks",
"cloudformation:ListStacks",
"cloudfront:ListDistributions",
"cloudtrail:DescribeTrails",
"cloudtrail:GetTrailStatus",
"dynamodb:DescribeLimits",
"dynamodb:DescribeTable",
"dynamodb:ListTables",
"ec2:DescribeAddresses",
"ec2:DescribeReservedInstances",
"ec2:DescribeInstances",
"ec2:DescribeVpcs",
"ec2:DescribeInternetGateways",
"ec2:DescribeImages",
"ec2:DescribeVolumes",
"ec2:DescribeSecurityGroups",
"ec2:DescribeReservedInstancesOfferings",
"ec2:DescribeSnapshots",
"ec2:DescribeVpnConnections",
"ec2:DescribeVpnGateways",
"ec2:DescribeLaunchTemplateVersions",
"elasticloadbalancing:DescribeInstanceHealth",
"elasticloadbalancing:DescribeLoadBalancerAttributes",
"elasticloadbalancing:DescribeLoadBalancerPolicies",
"elasticloadbalancing:DescribeLoadBalancerPolicyTypes",
"elasticloadbalancing:DescribeLoadBalancers",
"iam:GenerateCredentialReport",
"iam:GetAccountPasswordPolicy",
"iam:GetAccountSummary",
"iam:GetCredentialReport",
"iam:GetServerCertificate",
"iam:ListServerCertificates",
"kinesis:DescribeLimits",
"rds:DescribeAccountAttributes",
"rds:DescribeDBClusters",
"rds:DescribeDBEngineVersions",
"rds:DescribeDBInstances",
"rds:DescribeDBParameterGroups",
"rds:DescribeDBParameters",
"rds:DescribeDBSecurityGroups",
"rds:DescribeDBSnapshots",
"rds:DescribeDBSubnetGroups",
"rds:DescribeEngineDefaultParameters",
"rds:DescribeEvents",
"rds:DescribeOptionGroupOptions",
"rds:DescribeOptionGroups",
"rds:DescribeOrderableDBInstanceOptions",
"rds:DescribeReservedDBInstances",
"rds:DescribeReservedDBInstancesOfferings",
"rds:ListTagsForResource",
"redshift:DescribeClusters",
"redshift:DescribeReservedNodeOfferings",
"redshift:DescribeReservedNodes",
"route53:GetAccountLimit",
"route53:GetHealthCheck",
"route53:GetHostedZone",
"route53:ListHealthChecks",
"route53:ListHostedZones",
"route53:ListHostedZonesByName",
"route53:ListResourceRecordSets",
"s3:GetBucketAcl",
"s3:GetBucketPolicy",
"s3:GetBucketPolicyStatus",
"s3:GetBucketLocation",
"s3:GetBucketLogging",
"s3:GetBucketVersioning",
"s3:GetBucketPublicAccessBlock",
"s3:ListBucket",
"s3:ListObjects",
"s3:ListAllMyBuckets",
"ses:GetSendQuota",
"sqs:ListQueues",
"cloudwatch:GetMetricStatistics"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJH4QJ2WMHBOB47BUE",
"PolicyName": "AWSTrustedAdvisorServiceRolePolicy",
"UpdateDate": "2019-01-22T19:58:36+00:00",
"VersionId": "v5"
},
"AWSVPCTransitGatewayServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AWSVPCTransitGatewayServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-11-26T16:21:17+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:CreateNetworkInterface",
"ec2:DescribeNetworkInterfaces",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:DeleteNetworkInterface",
"ec2:CreateNetworkInterfacePermission"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "0"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJS2PBJSYV2EZW3MIQ",
"PolicyName": "AWSVPCTransitGatewayServiceRolePolicy",
"UpdateDate": "2018-11-26T16:21:17+00:00",
"VersionId": "v1"
},
"AWSWAFFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSWAFFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-10-06T20:44:00+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"waf:*",
"waf-regional:*",
"elasticloadbalancing:SetWebACL"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJMIKIAFXZEGOLRH7C",
"PolicyName": "AWSWAFFullAccess",
"UpdateDate": "2016-12-07T21:33:25+00:00",
"VersionId": "v2"
},
"AWSWAFReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSWAFReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-10-06T20:43:45+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"waf:Get*",
"waf:List*",
"waf-regional:Get*",
"waf-regional:List*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAINZVDMX2SBF7EU2OC",
"PolicyName": "AWSWAFReadOnlyAccess",
"UpdateDate": "2016-12-07T21:30:54+00:00",
"VersionId": "v2"
},
"AWSXRayDaemonWriteAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess",
"AttachmentCount": 0,
"CreateDate": "2018-08-28T23:00:33+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"xray:PutTraceSegments",
"xray:PutTelemetryRecords",
"xray:GetSamplingRules",
"xray:GetSamplingTargets",
"xray:GetSamplingStatisticSummaries"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIOE47HSUE5AVBNEDM",
"PolicyName": "AWSXRayDaemonWriteAccess",
"UpdateDate": "2018-08-28T23:00:33+00:00",
"VersionId": "v1"
},
"AWSXrayFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSXrayFullAccess",
"AttachmentCount": 0,
"CreateDate": "2016-12-01T18:30:55+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"xray:*"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJQBYG45NSJMVQDB2K",
"PolicyName": "AWSXrayFullAccess",
"UpdateDate": "2016-12-01T18:30:55+00:00",
"VersionId": "v1"
},
"AWSXrayReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSXrayReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2016-12-01T18:27:02+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"xray:GetSamplingRules",
"xray:GetSamplingTargets",
"xray:GetSamplingStatisticSummaries",
"xray:BatchGetTraces",
"xray:GetServiceGraph",
"xray:GetTraceGraph",
"xray:GetTraceSummaries",
"xray:GetGroups",
"xray:GetGroup",
"xray:GetTimeSeriesServiceStatistics"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIH4OFXWPS6ZX6OPGQ",
"PolicyName": "AWSXrayReadOnlyAccess",
"UpdateDate": "2019-04-30T18:11:46+00:00",
"VersionId": "v4"
},
"AWSXrayWriteOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AWSXrayWriteOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2016-12-01T18:19:53+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"xray:PutTraceSegments",
"xray:PutTelemetryRecords",
"xray:GetSamplingRules",
"xray:GetSamplingTargets",
"xray:GetSamplingStatisticSummaries"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIAACM4LMYSRGBCTM6",
"PolicyName": "AWSXrayWriteOnlyAccess",
"UpdateDate": "2018-08-28T23:03:04+00:00",
"VersionId": "v2"
},
"AdministratorAccess": {
"Arn": "arn:aws:iam::aws:policy/AdministratorAccess",
"AttachmentCount": 1,
"CreateDate": "2015-02-06T18:39:46+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "*",
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIWMBCKSKIEE64ZLYK",
"PolicyName": "AdministratorAccess",
"UpdateDate": "2015-02-06T18:39:46+00:00",
"VersionId": "v1"
},
"AlexaForBusinessDeviceSetup": {
"Arn": "arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup",
"AttachmentCount": 0,
"CreateDate": "2017-11-30T16:47:16+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"a4b:RegisterDevice",
"a4b:CompleteRegistration",
"a4b:SearchDevices",
"a4b:SearchNetworkProfiles",
"a4b:GetNetworkProfile",
"a4b:PutDeviceSetupEvents"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"secretsmanager:GetSecretValue"
],
"Effect": "Allow",
"Resource": "arn:aws:secretsmanager:*:*:secret:A4BNetworkProfile*",
"Sid": "A4bDeviceSetupAccess"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIUEFZFUTDTY4HGFU2",
"PolicyName": "AlexaForBusinessDeviceSetup",
"UpdateDate": "2019-05-20T21:05:39+00:00",
"VersionId": "v2"
},
"AlexaForBusinessFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AlexaForBusinessFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-11-30T16:47:09+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"a4b:*",
"kms:DescribeKey"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:CreateServiceLinkedRole"
],
"Condition": {
"StringLike": {
"iam:AWSServiceName": [
"*a4b.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:DeleteServiceLinkedRole",
"iam:GetServiceLinkedRoleDeletionStatus"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/*a4b.amazonaws.com/AWSServiceRoleForAlexaForBusiness*"
},
{
"Action": [
"secretsmanager:GetSecretValue",
"secretsmanager:DeleteSecret",
"secretsmanager:UpdateSecret"
],
"Effect": "Allow",
"Resource": "arn:aws:secretsmanager:*:*:secret:A4BNetworkProfile*"
},
{
"Action": "secretsmanager:CreateSecret",
"Condition": {
"StringLike": {
"secretsmanager:Name": "A4BNetworkProfile*"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAILUT3JGG7WRIMVNH2",
"PolicyName": "AlexaForBusinessFullAccess",
"UpdateDate": "2019-05-20T21:32:33+00:00",
"VersionId": "v4"
},
"AlexaForBusinessGatewayExecution": {
"Arn": "arn:aws:iam::aws:policy/AlexaForBusinessGatewayExecution",
"AttachmentCount": 0,
"CreateDate": "2017-11-30T16:47:19+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"a4b:Send*",
"a4b:Get*"
],
"Effect": "Allow",
"Resource": "arn:aws:a4b:*:*:gateway/*"
},
{
"Action": [
"sqs:ReceiveMessage",
"sqs:DeleteMessage"
],
"Effect": "Allow",
"Resource": [
"arn:aws:sqs:*:*:dd-*",
"arn:aws:sqs:*:*:sd-*"
]
},
{
"Action": [
"a4b:List*",
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:DescribeLogGroups",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI3LZ7YP7KHLG4DT2Q",
"PolicyName": "AlexaForBusinessGatewayExecution",
"UpdateDate": "2017-11-30T16:47:19+00:00",
"VersionId": "v1"
},
"AlexaForBusinessNetworkProfileServicePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AlexaForBusinessNetworkProfileServicePolicy",
"AttachmentCount": 0,
"CreateDate": "2019-03-13T00:53:40+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"acm-pca:GetCertificate",
"acm-pca:IssueCertificate",
"acm-pca:RevokeCertificate"
],
"Condition": {
"StringEquals": {
"aws:ResourceTag/a4b": "enabled"
}
},
"Effect": "Allow",
"Resource": "*",
"Sid": "A4bPcaTagAccess"
},
{
"Action": [
"secretsmanager:GetSecretValue"
],
"Effect": "Allow",
"Resource": "arn:aws:secretsmanager:*:*:secret:A4BNetworkProfile*",
"Sid": "A4bNetworkProfileAccess"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI7GYBNGIZU2EDSMGQ",
"PolicyName": "AlexaForBusinessNetworkProfileServicePolicy",
"UpdateDate": "2019-04-05T21:57:56+00:00",
"VersionId": "v2"
},
"AlexaForBusinessReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AlexaForBusinessReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2017-11-30T16:47:12+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"a4b:Get*",
"a4b:List*",
"a4b:Describe*",
"a4b:Search*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI6BKSTB4XMLPBFFJ2",
"PolicyName": "AlexaForBusinessReadOnlyAccess",
"UpdateDate": "2018-06-25T23:52:33+00:00",
"VersionId": "v2"
},
"AmazonAPIGatewayAdministrator": {
"Arn": "arn:aws:iam::aws:policy/AmazonAPIGatewayAdministrator",
"AttachmentCount": 1,
"CreateDate": "2015-07-09T17:34:45+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"apigateway:*"
],
"Effect": "Allow",
"Resource": "arn:aws:apigateway:*::/*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ4PT6VY5NLKTNUYSI",
"PolicyName": "AmazonAPIGatewayAdministrator",
"UpdateDate": "2015-07-09T17:34:45+00:00",
"VersionId": "v1"
},
"AmazonAPIGatewayInvokeFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonAPIGatewayInvokeFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-07-09T17:36:12+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"execute-api:Invoke",
"execute-api:ManageConnections"
],
"Effect": "Allow",
"Resource": "arn:aws:execute-api:*:*:*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIIWAX2NOOQJ4AIEQ6",
"PolicyName": "AmazonAPIGatewayInvokeFullAccess",
"UpdateDate": "2018-12-18T18:25:10+00:00",
"VersionId": "v2"
},
"AmazonAPIGatewayPushToCloudWatchLogs": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonAPIGatewayPushToCloudWatchLogs",
"AttachmentCount": 1,
"CreateDate": "2015-11-11T23:41:46+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:DescribeLogGroups",
"logs:DescribeLogStreams",
"logs:PutLogEvents",
"logs:GetLogEvents",
"logs:FilterLogEvents"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIK4GFO7HLKYN64ASK",
"PolicyName": "AmazonAPIGatewayPushToCloudWatchLogs",
"UpdateDate": "2015-11-11T23:41:46+00:00",
"VersionId": "v1"
},
"AmazonAppStreamFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonAppStreamFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:09+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"appstream:*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"application-autoscaling:DeleteScalingPolicy",
"application-autoscaling:DescribeScalableTargets",
"application-autoscaling:DescribeScalingPolicies",
"application-autoscaling:PutScalingPolicy",
"application-autoscaling:RegisterScalableTarget"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloudwatch:DeleteAlarms",
"cloudwatch:DescribeAlarms",
"cloudwatch:GetMetricStatistics",
"cloudwatch:PutMetricAlarm"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:DescribeRouteTables",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:ListRoles",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:PassRole",
"Condition": {
"StringLike": {
"iam:PassedToService": "application-autoscaling.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/service-role/ApplicationAutoScalingForAmazonAppStreamAccess"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": "appstream.application-autoscaling.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/appstream.application-autoscaling.amazonaws.com/AWSServiceRoleForApplicationAutoScaling_AppStreamFleet"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJLZZXU2YQVGL4QDNC",
"PolicyName": "AmazonAppStreamFullAccess",
"UpdateDate": "2018-09-10T17:29:25+00:00",
"VersionId": "v3"
},
"AmazonAppStreamReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonAppStreamReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:10+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"appstream:Get*",
"appstream:List*",
"appstream:Describe*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJXIFDGB4VBX23DX7K",
"PolicyName": "AmazonAppStreamReadOnlyAccess",
"UpdateDate": "2016-12-07T21:00:06+00:00",
"VersionId": "v2"
},
"AmazonAppStreamServiceAccess": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonAppStreamServiceAccess",
"AttachmentCount": 0,
"CreateDate": "2016-11-19T04:17:37+00:00",
"DefaultVersionId": "v5",
"Document": {
"Statement": [
{
"Action": [
"ec2:DescribeVpcs",
"ec2:DescribeSubnets",
"ec2:DescribeAvailabilityZones",
"ec2:CreateNetworkInterface",
"ec2:DescribeNetworkInterfaces",
"ec2:DeleteNetworkInterface",
"ec2:DescribeSubnets",
"ec2:AssociateAddress",
"ec2:DisassociateAddress",
"ec2:DescribeRouteTables",
"ec2:DescribeSecurityGroups",
"s3:ListAllMyBuckets"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:CreateBucket",
"s3:ListBucket",
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject",
"s3:GetObjectVersion",
"s3:DeleteObjectVersion",
"s3:PutBucketPolicy",
"s3:PutEncryptionConfiguration"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::appstream2-36fb080bb8-*",
"arn:aws:s3:::appstream-app-settings-*",
"arn:aws:s3:::appstream-logs-*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAISBRZ7LMMCBYEF3SE",
"PolicyName": "AmazonAppStreamServiceAccess",
"UpdateDate": "2019-01-17T20:22:45+00:00",
"VersionId": "v5"
},
"AmazonAthenaFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonAthenaFullAccess",
"AttachmentCount": 0,
"CreateDate": "2016-11-30T16:46:01+00:00",
"DefaultVersionId": "v5",
"Document": {
"Statement": [
{
"Action": [
"athena:*"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"glue:CreateDatabase",
"glue:DeleteDatabase",
"glue:GetDatabase",
"glue:GetDatabases",
"glue:UpdateDatabase",
"glue:CreateTable",
"glue:DeleteTable",
"glue:BatchDeleteTable",
"glue:UpdateTable",
"glue:GetTable",
"glue:GetTables",
"glue:BatchCreatePartition",
"glue:CreatePartition",
"glue:DeletePartition",
"glue:BatchDeletePartition",
"glue:UpdatePartition",
"glue:GetPartition",
"glue:GetPartitions",
"glue:BatchGetPartition"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"s3:GetBucketLocation",
"s3:GetObject",
"s3:ListBucket",
"s3:ListBucketMultipartUploads",
"s3:ListMultipartUploadParts",
"s3:AbortMultipartUpload",
"s3:CreateBucket",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::aws-athena-query-results-*"
]
},
{
"Action": [
"s3:GetObject",
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::athena-examples*"
]
},
{
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:ListAllMyBuckets"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"sns:ListTopics",
"sns:GetTopicAttributes"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms",
"cloudwatch:DeleteAlarms"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIPJMLMD4C7RYZ6XCK",
"PolicyName": "AmazonAthenaFullAccess",
"UpdateDate": "2019-02-19T00:13:03+00:00",
"VersionId": "v5"
},
"AmazonChimeFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonChimeFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-11-01T22:15:43+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"chime:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIUJFSAKUERNORYRWO",
"PolicyName": "AmazonChimeFullAccess",
"UpdateDate": "2017-11-01T22:15:43+00:00",
"VersionId": "v1"
},
"AmazonChimeReadOnly": {
"Arn": "arn:aws:iam::aws:policy/AmazonChimeReadOnly",
"AttachmentCount": 0,
"CreateDate": "2017-11-01T22:04:17+00:00",
"DefaultVersionId": "v6",
"Document": {
"Statement": [
{
"Action": [
"chime:ListAccounts",
"chime:GetAccount",
"chime:GetAccountSettings",
"chime:ListUsers",
"chime:GetUser",
"chime:GetUserByEmail",
"chime:ListDomains",
"chime:GetDomain",
"chime:ListGroups",
"chime:ListDirectories",
"chime:ListCDRBucket",
"chime:GetCDRBucket",
"chime:ListDelegates",
"chime:GetAccountResource",
"chime:ValidateDelegate",
"chime:ListAccountUsageReportData",
"chime:GetUserActivityReportData",
"chime:GetGlobalSettings",
"chime:GetPhoneNumber",
"chime:GetPhoneNumberOrder",
"chime:GetUserSettings",
"chime:GetVoiceConnector",
"chime:GetVoiceConnectorOrigination",
"chime:GetVoiceConnectorTermination",
"chime:GetVoiceConnectorTerminationHealth",
"chime:ListPhoneNumberOrders",
"chime:ListPhoneNumbers",
"chime:ListVoiceConnectorTerminationCredentials",
"chime:ListVoiceConnectors",
"chime:SearchAvailablePhoneNumbers",
"chime:GetTelephonyLimits",
"chime:ListCallingRegions",
"chime:GetBot",
"chime:ListBots",
"chime:GetEventsConfiguration"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJLBFZZFABRXVWRTCI",
"PolicyName": "AmazonChimeReadOnly",
"UpdateDate": "2019-05-13T20:34:08+00:00",
"VersionId": "v6"
},
"AmazonChimeUserManagement": {
"Arn": "arn:aws:iam::aws:policy/AmazonChimeUserManagement",
"AttachmentCount": 0,
"CreateDate": "2017-11-01T22:17:26+00:00",
"DefaultVersionId": "v6",
"Document": {
"Statement": [
{
"Action": [
"chime:ListAccounts",
"chime:GetAccount",
"chime:GetAccountSettings",
"chime:UpdateAccountSettings",
"chime:ListUsers",
"chime:GetUser",
"chime:GetUserByEmail",
"chime:InviteUsers",
"chime:SuspendUsers",
"chime:ActivateUsers",
"chime:UpdateUserLicenses",
"chime:ResetPersonalPIN",
"chime:LogoutUser",
"chime:ListDomains",
"chime:GetDomain",
"chime:ListDirectories",
"chime:ListGroups",
"chime:SubmitSupportRequest",
"chime:ListDelegates",
"chime:ListAccountUsageReportData",
"chime:GetMeetingDetail",
"chime:ListMeetingEvents",
"chime:ListMeetingsReportData",
"chime:GetUserActivityReportData",
"chime:UpdateUser",
"chime:BatchUpdateUser",
"chime:BatchSuspendUser",
"chime:BatchUnsuspendUser",
"chime:AssociatePhoneNumberWithUser",
"chime:DisassociatePhoneNumberFromUser",
"chime:GetPhoneNumber",
"chime:ListPhoneNumbers",
"chime:GetUserSettings",
"chime:UpdateUserSettings"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJGLHVUHNMQPSDGSOO",
"PolicyName": "AmazonChimeUserManagement",
"UpdateDate": "2019-03-18T12:17:58+00:00",
"VersionId": "v6"
},
"AmazonCloudDirectoryFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonCloudDirectoryFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-02-25T00:41:39+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"clouddirectory:*"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJG3XQK77ATFLCF2CK",
"PolicyName": "AmazonCloudDirectoryFullAccess",
"UpdateDate": "2017-02-25T00:41:39+00:00",
"VersionId": "v1"
},
"AmazonCloudDirectoryReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonCloudDirectoryReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2017-02-28T23:42:06+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"clouddirectory:List*",
"clouddirectory:Get*",
"clouddirectory:LookupPolicy",
"clouddirectory:BatchRead"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAICMSZQGR3O62KMD6M",
"PolicyName": "AmazonCloudDirectoryReadOnlyAccess",
"UpdateDate": "2017-02-28T23:42:06+00:00",
"VersionId": "v1"
},
"AmazonCognitoDeveloperAuthenticatedIdentities": {
"Arn": "arn:aws:iam::aws:policy/AmazonCognitoDeveloperAuthenticatedIdentities",
"AttachmentCount": 0,
"CreateDate": "2015-03-24T17:22:23+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cognito-identity:GetOpenIdTokenForDeveloperIdentity",
"cognito-identity:LookupDeveloperIdentity",
"cognito-identity:MergeDeveloperIdentities",
"cognito-identity:UnlinkDeveloperIdentity"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIQOKZ5BGKLCMTXH4W",
"PolicyName": "AmazonCognitoDeveloperAuthenticatedIdentities",
"UpdateDate": "2015-03-24T17:22:23+00:00",
"VersionId": "v1"
},
"AmazonCognitoIdpEmailServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonCognitoIdpEmailServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2019-03-21T21:32:25+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ses:SendEmail",
"ses:SendRawEmail"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ses:List*"
],
"Effect": "Deny",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIX7PW362PLAQFKBHM",
"PolicyName": "AmazonCognitoIdpEmailServiceRolePolicy",
"UpdateDate": "2019-03-21T21:32:25+00:00",
"VersionId": "v1"
},
"AmazonCognitoPowerUser": {
"Arn": "arn:aws:iam::aws:policy/AmazonCognitoPowerUser",
"AttachmentCount": 0,
"CreateDate": "2015-03-24T17:14:56+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"cognito-identity:*",
"cognito-idp:*",
"cognito-sync:*",
"iam:ListRoles",
"iam:ListOpenIdConnectProviders",
"sns:ListPlatformApplications"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringEquals": {
"iam:AWSServiceName": "email.cognito-idp.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:DeleteServiceLinkedRole",
"iam:GetServiceLinkedRoleDeletionStatus"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/email.cognito-idp.amazonaws.com/AWSServiceRoleForAmazonCognitoIdpEmail*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJKW5H2HNCPGCYGR6Y",
"PolicyName": "AmazonCognitoPowerUser",
"UpdateDate": "2019-03-29T22:06:46+00:00",
"VersionId": "v3"
},
"AmazonCognitoReadOnly": {
"Arn": "arn:aws:iam::aws:policy/AmazonCognitoReadOnly",
"AttachmentCount": 0,
"CreateDate": "2015-03-24T17:06:46+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"cognito-identity:Describe*",
"cognito-identity:Get*",
"cognito-identity:List*",
"cognito-idp:Describe*",
"cognito-idp:AdminGetUser",
"cognito-idp:AdminList*",
"cognito-idp:List*",
"cognito-sync:Describe*",
"cognito-sync:Get*",
"cognito-sync:List*",
"iam:ListOpenIdConnectProviders",
"iam:ListRoles",
"sns:ListPlatformApplications"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJBFTRZD2GQGJHSVQK",
"PolicyName": "AmazonCognitoReadOnly",
"UpdateDate": "2019-02-16T00:18:11+00:00",
"VersionId": "v3"
},
"AmazonConnectFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonConnectFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-10-17T20:59:39+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"connect:*",
"ds:CreateAlias",
"ds:AuthorizeApplication",
"ds:CreateIdentityPoolDirectory",
"ds:DeleteDirectory",
"ds:DescribeDirectories",
"ds:UnauthorizeApplication",
"firehose:DescribeDeliveryStream",
"firehose:ListDeliveryStreams",
"kinesis:DescribeStream",
"kinesis:ListStreams",
"kms:DescribeKey",
"kms:CreateGrant",
"kms:ListAliases",
"lex:GetBots",
"logs:CreateLogGroup",
"s3:CreateBucket",
"s3:GetBucketLocation",
"s3:ListAllMyBuckets"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringEquals": {
"iam:AWSServiceName": "connect.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:DeleteServiceLinkedRole",
"iam:PutRolePolicy"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/connect.amazonaws.com/AWSServiceRoleForAmazonConnect*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIPZZCFFD55NYGBAJI",
"PolicyName": "AmazonConnectFullAccess",
"UpdateDate": "2018-10-17T22:28:01+00:00",
"VersionId": "v2"
},
"AmazonConnectReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonConnectReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2018-10-17T21:00:44+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"connect:Get*",
"connect:Describe*",
"connect:List*",
"ds:DescribeDirectories"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "connect:GetFederationTokens",
"Effect": "Deny",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIVZMH7VU6YYKRY6ZU",
"PolicyName": "AmazonConnectReadOnlyAccess",
"UpdateDate": "2018-10-17T21:00:44+00:00",
"VersionId": "v1"
},
"AmazonConnectServiceLinkedRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonConnectServiceLinkedRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-09-07T00:21:43+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"connect:*"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"iam:DeleteRole"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/connect.amazonaws.com/AWSServiceRoleForAmazonConnect_*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ6R6FMTSRUJSKI72Y",
"PolicyName": "AmazonConnectServiceLinkedRolePolicy",
"UpdateDate": "2018-09-25T21:29:18+00:00",
"VersionId": "v2"
},
"AmazonDMSCloudWatchLogsRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole",
"AttachmentCount": 0,
"CreateDate": "2016-01-07T23:44:53+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"logs:DescribeLogGroups"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "AllowDescribeOnAllLogGroups"
},
{
"Action": [
"logs:DescribeLogStreams"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:log-group:dms-tasks-*"
],
"Sid": "AllowDescribeOfAllLogStreamsOnDmsTasksLogGroup"
},
{
"Action": [
"logs:CreateLogGroup"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:log-group:dms-tasks-*"
],
"Sid": "AllowCreationOfDmsTasksLogGroups"
},
{
"Action": [
"logs:CreateLogStream"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:log-group:dms-tasks-*:log-stream:dms-task-*"
],
"Sid": "AllowCreationOfDmsTaskLogStream"
},
{
"Action": [
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:log-group:dms-tasks-*:log-stream:dms-task-*"
],
"Sid": "AllowUploadOfLogEventsToDmsTaskLogStream"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJBG7UXZZXUJD3TDJE",
"PolicyName": "AmazonDMSCloudWatchLogsRole",
"UpdateDate": "2016-01-07T23:44:53+00:00",
"VersionId": "v1"
},
"AmazonDMSRedshiftS3Role": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role",
"AttachmentCount": 0,
"CreateDate": "2016-04-20T17:05:56+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"s3:CreateBucket",
"s3:ListBucket",
"s3:DeleteBucket",
"s3:GetBucketLocation",
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject",
"s3:GetObjectVersion",
"s3:GetBucketPolicy",
"s3:PutBucketPolicy",
"s3:DeleteBucketPolicy"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::dms-*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI3CCUQ4U5WNC5F6B6",
"PolicyName": "AmazonDMSRedshiftS3Role",
"UpdateDate": "2016-04-20T17:05:56+00:00",
"VersionId": "v1"
},
"AmazonDMSVPCManagementRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole",
"AttachmentCount": 0,
"CreateDate": "2015-11-18T16:33:19+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"ec2:CreateNetworkInterface",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeInternetGateways",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:DeleteNetworkInterface",
"ec2:ModifyNetworkInterfaceAttribute"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJHKIGMBQI4AEFFSYO",
"PolicyName": "AmazonDMSVPCManagementRole",
"UpdateDate": "2016-05-23T16:29:57+00:00",
"VersionId": "v3"
},
"AmazonDRSVPCManagement": {
"Arn": "arn:aws:iam::aws:policy/AmazonDRSVPCManagement",
"AttachmentCount": 0,
"CreateDate": "2015-09-02T00:09:20+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateNetworkInterface",
"ec2:CreateSecurityGroup",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeInternetGateways",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcAttribute",
"ec2:DescribeVpcs",
"ec2:DeleteNetworkInterface",
"ec2:DeleteSecurityGroup",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:RevokeSecurityGroupIngress"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJPXIBTTZMBEFEX6UA",
"PolicyName": "AmazonDRSVPCManagement",
"UpdateDate": "2015-09-02T00:09:20+00:00",
"VersionId": "v1"
},
"AmazonDocDBConsoleFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonDocDBConsoleFullAccess",
"AttachmentCount": 0,
"CreateDate": "2019-01-09T20:37:28+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"rds:AddRoleToDBCluster",
"rds:AddSourceIdentifierToSubscription",
"rds:AddTagsToResource",
"rds:ApplyPendingMaintenanceAction",
"rds:CopyDBClusterParameterGroup",
"rds:CopyDBClusterSnapshot",
"rds:CopyDBParameterGroup",
"rds:CreateDBCluster",
"rds:CreateDBClusterParameterGroup",
"rds:CreateDBClusterSnapshot",
"rds:CreateDBInstance",
"rds:CreateDBParameterGroup",
"rds:CreateDBSubnetGroup",
"rds:CreateEventSubscription",
"rds:DeleteDBCluster",
"rds:DeleteDBClusterParameterGroup",
"rds:DeleteDBClusterSnapshot",
"rds:DeleteDBInstance",
"rds:DeleteDBParameterGroup",
"rds:DeleteDBSubnetGroup",
"rds:DeleteEventSubscription",
"rds:DescribeAccountAttributes",
"rds:DescribeCertificates",
"rds:DescribeDBClusterParameterGroups",
"rds:DescribeDBClusterParameters",
"rds:DescribeDBClusterSnapshotAttributes",
"rds:DescribeDBClusterSnapshots",
"rds:DescribeDBClusters",
"rds:DescribeDBEngineVersions",
"rds:DescribeDBInstances",
"rds:DescribeDBLogFiles",
"rds:DescribeDBParameterGroups",
"rds:DescribeDBParameters",
"rds:DescribeDBSecurityGroups",
"rds:DescribeDBSubnetGroups",
"rds:DescribeEngineDefaultClusterParameters",
"rds:DescribeEngineDefaultParameters",
"rds:DescribeEventCategories",
"rds:DescribeEventSubscriptions",
"rds:DescribeEvents",
"rds:DescribeOptionGroups",
"rds:DescribeOrderableDBInstanceOptions",
"rds:DescribePendingMaintenanceActions",
"rds:DescribeValidDBInstanceModifications",
"rds:DownloadDBLogFilePortion",
"rds:FailoverDBCluster",
"rds:ListTagsForResource",
"rds:ModifyDBCluster",
"rds:ModifyDBClusterParameterGroup",
"rds:ModifyDBClusterSnapshotAttribute",
"rds:ModifyDBInstance",
"rds:ModifyDBParameterGroup",
"rds:ModifyDBSubnetGroup",
"rds:ModifyEventSubscription",
"rds:PromoteReadReplicaDBCluster",
"rds:RebootDBInstance",
"rds:RemoveRoleFromDBCluster",
"rds:RemoveSourceIdentifierFromSubscription",
"rds:RemoveTagsFromResource",
"rds:ResetDBClusterParameterGroup",
"rds:ResetDBParameterGroup",
"rds:RestoreDBClusterFromSnapshot",
"rds:RestoreDBClusterToPointInTime"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"iam:GetRole",
"cloudwatch:GetMetricData",
"cloudwatch:GetMetricStatistics",
"cloudwatch:ListMetrics",
"ec2:AllocateAddress",
"ec2:AssignIpv6Addresses",
"ec2:AssignPrivateIpAddresses",
"ec2:AssociateAddress",
"ec2:AssociateRouteTable",
"ec2:AssociateSubnetCidrBlock",
"ec2:AssociateVpcCidrBlock",
"ec2:AttachInternetGateway",
"ec2:AttachNetworkInterface",
"ec2:CreateCustomerGateway",
"ec2:CreateDefaultSubnet",
"ec2:CreateDefaultVpc",
"ec2:CreateInternetGateway",
"ec2:CreateNatGateway",
"ec2:CreateNetworkInterface",
"ec2:CreateRoute",
"ec2:CreateRouteTable",
"ec2:CreateSecurityGroup",
"ec2:CreateSubnet",
"ec2:CreateVpc",
"ec2:CreateVpcEndpoint",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAddresses",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeCustomerGateways",
"ec2:DescribeInstances",
"ec2:DescribeNatGateways",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribePrefixLists",
"ec2:DescribeRouteTables",
"ec2:DescribeSecurityGroupReferences",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeSubnets",
"ec2:DescribeVpcAttribute",
"ec2:DescribeVpcEndpoints",
"ec2:DescribeVpcs",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:ModifySubnetAttribute",
"ec2:ModifyVpcAttribute",
"ec2:ModifyVpcEndpoint",
"kms:DescribeKey",
"kms:ListAliases",
"kms:ListKeyPolicies",
"kms:ListKeys",
"kms:ListKeysForService",
"kms:ListRetirableGrants",
"logs:DescribeLogStreams",
"logs:GetLogEvents",
"sns:ListSubscriptions",
"sns:ListTopics",
"sns:Publish"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": "rds.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/rds.amazonaws.com/AWSServiceRoleForRDS"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJHV6VMSNDDHJ3ESNI",
"PolicyName": "AmazonDocDBConsoleFullAccess",
"UpdateDate": "2019-01-09T20:37:28+00:00",
"VersionId": "v1"
},
"AmazonDocDBFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonDocDBFullAccess",
"AttachmentCount": 0,
"CreateDate": "2019-01-09T20:21:44+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"rds:AddRoleToDBCluster",
"rds:AddSourceIdentifierToSubscription",
"rds:AddTagsToResource",
"rds:ApplyPendingMaintenanceAction",
"rds:CopyDBClusterParameterGroup",
"rds:CopyDBClusterSnapshot",
"rds:CopyDBParameterGroup",
"rds:CreateDBCluster",
"rds:CreateDBClusterParameterGroup",
"rds:CreateDBClusterSnapshot",
"rds:CreateDBInstance",
"rds:CreateDBParameterGroup",
"rds:CreateDBSubnetGroup",
"rds:CreateEventSubscription",
"rds:DeleteDBCluster",
"rds:DeleteDBClusterParameterGroup",
"rds:DeleteDBClusterSnapshot",
"rds:DeleteDBInstance",
"rds:DeleteDBParameterGroup",
"rds:DeleteDBSubnetGroup",
"rds:DeleteEventSubscription",
"rds:DescribeAccountAttributes",
"rds:DescribeCertificates",
"rds:DescribeDBClusterParameterGroups",
"rds:DescribeDBClusterParameters",
"rds:DescribeDBClusterSnapshotAttributes",
"rds:DescribeDBClusterSnapshots",
"rds:DescribeDBClusters",
"rds:DescribeDBEngineVersions",
"rds:DescribeDBInstances",
"rds:DescribeDBLogFiles",
"rds:DescribeDBParameterGroups",
"rds:DescribeDBParameters",
"rds:DescribeDBSecurityGroups",
"rds:DescribeDBSubnetGroups",
"rds:DescribeEngineDefaultClusterParameters",
"rds:DescribeEngineDefaultParameters",
"rds:DescribeEventCategories",
"rds:DescribeEventSubscriptions",
"rds:DescribeEvents",
"rds:DescribeOptionGroups",
"rds:DescribeOrderableDBInstanceOptions",
"rds:DescribePendingMaintenanceActions",
"rds:DescribeValidDBInstanceModifications",
"rds:DownloadDBLogFilePortion",
"rds:FailoverDBCluster",
"rds:ListTagsForResource",
"rds:ModifyDBCluster",
"rds:ModifyDBClusterParameterGroup",
"rds:ModifyDBClusterSnapshotAttribute",
"rds:ModifyDBInstance",
"rds:ModifyDBParameterGroup",
"rds:ModifyDBSubnetGroup",
"rds:ModifyEventSubscription",
"rds:PromoteReadReplicaDBCluster",
"rds:RebootDBInstance",
"rds:RemoveRoleFromDBCluster",
"rds:RemoveSourceIdentifierFromSubscription",
"rds:RemoveTagsFromResource",
"rds:ResetDBClusterParameterGroup",
"rds:ResetDBParameterGroup",
"rds:RestoreDBClusterFromSnapshot",
"rds:RestoreDBClusterToPointInTime"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"cloudwatch:GetMetricStatistics",
"cloudwatch:ListMetrics",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcAttribute",
"ec2:DescribeVpcs",
"kms:ListAliases",
"kms:ListKeyPolicies",
"kms:ListKeys",
"kms:ListRetirableGrants",
"logs:DescribeLogStreams",
"logs:GetLogEvents",
"sns:ListSubscriptions",
"sns:ListTopics",
"sns:Publish"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": "rds.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/rds.amazonaws.com/AWSServiceRoleForRDS"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIQKACUF6JJHALEG5K",
"PolicyName": "AmazonDocDBFullAccess",
"UpdateDate": "2019-01-09T20:21:44+00:00",
"VersionId": "v1"
},
"AmazonDocDBReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonDocDBReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2019-01-09T20:30:28+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"rds:DescribeAccountAttributes",
"rds:DescribeCertificates",
"rds:DescribeDBClusterParameterGroups",
"rds:DescribeDBClusterParameters",
"rds:DescribeDBClusterSnapshotAttributes",
"rds:DescribeDBClusterSnapshots",
"rds:DescribeDBClusters",
"rds:DescribeDBEngineVersions",
"rds:DescribeDBInstances",
"rds:DescribeDBLogFiles",
"rds:DescribeDBParameterGroups",
"rds:DescribeDBParameters",
"rds:DescribeDBSubnetGroups",
"rds:DescribeEventCategories",
"rds:DescribeEventSubscriptions",
"rds:DescribeEvents",
"rds:DescribeOrderableDBInstanceOptions",
"rds:DescribePendingMaintenanceActions",
"rds:DownloadDBLogFilePortion",
"rds:ListTagsForResource"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloudwatch:GetMetricStatistics",
"cloudwatch:ListMetrics"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:DescribeAccountAttributes",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeInternetGateways",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcAttribute",
"ec2:DescribeVpcs"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"kms:ListKeys",
"kms:ListRetirableGrants",
"kms:ListAliases",
"kms:ListKeyPolicies"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"logs:DescribeLogStreams",
"logs:GetLogEvents"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:log-group:/aws/rds/*:log-stream:*",
"arn:aws:logs:*:*:log-group:/aws/docdb/*:log-stream:*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI477RMVACLTLWY5RQ",
"PolicyName": "AmazonDocDBReadOnlyAccess",
"UpdateDate": "2019-01-09T20:30:28+00:00",
"VersionId": "v1"
},
"AmazonDynamoDBFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:11+00:00",
"DefaultVersionId": "v9",
"Document": {
"Statement": [
{
"Action": [
"dynamodb:*",
"dax:*",
"application-autoscaling:DeleteScalingPolicy",
"application-autoscaling:DeregisterScalableTarget",
"application-autoscaling:DescribeScalableTargets",
"application-autoscaling:DescribeScalingActivities",
"application-autoscaling:DescribeScalingPolicies",
"application-autoscaling:PutScalingPolicy",
"application-autoscaling:RegisterScalableTarget",
"cloudwatch:DeleteAlarms",
"cloudwatch:DescribeAlarmHistory",
"cloudwatch:DescribeAlarms",
"cloudwatch:DescribeAlarmsForMetric",
"cloudwatch:GetMetricStatistics",
"cloudwatch:ListMetrics",
"cloudwatch:PutMetricAlarm",
"datapipeline:ActivatePipeline",
"datapipeline:CreatePipeline",
"datapipeline:DeletePipeline",
"datapipeline:DescribeObjects",
"datapipeline:DescribePipelines",
"datapipeline:GetPipelineDefinition",
"datapipeline:ListPipelines",
"datapipeline:PutPipelineDefinition",
"datapipeline:QueryObjects",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets",
"ec2:DescribeSecurityGroups",
"iam:GetRole",
"iam:ListRoles",
"sns:CreateTopic",
"sns:DeleteTopic",
"sns:ListSubscriptions",
"sns:ListSubscriptionsByTopic",
"sns:ListTopics",
"sns:Subscribe",
"sns:Unsubscribe",
"sns:SetTopicAttributes",
"lambda:CreateFunction",
"lambda:ListFunctions",
"lambda:ListEventSourceMappings",
"lambda:CreateEventSourceMapping",
"lambda:DeleteEventSourceMapping",
"lambda:GetFunctionConfiguration",
"lambda:DeleteFunction",
"resource-groups:ListGroups",
"resource-groups:ListGroupResources",
"resource-groups:GetGroup",
"resource-groups:GetGroupQuery",
"resource-groups:DeleteGroup",
"resource-groups:CreateGroup",
"tag:GetResources"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringLike": {
"iam:PassedToService": [
"application-autoscaling.amazonaws.com",
"dax.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:CreateServiceLinkedRole"
],
"Condition": {
"StringEquals": {
"iam:AWSServiceName": [
"replication.dynamodb.amazonaws.com",
"dax.amazonaws.com",
"dynamodb.application-autoscaling.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAINUGF2JSOSUY76KYA",
"PolicyName": "AmazonDynamoDBFullAccess",
"UpdateDate": "2019-05-08T21:20:48+00:00",
"VersionId": "v9"
},
"AmazonDynamoDBFullAccesswithDataPipeline": {
"Arn": "arn:aws:iam::aws:policy/AmazonDynamoDBFullAccesswithDataPipeline",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:14+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"cloudwatch:DeleteAlarms",
"cloudwatch:DescribeAlarmHistory",
"cloudwatch:DescribeAlarms",
"cloudwatch:DescribeAlarmsForMetric",
"cloudwatch:GetMetricStatistics",
"cloudwatch:ListMetrics",
"cloudwatch:PutMetricAlarm",
"dynamodb:*",
"sns:CreateTopic",
"sns:DeleteTopic",
"sns:ListSubscriptions",
"sns:ListSubscriptionsByTopic",
"sns:ListTopics",
"sns:Subscribe",
"sns:Unsubscribe",
"sns:SetTopicAttributes"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "DDBConsole"
},
{
"Action": [
"lambda:*",
"iam:ListRoles"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "DDBConsoleTriggers"
},
{
"Action": [
"datapipeline:*",
"iam:ListRoles"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "DDBConsoleImportExport"
},
{
"Action": [
"iam:GetRolePolicy",
"iam:PassRole"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "IAMEDPRoles"
},
{
"Action": [
"ec2:CreateTags",
"ec2:DescribeInstances",
"ec2:RunInstances",
"ec2:StartInstances",
"ec2:StopInstances",
"ec2:TerminateInstances",
"elasticmapreduce:*",
"datapipeline:*"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "EMR"
},
{
"Action": [
"s3:DeleteObject",
"s3:Get*",
"s3:List*",
"s3:Put*"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "S3"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ3ORT7KDISSXGHJXA",
"PolicyName": "AmazonDynamoDBFullAccesswithDataPipeline",
"UpdateDate": "2015-11-12T02:17:42+00:00",
"VersionId": "v2"
},
"AmazonDynamoDBReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonDynamoDBReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:12+00:00",
"DefaultVersionId": "v8",
"Document": {
"Statement": [
{
"Action": [
"application-autoscaling:DescribeScalableTargets",
"application-autoscaling:DescribeScalingActivities",
"application-autoscaling:DescribeScalingPolicies",
"cloudwatch:DescribeAlarmHistory",
"cloudwatch:DescribeAlarms",
"cloudwatch:DescribeAlarmsForMetric",
"cloudwatch:GetMetricStatistics",
"cloudwatch:ListMetrics",
"datapipeline:DescribeObjects",
"datapipeline:DescribePipelines",
"datapipeline:GetPipelineDefinition",
"datapipeline:ListPipelines",
"datapipeline:QueryObjects",
"dynamodb:BatchGetItem",
"dynamodb:Describe*",
"dynamodb:List*",
"dynamodb:GetItem",
"dynamodb:Query",
"dynamodb:Scan",
"dax:Describe*",
"dax:List*",
"dax:GetItem",
"dax:BatchGetItem",
"dax:Query",
"dax:Scan",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets",
"ec2:DescribeSecurityGroups",
"iam:GetRole",
"iam:ListRoles",
"sns:ListSubscriptionsByTopic",
"sns:ListTopics",
"lambda:ListFunctions",
"lambda:ListEventSourceMappings",
"lambda:GetFunctionConfiguration",
"resource-groups:ListGroups",
"resource-groups:ListGroupResources",
"resource-groups:GetGroup",
"resource-groups:GetGroupQuery",
"tag:GetResources"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIY2XFNA232XJ6J7X2",
"PolicyName": "AmazonDynamoDBReadOnlyAccess",
"UpdateDate": "2019-05-08T21:15:48+00:00",
"VersionId": "v8"
},
"AmazonEC2ContainerRegistryFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-12-21T17:06:48+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ecr:*",
"cloudtrail:LookupEvents"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIESRL7KD7IIVF6V4W",
"PolicyName": "AmazonEC2ContainerRegistryFullAccess",
"UpdateDate": "2017-11-10T17:54:49+00:00",
"VersionId": "v2"
},
"AmazonEC2ContainerRegistryPowerUser": {
"Arn": "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryPowerUser",
"AttachmentCount": 0,
"CreateDate": "2015-12-21T17:05:33+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ecr:GetAuthorizationToken",
"ecr:BatchCheckLayerAvailability",
"ecr:GetDownloadUrlForLayer",
"ecr:GetRepositoryPolicy",
"ecr:DescribeRepositories",
"ecr:ListImages",
"ecr:DescribeImages",
"ecr:BatchGetImage",
"ecr:InitiateLayerUpload",
"ecr:UploadLayerPart",
"ecr:CompleteLayerUpload",
"ecr:PutImage"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJDNE5PIHROIBGGDDW",
"PolicyName": "AmazonEC2ContainerRegistryPowerUser",
"UpdateDate": "2016-10-11T22:28:07+00:00",
"VersionId": "v2"
},
"AmazonEC2ContainerRegistryReadOnly": {
"Arn": "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly",
"AttachmentCount": 0,
"CreateDate": "2015-12-21T17:04:15+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ecr:GetAuthorizationToken",
"ecr:BatchCheckLayerAvailability",
"ecr:GetDownloadUrlForLayer",
"ecr:GetRepositoryPolicy",
"ecr:DescribeRepositories",
"ecr:ListImages",
"ecr:DescribeImages",
"ecr:BatchGetImage"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIFYZPA37OOHVIH7KQ",
"PolicyName": "AmazonEC2ContainerRegistryReadOnly",
"UpdateDate": "2016-10-11T22:08:43+00:00",
"VersionId": "v2"
},
"AmazonEC2ContainerServiceAutoscaleRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceAutoscaleRole",
"AttachmentCount": 0,
"CreateDate": "2016-05-12T23:25:44+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ecs:DescribeServices",
"ecs:UpdateService"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"cloudwatch:DescribeAlarms",
"cloudwatch:PutMetricAlarm"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIUAP3EGGGXXCPDQKK",
"PolicyName": "AmazonEC2ContainerServiceAutoscaleRole",
"UpdateDate": "2018-02-05T19:15:15+00:00",
"VersionId": "v2"
},
"AmazonEC2ContainerServiceEventsRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceEventsRole",
"AttachmentCount": 0,
"CreateDate": "2017-05-30T16:51:35+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ecs:RunTask"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": "iam:PassRole",
"Condition": {
"StringLike": {
"iam:PassedToService": "ecs-tasks.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAITKFNIUAG27VSYNZ4",
"PolicyName": "AmazonEC2ContainerServiceEventsRole",
"UpdateDate": "2018-05-22T19:13:11+00:00",
"VersionId": "v2"
},
"AmazonEC2ContainerServiceFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonEC2ContainerServiceFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-04-24T16:54:35+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"autoscaling:Describe*",
"autoscaling:UpdateAutoScalingGroup",
"cloudformation:CreateStack",
"cloudformation:DeleteStack",
"cloudformation:DescribeStack*",
"cloudformation:UpdateStack",
"cloudwatch:GetMetricStatistics",
"ec2:Describe*",
"elasticloadbalancing:*",
"ecs:*",
"events:DescribeRule",
"events:DeleteRule",
"events:ListRuleNamesByTarget",
"events:ListTargetsByRule",
"events:PutRule",
"events:PutTargets",
"events:RemoveTargets",
"iam:ListInstanceProfiles",
"iam:ListRoles",
"iam:PassRole"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJALOYVTPDZEMIACSM",
"PolicyName": "AmazonEC2ContainerServiceFullAccess",
"UpdateDate": "2017-06-08T00:18:56+00:00",
"VersionId": "v4"
},
"AmazonEC2ContainerServiceRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceRole",
"AttachmentCount": 0,
"CreateDate": "2015-04-09T16:14:19+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ec2:AuthorizeSecurityGroupIngress",
"ec2:Describe*",
"elasticloadbalancing:DeregisterInstancesFromLoadBalancer",
"elasticloadbalancing:DeregisterTargets",
"elasticloadbalancing:Describe*",
"elasticloadbalancing:RegisterInstancesWithLoadBalancer",
"elasticloadbalancing:RegisterTargets"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJO53W2XHNACG7V77Q",
"PolicyName": "AmazonEC2ContainerServiceRole",
"UpdateDate": "2016-08-11T13:08:01+00:00",
"VersionId": "v2"
},
"AmazonEC2ContainerServiceforEC2Role": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role",
"AttachmentCount": 0,
"CreateDate": "2015-03-19T18:45:18+00:00",
"DefaultVersionId": "v5",
"Document": {
"Statement": [
{
"Action": [
"ecs:CreateCluster",
"ecs:DeregisterContainerInstance",
"ecs:DiscoverPollEndpoint",
"ecs:Poll",
"ecs:RegisterContainerInstance",
"ecs:StartTelemetrySession",
"ecs:UpdateContainerInstancesState",
"ecs:Submit*",
"ecr:GetAuthorizationToken",
"ecr:BatchCheckLayerAvailability",
"ecr:GetDownloadUrlForLayer",
"ecr:BatchGetImage",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJLYJCVHC7TQHCSQDS",
"PolicyName": "AmazonEC2ContainerServiceforEC2Role",
"UpdateDate": "2017-05-17T23:09:13+00:00",
"VersionId": "v5"
},
"AmazonEC2FullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonEC2FullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:15+00:00",
"DefaultVersionId": "v5",
"Document": {
"Statement": [
{
"Action": "ec2:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "elasticloadbalancing:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "cloudwatch:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "autoscaling:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringEquals": {
"iam:AWSServiceName": [
"autoscaling.amazonaws.com",
"ec2scheduled.amazonaws.com",
"elasticloadbalancing.amazonaws.com",
"spot.amazonaws.com",
"spotfleet.amazonaws.com",
"transitgateway.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI3VAJF5ZCRZ7MCQE6",
"PolicyName": "AmazonEC2FullAccess",
"UpdateDate": "2018-11-27T02:16:56+00:00",
"VersionId": "v5"
},
"AmazonEC2ReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:17+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "ec2:Describe*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "elasticloadbalancing:Describe*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloudwatch:ListMetrics",
"cloudwatch:GetMetricStatistics",
"cloudwatch:Describe*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "autoscaling:Describe*",
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIGDT4SV4GSETWTBZK",
"PolicyName": "AmazonEC2ReadOnlyAccess",
"UpdateDate": "2015-02-06T18:40:17+00:00",
"VersionId": "v1"
},
"AmazonEC2ReportsAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonEC2ReportsAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:16+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "ec2-reports:*",
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIU6NBZVF2PCRW36ZW",
"PolicyName": "AmazonEC2ReportsAccess",
"UpdateDate": "2015-02-06T18:40:16+00:00",
"VersionId": "v1"
},
"AmazonEC2RoleforAWSCodeDeploy": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforAWSCodeDeploy",
"AttachmentCount": 0,
"CreateDate": "2015-05-19T18:10:14+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"s3:GetObject",
"s3:GetObjectVersion",
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIAZKXZ27TAJ4PVWGK",
"PolicyName": "AmazonEC2RoleforAWSCodeDeploy",
"UpdateDate": "2017-03-20T17:14:10+00:00",
"VersionId": "v2"
},
"AmazonEC2RoleforDataPipelineRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforDataPipelineRole",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:25+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"cloudwatch:*",
"datapipeline:*",
"dynamodb:*",
"ec2:Describe*",
"elasticmapreduce:AddJobFlowSteps",
"elasticmapreduce:Describe*",
"elasticmapreduce:ListInstance*",
"elasticmapreduce:ModifyInstanceGroups",
"rds:Describe*",
"redshift:DescribeClusters",
"redshift:DescribeClusterSecurityGroups",
"s3:*",
"sdb:*",
"sns:*",
"sqs:*"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ3Z5I2WAJE5DN2J36",
"PolicyName": "AmazonEC2RoleforDataPipelineRole",
"UpdateDate": "2016-02-22T17:24:05+00:00",
"VersionId": "v3"
},
"AmazonEC2RoleforSSM": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM",
"AttachmentCount": 0,
"CreateDate": "2015-05-29T17:48:35+00:00",
"DefaultVersionId": "v8",
"Document": {
"Statement": [
{
"Action": [
"ssm:DescribeAssociation",
"ssm:GetDeployablePatchSnapshotForInstance",
"ssm:GetDocument",
"ssm:DescribeDocument",
"ssm:GetManifest",
"ssm:GetParameters",
"ssm:ListAssociations",
"ssm:ListInstanceAssociations",
"ssm:PutInventory",
"ssm:PutComplianceItems",
"ssm:PutConfigurePackageResult",
"ssm:UpdateAssociationStatus",
"ssm:UpdateInstanceAssociationStatus",
"ssm:UpdateInstanceInformation"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ssmmessages:CreateControlChannel",
"ssmmessages:CreateDataChannel",
"ssmmessages:OpenControlChannel",
"ssmmessages:OpenDataChannel"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2messages:AcknowledgeMessage",
"ec2messages:DeleteMessage",
"ec2messages:FailMessage",
"ec2messages:GetEndpoint",
"ec2messages:GetMessages",
"ec2messages:SendReply"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloudwatch:PutMetricData"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:DescribeInstanceStatus"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ds:CreateComputer",
"ds:DescribeDirectories"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:DescribeLogGroups",
"logs:DescribeLogStreams",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:GetBucketLocation",
"s3:PutObject",
"s3:GetObject",
"s3:GetEncryptionConfiguration",
"s3:AbortMultipartUpload",
"s3:ListMultipartUploadParts",
"s3:ListBucket",
"s3:ListBucketMultipartUploads"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI6TL3SMY22S4KMMX6",
"PolicyName": "AmazonEC2RoleforSSM",
"UpdateDate": "2019-01-24T19:20:51+00:00",
"VersionId": "v8"
},
"AmazonEC2SpotFleetAutoscaleRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetAutoscaleRole",
"AttachmentCount": 0,
"CreateDate": "2016-08-19T18:27:22+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"ec2:DescribeSpotFleetRequests",
"ec2:ModifySpotFleetRequest"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"cloudwatch:DescribeAlarms",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DeleteAlarms"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": "ec2.application-autoscaling.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/ec2.application-autoscaling.amazonaws.com/AWSServiceRoleForApplicationAutoScaling_EC2SpotFleetRequest"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIMFFRMIOBGDP2TAVE",
"PolicyName": "AmazonEC2SpotFleetAutoscaleRole",
"UpdateDate": "2019-02-18T19:17:03+00:00",
"VersionId": "v3"
},
"AmazonEC2SpotFleetRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetRole",
"AttachmentCount": 0,
"CreateDate": "2015-05-18T23:28:05+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"ec2:DescribeImages",
"ec2:DescribeSubnets",
"ec2:RequestSpotInstances",
"ec2:TerminateInstances",
"ec2:DescribeInstanceStatus",
"iam:PassRole"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"elasticloadbalancing:RegisterInstancesWithLoadBalancer"
],
"Effect": "Allow",
"Resource": [
"arn:aws:elasticloadbalancing:*:*:loadbalancer/*"
]
},
{
"Action": [
"elasticloadbalancing:RegisterTargets"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIMRTKHWK7ESSNETSW",
"PolicyName": "AmazonEC2SpotFleetRole",
"UpdateDate": "2017-11-07T19:14:10+00:00",
"VersionId": "v4"
},
"AmazonEC2SpotFleetTaggingRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetTaggingRole",
"AttachmentCount": 0,
"CreateDate": "2017-06-29T18:19:29+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"ec2:DescribeImages",
"ec2:DescribeSubnets",
"ec2:RequestSpotInstances",
"ec2:TerminateInstances",
"ec2:DescribeInstanceStatus",
"ec2:CreateTags"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": "iam:PassRole",
"Condition": {
"StringEquals": {
"iam:PassedToService": [
"ec2.amazonaws.com",
"ec2.amazonaws.com.cn"
]
}
},
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"elasticloadbalancing:RegisterInstancesWithLoadBalancer"
],
"Effect": "Allow",
"Resource": [
"arn:aws:elasticloadbalancing:*:*:loadbalancer/*"
]
},
{
"Action": [
"elasticloadbalancing:RegisterTargets"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ5U6UMLCEYLX5OLC4",
"PolicyName": "AmazonEC2SpotFleetTaggingRole",
"UpdateDate": "2017-11-17T22:51:17+00:00",
"VersionId": "v4"
},
"AmazonECSServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonECSServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-10-14T01:18:58+00:00",
"DefaultVersionId": "v5",
"Document": {
"Statement": [
{
"Action": [
"ec2:AttachNetworkInterface",
"ec2:CreateNetworkInterface",
"ec2:CreateNetworkInterfacePermission",
"ec2:DeleteNetworkInterface",
"ec2:DeleteNetworkInterfacePermission",
"ec2:Describe*",
"ec2:DetachNetworkInterface",
"elasticloadbalancing:DeregisterInstancesFromLoadBalancer",
"elasticloadbalancing:DeregisterTargets",
"elasticloadbalancing:Describe*",
"elasticloadbalancing:RegisterInstancesWithLoadBalancer",
"elasticloadbalancing:RegisterTargets",
"route53:ChangeResourceRecordSets",
"route53:CreateHealthCheck",
"route53:DeleteHealthCheck",
"route53:Get*",
"route53:List*",
"route53:UpdateHealthCheck",
"servicediscovery:DeregisterInstance",
"servicediscovery:Get*",
"servicediscovery:List*",
"servicediscovery:RegisterInstance",
"servicediscovery:UpdateInstanceCustomHealthStatus"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "ECSTaskManagement"
},
{
"Action": [
"ec2:CreateTags"
],
"Effect": "Allow",
"Resource": "arn:aws:ec2:*:*:network-interface/*",
"Sid": "ECSTagging"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIVUWKCAI7URU4WUEI",
"PolicyName": "AmazonECSServiceRolePolicy",
"UpdateDate": "2018-10-18T23:18:18+00:00",
"VersionId": "v5"
},
"AmazonECSTaskExecutionRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-11-16T18:48:22+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ecr:GetAuthorizationToken",
"ecr:BatchCheckLayerAvailability",
"ecr:GetDownloadUrlForLayer",
"ecr:BatchGetImage",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJG4T4G4PV56DE72PY",
"PolicyName": "AmazonECSTaskExecutionRolePolicy",
"UpdateDate": "2017-11-16T18:48:22+00:00",
"VersionId": "v1"
},
"AmazonECS_FullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonECS_FullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-11-07T21:36:54+00:00",
"DefaultVersionId": "v15",
"Document": {
"Statement": [
{
"Action": [
"application-autoscaling:DeleteScalingPolicy",
"application-autoscaling:DeregisterScalableTarget",
"application-autoscaling:DescribeScalableTargets",
"application-autoscaling:DescribeScalingActivities",
"application-autoscaling:DescribeScalingPolicies",
"application-autoscaling:PutScalingPolicy",
"application-autoscaling:RegisterScalableTarget",
"autoscaling:UpdateAutoScalingGroup",
"autoscaling:CreateAutoScalingGroup",
"autoscaling:CreateLaunchConfiguration",
"autoscaling:DeleteAutoScalingGroup",
"autoscaling:DeleteLaunchConfiguration",
"autoscaling:Describe*",
"cloudformation:CreateStack",
"cloudformation:DeleteStack",
"cloudformation:DescribeStack*",
"cloudformation:UpdateStack",
"cloudwatch:DescribeAlarms",
"cloudwatch:DeleteAlarms",
"cloudwatch:GetMetricStatistics",
"cloudwatch:PutMetricAlarm",
"codedeploy:CreateApplication",
"codedeploy:CreateDeployment",
"codedeploy:CreateDeploymentGroup",
"codedeploy:GetApplication",
"codedeploy:GetDeployment",
"codedeploy:GetDeploymentGroup",
"codedeploy:ListApplications",
"codedeploy:ListDeploymentGroups",
"codedeploy:ListDeployments",
"codedeploy:StopDeployment",
"codedeploy:GetDeploymentTarget",
"codedeploy:ListDeploymentTargets",
"codedeploy:GetDeploymentConfig",
"codedeploy:GetApplicationRevision",
"codedeploy:RegisterApplicationRevision",
"codedeploy:BatchGetApplicationRevisions",
"codedeploy:BatchGetDeploymentGroups",
"codedeploy:BatchGetDeployments",
"codedeploy:BatchGetApplications",
"codedeploy:ListApplicationRevisions",
"codedeploy:ListDeploymentConfigs",
"codedeploy:ContinueDeployment",
"sns:ListTopics",
"lambda:ListFunctions",
"ec2:AssociateRouteTable",
"ec2:AttachInternetGateway",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CancelSpotFleetRequests",
"ec2:CreateInternetGateway",
"ec2:CreateLaunchTemplate",
"ec2:CreateRoute",
"ec2:CreateRouteTable",
"ec2:CreateSecurityGroup",
"ec2:CreateSubnet",
"ec2:CreateVpc",
"ec2:DeleteLaunchTemplate",
"ec2:DeleteSubnet",
"ec2:DeleteVpc",
"ec2:Describe*",
"ec2:DetachInternetGateway",
"ec2:DisassociateRouteTable",
"ec2:ModifySubnetAttribute",
"ec2:ModifyVpcAttribute",
"ec2:RunInstances",
"ec2:RequestSpotFleet",
"elasticloadbalancing:CreateListener",
"elasticloadbalancing:CreateLoadBalancer",
"elasticloadbalancing:CreateRule",
"elasticloadbalancing:CreateTargetGroup",
"elasticloadbalancing:DeleteListener",
"elasticloadbalancing:DeleteLoadBalancer",
"elasticloadbalancing:DeleteRule",
"elasticloadbalancing:DeleteTargetGroup",
"elasticloadbalancing:DescribeListeners",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeRules",
"elasticloadbalancing:DescribeTargetGroups",
"ecs:*",
"events:DescribeRule",
"events:DeleteRule",
"events:ListRuleNamesByTarget",
"events:ListTargetsByRule",
"events:PutRule",
"events:PutTargets",
"events:RemoveTargets",
"iam:ListAttachedRolePolicies",
"iam:ListInstanceProfiles",
"iam:ListRoles",
"logs:CreateLogGroup",
"logs:DescribeLogGroups",
"logs:FilterLogEvents",
"route53:GetHostedZone",
"route53:ListHostedZonesByName",
"route53:CreateHostedZone",
"route53:DeleteHostedZone",
"route53:GetHealthCheck",
"servicediscovery:CreatePrivateDnsNamespace",
"servicediscovery:CreateService",
"servicediscovery:GetNamespace",
"servicediscovery:GetOperation",
"servicediscovery:GetService",
"servicediscovery:ListNamespaces",
"servicediscovery:ListServices",
"servicediscovery:UpdateService",
"servicediscovery:DeleteService"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"ssm:GetParametersByPath",
"ssm:GetParameters",
"ssm:GetParameter"
],
"Effect": "Allow",
"Resource": "arn:aws:ssm:*:*:parameter/aws/service/ecs*"
},
{
"Action": [
"ec2:DeleteInternetGateway",
"ec2:DeleteRoute",
"ec2:DeleteRouteTable",
"ec2:DeleteSecurityGroup"
],
"Condition": {
"StringLike": {
"ec2:ResourceTag/aws:cloudformation:stack-name": "EC2ContainerService-*"
}
},
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": "iam:PassRole",
"Condition": {
"StringLike": {
"iam:PassedToService": "ecs-tasks.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": "iam:PassRole",
"Condition": {
"StringLike": {
"iam:PassedToService": [
"ec2.amazonaws.com",
"ec2.amazonaws.com.cn"
]
}
},
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/ecsInstanceRole*"
]
},
{
"Action": "iam:PassRole",
"Condition": {
"StringLike": {
"iam:PassedToService": [
"application-autoscaling.amazonaws.com",
"application-autoscaling.amazonaws.com.cn"
]
}
},
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/ecsAutoscaleRole*"
]
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": [
"ecs.amazonaws.com",
"spot.amazonaws.com",
"spotfleet.amazonaws.com",
"ecs.application-autoscaling.amazonaws.com",
"autoscaling.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ7S7AN6YQPTJC7IFS",
"PolicyName": "AmazonECS_FullAccess",
"UpdateDate": "2019-02-04T18:44:48+00:00",
"VersionId": "v15"
},
"AmazonEKSClusterPolicy": {
"Arn": "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy",
"AttachmentCount": 0,
"CreateDate": "2018-05-27T21:06:14+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"autoscaling:DescribeAutoScalingGroups",
"autoscaling:UpdateAutoScalingGroup",
"ec2:AttachVolume",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateRoute",
"ec2:CreateSecurityGroup",
"ec2:CreateTags",
"ec2:CreateVolume",
"ec2:DeleteRoute",
"ec2:DeleteSecurityGroup",
"ec2:DeleteVolume",
"ec2:DescribeInstances",
"ec2:DescribeRouteTables",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVolumes",
"ec2:DescribeVolumesModifications",
"ec2:DescribeVpcs",
"ec2:DescribeDhcpOptions",
"ec2:DetachVolume",
"ec2:ModifyInstanceAttribute",
"ec2:ModifyVolume",
"ec2:RevokeSecurityGroupIngress",
"elasticloadbalancing:AddTags",
"elasticloadbalancing:ApplySecurityGroupsToLoadBalancer",
"elasticloadbalancing:AttachLoadBalancerToSubnets",
"elasticloadbalancing:ConfigureHealthCheck",
"elasticloadbalancing:CreateListener",
"elasticloadbalancing:CreateLoadBalancer",
"elasticloadbalancing:CreateLoadBalancerListeners",
"elasticloadbalancing:CreateLoadBalancerPolicy",
"elasticloadbalancing:CreateTargetGroup",
"elasticloadbalancing:DeleteListener",
"elasticloadbalancing:DeleteLoadBalancer",
"elasticloadbalancing:DeleteLoadBalancerListeners",
"elasticloadbalancing:DeleteTargetGroup",
"elasticloadbalancing:DeregisterInstancesFromLoadBalancer",
"elasticloadbalancing:DeregisterTargets",
"elasticloadbalancing:DescribeListeners",
"elasticloadbalancing:DescribeLoadBalancerAttributes",
"elasticloadbalancing:DescribeLoadBalancerPolicies",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeTargetGroupAttributes",
"elasticloadbalancing:DescribeTargetGroups",
"elasticloadbalancing:DescribeTargetHealth",
"elasticloadbalancing:DetachLoadBalancerFromSubnets",
"elasticloadbalancing:ModifyListener",
"elasticloadbalancing:ModifyLoadBalancerAttributes",
"elasticloadbalancing:ModifyTargetGroup",
"elasticloadbalancing:ModifyTargetGroupAttributes",
"elasticloadbalancing:RegisterInstancesWithLoadBalancer",
"elasticloadbalancing:RegisterTargets",
"elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer",
"elasticloadbalancing:SetLoadBalancerPoliciesOfListener",
"kms:DescribeKey"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": "elasticloadbalancing.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIBTLDQMIC6UOIGFWA",
"PolicyName": "AmazonEKSClusterPolicy",
"UpdateDate": "2019-05-22T22:04:46+00:00",
"VersionId": "v3"
},
"AmazonEKSServicePolicy": {
"Arn": "arn:aws:iam::aws:policy/AmazonEKSServicePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-05-27T21:08:21+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"ec2:CreateNetworkInterface",
"ec2:CreateNetworkInterfacePermission",
"ec2:DeleteNetworkInterface",
"ec2:DescribeInstances",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:ModifyNetworkInterfaceAttribute",
"iam:ListAttachedRolePolicies"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:CreateTags",
"ec2:DeleteTags"
],
"Effect": "Allow",
"Resource": [
"arn:aws:ec2:*:*:vpc/*",
"arn:aws:ec2:*:*:subnet/*"
]
},
{
"Action": "route53:AssociateVPCWithHostedZone",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "logs:CreateLogGroup",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"logs:CreateLogStream",
"logs:DescribeLogStreams"
],
"Effect": "Allow",
"Resource": "arn:aws:logs:*:*:log-group:/aws/eks/*:*"
},
{
"Action": "logs:PutLogEvents",
"Effect": "Allow",
"Resource": "arn:aws:logs:*:*:log-group:/aws/eks/*:*:*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJFCNXU6HPGCIVXYDI",
"PolicyName": "AmazonEKSServicePolicy",
"UpdateDate": "2019-02-26T21:01:48+00:00",
"VersionId": "v3"
},
"AmazonEKSWorkerNodePolicy": {
"Arn": "arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-05-27T21:09:01+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:DescribeInstances",
"ec2:DescribeRouteTables",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVolumes",
"ec2:DescribeVolumesModifications",
"ec2:DescribeVpcs",
"eks:DescribeCluster"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIBVMOY52IPQ6HD3PO",
"PolicyName": "AmazonEKSWorkerNodePolicy",
"UpdateDate": "2018-05-27T21:09:01+00:00",
"VersionId": "v1"
},
"AmazonEKS_CNI_Policy": {
"Arn": "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy",
"AttachmentCount": 0,
"CreateDate": "2018-05-27T21:07:42+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ec2:AssignPrivateIpAddresses",
"ec2:AttachNetworkInterface",
"ec2:CreateNetworkInterface",
"ec2:DeleteNetworkInterface",
"ec2:DescribeInstances",
"ec2:DescribeNetworkInterfaces",
"ec2:DetachNetworkInterface",
"ec2:ModifyNetworkInterfaceAttribute"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:CreateTags"
],
"Effect": "Allow",
"Resource": [
"arn:aws:ec2:*:*:network-interface/*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJWLAS474LDBXNNTM4",
"PolicyName": "AmazonEKS_CNI_Policy",
"UpdateDate": "2018-05-31T22:16:00+00:00",
"VersionId": "v2"
},
"AmazonEMRCleanupPolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonEMRCleanupPolicy",
"AttachmentCount": 0,
"CreateDate": "2017-09-26T23:54:19+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:DescribeInstances",
"ec2:DescribeSpotInstanceRequests",
"ec2:ModifyInstanceAttribute",
"ec2:TerminateInstances",
"ec2:CancelSpotInstanceRequests",
"ec2:DeleteNetworkInterface",
"ec2:DescribeInstanceAttribute",
"ec2:DescribeVolumeStatus",
"ec2:DescribeVolumes",
"ec2:DetachVolume",
"ec2:DeleteVolume"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI4YEZURRMKACW56EA",
"PolicyName": "AmazonEMRCleanupPolicy",
"UpdateDate": "2017-09-26T23:54:19+00:00",
"VersionId": "v1"
},
"AmazonESCognitoAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonESCognitoAccess",
"AttachmentCount": 0,
"CreateDate": "2018-02-28T22:29:18+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cognito-idp:DescribeUserPool",
"cognito-idp:CreateUserPoolClient",
"cognito-idp:DeleteUserPoolClient",
"cognito-idp:DescribeUserPoolClient",
"cognito-idp:AdminInitiateAuth",
"cognito-idp:AdminUserGlobalSignOut",
"cognito-idp:ListUserPoolClients",
"cognito-identity:DescribeIdentityPool",
"cognito-identity:UpdateIdentityPool",
"cognito-identity:SetIdentityPoolRoles",
"cognito-identity:GetIdentityPoolRoles"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:PassRole",
"Condition": {
"StringLike": {
"iam:PassedToService": "cognito-identity.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJL2FUMODIGNDPTZHO",
"PolicyName": "AmazonESCognitoAccess",
"UpdateDate": "2018-02-28T22:29:18+00:00",
"VersionId": "v1"
},
"AmazonESFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonESFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-10-01T19:14:00+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"es:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJM6ZTCU24QL5PZCGC",
"PolicyName": "AmazonESFullAccess",
"UpdateDate": "2015-10-01T19:14:00+00:00",
"VersionId": "v1"
},
"AmazonESReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonESReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-10-01T19:18:24+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"es:Describe*",
"es:List*",
"es:Get*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJUDMRLOQ7FPAR46FQ",
"PolicyName": "AmazonESReadOnlyAccess",
"UpdateDate": "2018-10-03T03:32:56+00:00",
"VersionId": "v2"
},
"AmazonElastiCacheFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonElastiCacheFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:20+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": "elasticache:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": "elasticache.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/elasticache.amazonaws.com/AWSServiceRoleForElastiCache"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIA2V44CPHAUAAECKG",
"PolicyName": "AmazonElastiCacheFullAccess",
"UpdateDate": "2017-12-07T17:48:26+00:00",
"VersionId": "v2"
},
"AmazonElastiCacheReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:21+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"elasticache:Describe*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIPDACSNQHSENWAKM2",
"PolicyName": "AmazonElastiCacheReadOnlyAccess",
"UpdateDate": "2015-02-06T18:40:21+00:00",
"VersionId": "v1"
},
"AmazonElasticFileSystemFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonElasticFileSystemFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-05-27T16:22:28+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"ec2:CreateNetworkInterface",
"ec2:DeleteNetworkInterface",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeNetworkInterfaceAttribute",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcAttribute",
"ec2:DescribeVpcs",
"ec2:ModifyNetworkInterfaceAttribute",
"elasticfilesystem:*",
"kms:DescribeKey",
"kms:ListAliases"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJKXTMNVQGIDNCKPBC",
"PolicyName": "AmazonElasticFileSystemFullAccess",
"UpdateDate": "2017-08-14T10:18:34+00:00",
"VersionId": "v3"
},
"AmazonElasticFileSystemReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonElasticFileSystemReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-05-27T16:25:25+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"ec2:DescribeAvailabilityZones",
"ec2:DescribeNetworkInterfaceAttribute",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcAttribute",
"ec2:DescribeVpcs",
"elasticfilesystem:Describe*",
"kms:ListAliases"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIPN5S4NE5JJOKVC4Y",
"PolicyName": "AmazonElasticFileSystemReadOnlyAccess",
"UpdateDate": "2017-08-14T10:09:49+00:00",
"VersionId": "v3"
},
"AmazonElasticMapReduceEditorsRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceEditorsRole",
"AttachmentCount": 0,
"CreateDate": "2018-11-16T21:55:25+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:AuthorizeSecurityGroupEgress",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateSecurityGroup",
"ec2:DescribeSecurityGroups",
"ec2:RevokeSecurityGroupEgress",
"ec2:CreateNetworkInterface",
"ec2:CreateNetworkInterfacePermission",
"ec2:DeleteNetworkInterface",
"ec2:DeleteNetworkInterfacePermission",
"ec2:DescribeNetworkInterfaces",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:DescribeTags",
"ec2:DescribeInstances",
"ec2:DescribeSubnets",
"elasticmapreduce:ListInstances",
"elasticmapreduce:DescribeCluster"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "ec2:CreateTags",
"Condition": {
"ForAllValues:StringEquals": {
"aws:TagKeys": [
"aws:elasticmapreduce:editor-id",
"aws:elasticmapreduce:job-flow-id"
]
}
},
"Effect": "Allow",
"Resource": "arn:aws:ec2:*:*:network-interface/*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIBI5CIE6OHUIGLYVG",
"PolicyName": "AmazonElasticMapReduceEditorsRole",
"UpdateDate": "2018-11-16T21:55:25+00:00",
"VersionId": "v1"
},
"AmazonElasticMapReduceFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonElasticMapReduceFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:22+00:00",
"DefaultVersionId": "v6",
"Document": {
"Statement": [
{
"Action": [
"cloudwatch:*",
"cloudformation:CreateStack",
"cloudformation:DescribeStackEvents",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:AuthorizeSecurityGroupEgress",
"ec2:CancelSpotInstanceRequests",
"ec2:CreateRoute",
"ec2:CreateSecurityGroup",
"ec2:CreateTags",
"ec2:DeleteRoute",
"ec2:DeleteTags",
"ec2:DeleteSecurityGroup",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeAccountAttributes",
"ec2:DescribeInstances",
"ec2:DescribeKeyPairs",
"ec2:DescribeRouteTables",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSpotInstanceRequests",
"ec2:DescribeSpotPriceHistory",
"ec2:DescribeSubnets",
"ec2:DescribeVpcAttribute",
"ec2:DescribeVpcs",
"ec2:DescribeRouteTables",
"ec2:DescribeNetworkAcls",
"ec2:CreateVpcEndpoint",
"ec2:ModifyImageAttribute",
"ec2:ModifyInstanceAttribute",
"ec2:RequestSpotInstances",
"ec2:RevokeSecurityGroupEgress",
"ec2:RunInstances",
"ec2:TerminateInstances",
"elasticmapreduce:*",
"iam:GetPolicy",
"iam:GetPolicyVersion",
"iam:ListRoles",
"iam:PassRole",
"kms:List*",
"s3:*",
"sdb:*",
"support:CreateCase",
"support:DescribeServices",
"support:DescribeSeverityLevels"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": [
"elasticmapreduce.amazonaws.com",
"elasticmapreduce.amazonaws.com.cn"
]
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIZP5JFP3AMSGINBB2",
"PolicyName": "AmazonElasticMapReduceFullAccess",
"UpdateDate": "2018-01-23T19:40:00+00:00",
"VersionId": "v6"
},
"AmazonElasticMapReduceReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonElasticMapReduceReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:23+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"elasticmapreduce:Describe*",
"elasticmapreduce:List*",
"elasticmapreduce:ViewEventsFromAllClustersInConsole",
"s3:GetObject",
"s3:ListAllMyBuckets",
"s3:ListBucket",
"sdb:Select",
"cloudwatch:GetMetricStatistics"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIHP6NH2S6GYFCOINC",
"PolicyName": "AmazonElasticMapReduceReadOnlyAccess",
"UpdateDate": "2017-05-22T23:00:19+00:00",
"VersionId": "v2"
},
"AmazonElasticMapReduceRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceRole",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:20+00:00",
"DefaultVersionId": "v9",
"Document": {
"Statement": [
{
"Action": [
"ec2:AuthorizeSecurityGroupEgress",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CancelSpotInstanceRequests",
"ec2:CreateNetworkInterface",
"ec2:CreateSecurityGroup",
"ec2:CreateTags",
"ec2:DeleteNetworkInterface",
"ec2:DeleteSecurityGroup",
"ec2:DeleteTags",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeAccountAttributes",
"ec2:DescribeDhcpOptions",
"ec2:DescribeImages",
"ec2:DescribeInstanceStatus",
"ec2:DescribeInstances",
"ec2:DescribeKeyPairs",
"ec2:DescribeNetworkAcls",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribePrefixLists",
"ec2:DescribeRouteTables",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSpotInstanceRequests",
"ec2:DescribeSpotPriceHistory",
"ec2:DescribeSubnets",
"ec2:DescribeTags",
"ec2:DescribeVpcAttribute",
"ec2:DescribeVpcEndpoints",
"ec2:DescribeVpcEndpointServices",
"ec2:DescribeVpcs",
"ec2:DetachNetworkInterface",
"ec2:ModifyImageAttribute",
"ec2:ModifyInstanceAttribute",
"ec2:RequestSpotInstances",
"ec2:RevokeSecurityGroupEgress",
"ec2:RunInstances",
"ec2:TerminateInstances",
"ec2:DeleteVolume",
"ec2:DescribeVolumeStatus",
"ec2:DescribeVolumes",
"ec2:DetachVolume",
"iam:GetRole",
"iam:GetRolePolicy",
"iam:ListInstanceProfiles",
"iam:ListRolePolicies",
"iam:PassRole",
"s3:CreateBucket",
"s3:Get*",
"s3:List*",
"sdb:BatchPutAttributes",
"sdb:Select",
"sqs:CreateQueue",
"sqs:Delete*",
"sqs:GetQueue*",
"sqs:PurgeQueue",
"sqs:ReceiveMessage",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms",
"cloudwatch:DeleteAlarms",
"application-autoscaling:RegisterScalableTarget",
"application-autoscaling:DeregisterScalableTarget",
"application-autoscaling:PutScalingPolicy",
"application-autoscaling:DeleteScalingPolicy",
"application-autoscaling:Describe*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": "spot.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/spot.amazonaws.com/AWSServiceRoleForEC2Spot*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIDI2BQT2LKXZG36TW",
"PolicyName": "AmazonElasticMapReduceRole",
"UpdateDate": "2017-12-12T00:47:45+00:00",
"VersionId": "v9"
},
"AmazonElasticMapReduceforAutoScalingRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforAutoScalingRole",
"AttachmentCount": 0,
"CreateDate": "2016-11-18T01:09:10+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloudwatch:DescribeAlarms",
"elasticmapreduce:ListInstanceGroups",
"elasticmapreduce:ModifyInstanceGroups"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJSVXG6QHPE6VHDZ4Q",
"PolicyName": "AmazonElasticMapReduceforAutoScalingRole",
"UpdateDate": "2016-11-18T01:09:10+00:00",
"VersionId": "v1"
},
"AmazonElasticMapReduceforEC2Role": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforEC2Role",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:21+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"cloudwatch:*",
"dynamodb:*",
"ec2:Describe*",
"elasticmapreduce:Describe*",
"elasticmapreduce:ListBootstrapActions",
"elasticmapreduce:ListClusters",
"elasticmapreduce:ListInstanceGroups",
"elasticmapreduce:ListInstances",
"elasticmapreduce:ListSteps",
"kinesis:CreateStream",
"kinesis:DeleteStream",
"kinesis:DescribeStream",
"kinesis:GetRecords",
"kinesis:GetShardIterator",
"kinesis:MergeShards",
"kinesis:PutRecord",
"kinesis:SplitShard",
"rds:Describe*",
"s3:*",
"sdb:*",
"sns:*",
"sqs:*",
"glue:CreateDatabase",
"glue:UpdateDatabase",
"glue:DeleteDatabase",
"glue:GetDatabase",
"glue:GetDatabases",
"glue:CreateTable",
"glue:UpdateTable",
"glue:DeleteTable",
"glue:GetTable",
"glue:GetTables",
"glue:GetTableVersions",
"glue:CreatePartition",
"glue:BatchCreatePartition",
"glue:UpdatePartition",
"glue:DeletePartition",
"glue:BatchDeletePartition",
"glue:GetPartition",
"glue:GetPartitions",
"glue:BatchGetPartition",
"glue:CreateUserDefinedFunction",
"glue:UpdateUserDefinedFunction",
"glue:DeleteUserDefinedFunction",
"glue:GetUserDefinedFunction",
"glue:GetUserDefinedFunctions"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIGALS5RCDLZLB3PGS",
"PolicyName": "AmazonElasticMapReduceforEC2Role",
"UpdateDate": "2017-08-11T23:57:30+00:00",
"VersionId": "v3"
},
"AmazonElasticTranscoderRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonElasticTranscoderRole",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:26+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"s3:ListBucket",
"s3:Put*",
"s3:Get*",
"s3:*MultipartUpload*"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "1"
},
{
"Action": [
"sns:Publish"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "2"
},
{
"Action": [
"s3:*Policy*",
"sns:*Permission*",
"sns:*Delete*",
"s3:*Delete*",
"sns:*Remove*"
],
"Effect": "Deny",
"Resource": [
"*"
],
"Sid": "3"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJNW3WMKVXFJ2KPIQ2",
"PolicyName": "AmazonElasticTranscoderRole",
"UpdateDate": "2015-02-06T18:41:26+00:00",
"VersionId": "v1"
},
"AmazonElasticTranscoder_FullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonElasticTranscoder_FullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-04-27T18:59:35+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"elastictranscoder:*",
"s3:ListAllMyBuckets",
"s3:ListBucket",
"s3:ListObjects",
"iam:ListRoles",
"sns:ListTopics"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringLike": {
"iam:PassedToService": [
"elastictranscoder.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAICFT6XVF3RSR4E7JG",
"PolicyName": "AmazonElasticTranscoder_FullAccess",
"UpdateDate": "2018-04-27T18:59:35+00:00",
"VersionId": "v1"
},
"AmazonElasticTranscoder_JobsSubmitter": {
"Arn": "arn:aws:iam::aws:policy/AmazonElasticTranscoder_JobsSubmitter",
"AttachmentCount": 0,
"CreateDate": "2018-06-07T21:12:16+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"elastictranscoder:Read*",
"elastictranscoder:List*",
"elastictranscoder:*Job",
"elastictranscoder:*Preset",
"s3:ListAllMyBuckets",
"s3:ListBucket",
"s3:ListObjects",
"iam:ListRoles",
"sns:ListTopics"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ7AUMMRQOVZRI734S",
"PolicyName": "AmazonElasticTranscoder_JobsSubmitter",
"UpdateDate": "2018-06-07T21:12:16+00:00",
"VersionId": "v1"
},
"AmazonElasticTranscoder_ReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonElasticTranscoder_ReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2018-06-07T21:09:56+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"elastictranscoder:Read*",
"elastictranscoder:List*",
"s3:ListAllMyBuckets",
"s3:ListBucket",
"s3:ListObjects",
"iam:ListRoles",
"sns:ListTopics"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI3R3CR6KVEWD4DPFY",
"PolicyName": "AmazonElasticTranscoder_ReadOnlyAccess",
"UpdateDate": "2018-06-07T21:09:56+00:00",
"VersionId": "v1"
},
"AmazonElasticsearchServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonElasticsearchServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-07-07T00:15:31+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ec2:CreateNetworkInterface",
"ec2:DeleteNetworkInterface",
"ec2:DescribeNetworkInterfaces",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "Stmt1480452973134"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJFEWZPHXKLCVHEUIC",
"PolicyName": "AmazonElasticsearchServiceRolePolicy",
"UpdateDate": "2018-02-08T21:38:27+00:00",
"VersionId": "v2"
},
"AmazonFSxConsoleFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonFSxConsoleFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-28T16:36:05+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ds:DescribeDirectories",
"ec2:DescribeNetworkInterfaceAttribute",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"fsx:*",
"kms:ListAliases",
"s3:HeadBucket"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": [
"fsx.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": [
"s3.data-source.lustre.fsx.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAITDDJ23Y5UZ2WCZRQ",
"PolicyName": "AmazonFSxConsoleFullAccess",
"UpdateDate": "2018-11-28T16:36:05+00:00",
"VersionId": "v1"
},
"AmazonFSxConsoleReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonFSxConsoleReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-28T16:35:24+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ds:DescribeDirectories",
"ec2:DescribeNetworkInterfaceAttribute",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"fsx:Describe*",
"fsx:ListTagsForResource",
"kms:DescribeKey"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJQUISIZNHGLA6YQFM",
"PolicyName": "AmazonFSxConsoleReadOnlyAccess",
"UpdateDate": "2018-11-28T16:35:24+00:00",
"VersionId": "v1"
},
"AmazonFSxFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonFSxFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-28T16:34:43+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ds:DescribeDirectories",
"fsx:*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": [
"fsx.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": [
"s3.data-source.lustre.fsx.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIEUV6Z2X4VNZRVB5I",
"PolicyName": "AmazonFSxFullAccess",
"UpdateDate": "2018-11-28T16:34:43+00:00",
"VersionId": "v1"
},
"AmazonFSxReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonFSxReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-28T16:33:32+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"fsx:Describe*",
"fsx:ListTagsForResource"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ4ICPKXR6KK32HT52",
"PolicyName": "AmazonFSxReadOnlyAccess",
"UpdateDate": "2018-11-28T16:33:32+00:00",
"VersionId": "v1"
},
"AmazonFSxServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonFSxServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-11-28T10:38:37+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloudwatch:PutMetricData",
"ds:AuthorizeApplication",
"ds:UnauthorizeApplication",
"ec2:CreateNetworkInterface",
"ec2:CreateNetworkInterfacePermission",
"ec2:DeleteNetworkInterface",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"route53:AssociateVPCWithHostedZone"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIVQ24YKVRBV5IYQ5G",
"PolicyName": "AmazonFSxServiceRolePolicy",
"UpdateDate": "2018-11-28T10:38:37+00:00",
"VersionId": "v1"
},
"AmazonForecastFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonForecastFullAccess",
"AttachmentCount": 0,
"CreateDate": "2019-01-18T01:52:29+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"forecast:*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringEquals": {
"iam:PassedToService": "forecast.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIAKOTFNTUECQVU7C4",
"PolicyName": "AmazonForecastFullAccess",
"UpdateDate": "2019-01-18T01:52:29+00:00",
"VersionId": "v1"
},
"AmazonFreeRTOSFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonFreeRTOSFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-11-29T15:32:51+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"freertos:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJAN6PSDCOH6HXG2SE",
"PolicyName": "AmazonFreeRTOSFullAccess",
"UpdateDate": "2017-11-29T15:32:51+00:00",
"VersionId": "v1"
},
"AmazonFreeRTOSOTAUpdate": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonFreeRTOSOTAUpdate",
"AttachmentCount": 0,
"CreateDate": "2018-08-27T22:43:07+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"s3:GetObjectVersion",
"s3:PutObject",
"s3:GetObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::afr-ota*"
},
{
"Action": [
"signer:StartSigningJob",
"signer:DescribeSigningJob",
"signer:GetSigningProfile",
"signer:PutSigningProfile"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:ListBucket",
"s3:ListAllMyBuckets",
"s3:GetBucketLocation"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iot:DeleteJob"
],
"Effect": "Allow",
"Resource": "arn:aws:iot:*:*:job/AFR_OTA*"
},
{
"Action": [
"iot:DeleteStream"
],
"Effect": "Allow",
"Resource": "arn:aws:iot:*:*:stream/AFR_OTA*"
},
{
"Action": [
"iot:CreateStream",
"iot:CreateJob"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAINC2TXHAYDOK3SWMU",
"PolicyName": "AmazonFreeRTOSOTAUpdate",
"UpdateDate": "2018-08-27T22:43:07+00:00",
"VersionId": "v1"
},
"AmazonGlacierFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonGlacierFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:28+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "glacier:*",
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJQSTZJWB2AXXAKHVQ",
"PolicyName": "AmazonGlacierFullAccess",
"UpdateDate": "2015-02-06T18:40:28+00:00",
"VersionId": "v1"
},
"AmazonGlacierReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonGlacierReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:27+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"glacier:DescribeJob",
"glacier:DescribeVault",
"glacier:GetDataRetrievalPolicy",
"glacier:GetJobOutput",
"glacier:GetVaultAccessPolicy",
"glacier:GetVaultLock",
"glacier:GetVaultNotifications",
"glacier:ListJobs",
"glacier:ListMultipartUploads",
"glacier:ListParts",
"glacier:ListTagsForVault",
"glacier:ListVaults"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI2D5NJKMU274MET4E",
"PolicyName": "AmazonGlacierReadOnlyAccess",
"UpdateDate": "2016-05-05T18:46:10+00:00",
"VersionId": "v2"
},
"AmazonGuardDutyFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonGuardDutyFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-11-28T22:31:30+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "guardduty:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": "guardduty.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIKUTKSN4KC63VDQUM",
"PolicyName": "AmazonGuardDutyFullAccess",
"UpdateDate": "2017-11-28T22:31:30+00:00",
"VersionId": "v1"
},
"AmazonGuardDutyReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonGuardDutyReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2017-11-28T22:29:40+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"guardduty:Get*",
"guardduty:List*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIVMCEDV336RWUSNHG",
"PolicyName": "AmazonGuardDutyReadOnlyAccess",
"UpdateDate": "2018-04-25T21:07:17+00:00",
"VersionId": "v2"
},
"AmazonGuardDutyServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonGuardDutyServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-11-28T20:12:59+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:DescribeInstances",
"ec2:DescribeImages"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIHZREZOWNSSA6FWQO",
"PolicyName": "AmazonGuardDutyServiceRolePolicy",
"UpdateDate": "2017-11-28T20:12:59+00:00",
"VersionId": "v1"
},
"AmazonInspectorFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonInspectorFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-10-07T17:08:04+00:00",
"DefaultVersionId": "v5",
"Document": {
"Statement": [
{
"Action": [
"inspector:*",
"ec2:DescribeInstances",
"ec2:DescribeTags",
"sns:ListTopics",
"events:DescribeRule",
"events:ListRuleNamesByTarget"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringEquals": {
"iam:PassedToService": [
"inspector.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": "inspector.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/inspector.amazonaws.com/AWSServiceRoleForAmazonInspector"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI7Y6NTA27NWNA5U5E",
"PolicyName": "AmazonInspectorFullAccess",
"UpdateDate": "2017-12-21T14:53:31+00:00",
"VersionId": "v5"
},
"AmazonInspectorReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonInspectorReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-10-07T17:08:01+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"inspector:Describe*",
"inspector:Get*",
"inspector:List*",
"inspector:LocalizeText",
"inspector:Preview*",
"ec2:DescribeInstances",
"ec2:DescribeTags",
"sns:ListTopics",
"events:DescribeRule",
"events:ListRuleNamesByTarget"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJXQNTHTEJ2JFRN2SE",
"PolicyName": "AmazonInspectorReadOnlyAccess",
"UpdateDate": "2017-09-12T16:53:06+00:00",
"VersionId": "v3"
},
"AmazonInspectorServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonInspectorServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-11-21T15:48:27+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"directconnect:DescribeConnections",
"directconnect:DescribeDirectConnectGateways",
"directconnect:DescribeDirectConnectGatewayAssociations",
"directconnect:DescribeDirectConnectGatewayAttachments",
"directconnect:DescribeVirtualGateways",
"directconnect:DescribeVirtualInterfaces",
"directconnect:DescribeTags",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeCustomerGateways",
"ec2:DescribeInstances",
"ec2:DescribeTags",
"ec2:DescribeInternetGateways",
"ec2:DescribeNatGateways",
"ec2:DescribeNetworkAcls",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribePrefixLists",
"ec2:DescribeRegions",
"ec2:DescribeRouteTables",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcEndpoints",
"ec2:DescribeVpcPeeringConnections",
"ec2:DescribeVpcs",
"ec2:DescribeVpnConnections",
"ec2:DescribeVpnGateways",
"elasticloadbalancing:DescribeListeners",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeLoadBalancerAttributes",
"elasticloadbalancing:DescribeRules",
"elasticloadbalancing:DescribeTags",
"elasticloadbalancing:DescribeTargetGroups",
"elasticloadbalancing:DescribeTargetHealth"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJKBMSBWLU2TGXHHUQ",
"PolicyName": "AmazonInspectorServiceRolePolicy",
"UpdateDate": "2018-05-10T18:36:01+00:00",
"VersionId": "v4"
},
"AmazonKinesisAnalyticsFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonKinesisAnalyticsFullAccess",
"AttachmentCount": 0,
"CreateDate": "2016-09-21T19:01:14+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "kinesisanalytics:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"kinesis:CreateStream",
"kinesis:DeleteStream",
"kinesis:DescribeStream",
"kinesis:ListStreams",
"kinesis:PutRecord",
"kinesis:PutRecords"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"firehose:DescribeDeliveryStream",
"firehose:ListDeliveryStreams"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloudwatch:GetMetricStatistics",
"cloudwatch:ListMetrics"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "logs:GetLogEvents",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:ListPolicyVersions",
"iam:ListRoles"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:PassRole",
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/service-role/kinesis-analytics*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJQOSKHTXP43R7P5AC",
"PolicyName": "AmazonKinesisAnalyticsFullAccess",
"UpdateDate": "2016-09-21T19:01:14+00:00",
"VersionId": "v1"
},
"AmazonKinesisAnalyticsReadOnly": {
"Arn": "arn:aws:iam::aws:policy/AmazonKinesisAnalyticsReadOnly",
"AttachmentCount": 0,
"CreateDate": "2016-09-21T18:16:43+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"kinesisanalytics:Describe*",
"kinesisanalytics:Get*",
"kinesisanalytics:List*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"kinesis:DescribeStream",
"kinesis:ListStreams"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"firehose:DescribeDeliveryStream",
"firehose:ListDeliveryStreams"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloudwatch:GetMetricStatistics",
"cloudwatch:ListMetrics"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "logs:GetLogEvents",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:ListPolicyVersions",
"iam:ListRoles"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIJIEXZAFUK43U7ARK",
"PolicyName": "AmazonKinesisAnalyticsReadOnly",
"UpdateDate": "2016-09-21T18:16:43+00:00",
"VersionId": "v1"
},
"AmazonKinesisFirehoseFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonKinesisFirehoseFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-10-07T18:45:26+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"firehose:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJMZQMTZ7FRBFHHAHI",
"PolicyName": "AmazonKinesisFirehoseFullAccess",
"UpdateDate": "2015-10-07T18:45:26+00:00",
"VersionId": "v1"
},
"AmazonKinesisFirehoseReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonKinesisFirehoseReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-10-07T18:43:39+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"firehose:Describe*",
"firehose:List*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ36NT645INW4K24W6",
"PolicyName": "AmazonKinesisFirehoseReadOnlyAccess",
"UpdateDate": "2015-10-07T18:43:39+00:00",
"VersionId": "v1"
},
"AmazonKinesisFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonKinesisFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:29+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "kinesis:*",
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIVF32HAMOXCUYRAYE",
"PolicyName": "AmazonKinesisFullAccess",
"UpdateDate": "2015-02-06T18:40:29+00:00",
"VersionId": "v1"
},
"AmazonKinesisReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonKinesisReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:30+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"kinesis:Get*",
"kinesis:List*",
"kinesis:Describe*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIOCMTDT5RLKZ2CAJO",
"PolicyName": "AmazonKinesisReadOnlyAccess",
"UpdateDate": "2015-02-06T18:40:30+00:00",
"VersionId": "v1"
},
"AmazonKinesisVideoStreamsFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonKinesisVideoStreamsFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-12-01T23:27:18+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "kinesisvideo:*",
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIZAN5AK7E7UVYIAZY",
"PolicyName": "AmazonKinesisVideoStreamsFullAccess",
"UpdateDate": "2017-12-01T23:27:18+00:00",
"VersionId": "v1"
},
"AmazonKinesisVideoStreamsReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonKinesisVideoStreamsReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2017-12-01T23:14:32+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"kinesisvideo:Describe*",
"kinesisvideo:Get*",
"kinesisvideo:List*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJDS2DKUCYTEA7M6UA",
"PolicyName": "AmazonKinesisVideoStreamsReadOnlyAccess",
"UpdateDate": "2017-12-01T23:14:32+00:00",
"VersionId": "v1"
},
"AmazonLexFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonLexFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-04-11T23:20:36+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"cloudwatch:GetMetricStatistics",
"cloudwatch:DescribeAlarms",
"cloudwatch:DescribeAlarmsForMetric",
"kms:DescribeKey",
"kms:ListAliases",
"lambda:GetPolicy",
"lambda:ListFunctions",
"lex:*",
"polly:DescribeVoices",
"polly:SynthesizeSpeech"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"lambda:AddPermission",
"lambda:RemovePermission"
],
"Condition": {
"StringLike": {
"lambda:Principal": "lex.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:lambda:*:*:function:AmazonLex*"
},
{
"Action": [
"iam:GetRole",
"iam:DeleteRole"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/aws-service-role/lex.amazonaws.com/AWSServiceRoleForLexBots",
"arn:aws:iam::*:role/aws-service-role/channels.lex.amazonaws.com/AWSServiceRoleForLexChannels"
]
},
{
"Action": [
"iam:CreateServiceLinkedRole"
],
"Condition": {
"StringLike": {
"iam:AWSServiceName": "lex.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/aws-service-role/lex.amazonaws.com/AWSServiceRoleForLexBots"
]
},
{
"Action": [
"iam:DeleteServiceLinkedRole",
"iam:GetServiceLinkedRoleDeletionStatus"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/aws-service-role/lex.amazonaws.com/AWSServiceRoleForLexBots"
]
},
{
"Action": [
"iam:DetachRolePolicy"
],
"Condition": {
"StringLike": {
"iam:PolicyArn": "arn:aws:iam::aws:policy/aws-service-role/AmazonLexBotPolicy"
}
},
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/aws-service-role/lex.amazonaws.com/AWSServiceRoleForLexBots"
]
},
{
"Action": [
"iam:CreateServiceLinkedRole"
],
"Condition": {
"StringLike": {
"iam:AWSServiceName": "channels.lex.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/aws-service-role/channels.lex.amazonaws.com/AWSServiceRoleForLexChannels"
]
},
{
"Action": [
"iam:DeleteServiceLinkedRole",
"iam:GetServiceLinkedRoleDeletionStatus"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/aws-service-role/channels.lex.amazonaws.com/AWSServiceRoleForLexChannels"
]
},
{
"Action": [
"iam:DetachRolePolicy"
],
"Condition": {
"StringLike": {
"iam:PolicyArn": "arn:aws:iam::aws:policy/aws-service-role/LexChannelPolicy"
}
},
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/aws-service-role/channels.lex.amazonaws.com/AWSServiceRoleForLexChannels"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJVLXDHKVC23HRTKSI",
"PolicyName": "AmazonLexFullAccess",
"UpdateDate": "2017-11-15T23:55:07+00:00",
"VersionId": "v4"
},
"AmazonLexReadOnly": {
"Arn": "arn:aws:iam::aws:policy/AmazonLexReadOnly",
"AttachmentCount": 0,
"CreateDate": "2017-04-11T23:13:33+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"lex:GetBot",
"lex:GetBotAlias",
"lex:GetBotAliases",
"lex:GetBots",
"lex:GetBotChannelAssociation",
"lex:GetBotChannelAssociations",
"lex:GetBotVersions",
"lex:GetBuiltinIntent",
"lex:GetBuiltinIntents",
"lex:GetBuiltinSlotTypes",
"lex:GetIntent",
"lex:GetIntents",
"lex:GetIntentVersions",
"lex:GetSlotType",
"lex:GetSlotTypes",
"lex:GetSlotTypeVersions",
"lex:GetUtterancesView"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJGBI5LSMAJNDGBNAM",
"PolicyName": "AmazonLexReadOnly",
"UpdateDate": "2017-04-11T23:13:33+00:00",
"VersionId": "v1"
},
"AmazonLexRunBotsOnly": {
"Arn": "arn:aws:iam::aws:policy/AmazonLexRunBotsOnly",
"AttachmentCount": 0,
"CreateDate": "2017-04-11T23:06:24+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"lex:PostContent",
"lex:PostText"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJVZGB5CM3N6YWJHBE",
"PolicyName": "AmazonLexRunBotsOnly",
"UpdateDate": "2017-04-11T23:06:24+00:00",
"VersionId": "v1"
},
"AmazonMQApiFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonMQApiFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-12-18T20:31:31+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"mq:*",
"ec2:CreateNetworkInterface",
"ec2:CreateNetworkInterfacePermission",
"ec2:DeleteNetworkInterface",
"ec2:DeleteNetworkInterfacePermission",
"ec2:DetachNetworkInterface",
"ec2:DescribeInternetGateways",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeNetworkInterfacePermissions",
"ec2:DescribeRouteTables",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"logs:CreateLogGroup"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:log-group:/aws/amazonmq/*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI4CMO533EBV3L2GW4",
"PolicyName": "AmazonMQApiFullAccess",
"UpdateDate": "2018-12-18T20:31:31+00:00",
"VersionId": "v1"
},
"AmazonMQApiReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonMQApiReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2018-12-18T20:31:13+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"mq:Describe*",
"mq:List*",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIKI5JRHKAFHXQJKMO",
"PolicyName": "AmazonMQApiReadOnlyAccess",
"UpdateDate": "2018-12-18T20:31:13+00:00",
"VersionId": "v1"
},
"AmazonMQFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonMQFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-11-28T15:28:29+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"mq:*",
"cloudformation:CreateStack",
"ec2:CreateNetworkInterface",
"ec2:CreateNetworkInterfacePermission",
"ec2:DeleteNetworkInterface",
"ec2:DeleteNetworkInterfacePermission",
"ec2:DetachNetworkInterface",
"ec2:DescribeInternetGateways",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeNetworkInterfacePermissions",
"ec2:DescribeRouteTables",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:CreateSecurityGroup",
"ec2:AuthorizeSecurityGroupIngress"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"logs:CreateLogGroup"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:log-group:/aws/amazonmq/*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJLKBROJNQYDDXOOGG",
"PolicyName": "AmazonMQFullAccess",
"UpdateDate": "2018-12-18T20:33:17+00:00",
"VersionId": "v4"
},
"AmazonMQReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonMQReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2017-11-28T15:30:32+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"mq:Describe*",
"mq:List*",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJFH3NKGULDUU66D5C",
"PolicyName": "AmazonMQReadOnlyAccess",
"UpdateDate": "2017-11-28T19:02:03+00:00",
"VersionId": "v2"
},
"AmazonMSKFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonMSKFullAccess",
"AttachmentCount": 0,
"CreateDate": "2019-01-14T22:07:52+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"kafka:*",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:DescribeSecurityGroups",
"kms:DescribeKey",
"kms:CreateGrant"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": "kafka.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/kafka.amazonaws.com/AWSServiceRoleForKafka*"
},
{
"Action": [
"iam:AttachRolePolicy",
"iam:PutRolePolicy"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/kafka.amazonaws.com/AWSServiceRoleForKafka*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJERQQQTWI5OMENTQE",
"PolicyName": "AmazonMSKFullAccess",
"UpdateDate": "2019-01-14T22:07:52+00:00",
"VersionId": "v1"
},
"AmazonMSKReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonMSKReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2019-01-14T22:28:45+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"kafka:Describe*",
"kafka:List*",
"kafka:Get*",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"kms:DescribeKey"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJGMUI3DP2EVP3VGYO",
"PolicyName": "AmazonMSKReadOnlyAccess",
"UpdateDate": "2019-01-14T22:28:45+00:00",
"VersionId": "v1"
},
"AmazonMachineLearningBatchPredictionsAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonMachineLearningBatchPredictionsAccess",
"AttachmentCount": 0,
"CreateDate": "2015-04-09T17:12:19+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"machinelearning:CreateBatchPrediction",
"machinelearning:DeleteBatchPrediction",
"machinelearning:DescribeBatchPredictions",
"machinelearning:GetBatchPrediction",
"machinelearning:UpdateBatchPrediction"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAILOI4HTQSFTF3GQSC",
"PolicyName": "AmazonMachineLearningBatchPredictionsAccess",
"UpdateDate": "2015-04-09T17:12:19+00:00",
"VersionId": "v1"
},
"AmazonMachineLearningCreateOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonMachineLearningCreateOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-04-09T17:18:09+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"machinelearning:Add*",
"machinelearning:Create*",
"machinelearning:Delete*",
"machinelearning:Describe*",
"machinelearning:Get*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJDRUNIC2RYAMAT3CK",
"PolicyName": "AmazonMachineLearningCreateOnlyAccess",
"UpdateDate": "2016-06-29T20:55:03+00:00",
"VersionId": "v2"
},
"AmazonMachineLearningFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonMachineLearningFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-04-09T17:25:41+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"machinelearning:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIWKW6AGSGYOQ5ERHC",
"PolicyName": "AmazonMachineLearningFullAccess",
"UpdateDate": "2015-04-09T17:25:41+00:00",
"VersionId": "v1"
},
"AmazonMachineLearningManageRealTimeEndpointOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonMachineLearningManageRealTimeEndpointOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-04-09T17:32:41+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"machinelearning:CreateRealtimeEndpoint",
"machinelearning:DeleteRealtimeEndpoint"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJJL3PC3VCSVZP6OCI",
"PolicyName": "AmazonMachineLearningManageRealTimeEndpointOnlyAccess",
"UpdateDate": "2015-04-09T17:32:41+00:00",
"VersionId": "v1"
},
"AmazonMachineLearningReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonMachineLearningReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-04-09T17:40:02+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"machinelearning:Describe*",
"machinelearning:Get*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIW5VYBCGEX56JCINC",
"PolicyName": "AmazonMachineLearningReadOnlyAccess",
"UpdateDate": "2015-04-09T17:40:02+00:00",
"VersionId": "v1"
},
"AmazonMachineLearningRealTimePredictionOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonMachineLearningRealTimePredictionOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-04-09T17:44:06+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"machinelearning:Predict"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIWMCNQPRWMWT36GVQ",
"PolicyName": "AmazonMachineLearningRealTimePredictionOnlyAccess",
"UpdateDate": "2015-04-09T17:44:06+00:00",
"VersionId": "v1"
},
"AmazonMachineLearningRoleforRedshiftDataSource": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonMachineLearningRoleforRedshiftDataSource",
"AttachmentCount": 0,
"CreateDate": "2015-04-09T17:05:26+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateSecurityGroup",
"ec2:DescribeInternetGateways",
"ec2:DescribeSecurityGroups",
"ec2:RevokeSecurityGroupIngress",
"redshift:AuthorizeClusterSecurityGroupIngress",
"redshift:CreateClusterSecurityGroup",
"redshift:DescribeClusters",
"redshift:DescribeClusterSecurityGroups",
"redshift:ModifyCluster",
"redshift:RevokeClusterSecurityGroupIngress",
"s3:GetBucketLocation",
"s3:GetBucketPolicy",
"s3:GetObject",
"s3:PutBucketPolicy",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIQ5UDYYMNN42BM4AK",
"PolicyName": "AmazonMachineLearningRoleforRedshiftDataSource",
"UpdateDate": "2015-04-09T17:05:26+00:00",
"VersionId": "v1"
},
"AmazonMacieFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonMacieFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-08-14T14:54:30+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"macie:*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": "macie.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJJF2N5FR6S5TZN5OA",
"PolicyName": "AmazonMacieFullAccess",
"UpdateDate": "2018-06-28T15:54:57+00:00",
"VersionId": "v2"
},
"AmazonMacieHandshakeRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonMacieHandshakeRole",
"AttachmentCount": 0,
"CreateDate": "2018-06-28T15:46:10+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"ForAnyValue:StringEquals": {
"iam:AWSServiceName": "macie.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ7CVEIVL347MLOVKI",
"PolicyName": "AmazonMacieHandshakeRole",
"UpdateDate": "2018-06-28T15:46:10+00:00",
"VersionId": "v1"
},
"AmazonMacieServiceRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonMacieServiceRole",
"AttachmentCount": 0,
"CreateDate": "2017-08-14T14:53:26+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"s3:Get*",
"s3:List*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJVV7PON3FPBL2PSGC",
"PolicyName": "AmazonMacieServiceRole",
"UpdateDate": "2017-08-14T14:53:26+00:00",
"VersionId": "v1"
},
"AmazonMacieServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonMacieServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-06-19T22:17:38+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloudtrail:DescribeTrails",
"cloudtrail:GetEventSelectors",
"cloudtrail:GetTrailStatus",
"cloudtrail:ListTags",
"cloudtrail:LookupEvents",
"iam:ListAccountAliases",
"s3:Get*",
"s3:List*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloudtrail:CreateTrail",
"cloudtrail:StartLogging",
"cloudtrail:StopLogging",
"cloudtrail:UpdateTrail",
"cloudtrail:DeleteTrail",
"cloudtrail:PutEventSelectors"
],
"Effect": "Allow",
"Resource": "arn:aws:cloudtrail:*:*:trail/AWSMacieTrail-DO-NOT-EDIT"
},
{
"Action": [
"s3:CreateBucket",
"s3:DeleteBucket",
"s3:DeleteBucketPolicy",
"s3:DeleteBucketWebsite",
"s3:DeleteObject",
"s3:DeleteObjectTagging",
"s3:DeleteObjectVersion",
"s3:DeleteObjectVersionTagging",
"s3:DeleteReplicationConfiguration",
"s3:PutBucketPolicy"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::awsmacie-*",
"arn:aws:s3:::awsmacietrail-*",
"arn:aws:s3:::*-awsmacietrail-*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJPLHONRH2HP2H6TNQ",
"PolicyName": "AmazonMacieServiceRolePolicy",
"UpdateDate": "2018-06-19T22:17:38+00:00",
"VersionId": "v1"
},
"AmazonMacieSetupRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonMacieSetupRole",
"AttachmentCount": 0,
"CreateDate": "2017-08-14T14:53:34+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloudtrail:DescribeTrails",
"cloudtrail:GetEventSelectors",
"cloudtrail:GetTrailStatus",
"cloudtrail:ListTags",
"cloudtrail:LookupEvents",
"iam:ListAccountAliases",
"s3:GetBucket*",
"s3:ListBucket",
"s3:ListAllMyBuckets"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloudtrail:CreateTrail",
"cloudtrail:StartLogging",
"cloudtrail:StopLogging",
"cloudtrail:UpdateTrail",
"cloudtrail:DeleteTrail",
"cloudtrail:PutEventSelectors"
],
"Effect": "Allow",
"Resource": "arn:aws:cloudtrail:*:*:trail/AWSMacieTrail-DO-NOT-EDIT"
},
{
"Action": [
"s3:CreateBucket",
"s3:DeleteBucket",
"s3:DeleteBucketPolicy",
"s3:DeleteBucketWebsite",
"s3:DeleteObject",
"s3:DeleteObjectTagging",
"s3:DeleteObjectVersion",
"s3:DeleteObjectVersionTagging",
"s3:DeleteReplicationConfiguration",
"s3:PutBucketPolicy"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::awsmacie-*",
"arn:aws:s3:::awsmacietrail-*",
"arn:aws:s3:::*-awsmacietrail-*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ5DC6UBVKND7ADSKA",
"PolicyName": "AmazonMacieSetupRole",
"UpdateDate": "2017-08-14T14:53:34+00:00",
"VersionId": "v1"
},
"AmazonManagedBlockchainConsoleFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonManagedBlockchainConsoleFullAccess",
"AttachmentCount": 0,
"CreateDate": "2019-04-29T21:23:25+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"managedblockchain:*",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:CreateVpcEndpoint",
"kms:ListAliases",
"kms:DescribeKey"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAZKAPJZG4ONVQBFILL",
"PolicyName": "AmazonManagedBlockchainConsoleFullAccess",
"UpdateDate": "2019-04-29T21:23:25+00:00",
"VersionId": "v1"
},
"AmazonManagedBlockchainFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonManagedBlockchainFullAccess",
"AttachmentCount": 0,
"CreateDate": "2019-04-29T21:39:29+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"managedblockchain:*"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAZKAPJZG4CGBOJKRYD",
"PolicyName": "AmazonManagedBlockchainFullAccess",
"UpdateDate": "2019-04-29T21:39:29+00:00",
"VersionId": "v1"
},
"AmazonManagedBlockchainReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonManagedBlockchainReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2019-04-30T18:17:31+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"managedblockchain:Get*",
"managedblockchain:List*"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAZKAPJZG4OIIAURVWV",
"PolicyName": "AmazonManagedBlockchainReadOnlyAccess",
"UpdateDate": "2019-04-30T18:17:31+00:00",
"VersionId": "v1"
},
"AmazonMechanicalTurkCrowdFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonMechanicalTurkCrowdFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-10-05T18:07:21+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"crowd:*"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "CrowdApiFullAccess"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringEquals": {
"iam:PassedToService": "crowd.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIPM7C67S54NPAHQ4Q",
"PolicyName": "AmazonMechanicalTurkCrowdFullAccess",
"UpdateDate": "2018-09-28T21:08:53+00:00",
"VersionId": "v2"
},
"AmazonMechanicalTurkCrowdReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonMechanicalTurkCrowdReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2017-10-05T18:10:56+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"crowd:GetTask"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "CrowdApiReadOnlyAccess"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAID5UNRAAANDGAW4CY",
"PolicyName": "AmazonMechanicalTurkCrowdReadOnlyAccess",
"UpdateDate": "2017-10-05T18:10:56+00:00",
"VersionId": "v1"
},
"AmazonMechanicalTurkFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonMechanicalTurkFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-12-11T19:08:19+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"mechanicalturk:*"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJDGCL5BET73H5QIQC",
"PolicyName": "AmazonMechanicalTurkFullAccess",
"UpdateDate": "2015-12-11T19:08:19+00:00",
"VersionId": "v1"
},
"AmazonMechanicalTurkReadOnly": {
"Arn": "arn:aws:iam::aws:policy/AmazonMechanicalTurkReadOnly",
"AttachmentCount": 0,
"CreateDate": "2015-12-11T19:08:28+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"mechanicalturk:Get*",
"mechanicalturk:Search*",
"mechanicalturk:List*"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIO5IY3G3WXSX5PPRM",
"PolicyName": "AmazonMechanicalTurkReadOnly",
"UpdateDate": "2017-02-27T21:45:50+00:00",
"VersionId": "v2"
},
"AmazonMobileAnalyticsFinancialReportAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonMobileAnalyticsFinancialReportAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:35+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"mobileanalytics:GetReports",
"mobileanalytics:GetFinancialReports"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJKJHO2R27TXKCWBU4",
"PolicyName": "AmazonMobileAnalyticsFinancialReportAccess",
"UpdateDate": "2015-02-06T18:40:35+00:00",
"VersionId": "v1"
},
"AmazonMobileAnalyticsFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonMobileAnalyticsFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:34+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "mobileanalytics:*",
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIJIKLU2IJ7WJ6DZFG",
"PolicyName": "AmazonMobileAnalyticsFullAccess",
"UpdateDate": "2015-02-06T18:40:34+00:00",
"VersionId": "v1"
},
"AmazonMobileAnalyticsNon-financialReportAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonMobileAnalyticsNon-financialReportAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:36+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "mobileanalytics:GetReports",
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIQLKQ4RXPUBBVVRDE",
"PolicyName": "AmazonMobileAnalyticsNon-financialReportAccess",
"UpdateDate": "2015-02-06T18:40:36+00:00",
"VersionId": "v1"
},
"AmazonMobileAnalyticsWriteOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonMobileAnalyticsWriteOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:37+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "mobileanalytics:PutEvents",
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ5TAWBBQC2FAL3G6G",
"PolicyName": "AmazonMobileAnalyticsWriteOnlyAccess",
"UpdateDate": "2015-02-06T18:40:37+00:00",
"VersionId": "v1"
},
"AmazonPersonalizeFullAccess": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonPersonalizeFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-12-04T22:24:33+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"personalize:*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloudwatch:PutMetricData",
"cloudwatch:ListMetrics"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject",
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::*Personalize*",
"arn:aws:s3:::*personalize*"
]
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringEquals": {
"iam:PassedToService": "personalize.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ45XBPPZNI3MMVAUK",
"PolicyName": "AmazonPersonalizeFullAccess",
"UpdateDate": "2019-05-30T23:46:59+00:00",
"VersionId": "v2"
},
"AmazonPollyFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonPollyFullAccess",
"AttachmentCount": 0,
"CreateDate": "2016-11-30T18:59:06+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"polly:*"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJUZOYQU6XQYPR7EWS",
"PolicyName": "AmazonPollyFullAccess",
"UpdateDate": "2016-11-30T18:59:06+00:00",
"VersionId": "v1"
},
"AmazonPollyReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonPollyReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2016-11-30T18:59:24+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"polly:DescribeVoices",
"polly:GetLexicon",
"polly:GetSpeechSynthesisTask",
"polly:ListLexicons",
"polly:ListSpeechSynthesisTasks",
"polly:SynthesizeSpeech"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ5FENL3CVPL2FPDLA",
"PolicyName": "AmazonPollyReadOnlyAccess",
"UpdateDate": "2018-07-17T16:41:07+00:00",
"VersionId": "v2"
},
"AmazonRDSBetaServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonRDSBetaServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-05-02T19:41:04+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateNetworkInterface",
"ec2:CreateSecurityGroup",
"ec2:DeleteNetworkInterface",
"ec2:DeleteSecurityGroup",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeInternetGateways",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcAttribute",
"ec2:DescribeVpcs",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:ModifyVpcEndpoint",
"ec2:RevokeSecurityGroupIngress",
"ec2:CreateVpcEndpoint",
"ec2:DescribeVpcEndpoints",
"ec2:DeleteVpcEndpoints"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"sns:Publish"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"logs:CreateLogGroup"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:log-group:/aws/rds/*"
]
},
{
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogStreams"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:log-group:/aws/rds/*:log-stream:*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ36CJAE6OYAR4YEK4",
"PolicyName": "AmazonRDSBetaServiceRolePolicy",
"UpdateDate": "2018-07-05T18:29:48+00:00",
"VersionId": "v3"
},
"AmazonRDSDataFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonRDSDataFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-20T21:29:36+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"secretsmanager:GetSecretValue",
"secretsmanager:PutResourcePolicy",
"secretsmanager:PutSecretValue",
"secretsmanager:DeleteSecret",
"secretsmanager:DescribeSecret",
"secretsmanager:TagResource"
],
"Effect": "Allow",
"Resource": "arn:aws:secretsmanager:*:*:secret:rds-db-credentials/*",
"Sid": "SecretsManagerDbCredentialsAccess"
},
{
"Action": [
"dbqms:CreateFavoriteQuery",
"dbqms:DescribeFavoriteQueries",
"dbqms:UpdateFavoriteQuery",
"dbqms:DeleteFavoriteQueries",
"dbqms:GetQueryString",
"dbqms:CreateQueryHistory",
"dbqms:DescribeQueryHistory",
"dbqms:UpdateQueryHistory",
"dbqms:DeleteQueryHistory",
"dbqms:DescribeQueryHistory",
"rds-data:ExecuteSql",
"rds-data:ExecuteStatement",
"rds-data:BatchExecuteStatement",
"rds-data:BeginTransaction",
"rds-data:CommitTransaction",
"rds-data:RollbackTransaction",
"secretsmanager:CreateSecret",
"secretsmanager:ListSecrets",
"secretsmanager:GetRandomPassword",
"tag:GetResources"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "RDSDataServiceAccess"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ5HUMNZCSW4IC74T6",
"PolicyName": "AmazonRDSDataFullAccess",
"UpdateDate": "2019-05-30T17:11:26+00:00",
"VersionId": "v2"
},
"AmazonRDSDirectoryServiceAccess": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonRDSDirectoryServiceAccess",
"AttachmentCount": 0,
"CreateDate": "2016-02-26T02:02:05+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ds:DescribeDirectories",
"ds:AuthorizeApplication",
"ds:UnauthorizeApplication",
"ds:GetAuthorizedApplicationDetails"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIL4KBY57XWMYUHKUU",
"PolicyName": "AmazonRDSDirectoryServiceAccess",
"UpdateDate": "2019-05-15T16:51:50+00:00",
"VersionId": "v2"
},
"AmazonRDSEnhancedMonitoringRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonRDSEnhancedMonitoringRole",
"AttachmentCount": 0,
"CreateDate": "2015-11-11T19:58:29+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"logs:CreateLogGroup",
"logs:PutRetentionPolicy"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:log-group:RDS*"
],
"Sid": "EnableCreationAndManagementOfRDSCloudwatchLogGroups"
},
{
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogStreams",
"logs:GetLogEvents"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:log-group:RDS*:log-stream:*"
],
"Sid": "EnableCreationAndManagementOfRDSCloudwatchLogStreams"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJV7BS425S4PTSSVGK",
"PolicyName": "AmazonRDSEnhancedMonitoringRole",
"UpdateDate": "2015-11-11T19:58:29+00:00",
"VersionId": "v1"
},
"AmazonRDSFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonRDSFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:52+00:00",
"DefaultVersionId": "v6",
"Document": {
"Statement": [
{
"Action": [
"rds:*",
"application-autoscaling:DeleteScalingPolicy",
"application-autoscaling:DeregisterScalableTarget",
"application-autoscaling:DescribeScalableTargets",
"application-autoscaling:DescribeScalingActivities",
"application-autoscaling:DescribeScalingPolicies",
"application-autoscaling:PutScalingPolicy",
"application-autoscaling:RegisterScalableTarget",
"cloudwatch:DescribeAlarms",
"cloudwatch:GetMetricStatistics",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DeleteAlarms",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeInternetGateways",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcAttribute",
"ec2:DescribeVpcs",
"sns:ListSubscriptions",
"sns:ListTopics",
"sns:Publish",
"logs:DescribeLogStreams",
"logs:GetLogEvents"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "pi:*",
"Effect": "Allow",
"Resource": "arn:aws:pi:*:*:metrics/rds/*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": [
"rds.amazonaws.com",
"rds.application-autoscaling.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI3R4QMOG6Q5A4VWVG",
"PolicyName": "AmazonRDSFullAccess",
"UpdateDate": "2018-04-09T17:42:48+00:00",
"VersionId": "v6"
},
"AmazonRDSPreviewServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonRDSPreviewServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-05-31T18:02:00+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateNetworkInterface",
"ec2:CreateSecurityGroup",
"ec2:DeleteNetworkInterface",
"ec2:DeleteSecurityGroup",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeInternetGateways",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcAttribute",
"ec2:DescribeVpcs",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:RevokeSecurityGroupIngress"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"sns:Publish"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"logs:CreateLogGroup"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:log-group:/aws/rds/*"
]
},
{
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogStreams"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:log-group:/aws/rds/*:log-stream:*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIZHJJBU3675JOUEMQ",
"PolicyName": "AmazonRDSPreviewServiceRolePolicy",
"UpdateDate": "2018-05-31T18:02:00+00:00",
"VersionId": "v1"
},
"AmazonRDSReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonRDSReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:53+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"rds:Describe*",
"rds:ListTagsForResource",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeInternetGateways",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcAttribute",
"ec2:DescribeVpcs"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloudwatch:GetMetricStatistics",
"logs:DescribeLogStreams",
"logs:GetLogEvents"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJKTTTYV2IIHKLZ346",
"PolicyName": "AmazonRDSReadOnlyAccess",
"UpdateDate": "2017-08-28T21:36:32+00:00",
"VersionId": "v3"
},
"AmazonRDSServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonRDSServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-01-08T18:17:46+00:00",
"DefaultVersionId": "v6",
"Document": {
"Statement": [
{
"Action": [
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateNetworkInterface",
"ec2:CreateSecurityGroup",
"ec2:DeleteNetworkInterface",
"ec2:DeleteSecurityGroup",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeInternetGateways",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcAttribute",
"ec2:DescribeVpcs",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:ModifyVpcEndpoint",
"ec2:RevokeSecurityGroupIngress",
"ec2:CreateVpcEndpoint",
"ec2:DescribeVpcEndpoints",
"ec2:DeleteVpcEndpoints",
"ec2:AssignPrivateIpAddresses",
"ec2:UnassignPrivateIpAddresses"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"sns:Publish"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"logs:CreateLogGroup"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:log-group:/aws/rds/*",
"arn:aws:logs:*:*:log-group:/aws/docdb/*",
"arn:aws:logs:*:*:log-group:/aws/neptune/*"
]
},
{
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogStreams"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:log-group:/aws/rds/*:log-stream:*",
"arn:aws:logs:*:*:log-group:/aws/docdb/*:log-stream:*",
"arn:aws:logs:*:*:log-group:/aws/neptune/*:log-stream:*"
]
},
{
"Action": [
"kinesis:CreateStream",
"kinesis:PutRecord",
"kinesis:PutRecords",
"kinesis:DescribeStream",
"kinesis:SplitShard",
"kinesis:MergeShards",
"kinesis:DeleteStream",
"kinesis:UpdateShardCount"
],
"Effect": "Allow",
"Resource": [
"arn:aws:kinesis:*:*:stream/aws-rds-das-*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIPEU5ZOBJWKWHUIBA",
"PolicyName": "AmazonRDSServiceRolePolicy",
"UpdateDate": "2019-04-16T20:12:27+00:00",
"VersionId": "v6"
},
"AmazonRedshiftFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonRedshiftFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:50+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"redshift:*",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAddresses",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:DescribeInternetGateways",
"sns:CreateTopic",
"sns:Get*",
"sns:List*",
"cloudwatch:Describe*",
"cloudwatch:Get*",
"cloudwatch:List*",
"cloudwatch:PutMetricAlarm",
"cloudwatch:EnableAlarmActions",
"cloudwatch:DisableAlarmActions"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": "redshift.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/redshift.amazonaws.com/AWSServiceRoleForRedshift"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAISEKCHH4YDB46B5ZO",
"PolicyName": "AmazonRedshiftFullAccess",
"UpdateDate": "2017-09-19T18:27:44+00:00",
"VersionId": "v2"
},
"AmazonRedshiftQueryEditor": {
"Arn": "arn:aws:iam::aws:policy/AmazonRedshiftQueryEditor",
"AttachmentCount": 0,
"CreateDate": "2018-10-04T22:50:32+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"redshift:GetClusterCredentials",
"redshift:ListSchemas",
"redshift:ListTables",
"redshift:ListDatabases",
"redshift:ExecuteQuery",
"redshift:FetchResults",
"redshift:CancelQuery",
"redshift:DescribeClusters",
"redshift:DescribeQuery",
"redshift:DescribeTable",
"redshift:ViewQueriesFromConsole",
"redshift:DescribeSavedQueries",
"redshift:CreateSavedQuery",
"redshift:DeleteSavedQueries",
"redshift:ModifySavedQuery"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAINVFHHP7CWVHTGBGM",
"PolicyName": "AmazonRedshiftQueryEditor",
"UpdateDate": "2018-10-04T22:50:32+00:00",
"VersionId": "v1"
},
"AmazonRedshiftReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonRedshiftReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:51+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"redshift:Describe*",
"redshift:ViewQueriesInConsole",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAddresses",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:DescribeInternetGateways",
"sns:Get*",
"sns:List*",
"cloudwatch:Describe*",
"cloudwatch:List*",
"cloudwatch:Get*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIGD46KSON64QBSEZM",
"PolicyName": "AmazonRedshiftReadOnlyAccess",
"UpdateDate": "2015-02-06T18:40:51+00:00",
"VersionId": "v1"
},
"AmazonRedshiftServiceLinkedRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonRedshiftServiceLinkedRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-09-18T19:19:45+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ec2:DescribeVpcs",
"ec2:DescribeSubnets",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeAddresses",
"ec2:AssociateAddress",
"ec2:DisassociateAddress",
"ec2:CreateNetworkInterface",
"ec2:DeleteNetworkInterface",
"ec2:ModifyNetworkInterfaceAttribute"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJPY2VXNRUYOY3SRZS",
"PolicyName": "AmazonRedshiftServiceLinkedRolePolicy",
"UpdateDate": "2017-09-25T21:20:15+00:00",
"VersionId": "v2"
},
"AmazonRekognitionFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonRekognitionFullAccess",
"AttachmentCount": 0,
"CreateDate": "2016-11-30T14:40:44+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"rekognition:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIWDAOK6AIFDVX6TT6",
"PolicyName": "AmazonRekognitionFullAccess",
"UpdateDate": "2016-11-30T14:40:44+00:00",
"VersionId": "v1"
},
"AmazonRekognitionReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonRekognitionReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2016-11-30T14:58:06+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"rekognition:CompareFaces",
"rekognition:DetectFaces",
"rekognition:DetectLabels",
"rekognition:ListCollections",
"rekognition:ListFaces",
"rekognition:SearchFaces",
"rekognition:SearchFacesByImage",
"rekognition:DetectText",
"rekognition:GetCelebrityInfo",
"rekognition:RecognizeCelebrities",
"rekognition:DetectModerationLabels",
"rekognition:GetLabelDetection",
"rekognition:GetFaceDetection",
"rekognition:GetContentModeration",
"rekognition:GetPersonTracking",
"rekognition:GetCelebrityRecognition",
"rekognition:GetFaceSearch",
"rekognition:DescribeStreamProcessor",
"rekognition:ListStreamProcessors"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAILWSUHXUY4ES43SA4",
"PolicyName": "AmazonRekognitionReadOnlyAccess",
"UpdateDate": "2017-12-06T23:28:39+00:00",
"VersionId": "v2"
},
"AmazonRekognitionServiceRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonRekognitionServiceRole",
"AttachmentCount": 0,
"CreateDate": "2017-11-29T16:52:13+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"sns:Publish"
],
"Effect": "Allow",
"Resource": "arn:aws:sns:*:*:AmazonRekognition*"
},
{
"Action": [
"kinesis:PutRecord",
"kinesis:PutRecords"
],
"Effect": "Allow",
"Resource": "arn:aws:kinesis:*:*:stream/AmazonRekognition*"
},
{
"Action": [
"kinesisvideo:GetDataEndpoint",
"kinesisvideo:GetMedia"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJI6Q3CUQAVBJ2CTE2",
"PolicyName": "AmazonRekognitionServiceRole",
"UpdateDate": "2017-11-29T16:52:13+00:00",
"VersionId": "v1"
},
"AmazonRoute53AutoNamingFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonRoute53AutoNamingFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-01-18T18:40:41+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"route53:GetHostedZone",
"route53:ListHostedZonesByName",
"route53:CreateHostedZone",
"route53:DeleteHostedZone",
"route53:ChangeResourceRecordSets",
"route53:CreateHealthCheck",
"route53:GetHealthCheck",
"route53:DeleteHealthCheck",
"route53:UpdateHealthCheck",
"ec2:DescribeVpcs",
"ec2:DescribeRegions",
"servicediscovery:*"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJCNJBBLMJN2ZMV62Y",
"PolicyName": "AmazonRoute53AutoNamingFullAccess",
"UpdateDate": "2018-01-18T18:40:41+00:00",
"VersionId": "v1"
},
"AmazonRoute53AutoNamingReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonRoute53AutoNamingReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2018-01-18T03:02:59+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"servicediscovery:Get*",
"servicediscovery:List*"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJBPMV2EFBFFKJ6SI4",
"PolicyName": "AmazonRoute53AutoNamingReadOnlyAccess",
"UpdateDate": "2018-01-18T03:02:59+00:00",
"VersionId": "v1"
},
"AmazonRoute53AutoNamingRegistrantAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonRoute53AutoNamingRegistrantAccess",
"AttachmentCount": 0,
"CreateDate": "2018-03-12T22:33:20+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"route53:GetHostedZone",
"route53:ListHostedZonesByName",
"route53:ChangeResourceRecordSets",
"route53:CreateHealthCheck",
"route53:GetHealthCheck",
"route53:DeleteHealthCheck",
"route53:UpdateHealthCheck",
"servicediscovery:Get*",
"servicediscovery:List*",
"servicediscovery:RegisterInstance",
"servicediscovery:DeregisterInstance"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJKXLG7EKP2O5SVZW6",
"PolicyName": "AmazonRoute53AutoNamingRegistrantAccess",
"UpdateDate": "2018-03-12T22:33:20+00:00",
"VersionId": "v1"
},
"AmazonRoute53DomainsFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonRoute53DomainsFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:56+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"route53:CreateHostedZone",
"route53domains:*"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIPAFBMIYUILMOKL6G",
"PolicyName": "AmazonRoute53DomainsFullAccess",
"UpdateDate": "2015-02-06T18:40:56+00:00",
"VersionId": "v1"
},
"AmazonRoute53DomainsReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonRoute53DomainsReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:57+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"route53domains:Get*",
"route53domains:List*"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIDRINP6PPTRXYVQCI",
"PolicyName": "AmazonRoute53DomainsReadOnlyAccess",
"UpdateDate": "2015-02-06T18:40:57+00:00",
"VersionId": "v1"
},
"AmazonRoute53FullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonRoute53FullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:54+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"route53:*",
"route53domains:*",
"cloudfront:ListDistributions",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticbeanstalk:DescribeEnvironments",
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:GetBucketWebsite",
"ec2:DescribeVpcs",
"ec2:DescribeVpcEndpoints",
"ec2:DescribeRegions",
"sns:ListTopics",
"sns:ListSubscriptionsByTopic",
"cloudwatch:DescribeAlarms",
"cloudwatch:GetMetricStatistics"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "apigateway:GET",
"Effect": "Allow",
"Resource": "arn:aws:apigateway:*::/domainnames"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJWVDLG5RPST6PHQ3A",
"PolicyName": "AmazonRoute53FullAccess",
"UpdateDate": "2018-12-20T21:42:00+00:00",
"VersionId": "v4"
},
"AmazonRoute53ReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonRoute53ReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:55+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"route53:Get*",
"route53:List*",
"route53:TestDNSAnswer"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAITOYK2ZAOQFXV2JNC",
"PolicyName": "AmazonRoute53ReadOnlyAccess",
"UpdateDate": "2016-11-15T21:15:16+00:00",
"VersionId": "v2"
},
"AmazonRoute53ResolverFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonRoute53ResolverFullAccess",
"AttachmentCount": 0,
"CreateDate": "2019-05-30T18:10:50+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"route53resolver:*",
"ec2:DescribeSubnets",
"ec2:CreateNetworkInterface",
"ec2:DeleteNetworkInterface",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:DescribeNetworkInterfaces",
"ec2:CreateNetworkInterfacePermission",
"ec2:DescribeSecurityGroups",
"ec2:DescribeVpcs"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAZKAPJZG4MZN2MQCY3",
"PolicyName": "AmazonRoute53ResolverFullAccess",
"UpdateDate": "2019-05-30T18:10:50+00:00",
"VersionId": "v1"
},
"AmazonRoute53ResolverReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonRoute53ResolverReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2019-05-30T18:11:31+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"route53resolver:Get*",
"route53resolver:List*",
"ec2:DescribeNetworkInterface",
"ec2:DescribeSecurityGroups",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAZKAPJZG4CARVKYCWY",
"PolicyName": "AmazonRoute53ResolverReadOnlyAccess",
"UpdateDate": "2019-05-30T18:11:31+00:00",
"VersionId": "v1"
},
"AmazonS3FullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonS3FullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:58+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "s3:*",
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIFIR6V6BVTRAHWINE",
"PolicyName": "AmazonS3FullAccess",
"UpdateDate": "2015-02-06T18:40:58+00:00",
"VersionId": "v1"
},
"AmazonS3ReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:59+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"s3:Get*",
"s3:List*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIZTJ4DXE7G6AGAE6M",
"PolicyName": "AmazonS3ReadOnlyAccess",
"UpdateDate": "2015-02-06T18:40:59+00:00",
"VersionId": "v1"
},
"AmazonSESFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonSESFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:02+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ses:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ2P4NXCHAT7NDPNR4",
"PolicyName": "AmazonSESFullAccess",
"UpdateDate": "2015-02-06T18:41:02+00:00",
"VersionId": "v1"
},
"AmazonSESReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonSESReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:03+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ses:Get*",
"ses:List*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAINV2XPFRMWJJNSCGI",
"PolicyName": "AmazonSESReadOnlyAccess",
"UpdateDate": "2015-02-06T18:41:03+00:00",
"VersionId": "v1"
},
"AmazonSNSFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonSNSFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:05+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"sns:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJWEKLCXXUNT2SOLSG",
"PolicyName": "AmazonSNSFullAccess",
"UpdateDate": "2015-02-06T18:41:05+00:00",
"VersionId": "v1"
},
"AmazonSNSReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonSNSReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:06+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"sns:GetTopicAttributes",
"sns:List*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIZGQCQTFOFPMHSB6W",
"PolicyName": "AmazonSNSReadOnlyAccess",
"UpdateDate": "2015-02-06T18:41:06+00:00",
"VersionId": "v1"
},
"AmazonSNSRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonSNSRole",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:30+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:PutMetricFilter",
"logs:PutRetentionPolicy"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJK5GQB7CIK7KHY2GA",
"PolicyName": "AmazonSNSRole",
"UpdateDate": "2015-02-06T18:41:30+00:00",
"VersionId": "v1"
},
"AmazonSQSFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonSQSFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:07+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"sqs:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI65L554VRJ33ECQS6",
"PolicyName": "AmazonSQSFullAccess",
"UpdateDate": "2015-02-06T18:41:07+00:00",
"VersionId": "v1"
},
"AmazonSQSReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonSQSReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:08+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"sqs:GetQueueAttributes",
"sqs:GetQueueUrl",
"sqs:ListDeadLetterSourceQueues",
"sqs:ListQueues"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIUGSSQY362XGCM6KW",
"PolicyName": "AmazonSQSReadOnlyAccess",
"UpdateDate": "2018-08-20T23:35:49+00:00",
"VersionId": "v2"
},
"AmazonSSMAutomationApproverAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonSSMAutomationApproverAccess",
"AttachmentCount": 0,
"CreateDate": "2017-08-07T23:07:28+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ssm:DescribeAutomationExecutions",
"ssm:GetAutomationExecution",
"ssm:SendAutomationSignal"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIDSSXIRWBSLWWIORC",
"PolicyName": "AmazonSSMAutomationApproverAccess",
"UpdateDate": "2017-08-07T23:07:28+00:00",
"VersionId": "v1"
},
"AmazonSSMAutomationRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonSSMAutomationRole",
"AttachmentCount": 0,
"CreateDate": "2016-12-05T22:09:55+00:00",
"DefaultVersionId": "v5",
"Document": {
"Statement": [
{
"Action": [
"lambda:InvokeFunction"
],
"Effect": "Allow",
"Resource": [
"arn:aws:lambda:*:*:function:Automation*"
]
},
{
"Action": [
"ec2:CreateImage",
"ec2:CopyImage",
"ec2:DeregisterImage",
"ec2:DescribeImages",
"ec2:DeleteSnapshot",
"ec2:StartInstances",
"ec2:RunInstances",
"ec2:StopInstances",
"ec2:TerminateInstances",
"ec2:DescribeInstanceStatus",
"ec2:CreateTags",
"ec2:DeleteTags",
"ec2:DescribeTags",
"cloudformation:CreateStack",
"cloudformation:DescribeStackEvents",
"cloudformation:DescribeStacks",
"cloudformation:UpdateStack",
"cloudformation:DeleteStack"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"ssm:*"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"sns:Publish"
],
"Effect": "Allow",
"Resource": [
"arn:aws:sns:*:*:Automation*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJIBQCTBCXD2XRNB6W",
"PolicyName": "AmazonSSMAutomationRole",
"UpdateDate": "2017-07-24T23:29:12+00:00",
"VersionId": "v5"
},
"AmazonSSMDirectoryServiceAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonSSMDirectoryServiceAccess",
"AttachmentCount": 0,
"CreateDate": "2019-03-15T17:44:38+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ds:CreateComputer",
"ds:DescribeDirectories"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ7OJQH3CZU674ERII",
"PolicyName": "AmazonSSMDirectoryServiceAccess",
"UpdateDate": "2019-03-15T17:44:38+00:00",
"VersionId": "v1"
},
"AmazonSSMFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonSSMFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-05-29T17:39:47+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"cloudwatch:PutMetricData",
"ds:CreateComputer",
"ds:DescribeDirectories",
"ec2:DescribeInstanceStatus",
"logs:*",
"ssm:*",
"ec2messages:*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": "ssm.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/ssm.amazonaws.com/AWSServiceRoleForAmazonSSM*"
},
{
"Action": [
"iam:DeleteServiceLinkedRole",
"iam:GetServiceLinkedRoleDeletionStatus"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/ssm.amazonaws.com/AWSServiceRoleForAmazonSSM*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJA7V6HI4ISQFMDYAG",
"PolicyName": "AmazonSSMFullAccess",
"UpdateDate": "2018-07-23T22:53:18+00:00",
"VersionId": "v3"
},
"AmazonSSMMaintenanceWindowRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonSSMMaintenanceWindowRole",
"AttachmentCount": 0,
"CreateDate": "2016-12-01T15:57:54+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ssm:GetAutomationExecution",
"ssm:GetParameters",
"ssm:ListCommands",
"ssm:SendCommand",
"ssm:StartAutomationExecution"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "Stmt1477803259000"
},
{
"Action": [
"lambda:InvokeFunction"
],
"Effect": "Allow",
"Resource": [
"arn:aws:lambda:*:*:function:SSM*",
"arn:aws:lambda:*:*:function:*:SSM*"
],
"Sid": "Stmt1477803259001"
},
{
"Action": [
"states:DescribeExecution",
"states:StartExecution"
],
"Effect": "Allow",
"Resource": [
"arn:aws:states:*:*:stateMachine:SSM*",
"arn:aws:states:*:*:execution:SSM*"
],
"Sid": "Stmt1477803259002"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJV3JNYSTZ47VOXYME",
"PolicyName": "AmazonSSMMaintenanceWindowRole",
"UpdateDate": "2017-08-09T20:49:14+00:00",
"VersionId": "v2"
},
"AmazonSSMManagedInstanceCore": {
"Arn": "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore",
"AttachmentCount": 0,
"CreateDate": "2019-03-15T17:22:12+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ssm:DescribeAssociation",
"ssm:GetDeployablePatchSnapshotForInstance",
"ssm:GetDocument",
"ssm:DescribeDocument",
"ssm:GetManifest",
"ssm:GetParameter",
"ssm:GetParameters",
"ssm:ListAssociations",
"ssm:ListInstanceAssociations",
"ssm:PutInventory",
"ssm:PutComplianceItems",
"ssm:PutConfigurePackageResult",
"ssm:UpdateAssociationStatus",
"ssm:UpdateInstanceAssociationStatus",
"ssm:UpdateInstanceInformation"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ssmmessages:CreateControlChannel",
"ssmmessages:CreateDataChannel",
"ssmmessages:OpenControlChannel",
"ssmmessages:OpenDataChannel"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2messages:AcknowledgeMessage",
"ec2messages:DeleteMessage",
"ec2messages:FailMessage",
"ec2messages:GetEndpoint",
"ec2messages:GetMessages",
"ec2messages:SendReply"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIXSHM2BNB2D3AXXRU",
"PolicyName": "AmazonSSMManagedInstanceCore",
"UpdateDate": "2019-05-23T16:54:21+00:00",
"VersionId": "v2"
},
"AmazonSSMReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonSSMReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-05-29T17:44:19+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ssm:Describe*",
"ssm:Get*",
"ssm:List*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJODSKQGGJTHRYZ5FC",
"PolicyName": "AmazonSSMReadOnlyAccess",
"UpdateDate": "2015-05-29T17:44:19+00:00",
"VersionId": "v1"
},
"AmazonSSMServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonSSMServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-11-13T19:20:08+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"ssm:CancelCommand",
"ssm:GetCommandInvocation",
"ssm:ListCommandInvocations",
"ssm:ListCommands",
"ssm:SendCommand",
"ssm:GetAutomationExecution",
"ssm:GetParameters",
"ssm:StartAutomationExecution"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"ec2:DescribeInstanceAttribute",
"ec2:DescribeInstanceStatus",
"ec2:DescribeInstances"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"lambda:InvokeFunction"
],
"Effect": "Allow",
"Resource": [
"arn:aws:lambda:*:*:function:SSM*",
"arn:aws:lambda:*:*:function:*:SSM*"
]
},
{
"Action": [
"states:DescribeExecution",
"states:StartExecution"
],
"Effect": "Allow",
"Resource": [
"arn:aws:states:*:*:stateMachine:SSM*",
"arn:aws:states:*:*:execution:SSM*"
]
},
{
"Action": [
"resource-groups:ListGroups",
"resource-groups:ListGroupResources"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"tag:GetResources"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": "iam:PassRole",
"Condition": {
"StringEquals": {
"iam:PassedToService": [
"ssm.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIXJ26NUGBA3TCV7EC",
"PolicyName": "AmazonSSMServiceRolePolicy",
"UpdateDate": "2018-07-25T22:14:20+00:00",
"VersionId": "v3"
},
"AmazonSageMakerFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonSageMakerFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-11-29T13:07:59+00:00",
"DefaultVersionId": "v11",
"Document": {
"Statement": [
{
"Action": [
"sagemaker:*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"application-autoscaling:DeleteScalingPolicy",
"application-autoscaling:DeleteScheduledAction",
"application-autoscaling:DeregisterScalableTarget",
"application-autoscaling:DescribeScalableTargets",
"application-autoscaling:DescribeScalingActivities",
"application-autoscaling:DescribeScalingPolicies",
"application-autoscaling:DescribeScheduledActions",
"application-autoscaling:PutScalingPolicy",
"application-autoscaling:PutScheduledAction",
"application-autoscaling:RegisterScalableTarget",
"aws-marketplace:ViewSubscriptions",
"cloudwatch:DeleteAlarms",
"cloudwatch:DescribeAlarms",
"cloudwatch:GetMetricData",
"cloudwatch:GetMetricStatistics",
"cloudwatch:ListMetrics",
"cloudwatch:PutMetricAlarm",
"cloudwatch:PutMetricData",
"codecommit:BatchGetRepositories",
"codecommit:CreateRepository",
"codecommit:GetRepository",
"codecommit:ListBranches",
"codecommit:ListRepositories",
"cognito-idp:AdminAddUserToGroup",
"cognito-idp:AdminCreateUser",
"cognito-idp:AdminDeleteUser",
"cognito-idp:AdminDisableUser",
"cognito-idp:AdminEnableUser",
"cognito-idp:AdminRemoveUserFromGroup",
"cognito-idp:CreateGroup",
"cognito-idp:CreateUserPool",
"cognito-idp:CreateUserPoolClient",
"cognito-idp:CreateUserPoolDomain",
"cognito-idp:DescribeUserPool",
"cognito-idp:DescribeUserPoolClient",
"cognito-idp:ListGroups",
"cognito-idp:ListIdentityProviders",
"cognito-idp:ListUserPoolClients",
"cognito-idp:ListUserPools",
"cognito-idp:ListUsers",
"cognito-idp:ListUsersInGroup",
"cognito-idp:UpdateUserPool",
"cognito-idp:UpdateUserPoolClient",
"ec2:CreateNetworkInterface",
"ec2:CreateNetworkInterfacePermission",
"ec2:CreateVpcEndpoint",
"ec2:DeleteNetworkInterface",
"ec2:DeleteNetworkInterfacePermission",
"ec2:DescribeDhcpOptions",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeRouteTables",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcEndpoints",
"ec2:DescribeVpcs",
"ecr:BatchCheckLayerAvailability",
"ecr:BatchGetImage",
"ecr:CreateRepository",
"ecr:GetAuthorizationToken",
"ecr:GetDownloadUrlForLayer",
"ecr:Describe*",
"elastic-inference:Connect",
"glue:CreateJob",
"glue:DeleteJob",
"glue:GetJob",
"glue:GetJobRun",
"glue:GetJobRuns",
"glue:GetJobs",
"glue:ResetJobBookmark",
"glue:StartJobRun",
"glue:UpdateJob",
"groundtruthlabeling:*",
"iam:ListRoles",
"kms:DescribeKey",
"kms:ListAliases",
"lambda:ListFunctions",
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:DescribeLogStreams",
"logs:GetLogEvents",
"logs:PutLogEvents",
"sns:ListTopics"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ecr:SetRepositoryPolicy",
"ecr:CompleteLayerUpload",
"ecr:BatchDeleteImage",
"ecr:UploadLayerPart",
"ecr:DeleteRepositoryPolicy",
"ecr:InitiateLayerUpload",
"ecr:DeleteRepository",
"ecr:PutImage"
],
"Effect": "Allow",
"Resource": "arn:aws:ecr:*:*:repository/*sagemaker*"
},
{
"Action": [
"codecommit:GitPull",
"codecommit:GitPush"
],
"Effect": "Allow",
"Resource": [
"arn:aws:codecommit:*:*:*sagemaker*",
"arn:aws:codecommit:*:*:*SageMaker*",
"arn:aws:codecommit:*:*:*Sagemaker*"
]
},
{
"Action": [
"secretsmanager:ListSecrets"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"secretsmanager:DescribeSecret",
"secretsmanager:GetSecretValue",
"secretsmanager:CreateSecret"
],
"Effect": "Allow",
"Resource": [
"arn:aws:secretsmanager:*:*:secret:AmazonSageMaker-*"
]
},
{
"Action": [
"secretsmanager:DescribeSecret",
"secretsmanager:GetSecretValue"
],
"Condition": {
"StringEquals": {
"secretsmanager:ResourceTag/SageMaker": "true"
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"robomaker:CreateSimulationApplication",
"robomaker:DescribeSimulationApplication",
"robomaker:DeleteSimulationApplication"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"robomaker:CreateSimulationJob",
"robomaker:DescribeSimulationJob",
"robomaker:CancelSimulationJob"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::*SageMaker*",
"arn:aws:s3:::*Sagemaker*",
"arn:aws:s3:::*sagemaker*",
"arn:aws:s3:::*aws-glue*"
]
},
{
"Action": [
"s3:CreateBucket",
"s3:GetBucketLocation",
"s3:ListBucket",
"s3:ListAllMyBuckets"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:GetObject"
],
"Condition": {
"StringEqualsIgnoreCase": {
"s3:ExistingObjectTag/SageMaker": "true"
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"lambda:InvokeFunction"
],
"Effect": "Allow",
"Resource": [
"arn:aws:lambda:*:*:function:*SageMaker*",
"arn:aws:lambda:*:*:function:*sagemaker*",
"arn:aws:lambda:*:*:function:*Sagemaker*",
"arn:aws:lambda:*:*:function:*LabelingFunction*"
]
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": "sagemaker.application-autoscaling.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/sagemaker.application-autoscaling.amazonaws.com/AWSServiceRoleForApplicationAutoScaling_SageMakerEndpoint"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringEquals": {
"iam:AWSServiceName": "robomaker.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"sns:Subscribe",
"sns:CreateTopic"
],
"Effect": "Allow",
"Resource": [
"arn:aws:sns:*:*:*SageMaker*",
"arn:aws:sns:*:*:*Sagemaker*",
"arn:aws:sns:*:*:*sagemaker*"
]
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringEquals": {
"iam:PassedToService": [
"sagemaker.amazonaws.com",
"glue.amazonaws.com",
"robomaker.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJZ5IWYMXO5QDB4QOG",
"PolicyName": "AmazonSageMakerFullAccess",
"UpdateDate": "2019-05-09T04:44:05+00:00",
"VersionId": "v11"
},
"AmazonSageMakerReadOnly": {
"Arn": "arn:aws:iam::aws:policy/AmazonSageMakerReadOnly",
"AttachmentCount": 0,
"CreateDate": "2017-11-29T13:07:09+00:00",
"DefaultVersionId": "v5",
"Document": {
"Statement": [
{
"Action": [
"application-autoscaling:DescribeScalableTargets",
"application-autoscaling:DescribeScalingActivities",
"application-autoscaling:DescribeScalingPolicies",
"application-autoscaling:DescribeScheduledActions",
"aws-marketplace:ViewSubscriptions",
"aws-marketplace:ViewSubscriptions",
"cloudwatch:DescribeAlarms",
"cognito-idp:DescribeUserPool",
"cognito-idp:DescribeUserPoolClient",
"cognito-idp:ListGroups",
"cognito-idp:ListIdentityProviders",
"cognito-idp:ListUserPoolClients",
"cognito-idp:ListUserPools",
"cognito-idp:ListUsers",
"cognito-idp:ListUsersInGroup",
"ecr:Describe*",
"sagemaker:Describe*",
"sagemaker:GetSearchSuggestions",
"sagemaker:List*",
"sagemaker:Search"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJTZ2FTFCQ6CFLQA2O",
"PolicyName": "AmazonSageMakerReadOnly",
"UpdateDate": "2019-01-04T22:22:07+00:00",
"VersionId": "v5"
},
"AmazonSumerianFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonSumerianFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-04-24T20:14:16+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"sumerian:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJMGUENPB56MXVVGBE",
"PolicyName": "AmazonSumerianFullAccess",
"UpdateDate": "2018-04-24T20:14:16+00:00",
"VersionId": "v1"
},
"AmazonTextractFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonTextractFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-28T19:07:42+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"textract:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIQDD47A7H3GBVPWOQ",
"PolicyName": "AmazonTextractFullAccess",
"UpdateDate": "2018-11-28T19:07:42+00:00",
"VersionId": "v1"
},
"AmazonTextractServiceRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AmazonTextractServiceRole",
"AttachmentCount": 0,
"CreateDate": "2018-11-28T19:12:16+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"sns:Publish"
],
"Effect": "Allow",
"Resource": "arn:aws:sns:*:*:AmazonTextract*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJBDSAWESWLL34WASG",
"PolicyName": "AmazonTextractServiceRole",
"UpdateDate": "2018-11-28T19:12:16+00:00",
"VersionId": "v1"
},
"AmazonTranscribeFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonTranscribeFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-04-04T16:06:16+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"transcribe:*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::*transcribe*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAINAV45F5NT5RMFO7K",
"PolicyName": "AmazonTranscribeFullAccess",
"UpdateDate": "2018-04-04T16:06:16+00:00",
"VersionId": "v1"
},
"AmazonTranscribeReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonTranscribeReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2018-04-04T16:05:06+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"transcribe:Get*",
"transcribe:List*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJM6JONISXCAZKFCAO",
"PolicyName": "AmazonTranscribeReadOnlyAccess",
"UpdateDate": "2018-04-04T16:05:06+00:00",
"VersionId": "v1"
},
"AmazonVPCCrossAccountNetworkInterfaceOperations": {
"Arn": "arn:aws:iam::aws:policy/AmazonVPCCrossAccountNetworkInterfaceOperations",
"AttachmentCount": 0,
"CreateDate": "2017-07-18T20:47:16+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"ec2:DescribeRouteTables",
"ec2:CreateRoute",
"ec2:DeleteRoute",
"ec2:ReplaceRoute"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"ec2:DescribeNetworkInterfaces",
"ec2:CreateNetworkInterface",
"ec2:DeleteNetworkInterface",
"ec2:CreateNetworkInterfacePermission",
"ec2:DeleteNetworkInterfacePermission",
"ec2:DescribeNetworkInterfacePermissions",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:DescribeNetworkInterfaceAttribute",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"ec2:AssignPrivateIpAddresses",
"ec2:UnassignPrivateIpAddresses"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ53Y4ZY5OHP4CNRJC",
"PolicyName": "AmazonVPCCrossAccountNetworkInterfaceOperations",
"UpdateDate": "2019-01-07T19:16:23+00:00",
"VersionId": "v3"
},
"AmazonVPCFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonVPCFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:16+00:00",
"DefaultVersionId": "v7",
"Document": {
"Statement": [
{
"Action": [
"ec2:AcceptVpcPeeringConnection",
"ec2:AcceptVpcEndpointConnections",
"ec2:AllocateAddress",
"ec2:AssignIpv6Addresses",
"ec2:AssignPrivateIpAddresses",
"ec2:AssociateAddress",
"ec2:AssociateDhcpOptions",
"ec2:AssociateRouteTable",
"ec2:AssociateSubnetCidrBlock",
"ec2:AssociateVpcCidrBlock",
"ec2:AttachClassicLinkVpc",
"ec2:AttachInternetGateway",
"ec2:AttachNetworkInterface",
"ec2:AttachVpnGateway",
"ec2:AuthorizeSecurityGroupEgress",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateCustomerGateway",
"ec2:CreateDefaultSubnet",
"ec2:CreateDefaultVpc",
"ec2:CreateDhcpOptions",
"ec2:CreateEgressOnlyInternetGateway",
"ec2:CreateFlowLogs",
"ec2:CreateInternetGateway",
"ec2:CreateNatGateway",
"ec2:CreateNetworkAcl",
"ec2:CreateNetworkAcl",
"ec2:CreateNetworkAclEntry",
"ec2:CreateNetworkInterface",
"ec2:CreateNetworkInterfacePermission",
"ec2:CreateRoute",
"ec2:CreateRouteTable",
"ec2:CreateSecurityGroup",
"ec2:CreateSubnet",
"ec2:CreateTags",
"ec2:CreateVpc",
"ec2:CreateVpcEndpoint",
"ec2:CreateVpcEndpointConnectionNotification",
"ec2:CreateVpcEndpointServiceConfiguration",
"ec2:CreateVpcPeeringConnection",
"ec2:CreateVpnConnection",
"ec2:CreateVpnConnectionRoute",
"ec2:CreateVpnGateway",
"ec2:DeleteCustomerGateway",
"ec2:DeleteDhcpOptions",
"ec2:DeleteEgressOnlyInternetGateway",
"ec2:DeleteFlowLogs",
"ec2:DeleteInternetGateway",
"ec2:DeleteNatGateway",
"ec2:DeleteNetworkAcl",
"ec2:DeleteNetworkAclEntry",
"ec2:DeleteNetworkInterface",
"ec2:DeleteNetworkInterfacePermission",
"ec2:DeleteRoute",
"ec2:DeleteRouteTable",
"ec2:DeleteSecurityGroup",
"ec2:DeleteSubnet",
"ec2:DeleteTags",
"ec2:DeleteVpc",
"ec2:DeleteVpcEndpoints",
"ec2:DeleteVpcEndpointConnectionNotifications",
"ec2:DeleteVpcEndpointServiceConfigurations",
"ec2:DeleteVpcPeeringConnection",
"ec2:DeleteVpnConnection",
"ec2:DeleteVpnConnectionRoute",
"ec2:DeleteVpnGateway",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAddresses",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeClassicLinkInstances",
"ec2:DescribeCustomerGateways",
"ec2:DescribeDhcpOptions",
"ec2:DescribeEgressOnlyInternetGateways",
"ec2:DescribeFlowLogs",
"ec2:DescribeInstances",
"ec2:DescribeInternetGateways",
"ec2:DescribeKeyPairs",
"ec2:DescribeMovingAddresses",
"ec2:DescribeNatGateways",
"ec2:DescribeNetworkAcls",
"ec2:DescribeNetworkInterfaceAttribute",
"ec2:DescribeNetworkInterfacePermissions",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribePrefixLists",
"ec2:DescribeRouteTables",
"ec2:DescribeSecurityGroupReferences",
"ec2:DescribeSecurityGroups",
"ec2:DescribeStaleSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeTags",
"ec2:DescribeVpcAttribute",
"ec2:DescribeVpcClassicLink",
"ec2:DescribeVpcClassicLinkDnsSupport",
"ec2:DescribeVpcEndpointConnectionNotifications",
"ec2:DescribeVpcEndpointConnections",
"ec2:DescribeVpcEndpoints",
"ec2:DescribeVpcEndpointServiceConfigurations",
"ec2:DescribeVpcEndpointServicePermissions",
"ec2:DescribeVpcEndpointServices",
"ec2:DescribeVpcPeeringConnections",
"ec2:DescribeVpcs",
"ec2:DescribeVpnConnections",
"ec2:DescribeVpnGateways",
"ec2:DetachClassicLinkVpc",
"ec2:DetachInternetGateway",
"ec2:DetachNetworkInterface",
"ec2:DetachVpnGateway",
"ec2:DisableVgwRoutePropagation",
"ec2:DisableVpcClassicLink",
"ec2:DisableVpcClassicLinkDnsSupport",
"ec2:DisassociateAddress",
"ec2:DisassociateRouteTable",
"ec2:DisassociateSubnetCidrBlock",
"ec2:DisassociateVpcCidrBlock",
"ec2:EnableVgwRoutePropagation",
"ec2:EnableVpcClassicLink",
"ec2:EnableVpcClassicLinkDnsSupport",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:ModifySubnetAttribute",
"ec2:ModifyVpcAttribute",
"ec2:ModifyVpcEndpoint",
"ec2:ModifyVpcEndpointConnectionNotification",
"ec2:ModifyVpcEndpointServiceConfiguration",
"ec2:ModifyVpcEndpointServicePermissions",
"ec2:ModifyVpcPeeringConnectionOptions",
"ec2:ModifyVpcTenancy",
"ec2:MoveAddressToVpc",
"ec2:RejectVpcEndpointConnections",
"ec2:RejectVpcPeeringConnection",
"ec2:ReleaseAddress",
"ec2:ReplaceNetworkAclAssociation",
"ec2:ReplaceNetworkAclEntry",
"ec2:ReplaceRoute",
"ec2:ReplaceRouteTableAssociation",
"ec2:ResetNetworkInterfaceAttribute",
"ec2:RestoreAddressToClassic",
"ec2:RevokeSecurityGroupEgress",
"ec2:RevokeSecurityGroupIngress",
"ec2:UnassignIpv6Addresses",
"ec2:UnassignPrivateIpAddresses",
"ec2:UpdateSecurityGroupRuleDescriptionsEgress",
"ec2:UpdateSecurityGroupRuleDescriptionsIngress"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJBWPGNOVKZD3JI2P2",
"PolicyName": "AmazonVPCFullAccess",
"UpdateDate": "2018-03-15T18:30:25+00:00",
"VersionId": "v7"
},
"AmazonVPCReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonVPCReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:17+00:00",
"DefaultVersionId": "v6",
"Document": {
"Statement": [
{
"Action": [
"ec2:DescribeAccountAttributes",
"ec2:DescribeAddresses",
"ec2:DescribeClassicLinkInstances",
"ec2:DescribeCustomerGateways",
"ec2:DescribeDhcpOptions",
"ec2:DescribeEgressOnlyInternetGateways",
"ec2:DescribeFlowLogs",
"ec2:DescribeInternetGateways",
"ec2:DescribeMovingAddresses",
"ec2:DescribeNatGateways",
"ec2:DescribeNetworkAcls",
"ec2:DescribeNetworkInterfaceAttribute",
"ec2:DescribeNetworkInterfacePermissions",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribePrefixLists",
"ec2:DescribeRouteTables",
"ec2:DescribeSecurityGroupReferences",
"ec2:DescribeSecurityGroups",
"ec2:DescribeStaleSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeTags",
"ec2:DescribeVpcAttribute",
"ec2:DescribeVpcClassicLink",
"ec2:DescribeVpcClassicLinkDnsSupport",
"ec2:DescribeVpcEndpoints",
"ec2:DescribeVpcEndpointConnectionNotifications",
"ec2:DescribeVpcEndpointConnections",
"ec2:DescribeVpcEndpointServiceConfigurations",
"ec2:DescribeVpcEndpointServicePermissions",
"ec2:DescribeVpcEndpointServices",
"ec2:DescribeVpcPeeringConnections",
"ec2:DescribeVpcs",
"ec2:DescribeVpnConnections",
"ec2:DescribeVpnGateways"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIICZJNOJN36GTG6CM",
"PolicyName": "AmazonVPCReadOnlyAccess",
"UpdateDate": "2018-03-07T18:34:42+00:00",
"VersionId": "v6"
},
"AmazonWorkLinkFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonWorkLinkFullAccess",
"AttachmentCount": 0,
"CreateDate": "2019-01-23T18:52:09+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"worklink:*"
],
"Effect": "Allow",
"Resource": "arn:aws:worklink:*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJM4ITL7TEVURHCQSY",
"PolicyName": "AmazonWorkLinkFullAccess",
"UpdateDate": "2019-01-23T18:52:09+00:00",
"VersionId": "v1"
},
"AmazonWorkLinkReadOnly": {
"Arn": "arn:aws:iam::aws:policy/AmazonWorkLinkReadOnly",
"AttachmentCount": 0,
"CreateDate": "2019-01-23T19:07:10+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"worklink:Describe*",
"worklink:List*"
],
"Effect": "Allow",
"Resource": "arn:aws:worklink:*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIANQMFGU4EUUZKFQ4",
"PolicyName": "AmazonWorkLinkReadOnly",
"UpdateDate": "2019-01-23T19:07:10+00:00",
"VersionId": "v1"
},
"AmazonWorkLinkServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonWorkLinkServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2019-03-18T18:00:16+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:CreateNetworkInterface",
"ec2:DeleteNetworkInterfacePermission",
"ec2:CreateNetworkInterfacePermission",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:DeleteNetworkInterface"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"kinesis:PutRecord",
"kinesis:PutRecords"
],
"Effect": "Allow",
"Resource": "arn:aws:kinesis:*:*:stream/AmazonWorkLink-*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAINJJP6CO7ATFCV4CU",
"PolicyName": "AmazonWorkLinkServiceRolePolicy",
"UpdateDate": "2019-03-18T18:00:16+00:00",
"VersionId": "v1"
},
"AmazonWorkMailEventsServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AmazonWorkMailEventsServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2019-04-16T16:52:43+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAZKAPJZG4JG5LNO3U7",
"PolicyName": "AmazonWorkMailEventsServiceRolePolicy",
"UpdateDate": "2019-04-16T16:52:43+00:00",
"VersionId": "v1"
},
"AmazonWorkMailFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonWorkMailFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:41+00:00",
"DefaultVersionId": "v6",
"Document": {
"Statement": [
{
"Action": [
"ds:AuthorizeApplication",
"ds:CheckAlias",
"ds:CreateAlias",
"ds:CreateDirectory",
"ds:CreateIdentityPoolDirectory",
"ds:CreateDomain",
"ds:DeleteAlias",
"ds:DeleteDirectory",
"ds:DescribeDirectories",
"ds:ExtendDirectory",
"ds:GetDirectoryLimits",
"ds:ListAuthorizedApplications",
"ds:UnauthorizeApplication",
"ec2:AuthorizeSecurityGroupEgress",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateNetworkInterface",
"ec2:CreateSecurityGroup",
"ec2:CreateSubnet",
"ec2:CreateTags",
"ec2:CreateVpc",
"ec2:DeleteSecurityGroup",
"ec2:DeleteSubnet",
"ec2:DeleteVpc",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeDomains",
"ec2:DescribeRouteTables",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:RevokeSecurityGroupEgress",
"ec2:RevokeSecurityGroupIngress",
"kms:DescribeKey",
"kms:ListAliases",
"lambda:ListFunctions",
"route53:ChangeResourceRecordSets",
"route53:ListHostedZones",
"route53:ListResourceRecordSets",
"route53domains:CheckDomainAvailability",
"route53domains:ListDomains",
"ses:*",
"workmail:*",
"iam:ListRoles",
"logs:DescribeLogGroups",
"logs:CreateLogGroup",
"logs:PutRetentionPolicy"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringEquals": {
"iam:AWSServiceName": "events.workmail.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:DeleteServiceLinkedRole",
"iam:GetServiceLinkedRoleDeletionStatus"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/events.workmail.amazonaws.com/AWSServiceRoleForAmazonWorkMailEvents*"
},
{
"Action": "iam:PassRole",
"Condition": {
"StringLike": {
"iam:PassedToService": "events.workmail.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/*workmail*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJQVKNMT7SVATQ4AUY",
"PolicyName": "AmazonWorkMailFullAccess",
"UpdateDate": "2019-05-13T15:21:29+00:00",
"VersionId": "v6"
},
"AmazonWorkMailReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonWorkMailReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:42+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"ses:Describe*",
"ses:Get*",
"workmail:Describe*",
"workmail:Get*",
"workmail:List*",
"workmail:Search*",
"lambda:ListFunctions",
"iam:ListRoles",
"logs:DescribeLogGroups"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJHF7J65E2QFKCWAJM",
"PolicyName": "AmazonWorkMailReadOnlyAccess",
"UpdateDate": "2019-05-13T15:12:46+00:00",
"VersionId": "v3"
},
"AmazonWorkSpacesAdmin": {
"Arn": "arn:aws:iam::aws:policy/AmazonWorkSpacesAdmin",
"AttachmentCount": 0,
"CreateDate": "2015-09-22T22:21:15+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"workspaces:CreateWorkspaces",
"workspaces:DescribeWorkspaces",
"workspaces:RebootWorkspaces",
"workspaces:RebuildWorkspaces",
"workspaces:TerminateWorkspaces",
"workspaces:DescribeWorkspaceDirectories",
"workspaces:DescribeWorkspaceBundles",
"workspaces:ModifyWorkspaceProperties",
"workspaces:StopWorkspaces",
"workspaces:StartWorkspaces",
"workspaces:DescribeWorkspacesConnectionStatus",
"workspaces:CreateTags",
"workspaces:DeleteTags",
"workspaces:DescribeTags",
"kms:ListKeys",
"kms:ListAliases",
"kms:DescribeKey"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ26AU6ATUQCT5KVJU",
"PolicyName": "AmazonWorkSpacesAdmin",
"UpdateDate": "2016-08-18T23:08:42+00:00",
"VersionId": "v2"
},
"AmazonWorkSpacesApplicationManagerAdminAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonWorkSpacesApplicationManagerAdminAccess",
"AttachmentCount": 0,
"CreateDate": "2015-04-09T14:03:18+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "wam:AuthenticatePackager",
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJPRL4KYETIH7XGTSS",
"PolicyName": "AmazonWorkSpacesApplicationManagerAdminAccess",
"UpdateDate": "2015-04-09T14:03:18+00:00",
"VersionId": "v1"
},
"AmazonZocaloFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonZocaloFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:13+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"zocalo:*",
"ds:*",
"ec2:AuthorizeSecurityGroupEgress",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateNetworkInterface",
"ec2:CreateSecurityGroup",
"ec2:CreateSubnet",
"ec2:CreateTags",
"ec2:CreateVpc",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:DeleteNetworkInterface",
"ec2:DeleteSecurityGroup",
"ec2:RevokeSecurityGroupEgress",
"ec2:RevokeSecurityGroupIngress"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJLCDXYRINDMUXEVL6",
"PolicyName": "AmazonZocaloFullAccess",
"UpdateDate": "2015-02-06T18:41:13+00:00",
"VersionId": "v1"
},
"AmazonZocaloReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AmazonZocaloReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:14+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"zocalo:Describe*",
"ds:DescribeDirectories",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAISRCSSJNS3QPKZJPM",
"PolicyName": "AmazonZocaloReadOnlyAccess",
"UpdateDate": "2015-02-06T18:41:14+00:00",
"VersionId": "v1"
},
"ApplicationAutoScalingForAmazonAppStreamAccess": {
"Arn": "arn:aws:iam::aws:policy/service-role/ApplicationAutoScalingForAmazonAppStreamAccess",
"AttachmentCount": 0,
"CreateDate": "2017-02-06T21:39:56+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"appstream:UpdateFleet",
"appstream:DescribeFleets"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"cloudwatch:DescribeAlarms"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIEL3HJCCWFVHA6KPG",
"PolicyName": "ApplicationAutoScalingForAmazonAppStreamAccess",
"UpdateDate": "2017-02-06T21:39:56+00:00",
"VersionId": "v1"
},
"ApplicationDiscoveryServiceContinuousExportServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/ApplicationDiscoveryServiceContinuousExportServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-08-09T20:22:01+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"glue:CreateDatabase",
"glue:UpdateDatabase",
"glue:CreateTable",
"glue:UpdateTable",
"firehose:CreateDeliveryStream",
"firehose:DescribeDeliveryStream",
"logs:CreateLogGroup"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"firehose:DeleteDeliveryStream",
"firehose:PutRecord",
"firehose:PutRecordBatch",
"firehose:UpdateDestination"
],
"Effect": "Allow",
"Resource": "arn:aws:firehose:*:*:deliverystream/aws-application-discovery-service*"
},
{
"Action": [
"s3:CreateBucket",
"s3:ListBucket",
"s3:PutBucketLogging",
"s3:PutEncryptionConfiguration"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::aws-application-discovery-service*"
},
{
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::aws-application-discovery-service*/*"
},
{
"Action": [
"logs:CreateLogStream",
"logs:PutRetentionPolicy"
],
"Effect": "Allow",
"Resource": "arn:aws:logs:*:*:log-group:/aws/application-discovery-service/firehose*"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringLike": {
"iam:PassedToService": "firehose.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/AWSApplicationDiscoveryServiceFirehose"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringLike": {
"iam:PassedToService": "firehose.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/service-role/AWSApplicationDiscoveryServiceFirehose"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJMGMY3P6OEWOELRFE",
"PolicyName": "ApplicationDiscoveryServiceContinuousExportServiceRolePolicy",
"UpdateDate": "2018-08-13T22:31:21+00:00",
"VersionId": "v2"
},
"AutoScalingConsoleFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AutoScalingConsoleFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-01-12T19:43:16+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateKeyPair",
"ec2:CreateSecurityGroup",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeImages",
"ec2:DescribeInstanceAttribute",
"ec2:DescribeInstances",
"ec2:DescribeKeyPairs",
"ec2:DescribeLaunchTemplateVersions",
"ec2:DescribePlacementGroups",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSpotInstanceRequests",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:DescribeVpcClassicLink",
"ec2:ImportKeyPair"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "elasticloadbalancing:Describe*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloudwatch:ListMetrics",
"cloudwatch:GetMetricStatistics",
"cloudwatch:PutMetricAlarm",
"cloudwatch:Describe*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "autoscaling:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"sns:ListSubscriptions",
"sns:ListTopics"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:ListRoles",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringEquals": {
"iam:AWSServiceName": "autoscaling.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIYEN6FJGYYWJFFCZW",
"PolicyName": "AutoScalingConsoleFullAccess",
"UpdateDate": "2018-02-06T23:15:36+00:00",
"VersionId": "v2"
},
"AutoScalingConsoleReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AutoScalingConsoleReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2017-01-12T19:48:53+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:DescribeVpcs",
"ec2:DescribeVpcClassicLink",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeSubnets"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "elasticloadbalancing:Describe*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloudwatch:ListMetrics",
"cloudwatch:GetMetricStatistics",
"cloudwatch:Describe*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "autoscaling:Describe*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"sns:ListSubscriptions",
"sns:ListTopics"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI3A7GDXOYQV3VUQMK",
"PolicyName": "AutoScalingConsoleReadOnlyAccess",
"UpdateDate": "2017-01-12T19:48:53+00:00",
"VersionId": "v1"
},
"AutoScalingFullAccess": {
"Arn": "arn:aws:iam::aws:policy/AutoScalingFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-01-12T19:31:58+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": "autoscaling:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "cloudwatch:PutMetricAlarm",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:DescribeAccountAttributes",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeImages",
"ec2:DescribeInstanceAttribute",
"ec2:DescribeInstances",
"ec2:DescribeKeyPairs",
"ec2:DescribeLaunchTemplateVersions",
"ec2:DescribePlacementGroups",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSpotInstanceRequests",
"ec2:DescribeSubnets",
"ec2:DescribeVpcClassicLink"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeTargetGroups"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringEquals": {
"iam:AWSServiceName": "autoscaling.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIAWRCSJDDXDXGPCFU",
"PolicyName": "AutoScalingFullAccess",
"UpdateDate": "2018-02-06T21:59:13+00:00",
"VersionId": "v2"
},
"AutoScalingNotificationAccessRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/AutoScalingNotificationAccessRole",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:22+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"sqs:SendMessage",
"sqs:GetQueueUrl",
"sns:Publish"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIO2VMUPGDC5PZVXVA",
"PolicyName": "AutoScalingNotificationAccessRole",
"UpdateDate": "2015-02-06T18:41:22+00:00",
"VersionId": "v1"
},
"AutoScalingReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/AutoScalingReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2017-01-12T19:39:35+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "autoscaling:Describe*",
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIAFWUVLC2LPLSFTFG",
"PolicyName": "AutoScalingReadOnlyAccess",
"UpdateDate": "2017-01-12T19:39:35+00:00",
"VersionId": "v1"
},
"AutoScalingServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/AutoScalingServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-01-08T23:10:55+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ec2:AttachClassicLinkVpc",
"ec2:CancelSpotInstanceRequests",
"ec2:CreateFleet",
"ec2:CreateTags",
"ec2:DeleteTags",
"ec2:Describe*",
"ec2:DetachClassicLinkVpc",
"ec2:ModifyInstanceAttribute",
"ec2:RequestSpotInstances",
"ec2:RunInstances",
"ec2:TerminateInstances"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "EC2InstanceManagement"
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringLike": {
"iam:PassedToService": "ec2.amazonaws.com*"
}
},
"Effect": "Allow",
"Resource": "*",
"Sid": "EC2InstanceProfileManagement"
},
{
"Action": [
"iam:CreateServiceLinkedRole"
],
"Condition": {
"StringEquals": {
"iam:AWSServiceName": "spot.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*",
"Sid": "EC2SpotManagement"
},
{
"Action": [
"elasticloadbalancing:Register*",
"elasticloadbalancing:Deregister*",
"elasticloadbalancing:Describe*"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "ELBManagement"
},
{
"Action": [
"cloudwatch:DeleteAlarms",
"cloudwatch:DescribeAlarms",
"cloudwatch:PutMetricAlarm"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "CWManagement"
},
{
"Action": [
"sns:Publish"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "SNSManagement"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIC5D2V7MRWBMHGD7G",
"PolicyName": "AutoScalingServiceRolePolicy",
"UpdateDate": "2018-10-31T18:19:10+00:00",
"VersionId": "v2"
},
"Billing": {
"Arn": "arn:aws:iam::aws:policy/job-function/Billing",
"AttachmentCount": 0,
"CreateDate": "2016-11-10T17:33:18+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"aws-portal:*Billing",
"awsbillingconsole:*Billing",
"aws-portal:*Usage",
"awsbillingconsole:*Usage",
"aws-portal:*PaymentMethods",
"awsbillingconsole:*PaymentMethods",
"budgets:ViewBudget",
"budgets:ModifyBudget",
"cur:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/job-function/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIFTHXT6FFMIRT7ZEA",
"PolicyName": "Billing",
"UpdateDate": "2018-02-06T23:46:37+00:00",
"VersionId": "v2"
},
"ClientVPNServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/ClientVPNServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-12-10T21:20:25+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ec2:CreateNetworkInterface",
"ec2:CreateNetworkInterfacePermission",
"ec2:DescribeSecurityGroups",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets",
"ec2:DescribeInternetGateways",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:DeleteNetworkInterface",
"ec2:DescribeAccountAttributes",
"ds:AuthorizeApplication",
"ds:DescribeDirectories",
"ds:GetDirectoryLimits",
"ds:ListAuthorizedApplications",
"ds:UnauthorizeApplication",
"logs:DescribeLogStreams",
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogGroups",
"acm:GetCertificate",
"acm:DescribeCertificate"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI2SV25KUCYQYS5N74",
"PolicyName": "ClientVPNServiceRolePolicy",
"UpdateDate": "2019-01-16T22:22:28+00:00",
"VersionId": "v2"
},
"CloudFrontFullAccess": {
"Arn": "arn:aws:iam::aws:policy/CloudFrontFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:39:50+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"s3:ListAllMyBuckets"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::*"
},
{
"Action": [
"acm:ListCertificates",
"cloudfront:*",
"iam:ListServerCertificates",
"waf:ListWebACLs",
"waf:GetWebACL"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIPRV52SH6HDCCFY6U",
"PolicyName": "CloudFrontFullAccess",
"UpdateDate": "2016-01-21T17:03:57+00:00",
"VersionId": "v3"
},
"CloudFrontReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/CloudFrontReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:39:55+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"acm:ListCertificates",
"cloudfront:Get*",
"cloudfront:List*",
"iam:ListServerCertificates",
"route53:List*",
"waf:ListWebACLs",
"waf:GetWebACL"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJJZMNYOTZCNQP36LG",
"PolicyName": "CloudFrontReadOnlyAccess",
"UpdateDate": "2016-01-21T17:03:28+00:00",
"VersionId": "v3"
},
"CloudHSMServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/CloudHSMServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-11-06T19:12:46+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogStreams"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJILYY7JP6JLMQG56I",
"PolicyName": "CloudHSMServiceRolePolicy",
"UpdateDate": "2017-11-06T19:12:46+00:00",
"VersionId": "v1"
},
"CloudSearchFullAccess": {
"Arn": "arn:aws:iam::aws:policy/CloudSearchFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:39:56+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloudsearch:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIM6OOWKQ7L7VBOZOC",
"PolicyName": "CloudSearchFullAccess",
"UpdateDate": "2015-02-06T18:39:56+00:00",
"VersionId": "v1"
},
"CloudSearchReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/CloudSearchReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:39:57+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloudsearch:Describe*",
"cloudsearch:List*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJWPLX7N7BCC3RZLHW",
"PolicyName": "CloudSearchReadOnlyAccess",
"UpdateDate": "2015-02-06T18:39:57+00:00",
"VersionId": "v1"
},
"CloudTrailServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/CloudTrailServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-10-24T21:21:44+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloudtrail:*"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "CloudTrailFullAccess"
},
{
"Action": [
"organizations:DescribeAccount",
"organizations:DescribeOrganization",
"organizations:ListAccounts",
"organizations:ListAWSServiceAccessForOrganization"
],
"Effect": "Allow",
"Resource": [
"*"
],
"Sid": "AwsOrgsAccess"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJXQJ45EGU6U7NQBW4",
"PolicyName": "CloudTrailServiceRolePolicy",
"UpdateDate": "2018-10-24T21:21:44+00:00",
"VersionId": "v1"
},
"CloudWatchActionsEC2Access": {
"Arn": "arn:aws:iam::aws:policy/CloudWatchActionsEC2Access",
"AttachmentCount": 0,
"CreateDate": "2015-07-07T00:00:33+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloudwatch:Describe*",
"ec2:Describe*",
"ec2:RebootInstances",
"ec2:StopInstances",
"ec2:TerminateInstances"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIOWD4E3FVSORSZTGU",
"PolicyName": "CloudWatchActionsEC2Access",
"UpdateDate": "2015-07-07T00:00:33+00:00",
"VersionId": "v1"
},
"CloudWatchAgentAdminPolicy": {
"Arn": "arn:aws:iam::aws:policy/CloudWatchAgentAdminPolicy",
"AttachmentCount": 0,
"CreateDate": "2018-03-07T00:52:31+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloudwatch:PutMetricData",
"ec2:DescribeTags",
"logs:PutLogEvents",
"logs:DescribeLogStreams",
"logs:DescribeLogGroups",
"logs:CreateLogStream",
"logs:CreateLogGroup"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ssm:GetParameter",
"ssm:PutParameter"
],
"Effect": "Allow",
"Resource": "arn:aws:ssm:*:*:parameter/AmazonCloudWatch-*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAICMXPKT7EBAF6KR3O",
"PolicyName": "CloudWatchAgentAdminPolicy",
"UpdateDate": "2018-03-07T00:52:31+00:00",
"VersionId": "v1"
},
"CloudWatchAgentServerPolicy": {
"Arn": "arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy",
"AttachmentCount": 0,
"CreateDate": "2018-03-07T01:06:44+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloudwatch:PutMetricData",
"ec2:DescribeTags",
"logs:PutLogEvents",
"logs:DescribeLogStreams",
"logs:DescribeLogGroups",
"logs:CreateLogStream",
"logs:CreateLogGroup"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ssm:GetParameter"
],
"Effect": "Allow",
"Resource": "arn:aws:ssm:*:*:parameter/AmazonCloudWatch-*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIGOPKN7KRDAKTLG4I",
"PolicyName": "CloudWatchAgentServerPolicy",
"UpdateDate": "2018-03-07T01:06:44+00:00",
"VersionId": "v1"
},
"CloudWatchEventsBuiltInTargetExecutionAccess": {
"Arn": "arn:aws:iam::aws:policy/service-role/CloudWatchEventsBuiltInTargetExecutionAccess",
"AttachmentCount": 0,
"CreateDate": "2016-01-14T18:35:49+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:Describe*",
"ec2:RebootInstances",
"ec2:StopInstances",
"ec2:TerminateInstances",
"ec2:CreateSnapshot"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "CloudWatchEventsBuiltInTargetExecutionAccess"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIC5AQ5DATYSNF4AUM",
"PolicyName": "CloudWatchEventsBuiltInTargetExecutionAccess",
"UpdateDate": "2016-01-14T18:35:49+00:00",
"VersionId": "v1"
},
"CloudWatchEventsFullAccess": {
"Arn": "arn:aws:iam::aws:policy/CloudWatchEventsFullAccess",
"AttachmentCount": 0,
"CreateDate": "2016-01-14T18:37:08+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "events:*",
"Effect": "Allow",
"Resource": "*",
"Sid": "CloudWatchEventsFullAccess"
},
{
"Action": "iam:PassRole",
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/AWS_Events_Invoke_Targets",
"Sid": "IAMPassRoleForCloudWatchEvents"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJZLOYLNHESMYOJAFU",
"PolicyName": "CloudWatchEventsFullAccess",
"UpdateDate": "2016-01-14T18:37:08+00:00",
"VersionId": "v1"
},
"CloudWatchEventsInvocationAccess": {
"Arn": "arn:aws:iam::aws:policy/service-role/CloudWatchEventsInvocationAccess",
"AttachmentCount": 0,
"CreateDate": "2016-01-14T18:36:33+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"kinesis:PutRecord"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "CloudWatchEventsInvocationAccess"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJJXD6JKJLK2WDLZNO",
"PolicyName": "CloudWatchEventsInvocationAccess",
"UpdateDate": "2016-01-14T18:36:33+00:00",
"VersionId": "v1"
},
"CloudWatchEventsReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/CloudWatchEventsReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2016-01-14T18:27:18+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"events:DescribeRule",
"events:ListRuleNamesByTarget",
"events:ListRules",
"events:ListTargetsByRule",
"events:TestEventPattern",
"events:DescribeEventBus"
],
"Effect": "Allow",
"Resource": "*",
"Sid": "CloudWatchEventsReadOnlyAccess"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIILJPXXA6F7GYLYBS",
"PolicyName": "CloudWatchEventsReadOnlyAccess",
"UpdateDate": "2017-08-10T17:25:34+00:00",
"VersionId": "v2"
},
"CloudWatchEventsServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/CloudWatchEventsServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-11-17T00:42:04+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloudwatch:DescribeAlarms",
"ec2:DescribeInstanceStatus",
"ec2:DescribeInstances",
"ec2:DescribeSnapshots",
"ec2:DescribeVolumeStatus",
"ec2:DescribeVolumes",
"ec2:RebootInstances",
"ec2:StopInstances",
"ec2:TerminateInstances",
"ec2:CreateSnapshot"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJNVASSNSIDZIP4X7I",
"PolicyName": "CloudWatchEventsServiceRolePolicy",
"UpdateDate": "2017-11-17T00:42:04+00:00",
"VersionId": "v1"
},
"CloudWatchFullAccess": {
"Arn": "arn:aws:iam::aws:policy/CloudWatchFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:00+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"autoscaling:Describe*",
"cloudwatch:*",
"logs:*",
"sns:*",
"iam:GetPolicy",
"iam:GetPolicyVersion",
"iam:GetRole"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": "events.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/events.amazonaws.com/AWSServiceRoleForCloudWatchEvents*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIKEABORKUXN6DEAZU",
"PolicyName": "CloudWatchFullAccess",
"UpdateDate": "2018-08-09T19:10:43+00:00",
"VersionId": "v3"
},
"CloudWatchLogsFullAccess": {
"Arn": "arn:aws:iam::aws:policy/CloudWatchLogsFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:02+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"logs:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ3ZGNWK2R5HW5BQFO",
"PolicyName": "CloudWatchLogsFullAccess",
"UpdateDate": "2015-02-06T18:40:02+00:00",
"VersionId": "v1"
},
"CloudWatchLogsReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/CloudWatchLogsReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:03+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"logs:Describe*",
"logs:Get*",
"logs:List*",
"logs:StartQuery",
"logs:StopQuery",
"logs:TestMetricFilter",
"logs:FilterLogEvents"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ2YIYDYSNNEHK3VKW",
"PolicyName": "CloudWatchLogsReadOnlyAccess",
"UpdateDate": "2019-01-14T19:32:45+00:00",
"VersionId": "v4"
},
"CloudWatchReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/CloudWatchReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:01+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"autoscaling:Describe*",
"cloudwatch:Describe*",
"cloudwatch:Get*",
"cloudwatch:List*",
"logs:Get*",
"logs:List*",
"logs:Describe*",
"logs:TestMetricFilter",
"logs:FilterLogEvents",
"sns:Get*",
"sns:List*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJN23PDQP7SZQAE3QE",
"PolicyName": "CloudWatchReadOnlyAccess",
"UpdateDate": "2018-05-10T21:40:42+00:00",
"VersionId": "v3"
},
"CloudwatchApplicationInsightsServiceLinkedRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/CloudwatchApplicationInsightsServiceLinkedRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-12-01T16:22:12+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"cloudwatch:DescribeAlarmHistory",
"cloudwatch:DescribeAlarms",
"cloudwatch:GetMetricData",
"cloudwatch:ListMetrics",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DeleteAlarms"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"logs:GetLogEvents",
"logs:DescribeLogStreams",
"logs:DescribeLogGroups"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"events:DescribeRule"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"cloudFormation:CreateStack",
"cloudFormation:UpdateStack",
"cloudFormation:DeleteStack"
],
"Effect": "Allow",
"Resource": [
"arn:aws:cloudformation:*:*:stack/ApplicationInsights-*"
]
},
{
"Action": [
"cloudFormation:DescribeStacks",
"cloudFormation:ListStackResources"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"tag:GetResources"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"resource-groups:ListGroupResources",
"resource-groups:GetGroupQuery",
"resource-groups:GetGroup"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeTargetGroups",
"elasticloadbalancing:DescribeTargetHealth"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"autoscaling:DescribeAutoScalingGroups"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"ssm:PutParameter",
"ssm:DeleteParameter",
"ssm:AddTagsToResource"
],
"Effect": "Allow",
"Resource": "arn:aws:ssm:*:*:parameter/AmazonCloudWatch-ApplicationInsights-*"
},
{
"Action": [
"ssm:CreateAssociation",
"ssm:UpdateAssociation",
"ssm:DeleteAssociation",
"ssm:DescribeAssociation"
],
"Effect": "Allow",
"Resource": [
"arn:aws:ec2:*:*:instance/*",
"arn:aws:ssm:*:*:association/*",
"arn:aws:ssm:*:*:managed-instance/*",
"arn:aws:ssm:*:*:document/AWSEC2-ApplicationInsightsCloudwatchAgentInstallAndConfigure",
"arn:aws:ssm:*:*:document/AWS-ConfigureAWSPackage",
"arn:aws:ssm:*:*:document/AmazonCloudWatch-ManageAgent"
]
},
{
"Action": [
"ssm:GetOpsItem",
"ssm:CreateOpsItem",
"ssm:DescribeOpsItems",
"ssm:UpdateOpsItem",
"ssm:DescribeInstanceInformation"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"ec2:DescribeInstances"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJH3SHQERZRQMQOQ44",
"PolicyName": "CloudwatchApplicationInsightsServiceLinkedRolePolicy",
"UpdateDate": "2019-05-24T18:26:41+00:00",
"VersionId": "v3"
},
"ComprehendDataAccessRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/service-role/ComprehendDataAccessRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2019-03-06T22:28:15+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": {
"Action": [
"s3:GetObject",
"s3:ListBucket",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::*Comprehend*",
"arn:aws:s3:::*comprehend*"
]
},
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJHSDRRKS2Z3MYUPQY",
"PolicyName": "ComprehendDataAccessRolePolicy",
"UpdateDate": "2019-03-06T22:28:15+00:00",
"VersionId": "v1"
},
"ComprehendFullAccess": {
"Arn": "arn:aws:iam::aws:policy/ComprehendFullAccess",
"AttachmentCount": 0,
"CreateDate": "2017-11-29T18:08:43+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"comprehend:*",
"s3:ListAllMyBuckets",
"s3:ListBucket",
"s3:GetBucketLocation",
"iam:ListRoles",
"iam:GetRole"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAITBM2PMWNG2P7RZEQ",
"PolicyName": "ComprehendFullAccess",
"UpdateDate": "2017-12-05T01:36:24+00:00",
"VersionId": "v2"
},
"ComprehendMedicalFullAccess": {
"Arn": "arn:aws:iam::aws:policy/ComprehendMedicalFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-27T17:55:52+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"comprehendmedical:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJR5SUEX6PPJ3K4RAO",
"PolicyName": "ComprehendMedicalFullAccess",
"UpdateDate": "2018-11-27T17:55:52+00:00",
"VersionId": "v1"
},
"ComprehendReadOnly": {
"Arn": "arn:aws:iam::aws:policy/ComprehendReadOnly",
"AttachmentCount": 0,
"CreateDate": "2017-11-29T18:10:19+00:00",
"DefaultVersionId": "v5",
"Document": {
"Statement": [
{
"Action": [
"comprehend:DetectDominantLanguage",
"comprehend:BatchDetectDominantLanguage",
"comprehend:DetectEntities",
"comprehend:BatchDetectEntities",
"comprehend:DetectKeyPhrases",
"comprehend:BatchDetectKeyPhrases",
"comprehend:DetectSentiment",
"comprehend:BatchDetectSentiment",
"comprehend:DetectSyntax",
"comprehend:BatchDetectSyntax",
"comprehend:DescribeTopicsDetectionJob",
"comprehend:ListTopicsDetectionJobs",
"comprehend:DescribeDominantLanguageDetectionJob",
"comprehend:ListDominantLanguageDetectionJobs",
"comprehend:DescribeEntitiesDetectionJob",
"comprehend:ListEntitiesDetectionJobs",
"comprehend:DescribeKeyPhrasesDetectionJob",
"comprehend:ListKeyPhrasesDetectionJobs",
"comprehend:DescribeSentimentDetectionJob",
"comprehend:ListSentimentDetectionJobs",
"comprehend:DescribeDocumentClassifier",
"comprehend:ListDocumentClassifiers",
"comprehend:DescribeDocumentClassificationJob",
"comprehend:ListDocumentClassificationJobs",
"comprehend:DescribeEntityRecognizer",
"comprehend:ListEntityRecognizers"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJIUV5K2YCHQBBAH7G",
"PolicyName": "ComprehendReadOnly",
"UpdateDate": "2018-11-20T01:54:51+00:00",
"VersionId": "v5"
},
"DAXServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/DAXServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-03-05T17:51:25+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateNetworkInterface",
"ec2:CreateSecurityGroup",
"ec2:DeleteNetworkInterface",
"ec2:DeleteSecurityGroup",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:RevokeSecurityGroupIngress"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJQWMGC67G4DWMREGM",
"PolicyName": "DAXServiceRolePolicy",
"UpdateDate": "2018-03-05T17:51:25+00:00",
"VersionId": "v1"
},
"DataScientist": {
"Arn": "arn:aws:iam::aws:policy/job-function/DataScientist",
"AttachmentCount": 0,
"CreateDate": "2016-11-10T17:28:48+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"autoscaling:*",
"cloudwatch:*",
"cloudformation:CreateStack",
"cloudformation:DescribeStackEvents",
"datapipeline:Describe*",
"datapipeline:ListPipelines",
"datapipeline:GetPipelineDefinition",
"datapipeline:QueryObjects",
"dynamodb:*",
"ec2:CancelSpotInstanceRequests",
"ec2:CancelSpotFleetRequests",
"ec2:CreateTags",
"ec2:DeleteTags",
"ec2:Describe*",
"ec2:ModifyImageAttribute",
"ec2:ModifyInstanceAttribute",
"ec2:ModifySpotFleetRequest",
"ec2:RequestSpotInstances",
"ec2:RequestSpotFleet",
"elasticfilesystem:*",
"elasticmapreduce:*",
"es:*",
"firehose:*",
"iam:GetInstanceProfile",
"iam:GetRole",
"iam:GetPolicy",
"iam:GetPolicyVersion",
"iam:ListRoles",
"kinesis:*",
"kms:List*",
"lambda:Create*",
"lambda:Delete*",
"lambda:Get*",
"lambda:InvokeFunction",
"lambda:PublishVersion",
"lambda:Update*",
"lambda:List*",
"machinelearning:*",
"sdb:*",
"rds:*",
"sns:ListSubscriptions",
"sns:ListTopics",
"logs:DescribeLogStreams",
"logs:GetLogEvents",
"redshift:*",
"s3:CreateBucket",
"sns:CreateTopic",
"sns:Get*",
"sns:List*",
"sagemaker:*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:Abort*",
"s3:DeleteObject",
"s3:Get*",
"s3:List*",
"s3:PutAccelerateConfiguration",
"s3:PutBucketLogging",
"s3:PutBucketNotification",
"s3:PutBucketTagging",
"s3:PutObject",
"s3:Replicate*",
"s3:RestoreObject"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"ec2:RunInstances",
"ec2:TerminateInstances"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"iam:PassRole"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/DataPipelineDefaultRole",
"arn:aws:iam::*:role/DataPipelineDefaultResourceRole",
"arn:aws:iam::*:role/EMR_EC2_DefaultRole",
"arn:aws:iam::*:role/EMR_DefaultRole",
"arn:aws:iam::*:role/kinesis-*"
]
},
{
"Action": [
"iam:PassRole"
],
"Condition": {
"StringEquals": {
"iam:PassedToService": "sagemaker.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/job-function/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ5YHI2BQW7EQFYDXS",
"PolicyName": "DataScientist",
"UpdateDate": "2019-01-18T19:26:23+00:00",
"VersionId": "v3"
},
"DatabaseAdministrator": {
"Arn": "arn:aws:iam::aws:policy/job-function/DatabaseAdministrator",
"AttachmentCount": 0,
"CreateDate": "2016-11-10T17:25:43+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"cloudwatch:DeleteAlarms",
"cloudwatch:Describe*",
"cloudwatch:DisableAlarmActions",
"cloudwatch:EnableAlarmActions",
"cloudwatch:Get*",
"cloudwatch:List*",
"cloudwatch:PutMetricAlarm",
"datapipeline:ActivatePipeline",
"datapipeline:CreatePipeline",
"datapipeline:DeletePipeline",
"datapipeline:DescribeObjects",
"datapipeline:DescribePipelines",
"datapipeline:GetPipelineDefinition",
"datapipeline:ListPipelines",
"datapipeline:PutPipelineDefinition",
"datapipeline:QueryObjects",
"dynamodb:*",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAddresses",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeInternetGateways",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"elasticache:*",
"iam:ListRoles",
"iam:GetRole",
"kms:ListKeys",
"lambda:CreateEventSourceMapping",
"lambda:CreateFunction",
"lambda:DeleteEventSourceMapping",
"lambda:DeleteFunction",
"lambda:GetFunctionConfiguration",
"lambda:ListEventSourceMappings",
"lambda:ListFunctions",
"logs:DescribeLogGroups",
"logs:DescribeLogStreams",
"logs:FilterLogEvents",
"logs:GetLogEvents",
"logs:Create*",
"logs:PutLogEvents",
"logs:PutMetricFilter",
"rds:*",
"redshift:*",
"s3:CreateBucket",
"sns:CreateTopic",
"sns:DeleteTopic",
"sns:Get*",
"sns:List*",
"sns:SetTopicAttributes",
"sns:Subscribe",
"sns:Unsubscribe"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:AbortMultipartUpload",
"s3:DeleteObject*",
"s3:Get*",
"s3:List*",
"s3:PutAccelerateConfiguration",
"s3:PutBucketTagging",
"s3:PutBucketVersioning",
"s3:PutBucketWebsite",
"s3:PutLifecycleConfiguration",
"s3:PutReplicationConfiguration",
"s3:PutObject*",
"s3:Replicate*",
"s3:RestoreObject"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"iam:PassRole"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/rds-monitoring-role",
"arn:aws:iam::*:role/rdbms-lambda-access",
"arn:aws:iam::*:role/lambda_exec_role",
"arn:aws:iam::*:role/lambda-dynamodb-*",
"arn:aws:iam::*:role/lambda-vpc-execution-role",
"arn:aws:iam::*:role/DataPipelineDefaultRole",
"arn:aws:iam::*:role/DataPipelineDefaultResourceRole"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/job-function/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIGBMAW4VUQKOQNVT6",
"PolicyName": "DatabaseAdministrator",
"UpdateDate": "2019-01-08T00:48:02+00:00",
"VersionId": "v2"
},
"DynamoDBReplicationServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/DynamoDBReplicationServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-11-09T23:55:34+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"dynamodb:GetItem",
"dynamodb:PutItem",
"dynamodb:UpdateItem",
"dynamodb:DeleteItem",
"dynamodb:DescribeTable",
"dynamodb:Scan",
"dynamodb:DescribeStream",
"dynamodb:GetRecords",
"dynamodb:GetShardIterator",
"dynamodb:DescribeTimeToLive",
"application-autoscaling:RegisterScalableTarget",
"application-autoscaling:DescribeScalableTargets",
"application-autoscaling:PutScalingPolicy",
"application-autoscaling:DescribeScalingPolicies"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:CreateServiceLinkedRole"
],
"Condition": {
"StringEquals": {
"iam:AWSServiceName": [
"dynamodb.application-autoscaling.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJCUNRXL4BWASNJED2",
"PolicyName": "DynamoDBReplicationServiceRolePolicy",
"UpdateDate": "2018-07-02T21:48:12+00:00",
"VersionId": "v3"
},
"ElastiCacheServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/ElastiCacheServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2017-12-07T17:50:04+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateNetworkInterface",
"ec2:CreateSecurityGroup",
"ec2:DeleteNetworkInterface",
"ec2:DeleteSecurityGroup",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:RevokeSecurityGroupIngress"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIML5LIBUZBVCSF7PI",
"PolicyName": "ElastiCacheServiceRolePolicy",
"UpdateDate": "2017-12-07T17:50:04+00:00",
"VersionId": "v1"
},
"ElasticLoadBalancingFullAccess": {
"Arn": "arn:aws:iam::aws:policy/ElasticLoadBalancingFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-09-20T20:42:07+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": "elasticloadbalancing:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:DescribeAccountAttributes",
"ec2:DescribeAddresses",
"ec2:DescribeInternetGateways",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:DescribeVpcClassicLink",
"ec2:DescribeInstances",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeClassicLinkInstances",
"ec2:DescribeRouteTables",
"cognito-idp:DescribeUserPoolClient"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringEquals": {
"iam:AWSServiceName": "elasticloadbalancing.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIDPMLA3IUIOQCISJ4",
"PolicyName": "ElasticLoadBalancingFullAccess",
"UpdateDate": "2019-03-25T21:33:12+00:00",
"VersionId": "v4"
},
"ElasticLoadBalancingReadOnly": {
"Arn": "arn:aws:iam::aws:policy/ElasticLoadBalancingReadOnly",
"AttachmentCount": 0,
"CreateDate": "2018-09-20T20:17:09+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "elasticloadbalancing:Describe*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:DescribeInstances",
"ec2:DescribeClassicLinkInstances",
"ec2:DescribeSecurityGroups"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJMO7B7SNFLQ6HH736",
"PolicyName": "ElasticLoadBalancingReadOnly",
"UpdateDate": "2018-09-20T20:17:09+00:00",
"VersionId": "v1"
},
"FMSServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/FMSServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-03-28T23:01:12+00:00",
"DefaultVersionId": "v7",
"Document": {
"Statement": [
{
"Action": [
"waf:UpdateWebACL",
"waf:DeleteWebACL",
"waf:GetWebACL",
"waf:GetRuleGroup",
"waf:ListSubscribedRuleGroups",
"waf-regional:UpdateWebACL",
"waf-regional:DeleteWebACL",
"waf-regional:GetWebACL",
"waf-regional:GetRuleGroup",
"waf-regional:ListSubscribedRuleGroups",
"waf-regional:ListResourcesForWebACL",
"waf-regional:AssociateWebACL",
"waf-regional:DisassociateWebACL",
"elasticloadbalancing:SetWebACL",
"apigateway:SetWebACL"
],
"Effect": "Allow",
"Resource": [
"arn:aws:waf:*:*:webacl/*",
"arn:aws:waf-regional:*:*:webacl/*",
"arn:aws:waf:*:*:rulegroup/*",
"arn:aws:waf-regional:*:*:rulegroup/*",
"arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*",
"arn:aws:apigateway:*::/restapis/*/stages/*"
]
},
{
"Action": [
"waf:CreateWebACL",
"waf-regional:CreateWebACL",
"waf:GetChangeToken",
"waf-regional:GetChangeToken"
],
"Effect": "Allow",
"Resource": [
"arn:aws:waf:*",
"arn:aws:waf-regional:*"
]
},
{
"Action": [
"waf:PutPermissionPolicy",
"waf:GetPermissionPolicy",
"waf:DeletePermissionPolicy",
"waf-regional:PutPermissionPolicy",
"waf-regional:GetPermissionPolicy",
"waf-regional:DeletePermissionPolicy"
],
"Effect": "Allow",
"Resource": [
"arn:aws:waf:*:*:webacl/*",
"arn:aws:waf:*:*:rulegroup/*",
"arn:aws:waf-regional:*:*:webacl/*",
"arn:aws:waf-regional:*:*:rulegroup/*"
]
},
{
"Action": [
"cloudfront:GetDistribution",
"cloudfront:UpdateDistribution",
"cloudfront:ListDistributionsByWebACLId"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"config:DeleteConfigRule",
"config:DescribeComplianceByConfigRule",
"config:DescribeConfigRuleEvaluationStatus",
"config:DescribeConfigRules",
"config:GetComplianceDetailsByConfigRule",
"config:PutConfigRule",
"config:StartConfigRulesEvaluation"
],
"Effect": "Allow",
"Resource": "arn:aws:config:*:*:config-rule/aws-service-rule/fms.amazonaws.com/*"
},
{
"Action": [
"config:DescribeConfigurationRecorders",
"config:DescribeConfigurationRecorderStatus",
"config:PutConfigurationRecorder",
"config:StartConfigurationRecorder",
"config:PutDeliveryChannel",
"config:DescribeDeliveryChannels",
"config:DescribeDeliveryChannelStatus",
"config:GetComplianceSummaryByConfigRule",
"config:GetDiscoveredResourceCounts"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"iam:DeleteServiceLinkedRole",
"iam:GetServiceLinkedRoleDeletionStatus"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/aws-service-role/fms.amazonaws.com/AWSServiceRoleForFMS"
]
},
{
"Action": [
"organizations:DescribeAccount",
"organizations:DescribeOrganization",
"organizations:ListAccounts"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"shield:CreateProtection",
"shield:DeleteProtection",
"shield:DescribeProtection",
"shield:ListProtections",
"shield:ListAttacks",
"shield:CreateSubscription",
"shield:DescribeSubscription",
"shield:GetSubscriptionState",
"shield:DescribeDRTAccess",
"shield:DescribeEmergencyContactSettings",
"shield:UpdateEmergencyContactSettings",
"elasticloadbalancing:DescribeLoadBalancers",
"ec2:DescribeAddresses"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI62NTGYJB446ACUEA",
"PolicyName": "FMSServiceRolePolicy",
"UpdateDate": "2019-03-08T18:02:51+00:00",
"VersionId": "v7"
},
"FSxDeleteServiceLinkedRoleAccess": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/FSxDeleteServiceLinkedRoleAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-28T10:40:24+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"iam:DeleteServiceLinkedRole",
"iam:GetServiceLinkedRoleDeletionStatus",
"iam:GetRole"
],
"Effect": "Allow",
"Resource": "arn:*:iam::*:role/aws-service-role/s3.data-source.lustre.fsx.amazonaws.com/AWSServiceRoleForFSxS3Access_*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ6IRP2YV2YPKWPPNQ",
"PolicyName": "FSxDeleteServiceLinkedRoleAccess",
"UpdateDate": "2018-11-28T10:40:24+00:00",
"VersionId": "v1"
},
"GlobalAcceleratorFullAccess": {
"Arn": "arn:aws:iam::aws:policy/GlobalAcceleratorFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-27T02:44:44+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"globalaccelerator:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ3NSRQKPB42BCNRT6",
"PolicyName": "GlobalAcceleratorFullAccess",
"UpdateDate": "2018-11-27T02:44:44+00:00",
"VersionId": "v1"
},
"GlobalAcceleratorReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/GlobalAcceleratorReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-27T02:41:00+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"globalaccelerator:Describe*",
"globalaccelerator:List*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJYXHGCVENJKQZRNGU",
"PolicyName": "GlobalAcceleratorReadOnlyAccess",
"UpdateDate": "2018-11-27T02:41:00+00:00",
"VersionId": "v1"
},
"GreengrassOTAUpdateArtifactAccess": {
"Arn": "arn:aws:iam::aws:policy/service-role/GreengrassOTAUpdateArtifactAccess",
"AttachmentCount": 0,
"CreateDate": "2017-11-29T18:11:47+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::*-greengrass-updates/*"
],
"Sid": "AllowsIotToAccessGreengrassOTAUpdateArtifacts"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIFGE66SKIK3GW5UC2",
"PolicyName": "GreengrassOTAUpdateArtifactAccess",
"UpdateDate": "2018-12-18T00:59:43+00:00",
"VersionId": "v2"
},
"IAMFullAccess": {
"Arn": "arn:aws:iam::aws:policy/IAMFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:38+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "iam:*",
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI7XKCFMBPM3QQRRVQ",
"PolicyName": "IAMFullAccess",
"UpdateDate": "2015-02-06T18:40:38+00:00",
"VersionId": "v1"
},
"IAMReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/IAMReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:40:39+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"iam:GenerateCredentialReport",
"iam:GenerateServiceLastAccessedDetails",
"iam:Get*",
"iam:List*",
"iam:SimulateCustomPolicy",
"iam:SimulatePrincipalPolicy"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJKSO7NDY4T57MWDSQ",
"PolicyName": "IAMReadOnlyAccess",
"UpdateDate": "2018-01-25T19:11:27+00:00",
"VersionId": "v4"
},
"IAMSelfManageServiceSpecificCredentials": {
"Arn": "arn:aws:iam::aws:policy/IAMSelfManageServiceSpecificCredentials",
"AttachmentCount": 0,
"CreateDate": "2016-12-22T17:25:18+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"iam:CreateServiceSpecificCredential",
"iam:ListServiceSpecificCredentials",
"iam:UpdateServiceSpecificCredential",
"iam:DeleteServiceSpecificCredential",
"iam:ResetServiceSpecificCredential"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:user/${aws:username}"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI4VT74EMXK2PMQJM2",
"PolicyName": "IAMSelfManageServiceSpecificCredentials",
"UpdateDate": "2016-12-22T17:25:18+00:00",
"VersionId": "v1"
},
"IAMUserChangePassword": {
"Arn": "arn:aws:iam::aws:policy/IAMUserChangePassword",
"AttachmentCount": 1,
"CreateDate": "2016-11-15T00:25:16+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"iam:ChangePassword"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:user/${aws:username}"
]
},
{
"Action": [
"iam:GetAccountPasswordPolicy"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ4L4MM2A7QIEB56MS",
"PolicyName": "IAMUserChangePassword",
"UpdateDate": "2016-11-15T23:18:55+00:00",
"VersionId": "v2"
},
"IAMUserSSHKeys": {
"Arn": "arn:aws:iam::aws:policy/IAMUserSSHKeys",
"AttachmentCount": 0,
"CreateDate": "2015-07-09T17:08:54+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"iam:DeleteSSHPublicKey",
"iam:GetSSHPublicKey",
"iam:ListSSHPublicKeys",
"iam:UpdateSSHPublicKey",
"iam:UploadSSHPublicKey"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:user/${aws:username}"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJTSHUA4UXGXU7ANUA",
"PolicyName": "IAMUserSSHKeys",
"UpdateDate": "2015-07-09T17:08:54+00:00",
"VersionId": "v1"
},
"KafkaServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/KafkaServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-11-15T23:31:48+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"ec2:CreateNetworkInterface",
"ec2:DescribeNetworkInterfaces",
"ec2:CreateNetworkInterfacePermission",
"ec2:AttachNetworkInterface",
"ec2:DeleteNetworkInterface",
"ec2:DetachNetworkInterface",
"acm-pca:GetCertificateAuthorityCertificate"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJUXPRZ76MAP2EVQJU",
"PolicyName": "KafkaServiceRolePolicy",
"UpdateDate": "2019-05-23T19:58:58+00:00",
"VersionId": "v2"
},
"LexBotPolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/LexBotPolicy",
"AttachmentCount": 0,
"CreateDate": "2017-02-17T22:18:13+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"polly:SynthesizeSpeech"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJJ3NZRBBQKSESXXJC",
"PolicyName": "LexBotPolicy",
"UpdateDate": "2017-02-17T22:18:13+00:00",
"VersionId": "v1"
},
"LexChannelPolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/LexChannelPolicy",
"AttachmentCount": 0,
"CreateDate": "2017-02-17T23:23:24+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"lex:PostText"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJKYEISPO63JTBJWPY",
"PolicyName": "LexChannelPolicy",
"UpdateDate": "2017-02-17T23:23:24+00:00",
"VersionId": "v1"
},
"LightsailExportAccess": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/LightsailExportAccess",
"AttachmentCount": 0,
"CreateDate": "2018-09-28T16:35:54+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"iam:DeleteServiceLinkedRole",
"iam:GetServiceLinkedRoleDeletionStatus"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/lightsail.amazonaws.com/AWSServiceRoleForLightsail*"
},
{
"Action": [
"ec2:CopySnapshot",
"ec2:DescribeSnapshots",
"ec2:CopyImage",
"ec2:DescribeImages"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ4LZGPQLZWMVR4WMQ",
"PolicyName": "LightsailExportAccess",
"UpdateDate": "2018-09-28T16:35:54+00:00",
"VersionId": "v1"
},
"NeptuneConsoleFullAccess": {
"Arn": "arn:aws:iam::aws:policy/NeptuneConsoleFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-06-19T21:35:19+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"rds:CreateDBCluster",
"rds:CreateDBInstance"
],
"Condition": {
"StringEquals": {
"rds:DatabaseEngine": "graphdb"
}
},
"Effect": "Allow",
"Resource": [
"arn:aws:rds:*"
]
},
{
"Action": [
"rds:AddRoleToDBCluster",
"rds:AddSourceIdentifierToSubscription",
"rds:AddTagsToResource",
"rds:ApplyPendingMaintenanceAction",
"rds:CopyDBClusterParameterGroup",
"rds:CopyDBClusterSnapshot",
"rds:CopyDBParameterGroup",
"rds:CreateDBClusterParameterGroup",
"rds:CreateDBClusterSnapshot",
"rds:CreateDBParameterGroup",
"rds:CreateDBSubnetGroup",
"rds:CreateEventSubscription",
"rds:DeleteDBCluster",
"rds:DeleteDBClusterParameterGroup",
"rds:DeleteDBClusterSnapshot",
"rds:DeleteDBInstance",
"rds:DeleteDBParameterGroup",
"rds:DeleteDBSubnetGroup",
"rds:DeleteEventSubscription",
"rds:DescribeAccountAttributes",
"rds:DescribeCertificates",
"rds:DescribeDBClusterParameterGroups",
"rds:DescribeDBClusterParameters",
"rds:DescribeDBClusterSnapshotAttributes",
"rds:DescribeDBClusterSnapshots",
"rds:DescribeDBClusters",
"rds:DescribeDBEngineVersions",
"rds:DescribeDBInstances",
"rds:DescribeDBLogFiles",
"rds:DescribeDBParameterGroups",
"rds:DescribeDBParameters",
"rds:DescribeDBSecurityGroups",
"rds:DescribeDBSubnetGroups",
"rds:DescribeEngineDefaultClusterParameters",
"rds:DescribeEngineDefaultParameters",
"rds:DescribeEventCategories",
"rds:DescribeEventSubscriptions",
"rds:DescribeEvents",
"rds:DescribeOptionGroups",
"rds:DescribeOrderableDBInstanceOptions",
"rds:DescribePendingMaintenanceActions",
"rds:DescribeValidDBInstanceModifications",
"rds:DownloadDBLogFilePortion",
"rds:FailoverDBCluster",
"rds:ListTagsForResource",
"rds:ModifyDBCluster",
"rds:ModifyDBClusterParameterGroup",
"rds:ModifyDBClusterSnapshotAttribute",
"rds:ModifyDBInstance",
"rds:ModifyDBParameterGroup",
"rds:ModifyDBSubnetGroup",
"rds:ModifyEventSubscription",
"rds:PromoteReadReplicaDBCluster",
"rds:RebootDBInstance",
"rds:RemoveRoleFromDBCluster",
"rds:RemoveSourceIdentifierFromSubscription",
"rds:RemoveTagsFromResource",
"rds:ResetDBClusterParameterGroup",
"rds:ResetDBParameterGroup",
"rds:RestoreDBClusterFromSnapshot",
"rds:RestoreDBClusterToPointInTime"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"cloudwatch:GetMetricStatistics",
"cloudwatch:ListMetrics",
"ec2:AllocateAddress",
"ec2:AssignIpv6Addresses",
"ec2:AssignPrivateIpAddresses",
"ec2:AssociateAddress",
"ec2:AssociateRouteTable",
"ec2:AssociateSubnetCidrBlock",
"ec2:AssociateVpcCidrBlock",
"ec2:AttachInternetGateway",
"ec2:AttachNetworkInterface",
"ec2:CreateCustomerGateway",
"ec2:CreateDefaultSubnet",
"ec2:CreateDefaultVpc",
"ec2:CreateInternetGateway",
"ec2:CreateNatGateway",
"ec2:CreateNetworkInterface",
"ec2:CreateRoute",
"ec2:CreateRouteTable",
"ec2:CreateSecurityGroup",
"ec2:CreateSubnet",
"ec2:CreateVpc",
"ec2:CreateVpcEndpoint",
"ec2:CreateVpcEndpoint",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAddresses",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeCustomerGateways",
"ec2:DescribeInstances",
"ec2:DescribeNatGateways",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribePrefixLists",
"ec2:DescribeRouteTables",
"ec2:DescribeSecurityGroupReferences",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeSubnets",
"ec2:DescribeVpcAttribute",
"ec2:DescribeVpcAttribute",
"ec2:DescribeVpcEndpoints",
"ec2:DescribeVpcs",
"ec2:DescribeVpcs",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:ModifySubnetAttribute",
"ec2:ModifyVpcAttribute",
"ec2:ModifyVpcEndpoint",
"iam:ListRoles",
"iam:PassRole",
"kms:ListAliases",
"kms:ListKeyPolicies",
"kms:ListKeys",
"kms:ListRetirableGrants",
"logs:DescribeLogStreams",
"logs:GetLogEvents",
"sns:ListSubscriptions",
"sns:ListTopics",
"sns:Publish"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": "rds.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/rds.amazonaws.com/AWSServiceRoleForRDS"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJWTD4ELX2KRNICUVQ",
"PolicyName": "NeptuneConsoleFullAccess",
"UpdateDate": "2018-11-06T21:19:54+00:00",
"VersionId": "v2"
},
"NeptuneFullAccess": {
"Arn": "arn:aws:iam::aws:policy/NeptuneFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-05-30T19:17:31+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"rds:CreateDBCluster",
"rds:CreateDBInstance"
],
"Condition": {
"StringEquals": {
"rds:DatabaseEngine": "graphdb"
}
},
"Effect": "Allow",
"Resource": [
"arn:aws:rds:*"
]
},
{
"Action": [
"rds:AddRoleToDBCluster",
"rds:AddSourceIdentifierToSubscription",
"rds:AddTagsToResource",
"rds:ApplyPendingMaintenanceAction",
"rds:CopyDBClusterParameterGroup",
"rds:CopyDBClusterSnapshot",
"rds:CopyDBParameterGroup",
"rds:CreateDBClusterParameterGroup",
"rds:CreateDBClusterSnapshot",
"rds:CreateDBParameterGroup",
"rds:CreateDBSubnetGroup",
"rds:CreateEventSubscription",
"rds:DeleteDBCluster",
"rds:DeleteDBClusterParameterGroup",
"rds:DeleteDBClusterSnapshot",
"rds:DeleteDBInstance",
"rds:DeleteDBParameterGroup",
"rds:DeleteDBSubnetGroup",
"rds:DeleteEventSubscription",
"rds:DescribeAccountAttributes",
"rds:DescribeCertificates",
"rds:DescribeDBClusterParameterGroups",
"rds:DescribeDBClusterParameters",
"rds:DescribeDBClusterSnapshotAttributes",
"rds:DescribeDBClusterSnapshots",
"rds:DescribeDBClusters",
"rds:DescribeDBEngineVersions",
"rds:DescribeDBInstances",
"rds:DescribeDBLogFiles",
"rds:DescribeDBParameterGroups",
"rds:DescribeDBParameters",
"rds:DescribeDBSecurityGroups",
"rds:DescribeDBSubnetGroups",
"rds:DescribeEngineDefaultClusterParameters",
"rds:DescribeEngineDefaultParameters",
"rds:DescribeEventCategories",
"rds:DescribeEventSubscriptions",
"rds:DescribeEvents",
"rds:DescribeOptionGroups",
"rds:DescribeOrderableDBInstanceOptions",
"rds:DescribePendingMaintenanceActions",
"rds:DescribeValidDBInstanceModifications",
"rds:DownloadDBLogFilePortion",
"rds:FailoverDBCluster",
"rds:ListTagsForResource",
"rds:ModifyDBCluster",
"rds:ModifyDBClusterParameterGroup",
"rds:ModifyDBClusterSnapshotAttribute",
"rds:ModifyDBInstance",
"rds:ModifyDBParameterGroup",
"rds:ModifyDBSubnetGroup",
"rds:ModifyEventSubscription",
"rds:PromoteReadReplicaDBCluster",
"rds:RebootDBInstance",
"rds:RemoveRoleFromDBCluster",
"rds:RemoveSourceIdentifierFromSubscription",
"rds:RemoveTagsFromResource",
"rds:ResetDBClusterParameterGroup",
"rds:ResetDBParameterGroup",
"rds:RestoreDBClusterFromSnapshot",
"rds:RestoreDBClusterToPointInTime"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"cloudwatch:GetMetricStatistics",
"cloudwatch:ListMetrics",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcAttribute",
"ec2:DescribeVpcs",
"iam:PassRole",
"kms:ListAliases",
"kms:ListKeyPolicies",
"kms:ListKeys",
"kms:ListRetirableGrants",
"logs:DescribeLogStreams",
"logs:GetLogEvents",
"sns:ListSubscriptions",
"sns:ListTopics",
"sns:Publish"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": "iam:CreateServiceLinkedRole",
"Condition": {
"StringLike": {
"iam:AWSServiceName": "rds.amazonaws.com"
}
},
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/aws-service-role/rds.amazonaws.com/AWSServiceRoleForRDS"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIXSDEYRCNJRC6ITFK",
"PolicyName": "NeptuneFullAccess",
"UpdateDate": "2018-11-06T21:21:19+00:00",
"VersionId": "v3"
},
"NeptuneReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/NeptuneReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2018-05-30T19:16:37+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"rds:DescribeAccountAttributes",
"rds:DescribeCertificates",
"rds:DescribeDBClusterParameterGroups",
"rds:DescribeDBClusterParameters",
"rds:DescribeDBClusterSnapshotAttributes",
"rds:DescribeDBClusterSnapshots",
"rds:DescribeDBClusters",
"rds:DescribeDBEngineVersions",
"rds:DescribeDBInstances",
"rds:DescribeDBLogFiles",
"rds:DescribeDBParameterGroups",
"rds:DescribeDBParameters",
"rds:DescribeDBSubnetGroups",
"rds:DescribeEventCategories",
"rds:DescribeEventSubscriptions",
"rds:DescribeEvents",
"rds:DescribeOrderableDBInstanceOptions",
"rds:DescribePendingMaintenanceActions",
"rds:DownloadDBLogFilePortion",
"rds:ListTagsForResource"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"cloudwatch:GetMetricStatistics",
"cloudwatch:ListMetrics"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:DescribeAccountAttributes",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeInternetGateways",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcAttribute",
"ec2:DescribeVpcs"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"kms:ListKeys",
"kms:ListRetirableGrants",
"kms:ListAliases",
"kms:ListKeyPolicies"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"logs:DescribeLogStreams",
"logs:GetLogEvents"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:*:*:log-group:/aws/rds/*:log-stream:*",
"arn:aws:logs:*:*:log-group:/aws/neptune/*:log-stream:*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJS5OQ5RXULC66WTGQ",
"PolicyName": "NeptuneReadOnlyAccess",
"UpdateDate": "2018-05-30T19:16:37+00:00",
"VersionId": "v1"
},
"NetworkAdministrator": {
"Arn": "arn:aws:iam::aws:policy/job-function/NetworkAdministrator",
"AttachmentCount": 0,
"CreateDate": "2016-11-10T17:31:35+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"autoscaling:Describe*",
"ec2:AcceptVpcEndpointConnections",
"ec2:AllocateAddress",
"ec2:AssignIpv6Addresses",
"ec2:AssignPrivateIpAddresses",
"ec2:AssociateAddress",
"ec2:AssociateDhcpOptions",
"ec2:AssociateRouteTable",
"ec2:AssociateSubnetCidrBlock",
"ec2:AssociateVpcCidrBlock",
"ec2:AttachInternetGateway",
"ec2:AttachNetworkInterface",
"ec2:AttachVpnGateway",
"ec2:CreateCustomerGateway",
"ec2:CreateDefaultSubnet",
"ec2:CreateDefaultVpc",
"ec2:CreateDhcpOptions",
"ec2:CreateEgressOnlyInternetGateway",
"ec2:CreateFlowLogs",
"ec2:CreateInternetGateway",
"ec2:CreateNatGateway",
"ec2:CreateNetworkAcl",
"ec2:CreateNetworkAclEntry",
"ec2:CreateNetworkInterface",
"ec2:CreateNetworkInterfacePermission",
"ec2:CreatePlacementGroup",
"ec2:CreateRoute",
"ec2:CreateRouteTable",
"ec2:CreateSecurityGroup",
"ec2:CreateSubnet",
"ec2:CreateTags",
"ec2:CreateVpc",
"ec2:CreateVpcEndpoint",
"ec2:CreateVpcEndpointConnectionNotification",
"ec2:CreateVpcEndpointServiceConfiguration",
"ec2:CreateVpnConnection",
"ec2:CreateVpnConnectionRoute",
"ec2:CreateVpnGateway",
"ec2:DeleteEgressOnlyInternetGateway",
"ec2:DeleteFlowLogs",
"ec2:DeleteNatGateway",
"ec2:DeleteNetworkInterface",
"ec2:DeleteNetworkInterfacePermission",
"ec2:DeletePlacementGroup",
"ec2:DeleteSubnet",
"ec2:DeleteTags",
"ec2:DeleteVpc",
"ec2:DeleteVpcEndpointConnectionNotifications",
"ec2:DeleteVpcEndpoints",
"ec2:DeleteVpcEndpointServiceConfigurations",
"ec2:DeleteVpnConnection",
"ec2:DeleteVpnConnectionRoute",
"ec2:DeleteVpnGateway",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAddresses",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeClassicLinkInstances",
"ec2:DescribeCustomerGateways",
"ec2:DescribeDhcpOptions",
"ec2:DescribeEgressOnlyInternetGateways",
"ec2:DescribeFlowLogs",
"ec2:DescribeInstances",
"ec2:DescribeInternetGateways",
"ec2:DescribeKeyPairs",
"ec2:DescribeMovingAddresses",
"ec2:DescribeNatGateways",
"ec2:DescribeNetworkAcls",
"ec2:DescribeNetworkInterfaceAttribute",
"ec2:DescribeNetworkInterfacePermissions",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribePlacementGroups",
"ec2:DescribePrefixLists",
"ec2:DescribeRouteTables",
"ec2:DescribeSecurityGroupReferences",
"ec2:DescribeSecurityGroups",
"ec2:DescribeStaleSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeTags",
"ec2:DescribeVpcAttribute",
"ec2:DescribeVpcClassicLink",
"ec2:DescribeVpcClassicLinkDnsSupport",
"ec2:DescribeVpcEndpointConnectionNotifications",
"ec2:DescribeVpcEndpointConnections",
"ec2:DescribeVpcEndpoints",
"ec2:DescribeVpcEndpointServiceConfigurations",
"ec2:DescribeVpcEndpointServicePermissions",
"ec2:DescribeVpcEndpointServices",
"ec2:DescribeVpcPeeringConnections",
"ec2:DescribeVpcs",
"ec2:DescribeVpnConnections",
"ec2:DescribeVpnGateways",
"ec2:DetachInternetGateway",
"ec2:DetachNetworkInterface",
"ec2:DetachVpnGateway",
"ec2:DisableVgwRoutePropagation",
"ec2:DisableVpcClassicLinkDnsSupport",
"ec2:DisassociateAddress",
"ec2:DisassociateRouteTable",
"ec2:DisassociateSubnetCidrBlock",
"ec2:DisassociateVpcCidrBlock",
"ec2:EnableVgwRoutePropagation",
"ec2:EnableVpcClassicLinkDnsSupport",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:ModifySubnetAttribute",
"ec2:ModifyVpcAttribute",
"ec2:ModifyVpcEndpoint",
"ec2:ModifyVpcEndpointConnectionNotification",
"ec2:ModifyVpcEndpointServiceConfiguration",
"ec2:ModifyVpcEndpointServicePermissions",
"ec2:ModifyVpcPeeringConnectionOptions",
"ec2:ModifyVpcTenancy",
"ec2:MoveAddressToVpc",
"ec2:RejectVpcEndpointConnections",
"ec2:ReleaseAddress",
"ec2:ReplaceNetworkAclAssociation",
"ec2:ReplaceNetworkAclEntry",
"ec2:ReplaceRoute",
"ec2:ReplaceRouteTableAssociation",
"ec2:ResetNetworkInterfaceAttribute",
"ec2:RestoreAddressToClassic",
"ec2:UnassignIpv6Addresses",
"ec2:UnassignPrivateIpAddresses",
"ec2:UpdateSecurityGroupRuleDescriptionsEgress",
"ec2:UpdateSecurityGroupRuleDescriptionsIngress",
"directconnect:*",
"route53:*",
"route53domains:*",
"cloudfront:ListDistributions",
"elasticloadbalancing:*",
"elasticbeanstalk:Describe*",
"elasticbeanstalk:List*",
"elasticbeanstalk:RetrieveEnvironmentInfo",
"elasticbeanstalk:RequestEnvironmentInfo",
"sns:ListTopics",
"sns:ListSubscriptionsByTopic",
"sns:CreateTopic",
"cloudwatch:DescribeAlarms",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DeleteAlarms",
"cloudwatch:GetMetricStatistics",
"logs:DescribeLogGroups",
"logs:DescribeLogStreams",
"logs:GetLogEvents"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:AcceptVpcPeeringConnection",
"ec2:AttachClassicLinkVpc",
"ec2:AuthorizeSecurityGroupEgress",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateVpcPeeringConnection",
"ec2:DeleteCustomerGateway",
"ec2:DeleteDhcpOptions",
"ec2:DeleteInternetGateway",
"ec2:DeleteNetworkAcl",
"ec2:DeleteNetworkAclEntry",
"ec2:DeleteRoute",
"ec2:DeleteRouteTable",
"ec2:DeleteSecurityGroup",
"ec2:DeleteVolume",
"ec2:DeleteVpcPeeringConnection",
"ec2:DetachClassicLinkVpc",
"ec2:DisableVpcClassicLink",
"ec2:EnableVpcClassicLink",
"ec2:GetConsoleScreenshot",
"ec2:RejectVpcPeeringConnection",
"ec2:RevokeSecurityGroupEgress",
"ec2:RevokeSecurityGroupIngress"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:GetBucketWebsiteConfiguration"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"iam:GetRole",
"iam:ListRoles",
"iam:PassRole"
],
"Effect": "Allow",
"Resource": "arn:aws:iam::*:role/flow-logs-*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/job-function/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJPNMADZFJCVPJVZA2",
"PolicyName": "NetworkAdministrator",
"UpdateDate": "2018-12-13T19:43:41+00:00",
"VersionId": "v3"
},
"PowerUserAccess": {
"Arn": "arn:aws:iam::aws:policy/PowerUserAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:39:47+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Effect": "Allow",
"NotAction": [
"iam:*",
"organizations:*",
"account:*"
],
"Resource": "*"
},
{
"Action": [
"iam:CreateServiceLinkedRole",
"iam:DeleteServiceLinkedRole",
"iam:ListRoles",
"organizations:DescribeOrganization",
"account:ListRegions"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJYRXTHIB4FOVS3ZXS",
"PolicyName": "PowerUserAccess",
"UpdateDate": "2019-03-20T22:19:03+00:00",
"VersionId": "v4"
},
"QuickSightAccessForS3StorageManagementAnalyticsReadOnly": {
"Arn": "arn:aws:iam::aws:policy/service-role/QuickSightAccessForS3StorageManagementAnalyticsReadOnly",
"AttachmentCount": 0,
"CreateDate": "2017-06-12T18:18:38+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"s3:GetObject",
"s3:GetObjectMetadata"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::s3-analytics-export-shared-*"
]
},
{
"Action": [
"s3:GetAnalyticsConfiguration",
"s3:ListAllMyBuckets",
"s3:GetBucketLocation"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIFWG3L3WDMR4I7ZJW",
"PolicyName": "QuickSightAccessForS3StorageManagementAnalyticsReadOnly",
"UpdateDate": "2017-07-21T00:02:14+00:00",
"VersionId": "v3"
},
"RDSCloudHsmAuthorizationRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/RDSCloudHsmAuthorizationRole",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:29+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"cloudhsm:CreateLunaClient",
"cloudhsm:GetClientConfiguration",
"cloudhsm:DeleteLunaClient",
"cloudhsm:DescribeLunaClient",
"cloudhsm:ModifyLunaClient",
"cloudhsm:DescribeHapg",
"cloudhsm:ModifyHapg",
"cloudhsm:GetConfig"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIWKFXRLQG2ROKKXLE",
"PolicyName": "RDSCloudHsmAuthorizationRole",
"UpdateDate": "2015-02-06T18:41:29+00:00",
"VersionId": "v1"
},
"ReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/ReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:39:48+00:00",
"DefaultVersionId": "v50",
"Document": {
"Statement": [
{
"Action": [
"a4b:Get*",
"a4b:List*",
"a4b:Describe*",
"a4b:Search*",
"acm:Describe*",
"acm:Get*",
"acm:List*",
"acm-pca:Describe*",
"acm-pca:Get*",
"acm-pca:List*",
"amplify:GetApp",
"amplify:GetBranch",
"amplify:GetJob",
"amplify:GetDomainAssociation",
"amplify:ListApps",
"amplify:ListBranches",
"amplify:ListDomainAssociations",
"amplify:ListJobs",
"apigateway:GET",
"application-autoscaling:Describe*",
"appmesh:Describe*",
"appmesh:List*",
"appstream:Describe*",
"appstream:Get*",
"appstream:List*",
"appsync:Get*",
"appsync:List*",
"autoscaling:Describe*",
"autoscaling-plans:Describe*",
"autoscaling-plans:GetScalingPlanResourceForecastData",
"athena:List*",
"athena:Batch*",
"athena:Get*",
"batch:List*",
"batch:Describe*",
"cloud9:Describe*",
"cloud9:List*",
"clouddirectory:List*",
"clouddirectory:BatchRead",
"clouddirectory:Get*",
"clouddirectory:LookupPolicy",
"cloudformation:Describe*",
"cloudformation:Detect*",
"cloudformation:Get*",
"cloudformation:List*",
"cloudformation:Estimate*",
"cloudformation:Preview*",
"cloudfront:Get*",
"cloudfront:List*",
"cloudhsm:List*",
"cloudhsm:Describe*",
"cloudhsm:Get*",
"cloudsearch:Describe*",
"cloudsearch:List*",
"cloudtrail:Describe*",
"cloudtrail:Get*",
"cloudtrail:List*",
"cloudtrail:LookupEvents",
"cloudwatch:Describe*",
"cloudwatch:Get*",
"cloudwatch:List*",
"codebuild:BatchGet*",
"codebuild:List*",
"codecommit:BatchGet*",
"codecommit:Describe*",
"codecommit:Get*",
"codecommit:GitPull",
"codecommit:List*",
"codedeploy:BatchGet*",
"codedeploy:Get*",
"codedeploy:List*",
"codepipeline:List*",
"codepipeline:Get*",
"codestar:List*",
"codestar:Describe*",
"codestar:Get*",
"codestar:Verify*",
"cognito-identity:Describe*",
"cognito-identity:Get*",
"cognito-identity:List*",
"cognito-identity:Lookup*",
"cognito-sync:List*",
"cognito-sync:Describe*",
"cognito-sync:Get*",
"cognito-sync:QueryRecords",
"cognito-idp:AdminGet*",
"cognito-idp:AdminList*",
"cognito-idp:List*",
"cognito-idp:Describe*",
"cognito-idp:Get*",
"config:Deliver*",
"config:Describe*",
"config:Get*",
"config:List*",
"connect:List*",
"connect:Describe*",
"connect:GetFederationToken",
"datasync:Describe*",
"datasync:List*",
"datapipeline:Describe*",
"datapipeline:EvaluateExpression",
"datapipeline:Get*",
"datapipeline:List*",
"datapipeline:QueryObjects",
"datapipeline:Validate*",
"dax:BatchGetItem",
"dax:Describe*",
"dax:GetItem",
"dax:ListTags",
"dax:Query",
"dax:Scan",
"directconnect:Describe*",
"devicefarm:List*",
"devicefarm:Get*",
"discovery:Describe*",
"discovery:List*",
"discovery:Get*",
"dlm:Get*",
"dms:Describe*",
"dms:List*",
"dms:Test*",
"ds:Check*",
"ds:Describe*",
"ds:Get*",
"ds:List*",
"ds:Verify*",
"dynamodb:BatchGet*",
"dynamodb:Describe*",
"dynamodb:Get*",
"dynamodb:List*",
"dynamodb:Query",
"dynamodb:Scan",
"ec2:Describe*",
"ec2:Get*",
"ec2:SearchTransitGatewayRoutes",
"ec2messages:Get*",
"ecr:BatchCheck*",
"ecr:BatchGet*",
"ecr:Describe*",
"ecr:Get*",
"ecr:List*",
"ecs:Describe*",
"ecs:List*",
"eks:DescribeCluster",
"eks:DescribeUpdates",
"eks:ListClusters",
"eks:ListUpdates",
"elasticache:Describe*",
"elasticache:List*",
"elasticbeanstalk:Check*",
"elasticbeanstalk:Describe*",
"elasticbeanstalk:List*",
"elasticbeanstalk:Request*",
"elasticbeanstalk:Retrieve*",
"elasticbeanstalk:Validate*",
"elasticfilesystem:Describe*",
"elasticloadbalancing:Describe*",
"elasticmapreduce:Describe*",
"elasticmapreduce:List*",
"elasticmapreduce:View*",
"elastictranscoder:List*",
"elastictranscoder:Read*",
"es:Describe*",
"es:List*",
"es:Get*",
"es:ESHttpGet",
"es:ESHttpHead",
"events:Describe*",
"events:List*",
"events:Test*",
"firehose:Describe*",
"firehose:List*",
"fsx:Describe*",
"fsx:List*",
"gamelift:List*",
"gamelift:Get*",
"gamelift:Describe*",
"gamelift:RequestUploadCredentials",
"gamelift:ResolveAlias",
"gamelift:Search*",
"glacier:List*",
"glacier:Describe*",
"glacier:Get*",
"globalaccelerator:Describe*",
"globalaccelerator:List*",
"glue:BatchGetPartition",
"glue:GetCatalogImportStatus",
"glue:GetClassifier",
"glue:GetClassifiers",
"glue:GetCrawler",
"glue:GetCrawlers",
"glue:GetCrawlerMetrics",
"glue:GetDatabase",
"glue:GetDatabases",
"glue:GetDataCatalogEncryptionSettings",
"glue:GetDataflowGraph",
"glue:GetDevEndpoint",
"glue:GetDevEndpoints",
"glue:GetJob",
"glue:GetJobs",
"glue:GetJobRun",
"glue:GetJobRuns",
"glue:GetMapping",
"glue:GetPartition",
"glue:GetPartitions",
"glue:GetPlan",
"glue:GetResourcePolicy",
"glue:GetSecurityConfiguration",
"glue:GetSecurityConfigurations",
"glue:GetTable",
"glue:GetTables",
"glue:GetTableVersion",
"glue:GetTableVersions",
"glue:GetTags",
"glue:GetTrigger",
"glue:GetTriggers",
"glue:GetUserDefinedFunction",
"glue:GetUserDefinedFunctions",
"greengrass:Get*",
"greengrass:List*",
"guardduty:Get*",
"guardduty:List*",
"health:Describe*",
"health:Get*",
"health:List*",
"iam:Generate*",
"iam:Get*",
"iam:List*",
"iam:Simulate*",
"importexport:Get*",
"importexport:List*",
"inspector:Describe*",
"inspector:Get*",
"inspector:List*",
"inspector:Preview*",
"inspector:LocalizeText",
"iot:Describe*",
"iot:Get*",
"iot:List*",
"iotanalytics:Describe*",
"iotanalytics:List*",
"iotanalytics:Get*",
"iotanalytics:SampleChannelData",
"kafka:Describe*",
"kafka:List*",
"kafka:Get*",
"kinesisanalytics:Describe*",
"kinesisanalytics:Discover*",
"kinesisanalytics:Get*",
"kinesisanalytics:List*",
"kinesisvideo:Describe*",
"kinesisvideo:Get*",
"kinesisvideo:List*",
"kinesis:Describe*",
"kinesis:Get*",
"kinesis:List*",
"kms:Describe*",
"kms:Get*",
"kms:List*",
"lambda:List*",
"lambda:Get*",
"lex:Get*",
"lightsail:GetActiveNames",
"lightsail:GetBlueprints",
"lightsail:GetBundles",
"lightsail:GetCloudFormationStackRecords",
"lightsail:GetDisk",
"lightsail:GetDisks",
"lightsail:GetDiskSnapshot",
"lightsail:GetDiskSnapshots",
"lightsail:GetDomain",
"lightsail:GetDomains",
"lightsail:GetExportSnapshotRecords",
"lightsail:GetInstance",
"lightsail:GetInstanceMetricData",
"lightsail:GetInstancePortStates",
"lightsail:GetInstances",
"lightsail:GetInstanceSnapshot",
"lightsail:GetInstanceSnapshots",
"lightsail:GetInstanceState",
"lightsail:GetKeyPair",
"lightsail:GetKeyPairs",
"lightsail:GetLoadBalancer",
"lightsail:GetLoadBalancerMetricData",
"lightsail:GetLoadBalancers",
"lightsail:GetLoadBalancerTlsCertificates",
"lightsail:GetOperation",
"lightsail:GetOperations",
"lightsail:GetOperationsForResource",
"lightsail:GetRegions",
"lightsail:GetRelationalDatabase",
"lightsail:GetRelationalDatabaseBlueprints",
"lightsail:GetRelationalDatabaseBundles",
"lightsail:GetRelationalDatabaseEvents",
"lightsail:GetRelationalDatabaseLogEvents",
"lightsail:GetRelationalDatabaseLogStreams",
"lightsail:GetRelationalDatabaseMetricData",
"lightsail:GetRelationalDatabaseParameters",
"lightsail:GetRelationalDatabases",
"lightsail:GetRelationalDatabaseSnapshot",
"lightsail:GetRelationalDatabaseSnapshots",
"lightsail:GetResources",
"lightsail:GetStaticIp",
"lightsail:GetStaticIps",
"lightsail:GetTagKeys",
"lightsail:GetTagValues",
"lightsail:Is*",
"lightsail:List*",
"logs:Describe*",
"logs:Get*",
"logs:FilterLogEvents",
"logs:ListTagsLogGroup",
"logs:StartQuery",
"logs:TestMetricFilter",
"machinelearning:Describe*",
"machinelearning:Get*",
"mgh:Describe*",
"mgh:List*",
"mobileanalytics:Get*",
"mobilehub:Describe*",
"mobilehub:Export*",
"mobilehub:Generate*",
"mobilehub:Get*",
"mobilehub:List*",
"mobilehub:Validate*",
"mobilehub:Verify*",
"mobiletargeting:Get*",
"mq:Describe*",
"mq:List*",
"opsworks:Describe*",
"opsworks:Get*",
"opsworks-cm:Describe*",
"organizations:Describe*",
"organizations:List*",
"pi:DescribeDimensionKeys",
"pi:GetResourceMetrics",
"polly:Describe*",
"polly:Get*",
"polly:List*",
"polly:SynthesizeSpeech",
"rekognition:CompareFaces",
"rekognition:Detect*",
"rekognition:List*",
"rekognition:Search*",
"rds:Describe*",
"rds:List*",
"rds:Download*",
"redshift:Describe*",
"redshift:GetReservedNodeExchangeOfferings",
"redshift:View*",
"resource-groups:Describe*",
"resource-groups:Get*",
"resource-groups:List*",
"resource-groups:Search*",
"robomaker:BatchDescribe*",
"robomaker:Describe*",
"robomaker:List*",
"route53:Get*",
"route53:List*",
"route53:Test*",
"route53domains:Check*",
"route53domains:Get*",
"route53domains:List*",
"route53domains:View*",
"s3:Get*",
"s3:List*",
"s3:Head*",
"sagemaker:Describe*",
"sagemaker:List*",
"sdb:Get*",
"sdb:List*",
"sdb:Select*",
"secretsmanager:List*",
"secretsmanager:Describe*",
"secretsmanager:GetResourcePolicy",
"securityhub:Get*",
"securityhub:List*",
"serverlessrepo:List*",
"serverlessrepo:Get*",
"serverlessrepo:SearchApplications",
"servicecatalog:List*",
"servicecatalog:Scan*",
"servicecatalog:Search*",
"servicecatalog:Describe*",
"servicediscovery:Get*",
"servicediscovery:List*",
"ses:Get*",
"ses:List*",
"ses:Describe*",
"shield:Describe*",
"shield:Get*",
"shield:List*",
"snowball:Get*",
"snowball:Describe*",
"snowball:List*",
"sns:Get*",
"sns:List*",
"sns:Check*",
"sqs:Get*",
"sqs:List*",
"sqs:Receive*",
"ssm:Describe*",
"ssm:Get*",
"ssm:List*",
"states:List*",
"states:Describe*",
"states:GetExecutionHistory",
"storagegateway:Describe*",
"storagegateway:List*",
"sts:Get*",
"swf:Count*",
"swf:Describe*",
"swf:Get*",
"swf:List*",
"tag:Get*",
"transfer:Describe*",
"transfer:List*",
"transfer:TestIdentityProvider",
"transcribe:Get*",
"transcribe:List*",
"trustedadvisor:Describe*",
"waf:Get*",
"waf:List*",
"waf-regional:List*",
"waf-regional:Get*",
"workdocs:Describe*",
"workdocs:Get*",
"workdocs:CheckAlias",
"worklink:Describe*",
"worklink:List*",
"workmail:Describe*",
"workmail:Get*",
"workmail:List*",
"workmail:Search*",
"workspaces:Describe*",
"xray:BatchGet*",
"xray:Get*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAILL3HVNFSB6DCOWYQ",
"PolicyName": "ReadOnlyAccess",
"UpdateDate": "2019-06-03T20:01:28+00:00",
"VersionId": "v50"
},
"ResourceGroupsandTagEditorFullAccess": {
"Arn": "arn:aws:iam::aws:policy/ResourceGroupsandTagEditorFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:39:53+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"tag:getResources",
"tag:getTagKeys",
"tag:getTagValues",
"tag:TagResources",
"tag:UntagResources",
"tag:AddResourceTags",
"tag:RemoveResourceTags",
"resource-groups:*",
"cloudformation:DescribeStacks",
"cloudformation:ListStackResources"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJNOS54ZFXN4T2Y34A",
"PolicyName": "ResourceGroupsandTagEditorFullAccess",
"UpdateDate": "2019-03-07T21:54:03+00:00",
"VersionId": "v4"
},
"ResourceGroupsandTagEditorReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/ResourceGroupsandTagEditorReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:39:54+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"tag:getResources",
"tag:getTagKeys",
"tag:getTagValues",
"resource-groups:Get*",
"resource-groups:List*",
"resource-groups:Search*",
"cloudformation:DescribeStacks",
"cloudformation:ListStackResources"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJHXQTPI5I5JKAIU74",
"PolicyName": "ResourceGroupsandTagEditorReadOnlyAccess",
"UpdateDate": "2019-03-07T19:43:17+00:00",
"VersionId": "v2"
},
"SecretsManagerReadWrite": {
"Arn": "arn:aws:iam::aws:policy/SecretsManagerReadWrite",
"AttachmentCount": 0,
"CreateDate": "2018-04-04T18:05:29+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"secretsmanager:*",
"cloudformation:CreateChangeSet",
"cloudformation:DescribeChangeSet",
"cloudformation:DescribeStackResource",
"cloudformation:DescribeStacks",
"cloudformation:ExecuteChangeSet",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"kms:DescribeKey",
"kms:ListAliases",
"kms:ListKeys",
"lambda:ListFunctions",
"rds:DescribeDBClusters",
"rds:DescribeDBInstances",
"tag:GetResources"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"lambda:AddPermission",
"lambda:CreateFunction",
"lambda:GetFunction",
"lambda:InvokeFunction",
"lambda:UpdateFunctionConfiguration"
],
"Effect": "Allow",
"Resource": "arn:aws:lambda:*:*:function:SecretsManager*"
},
{
"Action": [
"serverlessrepo:CreateCloudFormationChangeSet"
],
"Effect": "Allow",
"Resource": "arn:aws:serverlessrepo:*:*:applications/SecretsManager*"
},
{
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::awsserverlessrepo-changesets*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI3VG7CI5BIQZQ6G2E",
"PolicyName": "SecretsManagerReadWrite",
"UpdateDate": "2018-05-03T20:02:35+00:00",
"VersionId": "v2"
},
"SecurityAudit": {
"Arn": "arn:aws:iam::aws:policy/SecurityAudit",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:01+00:00",
"DefaultVersionId": "v27",
"Document": {
"Statement": [
{
"Action": [
"acm:Describe*",
"acm:List*",
"application-autoscaling:Describe*",
"appmesh:Describe*",
"appmesh:List*",
"appsync:List*",
"athena:List*",
"autoscaling:Describe*",
"batch:DescribeComputeEnvironments",
"batch:DescribeJobDefinitions",
"chime:List*",
"cloud9:Describe*",
"cloud9:ListEnvironments",
"clouddirectory:ListDirectories",
"cloudformation:DescribeStack*",
"cloudformation:GetTemplate",
"cloudformation:ListStack*",
"cloudformation:GetStackPolicy",
"cloudfront:Get*",
"cloudfront:List*",
"cloudhsm:ListHapgs",
"cloudhsm:ListHsms",
"cloudhsm:ListLunaClients",
"cloudsearch:DescribeDomains",
"cloudsearch:DescribeServiceAccessPolicies",
"cloudtrail:DescribeTrails",
"cloudtrail:GetEventSelectors",
"cloudtrail:GetTrailStatus",
"cloudtrail:ListTags",
"cloudtrail:LookupEvents",
"cloudwatch:Describe*",
"codebuild:ListProjects",
"codecommit:BatchGetRepositories",
"codecommit:GetBranch",
"codecommit:GetObjectIdentifier",
"codecommit:GetRepository",
"codecommit:List*",
"codedeploy:Batch*",
"codedeploy:Get*",
"codedeploy:List*",
"codepipeline:ListPipelines",
"codestar:Describe*",
"codestar:List*",
"cognito-identity:ListIdentityPools",
"cognito-idp:ListUserPools",
"cognito-sync:Describe*",
"cognito-sync:List*",
"comprehend:Describe*",
"comprehend:List*",
"config:BatchGetAggregateResourceConfig",
"config:BatchGetResourceConfig",
"config:Deliver*",
"config:Describe*",
"config:Get*",
"config:List*",
"datapipeline:DescribeObjects",
"datapipeline:DescribePipelines",
"datapipeline:EvaluateExpression",
"datapipeline:GetPipelineDefinition",
"datapipeline:ListPipelines",
"datapipeline:QueryObjects",
"datapipeline:ValidatePipelineDefinition",
"datasync:Describe*",
"datasync:List*",
"dax:Describe*",
"dax:ListTags",
"directconnect:Describe*",
"dms:Describe*",
"dms:ListTagsForResource",
"ds:DescribeDirectories",
"dynamodb:DescribeContinuousBackups",
"dynamodb:DescribeGlobalTable",
"dynamodb:DescribeTable",
"dynamodb:DescribeTimeToLive",
"dynamodb:ListBackups",
"dynamodb:ListGlobalTables",
"dynamodb:ListStreams",
"dynamodb:ListTables",
"ec2:Describe*",
"ecr:DescribeRepositories",
"ecr:GetRepositoryPolicy",
"ecs:Describe*",
"ecs:List*",
"eks:DescribeCluster",
"eks:ListClusters",
"elasticache:Describe*",
"elasticbeanstalk:Describe*",
"elasticfilesystem:DescribeFileSystems",
"elasticfilesystem:DescribeMountTargetSecurityGroups",
"elasticfilesystem:DescribeMountTargets",
"elasticloadbalancing:Describe*",
"elasticmapreduce:Describe*",
"elasticmapreduce:ListClusters",
"elasticmapreduce:ListInstances",
"es:Describe*",
"es:ListDomainNames",
"events:Describe*",
"events:List*",
"firehose:Describe*",
"firehose:List*",
"fms:ListComplianceStatus",
"fms:ListPolicies",
"fsx:Describe*",
"fsx:List*",
"gamelift:ListBuilds",
"gamelift:ListFleets",
"glacier:DescribeVault",
"glacier:GetVaultAccessPolicy",
"glacier:ListVaults",
"globalaccelerator:Describe*",
"globalaccelerator:List*",
"greengrass:List*",
"guardduty:Get*",
"guardduty:List*",
"iam:GenerateCredentialReport",
"iam:GenerateServiceLastAccessedDetails",
"iam:Get*",
"iam:List*",
"iam:SimulateCustomPolicy",
"iam:SimulatePrincipalPolicy",
"inspector:Describe*",
"inspector:Get*",
"inspector:List*",
"inspector:Preview*",
"iot:Describe*",
"iot:GetPolicy",
"iot:GetPolicyVersion",
"iot:List*",
"kinesis:DescribeStream",
"kinesis:ListStreams",
"kinesis:ListTagsForStream",
"kinesisanalytics:ListApplications",
"kms:Describe*",
"kms:Get*",
"kms:List*",
"lambda:GetAccountSettings",
"lambda:GetFunctionConfiguration",
"lambda:GetLayerVersionPolicy",
"lambda:GetPolicy",
"lambda:List*",
"license-manager:List*",
"lightsail:GetInstances",
"logs:Describe*",
"logs:ListTagsLogGroup",
"machinelearning:DescribeMLModels",
"mediaconnect:Describe*",
"mediaconnect:List*",
"mediastore:GetContainerPolicy",
"mediastore:ListContainers",
"opsworks:DescribeStacks",
"opsworks-cm:DescribeServers",
"organizations:List*",
"organizations:Describe*",
"quicksight:Describe*",
"quicksight:List*",
"ram:List*",
"rds:Describe*",
"rds:DownloadDBLogFilePortion",
"rds:ListTagsForResource",
"redshift:Describe*",
"rekognition:Describe*",
"rekognition:List*",
"robomaker:Describe*",
"robomaker:List*",
"route53:Get*",
"route53:List*",
"route53domains:GetDomainDetail",
"route53domains:GetOperationDetail",
"route53domains:ListDomains",
"route53domains:ListOperations",
"route53domains:ListTagsForDomain",
"route53resolver:List*",
"s3:GetAccelerateConfiguration",
"s3:GetAccountPublicAccessBlock",
"s3:GetAnalyticsConfiguration",
"s3:GetBucket*",
"s3:GetEncryptionConfiguration",
"s3:GetInventoryConfiguration",
"s3:GetLifecycleConfiguration",
"s3:GetMetricsConfiguration",
"s3:GetObjectAcl",
"s3:GetObjectVersionAcl",
"s3:GetPublicAccessBlock",
"s3:GetReplicationConfiguration",
"s3:ListAllMyBuckets",
"sagemaker:Describe*",
"sagemaker:List*",
"sdb:DomainMetadata",
"sdb:ListDomains",
"secretsmanager:GetResourcePolicy",
"secretsmanager:ListSecrets",
"secretsmanager:ListSecretVersionIds",
"securityhub:Get*",
"securityhub:List*",
"serverlessrepo:GetApplicationPolicy",
"serverlessrepo:List*",
"ses:GetIdentityDkimAttributes",
"ses:GetIdentityVerificationAttributes",
"ses:ListIdentities",
"ses:ListVerifiedEmailAddresses",
"shield:Describe*",
"shield:List*",
"snowball:ListClusters",
"snowball:ListJobs",
"sns:GetTopicAttributes",
"sns:ListSubscriptionsByTopic",
"sns:ListTopics",
"sqs:GetQueueAttributes",
"sqs:ListDeadLetterSourceQueues",
"sqs:ListQueues",
"sqs:ListQueueTags",
"ssm:Describe*",
"ssm:ListDocuments",
"sso:DescribePermissionsPolicies",
"sso:List*",
"states:ListStateMachines",
"storagegateway:DescribeBandwidthRateLimit",
"storagegateway:DescribeCache",
"storagegateway:DescribeCachediSCSIVolumes",
"storagegateway:DescribeGatewayInformation",
"storagegateway:DescribeMaintenanceStartTime",
"storagegateway:DescribeNFSFileShares",
"storagegateway:DescribeSnapshotSchedule",
"storagegateway:DescribeStorediSCSIVolumes",
"storagegateway:DescribeTapeArchives",
"storagegateway:DescribeTapeRecoveryPoints",
"storagegateway:DescribeTapes",
"storagegateway:DescribeUploadBuffer",
"storagegateway:DescribeVTLDevices",
"storagegateway:DescribeWorkingStorage",
"storagegateway:List*",
"tag:GetResources",
"tag:GetTagKeys",
"transfer:Describe*",
"transfer:List*",
"translate:List*",
"trustedadvisor:Describe*",
"waf:ListWebACLs",
"waf-regional:ListWebACLs",
"workspaces:Describe*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"apigateway:HEAD",
"apigateway:GET",
"apigateway:OPTIONS"
],
"Effect": "Allow",
"Resource": [
"arn:aws:apigateway:*::/restapis",
"arn:aws:apigateway:*::/restapis/*/authorizers",
"arn:aws:apigateway:*::/restapis/*/authorizers/*",
"arn:aws:apigateway:*::/restapis/*/resources",
"arn:aws:apigateway:*::/restapis/*/resources/*",
"arn:aws:apigateway:*::/restapis/*/resources/*/methods/*",
"arn:aws:apigateway:*::/vpclinks"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIX2T3QCXHR2OGGCTO",
"PolicyName": "SecurityAudit",
"UpdateDate": "2019-04-29T18:33:52+00:00",
"VersionId": "v27"
},
"ServerMigrationConnector": {
"Arn": "arn:aws:iam::aws:policy/ServerMigrationConnector",
"AttachmentCount": 0,
"CreateDate": "2016-10-24T21:45:56+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": "iam:GetUser",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"sms:SendMessage",
"sms:GetMessages"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:CreateBucket",
"s3:DeleteBucket",
"s3:DeleteObject",
"s3:GetBucketLocation",
"s3:GetObject",
"s3:ListBucket",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:PutLifecycleConfiguration",
"s3:AbortMultipartUpload",
"s3:ListBucketMultipartUploads",
"s3:ListMultipartUploadParts"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::sms-b-*",
"arn:aws:s3:::import-to-ec2-*",
"arn:aws:s3:::server-migration-service-upgrade",
"arn:aws:s3:::server-migration-service-upgrade/*",
"arn:aws:s3:::connector-platform-upgrade-info/*",
"arn:aws:s3:::connector-platform-upgrade-info",
"arn:aws:s3:::connector-platform-upgrade-bundles/*",
"arn:aws:s3:::connector-platform-upgrade-bundles",
"arn:aws:s3:::connector-platform-release-notes/*",
"arn:aws:s3:::connector-platform-release-notes"
]
},
{
"Action": "awsconnector:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"SNS:Publish"
],
"Effect": "Allow",
"Resource": "arn:aws:sns:*:*:metrics-sns-topic-for-*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJKZRWXIPK5HSG3QDQ",
"PolicyName": "ServerMigrationConnector",
"UpdateDate": "2016-10-24T21:45:56+00:00",
"VersionId": "v1"
},
"ServerMigrationServiceLaunchRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/ServerMigrationServiceLaunchRole",
"AttachmentCount": 0,
"CreateDate": "2018-11-26T19:53:06+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:ModifyInstanceAttribute",
"ec2:StopInstances",
"ec2:StartInstances",
"ec2:TerminateInstances"
],
"Condition": {
"ForAllValues:StringLike": {
"ec2:ResourceTag/aws:cloudformation:stack-id": "arn:aws:cloudformation:*:*:stack/sms-app-*/*"
}
},
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "ec2:CreateTags",
"Effect": "Allow",
"Resource": "arn:aws:ec2:*:*:instance/*"
},
{
"Action": [
"ec2:RunInstances",
"ec2:Describe*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIIIAAMVUCBR2OLXZO",
"PolicyName": "ServerMigrationServiceLaunchRole",
"UpdateDate": "2018-11-26T19:53:06+00:00",
"VersionId": "v1"
},
"ServerMigrationServiceRole": {
"Arn": "arn:aws:iam::aws:policy/service-role/ServerMigrationServiceRole",
"AttachmentCount": 0,
"CreateDate": "2016-10-24T21:19:00+00:00",
"DefaultVersionId": "v3",
"Document": {
"Statement": [
{
"Action": [
"cloudformation:CreateChangeSet",
"cloudformation:CreateStack",
"cloudformation:DeleteStack",
"cloudformation:ExecuteChangeSet"
],
"Condition": {
"ForAllValues:StringLikeIfExists": {
"cloudformation:ResourceTypes": [
"AWS::EC2::*"
]
}
},
"Effect": "Allow",
"Resource": "arn:aws:cloudformation:*:*:stack/sms-app-*/*"
},
{
"Action": [
"cloudformation:DeleteChangeSet",
"cloudformation:DescribeChangeSet",
"cloudformation:DescribeStackEvents",
"cloudformation:DescribeStackResources",
"cloudformation:GetTemplate"
],
"Effect": "Allow",
"Resource": "arn:aws:cloudformation:*:*:stack/sms-app-*/*"
},
{
"Action": [
"cloudformation:DescribeStacks",
"cloudformation:ValidateTemplate",
"cloudformation:DescribeStackResource",
"s3:ListAllMyBuckets"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:CreateBucket",
"s3:DeleteBucket",
"s3:DeleteObject",
"s3:GetBucketAcl",
"s3:GetBucketLocation",
"s3:GetObject",
"s3:ListBucket",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:PutLifecycleConfiguration",
"s3:ListAllMyBuckets"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::sms-app-*"
},
{
"Action": [
"sms:CreateReplicationJob",
"sms:DeleteReplicationJob",
"sms:GetReplicationJobs",
"sms:GetReplicationRuns",
"sms:GetServers",
"sms:ImportServerCatalog",
"sms:StartOnDemandReplicationRun",
"sms:UpdateReplicationJob"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:ModifySnapshotAttribute",
"ec2:CopySnapshot",
"ec2:CopyImage",
"ec2:Describe*",
"ec2:DeleteSnapshot",
"ec2:DeregisterImage",
"ec2:CreateTags",
"ec2:DeleteTags"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:GetRole",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:PassRole",
"Condition": {
"StringLike": {
"iam:AssociatedResourceArn": "arn:aws:cloudformation:*:*:stack/sms-app-*/*"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJMBH3M6BO63XFW2D4",
"PolicyName": "ServerMigrationServiceRole",
"UpdateDate": "2018-11-26T19:33:29+00:00",
"VersionId": "v3"
},
"ServiceCatalogAdminReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/ServiceCatalogAdminReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2015-09-29T18:40:35+00:00",
"DefaultVersionId": "v5",
"Document": {
"Statement": [
{
"Action": [
"catalog-admin:DescribeConstraints",
"catalog-admin:DescribeListingForProduct",
"catalog-admin:DescribeListings",
"catalog-admin:DescribePortfolios",
"catalog-admin:DescribeProductVersions",
"catalog-admin:GetPortfolioCount",
"catalog-admin:GetPortfolios",
"catalog-admin:GetProductCounts",
"catalog-admin:ListAllPortfolioConstraints",
"catalog-admin:ListPortfolioConstraints",
"catalog-admin:ListPortfolios",
"catalog-admin:ListPrincipalConstraints",
"catalog-admin:ListProductConstraints",
"catalog-admin:ListResourceUsers",
"catalog-admin:ListTagsForResource",
"catalog-admin:SearchListings",
"catalog-user:*",
"cloudformation:DescribeStackEvents",
"cloudformation:DescribeStacks",
"cloudformation:GetTemplateSummary",
"iam:GetGroup",
"iam:GetRole",
"iam:GetUser",
"iam:ListGroups",
"iam:ListRoles",
"iam:ListUsers",
"s3:GetObject",
"servicecatalog:DescribeTagOption",
"servicecatalog:GetTagOptionMigrationStatus",
"servicecatalog:ListResourcesForTagOption",
"servicecatalog:ListTagOptions",
"servicecatalog:AccountLevelDescribeRecord",
"servicecatalog:AccountLevelListRecordHistory",
"servicecatalog:AccountLevelScanProvisionedProducts",
"servicecatalog:DescribeProduct",
"servicecatalog:DescribeProductView",
"servicecatalog:DescribeProvisioningParameters",
"servicecatalog:DescribeProvisionedProduct",
"servicecatalog:DescribeRecord",
"servicecatalog:ListLaunchPaths",
"servicecatalog:ListRecordHistory",
"servicecatalog:ScanProvisionedProducts",
"servicecatalog:SearchProducts",
"servicecatalog:DescribeConstraint",
"servicecatalog:DescribeProductAsAdmin",
"servicecatalog:DescribePortfolio",
"servicecatalog:DescribeProvisioningArtifact",
"servicecatalog:ListAcceptedPortfolioShares",
"servicecatalog:ListConstraintsForPortfolio",
"servicecatalog:ListPortfolioAccess",
"servicecatalog:ListPortfolios",
"servicecatalog:ListPortfoliosForProduct",
"servicecatalog:ListPrincipalsForPortfolio",
"servicecatalog:ListProvisioningArtifacts",
"servicecatalog:SearchProductsAsAdmin"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ7XOUSS75M4LIPKO4",
"PolicyName": "ServiceCatalogAdminReadOnlyAccess",
"UpdateDate": "2017-08-08T18:57:36+00:00",
"VersionId": "v5"
},
"ServiceCatalogEndUserAccess": {
"Arn": "arn:aws:iam::aws:policy/ServiceCatalogEndUserAccess",
"AttachmentCount": 0,
"CreateDate": "2015-09-29T18:41:33+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"catalog-user:*",
"s3:GetObject",
"servicecatalog:DescribeProduct",
"servicecatalog:DescribeProductView",
"servicecatalog:DescribeProvisioningParameters",
"servicecatalog:ListLaunchPaths",
"servicecatalog:SearchProducts"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"servicecatalog:ListRecordHistory",
"servicecatalog:DescribeProvisionedProduct",
"servicecatalog:DescribeRecord",
"servicecatalog:ScanProvisionedProducts"
],
"Condition": {
"StringEquals": {
"servicecatalog:userLevel": "self"
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ56OMCO72RI4J5FSA",
"PolicyName": "ServiceCatalogEndUserAccess",
"UpdateDate": "2017-08-08T18:58:57+00:00",
"VersionId": "v4"
},
"SimpleWorkflowFullAccess": {
"Arn": "arn:aws:iam::aws:policy/SimpleWorkflowFullAccess",
"AttachmentCount": 0,
"CreateDate": "2015-02-06T18:41:04+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"swf:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIFE3AV6VE7EANYBVM",
"PolicyName": "SimpleWorkflowFullAccess",
"UpdateDate": "2015-02-06T18:41:04+00:00",
"VersionId": "v1"
},
"SupportUser": {
"Arn": "arn:aws:iam::aws:policy/job-function/SupportUser",
"AttachmentCount": 0,
"CreateDate": "2016-11-10T17:21:53+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"support:*",
"acm:DescribeCertificate",
"acm:GetCertificate",
"acm:List*",
"apigateway:GET",
"appstream:Get*",
"autoscaling:Describe*",
"aws-marketplace:ViewSubscriptions",
"cloudformation:Describe*",
"cloudformation:Get*",
"cloudformation:List*",
"cloudformation:EstimateTemplateCost",
"cloudfront:Get*",
"cloudfront:List*",
"cloudsearch:Describe*",
"cloudsearch:List*",
"cloudtrail:DescribeTrails",
"cloudtrail:GetTrailStatus",
"cloudtrail:LookupEvents",
"cloudtrail:ListTags",
"cloudtrail:ListPublicKeys",
"cloudwatch:Describe*",
"cloudwatch:Get*",
"cloudwatch:List*",
"codecommit:BatchGetRepositories",
"codecommit:Get*",
"codecommit:List*",
"codedeploy:Batch*",
"codedeploy:Get*",
"codedeploy:List*",
"codepipeline:AcknowledgeJob",
"codepipeline:AcknowledgeThirdPartyJob",
"codepipeline:ListActionTypes",
"codepipeline:ListPipelines",
"codepipeline:PollForJobs",
"codepipeline:PollForThirdPartyJobs",
"codepipeline:GetPipelineState",
"codepipeline:GetPipeline",
"cognito-identity:List*",
"cognito-identity:LookupDeveloperIdentity",
"cognito-identity:Describe*",
"cognito-idp:Describe*",
"cognito-sync:Describe*",
"cognito-sync:GetBulkPublishDetails",
"cognito-sync:GetCognitoEvents",
"cognito-sync:GetIdentityPoolConfiguration",
"cognito-sync:List*",
"config:DescribeConfigurationRecorders",
"config:DescribeConfigurationRecorderStatus",
"config:DescribeConfigRuleEvaluationStatus",
"config:DescribeConfigRules",
"config:DescribeDeliveryChannels",
"config:DescribeDeliveryChannelStatus",
"config:GetResourceConfigHistory",
"config:ListDiscoveredResources",
"datapipeline:DescribeObjects",
"datapipeline:DescribePipelines",
"datapipeline:GetPipelineDefinition",
"datapipeline:ListPipelines",
"datapipeline:QueryObjects",
"datapipeline:ReportTaskProgress",
"datapipeline:ReportTaskRunnerHeartbeat",
"devicefarm:List*",
"devicefarm:Get*",
"directconnect:Describe*",
"discovery:Describe*",
"discovery:ListConfigurations",
"dms:Describe*",
"dms:List*",
"ds:DescribeDirectories",
"ds:DescribeSnapshots",
"ds:GetDirectoryLimits",
"ds:GetSnapshotLimits",
"ds:ListAuthorizedApplications",
"dynamodb:DescribeLimits",
"dynamodb:DescribeTable",
"dynamodb:ListTables",
"ec2:Describe*",
"ec2:DescribeHosts",
"ec2:describeIdentityIdFormat",
"ec2:DescribeIdFormat",
"ec2:DescribeInstanceAttribute",
"ec2:DescribeNatGateways",
"ec2:DescribeReservedInstancesModifications",
"ec2:DescribeTags",
"ec2:GetFlowLogsCount",
"ecr:GetRepositoryPolicy",
"ecr:BatchCheckLayerAvailability",
"ecr:DescribeRepositories",
"ecr:ListImages",
"ecs:Describe*",
"ecs:List*",
"elasticache:Describe*",
"elasticache:List*",
"elasticbeanstalk:Check*",
"elasticbeanstalk:Describe*",
"elasticbeanstalk:List*",
"elasticbeanstalk:RequestEnvironmentInfo",
"elasticbeanstalk:RetrieveEnvironmentInfo",
"elasticbeanstalk:ValidateConfigurationSettings",
"elasticfilesystem:Describe*",
"elasticloadbalancing:Describe*",
"elasticmapreduce:Describe*",
"elasticmapreduce:List*",
"elastictranscoder:List*",
"elastictranscoder:ReadJob",
"elasticfilesystem:DescribeFileSystems",
"es:Describe*",
"es:List*",
"es:ESHttpGet",
"es:ESHttpHead",
"events:DescribeRule",
"events:List*",
"events:TestEventPattern",
"firehose:Describe*",
"firehose:List*",
"gamelift:List*",
"gamelift:Describe*",
"glacier:ListVaults",
"glacier:DescribeVault",
"glacier:DescribeJob",
"glacier:Get*",
"glacier:List*",
"iam:GenerateCredentialReport",
"iam:GenerateServiceLastAccessedDetails",
"iam:Get*",
"iam:List*",
"importexport:GetStatus",
"importexport:ListJobs",
"importexport:GetJobDetail",
"inspector:Describe*",
"inspector:List*",
"inspector:GetAssessmentTelemetry",
"inspector:LocalizeText",
"iot:Describe*",
"iot:Get*",
"iot:List*",
"kinesisanalytics:DescribeApplication",
"kinesisanalytics:DiscoverInputSchema",
"kinesisanalytics:GetApplicationState",
"kinesisanalytics:ListApplications",
"kinesis:Describe*",
"kinesis:Get*",
"kinesis:List*",
"kms:Describe*",
"kms:Get*",
"kms:List*",
"lambda:List*",
"lambda:Get*",
"logs:Describe*",
"logs:TestMetricFilter",
"machinelearning:Describe*",
"machinelearning:Get*",
"mobilehub:GetProject",
"mobilehub:List*",
"mobilehub:ValidateProject",
"mobilehub:VerifyServiceRole",
"opsworks:Describe*",
"rds:Describe*",
"rds:ListTagsForResource",
"redshift:Describe*",
"route53:Get*",
"route53:List*",
"route53domains:CheckDomainAvailability",
"route53domains:GetDomainDetail",
"route53domains:GetOperationDetail",
"route53domains:List*",
"s3:List*",
"sdb:GetAttributes",
"sdb:List*",
"sdb:Select*",
"servicecatalog:SearchProducts",
"servicecatalog:DescribeProduct",
"servicecatalog:DescribeProductView",
"servicecatalog:ListLaunchPaths",
"servicecatalog:DescribeProvisioningParameters",
"servicecatalog:ListRecordHistory",
"servicecatalog:DescribeRecord",
"servicecatalog:ScanProvisionedProducts",
"ses:Get*",
"ses:List*",
"sns:Get*",
"sns:List*",
"sqs:GetQueueAttributes",
"sqs:GetQueueUrl",
"sqs:ListQueues",
"sqs:ReceiveMessage",
"ssm:List*",
"ssm:Describe*",
"storagegateway:Describe*",
"storagegateway:List*",
"swf:Count*",
"swf:Describe*",
"swf:Get*",
"swf:List*",
"waf:Get*",
"waf:List*",
"workspaces:Describe*",
"workdocs:Describe*",
"workmail:Describe*",
"workmail:Get*",
"workspaces:Describe*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/job-function/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAI3V4GSSN5SJY3P2RO",
"PolicyName": "SupportUser",
"UpdateDate": "2017-05-17T23:11:51+00:00",
"VersionId": "v2"
},
"SystemAdministrator": {
"Arn": "arn:aws:iam::aws:policy/job-function/SystemAdministrator",
"AttachmentCount": 0,
"CreateDate": "2016-11-10T17:23:56+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"acm:Describe*",
"acm:Get*",
"acm:List*",
"acm:Request*",
"acm:Resend*",
"autoscaling:*",
"cloudtrail:DescribeTrails",
"cloudtrail:GetTrailStatus",
"cloudtrail:ListPublicKeys",
"cloudtrail:ListTags",
"cloudtrail:LookupEvents",
"cloudtrail:StartLogging",
"cloudtrail:StopLogging",
"cloudwatch:*",
"codecommit:BatchGetRepositories",
"codecommit:CreateBranch",
"codecommit:CreateRepository",
"codecommit:Get*",
"codecommit:GitPull",
"codecommit:GitPush",
"codecommit:List*",
"codecommit:Put*",
"codecommit:Test*",
"codecommit:Update*",
"codedeploy:*",
"codepipeline:*",
"config:*",
"ds:*",
"ec2:Allocate*",
"ec2:AssignPrivateIpAddresses*",
"ec2:Associate*",
"ec2:Allocate*",
"ec2:AttachInternetGateway",
"ec2:AttachNetworkInterface",
"ec2:AttachVpnGateway",
"ec2:Bundle*",
"ec2:Cancel*",
"ec2:Copy*",
"ec2:CreateCustomerGateway",
"ec2:CreateDhcpOptions",
"ec2:CreateFlowLogs",
"ec2:CreateImage",
"ec2:CreateInstanceExportTask",
"ec2:CreateInternetGateway",
"ec2:CreateKeyPair",
"ec2:CreateNatGateway",
"ec2:CreateNetworkInterface",
"ec2:CreatePlacementGroup",
"ec2:CreateReservedInstancesListing",
"ec2:CreateRoute",
"ec2:CreateRouteTable",
"ec2:CreateSecurityGroup",
"ec2:CreateSnapshot",
"ec2:CreateSpotDatafeedSubscription",
"ec2:CreateSubnet",
"ec2:CreateTags",
"ec2:CreateVolume",
"ec2:CreateVpc",
"ec2:CreateVpcEndpoint",
"ec2:CreateVpnConnection",
"ec2:CreateVpnConnectionRoute",
"ec2:CreateVpnGateway",
"ec2:DeleteFlowLogs",
"ec2:DeleteKeyPair",
"ec2:DeleteNatGateway",
"ec2:DeleteNetworkInterface",
"ec2:DeletePlacementGroup",
"ec2:DeleteSnapshot",
"ec2:DeleteSpotDatafeedSubscription",
"ec2:DeleteSubnet",
"ec2:DeleteTags",
"ec2:DeleteVpc",
"ec2:DeleteVpcEndpoints",
"ec2:DeleteVpnConnection",
"ec2:DeleteVpnConnectionRoute",
"ec2:DeleteVpnGateway",
"ec2:DeregisterImage",
"ec2:Describe*",
"ec2:DetachInternetGateway",
"ec2:DetachNetworkInterface",
"ec2:DetachVpnGateway",
"ec2:DisableVgwRoutePropagation",
"ec2:DisableVpcClassicLinkDnsSupport",
"ec2:DisassociateAddress",
"ec2:DisassociateRouteTable",
"ec2:EnableVgwRoutePropagation",
"ec2:EnableVolumeIO",
"ec2:EnableVpcClassicLinkDnsSupport",
"ec2:GetConsoleOutput",
"ec2:GetHostReservationPurchasePreview",
"ec2:GetPasswordData",
"ec2:Import*",
"ec2:Modify*",
"ec2:MonitorInstances",
"ec2:MoveAddressToVpc",
"ec2:Purchase*",
"ec2:RegisterImage",
"ec2:Release*",
"ec2:Replace*",
"ec2:ReportInstanceStatus",
"ec2:Request*",
"ec2:Reset*",
"ec2:RestoreAddressToClassic",
"ec2:RunScheduledInstances",
"ec2:UnassignPrivateIpAddresses",
"ec2:UnmonitorInstances",
"ec2:UpdateSecurityGroupRuleDescriptionsEgress",
"ec2:UpdateSecurityGroupRuleDescriptionsIngress",
"elasticloadbalancing:*",
"events:*",
"iam:GetAccount*",
"iam:GetContextKeys*",
"iam:GetCredentialReport",
"iam:ListAccountAliases",
"iam:ListGroups",
"iam:ListOpenIDConnectProviders",
"iam:ListPolicies",
"iam:ListPoliciesGrantingServiceAccess",
"iam:ListRoles",
"iam:ListSAMLProviders",
"iam:ListServerCertificates",
"iam:Simulate*",
"iam:UpdateServerCertificate",
"iam:UpdateSigningCertificate",
"kinesis:ListStreams",
"kinesis:PutRecord",
"kms:CreateAlias",
"kms:CreateKey",
"kms:DeleteAlias",
"kms:Describe*",
"kms:GenerateRandom",
"kms:Get*",
"kms:List*",
"kms:Encrypt",
"kms:ReEncrypt*",
"lambda:Create*",
"lambda:Delete*",
"lambda:Get*",
"lambda:InvokeFunction",
"lambda:List*",
"lambda:PublishVersion",
"lambda:Update*",
"logs:*",
"rds:Describe*",
"rds:ListTagsForResource",
"route53:*",
"route53domains:*",
"ses:*",
"sns:*",
"sqs:*",
"trustedadvisor:*"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ec2:AcceptVpcPeeringConnection",
"ec2:AttachClassicLinkVpc",
"ec2:AttachVolume",
"ec2:AuthorizeSecurityGroupEgress",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateVpcPeeringConnection",
"ec2:DeleteCustomerGateway",
"ec2:DeleteDhcpOptions",
"ec2:DeleteInternetGateway",
"ec2:DeleteNetworkAcl*",
"ec2:DeleteRoute",
"ec2:DeleteRouteTable",
"ec2:DeleteSecurityGroup",
"ec2:DeleteVolume",
"ec2:DeleteVpcPeeringConnection",
"ec2:DetachClassicLinkVpc",
"ec2:DetachVolume",
"ec2:DisableVpcClassicLink",
"ec2:EnableVpcClassicLink",
"ec2:GetConsoleScreenshot",
"ec2:RebootInstances",
"ec2:RejectVpcPeeringConnection",
"ec2:RevokeSecurityGroupEgress",
"ec2:RevokeSecurityGroupIngress",
"ec2:RunInstances",
"ec2:StartInstances",
"ec2:StopInstances",
"ec2:TerminateInstances"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": "s3:*",
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"iam:GetAccessKeyLastUsed",
"iam:GetGroup*",
"iam:GetInstanceProfile",
"iam:GetLoginProfile",
"iam:GetOpenIDConnectProvider",
"iam:GetPolicy*",
"iam:GetRole*",
"iam:GetSAMLProvider",
"iam:GetSSHPublicKey",
"iam:GetServerCertificate",
"iam:GetServiceLastAccessed*",
"iam:GetUser*",
"iam:ListAccessKeys",
"iam:ListAttached*",
"iam:ListEntitiesForPolicy",
"iam:ListGroupPolicies",
"iam:ListGroupsForUser",
"iam:ListInstanceProfiles*",
"iam:ListMFADevices",
"iam:ListPolicyVersions",
"iam:ListRolePolicies",
"iam:ListSSHPublicKeys",
"iam:ListSigningCertificates",
"iam:ListUserPolicies",
"iam:Upload*"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"iam:GetRole",
"iam:ListRoles",
"iam:PassRole"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::*:role/rds-monitoring-role",
"arn:aws:iam::*:role/ec2-sysadmin-*",
"arn:aws:iam::*:role/ecr-sysadmin-*",
"arn:aws:iam::*:role/lamdba-sysadmin-*",
"arn:aws:iam::*:role/lambda-sysadmin-*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/job-function/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAITJPEZXCYCBXANDSW",
"PolicyName": "SystemAdministrator",
"UpdateDate": "2018-10-08T21:33:45+00:00",
"VersionId": "v4"
},
"TagPoliciesServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/TagPoliciesServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-10-26T20:02:52+00:00",
"DefaultVersionId": "v2",
"Document": {
"Statement": [
{
"Action": [
"organizations:ListAccounts",
"organizations:ListAccountsForParent",
"organizations:ListChildren",
"organizations:DescribeAccount",
"organizations:DescribeOrganization",
"organizations:ListRoots",
"organizations:ListParents"
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"organizations:DisableAWSServiceAccess"
],
"Condition": {
"ForAllValues:StringLike": {
"organizations:ServicePrincipal": [
"tagpolicies.tag.amazonaws.com"
]
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJGGCZXCABSYJA7UBI",
"PolicyName": "TagPoliciesServiceRolePolicy",
"UpdateDate": "2019-05-10T21:38:33+00:00",
"VersionId": "v2"
},
"TranslateFullAccess": {
"Arn": "arn:aws:iam::aws:policy/TranslateFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-27T23:36:20+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"translate:*",
"comprehend:DetectDominantLanguage",
"cloudwatch:GetMetricStatistics",
"cloudwatch:ListMetrics"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIAPOAEI2VFQYUK5RY",
"PolicyName": "TranslateFullAccess",
"UpdateDate": "2018-11-27T23:36:20+00:00",
"VersionId": "v1"
},
"TranslateReadOnly": {
"Arn": "arn:aws:iam::aws:policy/TranslateReadOnly",
"AttachmentCount": 0,
"CreateDate": "2017-11-29T18:22:00+00:00",
"DefaultVersionId": "v4",
"Document": {
"Statement": [
{
"Action": [
"translate:TranslateText",
"translate:GetTerminology",
"translate:ListTerminologies",
"comprehend:DetectDominantLanguage",
"cloudwatch:GetMetricStatistics",
"cloudwatch:ListMetrics"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJYAMZMTQNWUDJKY2E",
"PolicyName": "TranslateReadOnly",
"UpdateDate": "2018-11-27T23:29:08+00:00",
"VersionId": "v4"
},
"VMImportExportRoleForAWSConnector": {
"Arn": "arn:aws:iam::aws:policy/service-role/VMImportExportRoleForAWSConnector",
"AttachmentCount": 0,
"CreateDate": "2015-09-03T20:48:59+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:GetObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::import-to-ec2-*"
]
},
{
"Action": [
"ec2:ModifySnapshotAttribute",
"ec2:CopySnapshot",
"ec2:RegisterImage",
"ec2:Describe*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJFLQOOJ6F5XNX4LAW",
"PolicyName": "VMImportExportRoleForAWSConnector",
"UpdateDate": "2015-09-03T20:48:59+00:00",
"VersionId": "v1"
},
"ViewOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/job-function/ViewOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2016-11-10T17:20:15+00:00",
"DefaultVersionId": "v7",
"Document": {
"Statement": [
{
"Action": [
"acm:ListCertificates",
"athena:List*",
"aws-marketplace:ViewSubscriptions",
"autoscaling:Describe*",
"batch:ListJobs",
"clouddirectory:ListAppliedSchemaArns",
"clouddirectory:ListDevelopmentSchemaArns",
"clouddirectory:ListDirectories",
"clouddirectory:ListPublishedSchemaArns",
"cloudformation:List*",
"cloudformation:DescribeStacks",
"cloudfront:List*",
"cloudhsm:ListAvailableZones",
"cloudhsm:ListLunaClients",
"cloudhsm:ListHapgs",
"cloudhsm:ListHsms",
"cloudsearch:List*",
"cloudsearch:DescribeDomains",
"cloudtrail:DescribeTrails",
"cloudtrail:LookupEvents",
"cloudwatch:List*",
"cloudwatch:Get*",
"codebuild:ListBuilds*",
"codebuild:ListProjects",
"codecommit:List*",
"codedeploy:List*",
"codedeploy:Get*",
"codepipeline:ListPipelines",
"codestar:List*",
"codestar:Verify*",
"cognito-idp:List*",
"cognito-identity:ListIdentities",
"cognito-identity:ListIdentityPools",
"cognito-sync:ListDatasets",
"connect:List*",
"config:List*",
"config:Describe*",
"datapipeline:ListPipelines",
"datapipeline:DescribePipelines",
"datapipeline:GetAccountLimits",
"dax:DescribeClusters",
"dax:DescribeDefaultParameters",
"dax:DescribeEvents",
"dax:DescribeParameterGroups",
"dax:DescribeParameters",
"dax:DescribeSubnetGroups",
"dax:DescribeTable",
"dax:ListTables",
"dax:ListTags",
"devicefarm:List*",
"directconnect:Describe*",
"discovery:List*",
"dms:List*",
"ds:DescribeDirectories",
"dynamodb:DescribeBackup",
"dynamodb:DescribeContinuousBackups",
"dynamodb:DescribeGlobalTable",
"dynamodb:DescribeGlobalTableSettings",
"dynamodb:DescribeLimits",
"dynamodb:DescribeReservedCapacity",
"dynamodb:DescribeReservedCapacityOfferings",
"dynamodb:DescribeStream",
"dynamodb:DescribeTable",
"dynamodb:DescribeTimeToLive",
"dynamodb:ListBackups",
"dynamodb:ListGlobalTables",
"dynamodb:ListStreams",
"dynamodb:ListTables",
"dynamodb:ListTagsOfResource",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAddresses",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeBundleTasks",
"ec2:DescribeClassicLinkInstances",
"ec2:DescribeConversionTasks",
"ec2:DescribeCustomerGateways",
"ec2:DescribeDhcpOptions",
"ec2:DescribeExportTasks",
"ec2:DescribeFlowLogs",
"ec2:DescribeHost*",
"ec2:DescribeIdentityIdFormat",
"ec2:DescribeIdFormat",
"ec2:DescribeImage*",
"ec2:DescribeImport*",
"ec2:DescribeInstance*",
"ec2:DescribeInternetGateways",
"ec2:DescribeKeyPairs",
"ec2:DescribeMovingAddresses",
"ec2:DescribeNatGateways",
"ec2:DescribeNetwork*",
"ec2:DescribePlacementGroups",
"ec2:DescribePrefixLists",
"ec2:DescribeRegions",
"ec2:DescribeReserved*",
"ec2:DescribeRouteTables",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSnapshot*",
"ec2:DescribeSpot*",
"ec2:DescribeSubnets",
"ec2:DescribeTags",
"ec2:DescribeVolume*",
"ec2:DescribeVpc*",
"ec2:DescribeVpnGateways",
"ecr:DescribeRepositories",
"ecr:ListImages",
"ecs:List*",
"ecs:Describe*",
"elasticache:Describe*",
"elasticbeanstalk:DescribeApplicationVersions",
"elasticbeanstalk:DescribeApplications",
"elasticbeanstalk:DescribeEnvironments",
"elasticbeanstalk:ListAvailableSolutionStacks",
"elasticloadbalancing:DescribeListeners",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeTargetGroups",
"elasticloadbalancing:DescribeTargetHealth",
"elasticfilesystem:DescribeFileSystems",
"elasticmapreduce:List*",
"elastictranscoder:List*",
"es:DescribeElasticsearchDomain",
"es:DescribeElasticsearchDomains",
"es:ListDomainNames",
"events:ListRuleNamesByTarget",
"events:ListRules",
"events:ListTargetsByRule",
"firehose:List*",
"firehose:DescribeDeliveryStream",
"gamelift:List*",
"glacier:List*",
"greengrass:List*",
"iam:List*",
"iam:GetAccountSummary",
"iam:GetLoginProfile",
"importexport:ListJobs",
"inspector:List*",
"iot:List*",
"kinesis:ListStreams",
"kinesisanalytics:ListApplications",
"kms:ListKeys",
"lambda:List*",
"lex:GetBotAliases",
"lex:GetBotChannelAssociations",
"lex:GetBots",
"lex:GetBotVersions",
"lex:GetIntents",
"lex:GetIntentVersions",
"lex:GetSlotTypes",
"lex:GetSlotTypeVersions",
"lex:GetUtterancesView",
"lightsail:GetBlueprints",
"lightsail:GetBundles",
"lightsail:GetInstances",
"lightsail:GetInstanceSnapshots",
"lightsail:GetKeyPair",
"lightsail:GetRegions",
"lightsail:GetStaticIps",
"lightsail:IsVpcPeered",
"logs:Describe*",
"machinelearning:Describe*",
"mobilehub:ListAvailableFeatures",
"mobilehub:ListAvailableRegions",
"mobilehub:ListProjects",
"opsworks:Describe*",
"opsworks-cm:Describe*",
"organizations:List*",
"mobiletargeting:GetApplicationSettings",
"mobiletargeting:GetCampaigns",
"mobiletargeting:GetImportJobs",
"mobiletargeting:GetSegments",
"polly:Describe*",
"polly:List*",
"rds:Describe*",
"redshift:DescribeClusters",
"redshift:DescribeEvents",
"redshift:ViewQueriesInConsole",
"route53:List*",
"route53:Get*",
"route53domains:List*",
"s3:ListAllMyBuckets",
"s3:ListBucket",
"sagemaker:Describe*",
"sagemaker:List*",
"sdb:List*",
"servicecatalog:List*",
"ses:List*",
"shield:List*",
"states:ListActivities",
"states:ListStateMachines",
"sns:List*",
"sqs:ListQueues",
"ssm:ListAssociations",
"ssm:ListDocuments",
"storagegateway:ListGateways",
"storagegateway:ListLocalDisks",
"storagegateway:ListVolumeRecoveryPoints",
"storagegateway:ListVolumes",
"swf:List*",
"trustedadvisor:Describe*",
"waf:List*",
"waf-regional:List*",
"workdocs:DescribeAvailableDirectories",
"workdocs:DescribeInstances",
"workmail:Describe*",
"workspaces:Describe*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/job-function/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAID22R6XPJATWOFDK6",
"PolicyName": "ViewOnlyAccess",
"UpdateDate": "2018-10-15T18:34:54+00:00",
"VersionId": "v7"
},
"WAFLoggingServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/WAFLoggingServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-08-24T21:05:47+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"firehose:PutRecord",
"firehose:PutRecordBatch"
],
"Effect": "Allow",
"Resource": [
"arn:aws:firehose:*:*:deliverystream/aws-waf-logs-*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJZ7N545GUNUHNTYOM",
"PolicyName": "WAFLoggingServiceRolePolicy",
"UpdateDate": "2018-08-24T21:05:47+00:00",
"VersionId": "v1"
},
"WAFRegionalLoggingServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/aws-service-role/WAFRegionalLoggingServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2018-08-24T18:40:55+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"firehose:PutRecord",
"firehose:PutRecordBatch"
],
"Effect": "Allow",
"Resource": [
"arn:aws:firehose:*:*:deliverystream/aws-waf-logs-*"
]
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/aws-service-role/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJE43HAZMEH4CI6SU2",
"PolicyName": "WAFRegionalLoggingServiceRolePolicy",
"UpdateDate": "2018-08-24T18:40:55+00:00",
"VersionId": "v1"
},
"WellArchitectedConsoleFullAccess": {
"Arn": "arn:aws:iam::aws:policy/WellArchitectedConsoleFullAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-29T18:19:23+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"wellarchitected:*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIH6HSBHM3VSYC5SKA",
"PolicyName": "WellArchitectedConsoleFullAccess",
"UpdateDate": "2018-11-29T18:19:23+00:00",
"VersionId": "v1"
},
"WellArchitectedConsoleReadOnlyAccess": {
"Arn": "arn:aws:iam::aws:policy/WellArchitectedConsoleReadOnlyAccess",
"AttachmentCount": 0,
"CreateDate": "2018-11-29T18:21:08+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"wellarchitected:Get*",
"wellarchitected:List*"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAIUTK35NDTYF6T2GFY",
"PolicyName": "WellArchitectedConsoleReadOnlyAccess",
"UpdateDate": "2018-11-29T18:21:08+00:00",
"VersionId": "v1"
},
"WorkLinkServiceRolePolicy": {
"Arn": "arn:aws:iam::aws:policy/WorkLinkServiceRolePolicy",
"AttachmentCount": 0,
"CreateDate": "2019-01-23T19:03:45+00:00",
"DefaultVersionId": "v1",
"Document": {
"Statement": [
{
"Action": [
"ec2:CreateNetworkInterface",
"ec2:DeleteNetworkInterfacePermission",
"ec2:CreateNetworkInterfacePermission",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:DeleteNetworkInterface"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"kinesis:PutRecord",
"kinesis:PutRecords"
],
"Effect": "Allow",
"Resource": "arn:aws:kinesis:*:*:stream/AmazonWorkLink-*"
}
],
"Version": "2012-10-17"
},
"IsAttachable": true,
"IsDefaultVersion": true,
"Path": "/",
"PermissionsBoundaryUsageCount": 0,
"PolicyId": "ANPAJ6JTE3DI5JOULLNLS",
"PolicyName": "WorkLinkServiceRolePolicy",
"UpdateDate": "2019-01-23T19:03:45+00:00",
"VersionId": "v1"
}
}"""
Reference in New Issue View Git Blame Copy Permalink